Пример #1
1
 function doModel()
 {
     switch ($this->action) {
         case 'login_post':
             //post execution for the login
             if (!osc_users_enabled()) {
                 osc_add_flash_error_message(_m('Users are not enabled'));
                 $this->redirectTo(osc_base_url());
             }
             osc_csrf_check();
             osc_run_hook('before_validating_login');
             // e-mail or/and password is/are empty or incorrect
             $wrongCredentials = false;
             $email = Params::getParam('email');
             $password = Params::getParam('password', false, false);
             if ($email == '') {
                 osc_add_flash_error_message(_m('Please provide an email address'));
                 $wrongCredentials = true;
             }
             if ($password == '') {
                 osc_add_flash_error_message(_m('Empty passwords are not allowed. Please provide a password'));
                 $wrongCredentials = true;
             }
             if ($wrongCredentials) {
                 $this->redirectTo(osc_user_login_url());
             }
             if (osc_validate_email($email)) {
                 $user = User::newInstance()->findByEmail($email);
             }
             if (empty($user)) {
                 $user = User::newInstance()->findByUsername($email);
             }
             if (empty($user)) {
                 osc_add_flash_error_message(_m("The user doesn't exist"));
                 $this->redirectTo(osc_user_login_url());
             }
             if (!osc_verify_password($password, isset($user['s_password']) ? $user['s_password'] : '')) {
                 osc_add_flash_error_message(_m('The password is incorrect'));
                 $this->redirectTo(osc_user_login_url());
                 // @TODO if valid user, send email parameter back to the login form
             } else {
                 if (@$user['s_password'] != '') {
                     if (preg_match('|\\$2y\\$([0-9]{2})\\$|', $user['s_password'], $cost)) {
                         if ($cost[1] != BCRYPT_COST) {
                             User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id']));
                         }
                     } else {
                         User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id']));
                     }
                 }
             }
             // e-mail or/and IP is/are banned
             $banned = osc_is_banned($email);
             // int 0: not banned or unknown, 1: email is banned, 2: IP is banned, 3: both email & IP are banned
             if ($banned & 1) {
                 osc_add_flash_error_message(_m('Your current email is not allowed'));
             }
             if ($banned & 2) {
                 osc_add_flash_error_message(_m('Your current IP is not allowed'));
             }
             if ($banned !== 0) {
                 $this->redirectTo(osc_user_login_url());
             }
             osc_run_hook('before_login');
             $url_redirect = osc_get_http_referer();
             $page_redirect = '';
             if (osc_rewrite_enabled()) {
                 if ($url_redirect != '') {
                     $request_uri = urldecode(preg_replace('@^' . osc_base_url() . '@', "", $url_redirect));
                     $tmp_ar = explode("?", $request_uri);
                     $request_uri = $tmp_ar[0];
                     $rules = Rewrite::newInstance()->listRules();
                     foreach ($rules as $match => $uri) {
                         if (preg_match('#' . $match . '#', $request_uri, $m)) {
                             $request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
                             if (preg_match('|([&?]{1})page=([^&]*)|', '&' . $request_uri . '&', $match)) {
                                 $page_redirect = $match[2];
                                 if ($page_redirect == '' || $page_redirect == 'login') {
                                     $url_redirect = osc_user_dashboard_url();
                                 }
                             }
                             break;
                         }
                     }
                 }
             }
             require_once LIB_PATH . 'osclass/UserActions.php';
             $uActions = new UserActions(false);
             $logged = $uActions->bootstrap_login($user['pk_i_id']);
             if ($logged == 0) {
                 osc_add_flash_error_message(_m("The user doesn't exist"));
             } else {
                 if ($logged == 1) {
                     if (time() - strtotime($user['dt_access_date']) > 1200) {
                         // EACH 20 MINUTES
                         osc_add_flash_error_message(sprintf(_m('The user has not been validated yet. Would you like to re-send your <a href="%s">activation?</a>'), osc_user_resend_activation_link($user['pk_i_id'], $user['s_email'])));
                     } else {
                         osc_add_flash_error_message(_m('The user has not been validated yet'));
                     }
                 } else {
                     if ($logged == 2) {
                         osc_add_flash_error_message(_m('The user has been suspended'));
                     } else {
                         if ($logged == 3) {
                             if (Params::getParam('remember') == 1) {
                                 //this include contains de osc_genRandomPassword function
                                 require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
                                 $secret = osc_genRandomPassword();
                                 User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
                                 Cookie::newInstance()->set_expires(osc_time_cookie());
                                 Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
                                 Cookie::newInstance()->push('oc_userSecret', $secret);
                                 Cookie::newInstance()->set();
                             }
                             if ($url_redirect == '') {
                                 $url_redirect = osc_user_dashboard_url();
                             }
                             osc_run_hook("after_login", $user, $url_redirect);
                             $this->redirectTo(osc_apply_filter('correct_login_url_redirect', $url_redirect));
                         } else {
                             osc_add_flash_error_message(_m('This should never happen'));
                         }
                     }
                 }
             }
             if (!$user['b_enabled']) {
                 $this->redirectTo(osc_user_login_url());
             }
             $this->redirectTo(osc_user_login_url());
             break;
         case 'resend':
             $id = Params::getParam('id');
             $email = Params::getParam('email');
             $user = User::newInstance()->findByPrimaryKey($id);
             if ($id == '' || $email == '' || !isset($user) || $user['b_active'] == 1 || $email != $user['s_email']) {
                 osc_add_flash_error_message(_m('Incorrect link'));
                 $this->redirectTo(osc_user_login_url());
             }
             if (time() - strtotime($user['dt_access_date']) > 1200) {
                 // EACH 20 MINUTES
                 if (osc_notify_new_user()) {
                     osc_run_hook('hook_email_admin_new_user', $user);
                 }
                 if (osc_user_validation_enabled()) {
                     osc_run_hook('hook_email_user_validation', $user, $user);
                 }
                 User::newInstance()->update(array('dt_access_date' => date('Y-m-d H:i:s')), array('pk_i_id' => $user['pk_i_id']));
                 osc_add_flash_ok_message(_m('Validation email re-sent'));
             } else {
                 osc_add_flash_warning_message(_m('We have just sent you an email to validate your account, you will have to wait a few minutes to resend it again'));
             }
             $this->redirectTo(osc_user_login_url());
             break;
         case 'recover':
             //form to recover the password (in this case we have the form in /gui/)
             $this->doView('user-recover.php');
             break;
         case 'recover_post':
             //post execution to recover the password
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             // e-mail is incorrect
             if (!preg_match('|^[a-z0-9\\.\\_\\+\\-]+@[a-z0-9\\.\\-]+\\.[a-z]{2,3}$|i', Params::getParam('s_email'))) {
                 osc_add_flash_error_message(_m('Invalid email address'));
                 $this->redirectTo(osc_recover_user_password_url());
             }
             $userActions = new UserActions(false);
             $success = $userActions->recover_password();
             switch ($success) {
                 case 0:
                     // recover ok
                     osc_add_flash_ok_message(_m('We have sent you an email with the instructions to reset your password'));
                     $this->redirectTo(osc_base_url());
                     break;
                 case 1:
                     // e-mail does not exist
                     osc_add_flash_error_message(_m('We were not able to identify you given the information provided'));
                     $this->redirectTo(osc_recover_user_password_url());
                     break;
                 case 2:
                     // recaptcha wrong
                     osc_add_flash_error_message(_m('The recaptcha code is wrong'));
                     $this->redirectTo(osc_recover_user_password_url());
                     break;
             }
             break;
         case 'forgot':
             //form to recover the password (in this case we have the form in /gui/)
             $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
             if ($user) {
                 $this->doView('user-forgot_password.php');
             } else {
                 osc_add_flash_error_message(_m('Sorry, the link is not valid'));
                 $this->redirectTo(osc_base_url());
             }
             break;
         case 'forgot_post':
             osc_csrf_check();
             if (Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
                 osc_add_flash_warning_message(_m('Password cannot be blank'));
                 $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
             }
             $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
             if ($user['b_enabled'] == 1) {
                 if (Params::getParam('new_password', false, false) == Params::getParam('new_password2', false, false)) {
                     User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => Params::getServerParam('REMOTE_ADDR'), 's_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => $user['pk_i_id']));
                     osc_add_flash_ok_message(_m('The password has been changed'));
                     $this->redirectTo(osc_user_login_url());
                 } else {
                     osc_add_flash_error_message(_m("Error, the password don't match"));
                     $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
                 }
             } else {
                 osc_add_flash_error_message(_m('Sorry, the link is not valid'));
             }
             $this->redirectTo(osc_base_url());
             break;
         default:
             //login
             Session::newInstance()->_setReferer(osc_get_http_referer());
             if (osc_logged_user_id() != '') {
                 $this->redirectTo(osc_user_dashboard_url());
             }
             $this->doView('user-login.php');
     }
 }
Пример #2
0
function item_success_item_validate()
{
    if (Params::getParam('page') == 'item' && Params::getParam('action') == 'activate') {
        $secret = Params::getParam('secret');
        $id = Params::getParam('id');
        $item = Item::newInstance()->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes(osc_logged_user_id()));
        // item doesn't exist
        if (count($item) == 0) {
            Rewrite::newInstance()->set_location('error');
            header('HTTP/1.1 404 Not Found');
            osc_current_web_theme_path('404.php');
            exit;
        }
        View::newInstance()->_exportVariableToView('item', $item[0]);
        if ($item[0]['b_active'] == 0) {
            // ACTIVETE ITEM
            $mItems = new ItemActions(false);
            $success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
            if ($success) {
                osc_add_flash_ok_message(_m('The listing has been validated'));
                item_success_redirect(Item::newInstance()->findByPrimaryKey($item[0]['pk_i_id']));
                exit;
            } else {
                osc_add_flash_error_message(_m("The listing can't be validated"));
            }
        } else {
            osc_add_flash_warning_message(_m('The listing has already been validated'));
        }
        osc_redirect_to(osc_item_url());
    }
}
Пример #3
0
/**
 * Remove resources from disk
 * @param <type> $id
 * @param boolean $admin
 * @return boolean
 */
function osc_deleteResource($id, $admin)
{
    if (defined('DEMO')) {
        return false;
    }
    if (is_array($id)) {
        $id = $id[0];
    }
    $resource = ItemResource::newInstance()->findByPrimaryKey($id);
    if (!is_null($resource)) {
        Log::newInstance()->insertLog('item', 'delete resource', $resource['pk_i_id'], $id, $admin ? 'admin' : 'user', $admin ? osc_logged_admin_id() : osc_logged_user_id());
        $backtracel = '';
        foreach (debug_backtrace() as $k => $v) {
            if ($v['function'] == "include" || $v['function'] == "include_once" || $v['function'] == "require_once" || $v['function'] == "require") {
                $backtracel .= "#" . $k . " " . $v['function'] . "(" . $v['args'][0] . ") called@ [" . $v['file'] . ":" . $v['line'] . "] / ";
            } else {
                $backtracel .= "#" . $k . " " . $v['function'] . " called@ [" . $v['file'] . ":" . $v['line'] . "] / ";
            }
        }
        Log::newInstance()->insertLog('item', 'delete resource backtrace', $resource['pk_i_id'], $backtracel, $admin ? 'admin' : 'user', $admin ? osc_logged_admin_id() : osc_logged_user_id());
        @unlink(osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . "." . $resource['s_extension']);
        @unlink(osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . "_original." . $resource['s_extension']);
        @unlink(osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . "_thumbnail." . $resource['s_extension']);
        @unlink(osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . "_preview." . $resource['s_extension']);
        osc_run_hook('delete_resource', $resource);
    }
}
Пример #4
0
function watchlist_exists($id)
{
    $conn = getConnection();
    $detail = $conn->osc_dbFetchResult("SELECT * FROM %st_item_watchlist WHERE fk_i_item_id = %d and fk_i_user_id = %d", DB_TABLE_PREFIX, $id, osc_logged_user_id());
    //If nothing returned then we can process
    if (isset($detail['fk_i_item_id'])) {
        return true;
    }
    return false;
}
Пример #5
0
 function __construct()
 {
     parent::__construct();
     $this->itemManager = Item::newInstance();
     // here allways userId == ''
     if (osc_is_web_user_logged_in()) {
         $this->userId = osc_logged_user_id();
         $this->user = User::newInstance()->findByPrimaryKey($this->userId);
     } else {
         $this->userId = null;
         $this->user = null;
     }
 }
/**
 * Show form to vote a seller if item belongs to a registered user. (itemDetail)
 *
 * @param type $item item array or userId
 */
function voting_item_detail_user($item = null)
{
    $userId = null;
    if ($item == null) {
        $userId = osc_item_user_id();
    } else {
        if (is_numeric($item)) {
            $userId = $item;
        } else {
            if (is_array($item)) {
                $userId = $item['fk_i_user_id'];
            } else {
                exit;
            }
        }
    }
    if (osc_get_preference('user_voting', 'voting') == 1 && is_numeric($userId) && isset($userId) && $userId > 0) {
        // obtener el avg de las votaciones
        $aux_vote = ModelVoting::newInstance()->getUserAvgRating($userId);
        $aux_count = ModelVoting::newInstance()->getUserNumberOfVotes($userId);
        $vote['vote'] = $aux_vote['vote'];
        $vote['total'] = $aux_count['total'];
        $vote['userId'] = $userId;
        $vote['can_vote'] = false;
        if (osc_is_web_user_logged_in() && can_vote_user($userId, osc_logged_user_id())) {
            $vote['can_vote'] = true;
        }
        require 'item_detail_user.php';
    }
}
Пример #7
0
        /**
         * Return an array with all data necessary for do the action (ADD OR EDIT)
         * @param <type> $is_add
         * @return array
         */
        public function prepareData( $is_add )
        {
            $aItem = array();
            $data = array();

            $userId = null;
            if( $this->is_admin ) {
                // user
                $data   = User::newInstance()->findByEmail(Params::getParam('contactEmail'));
                if( isset($data['pk_i_id']) && is_numeric($data['pk_i_id']) ) {
                    $userId = $data['pk_i_id'];
                }
            } else {
                $userId = Session::newInstance()->_get('userId');
                if( $userId == '' ) {
                    $userId = NULL;
                } elseif ($userId != NULL) {
                    $data   = User::newInstance()->findByPrimaryKey( $userId );
                }
            }

            if( $userId != null ) {
                $aItem['contactName']   = $data['s_name'];
                $aItem['contactEmail']  = $data['s_email'];
                Params::setParam('contactName', $data['s_name']);
                Params::setParam('contactEmail', $data['s_email']);
            } else {
                $aItem['contactName']   = Params::getParam('contactName');
                $aItem['contactEmail']  = Params::getParam('contactEmail');
            }
            $aItem['userId']        = $userId;

            if( $is_add ) {   // ADD
                if($this->is_admin) {
                    $active = 'ACTIVE';
                } else {
                    if(osc_moderate_items()>0) { // HAS TO VALIDATE
                        if(!osc_is_web_user_logged_in()) { // NO USER IS LOGGED, VALIDATE
                            $active = 'INACTIVE';
                        } else { // USER IS LOGGED
                            if(osc_logged_user_item_validation()) { //USER IS LOGGED, BUT NO NEED TO VALIDATE
                                $active = 'ACTIVE';
                            } else { // USER IS LOGGED, NEED TO VALIDATE, CHECK NUMBER OF PREVIOUS ITEMS
                                $user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
                                if($user['i_items']<osc_moderate_items()) {
                                    $active = 'INACTIVE';
                                } else {
                                    $active = 'ACTIVE';
                                }
                            }
                        }
                    } else if(osc_moderate_items()==0 ){
                        if(osc_is_web_user_logged_in() && osc_logged_user_item_validation() ) {
                            $active = 'ACTIVE';
                        } else {
                            $active = 'INACTIVE';
                        }
                    } else {
                        $active = 'ACTIVE';
                    }
                }
                $aItem['active']        = $active;
            } else {          // EDIT
                $aItem['secret']    = Params::getParam('secret');
                $aItem['idItem']    = Params::getParam('id');
            }

            // get params
            $aItem['catId']         = Params::getParam('catId');
            $aItem['countryId']     = Params::getParam('countryId');
            $aItem['country']       = Params::getParam('country');
            $aItem['region']        = Params::getParam('region');
            $aItem['regionId']      = Params::getParam('regionId');
            $aItem['city']          = Params::getParam('city');
            $aItem['cityId']        = Params::getParam('cityId');
            $aItem['price']         = (Params::getParam('price') != '') ? Params::getParam('price') : null;
            $aItem['cityArea']      = Params::getParam('cityArea');
            $aItem['address']       = Params::getParam('address');
            $aItem['currency']      = Params::getParam('currency');
            $aItem['showEmail']     = (Params::getParam('showEmail') != '') ? 1 : 0;
            $aItem['title']         = Params::getParam('title');
            $aItem['description']   = Params::getParam('description');
            $aItem['photos']        = Params::getFiles('photos');
            $ajax_photos            = Params::getParam('ajax_photos');
            $aItem['s_ip']          = get_ip();
            $aItem['d_coord_lat']   = (Params::getParam('d_coord_lat')  != '') ? Params::getParam('d_coord_lat') : null;
            $aItem['d_coord_long']  = (Params::getParam('d_coord_long') != '') ? Params::getParam('d_coord_long') : null;
            $aItem['s_zip']         = (Params::getParam('zip')  != '') ? Params::getParam('zip') : null;

            // $ajax_photos is an array of filenames of the photos uploaded by ajax to a temporary folder
            // fake insert them into the array of the form-uploaded photos
            if(is_array($ajax_photos)) {
                foreach($ajax_photos as $photo) {
                    if(file_exists(osc_content_path().'uploads/temp/'.$photo)) {
                        $aItem['photos']['name'][]      = $photo;
                        $aItem['photos']['type'][]      = 'image/*';
                        $aItem['photos']['tmp_name'][]  = osc_content_path().'uploads/temp/'.$photo;
                        $aItem['photos']['error'][]     = UPLOAD_ERR_OK;
                        $aItem['photos']['size'][]      = 0;
                    }
                }
            }

            if($is_add || $this->is_admin) {
                $dt_expiration = Params::getParam('dt_expiration');
                if($dt_expiration==-1) {
                    $aItem['dt_expiration'] = '';
                } else if($dt_expiration!='' && (preg_match('|^([0-9]+)$|', $dt_expiration, $match) || preg_match('|([0-9]{4})-([0-9]{2})-([0-9]{2}) ([0-9]{2}):([0-9]{2}):([0-9]{2})|', $dt_expiration, $match))) {
                    $aItem['dt_expiration'] = $dt_expiration;
                } else {
                    $_category = Category::newInstance()->findByPrimaryKey($aItem['catId']);
                    $aItem['dt_expiration'] = $_category['i_expiration_days'];
                }
                unset($dt_expiration);
            } else {
                $aItem['dt_expiration'] = '';
            };

            // check params
            $country = Country::newInstance()->findByCode($aItem['countryId']);
            if( count($country) > 0 ) {
                $countryId = $country['pk_c_code'];
                $countryName = $country['s_name'];
            } else {
                $countryId = null;
                $countryName = $aItem['country'];
            }
            $aItem['countryId']   = $countryId;
            $aItem['countryName']   = $countryName;

            if( $aItem['regionId'] != '' ) {
                if( intval($aItem['regionId']) ) {
                    $region = Region::newInstance()->findByPrimaryKey($aItem['regionId']);
                    if( count($region) > 0 ) {
                        $regionId = $region['pk_i_id'];
                        $regionName = $region['s_name'];
                    }
                }
            } else {
                $regionId = null;
                $regionName = $aItem['region'];
                if( $aItem['countryId'] != '' ) {
                    $auxRegion  = Region::newInstance()->findByName($aItem['region'], $aItem['countryId'] );
                    if($auxRegion){
                        $regionId   = $auxRegion['pk_i_id'];
                        $regionName = $auxRegion['s_name'];
                    }
                }
            }

            $aItem['regionId']      = $regionId;
            $aItem['regionName']    = $regionName;

            if( $aItem['cityId'] != '' ) {
                if( intval($aItem['cityId']) ) {
                    $city = City::newInstance()->findByPrimaryKey($aItem['cityId']);
                    if( count($city) > 0 ) {
                        $cityId = $city['pk_i_id'];
                        $cityName = $city['s_name'];
                    }
                }
            } else {
                $cityId = null;
                $cityName = $aItem['city'];
                if( $aItem['countryId'] != '' ) {
                    $auxCity = City::newInstance()->findByName($aItem['city'], $aItem['regionId'] );
                    if($auxCity){
                        $cityId   = $auxCity['pk_i_id'];
                        $cityName = $auxCity['s_name'];
                    }
                }
            }

            $aItem['cityId']      = $cityId;
            $aItem['cityName']    = $cityName;

            if( $aItem['cityArea'] == '' ) {
                $aItem['cityArea'] = null;
            }

            if( $aItem['address'] == '' ) {
                $aItem['address'] = null;
            }

            if( !is_null($aItem['price']) ) {
                $price = str_replace(osc_locale_thousands_sep(), '', trim($aItem['price']));
                $price = str_replace(osc_locale_dec_point(), '.', $price);
                $aItem['price'] = $price*1000000;
                //$aItem['price'] = (float) $aItem['price'];
            }

            if( $aItem['catId'] == ''){
                $aItem['catId'] = 0;
            }

            if( $aItem['currency'] == '' ) {
                $aItem['currency'] = null;
            }

            $this->data = $aItem;
        }
Пример #8
0
 /**
  * Return an array with all data necessary for do the action (ADD OR EDIT)
  * @param <type> $is_add
  * @return array
  */
 public function prepareData($is_add)
 {
     $aItem = array();
     // prepare user
     $userId = null;
     if ($this->is_admin) {
         if (Params::getParam('userId') != '') {
             $userId = Params::getParam('userId');
         }
     } else {
         $userId = Session::newInstance()->_get('userId');
         if ($userId == '') {
             $userId = NULL;
         }
     }
     if ($is_add) {
         // ADD
         if ($this->is_admin) {
             $active = 'ACTIVE';
         } else {
             if (osc_moderate_items() > 0) {
                 // HAS TO VALIDATE
                 if (!osc_is_web_user_logged_in()) {
                     // NO USER IS LOGGED, VALIDATE
                     $active = 'INACTIVE';
                 } else {
                     // USER IS LOGGED
                     if (osc_logged_user_item_validation()) {
                         //USER IS LOGGED, BUT NO NEED TO VALIDATE
                         $active = 'ACTIVE';
                     } else {
                         // USER IS LOGGED, NEED TO VALIDATE, CHECK NUMBER OF PREVIOUS ITEMS
                         $user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
                         if ($user['i_items'] < osc_moderate_items()) {
                             $active = 'INACTIVE';
                         } else {
                             $active = 'ACTIVE';
                         }
                     }
                 }
             } else {
                 if (osc_moderate_items() == 0) {
                     if (osc_is_web_user_logged_in() && osc_logged_user_item_validation()) {
                         $active = 'ACTIVE';
                     } else {
                         $active = 'INACTIVE';
                     }
                 } else {
                     $active = 'ACTIVE';
                 }
             }
         }
         if ($userId != null) {
             $data = User::newInstance()->findByPrimaryKey($userId);
             $aItem['contactName'] = $data['s_name'];
             $aItem['contactEmail'] = $data['s_email'];
             Params::setParam('contactName', $data['s_name']);
             Params::setParam('contactEmail', $data['s_email']);
         } else {
             $aItem['contactName'] = Params::getParam('contactName');
             $aItem['contactEmail'] = Params::getParam('contactEmail');
         }
         $aItem['active'] = $active;
         $aItem['userId'] = $userId;
     } else {
         // EDIT
         $aItem['secret'] = Params::getParam('secret');
         $aItem['idItem'] = Params::getParam('id');
         if ($userId != null) {
             $data = User::newInstance()->findByPrimaryKey($userId);
             $aItem['contactName'] = $data['s_name'];
             $aItem['contactEmail'] = $data['s_email'];
             Params::setParam('contactName', $data['s_name']);
             Params::setParam('contactEmail', $data['s_email']);
         } else {
             $aItem['contactName'] = Params::getParam('contactName');
             $aItem['contactEmail'] = Params::getParam('contactEmail');
         }
         $aItem['userId'] = $userId;
     }
     // get params
     $aItem['catId'] = Params::getParam('catId');
     $aItem['countryId'] = Params::getParam('countryId');
     $aItem['country'] = Params::getParam('country');
     $aItem['region'] = Params::getParam('region');
     $aItem['regionId'] = Params::getParam('regionId');
     $aItem['city'] = Params::getParam('city');
     $aItem['cityId'] = Params::getParam('cityId');
     $aItem['price'] = Params::getParam('price') != '' ? Params::getParam('price') : null;
     $aItem['cityArea'] = Params::getParam('cityArea');
     $aItem['address'] = Params::getParam('address');
     $aItem['currency'] = Params::getParam('currency');
     $aItem['showEmail'] = Params::getParam('showEmail') != '' ? 1 : 0;
     $aItem['title'] = Params::getParam('title');
     $aItem['description'] = Params::getParam('description');
     $aItem['photos'] = Params::getFiles('photos');
     // check params
     $country = Country::newInstance()->findByCode($aItem['countryId']);
     if (count($country) > 0) {
         $countryId = $country['pk_c_code'];
         $countryName = $country['s_name'];
     } else {
         $countryId = null;
         $countryName = $aItem['country'];
     }
     $aItem['countryId'] = $countryId;
     $aItem['countryName'] = $countryName;
     if ($aItem['regionId'] != '') {
         if (intval($aItem['regionId'])) {
             $region = Region::newInstance()->findByPrimaryKey($aItem['regionId']);
             if (count($region) > 0) {
                 $regionId = $region['pk_i_id'];
                 $regionName = $region['s_name'];
             }
         }
     } else {
         $regionId = null;
         $regionName = $aItem['region'];
         if ($aItem['countryId'] != '') {
             $auxRegion = Region::newInstance()->findByName($aItem['region'], $aItem['countryId']);
             if ($auxRegion) {
                 $regionId = $auxRegion['pk_i_id'];
                 $regionName = $auxRegion['s_name'];
             }
         }
     }
     $aItem['regionId'] = $regionId;
     $aItem['regionName'] = $regionName;
     if ($aItem['cityId'] != '') {
         if (intval($aItem['cityId'])) {
             $city = City::newInstance()->findByPrimaryKey($aItem['cityId']);
             if (count($city) > 0) {
                 $cityId = $city['pk_i_id'];
                 $cityName = $city['s_name'];
             }
         }
     } else {
         $cityId = null;
         $cityName = $aItem['city'];
         if ($aItem['countryId'] != '') {
             $auxCity = City::newInstance()->findByName($aItem['city'], $aItem['regionId']);
             if ($auxCity) {
                 $cityId = $auxCity['pk_i_id'];
                 $cityName = $auxCity['s_name'];
             }
         }
     }
     $aItem['cityId'] = $cityId;
     $aItem['cityName'] = $cityName;
     if ($aItem['cityArea'] == '') {
         $aItem['cityArea'] = null;
     }
     if ($aItem['address'] == '') {
         $aItem['address'] = null;
     }
     if (!is_null($aItem['price'])) {
         $price = str_replace(osc_locale_thousands_sep(), '', trim($aItem['price']));
         $price = str_replace(osc_locale_dec_point(), '.', $price);
         $aItem['price'] = $price * 1000000;
         //$aItem['price'] = (float) $aItem['price'];
     }
     if ($aItem['catId'] == '') {
         $aItem['catId'] = 0;
     }
     if ($aItem['currency'] == '') {
         $aItem['currency'] = null;
     }
     $this->data = $aItem;
 }
Пример #9
0
 function doModel()
 {
     switch ($this->action) {
         case 'login_post':
             //post execution for the login
             if (!osc_users_enabled()) {
                 osc_add_flash_error_message(_m('Users are not enabled'));
                 $this->redirectTo(osc_base_url());
             }
             require_once LIB_PATH . 'osclass/UserActions.php';
             $user = User::newInstance()->findByEmail(Params::getParam('email'));
             $url_redirect = osc_user_dashboard_url();
             $page_redirect = '';
             if (osc_rewrite_enabled()) {
                 if (isset($_SERVER['HTTP_REFERER'])) {
                     $request_uri = urldecode(preg_replace('@^' . osc_base_url() . '@', "", $_SERVER['HTTP_REFERER']));
                     $tmp_ar = explode("?", $request_uri);
                     $request_uri = $tmp_ar[0];
                     $rules = Rewrite::newInstance()->listRules();
                     foreach ($rules as $match => $uri) {
                         if (preg_match('#' . $match . '#', $request_uri, $m)) {
                             $request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
                             if (preg_match('|([&?]{1})page=([^&]*)|', '&' . $request_uri . '&', $match)) {
                                 $page_redirect = $match[2];
                             }
                             break;
                         }
                     }
                 }
             } else {
                 if (preg_match('|[\\?&]page=([^&]+)|', $_SERVER['HTTP_REFERER'] . '&', $match)) {
                     $page_redirect = $match[1];
                 }
             }
             if (Params::getParam('http_referer') != '') {
                 Session::newInstance()->_setReferer(Params::getParam('http_referer'));
                 $url_redirect = Params::getParam('http_referer');
             } else {
                 if (Session::newInstance()->_getReferer() != '') {
                     Session::newInstance()->_setReferer(Session::newInstance()->_getReferer());
                     $url_redirect = Session::newInstance()->_getReferer();
                 } else {
                     if ($page_redirect != '' && $page_redirect != 'login') {
                         Session::newInstance()->_setReferer($_SERVER['HTTP_REFERER']);
                         $url_redirect = $_SERVER['HTTP_REFERER'];
                     }
                 }
             }
             if (!$user) {
                 osc_add_flash_error_message(_m('The username doesn\'t exist'));
                 $this->redirectTo(osc_user_login_url());
             }
             if ($user["s_password"] != sha1(Params::getParam('password'))) {
                 osc_add_flash_error_message(_m('The password is incorrect'));
                 $this->redirectTo(osc_user_login_url());
             }
             $uActions = new UserActions(false);
             $logged = $uActions->bootstrap_login($user['pk_i_id']);
             if ($logged == 0) {
                 osc_add_flash_error_message(_m('The username doesn\'t exist'));
             } else {
                 if ($logged == 1) {
                     osc_add_flash_error_message(_m('The user has not been validated yet'));
                 } else {
                     if ($logged == 2) {
                         osc_add_flash_error_message(_m('The user has been suspended'));
                     } else {
                         if ($logged == 3) {
                             if (Params::getParam('remember') == 1) {
                                 //this include contains de osc_genRandomPassword function
                                 require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
                                 $secret = osc_genRandomPassword();
                                 User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
                                 Cookie::newInstance()->set_expires(osc_time_cookie());
                                 Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
                                 Cookie::newInstance()->push('oc_userSecret', $secret);
                                 Cookie::newInstance()->set();
                             }
                             $this->redirectTo($url_redirect);
                         } else {
                             osc_add_flash_error_message(_m('This should never happens'));
                         }
                     }
                 }
             }
             if (!$user['b_enabled']) {
                 $this->redirectTo(osc_user_login_url());
             }
             $this->redirectTo(osc_user_login_url());
             break;
         case 'recover':
             //form to recover the password (in this case we have the form in /gui/)
             $this->doView('user-recover.php');
             break;
         case 'recover_post':
             //post execution to recover the password
             require_once LIB_PATH . 'osclass/UserActions.php';
             // e-mail is incorrect
             if (!preg_match('|^[a-z0-9\\.\\_\\+\\-]+@[a-z0-9\\.\\-]+\\.[a-z]{2,3}$|i', Params::getParam('s_email'))) {
                 osc_add_flash_error_message(_m('Invalid email address'));
                 $this->redirectTo(osc_recover_user_password_url());
             }
             $userActions = new UserActions(false);
             $success = $userActions->recover_password();
             switch ($success) {
                 case 0:
                     // recover ok
                     osc_add_flash_ok_message(_m('We have sent you an email with the instructions to reset your password'));
                     $this->redirectTo(osc_base_url());
                     break;
                 case 1:
                     // e-mail does not exist
                     osc_add_flash_error_message(_m('We were not able to identify you given the information provided'));
                     $this->redirectTo(osc_recover_user_password_url());
                     break;
                 case 2:
                     // recaptcha wrong
                     osc_add_flash_error_message(_m('The recaptcha code is wrong'));
                     $this->redirectTo(osc_recover_user_password_url());
                     break;
             }
             break;
         case 'forgot':
             //form to recover the password (in this case we have the form in /gui/)
             $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
             if ($user) {
                 $this->doView('user-forgot_password.php');
             } else {
                 osc_add_flash_error_message(_m('Sorry, the link is not valid'));
                 $this->redirectTo(osc_base_url());
             }
             break;
         case 'forgot_post':
             if (Params::getParam('new_password') == '' || Params::getParam('new_password2') == '') {
                 osc_add_flash_warning_message(_m('Password cannot be blank'));
                 $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
             }
             $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
             if ($user['b_enabled'] == 1) {
                 if (Params::getParam('new_password') == Params::getParam('new_password2')) {
                     User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => $_SERVER['REMOTE_ADDR'], 's_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => $user['pk_i_id']));
                     osc_add_flash_ok_message(_m('The password has been changed'));
                     $this->redirectTo(osc_user_login_url());
                 } else {
                     osc_add_flash_error_message(_m('Error, the password don\'t match'));
                     $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
                 }
             } else {
                 osc_add_flash_error_message(_m('Sorry, the link is not valid'));
             }
             $this->redirectTo(osc_base_url());
             break;
         default:
             //login
             if (osc_logged_user_id() != '') {
                 $this->redirectTo(osc_user_dashboard_url());
             }
             $this->doView('user-login.php');
     }
 }
Пример #10
0
    $user_picture_url = osc_current_web_theme_url('images/user_default.gif');
}
?>
        <div class="user-avatar">
            <img  src="<?php 
echo $user_picture_url;
?>
" width="50" height="50" />
         </div>
            <div >
                <span class="name"><?php 
echo osc_logged_user_name();
?>
</span>
                <a href="<?php 
echo osc_user_public_profile_url(osc_logged_user_id());
?>
"><?php 
_e('Public profile', 'pop');
?>
</a>
            </div>
        </div>
       <div class="user-menu box">
    <?php 
echo osc_private_user_menu(get_user_menu());
?>
           </div>
</div>
</div>
<div id="dialog-delete-account" title="<?php 
Пример #11
0
            if (can_vote($itemId, $userId, $hash)) {
                ModelVoting::newInstance()->insertItemVote($itemId, $userId, $iVote, $hash);
            }
        } else {
            if ($user == 1 && is_null($hash)) {
                if (can_vote($itemId, $userId, $hash)) {
                    ModelVoting::newInstance()->insertItemVote($itemId, $userId, $iVote, $hash);
                }
            }
        }
    }
    // return updated voting
    $item = Item::newInstance()->findByPrimaryKey($itemId);
    View::newInstance()->_exportVariableToView('item', $item);
    if (osc_is_this_category('voting', osc_item_category_id())) {
        $aux_vote = ModelVoting::newInstance()->getItemAvgRating(osc_item_id());
        $aux_count = ModelVoting::newInstance()->getItemNumberOfVotes(osc_item_id());
        $vote['vote'] = $aux_vote['vote'];
        $vote['total'] = $aux_count['total'];
        $vote['can_vote'] = true;
        if (osc_get_preference('user', 'voting') == 1) {
            if (!osc_is_web_user_logged_in()) {
                $vote['can_vote'] = false;
            }
        }
        if (!can_vote(osc_item_id(), osc_logged_user_id(), $hash)) {
            $vote['can_vote'] = false;
        }
        require 'view_votes.php';
    }
}
Пример #12
0
                                    </div>
                                </form>
                            </div>
</div>
                      </div>
                      <div class="tab-pane" id="deleteprofile">
                      	<div class="delete-profile">
                            <p><?php 
_e('Are you sure you want to delete your account?', 'flatter');
?>
</p>
                            <a class="btn btn-danger" onclick="javascript:return confirm('<?php 
echo osc_esc_js(__('Are you sure you want to continue?', 'flatter'));
?>
')" href="<?php 
echo osc_base_url() . '?page=user&action=delete&id=' . osc_logged_user_id() . '&secret=' . osc_user_field("s_secret");
?>
" class="opt_delete_account"><?php 
_e('Delete', 'flatter');
?>
</a>
                        </div>
                      </div>
                    </div>
                	
                </div>
            </div>
            
            <div class="col-sm-3 visible-xs" style="margin-top:15px;">
            	<?php 
osc_run_hook('before-main');
<?php

require_once PAYMENT_PRO_PATH . 'CheckoutDataTable.php';
$products = payment_pro_cart_get();
$extra = array('user' => osc_logged_user_id(), 'email' => osc_logged_user_email());
$checkoutDataTable = new CheckoutDataTable();
$checkoutDataTable->table($products);
$aData = $checkoutDataTable->getData();
$aRawRows = $checkoutDataTable->rawRows();
$columns = $aData['aColumns'];
$rows = $aData['aRows'];
?>
<style type="text/css">
    .payments-ul {
        list-style-type:none;
    }
    .payments-ul li
    {
        display: inline-block;
    }
    .payments-preview {
        float:left;
        width: 40%;
    }
    .payments-options {
        float:left;
        width: 60%;
    }
    table.table {
        width: 100%;
        max-width: 100%;
Пример #14
0
<?php

if (Params::getParam('id') != '') {
    $id = Params::getParam('id');
    if (osc_is_web_user_logged_in()) {
        //check if the item is not already in the watchlist
        $conn = getConnection();
        $detail = $conn->osc_dbFetchResult("SELECT * FROM %st_item_watchlist WHERE fk_i_item_id = %d and fk_i_user_id = %d", DB_TABLE_PREFIX, $id, osc_logged_user_id());
        //If nothing returned then we can process
        if (!isset($detail['fk_i_item_id'])) {
            $conn = getConnection();
            $conn->osc_dbExec("INSERT INTO %st_item_watchlist (fk_i_item_id, fk_i_user_id) VALUES (%d, '%d')", DB_TABLE_PREFIX, $id, osc_logged_user_id());
            $title = __('Remove from watchlist', 'watchlist');
            echo '<a class="watchlist full" id="' . $id . '"><span title="' . $title . '"></span>' . $title . '</a>';
        } else {
            // remove from watchlist
            $conn = getConnection();
            $conn->osc_dbExec("DELETE FROM %st_item_watchlist WHERE fk_i_item_id = '%d'", DB_TABLE_PREFIX, $id);
            $title = __('Add to watchlist', 'watchlist');
            echo '<a class="watchlist empty" id="' . $id . '"><span title="' . $title . '"></span>' . $title . '</a>';
        }
    } else {
        //error user is not login in
        //echo '<a href="' . osc_user_login_url() . '">' . __('Please login', 'watchlist') . '</a>';
    }
}
Пример #15
0
                            </a>
                            <?php 
        }
        ?>
                        </div>
                        <?php 
    }
    ?>
                    <?php 
}
?>
                    <?php 
if (!osc_item_is_expired()) {
    ?>
                    <?php 
    if (osc_logged_user_id() != osc_item_user_id()) {
        ?>
                    <?php 
        if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
            ?>
                    <div id="contact">
                        <h2><?php 
            _e("Contact publisher", 'modern');
            ?>
</h2>
                        <p class="name"><?php 
            _e('Name', 'modern');
            ?>
: <?php 
            echo osc_item_contact_name();
            ?>
Пример #16
0
            <!--<div class="box fb-comments" data-href="<?php 
echo osc_item_url();
?>
" data-numposts="5"></div>-->

            <?php 
if (osc_comments_enabled()) {
    //  item_comments();
}
?>
        </div>
        <div class="col-sm-6 col-md-4">
            <div class="item-detail">
                <?php 
if (osc_is_web_user_logged_in() && osc_logged_user_id() == osc_item_user_id()) {
    ?>

                <div class="toolbar admin-options">
                   
                    <a class="link" href="<?php 
    echo osc_item_edit_url();
    ?>
" rel="nofollow">
                        <i class="fa fa-pencil"></i>
                        <?php 
    _e('Edit', 'pop');
    ?>
                    </a>
                    <a class="link" href="#" onclick="confirmDelete('#dialog-delete-item','<?php 
    echo osc_item_delete_url();
Пример #17
0
                echo osc_comment_title();
                ?>
 <em>
                            <?php 
                _e("by", 'osclasswizards');
                ?>
                            <?php 
                echo osc_comment_author_name();
                ?>
:</em></h4>
                    <p><?php 
                echo nl2br(osc_comment_body());
                ?>
 </p>
                    <?php 
                if (osc_comment_user_id() && osc_comment_user_id() == osc_logged_user_id()) {
                    ?>
                    <p> <a rel="nofollow" href="<?php 
                    echo osc_delete_comment_url();
                    ?>
" title="<?php 
                    _e('Delete your comment', 'osclasswizards');
                    ?>
">
                            <?php 
                    _e('Delete', 'osclasswizards');
                    ?>
                        </a> </p>
                    <?php 
                }
                ?>
Пример #18
0
<?php

if (osc_is_web_user_logged_in()) {
    $recipPMs = ModelPM::newInstance()->getSenderMessages(osc_logged_user_id(), 1, 'pm_id', 'DESC');
    $recipCount = count($recipPMs);
    ?>
<div class="content user_account">
    <h1>
        <strong><?php 
    _e('Outbox', 'osclass_pm');
    ?>
</strong>
    </h1>
    <div id="sidebar">
        <?php 
    echo osc_private_user_menu();
    ?>
    </div>
    <div id="main">
            <h2><?php 
    _e('Outbox', 'osclass_pm');
    ?>
</h2>
            <form action="<?php 
    echo osc_base_url() . 'oc-content/plugins/osclass_pm/user-proc.php';
    ?>
" method="POST">
            <input type="hidden" name="page" value="custom" />
            <input type="hidden" name="file" value="osclass_pm/user-proc.php" />
            <input type="hidden" name="box" value="outbox" />
            <input type="hidden" name="option" value="delMessages" />
Пример #19
0
    ?>
<div id="rate_this" class="modal fade">
  <div class="modal-dialog">
    <div class="modal-content">
      <div class="modal-header">
        <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
        <h4 class="modal-title">Rate this Seller</h4>
      </div>
      <form name="ratings" id="ratings" method="post" action="">
        <input type="hidden" name="seller_rating" value="submit_it" />
        <div class="modal-body" style="background-color:#ccc;">
          <div id="ratings" style="padding:15px;">
             <div id="jRate"></div><div id="rating-onchange-value">Your Rating: </div>
             <input type="hidden" name="rating_data" id="rating_data"/>
             <input type="hidden" name="rating_user" id="rating_user" value="<?php 
    echo osc_logged_user_id();
    ?>
" />
             <input type="hidden" name="rating_seller" id="rating_seller" value="<?php 
    echo osc_item_user_id();
    ?>
" />
        </div>
          <button type="submit" class="btn btn-primary" >Submit Ratings</button>
        </div>
      </form>
      <div class="modal-footer">
        <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
        
      </div>
    </div><!-- /.modal-content -->
Пример #20
0
function nc_osc_check_watchlist()
{
    return WatchList::newInstance()->checkItemAdded(osc_logged_user_id(), osc_item_id());
}
Пример #21
0
</p>
                                         </td>
                                     </tr>
                                    <?php 
    $class = $class == 'even' ? 'odd' : 'even';
    ?>
                                <?php 
}
?>
                            </tbody>
                        </table>
                    </div>
                </div>
                <div id="sidebar">
                    <?php 
if (osc_logged_user_id() != osc_user_id()) {
    ?>
                    <?php 
    if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
        ?>
                    <div id="contact">
                        <h2><?php 
        _e("Contact publisher", 'modern');
        ?>
</h2>
                        <ul id="error_list"></ul>
                        <?php 
        ContactForm::js_validation();
        ?>
                        <form action="<?php 
        echo osc_base_url(true);
Пример #22
0
 function doModel()
 {
     //calling the view...
     $locales = OSCLocale::newInstance()->listAllEnabled();
     $this->_exportVariableToView('locales', $locales);
     switch ($this->action) {
         case 'item_add':
             // post
             if (osc_reg_user_post() && $this->user == null) {
                 osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
                 Session::newInstance()->_setReferer(osc_item_post_url());
                 $this->redirectTo(osc_user_login_url());
             }
             $countries = Country::newInstance()->listAll();
             $regions = array();
             if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
                 $regions = Region::newInstance()->findByCountry($this->user['fk_c_country_code']);
             } else {
                 if (count($countries) > 0) {
                     $regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']);
                 }
             }
             $cities = array();
             if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
                 $cities = City::newInstance()->findByRegion($this->user['fk_i_region_id']);
             } else {
                 if (count($regions) > 0) {
                     $cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']);
                 }
             }
             $this->_exportVariableToView('countries', $countries);
             $this->_exportVariableToView('regions', $regions);
             $this->_exportVariableToView('cities', $cities);
             $form = count(Session::newInstance()->_getForm());
             $keepForm = count(Session::newInstance()->_getKeepForm());
             if ($form == 0 || $form == $keepForm) {
                 Session::newInstance()->_dropKeepForm();
             }
             if (Session::newInstance()->_getForm('countryId') != "") {
                 $countryId = Session::newInstance()->_getForm('countryId');
                 $regions = Region::newInstance()->findByCountry($countryId);
                 $this->_exportVariableToView('regions', $regions);
                 if (Session::newInstance()->_getForm('regionId') != "") {
                     $regionId = Session::newInstance()->_getForm('regionId');
                     $cities = City::newInstance()->findByRegion($regionId);
                     $this->_exportVariableToView('cities', $cities);
                 }
             }
             $this->_exportVariableToView('user', $this->user);
             osc_run_hook('post_item');
             $this->doView('item-post.php');
             break;
         case 'item_add_post':
             //post_item
             osc_csrf_check();
             if (osc_reg_user_post() && $this->user == null) {
                 osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
                 $this->redirectTo(osc_base_url(true));
             }
             $mItems = new ItemActions(false);
             // prepare data for ADD ITEM
             $mItems->prepareData(true);
             // set all parameters into session
             foreach ($mItems->data as $key => $value) {
                 Session::newInstance()->_setForm($key, $value);
             }
             $meta = Params::getParam('meta');
             if (is_array($meta)) {
                 foreach ($meta as $key => $value) {
                     Session::newInstance()->_setForm('meta_' . $key, $value);
                     Session::newInstance()->_keepForm('meta_' . $key);
                 }
             }
             if (osc_recaptcha_items_enabled() && osc_recaptcha_private_key() != '') {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                     $this->redirectTo(osc_item_post_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             if (!osc_is_web_user_logged_in()) {
                 $user = User::newInstance()->findByEmail($mItems->data['contactEmail']);
                 // The user exists but it's not logged
                 if (isset($user['pk_i_id'])) {
                     foreach ($mItems->data as $key => $value) {
                         Session::newInstance()->_keepForm($key);
                     }
                     osc_add_flash_error_message(_m('A user with that email address already exists, if it is you, please log in'));
                     $this->redirectTo(osc_user_login_url());
                 }
             }
             $banned = osc_is_banned($mItems->data['contactEmail']);
             if ($banned == 1) {
                 osc_add_flash_error_message(_m('Your current email is not allowed'));
                 $this->redirectTo(osc_item_post_url());
             } else {
                 if ($banned == 2) {
                     osc_add_flash_error_message(_m('Your current IP is not allowed'));
                     $this->redirectTo(osc_item_post_url());
                 }
             }
             // POST ITEM ( ADD ITEM )
             $success = $mItems->add();
             if ($success != 1 && $success != 2) {
                 osc_add_flash_error_message($success);
                 $this->redirectTo(osc_item_post_url());
             } else {
                 if (is_array($meta)) {
                     foreach ($meta as $key => $value) {
                         Session::newInstance()->_dropKeepForm('meta_' . $key);
                     }
                 }
                 Session::newInstance()->_clearVariables();
                 if ($success == 1) {
                     osc_add_flash_ok_message(_m('Check your inbox to validate your listing'));
                 } else {
                     osc_add_flash_ok_message(_m('Your listing has been published'));
                 }
                 $itemId = Params::getParam('itemId');
                 $category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
                 View::newInstance()->_exportVariableToView('category', $category);
                 $this->redirectTo(osc_search_category_url());
             }
             break;
         case 'item_edit':
             // edit item
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
             if (count($item) == 1) {
                 $item = Item::newInstance()->findByPrimaryKey($id);
                 $form = count(Session::newInstance()->_getForm());
                 $keepForm = count(Session::newInstance()->_getKeepForm());
                 if ($form == 0 || $form == $keepForm) {
                     Session::newInstance()->_dropKeepForm();
                 }
                 $this->_exportVariableToView('item', $item);
                 osc_run_hook("before_item_edit", $item);
                 $this->doView('item-edit.php');
             } else {
                 // add a flash message [ITEM NO EXISTE]
                 osc_add_flash_error_message(_m("Sorry, we don't have any listings with that ID"));
                 if ($this->user != null) {
                     $this->redirectTo(osc_user_list_items_url());
                 } else {
                     $this->redirectTo(osc_base_url());
                 }
             }
             break;
         case 'item_edit_post':
             osc_csrf_check();
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
             if (count($item) == 1) {
                 $this->_exportVariableToView('item', $item[0]);
                 $mItems = new ItemActions(false);
                 // prepare data for ADD ITEM
                 $mItems->prepareData(false);
                 // set all parameters into session
                 foreach ($mItems->data as $key => $value) {
                     Session::newInstance()->_setForm($key, $value);
                 }
                 $meta = Params::getParam('meta');
                 if (is_array($meta)) {
                     foreach ($meta as $key => $value) {
                         Session::newInstance()->_setForm('meta_' . $key, $value);
                         Session::newInstance()->_keepForm('meta_' . $key);
                     }
                 }
                 if (osc_recaptcha_items_enabled() && osc_recaptcha_private_key() != '') {
                     if (!osc_check_recaptcha()) {
                         osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                         $this->redirectTo(osc_item_edit_url($secret, $id));
                         return false;
                         // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                     }
                 }
                 $success = $mItems->edit();
                 if ($success == 1) {
                     osc_add_flash_ok_message(_m("Great! We've just updated your listing"));
                     View::newInstance()->_exportVariableToView("item", Item::newInstance()->findByPrimaryKey($id));
                     $this->redirectTo(osc_item_url());
                 } else {
                     osc_add_flash_error_message($success);
                     $this->redirectTo(osc_item_edit_url($secret, $id));
                 }
             }
             break;
         case 'activate':
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
             // item doesn't exist
             if (count($item) == 0) {
                 $this->do404();
                 return;
             }
             View::newInstance()->_exportVariableToView('item', $item[0]);
             if ($item[0]['b_active'] == 0) {
                 // ACTIVETE ITEM
                 $mItems = new ItemActions(false);
                 $success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
                 if ($success) {
                     osc_add_flash_ok_message(_m('The listing has been validated'));
                 } else {
                     osc_add_flash_error_message(_m("The listing can't be validated"));
                 }
             } else {
                 osc_add_flash_warning_message(_m('The listing has already been validated'));
             }
             $this->redirectTo(osc_item_url());
             break;
         case 'item_delete':
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
             if (count($item) == 1) {
                 $mItems = new ItemActions(false);
                 $success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
                 if ($success) {
                     osc_add_flash_ok_message(_m('Your listing has been deleted'));
                 } else {
                     osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
                 }
                 if ($this->user != null) {
                     $this->redirectTo(osc_user_list_items_url());
                 } else {
                     $this->redirectTo(osc_base_url());
                 }
             } else {
                 osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
                 $this->redirectTo(osc_base_url());
             }
             break;
         case 'deleteResources':
             // Delete images via AJAX
             $id = Params::getParam('id');
             $item = Params::getParam('item');
             $code = Params::getParam('code');
             $secret = Params::getParam('secret');
             if (Session::newInstance()->_get('userId') != '') {
                 $userId = Session::newInstance()->_get('userId');
                 $user = User::newInstance()->findByPrimaryKey($userId);
             } else {
                 $userId = null;
                 $user = null;
             }
             if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
                 osc_add_flash_error_message(_m("The selected photo couldn't be deleted, the url doesn't exist"));
                 $this->redirectTo(osc_item_edit_url($secret, $item));
             }
             $aItem = Item::newInstance()->findByPrimaryKey($item);
             if (count($aItem) == 0) {
                 osc_add_flash_error_message(_m("The listing doesn't exist"));
                 $this->redirectTo(osc_item_edit_url($secret, $item));
             }
             if (!osc_is_admin_user_logged_in()) {
                 if ($userId != null && $userId != $aItem['fk_i_user_id']) {
                     osc_add_flash_error_message(_m("The listing doesn't belong to you"));
                     $this->redirectTo(osc_item_edit_url($secret, $item));
                 }
                 if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) {
                     osc_add_flash_error_message(_m("The listing doesn't belong to you"));
                     $this->redirectTo(osc_item_edit_url($secret, $item));
                 }
             }
             $result = ItemResource::newInstance()->existResource($id, $code);
             if ($result > 0) {
                 $resource = ItemResource::newInstance()->findByPrimaryKey($id);
                 if ($resource['fk_i_item_id'] == $item) {
                     osc_deleteResource($id, false);
                     Log::newInstance()->insertLog('item', 'deleteResource', $id, $id, 'user', osc_logged_user_id());
                     ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
                     osc_add_flash_ok_message(_m('The selected photo has been successfully deleted'));
                 } else {
                     osc_add_flash_error_message(_m("The selected photo does not belong to you"));
                 }
             } else {
                 osc_add_flash_error_message(_m("The selected photo couldn't be deleted"));
             }
             $this->redirectTo(osc_item_edit_url($secret, $item));
             break;
         case 'mark':
             $id = Params::getParam('id');
             $as = Params::getParam('as');
             $item = Item::newInstance()->findByPrimaryKey($id);
             View::newInstance()->_exportVariableToView('item', $item);
             require_once osc_lib_path() . 'osclass/user-agents.php';
             foreach ($user_agents as $ua) {
                 if (preg_match('|' . $ua . '|', Params::getServerParam('HTTP_USER_AGENT'))) {
                     // mark item if it's not a bot
                     $mItem = new ItemActions(false);
                     $mItem->mark($id, $as);
                     break;
                 }
             }
             osc_add_flash_ok_message(_m("Thanks! That's very helpful"));
             $this->redirectTo(osc_item_url());
             break;
         case 'send_friend':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('item', $item);
             $this->doView('item-send-friend.php');
             break;
         case 'send_friend_post':
             osc_csrf_check();
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('item', $item);
             Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
             Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
             Session::newInstance()->_setForm("friendName", Params::getParam('friendName'));
             Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail'));
             Session::newInstance()->_setForm("message_body", Params::getParam('message'));
             if (osc_recaptcha_private_key() != '') {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                     $this->redirectTo(osc_item_send_friend_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             osc_run_hook('pre_item_send_friend_post', $item);
             $mItem = new ItemActions(false);
             $success = $mItem->send_friend();
             osc_run_hook('post_item_send_friend_post', $item);
             if ($success) {
                 Session::newInstance()->_clearVariables();
                 $this->redirectTo(osc_item_url());
             } else {
                 $this->redirectTo(osc_item_send_friend_url());
             }
             break;
         case 'contact':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             if (empty($item)) {
                 osc_add_flash_error_message(_m("This listing doesn't exist"));
                 $this->redirectTo(osc_base_url(true));
             } else {
                 $this->_exportVariableToView('item', $item);
                 if (osc_item_is_expired()) {
                     osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
                     $this->redirectTo(osc_item_url());
                 }
                 if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
                     $this->doView('item-contact.php');
                 } else {
                     osc_add_flash_error_message(_m("You can't contact the seller, only registered users can"));
                     $this->redirectTo(osc_item_url());
                 }
             }
             break;
         case 'contact_post':
             osc_csrf_check();
             if (osc_reg_user_can_contact() && !osc_is_web_user_logged_in()) {
                 osc_add_flash_warning_message(_m("You can't contact the seller, only registered users can"));
                 $this->redirectTo(osc_base_url(true));
             }
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('item', $item);
             if (osc_recaptcha_private_key() != '') {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                     Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
                     Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
                     Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
                     Session::newInstance()->_setForm("message_body", Params::getParam('message'));
                     $this->redirectTo(osc_item_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             $banned = osc_is_banned(Params::getParam('yourEmail'));
             if ($banned == 1) {
                 osc_add_flash_error_message(_m('Your current email is not allowed'));
                 $this->redirectTo(osc_item_url());
             } else {
                 if ($banned == 2) {
                     osc_add_flash_error_message(_m('Your current IP is not allowed'));
                     $this->redirectTo(osc_item_url());
                 }
             }
             if (osc_isExpired($item['dt_expiration'])) {
                 osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
                 $this->redirectTo(osc_item_url());
             }
             osc_run_hook('pre_item_contact_post', $item);
             $mItem = new ItemActions(false);
             $result = $mItem->contact();
             osc_run_hook('post_item_contact_post', $item);
             if (is_string($result)) {
                 osc_add_flash_error_message($result);
             } else {
                 osc_add_flash_ok_message(_m("We've just sent an e-mail to the seller"));
             }
             $this->redirectTo(osc_item_url());
             break;
         case 'add_comment':
             osc_csrf_check();
             $mItem = new ItemActions(false);
             $status = $mItem->add_comment();
             switch ($status) {
                 case -1:
                     $msg = _m('Sorry, we could not save your comment. Try again later');
                     osc_add_flash_error_message($msg);
                     break;
                 case 1:
                     $msg = _m('Your comment is awaiting moderation');
                     osc_add_flash_info_message($msg);
                     break;
                 case 2:
                     $msg = _m('Your comment has been approved');
                     osc_add_flash_ok_message($msg);
                     break;
                 case 3:
                     $msg = _m('Please fill the required field (email)');
                     osc_add_flash_warning_message($msg);
                     break;
                 case 4:
                     $msg = _m('Please type a comment');
                     osc_add_flash_warning_message($msg);
                     break;
                 case 5:
                     $msg = _m('Your comment has been marked as spam');
                     osc_add_flash_error_message($msg);
                     break;
                 case 6:
                     $msg = _m('You need to be logged to comment');
                     osc_add_flash_error_message($msg);
                     break;
                 case 7:
                     $msg = _m('Sorry, comments are disabled');
                     osc_add_flash_error_message($msg);
                     break;
             }
             //View::newInstance()->_exportVariableToView('item', Item::newInstance()->findByPrimaryKey(Params::getParam('id')));
             $this->redirectTo(osc_item_url());
             break;
         case 'delete_comment':
             osc_csrf_check();
             $mItem = new ItemActions(false);
             $status = $mItem->add_comment();
             // @TOFIX @FIXME $status never used + ?? need to add_comment() before deleting it??
             $itemId = Params::getParam('id');
             $commentId = Params::getParam('comment');
             $item = Item::newInstance()->findByPrimaryKey($itemId);
             if (count($item) == 0) {
                 osc_add_flash_error_message(_m("This listing doesn't exist"));
                 $this->redirectTo(osc_base_url(true));
             }
             View::newInstance()->_exportVariableToView('item', $item);
             if ($this->userId == null) {
                 osc_add_flash_error_message(_m('You must be logged in to delete a comment'));
                 $this->redirectTo(osc_item_url());
             }
             $commentManager = ItemComment::newInstance();
             $aComment = $commentManager->findByPrimaryKey($commentId);
             if (count($aComment) == 0) {
                 osc_add_flash_error_message(_m("The comment doesn't exist"));
                 $this->redirectTo(osc_item_url());
             }
             if ($aComment['b_active'] != 1) {
                 osc_add_flash_error_message(_m('The comment is not active, you cannot delete it'));
                 $this->redirectTo(osc_item_url());
             }
             if ($aComment['fk_i_user_id'] != $this->userId) {
                 osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it'));
                 $this->redirectTo(osc_item_url());
             }
             $commentManager->deleteByPrimaryKey($commentId);
             osc_add_flash_ok_message(_m('The comment has been deleted'));
             $this->redirectTo(osc_item_url());
             break;
         default:
             // if there isn't ID, show an error 404
             if (Params::getParam('id') == '') {
                 $this->do404();
                 return;
             }
             if (Params::getParam('lang') != '') {
                 Session::newInstance()->_set('userLocale', Params::getParam('lang'));
             }
             $item = osc_apply_filter('pre_show_item', $this->itemManager->findByPrimaryKey(Params::getParam('id')));
             // if item doesn't exist show an error 410
             if (count($item) == 0) {
                 $this->do410();
                 return;
             }
             if ($item['b_active'] != 1) {
                 if ($this->userId == $item['fk_i_user_id'] && $this->userId != '' || osc_is_admin_user_logged_in()) {
                     osc_add_flash_warning_message(_m("The listing hasn't been validated. Please validate it in order to make it public"));
                 } else {
                     $this->do400();
                     return;
                 }
             } else {
                 if ($item['b_enabled'] == 0) {
                     if (osc_is_admin_user_logged_in()) {
                         osc_add_flash_warning_message(_m("The listing hasn't been enabled. Please enable it in order to make it public"));
                     } else {
                         if (osc_is_web_user_logged_in() && osc_logged_user_id() == $item['fk_i_user_id']) {
                             osc_add_flash_warning_message(_m("The listing has been blocked or is awaiting moderation from the admin"));
                         } else {
                             $this->do400();
                             return;
                         }
                     }
                 }
             }
             if (!osc_is_admin_user_logged_in() && !($item['fk_i_user_id'] != '' && $item['fk_i_user_id'] == osc_logged_user_id())) {
                 require_once osc_lib_path() . 'osclass/user-agents.php';
                 foreach ($user_agents as $ua) {
                     if (preg_match('|' . $ua . '|', Params::getServerParam('HTTP_USER_AGENT'))) {
                         $mStats = new ItemStats();
                         $mStats->increase('i_num_views', $item['pk_i_id']);
                         break;
                     }
                 }
             }
             foreach ($item['locale'] as $k => $v) {
                 $item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
                 $item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
             }
             if ($item['fk_i_user_id'] != '') {
                 $user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']);
                 $this->_exportVariableToView('user', $user);
             }
             $this->_exportVariableToView('item', $item);
             osc_run_hook('show_item', $item);
             // redirect to the correct url just in case it has changed
             $itemURI = str_replace(osc_base_url(), '', osc_item_url());
             $URI = preg_replace('|^' . REL_WEB_URL . '|', '', Params::getServerParam('REQUEST_URI', false, false));
             // do not clean QUERY_STRING if permalink is not enabled
             if (osc_rewrite_enabled()) {
                 $URI = str_replace('?' . Params::getServerParam('QUERY_STRING', false, false), '', $URI);
             } else {
                 $params_keep = array('page', 'id');
                 $params = array();
                 foreach (Params::getParamsAsArray('get') as $k => $v) {
                     if (in_array($k, $params_keep)) {
                         $params[] = "{$k}={$v}";
                     }
                 }
                 $URI = 'index.php?' . implode('&', $params);
             }
             // redirect to the correct url
             if ($itemURI != $URI) {
                 $this->redirectTo(osc_base_url() . $itemURI, 301);
             }
             $this->doView('item.php');
             break;
     }
 }
Пример #23
0
    <div id="contact" class="widget-box form-container form-vertical">
        <h2><?php 
_e("Contact publisher", 'bender');
?>
</h2>
        <?php 
if (osc_item_is_expired()) {
    ?>
            <p>
                <?php 
    _e("The listing is expired. You can't contact the publisher.", 'bender');
    ?>
            </p>
        <?php 
} else {
    if (osc_logged_user_id() == osc_item_user_id() && osc_logged_user_id() != 0) {
        ?>
            <p>
                <?php 
        _e("It's your own listing, you can't contact the publisher.", 'bender');
        ?>
            </p>
        <?php 
    } else {
        if (osc_reg_user_can_contact() && !osc_is_web_user_logged_in()) {
            ?>
            <p>
                <?php 
            _e("You must log in or register a new account in order to contact the advertiser", 'bender');
            ?>
            </p>
Пример #24
0
                ?>
<br/>
                    </div>
                    <div class="payments-options">
                        <?php 
                _e("In order to make visible your ad to other users, it's required to pay a fee", 'payment');
                ?>
.<br/>
                        <?php 
                echo sprintf(__('The current fee for this category is: %.2f %s', 'payment'), $category_fee, osc_get_preference('currency', 'payment'));
                ?>
<br/>
                        <ul class="payments-ul">
                            <?php 
                if (osc_is_web_user_logged_in()) {
                    $wallet = ModelPayment::newInstance()->getWallet(osc_logged_user_id());
                    if (isset($wallet['formatted_amount']) && $wallet['formatted_amount'] >= $category_fee) {
                        wallet_button($category_fee, sprintf(__('Publish fee for item %d at %s', 'payment'), $item['pk_i_id'], osc_page_title()), "101x" . $item['fk_i_category_id'] . "x" . $item['pk_i_id'], array('user' => $item['fk_i_user_id'], 'itemid' => $item['pk_i_id'], 'email' => $item['s_contact_email']));
                    } else {
                        payment_buttons($category_fee, sprintf(__('Publish fee for item %d at %s', 'payment'), $item['pk_i_id'], osc_page_title()), "101x" . $item['fk_i_category_id'] . "x" . $item['pk_i_id'], array('user' => $item['fk_i_user_id'], 'itemid' => $item['pk_i_id'], 'email' => $item['s_contact_email']));
                    }
                } else {
                    payment_buttons($category_fee, sprintf(__('Publish fee for item %d at %s', 'payment'), $item['pk_i_id'], osc_page_title()), "101x" . $item['fk_i_category_id'] . "x" . $item['pk_i_id'], array('user' => $item['fk_i_user_id'], 'itemid' => $item['pk_i_id'], 'email' => $item['s_contact_email']));
                }
                ?>
                        </ul>
                    </div>
                    <div style="clear:both;"></div>
                    <?php 
                payment_buttons_js();
                ?>
Пример #25
0
 /**
  * Delete resources by primary key
  *
  * @access public
  * @since 3.1.1
  * @param int $id item id
  * @return bool
  */
 public function deleteResourcesFromHD( $id )
 {
     $resources = ItemResource::newInstance()->getAllResourcesFromItem($id);
     Log::newInstance()->insertLog('Item', 'deleteResourcesFromHD', $id, $id, OC_ADMIN?'admin':'user', OC_ADMIN?osc_logged_admin_id():osc_logged_user_id());
     $log_ids = '';
     foreach($resources as $resource) {
         osc_deleteResource($resource['pk_i_id'], OC_ADMIN);
         $log_ids .= $resource['pk_i_id'].",";
     }
     Log::newInstance()->insertLog('Item', 'deleteResourcesFromHD', $id, substr($log_ids,0, 250), OC_ADMIN?'admin':'user', OC_ADMIN?osc_logged_admin_id():osc_logged_user_id());
 }
Пример #26
0
 public static function user_id_hidden()
 {
     parent::generic_input_hidden('alert_userId', osc_logged_user_id());
     return true;
 }
Пример #27
0
<?php

$conn = getConnection();
$newPMdrafts = $conn->osc_dbFetchResults("SELECT * FROM %st_pm_drafts WHERE sender_id  = '%d' ORDER BY pm_id DESC", DB_TABLE_PREFIX, osc_logged_user_id());
$countPMdrafts = count($newPMdrafts);
?>
<div class="content user_account">
    <div id="main">
    </div>
</div>
Пример #28
0
<?php

$i_userId = osc_logged_user_id();
if (Params::getParam('delete') != '' && osc_is_web_user_logged_in()) {
    delete_item(Params::getParam('delete'), $i_userId);
}
$itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 5;
$iPage = Params::getParam('iPage') != '' ? Params::getParam('iPage') : 0;
Search::newInstance()->addConditions(sprintf("%st_item_watchlist.fk_i_user_id = %d", DB_TABLE_PREFIX, $i_userId));
Search::newInstance()->addConditions(sprintf("%st_item_watchlist.fk_i_item_id = %st_item.pk_i_id", DB_TABLE_PREFIX, DB_TABLE_PREFIX));
Search::newInstance()->addTable(sprintf("%st_item_watchlist", DB_TABLE_PREFIX));
Search::newInstance()->page($iPage, $itemsPerPage);
$aItems = Search::newInstance()->doSearch();
$iTotalItems = Search::newInstance()->count();
$iNumPages = ceil($iTotalItems / $itemsPerPage);
View::newInstance()->_exportVariableToView('items', $aItems);
View::newInstance()->_exportVariableToView('search_total_pages', $iNumPages);
View::newInstance()->_exportVariableToView('search_page', $iPage);
// delete item from watchlist
function delete_item($item, $uid)
{
    $conn = getConnection();
    $conn->osc_dbExec("DELETE FROM %st_item_watchlist WHERE fk_i_item_id = %d AND fk_i_user_id = %d LIMIT 1", DB_TABLE_PREFIX, $item, $uid);
}
?>
<div class="row">
    <?php 
osc_current_web_theme_path('user-sidebar.php');
?>
    <div class="col-sm-8 col-md-9">
        <h1 class="title">
Пример #29
0
    case "UNFOLLOW":
        if (osc_is_web_user_logged_in()) {
            $user_id = osc_logged_user_id();
            $seller_id = Params::getParam("seller-id");
            $return_url = Params::getParam("return_url");
            nc_osc_delete_follow($user_id, $seller_id);
            header('Location:' . htmlspecialchars_decode($return_url));
        }
        break;
    case "ADD-WATCHLIST":
        if (osc_is_web_user_logged_in()) {
            $user_id = osc_logged_user_id();
            $item_id = Params::getParam("item_id");
            $return_url = Params::getParam("return_url");
            nc_osc_add_watchllist($user_id, $item_id);
            $aItem = Item::newInstance()->findByPrimaryKey($item_id);
            $item_title = $aItem['s_title'];
            osc_add_flash_ok_message($item_title . " is added to your watch list.");
            header('Location:' . htmlspecialchars_decode($return_url));
        }
        break;
    case "REMOVE-WATCHLIST":
        if (osc_is_web_user_logged_in()) {
            $user_id = osc_logged_user_id();
            $item_id = Params::getParam("item_id");
            $return_url = Params::getParam("return_url");
            nc_osc_remove_watchlist($user_id, $item_id);
            header('Location:' . htmlspecialchars_decode($return_url));
        }
        break;
}
function pop_ajax_load_more()
{
    $array = Params::getParamsAsArray();
    if ($array['_page'] == 'user') {
        if ($array['_action'] == 'pub_profile') {
            if ($array['username'] != '') {
                $_user = User::newInstance()->findByUsername($array['username']);
                $array['id'] = $_user['pk_i_id'];
            }
            $params['author'] = $array['id'];
            $params['results_per_page'] = isset($array['_offset']) ? $array['_offset'] : osc_default_results_per_page_at_search();
            $params['page'] = isset($array['iPage']) ? $array['iPage'] - 1 : 0;
        }
        if ($array['_action'] == 'items') {
            $params['author'] = osc_logged_user_id();
            $params['results_per_page'] = 10;
            // core default
            $params['page'] = isset($array['iPage']) ? $array['iPage'] - 1 : 0;
        }
        osc_query_item($params);
        $result = View::newInstance()->_get('customItems');
        echo _pop_print_listing_card($result);
        exit;
    }
    if ($array['_page'] == 'search' || $array['_page'] == '') {
        if (osc_rewrite_enabled()) {
            if (REL_WEB_URL != '/') {
                $base_url = str_replace(REL_WEB_URL, '', osc_base_url());
            } else {
                $base_url = osc_base_url();
            }
            $_SERVER['REQUEST_URI'] = preg_replace('|^' . $base_url . '|', '', osc_search_url(Params::getParamsAsArray()));
            osc_add_hook('before_html', 'pop_ob_start_');
            osc_add_hook('after_html', 'pop_ob_clean_');
            osc_add_hook('after_search', 'pop_echo_pop_print_listing_card');
        }
        require_once osc_lib_path() . 'osclass/controller/search.php';
        $do = new CWebSearch();
        $do->doModel();
        exit;
    }
}