function doModel() { switch ($this->action) { case 'logout': // unset only the required parameters in Session Session::newInstance()->_drop('adminId'); Session::newInstance()->_drop('adminUserName'); Session::newInstance()->_drop('adminName'); Session::newInstance()->_drop('adminEmail'); Session::newInstance()->_drop('adminLocale'); Cookie::newInstance()->pop('oc_adminId'); Cookie::newInstance()->pop('oc_adminSecret'); Cookie::newInstance()->pop('oc_adminLocale'); Cookie::newInstance()->set(); $this->redirectTo(osc_admin_base_url(true)); break; default: //default dashboard page (main page at oc-admin) $this->_exportVariableToView("numUsers", User::newInstance()->count()); $this->_exportVariableToView("numAdmins", Admin::newInstance()->count()); $this->_exportVariableToView("numItems", Item::newInstance()->count()); $this->_exportVariableToView("numItemsSpam", Item::newInstance()->totalItems(null, 'SPAM')); $this->_exportVariableToView("numItemsBlock", Item::newInstance()->totalItems(null, 'DISABLED')); $this->_exportVariableToView("numItemsInactive", Item::newInstance()->totalItems(null, 'INACTIVE')); $this->_exportVariableToView("numItemsPerCategory", osc_get_non_empty_categories()); $this->_exportVariableToView("newsList", osc_listNews()); $this->_exportVariableToView("comments", ItemComment::newInstance()->getLastComments(5)); //calling the view... $this->doView('main/index.php'); } }
function doModel() { switch ($this->action) { case 'change_email_confirm': //change email confirm if (Params::getParam('userId') && Params::getParam('code')) { $userManager = new User(); $user = $userManager->findByPrimaryKey(Params::getParam('userId')); if ($user['s_pass_code'] == Params::getParam('code') && $user['b_enabled'] == 1) { $userEmailTmp = UserEmailTmp::newInstance()->findByPk(Params::getParam('userId')); $code = osc_genRandomPassword(50); $userManager->update(array('s_email' => $userEmailTmp['s_new_email']), array('pk_i_id' => $userEmailTmp['fk_i_user_id'])); Item::newInstance()->update(array('s_contact_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); ItemComment::newInstance()->update(array('s_author_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); Alerts::newInstance()->update(array('s_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); Session::newInstance()->_set('userEmail', $userEmailTmp['s_new_email']); UserEmailTmp::newInstance()->delete(array('s_new_email' => $userEmailTmp['s_new_email'])); osc_add_flash_ok_message(_m('Your email has been changed successfully')); $this->redirectTo(osc_user_profile_url()); } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); $this->redirectTo(osc_base_url()); } } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); $this->redirectTo(osc_base_url()); } break; case 'activate_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $result = 0; if ($email != '' && $secret != '') { $result = Alerts::newInstance()->activate($email, $secret); } if ($result == 1) { osc_add_flash_ok_message(_m('Alert activated')); } else { osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator')); } $this->redirectTo(osc_base_url(true)); break; case 'unsub_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); if ($email != '' && $secret != '') { Alerts::newInstance()->delete(array('s_email' => $email, 'S_secret' => $secret)); osc_add_flash_ok_message(_m('Unsubscribed correctly')); } else { osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator')); } $this->redirectTo(osc_base_url()); break; default: $this->redirectTo(osc_user_login_url()); break; } }
public function table($params) { $this->addTableHeader(); $this->getDBParams($params); $comments = ItemComment::newInstance()->search($this->resourceID, $this->start, $this->limit, $this->order_by['column_name'] ? $this->order_by['column_name'] : 'pk_i_id', $this->order_by['type'] ? $this->order_by['type'] : 'desc', $this->showAll); $this->processData($comments); if ($this->showAll) { $this->total = ItemComment::newInstance()->countAll(); } else { $this->total = ItemComment::newInstance()->countAll('( c.b_active = 0 OR c.b_enabled = 0 OR c.b_spam = 1 )'); } if ($this->resourceID == null) { $this->total_filtered = $this->total; } else { $this->total_filtered = ItemComment::newInstance()->count($this->resourceID); } return $this->getData(); }
function __construct($params) { $this->_get = $params; $this->getDBParams(); // force ORDER BY $this->order_by['column_name'] = $this->column_names[3]; $this->order_by['type'] = 'desc'; $this->comments = ItemComment::newInstance()->search($this->resourceID, $this->start, $this->limit, $this->order_by['column_name'] ? $this->order_by['column_name'] : 'pk_i_id', $this->order_by['type'] ? $this->order_by['type'] : 'desc', $this->showAll); if ($this->showAll) { $this->total = ItemComment::newInstance()->countAll(); } else { $this->total = ItemComment::newInstance()->countAll('( c.b_active = 0 OR c.b_enabled = 0 OR c.b_spam = 1 )'); } if ($this->resourceID == null) { $this->total_filtered = $this->total; } else { $this->total_filtered = ItemComment::newInstance()->count($this->resourceID); } }
function edit($userId) { $input = $this->prepareData(false); $this->manager->update($input, array('pk_i_id' => $userId)); if ($this->is_admin) { Item::newInstance()->update(array('s_contact_name' => $input['s_name'], 's_contact_email' => $input['s_email']), array('fk_i_user_id' => $userId)); ItemComment::newInstance()->update(array('s_author_name' => $input['s_name'], 's_author_email' => $input['s_email']), array('fk_i_user_id' => $userId)); Alerts::newInstance()->update(array('s_email' => $input['s_email']), array('fk_i_user_id' => $userId)); Log::newInstance()->insertLog('user', 'edit', $userId, $input['s_email'], $this->is_admin ? 'admin' : 'user', $this->is_admin ? osc_logged_admin_id() : osc_logged_user_id()); } else { Item::newInstance()->update(array('s_contact_name' => $input['s_name']), array('fk_i_user_id' => $userId)); ItemComment::newInstance()->update(array('s_author_name' => $input['s_name']), array('fk_i_user_id' => $userId)); $user = $this->manager->findByPrimaryKey($userId); Log::newInstance()->insertLog('user', 'edit', $userId, $user['s_email'], $this->is_admin ? 'admin' : 'user', $this->is_admin ? osc_logged_admin_id() : osc_logged_user_id()); } Session::newInstance()->_set('userName', $input['s_name']); $phone = $input['s_phone_mobile'] ? $input['s_phone_mobile'] : $input['s_phone_land']; Session::newInstance()->_set('userPhone', $phone); if (is_array(Params::getParam('s_info'))) { foreach (Params::getParam('s_info') as $key => $value) { $this->manager->updateDescription($userId, $key, $value); } } osc_run_hook('user_edit_completed', $userId); if ($this->is_admin) { $iUpdated = 0; if (Params::getParam("b_enabled") != '' && Params::getParam("b_enabled") == 1) { $iUpdated += $this->manager->update(array('b_enabled' => 1), array('pk_i_id' => $userId)); } else { $iUpdated += $this->manager->update(array('b_enabled' => 0), array('pk_i_id' => $userId)); } if (Params::getParam("b_active") != '' && Params::getParam("b_active") == 1) { $iUpdated += $this->manager->update(array('b_active' => 1), array('pk_i_id' => $userId)); } else { $iUpdated += $this->manager->update(array('b_active' => 0), array('pk_i_id' => $userId)); } if ($iUpdated > 0) { return 2; } } return 0; }
public function add_comment() { $aItem = $this->prepareDataForFunction('add_comment'); $authorName = trim($aItem['authorName']); $authorName = strip_tags($authorName); $authorEmail = trim($aItem['authorEmail']); $authorEmail = strip_tags($authorEmail); $body = trim($aItem['body']); $body = strip_tags($body); $title = $aItem['title']; $itemId = $aItem['id']; $userId = $aItem['userId']; $status_num = -1; $item = $this->manager->findByPrimaryKey($itemId); $itemURL = osc_item_url(); Params::setParam('itemURL', $itemURL); if ($authorName == '' || !preg_match('|^.*?@.{2,}\\..{2,3}$|', $authorEmail)) { return 3; } if ($body == '') { return 4; } $num_moderate_comments = osc_moderate_comments(); if ($userId == null) { $num_comments = 0; } else { $num_comments = count(ItemComment::newInstance()->findByAuthorID($userId)); } if ($num_moderate_comments == -1 || $num_moderate_comments != 0 && $num_comments >= $num_moderate_comments) { $status = 'ACTIVE'; $status_num = 2; } else { $status = 'INACTIVE'; $status_num = 1; } if (osc_akismet_key()) { require_once LIB_PATH . 'Akismet.class.php'; $akismet = new Akismet(osc_base_url(), osc_akismet_key()); $akismet->setCommentAuthor($authorName); $akismet->setCommentAuthorEmail($authorEmail); $akismet->setCommentContent($body); $akismet->setPermalink($itemURL); $status = $akismet->isCommentSpam() ? 'SPAM' : $status; if ($status == 'SPAM') { $status_num = 5; } } $mComments = ItemComment::newInstance(); $aComment = array('dt_pub_date' => DB_FUNC_NOW, 'fk_i_item_id' => $itemId, 's_author_name' => $authorName, 's_author_email' => $authorEmail, 's_title' => $title, 's_body' => $body, 'e_status' => $status, 'fk_i_user_id' => $userId); if ($mComments->insert($aComment)) { $notify = osc_notify_new_comment(); $admin_email = osc_contact_email(); $prefLocale = osc_language(); //Notify admin if ($notify) { $mPages = new Page(); $aPage = $mPages->findByInternalName('email_new_comment_admin'); $locale = osc_current_user_locale(); $content = array(); if (isset($aPage['locale'][$locale]['s_title'])) { $content = $aPage['locale'][$locale]; } else { $content = current($aPage['locale']); } $words = array(); $words[] = array('{COMMENT_AUTHOR}', '{COMMENT_EMAIL}', '{COMMENT_TITLE}', '{COMMENT_TEXT}', '{ITEM_TITLE}', '{ITEM_ID}', '{ITEM_URL}'); $words[] = array($authorName, $authorEmail, $title, $body, $item['s_title'], $itemId, $itemURL); $title_email = osc_mailBeauty($content['s_title'], $words); $body_email = osc_mailBeauty($content['s_text'], $words); $from = osc_contact_email(); $from_name = osc_page_title(); if (osc_notify_contact_item()) { $add_bbc = osc_contact_email(); } $emailParams = array('from' => $admin_email, 'from_name' => __('Admin mail system'), 'subject' => $title_email, 'to' => $admin_email, 'to_name' => __('Admin mail system'), 'body' => $body_email, 'alt_body' => $body_email); osc_sendMail($emailParams); } osc_run_hook('add_comment', $item); return $status_num; } return -1; }
foreach ($users as $user) { $comments = count(ItemComment::newInstance()->findByAuthorID($user['pk_i_id'])); $items = count(Item::newInstance()->findByUserIDEnabled($user['pk_i_id'])); User::newInstance()->update(array('i_items' => $items, 'i_comments' => $comments), array('pk_i_id' => $user['pk_i_id'])); // CHANGE FROM b_enabled to b_active User::newInstance()->update(array('b_active' => $user['b_enabled'], 'b_enabled' => 1), array('pk_i_id' => $user['pk_i_id'])); } unset($users); $items = $conn->osc_dbFetchResults(sprintf("SELECT * FROM %st_item", DB_TABLE_PREFIX)); foreach ($items as $item) { Item::newInstance()->update(array("b_active" => $item['e_status'] == 'ACTIVE' ? 1 : 0, 'b_enabled' => 1), array('pk_i_id' => $item['pk_i_id'])); } unset($items); $comments = $conn->osc_dbFetchResults(sprintf("SELECT * FROM %st_item_comment", DB_TABLE_PREFIX)); foreach ($comments as $comment) { ItemComment::newInstance()->update(array("b_active" => $comment['e_status'] == 'ACTIVE' ? 1 : 0, 'b_enabled' => 1), array('pk_i_id' => $comment['pk_i_id'])); } unset($comments); // Drop e_status column in t_item and t_item_comment $conn->osc_dbExec(sprintf("ALTER TABLE %st_item DROP e_status", DB_TABLE_PREFIX)); $conn->osc_dbExec(sprintf("ALTER TABLE %st_item_comment DROP e_status", DB_TABLE_PREFIX)); // Delete enabled_item_validation in t_preference $conn->osc_dbExec(sprintf("DELETE FROM %st_preference WHERE s_name = 'enabled_item_validation'", DB_TABLE_PREFIX)); // insert two new e-mail notifications $conn->osc_dbExec(sprintf("INSERT INTO %st_pages (s_internal_name, b_indelible, dt_pub_date) VALUES ('email_alert_validation', 1, '%s' )", DB_TABLE_PREFIX, date('Y-m-d H:i:s'))); $conn->osc_dbExec(sprintf("INSERT INTO %st_pages_description (fk_i_pages_id, fk_c_locale_code, s_title, s_text) VALUES (%d, 'en_US', 'Please validate your alert', '<p>Hi {USER_NAME},</p>\n<p>Please validate your alert registration by clicking on the following link: {VALIDATION_LINK}</p>\n<p>Thank you!</p>\n<p>Regards,</p>\n<p>{WEB_TITLE}</p>')", DB_TABLE_PREFIX, $conn->get_last_id())); $conn->osc_dbExec(sprintf("INSERT INTO %st_pages (s_internal_name, b_indelible, dt_pub_date) VALUES ('email_comment_validated', 1, '%s' )", DB_TABLE_PREFIX, date('Y-m-d H:i:s'))); $conn->osc_dbExec(sprintf("INSERT INTO %st_pages_description (fk_i_pages_id, fk_c_locale_code, s_title, s_text) VALUES (%d, 'en_US', '{WEB_TITLE} - Your comment has been approved', '<p>Hi {COMMENT_AUTHOR},</p>\n<p>Your comment has been approved on the following item: {ITEM_URL}</p>\n<p>Regards,</p>\n<p>{WEB_TITLE}</p>')", DB_TABLE_PREFIX, $conn->get_last_id())); osc_changeVersionTo(210); } if (osc_version() < 220) {
/** * Delete an user given its id * * @access public * @since unknown * @param int $id * @return bool */ public function deleteUser($id = null) { if ($id != null) { osc_run_hook('delete_user', $id); $this->dao->select('pk_i_id, fk_i_category_id'); $this->dao->from(DB_TABLE_PREFIX . "t_item"); $this->dao->where('fk_i_user_id', $id); $result = $this->dao->get(); $items = $result->result(); $itemManager = Item::newInstance(); foreach ($items as $item) { $itemManager->deleteByPrimaryKey($item['pk_i_id']); } ItemComment::newInstance()->delete(array('fk_i_user_id' => $id)); $this->dao->delete(DB_TABLE_PREFIX . 't_user_email_tmp', array('fk_i_user_id' => $id)); $this->dao->delete(DB_TABLE_PREFIX . 't_user_description', array('fk_i_user_id' => $id)); $this->dao->delete(DB_TABLE_PREFIX . 't_alerts', array('fk_i_user_id' => $id)); return $this->dao->delete($this->getTableName(), array('pk_i_id' => $id)); } return false; }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'bulk_actions': osc_csrf_check(); $id = Params::getParam('id'); if ($id) { switch (Params::getParam('bulk_actions')) { case 'delete_all': $this->itemCommentManager->delete(array(DB_CUSTOM_COND => 'pk_i_id IN (' . implode(', ', $id) . ')')); foreach ($id as $_id) { $iUpdated = $this->itemCommentManager->delete(array('pk_i_id' => $_id)); osc_add_hook("delete_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been deleted'), 'admin'); break; case 'activate_all': foreach ($id as $_id) { $iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $_id)); if ($iUpdated) { $this->sendCommentActivated($_id); } osc_add_hook("activate_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been approved'), 'admin'); break; case 'deactivate_all': foreach ($id as $_id) { $this->itemCommentManager->update(array('b_active' => 0), array('pk_i_id' => $_id)); osc_add_hook("deactivate_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been disapproved'), 'admin'); break; case 'enable_all': foreach ($id as $_id) { $iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $_id)); if ($iUpdated) { $this->sendCommentActivated($_id); } osc_add_hook("enable_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been unblocked'), 'admin'); break; case 'disable_all': foreach ($id as $_id) { $this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $_id)); osc_add_hook("disable_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been blocked'), 'admin'); break; default: if (Params::getParam("bulk_actions") != "") { osc_run_hook("item_bulk_" . Params::getParam("bulk_actions"), Params::getParam('id')); } break; } } $this->redirectTo(osc_admin_base_url(true) . "?page=comments"); break; case 'status': osc_csrf_check(); $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) { return false; } if ($value == 'ACTIVE') { $iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $id)); if ($iUpdated) { $this->sendCommentActivated($id); } osc_add_hook("activate_comment", $id); osc_add_flash_ok_message(_m('The comment has been approved'), 'admin'); } else { if ($value == 'INACTIVE') { $iUpdated = $this->itemCommentManager->update(array('b_active' => 0), array('pk_i_id' => $id)); osc_add_hook("deactivate_comment", $id); osc_add_flash_ok_message(_m('The comment has been disapproved'), 'admin'); } else { if ($value == 'ENABLE') { $iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $id)); osc_add_hook("enable_comment", $id); osc_add_flash_ok_message(_m('The comment has been enabled'), 'admin'); } else { if ($value == 'DISABLE') { $iUpdated = $this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $id)); osc_add_hook("disable_comment", $id); osc_add_flash_ok_message(_m('The comment has been disabled'), 'admin'); } } } } $this->redirectTo(osc_admin_base_url(true) . "?page=comments"); break; case 'comment_edit': $comment = ItemComment::newInstance()->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('comment', $comment); $this->doView('comments/frm.php'); break; case 'comment_edit_post': osc_csrf_check(); $msg = ''; if (!osc_validate_email(Params::getParam('authorEmail'), true)) { $msg .= _m('Email is not correct') . "<br/>"; } if (!osc_validate_text(Params::getParam('body'), 1, true)) { $msg .= _m('Comment is required') . "<br/>"; } if ($msg != '') { osc_add_flash_error_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=comments&action=comment_edit&id=" . Params::getParam('id')); } $this->itemCommentManager->update(array('s_title' => Params::getParam('title'), 's_body' => Params::getParam('body'), 's_author_name' => Params::getParam('authorName'), 's_author_email' => Params::getParam('authorEmail')), array('pk_i_id' => Params::getParam('id'))); osc_run_hook('edit_comment', Params::getParam('id')); osc_add_flash_ok_message(_m('Great! We just updated your comment'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=comments"); break; case 'delete': osc_csrf_check(); $this->itemCommentManager->deleteByPrimaryKey(Params::getParam('id')); osc_add_flash_ok_message(_m('The comment has been deleted'), 'admin'); osc_run_hook('delete_comment', Params::getParam('id')); $this->redirectTo(osc_admin_base_url(true) . "?page=comments"); break; default: require_once osc_lib_path() . "osclass/classes/datatables/CommentsDataTable.php"; // set default iDisplayLength if (Params::getParam('iDisplayLength') != '') { Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength')); Cookie::newInstance()->set(); } else { // set a default value if it's set in the cookie if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') { Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength')); } else { Params::setParam('iDisplayLength', 10); } } $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength')); // Table header order by related if (Params::getParam('sort') == '') { Params::setParam('sort', 'date'); } if (Params::getParam('direction') == '') { Params::setParam('direction', 'desc'); } $page = (int) Params::getParam('iPage'); if ($page == 0) { $page = 1; } Params::setParam('iPage', $page); $params = Params::getParamsAsArray(); $commentsDataTable = new CommentsDataTable(); $commentsDataTable->table($params); $aData = $commentsDataTable->getData(); if (count($aData['aRows']) == 0 && $page != 1) { $total = (int) $aData['iTotalDisplayRecords']; $maxPage = ceil($total / (int) $aData['iDisplayLength']); $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false); if ($maxPage == 0) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url); $this->redirectTo($url); } if ($page > 1) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url); $this->redirectTo($url); } } $this->_exportVariableToView('aData', $aData); $this->_exportVariableToView('aRawRows', $commentsDataTable->rawRows()); $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Delete'))), 'label' => __('Delete')), array('value' => 'activate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Activate'))), 'label' => __('Activate')), array('value' => 'deactivate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Deactivate'))), 'label' => __('Deactivate')), array('value' => 'disable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Block'))), 'label' => __('Block')), array('value' => 'enable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Unblock'))), 'label' => __('Unblock'))); $bulk_options = osc_apply_filter("comment_bulk_filter", $bulk_options); $this->_exportVariableToView('bulk_options', $bulk_options); $this->doView('comments/index.php'); break; } }
function osc_admin_toolbar_comments() { $total = ItemComment::newInstance()->countAll('( c.b_active = 0 OR c.b_enabled = 0 OR c.b_spam = 1 )'); if ($total > 0) { $title = '<i class="circle circle-green">' . $total . '</i>' . __('New comments'); AdminToolbar::newInstance()->add_menu(array('id' => 'comments', 'title' => $title, 'href' => osc_admin_base_url(true) . "?page=comments", 'meta' => array('class' => 'action-btn action-btn-black'))); } }
function doModel() { //calling the view... $locales = OSCLocale::newInstance()->listAllEnabled(); $this->_exportVariableToView('locales', $locales); switch ($this->action) { case 'item_add': // post if (osc_reg_user_post() && $this->user == null) { // CHANGEME: This text osc_add_flash_error_message(_m('Only registered users are allowed to post items')); $this->redirectTo(osc_user_login_url()); } $countries = Country::newInstance()->listAll(); $regions = array(); if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') { $regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']); } else { if (count($countries) > 0) { $regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']); } } $cities = array(); if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') { $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']); } else { if (count($regions) > 0) { $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']); } } $this->_exportVariableToView('countries', $countries); $this->_exportVariableToView('regions', $regions); $this->_exportVariableToView('cities', $cities); $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } if (Session::newInstance()->_getForm('countryId') != "") { $countryId = Session::newInstance()->_getForm('countryId'); $regions = Region::newInstance()->getByCountry($countryId); $this->_exportVariableToView('regions', $regions); if (Session::newInstance()->_getForm('regionId') != "") { $regionId = Session::newInstance()->_getForm('regionId'); $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regionId); $this->_exportVariableToView('cities', $cities); } } $this->_exportVariableToView('user', $this->user); osc_run_hook('post_item'); $this->doView('item-post.php'); break; case 'item_add_post': //post_item if (osc_reg_user_post() && $this->user == null) { osc_add_flash_error_message(_m('Only registered users are allowed to post items')); $this->redirectTo(osc_base_url(true)); } $mItems = new ItemActions(false); // prepare data for ADD ITEM $mItems->prepareData(true); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_post_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } // POST ITEM ( ADD ITEM ) $success = $mItems->add(); if ($success != 1 && $success != 2) { osc_add_flash_error_message($success); $this->redirectTo(osc_item_post_url()); } else { Session::newInstance()->_dropkeepForm('meta_' . $key); if ($success == 1) { osc_add_flash_ok_message(_m('Check your inbox to verify your email address')); } else { osc_add_flash_ok_message(_m('Your item has been published')); } $itemId = Params::getParam('itemId'); $item = $this->itemManager->findByPrimaryKey($itemId); osc_run_hook('posted_item', $item); $category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId')); View::newInstance()->_exportVariableToView('category', $category); $this->redirectTo(osc_search_category_url()); } break; case 'item_edit': // edit item $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId); if (count($item) == 1) { $item = Item::newInstance()->findByPrimaryKey($id); $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } $this->_exportVariableToView('item', $item); osc_run_hook("before_item_edit", $item); $this->doView('item-edit.php'); } else { // add a flash message [ITEM NO EXISTE] osc_add_flash_error_message(_m('Sorry, we don\'t have any items with that ID')); if ($this->user != null) { $this->redirectTo(osc_user_list_items_url()); } else { $this->redirectTo(osc_base_url()); } } break; case 'item_edit_post': // recoger el secret y el $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId); if (count($item) == 1) { $this->_exportVariableToView('item', $item[0]); $mItems = new ItemActions(false); // prepare data for ADD ITEM $mItems->prepareData(false); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_post_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $success = $mItems->edit(); osc_run_hook('edited_item', Item::newInstance()->findByPrimaryKey($id)); if ($success == 1) { osc_add_flash_ok_message(_m('Great! We\'ve just updated your item')); $this->redirectTo(osc_base_url(true) . "?page=item&id={$id}"); } else { osc_add_flash_error_message($success); $this->redirectTo(osc_item_edit_url($secret)); } } break; case 'activate': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId); View::newInstance()->_exportVariableToView('item', $item[0]); if ($item[0]['b_active'] == 0) { // ACTIVETE ITEM $mItems = new ItemActions(false); $success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']); if ($success) { osc_add_flash_ok_message(_m('The item has been validated')); } else { osc_add_flash_error_message(_m('The item can\'t be validated')); } } else { osc_add_flash_error_message(_m('The item has already been validated')); } $this->redirectTo(osc_item_url()); break; case 'item_delete': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId); if (count($item) == 1) { $mItems = new ItemActions(false); $success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']); if ($success) { osc_add_flash_ok_message(_m('Your item has been deleted')); } else { osc_add_flash_error_message(_m('The item you are trying to delete couldn\'t be deleted')); } if ($this->user != null) { $this->redirectTo(osc_user_list_items_url()); } else { $this->redirectTo(osc_base_url()); } } else { osc_add_flash_error_message(_m('The item you are trying to delete couldn\'t be deleted')); $this->redirectTo(osc_base_url()); } break; case 'mark': $mItem = new ItemActions(false); $id = Params::getParam('id'); $as = Params::getParam('as'); $item = Item::newInstance()->findByPrimaryKey($id); View::newInstance()->_exportVariableToView('item', $item); $mItem->mark($id, $as); osc_add_flash_ok_message(_m('Thanks! That\'s very helpful')); $this->redirectTo(osc_item_url()); break; case 'send_friend': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); $this->doView('item-send-friend.php'); break; case 'send_friend_post': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail')); Session::newInstance()->_setForm("yourName", Params::getParam('yourName')); Session::newInstance()->_setForm("friendName", Params::getParam('friendName')); Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail')); Session::newInstance()->_setForm("message_body", Params::getParam('message')); if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_send_friend_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $mItem = new ItemActions(false); $success = $mItem->send_friend(); if ($success) { Session::newInstance()->_clearVariables(); $this->redirectTo(osc_item_url()); } else { $this->redirectTo(osc_item_send_friend_url()); } break; case 'contact': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); if (empty($item)) { osc_add_flash_error_message(_m('This item doesn\'t exist')); $this->redirectTo(osc_base_url(true)); } else { $this->_exportVariableToView('item', $item); if (osc_item_is_expired()) { osc_add_flash_error_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller')); $this->redirectTo(osc_item_url()); } if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) { $this->doView('item-contact.php'); } else { osc_add_flash_error_message(_m('You can\'t contact the seller, only registered users can')); $this->redirectTo(osc_item_url()); } } break; case 'contact_post': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail')); Session::newInstance()->_setForm("yourName", Params::getParam('yourName')); Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber')); Session::newInstance()->_setForm("message_body", Params::getParam('message')); $this->redirectTo(osc_item_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']); if ($category['i_expiration_days'] > 0) { $item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600); $date = time(); if ($item_date < $date && $item['b_premium'] != 1) { // The item is expired, we can not contact the seller osc_add_flash_error_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller')); $this->redirectTo(osc_item_url()); } } $mItem = new ItemActions(false); $result = $mItem->contact(); if (is_string($result)) { osc_add_flash_error_message($result); } else { osc_add_flash_ok_message(_m('We\'ve just sent an e-mail to the seller')); } $this->redirectTo(osc_item_url()); break; case 'add_comment': $mItem = new ItemActions(false); $status = $mItem->add_comment(); switch ($status) { case -1: $msg = _m('Sorry, we could not save your comment. Try again later'); osc_add_flash_error_message($msg); break; case 1: $msg = _m('Your comment is awaiting moderation'); osc_add_flash_error_message($msg); break; case 2: $msg = _m('Your comment has been approved'); osc_add_flash_ok_message($msg); break; case 3: $msg = _m('Please fill the required fields (name, email)'); osc_add_flash_error_message($msg); break; case 4: $msg = _m('Please type a comment'); osc_add_flash_error_message($msg); break; case 5: $msg = _m('Your comment has been marked as spam'); osc_add_flash_error_message($msg); break; } $this->redirectTo(osc_item_url()); break; case 'delete_comment': $mItem = new ItemActions(false); $status = $mItem->add_comment(); $itemId = Params::getParam('id'); $commentId = Params::getParam('comment'); $item = Item::newInstance()->findByPrimaryKey($itemId); if (count($item) == 0) { osc_add_flash_error_message(_m('This item doesn\'t exist')); $this->redirectTo(osc_base_url(true)); } View::newInstance()->_exportVariableToView('item', $item); if ($this->userId == null) { osc_add_flash_error_message(_m('You must be logged in to delete a comment')); $this->redirectTo(osc_item_url()); } $commentManager = ItemComment::newInstance(); $aComment = $commentManager->findByPrimaryKey($commentId); if (count($aComment) == 0) { osc_add_flash_error_message(_m('The comment doesn\'t exist')); $this->redirectTo(osc_item_url()); } if ($aComment['b_active'] != 1) { osc_add_flash_error_message(_m('The comment is not active, you cannot delete it')); $this->redirectTo(osc_item_url()); } if ($aComment['fk_i_user_id'] != $this->userId) { osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it')); $this->redirectTo(osc_item_url()); } $commentManager->deleteByPrimaryKey($commentId); osc_add_flash_ok_message(_m('The comment has been deleted')); $this->redirectTo(osc_item_url()); break; default: if (Params::getParam('id') == '') { $this->redirectTo(osc_base_url()); } if (Params::getParam('lang') != '') { Session::newInstance()->_set('userLocale', Params::getParam('lang')); } $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); // if item doesn't exist redirect to base url if (count($item) == 0) { osc_add_flash_error_message(_m('This item doesn\'t exist')); $this->redirectTo(osc_base_url(true)); } else { if ($item['b_active'] != 1) { if ($this->userId == $item['fk_i_user_id']) { osc_add_flash_error_message(_m('The item hasn\'t been validated. Please validate it in order to show it to the rest of users')); } else { osc_add_flash_error_message(_m('This item hasn\'t been validated')); $this->redirectTo(osc_base_url(true)); } } else { if ($item['b_enabled'] == 0) { osc_add_flash_error_message(_m('The item has been suspended')); $this->redirectTo(osc_base_url(true)); } } $mStats = new ItemStats(); $mStats->increase('i_num_views', $item['pk_i_id']); foreach ($item['locale'] as $k => $v) { $item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']); $item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description'])); } $this->_exportVariableToView('items', array($item)); osc_run_hook('show_item', $item); $this->doView('item.php'); } break; case 'dashboard': //dashboard... break; } }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'bulk_actions': $id = Params::getParam('id'); if ($id) { switch (Params::getParam('bulk_actions')) { case 'delete_all': $this->itemCommentManager->delete(array(DB_CUSTOM_COND => 'pk_i_id IN (' . implode(', ', $id) . ')')); foreach ($id as $_id) { $iUpdated = $this->itemCommentManager->delete(array('pk_i_id' => $_id)); osc_add_hook("delete_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been deleted'), 'admin'); break; case 'activate_all': foreach ($id as $_id) { $iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $_id)); if ($iUpdated) { $this->sendCommentActivated($_id); } osc_add_hook("activate_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been approved'), 'admin'); break; case 'deactivate_all': foreach ($id as $_id) { $this->itemCommentManager->update(array('b_active' => 0), array('pk_i_id' => $_id)); osc_add_hook("deactivate_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been disapproved'), 'admin'); break; case 'enable_all': foreach ($id as $_id) { $iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $_id)); if ($iUpdated) { $this->sendCommentActivated($_id); } osc_add_hook("enable_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been unblocked'), 'admin'); break; case 'disable_all': foreach ($id as $_id) { $this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $_id)); osc_add_hook("disable_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been blocked'), 'admin'); break; } } $this->redirectTo(osc_admin_base_url(true) . "?page=comments"); break; case 'status': $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) { return false; } if ($value == 'ACTIVE') { $iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $id)); if ($iUpdated) { $this->sendCommentActivated($id); } osc_add_hook("activate_comment", $id); osc_add_flash_ok_message(_m('The comment has been approved'), 'admin'); } else { if ($value == 'INACTIVE') { $iUpdated = $this->itemCommentManager->update(array('b_active' => 0), array('pk_i_id' => $id)); osc_add_hook("deactivate_comment", $id); osc_add_flash_ok_message(_m('The comment has been disapproved'), 'admin'); } else { if ($value == 'ENABLE') { $iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $id)); osc_add_hook("enable_comment", $id); osc_add_flash_ok_message(_m('The comment has been enabled'), 'admin'); } else { if ($value == 'DISABLE') { $iUpdated = $this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $id)); osc_add_hook("disable_comment", $id); osc_add_flash_ok_message(_m('The comment has been disabled'), 'admin'); } } } } $this->redirectTo(osc_admin_base_url(true) . "?page=comments"); break; case 'comment_edit': $comment = ItemComment::newInstance()->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('comment', $comment); $this->doView('comments/frm.php'); break; case 'comment_edit_post': $msg = ''; if (!osc_validate_email(Params::getParam('authorEmail'), true)) { $msg .= _m('Email is not correct') . "<br/>"; } if (!osc_validate_text(Params::getParam('body'), 1, true)) { $msg .= _m('Comment is required') . "<br/>"; } if ($msg != '') { osc_add_flash_error_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=comments&action=comment_edit&id=" . Params::getParam('id')); } $this->itemCommentManager->update(array('s_title' => Params::getParam('title'), 's_body' => Params::getParam('body'), 's_author_name' => Params::getParam('authorName'), 's_author_email' => Params::getParam('authorEmail')), array('pk_i_id' => Params::getParam('id'))); osc_run_hook('edit_comment', Params::getParam('id')); osc_add_flash_ok_message(_m('Great! We just updated your comment'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=comments"); break; case 'delete': $this->itemCommentManager->deleteByPrimaryKey(Params::getParam('id')); osc_add_flash_ok_message(_m('The comment has been deleted'), 'admin'); osc_run_hook('delete_comment', Params::getParam('id')); $this->redirectTo(osc_admin_base_url(true) . "?page=comments"); break; default: if (Params::getParam('iDisplayLength') == '') { Params::setParam('iDisplayLength', 10); } // showAll == '' // -> show all comments filtered // showAll != '' // -> show comments which are not // -> diplayed at frontend if (Params::getParam('showAll') == '' || Params::getParam('showAll') == '1') { Params::setParam('showAll', true); } else { Params::setParam('showAll', false); } $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength')); require_once osc_admin_base_path() . 'ajax/comments_processing.php'; $params = Params::getParamsAsArray("get"); $comments_processing = new CommentsProcessingAjax($params); $aData = $comments_processing->result($params); $page = (int) Params::getParam('iPage'); if (count($aData['aaData']) == 0 && $page != 1) { $total = (int) $aData['iTotalDisplayRecords']; $maxPage = ceil($total / (int) $aData['iDisplayLength']); $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING']; if ($maxPage == 0) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url); $this->redirectTo($url); } if ($page > 1) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url); $this->redirectTo($url); } } $this->_exportVariableToView('aComments', $aData); $this->doView('comments/index.php'); break; } }
private function processData($items) { if(!empty($items)) { $csrf_token_url = osc_csrf_token_url(); foreach($items as $aRow) { View::newInstance()->_exportVariableToView('item', $aRow); $row = array(); $options = array(); // -- prepare data -- // prepare item title $title = mb_substr($aRow['s_title'], 0, 30, 'UTF-8'); if($title != $aRow['s_title']) { $title .= '...'; } //icon open add new window $title .= '<span class="icon-new-window"></span>'; // Options of each row $options_more = array(); if($aRow['b_active']) { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=INACTIVE">' . __('Deactivate') .'</a>'; } else { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=ACTIVE">' . __('Activate') .'</a>'; } if($aRow['b_enabled']) { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=DISABLE">' . __('Block') .'</a>'; } else { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=ENABLE">' . __('Unblock') .'</a>'; } if($aRow['b_premium']) { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=0">' . __('Unmark as premium') .'</a>'; } else { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=1">' . __('Mark as premium') .'</a>'; } if($aRow['b_spam']) { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=0">' . __('Unmark as spam') .'</a>'; } else { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=1">' . __('Mark as spam') .'</a>'; } // general options $options[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=item_edit&id=' . $aRow['pk_i_id'] . '">' . __('Edit') . '</a>'; $options[] = '<a onclick="return delete_dialog(\'' . $aRow['pk_i_id'] . '\');" href="' . osc_admin_base_url(true) . '?page=items&action=delete&id[]=' . $aRow['pk_i_id'] . '">' . __('Delete') . '</a>'; // only show if there are data if(ItemComment::newInstance()->totalComments( $aRow['pk_i_id'] ) > 0) { $options[] = '<a href="' . osc_admin_base_url(true) . '?page=comments&action=list&id=' . $aRow['pk_i_id'] . '">' . __('View comments') . '</a>'; } if(ItemResource::newInstance()->countResources( $aRow['pk_i_id'] ) > 0) { $options[] = '<a href="' . osc_admin_base_url(true) . '?page=media&action=list&resourceId=' . $aRow['pk_i_id'] . '">' . __('View media') . '</a>'; } $options_more = osc_apply_filter('more_actions_manage_items', $options_more, $aRow); // more actions $moreOptions = '<li class="show-more">'.PHP_EOL.'<a href="#" class="show-more-trigger">'. __('Show more') .'...</a>'. PHP_EOL .'<ul>'. PHP_EOL; foreach( $options_more as $actual) { $moreOptions .= '<li>'.$actual."</li>".PHP_EOL; } $moreOptions .= '</ul>'. PHP_EOL .'</li>'.PHP_EOL; $options = osc_apply_filter('actions_manage_items', $options, $aRow); // create list of actions $auxOptions = '<ul>'.PHP_EOL; foreach( $options as $actual) { $auxOptions .= '<li>'.$actual.'</li>'.PHP_EOL; } if(!empty($options_more)) { $auxOptions .= $moreOptions; } $auxOptions .= '</ul>'.PHP_EOL; $actions = '<div class="actions">'.$auxOptions.'</div>'.PHP_EOL; // fill a row $row['bulkactions'] = '<input type="checkbox" name="id[]" value="' . $aRow['pk_i_id'] . '" active="' . $aRow['b_active'] . '" blocked="' . $aRow['b_enabled'] . '"/>'; $status = $this->get_row_status(); $row['status-border'] = ''; $row['status'] = $status['text']; $row['title'] = '<a href="' . osc_item_url() . '" target="_blank">' . $title. '</a>'. $actions; if($aRow['fk_i_user_id']!=null) { $row['user'] = '******' . osc_admin_base_url(true) . '?page=users&action=edit&id=' . $aRow['fk_i_user_id'] . '" target="_blank">' . $aRow['s_user_name'] . '</a>'; } else { $row['user'] = $aRow['s_user_name']; } $row['category'] = $aRow['s_category_name']; $row['location'] = $this->get_row_location(); $row['date'] = osc_format_date($aRow['dt_pub_date']); $row['expiration'] = osc_format_date($aRow['dt_expiration']); $row = osc_apply_filter('items_processing_row', $row, $aRow); $this->addRow($row); $this->rawRows[] = $aRow; } } }
function osc_count_item_comments() { if (!View::newInstance()->_exists('comments')) { View::newInstance()->_exportVariableToView('comments', ItemComment::newInstance()->findByItemID(osc_item_id())); } return View::newInstance()->_count('comments'); }
public function add_comment() { if(!osc_comments_enabled()) { return 7; } $aItem = $this->prepareDataForFunction('add_comment'); $authorName = trim(strip_tags($aItem['authorName'])); $authorEmail = trim(strip_tags($aItem['authorEmail'])); $body = trim(strip_tags($aItem['body'])); $title = trim(strip_tags($aItem['title'])); $itemId = $aItem['id']; $userId = $aItem['userId']; $status_num = -1; $banned = osc_is_banned(trim(strip_tags($aItem['authorEmail']))); if($banned==1 || $banned==2) { Session::newInstance()->_setForm('commentAuthorName', $authorName); Session::newInstance()->_setForm('commentTitle', $title); Session::newInstance()->_setForm('commentBody', $body); Session::newInstance()->_setForm('commentAuthorEmail', $authorEmail); return 5; } $item = $this->manager->findByPrimaryKey($itemId); View::newInstance()->_exportVariableToView('item', $item); $itemURL = osc_item_url(); $itemURL = '<a href="'.$itemURL.'" >'.$itemURL.'</a>'; Params::setParam('itemURL', $itemURL); if(osc_reg_user_post_comments() && !osc_is_web_user_logged_in()) { Session::newInstance()->_setForm('commentAuthorName', $authorName); Session::newInstance()->_setForm('commentTitle', $title); Session::newInstance()->_setForm('commentBody', $body); return 6; } if( !preg_match('|^.*?@.{2,}\..{2,3}$|', $authorEmail)) { Session::newInstance()->_setForm('commentAuthorName', $authorName); Session::newInstance()->_setForm('commentTitle', $title); Session::newInstance()->_setForm('commentBody', $body); return 3; } if( ($body == '') ) { Session::newInstance()->_setForm('commentAuthorName', $authorName); Session::newInstance()->_setForm('commentAuthorEmail', $authorEmail); Session::newInstance()->_setForm('commentTitle', $title); return 4; } $num_moderate_comments = osc_moderate_comments(); if($userId==null) { $num_comments = 0; } else { $user = User::newInstance()->findByPrimaryKey($userId); $num_comments = $user['i_comments']; } if ($num_moderate_comments == -1 || ($num_moderate_comments != 0 && $num_comments >= $num_moderate_comments)) { $status = 'ACTIVE'; $status_num = 2; } else { $status = 'INACTIVE'; $status_num = 1; } if (osc_akismet_key()) { require_once LIB_PATH . 'Akismet.class.php'; $akismet = new Akismet(osc_base_url(), osc_akismet_key()); $akismet->setCommentAuthor($authorName); $akismet->setCommentAuthorEmail($authorEmail); $akismet->setCommentContent($body); $akismet->setPermalink($itemURL); $status = $akismet->isCommentSpam() ? 'SPAM' : $status; if($status == 'SPAM') { $status_num = 5; } } $mComments = ItemComment::newInstance(); $aComment = array('dt_pub_date' => date('Y-m-d H:i:s') ,'fk_i_item_id' => $itemId ,'s_author_name' => $authorName ,'s_author_email' => $authorEmail ,'s_title' => $title ,'s_body' => $body ,'b_active' => ($status=='ACTIVE' ? 1 : 0) ,'b_enabled' => 1 ,'fk_i_user_id' => $userId); osc_run_hook('before_add_comment', $aComment); if( $mComments->insert($aComment) ) { $commentID = $mComments->dao->insertedId(); if($status_num == 2 && $userId != null) { // COMMENT IS ACTIVE $user = User::newInstance()->findByPrimaryKey($userId); if( $user ) { User::newInstance()->update( array( 'i_comments' => $user['i_comments'] + 1) ,array( 'pk_i_id' => $user['pk_i_id'] ) ); } } //Notify admin if ( osc_notify_new_comment() ) { osc_run_hook('hook_email_new_comment_admin', $aItem); } //Notify user if ( osc_notify_new_comment_user() ) { osc_run_hook('hook_email_new_comment_user', $aItem); } osc_run_hook( 'add_comment', $commentID ); return $status_num; } return -1; }
function doModel() { switch ($this->action) { case 'change_email_confirm': //change email confirm if (Params::getParam('userId') && Params::getParam('code')) { $userManager = new User(); $user = $userManager->findByPrimaryKey(Params::getParam('userId')); if ($user['s_pass_code'] == Params::getParam('code') && $user['b_enabled'] == 1) { $userEmailTmp = UserEmailTmp::newInstance()->findByPrimaryKey(Params::getParam('userId')); $code = osc_genRandomPassword(50); $userManager->update(array('s_email' => $userEmailTmp['s_new_email']), array('pk_i_id' => $userEmailTmp['fk_i_user_id'])); Item::newInstance()->update(array('s_contact_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); ItemComment::newInstance()->update(array('s_author_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); Alerts::newInstance()->update(array('s_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); Session::newInstance()->_set('userEmail', $userEmailTmp['s_new_email']); UserEmailTmp::newInstance()->delete(array('s_new_email' => $userEmailTmp['s_new_email'])); osc_add_flash_ok_message(_m('Your email has been changed successfully')); $this->redirectTo(osc_user_profile_url()); } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); $this->redirectTo(osc_base_url()); } } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); $this->redirectTo(osc_base_url()); } break; case 'activate_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $id = Params::getParam('id'); $alert = Alerts::newInstance()->findByPrimaryKey($id); $result = 0; if (!empty($alert)) { if ($email == $alert['s_email'] && $secret == $alert['s_secret']) { $user = User::newInstance()->findByEmail($alert['s_email']); if (isset($user['pk_i_id'])) { Alerts::newInstance()->update(array('fk_i_user_id' => $user['pk_i_id']), array('pk_i_id' => $id)); } $result = Alerts::newInstance()->activate($id); } } if ($result == 1) { osc_add_flash_ok_message(_m('Alert activated')); } else { osc_add_flash_error_message(_m('Oops! There was a problem trying to activate your alert. Please contact an administrator')); } $this->redirectTo(osc_base_url()); break; case 'unsub_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $id = Params::getParam('id'); $alert = Alerts::newInstance()->findByPrimaryKey($id); $result = 0; if (!empty($alert)) { if ($email == $alert['s_email'] && $secret == $alert['s_secret']) { $result = Alerts::newInstance()->unsub($id); } } if ($result == 1) { osc_add_flash_ok_message(_m('Unsubscribed correctly')); } else { osc_add_flash_error_message(_m('Oops! There was a problem trying to unsubscribe you. Please contact an administrator')); } $this->redirectTo(osc_base_url()); break; case 'pub_profile': if (Params::getParam('username') != '') { $user = User::newInstance()->findByUsername(Params::getParam('username')); } else { $user = User::newInstance()->findByPrimaryKey(Params::getParam('id')); } // user doesn't exist, show 404 error if (!$user) { $this->do404(); return; } $itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 10; $page = Params::getParam('iPage') > 0 ? Params::getParam('iPage') - 1 : 0; $total_items = Item::newInstance()->countItemTypesByUserID($user['pk_i_id'], 'active'); if ($itemsPerPage == 'all') { $total_pages = 1; $items = Item::newInstance()->findItemTypesByUserID($user['pk_i_id'], 0, null, 'active'); } else { $total_pages = ceil($total_items / $itemsPerPage); $items = Item::newInstance()->findItemTypesByUserID($user['pk_i_id'], $page * $itemsPerPage, $itemsPerPage, 'active'); } View::newInstance()->_exportVariableToView('user', $user); $this->_exportVariableToView('items', $items); $this->_exportVariableToView('search_total_pages', $total_pages); $this->_exportVariableToView('search_total_items', $total_items); $this->_exportVariableToView('items_per_page', $itemsPerPage); $this->_exportVariableToView('search_page', $page); $this->_exportVariableToView('canonical', osc_user_public_profile_url()); $this->doView('user-public-profile.php'); break; case 'contact_post': $user = User::newInstance()->findByPrimaryKey(Params::getParam('id')); View::newInstance()->_exportVariableToView('user', $user); if (osc_recaptcha_private_key() != '') { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail')); Session::newInstance()->_setForm("yourName", Params::getParam('yourName')); Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber')); Session::newInstance()->_setForm("message_body", Params::getParam('message')); $this->redirectTo(osc_user_public_profile_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $banned = osc_is_banned(Params::getParam('yourEmail')); if ($banned == 1) { osc_add_flash_error_message(_m('Your current email is not allowed')); $this->redirectTo(osc_user_public_profile_url()); } else { if ($banned == 2) { osc_add_flash_error_message(_m('Your current IP is not allowed')); $this->redirectTo(osc_user_public_profile_url()); } } osc_run_hook('hook_email_contact_user', Params::getParam('id'), Params::getParam('yourEmail'), Params::getParam('yourName'), Params::getParam('phoneNumber'), Params::getParam('message')); osc_add_flash_ok_message(_m('Your email has been sent properly.')); $this->redirectTo(osc_user_public_profile_url()); break; default: $this->redirectTo(osc_user_login_url()); break; } }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'bulk_actions': $id = Params::getParam('id'); if ($id) { switch (Params::getParam('bulk_actions')) { case 'delete_all': $this->itemCommentManager->delete(array(DB_CUSTOM_COND => 'pk_i_id IN (' . implode(', ', $id) . ')')); foreach ($id as $_id) { $iUpdated = $this->itemCommentManager->delete(array('pk_i_id' => $_id)); osc_add_hook("delete_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been deleted'), 'admin'); break; case 'activate_all': foreach ($id as $_id) { $iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $_id)); if ($iUpdated) { $this->sendCommentActivated($_id); } osc_add_hook("activate_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been approved'), 'admin'); break; case 'deactivate_all': foreach ($id as $_id) { $this->itemCommentManager->update(array('b_active' => 0), array('pk_i_id' => $_id)); osc_add_hook("deactivate_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been disapproved'), 'admin'); break; case 'enable_all': foreach ($id as $_id) { $iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $_id)); if ($iUpdated) { $this->sendCommentActivated($_id); } osc_add_hook("enable_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been approved'), 'admin'); break; case 'disable_all': foreach ($id as $_id) { $this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $_id)); osc_add_hook("disable_comment", $_id); } osc_add_flash_ok_message(_m('The comments have been disapproved'), 'admin'); break; } } $this->redirectTo(osc_admin_base_url(true) . "?page=comments"); break; case 'status': $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) { return false; } if ($value == 'ACTIVE') { $iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $id)); if ($iUpdated) { $this->sendCommentActivated($id); } osc_add_hook("activate_comment", $id); osc_add_flash_ok_message(_m('The comment has been approved'), 'admin'); } else { if ($value == 'INACTIVE') { $iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $id)); osc_add_hook("deactivate_comment", $id); osc_add_flash_ok_message(_m('The comment has been disapproved'), 'admin'); } else { if ($value == 'ENABLE') { $iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $id)); osc_add_hook("enable_comment", $id); osc_add_flash_ok_message(_m('The comment has been enabled'), 'admin'); } else { if ($value == 'DISABLE') { $iUpdated = $this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $id)); osc_add_hook("disable_comment", $id); osc_add_flash_ok_message(_m('The comment has been disabled'), 'admin'); } } } } $this->redirectTo(osc_admin_base_url(true) . "?page=comments"); break; case 'comment_edit': $id = Params::getParam('id'); $comment = ItemComment::newInstance()->findByPrimaryKey($id); $this->_exportVariableToView('comment', $comment); $this->doView('comments/frm.php'); break; case 'comment_edit_post': $this->itemCommentManager->update(array('s_title' => Params::getParam('title'), 's_body' => Params::getParam('body'), 's_author_name' => Params::getParam('authorName'), 's_author_email' => Params::getParam('authorEmail')), array('pk_i_id' => Params::getParam('id'))); osc_run_hook('edit_comment', Params::getParam('id')); osc_add_flash_ok_message(_m('Great! We just updated your comment'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=comments"); break; case 'delete': $this->itemCommentManager->deleteByPrimaryKey(Params::getParam('id')); osc_add_flash_ok_message(_m('The comment have been deleted'), 'admin'); osc_run_hook('delete_comment', Params::getParam('id')); $this->redirectTo(osc_admin_base_url(true) . "?page=comments"); break; default: if (Params::getParam('id') != '') { $comments = $this->itemCommentManager->getAllComments(Params::getParam('id')); } else { $comments = $this->itemCommentManager->getAllComments(); } $this->_exportVariableToView('comments', $comments); //calling the view... $this->doView('comments/index.php'); } }
function doModel() { //calling the view... $locales = OSCLocale::newInstance()->listAllEnabled(); $this->_exportVariableToView('locales', $locales); switch ($this->action) { case 'item_add': // post if (!osc_users_enabled()) { osc_add_flash_message(_m('Users not enabled')); $this->redirectTo(osc_base_url(true)); } if (osc_reg_user_post() && $this->user == null) { // CHANGEME: This text osc_add_flash_message(_m('Only registered users are allowed to post items')); $this->redirectTo(osc_user_login_url()); } $countries = Country::newInstance()->listAll(); $regions = array(); if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') { $regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']); } else { if (count($countries) > 0) { $regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']); } } $cities = array(); if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') { $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']); } else { if (count($regions) > 0) { $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']); } } $this->_exportVariableToView('countries', $countries); $this->_exportVariableToView('regions', $regions); $this->_exportVariableToView('cities', $cities); $this->_exportVariableToView('user', $this->user); osc_run_hook('post_item'); $this->doView('item-post.php'); break; case 'item_add_post': //post_item if (!osc_users_enabled()) { osc_add_flash_message(_m('Users not allowed')); $this->redirectTo(osc_base_url(true)); } if (osc_reg_user_post() && $this->user == null) { osc_add_flash_message(_m('Only registered users are allowed to post items')); $this->redirectTo(osc_base_url(true)); } // POST ITEM ( ADD ITEM ) $mItems = new ItemActions(false); $success = $mItems->add(); if ($success) { $PcontactName = Params::getParam('contactName'); $PcontactEmail = Params::getParam('contactEmail'); $itemId = Params::getParam('itemId'); $item = array(); if (Session::newInstance()->_get('userId') == '') { $mPages = new Page(); $aPage = $mPages->findByInternalName('email_new_item_non_register_user'); $locale = osc_current_user_locale(); $content = array(); if (isset($aPage['locale'][$locale]['s_title'])) { $content = $aPage['locale'][$locale]; } else { $content = current($aPage['locale']); } $item = $this->itemManager->findByPrimaryKey($itemId); $item_url = osc_item_url(); // before page = user , action = item_edit $edit_url = osc_item_edit_url($item['s_secret'], $itemId); // before page = user , action = item_delete $delete_url = osc_item_delete_url($item['s_secret'], $itemId); $words = array(); $words[] = array('{ITEM_ID}', '{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{ITEM_TITLE}', '{ITEM_URL}', '{WEB_TITLE}', '{EDIT_LINK}', '{EDIT_URL}', '{DELETE_LINK}', '{DELETE_URL}'); $words[] = array($itemId, $PcontactName, $PcontactEmail, osc_base_url(), $item['s_title'], $item_url, osc_page_title(), '<a href="' . $edit_url . '">' . $edit_url . '</a>', $edit_url, '<a href="' . $delete_url . '">' . $delete_url . '</a>', $delete_url); $title = osc_mailBeauty($content['s_title'], $words); $body = osc_mailBeauty($content['s_text'], $words); $emailParams = array('subject' => $title, 'to' => $PcontactEmail, 'to_name' => $PcontactName, 'body' => $body, 'alt_body' => $body); osc_sendMail($emailParams); } osc_run_hook('posted_item', $item); $category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId')); View::newInstance()->_exportVariableToView('category', $category); $this->redirectTo(osc_search_category_url()); } else { $this->redirectTo(osc_item_post_url()); } break; case 'item_edit': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId); if (count($item) == 1) { $item = Item::newInstance()->findByPrimaryKey($id); $categories = Category::newInstance()->toTree(); $countries = Country::newInstance()->listAll(); $regions = array(); if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') { $regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']); } else { if (count($countries) > 0) { $regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']); } } $cities = array(); if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') { $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']); } else { if (count($regions) > 0) { $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']); } } $currencies = Currency::newInstance()->listAll(); $this->_exportVariableToView('item', $item); //$this->_exportVariableToView('user', $this->user) ; $this->doView('item-edit.php'); } else { // add a flash message [ITEM NO EXISTE] //$this->redirectTo(osc_base_url(true)); osc_add_flash_message(_m('Sorry, we don\'t have any items with that ID')); if ($this->user != null) { $this->redirectTo(osc_user_list_items_url()); } else { $this->redirectTo(osc_base_url()); } } break; case 'item_edit_post': // recoger el secret y el $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId); if (count($item) == 1) { $this->_exportVariableToView('item', $item[0]); $mItems = new ItemActions(false); $success = $mItems->edit(); if ($success) { osc_add_flash_message(_m('Great! We\'ve just updated your item')); $this->redirectTo(osc_base_url(true) . "?page=item&id={$id}"); } else { $this->redirectTo(osc_item_edit_url($secret)); } } break; case 'activate': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId); View::newInstance()->_exportVariableToView('item', $item[0]); if ($item[0]['e_status'] == 'INACTIVE') { // ACTIVETE ITEM $mItems = new ItemActions(false); $success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']); if ($success) { osc_add_flash_message(_m('The item has been validated')); } else { osc_add_flash_message(_m('The item can\'t be validated')); } } else { osc_add_flash_message(_m('The item has already been validated')); } $this->redirectTo(osc_item_url()); break; case 'item_delete': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId); if (count($item) == 1) { $mItems = new ItemActions(false); $success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']); if ($success) { osc_add_flash_message(_m('Your item has been deleted')); } else { osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted')); } if ($this->user != null) { $this->redirectTo(osc_user_list_items_url()); } else { $this->redirectTo(osc_base_url()); } } else { osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted')); $this->redirectTo(osc_base_url()); } break; case 'deleteResource': $id = Params::getParam('id'); $item = Params::getParam('item'); $code = Params::getParam('code'); $secret = Params::getParam('secret'); // Check for required fields if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) { osc_add_flash_message(_m("The selected photo couldn't be deleted, the url doesn't exist")); if ($this->userId == null) { $this->redirectTo(osc_base_url()); } else { $this->redirectTo(osc_user_dashboard_url()); } } $aItem = $this->itemManager->findByPrimaryKey($item); // Check if the item exists if (count($aItem) == 0) { osc_add_flash_message(_m('The item doesn\'t exist')); $this->redirectTo(osc_base_url()); } // Check if the item belong to the user if ($this->userId != null && $this->userId != $aItem['fk_i_user_id']) { osc_add_flash_message(_m('The item doesn\'t belong to you')); $this->redirectTo(osc_item_url_ns($item)); } // Check if the secret passphrase match with the item if ($this->userId == null && $secret != $aItem['s_secret']) { osc_add_flash_message(_m('The item doesn\'t belong to you')); $this->redirectTo(osc_item_url_ns($item)); } // Does id & code combination exist? $result = ItemResource::newInstance()->getResourceSecure($id, $code); if ($result > 0) { // Delete: file, db table entry osc_deleteResource($id); ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code)); osc_add_flash_message(_m('The selected photo has been successfully deleted')); } else { osc_add_flash_message(_m("The selected photo couldn't be deleted")); } // Redirect to item_edit. If unregistered user, include $secret. $this->redirectTo(osc_item_edit_url($secret, $item)); break; case 'mark': $mItem = new ItemActions(false); $id = Params::getParam('id'); $as = Params::getParam('as'); $item = Item::newInstance()->findByPrimaryKey($id); View::newInstance()->_exportVariableToView('item', $item); $mItem->mark($id, $as); osc_add_flash_message(_m('Thanks! That\'s very helpful')); $this->redirectTo(osc_item_url()); break; case 'send_friend': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); $this->doView('item-send-friend.php'); break; case 'send_friend_post': $mItem = new ItemActions(false); $mItem->send_friend(); $item_url = Params::getParam('item_url'); $this->redirectTo($item_url); break; case 'contact': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']); if ($category['i_expiration_days'] > 0) { $item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600); $date = time(); if ($item_date < $date) { // The item is expired, we can not contact the seller osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller')); $this->redirectTo(osc_create_item_url($item)); } } $this->_exportVariableToView('item', $item); $this->doView('item-contact.php'); break; case 'contact_post': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']); if ($category['i_expiration_days'] > 0) { $item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600); $date = time(); if ($item_date < $date) { // The item is expired, we can not contact the seller osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller')); $this->redirectTo(osc_item_url()); } } $mItem = new ItemActions(false); $mItem->contact(); osc_add_flash_message(_m('We\'ve just sent an e-mail to the seller')); $this->redirectTo(osc_item_url()); break; case 'add_comment': $mItem = new ItemActions(false); $status = $mItem->add_comment(); switch ($status) { case -1: $msg = _m('Sorry, we could not save your comment. Try again later'); break; case 1: $msg = _m('Your comment is awaiting moderation'); break; case 2: $msg = _m('Your comment has been approved'); break; case 3: $msg = _m('Please fill the required fields (name, email)'); break; case 4: $msg = _m('Please type a comment'); break; case 5: $msg = _m('Your comment has been marked as spam'); break; } osc_add_flash_message($msg); $this->redirectTo(Params::getParam('itemURL')); break; case 'delete_comment': $mItem = new ItemActions(false); $status = $mItem->add_comment(); $itemId = Params::getParam('id'); $commentId = Params::getParam('comment'); $item = Item::newInstance()->findByPrimaryKey($itemId); if (count($item) == 0) { osc_add_flash_message(_m('This item doesn\'t exist')); $this->redirectTo(osc_base_url(true)); } View::newInstance()->_exportVariableToView('item', $item); if ($this->userId == null) { osc_add_flash_message(_m('You have to be logged to delete a comment')); $this->redirectTo(osc_item_url()); } $commentManager = ItemComment::newInstance(); $aComment = $commentManager->findByPrimaryKey($commentId); if (count($aComment) == 0) { osc_add_flash_message(_m('The comment doesn\'t exist')); $this->redirectTo(osc_item_url()); } if ($aComment['e_status'] != 'ACTIVE') { osc_add_flash_message(_m('The comment is not active, you cannot delete it')); $this->redirectTo(osc_item_url()); } if ($aComment['fk_i_user_id'] != $this->userId) { osc_add_flash_message(_m('You cannot delete the comment')); $this->redirectTo(osc_item_url()); } $commentManager->deleteByPrimaryKey($commentId); osc_add_flash_message(_m('The comment has been deleted correctly')); $this->redirectTo(osc_item_url()); break; default: if (Params::getParam('id') == '') { $this->redirectTo(osc_base_url()); } if (Params::getParam('lang') != '') { Session::newInstance()->_set('userLocale', Params::getParam('lang')); } $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); // if item doesn't exist redirect to base url if (count($item) == 0) { osc_add_flash_message(_m('This item doesn\'t exist')); $this->redirectTo(osc_base_url(true)); } else { if ($item['e_status'] != 'ACTIVE') { if ($this->userId == $item['fk_i_user_id']) { osc_add_flash_message(_m('The item hasn\'t been validated. Please validate it in order to show it to the rest of users')); } else { osc_add_flash_message(_m('This item hasn\'t been validated')); $this->redirectTo(osc_base_url(true)); } } $mStats = new ItemStats(); $mStats->increase('i_num_views', $item['pk_i_id']); foreach ($item['locale'] as $k => $v) { $item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']); $item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description'])); } $this->_exportVariableToView('items', array($item)); osc_run_hook('show_item', $item); $this->doView('item.php'); } break; case 'dashboard': //dashboard... break; } }
function doModel() { //calling the view... $locales = OSCLocale::newInstance()->listAllEnabled(); $this->_exportVariableToView('locales', $locales); switch ($this->action) { case 'item_add': // post if (osc_reg_user_post() && $this->user == null) { osc_add_flash_warning_message(_m('Only registered users are allowed to post listings')); $this->redirectTo(osc_user_login_url()); } $countries = Country::newInstance()->listAll(); $regions = array(); if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') { $regions = Region::newInstance()->findByCountry($this->user['fk_c_country_code']); } else { if (count($countries) > 0) { $regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']); } } $cities = array(); if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') { $cities = City::newInstance()->findByRegion($this->user['fk_i_region_id']); } else { if (count($regions) > 0) { $cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']); } } $this->_exportVariableToView('countries', $countries); $this->_exportVariableToView('regions', $regions); $this->_exportVariableToView('cities', $cities); $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } if (Session::newInstance()->_getForm('countryId') != "") { $countryId = Session::newInstance()->_getForm('countryId'); $regions = Region::newInstance()->findByCountry($countryId); $this->_exportVariableToView('regions', $regions); if (Session::newInstance()->_getForm('regionId') != "") { $regionId = Session::newInstance()->_getForm('regionId'); $cities = City::newInstance()->findByRegion($regionId); $this->_exportVariableToView('cities', $cities); } } $this->_exportVariableToView('user', $this->user); osc_run_hook('post_item'); $this->doView('item-post.php'); break; case 'item_add_post': //post_item if (osc_reg_user_post() && $this->user == null) { osc_add_flash_warning_message(_m('Only registered users are allowed to post listings')); $this->redirectTo(osc_base_url(true)); } $mItems = new ItemActions(false); // prepare data for ADD ITEM $mItems->prepareData(true); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_post_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } if (!osc_is_web_user_logged_in()) { $user = User::newInstance()->findByEmail($mItems->data['contactEmail']); // The user exists but it's not logged if (isset($user['pk_i_id'])) { foreach ($mItems->data as $key => $value) { Session::newInstance()->_keepForm($key); } osc_add_flash_error_message(_m('A user with that email address already exists, if it is you, please log in')); $this->redirectTo(osc_user_login_url()); } } // POST ITEM ( ADD ITEM ) $success = $mItems->add(); if ($success != 1 && $success != 2) { osc_add_flash_error_message($success); $this->redirectTo(osc_item_post_url()); } else { Session::newInstance()->_dropkeepForm('meta_' . $key); if ($success == 1) { osc_add_flash_ok_message(_m('Check your inbox to validate your listing')); } else { osc_add_flash_ok_message(_m('Your listing has been published')); } $itemId = Params::getParam('itemId'); $item = $this->itemManager->findByPrimaryKey($itemId); osc_run_hook('posted_item', $item); $category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId')); View::newInstance()->_exportVariableToView('category', $category); $this->redirectTo(osc_search_category_url()); } break; case 'item_edit': // edit item $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId)); if (count($item) == 1) { $item = Item::newInstance()->findByPrimaryKey($id); $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } $this->_exportVariableToView('item', $item); osc_run_hook("before_item_edit", $item); $this->doView('item-edit.php'); } else { // add a flash message [ITEM NO EXISTE] osc_add_flash_error_message(_m("Sorry, we don't have any listings with that ID")); if ($this->user != null) { $this->redirectTo(osc_user_list_items_url()); } else { $this->redirectTo(osc_base_url()); } } break; case 'item_edit_post': // recoger el secret y el $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId)); if (count($item) == 1) { $this->_exportVariableToView('item', $item[0]); $mItems = new ItemActions(false); // prepare data for ADD ITEM $mItems->prepareData(false); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_edit_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $success = $mItems->edit(); osc_run_hook('edited_item', Item::newInstance()->findByPrimaryKey($id)); if ($success == 1) { osc_add_flash_ok_message(_m("Great! We've just updated your listing")); View::newInstance()->_exportVariableToView("item", Item::newInstance()->findByPrimaryKey($id)); $this->redirectTo(osc_item_url()); } else { osc_add_flash_error_message($success); $this->redirectTo(osc_item_edit_url($secret)); } } break; case 'activate': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId)); // item doesn't exist if (count($item) == 0) { $this->do404(); return; } View::newInstance()->_exportVariableToView('item', $item[0]); if ($item[0]['b_active'] == 0) { // ACTIVETE ITEM $mItems = new ItemActions(false); $success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']); if ($success) { osc_add_flash_ok_message(_m('The listing has been validated')); } else { osc_add_flash_error_message(_m("The listing can't be validated")); } } else { osc_add_flash_warning_message(_m('The listing has already been validated')); } $this->redirectTo(osc_item_url()); break; case 'item_delete': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId)); if (count($item) == 1) { $mItems = new ItemActions(false); $success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']); if ($success) { osc_add_flash_ok_message(_m('Your listing has been deleted')); } else { osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted")); } if ($this->user != null) { $this->redirectTo(osc_user_list_items_url()); } else { $this->redirectTo(osc_base_url()); } } else { osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted")); $this->redirectTo(osc_base_url()); } break; case 'mark': $id = Params::getParam('id'); $as = Params::getParam('as'); $item = Item::newInstance()->findByPrimaryKey($id); View::newInstance()->_exportVariableToView('item', $item); require_once osc_lib_path() . 'osclass/user-agents.php'; foreach ($user_agents as $ua) { if (preg_match('|' . $ua . '|', @$_SERVER['HTTP_USER_AGENT'])) { // mark item if it's not a bot $mItem = new ItemActions(false); $mItem->mark($id, $as); break; } } osc_add_flash_ok_message(_m("Thanks! That's very helpful")); $this->redirectTo(osc_item_url()); break; case 'send_friend': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); $this->doView('item-send-friend.php'); break; case 'send_friend_post': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail')); Session::newInstance()->_setForm("yourName", Params::getParam('yourName')); Session::newInstance()->_setForm("friendName", Params::getParam('friendName')); Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail')); Session::newInstance()->_setForm("message_body", Params::getParam('message')); if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_send_friend_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $mItem = new ItemActions(false); $success = $mItem->send_friend(); if ($success) { Session::newInstance()->_clearVariables(); $this->redirectTo(osc_item_url()); } else { $this->redirectTo(osc_item_send_friend_url()); } break; case 'contact': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); if (empty($item)) { osc_add_flash_error_message(_m("This listing doesn't exist")); $this->redirectTo(osc_base_url(true)); } else { $this->_exportVariableToView('item', $item); if (osc_item_is_expired()) { osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller")); $this->redirectTo(osc_item_url()); } if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) { $this->doView('item-contact.php'); } else { osc_add_flash_error_message(_m("You can't contact the seller, only registered users can")); $this->redirectTo(osc_item_url()); } } break; case 'contact_post': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail')); Session::newInstance()->_setForm("yourName", Params::getParam('yourName')); Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber')); Session::newInstance()->_setForm("message_body", Params::getParam('message')); $this->redirectTo(osc_item_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } if (osc_isExpired($item['dt_expiration'])) { osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller")); $this->redirectTo(osc_item_url()); } $mItem = new ItemActions(false); $result = $mItem->contact(); if (is_string($result)) { osc_add_flash_error_message($result); } else { osc_add_flash_ok_message(_m("We've just sent an e-mail to the seller")); } $this->redirectTo(osc_item_url()); break; case 'add_comment': $mItem = new ItemActions(false); $status = $mItem->add_comment(); switch ($status) { case -1: $msg = _m('Sorry, we could not save your comment. Try again later'); osc_add_flash_error_message($msg); break; case 1: $msg = _m('Your comment is awaiting moderation'); osc_add_flash_info_message($msg); break; case 2: $msg = _m('Your comment has been approved'); osc_add_flash_ok_message($msg); break; case 3: $msg = _m('Please fill the required field (email)'); osc_add_flash_warning_message($msg); break; case 4: $msg = _m('Please type a comment'); osc_add_flash_warning_message($msg); break; case 5: $msg = _m('Your comment has been marked as spam'); osc_add_flash_error_message($msg); break; } $this->redirectTo(osc_item_url()); break; case 'delete_comment': $mItem = new ItemActions(false); $status = $mItem->add_comment(); $itemId = Params::getParam('id'); $commentId = Params::getParam('comment'); $item = Item::newInstance()->findByPrimaryKey($itemId); if (count($item) == 0) { osc_add_flash_error_message(_m("This listing doesn't exist")); $this->redirectTo(osc_base_url(true)); } View::newInstance()->_exportVariableToView('item', $item); if ($this->userId == null) { osc_add_flash_error_message(_m('You must be logged in to delete a comment')); $this->redirectTo(osc_item_url()); } $commentManager = ItemComment::newInstance(); $aComment = $commentManager->findByPrimaryKey($commentId); if (count($aComment) == 0) { osc_add_flash_error_message(_m("The comment doesn't exist")); $this->redirectTo(osc_item_url()); } if ($aComment['b_active'] != 1) { osc_add_flash_error_message(_m('The comment is not active, you cannot delete it')); $this->redirectTo(osc_item_url()); } if ($aComment['fk_i_user_id'] != $this->userId) { osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it')); $this->redirectTo(osc_item_url()); } $commentManager->deleteByPrimaryKey($commentId); osc_add_flash_ok_message(_m('The comment has been deleted')); $this->redirectTo(osc_item_url()); break; default: // if there isn't ID, show an error 404 if (Params::getParam('id') == '') { $this->do404(); return; } if (Params::getParam('lang') != '') { Session::newInstance()->_set('userLocale', Params::getParam('lang')); } $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); // if item doesn't exist show an error 404 if (count($item) == 0) { $this->do404(); return; } if ($item['b_active'] != 1) { if ($this->userId == $item['fk_i_user_id']) { osc_add_flash_warning_message(_m("The listing hasn't been validated. Please validate it in order to make it public")); } else { osc_add_flash_warning_message(_m("This listing hasn't been validated")); $this->redirectTo(osc_base_url(true)); } } else { if ($item['b_enabled'] == 0) { osc_add_flash_warning_message(_m('The listing has been suspended')); $this->redirectTo(osc_base_url(true)); } } if (!osc_is_admin_user_logged_in()) { require_once osc_lib_path() . 'osclass/user-agents.php'; foreach ($user_agents as $ua) { if (preg_match('|' . $ua . '|', @$_SERVER['HTTP_USER_AGENT'])) { $mStats = new ItemStats(); $mStats->increase('i_num_views', $item['pk_i_id']); break; } } } foreach ($item['locale'] as $k => $v) { $item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']); $item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description'])); } if ($item['fk_i_user_id'] != '') { $user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']); $this->_exportVariableToView('user', $user); } $this->_exportVariableToView('item', $item); osc_run_hook('show_item', $item); // redirect to the correct url just in case it has changed $itemURI = str_replace(osc_base_url(), '', osc_item_url()); $URI = preg_replace('|^' . REL_WEB_URL . '|', '', $_SERVER['REQUEST_URI']); // do not clean QUERY_STRING if permalink is not enabled if (osc_rewrite_enabled()) { $URI = str_replace('?' . $_SERVER['QUERY_STRING'], '', $URI); } else { $params_keep = array('page', 'id'); $params = array(); foreach (Params::getParamsAsArray('get') as $k => $v) { if (in_array($k, $params_keep)) { $params[] = "{$k}={$v}"; } } $URI = 'index.php?' . implode('&', $params); } // redirect to the correct url if ($itemURI != $URI) { $this->redirectTo(osc_base_url() . $itemURI); } $this->doView('item.php'); break; } }
function doModel() { switch ($this->action) { case 'change_email_confirm': //change email confirm if (Params::getParam('userId') && Params::getParam('code')) { $userManager = new User(); $user = $userManager->findByPrimaryKey(Params::getParam('userId')); if ($user['s_pass_code'] == Params::getParam('code') && $user['b_enabled'] == 1) { $userEmailTmp = UserEmailTmp::newInstance()->findByPk(Params::getParam('userId')); $code = osc_genRandomPassword(50); $userManager->update(array('s_email' => $userEmailTmp['s_new_email']), array('pk_i_id' => $userEmailTmp['fk_i_user_id'])); Item::newInstance()->update(array('s_contact_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); ItemComment::newInstance()->update(array('s_author_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); Alerts::newInstance()->update(array('s_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); Session::newInstance()->_set('userEmail', $userEmailTmp['s_new_email']); UserEmailTmp::newInstance()->delete(array('s_new_email' => $userEmailTmp['s_new_email'])); osc_add_flash_ok_message(_m('Your email has been changed successfully')); $this->redirectTo(osc_user_profile_url()); } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); $this->redirectTo(osc_base_url()); } } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); $this->redirectTo(osc_base_url()); } break; case 'activate_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $result = 0; if ($email != '' && $secret != '') { $result = Alerts::newInstance()->activate($email, $secret); } if ($result == 1) { osc_add_flash_ok_message(_m('Alert activated')); } else { osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator')); } $this->redirectTo(osc_base_url(true)); break; case 'unsub_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); if ($email != '' && $secret != '') { Alerts::newInstance()->delete(array('s_email' => $email, 'S_secret' => $secret)); osc_add_flash_ok_message(_m('Unsubscribed correctly')); } else { osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator')); } $this->redirectTo(osc_base_url()); break; case 'pub_profile': $userID = Params::getParam('id'); $user = User::newInstance()->findByPrimaryKey($userID); // user doesn't exist if (!$user) { $this->redirectTo(osc_base_url()); } View::newInstance()->_exportVariableToView('user', $user); $items = Item::newInstance()->findByUserIDEnabled($user['pk_i_id'], 0, 3); View::newInstance()->_exportVariableToView('items', $items); $this->doView('user-public-profile.php'); break; case 'contact_post': $user = User::newInstance()->findByPrimaryKey(Params::getParam('id')); View::newInstance()->_exportVariableToView('user', $user); if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail')); Session::newInstance()->_setForm("yourName", Params::getParam('yourName')); Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber')); Session::newInstance()->_setForm("message_body", Params::getParam('message')); $this->redirectTo(osc_user_public_profile_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } osc_run_hook('hook_email_contact_user', Params::getParam('id'), Params::getParam('yourEmail'), Params::getParam('yourName'), Params::getParam('phoneNumber'), Params::getParam('message')); $this->redirectTo(osc_user_public_profile_url()); break; default: $this->redirectTo(osc_user_login_url()); break; } }
$comments = $result->result(); foreach ($comments as $comment) { ItemComment::newInstance()->update(array("b_active" => $comment['e_status'] == 'ACTIVE' ? 1 : 0, 'b_enabled' => 1), array('pk_i_id' => $comment['pk_i_id'])); } unset($comments); // populate b_active/b_enabled (t_item) $result = $comm->query(sprintf("SELECT * FROM %st_item", DB_TABLE_PREFIX)); $items = $result->result(); foreach ($items as $item) { Item::newInstance()->update(array("b_active" => $item['e_status'] == 'ACTIVE' ? 1 : 0, 'b_enabled' => 1), array('pk_i_id' => $item['pk_i_id'])); } unset($items); // populate i_items/i_comments/b_active/b_enabled (t_user) $users = User::newInstance()->listAll(); foreach ($users as $user) { $comments = count(ItemComment::newInstance()->findByAuthorID($user['pk_i_id'])); $items = count(Item::newInstance()->findByUserIDEnabled($user['pk_i_id'])); User::newInstance()->update(array('i_items' => $items, 'i_comments' => $comments), array('pk_i_id' => $user['pk_i_id'])); // CHANGE FROM b_enabled to b_active User::newInstance()->update(array('b_active' => $user['b_enabled'], 'b_enabled' => 1), array('pk_i_id' => $user['pk_i_id'])); } unset($users); // Drop e_status column in t_item and t_item_comment $comm->query(sprintf("ALTER TABLE %st_item DROP e_status", DB_TABLE_PREFIX)); $comm->query(sprintf("ALTER TABLE %st_item_comment DROP e_status", DB_TABLE_PREFIX)); // Delete enabled_item_validation in t_preference $comm->query(sprintf("DELETE FROM %st_preference WHERE s_name = 'enabled_item_validation'", DB_TABLE_PREFIX)); // insert two new e-mail notifications $comm->query(sprintf("INSERT INTO %st_pages (s_internal_name, b_indelible, dt_pub_date) VALUES ('email_alert_validation', 1, '%s' )", DB_TABLE_PREFIX, date('Y-m-d H:i:s'))); $comm->query(sprintf("INSERT INTO %st_pages_description (fk_i_pages_id, fk_c_locale_code, s_title, s_text) VALUES (%d, 'en_US', 'Please validate your alert', '<p>Hi {USER_NAME},</p>\n<p>Please validate your alert registration by clicking on the following link: {VALIDATION_LINK}</p>\n<p>Thank you!</p>\n<p>Regards,</p>\n<p>{WEB_TITLE}</p>')", DB_TABLE_PREFIX, $comm->insertedId())); $comm->query(sprintf("INSERT INTO %st_pages (s_internal_name, b_indelible, dt_pub_date) VALUES ('email_comment_validated', 1, '%s' )", DB_TABLE_PREFIX, date('Y-m-d H:i:s')));
/** * new Design - return array * @return type */ private function toArrayFormat() { $this->result['iTotalRecords'] = $this->total_filtered; $this->result['iTotalDisplayRecords'] = $this->total; $this->result['sColumns'] = $this->sColumns; $this->result['iDisplayLength'] = $this->_get['iDisplayLength']; $this->result['aaData'] = array(); $this->result['aaObject'] = array(); if (count($this->items) == 0) { return; } $this->result['aaObject'] = $this->items; $count = 0; foreach ($this->items as $aRow) { View::newInstance()->_exportVariableToView('item', $aRow); $row = array(); $options = array(); // -- prepare data -- // prepare item title $title = mb_substr($aRow['s_title'], 0, 30, 'utf-8'); if ($title != $aRow['s_title']) { $title .= '...'; } // show more options $options_more = array(); if ($aRow['b_active']) { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&value=INACTIVE">' . __('Deactivate') . '</a>'; } else { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&value=ACTIVE">' . __('Activate') . '</a>'; } if ($aRow['b_enabled']) { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&value=DISABLE">' . __('Block') . '</a>'; } else { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&value=ENABLE">' . __('Unblock') . '</a>'; } if ($aRow['b_premium']) { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $aRow['pk_i_id'] . '&value=0">' . __('Unmark as premium') . '</a>'; } else { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $aRow['pk_i_id'] . '&value=1">' . __('Mark as premium') . '</a>'; } if ($aRow['b_spam']) { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $aRow['pk_i_id'] . '&value=0">' . __('Unmark as spam') . '</a>'; } else { $options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $aRow['pk_i_id'] . '&value=1">' . __('Mark as spam') . '</a>'; } // general options $options[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=item_edit&id=' . $aRow['pk_i_id'] . '">' . __('Edit') . '</a>'; $options[] = '<a onclick="return delete_dialog(\'' . $aRow['pk_i_id'] . '\');" href="' . osc_admin_base_url(true) . '?page=items&action=delete&id[]=' . $aRow['pk_i_id'] . '">' . __('Delete') . '</a>'; // only show if there are data if (ItemComment::newInstance()->totalComments($aRow['pk_i_id']) > 0) { $options[] = '<a href="' . osc_admin_base_url(true) . '?page=comments&action=list&id=' . $aRow['pk_i_id'] . '">' . __('View comments') . '</a>'; } if (ItemResource::newInstance()->countResources($aRow['pk_i_id']) > 0) { $options[] = '<a href="' . osc_admin_base_url(true) . '?page=media&action=list&resourceId=' . $aRow['pk_i_id'] . '">' . __('View media') . '</a>'; } $options_more = osc_apply_filter('more_actions_manage_items', $options_more, $aRow); // more actions $moreOptions = '<li class="show-more">' . PHP_EOL . '<a href="#" class="show-more-trigger">' . __('Show more') . '...</a>' . PHP_EOL . '<ul>' . PHP_EOL; foreach ($options_more as $actual) { $moreOptions .= '<li>' . $actual . "</li>" . PHP_EOL; } $moreOptions .= '</ul>' . PHP_EOL . '</li>' . PHP_EOL; $options = osc_apply_filter('actions_manage_items', $options, $aRow); // create list of actions $auxOptions = '<ul>' . PHP_EOL; foreach ($options as $actual) { $auxOptions .= '<li>' . $actual . '</li>' . PHP_EOL; } $auxOptions .= $moreOptions; $auxOptions .= '</ul>' . PHP_EOL; $actions = '<div class="actions">' . $auxOptions . '</div>' . PHP_EOL; // fill a row $row[] = '<input type="checkbox" name="id[]" value="' . $aRow['pk_i_id'] . '" active="' . $aRow['b_active'] . '" blocked="' . $aRow['b_enabled'] . '"/>'; $row[] = '<a href="' . osc_item_url() . '" target="_blank">' . $title . '</a>' . $actions; $row[] = $aRow['s_user_name']; $row[] = $aRow['s_category_name']; $row[] = $aRow['s_country']; $row[] = $aRow['s_region']; $row[] = $aRow['s_city']; $row[] = $aRow['dt_pub_date']; $count++; $this->result['aaData'][] = $row; } return; }
/** * Gets next comment of current premium comments * * @return array */ function osc_has_premium_comments() { if (!View::newInstance()->_exists('comments')) { View::newInstance()->_exportVariableToView('comments', ItemComment::newInstance()->findBypremiumID(osc_premium_id(), osc_premium_comments_page(), osc_comments_per_page())); } return View::newInstance()->_next('comments'); }
function edit($userId) { $input = $this->prepareData(false); // hook pre add or edit osc_run_hook('pre_user_post'); $flash_error = ''; $error = array(); if($this->is_admin) { $user_email = $this->manager->findByEmail($input['s_email']); if(isset($user_email['pk_i_id']) && $user_email['pk_i_id']!=$userId) { $flash_error .= sprintf(_m('The specified e-mail is already used by %s') , $user_email['s_username']) . PHP_EOL; $error[] = 3; } } if($input['s_name']=='') { $flash_error .= _m('The name cannot be empty').PHP_EOL; $error[] = 10; } if($this->is_admin){ if( Params::getParam('s_password', false, false) != Params::getParam('s_password2', false, false) ) { $flash_error .= _m("Passwords don't match") . PHP_EOL; $error[] = 7; } } if($flash_error!='') { return $flash_error; } $this->manager->update($input, array('pk_i_id' => $userId)); if($this->is_admin) { Item::newInstance()->update( array('s_contact_name' => $input['s_name'], 's_contact_email' => $input['s_email']), array('fk_i_user_id' => $userId) ); ItemComment::newInstance()->update( array('s_author_name' => $input['s_name'], 's_author_email' => $input['s_email']), array('fk_i_user_id' => $userId) ); Alerts::newInstance()->update( array('s_email' => $input['s_email']), array('fk_i_user_id' => $userId) ); Log::newInstance()->insertLog( 'user', 'edit', $userId, $input['s_email'], $this->is_admin ? 'admin' : 'user', $this->is_admin ? osc_logged_admin_id() : osc_logged_user_id() ); } else { Item::newInstance()->update( array('s_contact_name' => $input['s_name']), array('fk_i_user_id' => $userId) ); ItemComment::newInstance()->update( array('s_author_name' => $input['s_name']), array('fk_i_user_id' => $userId) ); $user = $this->manager->findByPrimaryKey($userId); Log::newInstance()->insertLog('user', 'edit', $userId, $user['s_email'], $this->is_admin ? 'admin' : 'user', $this->is_admin ? osc_logged_admin_id() : osc_logged_user_id() ); } if(!$this->is_admin) { Session::newInstance()->_set('userName', $input['s_name']); $phone = ($input['s_phone_mobile'])? $input['s_phone_mobile'] : $input['s_phone_land']; Session::newInstance()->_set('userPhone', $phone); } if ( is_array( Params::getParam('s_info') ) ) { foreach (Params::getParam('s_info') as $key => $value) { $this->manager->updateDescription($userId, $key, $value); } } osc_run_hook('user_edit_completed', $userId); if ( $this->is_admin ) { $iUpdated = 0; if( (Params::getParam("b_enabled") != '') && (Params::getParam("b_enabled") == 1 ) ) { $iUpdated += $this->manager->update( array('b_enabled' => 1), array('pk_i_id' => $userId) ); } else { $iUpdated += $this->manager->update( array('b_enabled' => 0), array('pk_i_id' => $userId) ); } if( (Params::getParam("b_active") != '') && (Params::getParam("b_active") == 1) ) { $iUpdated += $this->manager->update( array('b_active' => 1), array('pk_i_id' => $userId) ); } else { $iUpdated += $this->manager->update( array('b_active' => 0), array('pk_i_id' => $userId) ); } if($iUpdated > 0) { return 2; } } return 1; }