/** * Remove resources from disk * @param <type> $id * @param boolean $admin * @return boolean */ function osc_deleteResource($id, $admin) { if (defined('DEMO')) { return false; } if (is_array($id)) { $id = $id[0]; } $resource = ItemResource::newInstance()->findByPrimaryKey($id); if (!is_null($resource)) { Log::newInstance()->insertLog('item', 'delete resource', $resource['pk_i_id'], $id, $admin ? 'admin' : 'user', $admin ? osc_logged_admin_id() : osc_logged_user_id()); $backtracel = ''; foreach (debug_backtrace() as $k => $v) { if ($v['function'] == "include" || $v['function'] == "include_once" || $v['function'] == "require_once" || $v['function'] == "require") { $backtracel .= "#" . $k . " " . $v['function'] . "(" . $v['args'][0] . ") called@ [" . $v['file'] . ":" . $v['line'] . "] / "; } else { $backtracel .= "#" . $k . " " . $v['function'] . " called@ [" . $v['file'] . ":" . $v['line'] . "] / "; } } Log::newInstance()->insertLog('item', 'delete resource backtrace', $resource['pk_i_id'], $backtracel, $admin ? 'admin' : 'user', $admin ? osc_logged_admin_id() : osc_logged_user_id()); @unlink(osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . "." . $resource['s_extension']); @unlink(osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . "_original." . $resource['s_extension']); @unlink(osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . "_thumbnail." . $resource['s_extension']); @unlink(osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . "_preview." . $resource['s_extension']); osc_run_hook('delete_resource', $resource); } }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'bulk_actions': switch (Params::getParam('bulk_actions')) { case 'delete_all': $ids = Params::getParam("id"); if (is_array($ids)) { foreach ($ids as $id) { osc_deleteResource($id, true); } $log_ids = substr(implode(",", $ids), 0, 250); Log::newInstance()->insertLog('media', 'delete bulk', $log_ids, $log_ids, 'admin', osc_logged_admin_id()); $this->resourcesManager->deleteResourcesIds($ids); } osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); break; default: break; } $this->redirectTo(osc_admin_base_url(true) . '?page=media'); break; case 'delete': $ids = Params::getParam('id'); if (is_array($ids)) { foreach ($ids as $id) { osc_deleteResource($id, true); } $log_ids = substr(implode(",", $ids), 0, 250); Log::newInstance()->insertLog('media', 'delete', $log_ids, $log_ids, 'admin', osc_logged_admin_id()); $this->resourcesManager->deleteResourcesIds($ids); } osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=media'); break; default: $this->doView('media/index.php'); break; } }
/** * Delete resources from the hard drive * @param <type> $itemId */ public function deleteResourcesFromHD( $itemId ) { $resources = ItemResource::newInstance()->getAllResourcesFromItem($itemId); Log::newInstance()->insertLog('itemActions', 'deleteResourcesFromHD', $itemId, $itemId, $this->is_admin?'admin':'user', $this->is_admin?osc_logged_admin_id():osc_logged_user_id()); $log_ids = ''; foreach($resources as $resource) { osc_deleteResource($resource['pk_i_id'], $this->is_admin); $log_ids .= $resource['pk_i_id'].","; } Log::newInstance()->insertLog('itemActions', 'deleteResourcesFromHD', $itemId, substr($log_ids,0, 250), $this->is_admin?'admin':'user', $this->is_admin?osc_logged_admin_id():osc_logged_user_id()); }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'bulk_actions': switch (Params::getParam('bulk_actions')) { case 'delete_all': $ids = Params::getParam("id"); if (is_array($ids)) { foreach ($ids as $id) { osc_deleteResource($id, true); } $log_ids = substr(implode(",", $ids), 0, 250); Log::newInstance()->insertLog('media', 'delete bulk', $log_ids, $log_ids, 'admin', osc_logged_admin_id()); $this->resourcesManager->deleteResourcesIds($ids); } osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); break; default: break; } $this->redirectTo(osc_admin_base_url(true) . '?page=media'); break; case 'delete': $ids = Params::getParam('id'); if (is_array($ids)) { foreach ($ids as $id) { osc_deleteResource($id, true); } $log_ids = substr(implode(",", $ids), 0, 250); Log::newInstance()->insertLog('media', 'delete', $log_ids, $log_ids, 'admin', osc_logged_admin_id()); $this->resourcesManager->deleteResourcesIds($ids); } osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=media'); break; default: if (Params::getParam('iDisplayLength') == '') { Params::setParam('iDisplayLength', 10); } $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength')); require_once osc_admin_base_path() . 'ajax/media_processing.php'; $params = Params::getParamsAsArray("get"); $media_processing = new MediaProcessingAjax($params); $aData = $media_processing->result($params); $page = (int) Params::getParam('iPage'); if (count($aData['aaData']) == 0 && $page != 1) { $total = (int) $aData['iTotalDisplayRecords']; $maxPage = ceil($total / (int) $aData['iDisplayLength']); $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING']; if ($maxPage == 0) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url); $this->redirectTo($url); } if ($page > 1) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url); $this->redirectTo($url); } } $this->_exportVariableToView('aMedia', $aData); $this->doView('media/index.php'); break; } }
function doModel() { //calling the view... $locales = OSCLocale::newInstance()->listAllEnabled(); $this->_exportVariableToView('locales', $locales); switch ($this->action) { case 'item_add': // post if (osc_reg_user_post() && $this->user == null) { osc_add_flash_warning_message(_m('Only registered users are allowed to post listings')); Session::newInstance()->_setReferer(osc_item_post_url()); $this->redirectTo(osc_user_login_url()); } $countries = Country::newInstance()->listAll(); $regions = array(); if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') { $regions = Region::newInstance()->findByCountry($this->user['fk_c_country_code']); } else { if (count($countries) > 0) { $regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']); } } $cities = array(); if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') { $cities = City::newInstance()->findByRegion($this->user['fk_i_region_id']); } else { if (count($regions) > 0) { $cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']); } } $this->_exportVariableToView('countries', $countries); $this->_exportVariableToView('regions', $regions); $this->_exportVariableToView('cities', $cities); $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } if (Session::newInstance()->_getForm('countryId') != "") { $countryId = Session::newInstance()->_getForm('countryId'); $regions = Region::newInstance()->findByCountry($countryId); $this->_exportVariableToView('regions', $regions); if (Session::newInstance()->_getForm('regionId') != "") { $regionId = Session::newInstance()->_getForm('regionId'); $cities = City::newInstance()->findByRegion($regionId); $this->_exportVariableToView('cities', $cities); } } $this->_exportVariableToView('user', $this->user); osc_run_hook('post_item'); $this->doView('item-post.php'); break; case 'item_add_post': //post_item osc_csrf_check(); if (osc_reg_user_post() && $this->user == null) { osc_add_flash_warning_message(_m('Only registered users are allowed to post listings')); $this->redirectTo(osc_base_url(true)); } $mItems = new ItemActions(false); // prepare data for ADD ITEM $mItems->prepareData(true); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } if (osc_recaptcha_items_enabled() && osc_recaptcha_private_key() != '') { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_post_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } if (!osc_is_web_user_logged_in()) { $user = User::newInstance()->findByEmail($mItems->data['contactEmail']); // The user exists but it's not logged if (isset($user['pk_i_id'])) { foreach ($mItems->data as $key => $value) { Session::newInstance()->_keepForm($key); } osc_add_flash_error_message(_m('A user with that email address already exists, if it is you, please log in')); $this->redirectTo(osc_user_login_url()); } } $banned = osc_is_banned($mItems->data['contactEmail']); if ($banned == 1) { osc_add_flash_error_message(_m('Your current email is not allowed')); $this->redirectTo(osc_item_post_url()); } else { if ($banned == 2) { osc_add_flash_error_message(_m('Your current IP is not allowed')); $this->redirectTo(osc_item_post_url()); } } // POST ITEM ( ADD ITEM ) $success = $mItems->add(); if ($success != 1 && $success != 2) { osc_add_flash_error_message($success); $this->redirectTo(osc_item_post_url()); } else { if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_dropKeepForm('meta_' . $key); } } Session::newInstance()->_clearVariables(); if ($success == 1) { osc_add_flash_ok_message(_m('Check your inbox to validate your listing')); } else { osc_add_flash_ok_message(_m('Your listing has been published')); } $itemId = Params::getParam('itemId'); $category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId')); View::newInstance()->_exportVariableToView('category', $category); $this->redirectTo(osc_search_category_url()); } break; case 'item_edit': // edit item $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId); if (count($item) == 1) { $item = Item::newInstance()->findByPrimaryKey($id); $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } $this->_exportVariableToView('item', $item); osc_run_hook("before_item_edit", $item); $this->doView('item-edit.php'); } else { // add a flash message [ITEM NO EXISTE] osc_add_flash_error_message(_m("Sorry, we don't have any listings with that ID")); if ($this->user != null) { $this->redirectTo(osc_user_list_items_url()); } else { $this->redirectTo(osc_base_url()); } } break; case 'item_edit_post': osc_csrf_check(); $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId); if (count($item) == 1) { $this->_exportVariableToView('item', $item[0]); $mItems = new ItemActions(false); // prepare data for ADD ITEM $mItems->prepareData(false); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } if (osc_recaptcha_items_enabled() && osc_recaptcha_private_key() != '') { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_edit_url($secret, $id)); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $success = $mItems->edit(); if ($success == 1) { osc_add_flash_ok_message(_m("Great! We've just updated your listing")); View::newInstance()->_exportVariableToView("item", Item::newInstance()->findByPrimaryKey($id)); $this->redirectTo(osc_item_url()); } else { osc_add_flash_error_message($success); $this->redirectTo(osc_item_edit_url($secret, $id)); } } break; case 'activate': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId); // item doesn't exist if (count($item) == 0) { $this->do404(); return; } View::newInstance()->_exportVariableToView('item', $item[0]); if ($item[0]['b_active'] == 0) { // ACTIVETE ITEM $mItems = new ItemActions(false); $success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']); if ($success) { osc_add_flash_ok_message(_m('The listing has been validated')); } else { osc_add_flash_error_message(_m("The listing can't be validated")); } } else { osc_add_flash_warning_message(_m('The listing has already been validated')); } $this->redirectTo(osc_item_url()); break; case 'item_delete': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId); if (count($item) == 1) { $mItems = new ItemActions(false); $success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']); if ($success) { osc_add_flash_ok_message(_m('Your listing has been deleted')); } else { osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted")); } if ($this->user != null) { $this->redirectTo(osc_user_list_items_url()); } else { $this->redirectTo(osc_base_url()); } } else { osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted")); $this->redirectTo(osc_base_url()); } break; case 'deleteResources': // Delete images via AJAX $id = Params::getParam('id'); $item = Params::getParam('item'); $code = Params::getParam('code'); $secret = Params::getParam('secret'); if (Session::newInstance()->_get('userId') != '') { $userId = Session::newInstance()->_get('userId'); $user = User::newInstance()->findByPrimaryKey($userId); } else { $userId = null; $user = null; } if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) { osc_add_flash_error_message(_m("The selected photo couldn't be deleted, the url doesn't exist")); $this->redirectTo(osc_item_edit_url($secret, $item)); } $aItem = Item::newInstance()->findByPrimaryKey($item); if (count($aItem) == 0) { osc_add_flash_error_message(_m("The listing doesn't exist")); $this->redirectTo(osc_item_edit_url($secret, $item)); } if (!osc_is_admin_user_logged_in()) { if ($userId != null && $userId != $aItem['fk_i_user_id']) { osc_add_flash_error_message(_m("The listing doesn't belong to you")); $this->redirectTo(osc_item_edit_url($secret, $item)); } if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) { osc_add_flash_error_message(_m("The listing doesn't belong to you")); $this->redirectTo(osc_item_edit_url($secret, $item)); } } $result = ItemResource::newInstance()->existResource($id, $code); if ($result > 0) { $resource = ItemResource::newInstance()->findByPrimaryKey($id); if ($resource['fk_i_item_id'] == $item) { osc_deleteResource($id, false); Log::newInstance()->insertLog('item', 'deleteResource', $id, $id, 'user', osc_logged_user_id()); ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code)); osc_add_flash_ok_message(_m('The selected photo has been successfully deleted')); } else { osc_add_flash_error_message(_m("The selected photo does not belong to you")); } } else { osc_add_flash_error_message(_m("The selected photo couldn't be deleted")); } $this->redirectTo(osc_item_edit_url($secret, $item)); break; case 'mark': $id = Params::getParam('id'); $as = Params::getParam('as'); $item = Item::newInstance()->findByPrimaryKey($id); View::newInstance()->_exportVariableToView('item', $item); require_once osc_lib_path() . 'osclass/user-agents.php'; foreach ($user_agents as $ua) { if (preg_match('|' . $ua . '|', Params::getServerParam('HTTP_USER_AGENT'))) { // mark item if it's not a bot $mItem = new ItemActions(false); $mItem->mark($id, $as); break; } } osc_add_flash_ok_message(_m("Thanks! That's very helpful")); $this->redirectTo(osc_item_url()); break; case 'send_friend': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); $this->doView('item-send-friend.php'); break; case 'send_friend_post': osc_csrf_check(); $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail')); Session::newInstance()->_setForm("yourName", Params::getParam('yourName')); Session::newInstance()->_setForm("friendName", Params::getParam('friendName')); Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail')); Session::newInstance()->_setForm("message_body", Params::getParam('message')); if (osc_recaptcha_private_key() != '') { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_send_friend_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } osc_run_hook('pre_item_send_friend_post', $item); $mItem = new ItemActions(false); $success = $mItem->send_friend(); osc_run_hook('post_item_send_friend_post', $item); if ($success) { Session::newInstance()->_clearVariables(); $this->redirectTo(osc_item_url()); } else { $this->redirectTo(osc_item_send_friend_url()); } break; case 'contact': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); if (empty($item)) { osc_add_flash_error_message(_m("This listing doesn't exist")); $this->redirectTo(osc_base_url(true)); } else { $this->_exportVariableToView('item', $item); if (osc_item_is_expired()) { osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller")); $this->redirectTo(osc_item_url()); } if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) { $this->doView('item-contact.php'); } else { osc_add_flash_error_message(_m("You can't contact the seller, only registered users can")); $this->redirectTo(osc_item_url()); } } break; case 'contact_post': osc_csrf_check(); if (osc_reg_user_can_contact() && !osc_is_web_user_logged_in()) { osc_add_flash_warning_message(_m("You can't contact the seller, only registered users can")); $this->redirectTo(osc_base_url(true)); } $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); if (osc_recaptcha_private_key() != '') { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail')); Session::newInstance()->_setForm("yourName", Params::getParam('yourName')); Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber')); Session::newInstance()->_setForm("message_body", Params::getParam('message')); $this->redirectTo(osc_item_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $banned = osc_is_banned(Params::getParam('yourEmail')); if ($banned == 1) { osc_add_flash_error_message(_m('Your current email is not allowed')); $this->redirectTo(osc_item_url()); } else { if ($banned == 2) { osc_add_flash_error_message(_m('Your current IP is not allowed')); $this->redirectTo(osc_item_url()); } } if (osc_isExpired($item['dt_expiration'])) { osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller")); $this->redirectTo(osc_item_url()); } osc_run_hook('pre_item_contact_post', $item); $mItem = new ItemActions(false); $result = $mItem->contact(); osc_run_hook('post_item_contact_post', $item); if (is_string($result)) { osc_add_flash_error_message($result); } else { osc_add_flash_ok_message(_m("We've just sent an e-mail to the seller")); } $this->redirectTo(osc_item_url()); break; case 'add_comment': osc_csrf_check(); $mItem = new ItemActions(false); $status = $mItem->add_comment(); switch ($status) { case -1: $msg = _m('Sorry, we could not save your comment. Try again later'); osc_add_flash_error_message($msg); break; case 1: $msg = _m('Your comment is awaiting moderation'); osc_add_flash_info_message($msg); break; case 2: $msg = _m('Your comment has been approved'); osc_add_flash_ok_message($msg); break; case 3: $msg = _m('Please fill the required field (email)'); osc_add_flash_warning_message($msg); break; case 4: $msg = _m('Please type a comment'); osc_add_flash_warning_message($msg); break; case 5: $msg = _m('Your comment has been marked as spam'); osc_add_flash_error_message($msg); break; case 6: $msg = _m('You need to be logged to comment'); osc_add_flash_error_message($msg); break; case 7: $msg = _m('Sorry, comments are disabled'); osc_add_flash_error_message($msg); break; } //View::newInstance()->_exportVariableToView('item', Item::newInstance()->findByPrimaryKey(Params::getParam('id'))); $this->redirectTo(osc_item_url()); break; case 'delete_comment': osc_csrf_check(); $mItem = new ItemActions(false); $status = $mItem->add_comment(); // @TOFIX @FIXME $status never used + ?? need to add_comment() before deleting it?? $itemId = Params::getParam('id'); $commentId = Params::getParam('comment'); $item = Item::newInstance()->findByPrimaryKey($itemId); if (count($item) == 0) { osc_add_flash_error_message(_m("This listing doesn't exist")); $this->redirectTo(osc_base_url(true)); } View::newInstance()->_exportVariableToView('item', $item); if ($this->userId == null) { osc_add_flash_error_message(_m('You must be logged in to delete a comment')); $this->redirectTo(osc_item_url()); } $commentManager = ItemComment::newInstance(); $aComment = $commentManager->findByPrimaryKey($commentId); if (count($aComment) == 0) { osc_add_flash_error_message(_m("The comment doesn't exist")); $this->redirectTo(osc_item_url()); } if ($aComment['b_active'] != 1) { osc_add_flash_error_message(_m('The comment is not active, you cannot delete it')); $this->redirectTo(osc_item_url()); } if ($aComment['fk_i_user_id'] != $this->userId) { osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it')); $this->redirectTo(osc_item_url()); } $commentManager->deleteByPrimaryKey($commentId); osc_add_flash_ok_message(_m('The comment has been deleted')); $this->redirectTo(osc_item_url()); break; default: // if there isn't ID, show an error 404 if (Params::getParam('id') == '') { $this->do404(); return; } if (Params::getParam('lang') != '') { Session::newInstance()->_set('userLocale', Params::getParam('lang')); } $item = osc_apply_filter('pre_show_item', $this->itemManager->findByPrimaryKey(Params::getParam('id'))); // if item doesn't exist show an error 410 if (count($item) == 0) { $this->do410(); return; } if ($item['b_active'] != 1) { if ($this->userId == $item['fk_i_user_id'] && $this->userId != '' || osc_is_admin_user_logged_in()) { osc_add_flash_warning_message(_m("The listing hasn't been validated. Please validate it in order to make it public")); } else { $this->do400(); return; } } else { if ($item['b_enabled'] == 0) { if (osc_is_admin_user_logged_in()) { osc_add_flash_warning_message(_m("The listing hasn't been enabled. Please enable it in order to make it public")); } else { if (osc_is_web_user_logged_in() && osc_logged_user_id() == $item['fk_i_user_id']) { osc_add_flash_warning_message(_m("The listing has been blocked or is awaiting moderation from the admin")); } else { $this->do400(); return; } } } } if (!osc_is_admin_user_logged_in() && !($item['fk_i_user_id'] != '' && $item['fk_i_user_id'] == osc_logged_user_id())) { require_once osc_lib_path() . 'osclass/user-agents.php'; foreach ($user_agents as $ua) { if (preg_match('|' . $ua . '|', Params::getServerParam('HTTP_USER_AGENT'))) { $mStats = new ItemStats(); $mStats->increase('i_num_views', $item['pk_i_id']); break; } } } foreach ($item['locale'] as $k => $v) { $item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']); $item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description'])); } if ($item['fk_i_user_id'] != '') { $user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']); $this->_exportVariableToView('user', $user); } $this->_exportVariableToView('item', $item); osc_run_hook('show_item', $item); // redirect to the correct url just in case it has changed $itemURI = str_replace(osc_base_url(), '', osc_item_url()); $URI = preg_replace('|^' . REL_WEB_URL . '|', '', Params::getServerParam('REQUEST_URI', false, false)); // do not clean QUERY_STRING if permalink is not enabled if (osc_rewrite_enabled()) { $URI = str_replace('?' . Params::getServerParam('QUERY_STRING', false, false), '', $URI); } else { $params_keep = array('page', 'id'); $params = array(); foreach (Params::getParamsAsArray('get') as $k => $v) { if (in_array($k, $params_keep)) { $params[] = "{$k}={$v}"; } } $URI = 'index.php?' . implode('&', $params); } // redirect to the correct url if ($itemURI != $URI) { $this->redirectTo(osc_base_url() . $itemURI, 301); } $this->doView('item.php'); break; } }
function doModel() { parent::doModel(); if (osc_is_moderator() && ($this->action == 'settings' || $this->action == 'settings_post')) { osc_add_flash_error_message(_m("You don't have enough permissions"), "admin"); $this->redirectTo(osc_admin_base_url()); } //specific things for this class switch ($this->action) { case 'bulk_actions': osc_csrf_check(); $mItems = new ItemActions(true); switch (Params::getParam('bulk_actions')) { case 'enable_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->enable($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been enabled', '%d listings have been enabled', $numSuccess), $numSuccess), 'admin'); } break; case 'disable_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->disable((int) $_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been disabled', '%d listings have been disabled', $numSuccess), $numSuccess), 'admin'); } break; case 'activate_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->activate($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been activated', '%d listings have been activated', $numSuccess), $numSuccess), 'admin'); } break; case 'deactivate_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->deactivate($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_m('%d listing has been deactivated', '%d listings have been deactivated', $numSuccess), $numSuccess), 'admin'); } break; case 'premium_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->premium($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been marked as premium', '%d listings have been marked as premium', $numSuccess), $numSuccess), 'admin'); } break; case 'depremium_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->premium($_id, false)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin'); } break; case 'spam_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->spam($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been marked as spam', '%d listings have been marked as spam', $numSuccess), $numSuccess), 'admin'); } break; case 'despam_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->spam($_id, false)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin'); } break; case 'delete_all': $id = Params::getParam('id'); $success = false; if ($id) { $numSuccess = 0; foreach ($id as $i) { if ($i) { $item = $this->itemManager->findByPrimaryKey($i); $success = $mItems->delete($item['s_secret'], $item['pk_i_id']); if ($success) { $numSuccess++; } } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been deleted', '%d listings have been deleted', $numSuccess), $numSuccess), 'admin'); } break; case 'clear_spam_all': $id = Params::getParam('id'); $success = false; if ($id) { $numSuccess = 0; foreach ($id as $i) { if ($i) { $success = $this->itemManager->clearStat($i, 'spam'); if ($success) { $numSuccess++; } } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as spam', '%d listings have been unmarked as spam', $numSuccess), $numSuccess), 'admin'); } break; case 'clear_bad_all': $id = Params::getParam('id'); $success = false; if ($id) { $numSuccess = 0; foreach ($id as $i) { if ($i) { $success = $this->itemManager->clearStat($i, 'bad'); if ($success) { $numSuccess++; } } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as missclassified', '%d listings have been unmarked as missclassified', $numSuccess), $numSuccess), 'admin'); } break; case 'clear_dupl_all': $id = Params::getParam('id'); $success = false; if ($id) { $numSuccess = 0; foreach ($id as $i) { if ($i) { $success = $this->itemManager->clearStat($i, 'duplicated'); if ($success) { $numSuccess++; } } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as duplicated', '%d listings have been unmarked as duplicated', $numSuccess), $numSuccess), 'admin'); } break; case 'clear_expi_all': $id = Params::getParam('id'); $success = false; if ($id) { $numSuccess = 0; foreach ($id as $i) { if ($i) { $success = $this->itemManager->clearStat($i, 'expired'); if ($success) { $numSuccess++; } } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as expired', '%d listings have been unmarked as expired', $numSuccess), $numSuccess), 'admin'); } break; case 'clear_offe_all': $id = Params::getParam('id'); $success = false; if ($id) { $numSuccess = 0; foreach ($id as $i) { if ($i) { $success = $this->itemManager->clearStat($i, 'offensive'); if ($success) { $numSuccess++; } } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as offensive', '%d listings have been unmarked as offensive', $numSuccess), $numSuccess), 'admin'); } break; case 'clear_all': $id = Params::getParam('id'); $success = false; if ($id) { $numSuccess = 0; foreach ($id as $i) { if ($i) { $success = $this->itemManager->clearStat($i, 'all'); if ($success) { $numSuccess++; } } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked', '%d listings have been unmarked', $numSuccess), $numSuccess), 'admin'); } break; default: if (Params::getParam("bulk_actions") != "") { osc_run_hook("item_bulk_" . Params::getParam("bulk_actions"), Params::getParam('id')); } break; } $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'delete': //delete osc_csrf_check(); $id = Params::getParam('id'); $success = false; foreach ($id as $i) { if ($i) { $aItem = $this->itemManager->findByPrimaryKey($i); $mItems = new ItemActions(true); $success = $mItems->delete($aItem['s_secret'], $aItem['pk_i_id']); } } if ($success) { osc_add_flash_ok_message(_m('The listing has been deleted'), 'admin'); } else { osc_add_flash_error_message(_m("The listing couldn't be deleted"), 'admin'); } $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'status': //status osc_csrf_check(); $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) { return false; } $item = $this->itemManager->findByPrimaryKey($id); $mItems = new ItemActions(true); switch ($value) { case 'ACTIVE': $success = $mItems->activate($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The listing has been activated'), 'admin'); } else { if (!$success) { osc_add_flash_error_message(_m('An error has occurred'), 'admin'); } else { osc_add_flash_error_message(_m("The listing can't be activated because it's blocked"), 'admin'); } } break; case 'INACTIVE': $success = $mItems->deactivate($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The listing has been deactivated'), 'admin'); } else { osc_add_flash_error_message(_m('An error has occurred'), 'admin'); } break; case 'ENABLE': $success = $mItems->enable($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The listing has been enabled'), 'admin'); } else { osc_add_flash_error_message(_m('An error has occurred'), 'admin'); } break; case 'DISABLE': $success = $mItems->disable($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The listing has been disabled'), 'admin'); } else { osc_add_flash_error_message(_m('An error has occurred'), 'admin'); } break; } $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'status_premium': //status premium osc_csrf_check(); $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array(0, 1))) { return false; } $mItems = new ItemActions(true); if ($mItems->premium($id, $value == 1 ? true : false)) { osc_add_flash_ok_message(_m('Changes have been applied'), 'admin'); } else { osc_add_flash_error_message(_m('An error has occurred'), 'admin'); } $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'status_spam': //status spam osc_csrf_check(); $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array(0, 1))) { return false; } $mItems = new ItemActions(true); if ($mItems->spam($id, $value == 1 ? true : false)) { osc_add_flash_ok_message(_m('Changes have been applied'), 'admin'); } else { osc_add_flash_error_message(_m('An error has occurred'), 'admin'); } $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'clear_stat': osc_csrf_check(); $id = Params::getParam('id'); $stat = Params::getParam('stat'); if (!$id) { return false; } if (!$stat) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } $success = $this->itemManager->clearStat($id, $stat); if ($success) { osc_add_flash_ok_message(_m('The listing has been unmarked as') . " {$stat}", 'admin'); } else { osc_add_flash_error_message(_m("The listing hasn't been unmarked as") . " {$stat}", 'admin'); } $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'item_edit': // edit item $id = Params::getParam('id'); $item = Item::newInstance()->findByPrimaryKey($id); if (count($item) <= 0) { $this->redirectTo(osc_admin_base_url(true) . "?page=items"); } $csrf_token = osc_csrf_token_url(); if ($item['b_active']) { $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=INACTIVE">' . __('Deactivate') . '</a>'; } else { $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=ACTIVE">' . __('Activate') . '</a>'; } if ($item['b_enabled']) { $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=DISABLE">' . __('Block') . '</a>'; } else { $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=ENABLE">' . __('Unblock') . '</a>'; } if ($item['b_premium']) { $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=0">' . __('Unmark as premium') . '</a>'; } else { $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=1">' . __('Mark as premium') . '</a>'; } if ($item['b_spam']) { $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=0">' . __('Unmark as spam') . '</a>'; } else { $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=1">' . __('Mark as spam') . '</a>'; } $this->_exportVariableToView("actions", $actions); $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } // save referer if belongs to manage items // redirect only if ManageItems or ReportedListngs if (isset($_SERVER['HTTP_REFERER'])) { $referer = $_SERVER['HTTP_REFERER']; if (preg_match('/page=items/', $referer)) { if (preg_match("/action=([\\p{L}|_|-]+)/u", $referer, $matches)) { if ($matches[1] == 'items_reported') { Session::newInstance()->_set('osc_admin_referer', $referer); } } else { // no actions - Manage Listings Session::newInstance()->_set('osc_admin_referer', $referer); } } } $this->_exportVariableToView("item", $item); $this->_exportVariableToView("new_item", FALSE); osc_run_hook("before_item_edit", $item); $this->doView('items/frm.php'); break; case 'item_edit_post': osc_csrf_check(); $mItems = new ItemActions(true); $mItems->prepareData(false); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } $success = $mItems->edit(); if ($success == 1) { osc_add_flash_ok_message(_m('Changes saved correctly'), 'admin'); $url = osc_admin_base_url(true) . "?page=items"; // if Referer is saved that means referer is ManageListings or ReportListings if (Session::newInstance()->_get('osc_admin_referer') != '') { $url = Session::newInstance()->_get('osc_admin_referer'); } Session::newInstance()->_clearVariables(); $this->redirectTo($url); } else { osc_add_flash_error_message($success, 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items&action=item_edit&id=" . Params::getParam('id')); } break; case 'deleteResource': //delete resource osc_csrf_check(); $id = Params::getParam('id'); $name = Params::getParam('name'); $fkid = Params::getParam('fkid'); // delete files osc_deleteResource($id, true); Log::newInstance()->insertLog('items', 'deleteResource', $id, $id, 'admin', osc_logged_admin_id()); $result = ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name)); if ($result === false) { osc_add_flash_error_message(_m('An error has occurred'), 'admin'); } else { osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'post': // add item $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } $this->_exportVariableToView("new_item", TRUE); osc_run_hook('post_item'); $this->doView('items/frm.php'); break; case 'post_item': //post item osc_csrf_check(); $mItem = new ItemActions(true); $mItem->prepareData(true); // set all parameters into session foreach ($mItem->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } $success = $mItem->add(); if ($success == 1 || $success == 2) { $url = osc_admin_base_url(true) . "?page=items"; // if Referer is saved that means referer is ManageListings or ReportListings if (Session::newInstance()->_get('osc_admin_referer') != '') { Session::newInstance()->_drop('osc_admin_referer'); $url = Session::newInstance()->_get('osc_admin_referer'); } Session::newInstance()->_clearVariables(); osc_add_flash_ok_message(_m('A new listing has been added'), 'admin'); $this->redirectTo($url); } else { osc_add_flash_error_message($success, 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items&action=post"); } break; case 'settings': // calling the items settings view $this->doView('items/settings.php'); break; case 'settings_post': // update item settings osc_csrf_check(); $iUpdated = 0; $enabledRecaptchaItems = Params::getParam('enabled_recaptcha_items'); $enabledRecaptchaItems = $enabledRecaptchaItems == '1' ? true : false; $moderateItems = Params::getParam('moderate_items'); $moderateItems = $moderateItems != '' ? true : false; $numModerateItems = Params::getParam('num_moderate_items'); $itemsWaitTime = Params::getParam('items_wait_time'); $loggedUserItemValidation = Params::getParam('logged_user_item_validation'); $loggedUserItemValidation = $loggedUserItemValidation != '' ? true : false; $regUserPost = Params::getParam('reg_user_post'); $regUserPost = $regUserPost != '' ? true : false; $notifyNewItem = Params::getParam('notify_new_item'); $notifyNewItem = $notifyNewItem != '' ? true : false; $notifyContactItem = Params::getParam('notify_contact_item'); $notifyContactItem = $notifyContactItem != '' ? true : false; $notifyContactFriends = Params::getParam('notify_contact_friends'); $notifyContactFriends = $notifyContactFriends != '' ? true : false; $enabledFieldPriceItems = Params::getParam('enableField#f_price@items'); $enabledFieldPriceItems = $enabledFieldPriceItems != '' ? true : false; $enabledFieldImagesItems = Params::getParam('enableField#images@items'); $enabledFieldImagesItems = $enabledFieldImagesItems != '' ? true : false; $numImagesItems = Params::getParam('numImages@items'); if ($numImagesItems == '') { $numImagesItems = 0; } $regUserCanContact = Params::getParam('reg_user_can_contact'); $regUserCanContact = $regUserCanContact != '' ? true : false; $contactItemAttachment = Params::getParam('item_attachment'); $contactItemAttachment = $contactItemAttachment != '' ? true : false; $msg = ''; if (!osc_validate_int(Params::getParam("items_wait_time"))) { $msg .= _m("Wait time must only contain numeric characters") . "<br/>"; } if (Params::getParam("num_moderate_items") != '' && !osc_validate_int(Params::getParam("num_moderate_items"))) { $msg .= _m("Number of moderated listings must only contain numeric characters") . "<br/>"; } if (!osc_validate_int($numImagesItems)) { $msg .= _m("Images per listing must only contain numeric characters") . "<br/>"; } if ($msg != '') { osc_add_flash_error_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings'); } $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledRecaptchaItems), array('s_name' => 'enabled_recaptcha_items')); if ($moderateItems) { $iUpdated += Preference::newInstance()->update(array('s_value' => $numModerateItems), array('s_name' => 'moderate_items')); } else { $iUpdated += Preference::newInstance()->update(array('s_value' => '-1'), array('s_name' => 'moderate_items')); } $iUpdated += Preference::newInstance()->update(array('s_value' => $loggedUserItemValidation), array('s_name' => 'logged_user_item_validation')); $iUpdated += Preference::newInstance()->update(array('s_value' => $regUserPost), array('s_name' => 'reg_user_post')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyNewItem), array('s_name' => 'notify_new_item')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactItem), array('s_name' => 'notify_contact_item')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactFriends), array('s_name' => 'notify_contact_friends')); $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldPriceItems), array('s_name' => 'enableField#f_price@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldImagesItems), array('s_name' => 'enableField#images@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $itemsWaitTime), array('s_name' => 'items_wait_time')); $iUpdated += Preference::newInstance()->update(array('s_value' => $numImagesItems), array('s_name' => 'numImages@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $regUserCanContact), array('s_name' => 'reg_user_can_contact')); $iUpdated += Preference::newInstance()->update(array('s_value' => $contactItemAttachment), array('s_name' => 'item_attachment')); if ($iUpdated > 0) { osc_add_flash_ok_message(_m("Listings' settings have been updated"), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings'); break; case 'items_reported': require_once osc_lib_path() . "osclass/classes/datatables/ItemsDataTable.php"; // set default iDisplayLength if (Params::getParam('iDisplayLength') != '') { Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength')); Cookie::newInstance()->set(); } else { // set a default value if it's set in the cookie if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') { Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength')); } else { Params::setParam('iDisplayLength', 10); } } $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength')); // Table header order by related if (Params::getParam('sort') == '') { Params::setParam('sort', 'date'); } if (Params::getParam('direction') == '') { Params::setParam('direction', 'desc'); } $page = (int) Params::getParam('iPage'); if ($page == 0) { $page = 1; } Params::setParam('iPage', $page); $params = Params::getParamsAsArray("get"); $itemsDataTable = new ItemsDataTable(); $itemsDataTable->tableReported($params); $aData = $itemsDataTable->getData(); if (count($aData['aRows']) == 0 && $page != 1) { $total = (int) $aData['iTotalDisplayRecords']; $maxPage = ceil($total / (int) $aData['iDisplayLength']); $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING']; if ($maxPage == 0) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url); $this->redirectTo($url); } if ($page > 1) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url); $this->redirectTo($url); } } $this->_exportVariableToView('aData', $aData); $this->_exportVariableToView('aRawRows', $itemsDataTable->rawRows()); //calling the view... $this->doView('items/reported.php'); break; default: // default require_once osc_lib_path() . "osclass/classes/datatables/ItemsDataTable.php"; // set default iDisplayLength if (Params::getParam('iDisplayLength') != '') { Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength')); Cookie::newInstance()->set(); } else { // set a default value if it's set in the cookie if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') { Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength')); } else { Params::setParam('iDisplayLength', 10); } } $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength')); // Table header order by related if (Params::getParam('sort') == '') { Params::setParam('sort', 'date'); } if (Params::getParam('direction') == '') { Params::setParam('direction', 'desc'); } $page = (int) Params::getParam('iPage'); if ($page == 0) { $page = 1; } Params::setParam('iPage', $page); $params = Params::getParamsAsArray("get"); $itemsDataTable = new ItemsDataTable(); $itemsDataTable->table($params); $aData = $itemsDataTable->getData(); if (count($aData['aRows']) == 0 && $page != 1) { $total = (int) $aData['iTotalDisplayRecords']; $maxPage = ceil($total / (int) $aData['iDisplayLength']); $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING']; if ($maxPage == 0) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url); $this->redirectTo($url); } if ($page > 1) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url); $this->redirectTo($url); } } $this->_exportVariableToView('aData', $aData); $this->_exportVariableToView('withFilters', $itemsDataTable->withFilters()); $this->_exportVariableToView('aRawRows', $itemsDataTable->rawRows()); $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Delete'))), 'label' => __('Delete')), array('value' => 'activate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Activate'))), 'label' => __('Activate')), array('value' => 'deactivate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Deactivate'))), 'label' => __('Deactivate')), array('value' => 'disable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Block'))), 'label' => __('Block')), array('value' => 'enable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unblock'))), 'label' => __('Unblock')), array('value' => 'premium_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Mark as premium'))), 'label' => __('Mark as premium')), array('value' => 'depremium_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unmark as premium'))), 'label' => __('Unmark as premium')), array('value' => 'spam_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Mark as spam'))), 'label' => __('Mark as spam')), array('value' => 'despam_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unmark as spam'))), 'label' => __('Unmark as spam'))); $bulk_options = osc_apply_filter("item_bulk_filter", $bulk_options); $this->_exportVariableToView('bulk_options', $bulk_options); //calling the view... $this->doView('items/index.php'); } }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'bulk_actions': osc_csrf_check(); switch (Params::getParam('bulk_actions')) { case 'delete': $ids = Params::getParam("id"); if (is_array($ids)) { foreach ($ids as $id) { osc_deleteResource($id, true); } $log_ids = substr(implode(",", $ids), 0, 250); Log::newInstance()->insertLog('media', 'delete bulk', $log_ids, $log_ids, 'admin', osc_logged_admin_id()); $this->resourcesManager->deleteResourcesIds($ids); } osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); break; default: if (Params::getParam("bulk_actions") != "") { osc_run_hook("media_bulk_" . Params::getParam("bulk_actions"), Params::getParam('id')); } break; } $this->redirectTo(osc_admin_base_url(true) . '?page=media'); break; case 'delete': osc_csrf_check(); $ids = Params::getParam('id'); if (is_array($ids)) { foreach ($ids as $id) { osc_deleteResource($id, true); } $log_ids = substr(implode(",", $ids), 0, 250); Log::newInstance()->insertLog('media', 'delete', $log_ids, $log_ids, 'admin', osc_logged_admin_id()); $this->resourcesManager->deleteResourcesIds($ids); } osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=media'); break; default: require_once osc_lib_path() . "osclass/classes/datatables/MediaDataTable.php"; // set default iDisplayLength if (Params::getParam('iDisplayLength') != '') { Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength')); Cookie::newInstance()->set(); } else { // set a default value if it's set in the cookie if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') { Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength')); } else { Params::setParam('iDisplayLength', 10); } } $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength')); // Table header order by related if (Params::getParam('sort') == '') { Params::setParam('sort', 'date'); } if (Params::getParam('direction') == '') { Params::setParam('direction', 'desc'); } $page = (int) Params::getParam('iPage'); if ($page == 0) { $page = 1; } Params::setParam('iPage', $page); $params = Params::getParamsAsArray(); $mediaDataTable = new MediaDataTable(); $mediaDataTable->table($params); $aData = $mediaDataTable->getData(); if (count($aData['aRows']) == 0 && $page != 1) { $total = (int) $aData['iTotalDisplayRecords']; $maxPage = ceil($total / (int) $aData['iDisplayLength']); $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false); if ($maxPage == 0) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url); $this->redirectTo($url); } if ($page > 1) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url); $this->redirectTo($url); } } $this->_exportVariableToView('aData', $aData); $this->_exportVariableToView('aRawRows', $mediaDataTable->rawRows()); $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected media files?'), strtolower(__('Delete'))), 'label' => __('Delete'))); $bulk_options = osc_apply_filter("media_bulk_filter", $bulk_options); $this->_exportVariableToView('bulk_options', $bulk_options); $this->doView('media/index.php'); break; } }
public function disable($user_id) { $user = $this->manager->findByPrimaryKey($user_id); if( !$user ) { return false; } $this->manager->update( array('b_enabled' => 0), array('pk_i_id' => $user_id) ); Log::newInstance()->insertLog('user', 'disable', $user_id, $user['s_email'], $this->is_admin ? 'admin' : 'user', $this->is_admin ? osc_logged_admin_id() : osc_logged_user_id()); if( $user['b_active'] == 1 ) { $mItem = new ItemActions(true); $items = Item::newInstance()->findByUserID($user_id); foreach($items as $item) { $mItem->disable($item['pk_i_id']); } } osc_run_hook('disable_user', $user); return true; }
function doModel() { //specific things for this class switch ($this->action) { case 'bulk_actions': break; case 'regions': //Return regions given a countryId $regions = Region::newInstance()->findByCountry(Params::getParam("countryId")); echo json_encode($regions); break; case 'cities': //Returns cities given a regionId $cities = City::newInstance()->findByRegion(Params::getParam("regionId")); echo json_encode($cities); break; case 'location': // This is the autocomplete AJAX $cities = City::newInstance()->ajax(Params::getParam("term")); foreach ($cities as $k => $city) { $cities[$k]['label'] = $city['label'] . " (" . $city['region'] . ")"; } echo json_encode($cities); break; case 'location_countries': // This is the autocomplete AJAX $countries = Country::newInstance()->ajax(Params::getParam("term")); echo json_encode($countries); break; case 'location_regions': // This is the autocomplete AJAX $regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country")); echo json_encode($regions); break; case 'location_cities': // This is the autocomplete AJAX $cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region")); echo json_encode($cities); break; case 'delete_image': // Delete images via AJAX $ajax_photo = Params::getParam('ajax_photo'); $id = Params::getParam('id'); $item = Params::getParam('item'); $code = Params::getParam('code'); $secret = Params::getParam('secret'); $json = array(); if ($ajax_photo != '') { $files = Session::newInstance()->_get('ajax_files'); $success = false; foreach ($files as $uuid => $file) { if ($file == $ajax_photo) { $filename = $files[$uuid]; unset($files[$uuid]); Session::newInstance()->_set('ajax_files', $files); $success = @unlink(osc_content_path() . 'uploads/temp/' . $filename); break; } } echo json_encode(array('success' => $success, 'msg' => $success ? _m('The selected photo has been successfully deleted') : _m("The selected photo couldn't be deleted"))); return false; } if (Session::newInstance()->_get('userId') != '') { $userId = Session::newInstance()->_get('userId'); $user = User::newInstance()->findByPrimaryKey($userId); } else { $userId = null; $user = null; } // Check for required fields if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) { $json['success'] = false; $json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist"); echo json_encode($json); return false; } $aItem = Item::newInstance()->findByPrimaryKey($item); // Check if the item exists if (count($aItem) == 0) { $json['success'] = false; $json['msg'] = _m("The listing doesn't exist"); echo json_encode($json); return false; } if (!osc_is_admin_user_logged_in()) { // Check if the item belong to the user if ($userId != null && $userId != $aItem['fk_i_user_id']) { $json['success'] = false; $json['msg'] = _m("The listing doesn't belong to you"); echo json_encode($json); return false; } // Check if the secret passphrase match with the item if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) { $json['success'] = false; $json['msg'] = _m("The listing doesn't belong to you"); echo json_encode($json); return false; } } // Does id & code combination exist? $result = ItemResource::newInstance()->existResource($id, $code); if ($result > 0) { $resource = ItemResource::newInstance()->findByPrimaryKey($id); if ($resource['fk_i_item_id'] == $item) { // Delete: file, db table entry if (defined(OC_ADMIN)) { osc_deleteResource($id, true); Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'admin', osc_logged_admin_id()); } else { osc_deleteResource($id, false); Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'user', osc_logged_user_id()); } ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code)); $json['msg'] = _m('The selected photo has been successfully deleted'); $json['success'] = 'true'; } else { $json['msg'] = _m("The selected photo does not belong to you"); $json['success'] = 'false'; } } else { $json['msg'] = _m("The selected photo couldn't be deleted"); $json['success'] = 'false'; } echo json_encode($json); return true; break; case 'alerts': // Allow to register to an alert given (not sure it's used on admin) $encoded_alert = Params::getParam("alert"); $alert = osc_decrypt_alert(base64_decode($encoded_alert)); // check alert integrity / signature $stringToSign = osc_get_alert_public_key() . $encoded_alert; $signature = hex2b64(hmacsha1(osc_get_alert_private_key(), $stringToSign)); $server_signature = Session::newInstance()->_get('alert_signature'); if ($server_signature != $signature) { echo '-2'; return false; } $email = Params::getParam("email"); $userid = Params::getParam("userid"); if (osc_is_web_user_logged_in()) { $userid = osc_logged_user_id(); $user = User::newInstance()->findByPrimaryKey($userid); $email = $user['s_email']; } if ($alert != '' && $email != '') { if (osc_validate_email($email)) { $secret = osc_genRandomPassword(); if ($alertID = Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) { if ((int) $userid > 0) { $user = User::newInstance()->findByPrimaryKey($userid); if ($user['b_active'] == 1 && $user['b_enabled'] == 1) { Alerts::newInstance()->activate($alertID); echo '1'; return true; } else { echo '-1'; return false; } } else { $aAlert = Alerts::newInstance()->findByPrimaryKey($alertID); osc_run_hook('hook_email_alert_validation', $aAlert, $email, $secret); } echo "1"; } else { echo "0"; } return true; } else { echo '-1'; return false; } } echo '0'; return false; break; case 'runhook': // run hooks $hook = Params::getParam('hook'); if ($hook == '') { echo json_encode(array('error' => 'hook parameter not defined')); break; } switch ($hook) { case 'item_form': osc_run_hook('item_form', Params::getParam('catId')); break; case 'item_edit': $catId = Params::getParam("catId"); $itemId = Params::getParam("itemId"); osc_run_hook("item_edit", $catId, $itemId); break; default: osc_run_hook('ajax_' . $hook); break; } break; case 'custom': // Execute via AJAX custom file if (Params::existParam('route')) { $routes = Rewrite::newInstance()->getRoutes(); $rid = Params::getParam('route'); $file = '../'; if (isset($routes[$rid]) && isset($routes[$rid]['file'])) { $file = $routes[$rid]['file']; } } else { // DEPRECATED: Disclosed path in URL is deprecated, use routes instead // This will be REMOVED in 3.4 $file = Params::getParam('ajaxfile'); } if ($file == '') { echo json_encode(array('error' => 'no action defined')); break; } // valid file? if (strpos($file, '../') !== false || strpos($file, '..\\') !== false || stripos($file, '/admin/') !== false) { //If the file is inside an "admin" folder, it should NOT be opened in frontend echo json_encode(array('error' => 'no valid ajaxFile')); break; } if (!file_exists(osc_plugins_path() . $file)) { echo json_encode(array('error' => "ajaxFile doesn't exist")); break; } require_once osc_plugins_path() . $file; break; case 'check_username_availability': $username = osc_sanitize_username(Params::getParam('s_username')); if (!osc_is_username_blacklisted($username)) { $user = User::newInstance()->findByUsername($username); if (isset($user['s_username'])) { echo json_encode(array('exists' => 1, 's_username' => $username)); } else { echo json_encode(array('exists' => 0, 's_username' => $username)); } } else { echo json_encode(array('exists' => 1, 's_username' => $username)); } break; case 'ajax_upload': // Include the uploader class require_once LIB_PATH . "AjaxUploader.php"; $uploader = new AjaxUploader(); $original = pathinfo($uploader->getOriginalName()); $filename = uniqid("qqfile_") . "." . $original['extension']; $result = $uploader->handleUpload(osc_content_path() . 'uploads/temp/' . $filename); $result['uploadName'] = $filename; echo htmlspecialchars(json_encode($result), ENT_NOQUOTES); break; case 'ajax_validate': $id = Params::getParam('id'); if (!is_numeric($id)) { echo json_encode(array('success' => false)); die; } $secret = Params::getParam('secret'); $item = Item::newInstance()->findByPrimaryKey($id); if ($item['s_secret'] != $secret) { echo json_encode(array('success' => false)); die; } $nResources = ItemResource::newInstance()->countResources($id); $result = array('success' => $nResources < osc_max_images_per_item(), 'count' => $nResources); echo json_encode($result); break; case 'delete_ajax_upload': $files = Session::newInstance()->_get('ajax_files'); $success = false; $filename = ''; if (isset($files[Params::getParam('qquuid')]) && $files[Params::getParam('qquuid')] != '') { $filename = $files[Params::getParam('qquuid')]; unset($files[Params::getParam('qquuid')]); Session::newInstance()->_set('ajax_files', $files); $success = @unlink(osc_content_path() . 'uploads/temp/' . $filename); } echo json_encode(array('success' => $success, 'uploadName' => $filename)); break; default: echo json_encode(array('error' => __('no action defined'))); break; } // clear all keep variables into session Session::newInstance()->_dropKeepForm(); Session::newInstance()->_clearVariables(); }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'create': // calling create view $aRegions = array(); $aCities = array(); $aCountries = Country::newInstance()->listAll(); if (isset($aCountries[0]['pk_c_code'])) { $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']); } if (isset($aRegions[0]['pk_i_id'])) { $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']); } $this->_exportVariableToView('user', null); $this->_exportVariableToView('countries', $aCountries); $this->_exportVariableToView('regions', $aRegions); $this->_exportVariableToView('cities', $aCities); $this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled()); $this->doView("users/frm.php"); break; case 'create_post': // creating the user... osc_csrf_check(); require_once LIB_PATH . 'osclass/UserActions.php'; $userActions = new UserActions(true); $success = $userActions->add(); switch ($success) { case 1: osc_add_flash_ok_message(_m("The user has been created. We've sent an activation e-mail"), 'admin'); break; case 2: osc_add_flash_ok_message(_m('The user has been created successfully'), 'admin'); break; default: osc_add_flash_error_message($success, 'admin'); break; } $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'edit': // calling the edit view $aUser = $this->userManager->findByPrimaryKey(Params::getParam("id")); $aCountries = Country::newInstance()->listAll(); $aRegions = array(); if ($aUser['fk_c_country_code'] != '') { $aRegions = Region::newInstance()->findByCountry($aUser['fk_c_country_code']); } else { if (count($aCountries) > 0) { $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']); } } $aCities = array(); if ($aUser['fk_i_region_id'] != '') { $aCities = City::newInstance()->findByRegion($aUser['fk_i_region_id']); } else { if (count($aRegions) > 0) { $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']); } } $csrf_token = osc_csrf_token_url(); if ($aUser['b_active']) { $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=users&action=deactivate&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=INACTIVE">' . __('Deactivate') . '</a>'; } else { $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=users&action=activate&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=ACTIVE">' . __('Activate') . '</a>'; } if ($aUser['b_enabled']) { $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=users&action=disable&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=DISABLE">' . __('Block') . '</a>'; } else { $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=users&action=enable&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=ENABLE">' . __('Unblock') . '</a>'; } $this->_exportVariableToView("actions", $actions); $this->_exportVariableToView("user", $aUser); $this->_exportVariableToView("countries", $aCountries); $this->_exportVariableToView("regions", $aRegions); $this->_exportVariableToView("cities", $aCities); $this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled()); $this->doView("users/frm.php"); break; case 'edit_post': // edit post osc_csrf_check(); require_once LIB_PATH . 'osclass/UserActions.php'; $userActions = new UserActions(true); $success = $userActions->edit(Params::getParam("id")); if ($success == 1) { osc_add_flash_ok_message(_m('The user has been updated'), 'admin'); } else { if ($success == 2) { osc_add_flash_ok_message(_m('The user has been updated and activated'), 'admin'); } else { osc_add_flash_error_message($success); $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('id')); } } $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'resend_activation': //activate osc_csrf_check(); require_once LIB_PATH . 'osclass/UserActions.php'; $iUpdated = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); } $userActions = new UserActions(true); foreach ($userId as $id) { $iUpdated += $userActions->resend_activation($id); } if ($iUpdated == 0) { osc_add_flash_error_message(_m('No users have been selected'), 'admin'); } else { osc_add_flash_ok_message(sprintf(_mn('Activation email sent to one user', 'Activation email sent to %s users', $iUpdated), $iUpdated), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'activate': //activate osc_csrf_check(); require_once LIB_PATH . 'osclass/UserActions.php'; $iUpdated = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); } $userActions = new UserActions(true); foreach ($userId as $id) { $iUpdated += $userActions->activate($id); } if ($iUpdated == 0) { $msg = _m('No users have been activated'); } else { $msg = sprintf(_mn('One user has been activated', '%s users have been activated', $iUpdated), $iUpdated); } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'deactivate': //deactivate osc_csrf_check(); require_once LIB_PATH . 'osclass/UserActions.php'; $iUpdated = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); } $userActions = new UserActions(true); foreach ($userId as $id) { $iUpdated += $userActions->deactivate($id); } if ($iUpdated == 0) { $msg = _m('No users have been deactivated'); } else { $msg = sprintf(_mn('One user has been deactivated', '%s users have been deactivated', $iUpdated), $iUpdated); } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'enable': osc_csrf_check(); require_once LIB_PATH . 'osclass/UserActions.php'; $iUpdated = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); } $userActions = new UserActions(true); foreach ($userId as $id) { $iUpdated += $userActions->enable($id); } if ($iUpdated == 0) { $msg = _m('No users have been enabled'); } else { $msg = sprintf(_mn('One user has been unblocked', '%s users have been unblocked', $iUpdated), $iUpdated); } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'disable': osc_csrf_check(); require_once LIB_PATH . 'osclass/UserActions.php'; $iUpdated = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); } $userActions = new UserActions(true); foreach ($userId as $id) { $iUpdated += $userActions->disable($id); } if ($iUpdated == 0) { $msg = _m('No users have been disabled'); } else { $msg = sprintf(_mn('One user has been blocked', '%s users have been blocked', $iUpdated), $iUpdated); } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'delete': //delete osc_csrf_check(); $iDeleted = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); } foreach ($userId as $id) { $user = $this->userManager->findByPrimaryKey($id); Log::newInstance()->insertLog('user', 'delete', $id, $user['s_email'], 'admin', osc_logged_admin_id()); if ($this->userManager->deleteUser($id)) { $iDeleted++; } } if ($iDeleted == 0) { $msg = _m('No users have been deleted'); } else { $msg = sprintf(_mn('One user has been deleted', '%s users have been deleted', $iDeleted), $iDeleted); } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'delete_alerts': //delete $iDeleted = 0; $alertId = Params::getParam('alert_id'); if (!is_array($alertId)) { osc_add_flash_error_message(_m("Alert id isn't in the correct format"), 'admin'); if (Params::getParam('user_id') == '') { $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts'); } else { $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id')); } } $mAlerts = new Alerts(); foreach ($alertId as $id) { Log::newInstance()->insertLog('user', 'delete_alerts', $id, $id, 'admin', osc_logged_admin_id()); $iDeleted += $mAlerts->delete(array('pk_i_id' => $id)); } if ($iDeleted == 0) { $msg = _m('No alerts have been deleted'); } else { $msg = sprintf(_mn('One alert has been deleted', '%s alerts have been deleted', $iDeleted), $iDeleted); } osc_add_flash_ok_message($msg, 'admin'); if (Params::getParam('user_id') == '') { $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts'); } else { $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id')); } break; case 'status_alerts': //delete $status = Params::getParam("status"); $iUpdated = 0; $alertId = Params::getParam('alert_id'); if (!is_array($alertId)) { osc_add_flash_error_message(_m("Alert id isn't in the correct format"), 'admin'); if (Params::getParam('user_id') == '') { $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts'); } else { $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id')); } } $mAlerts = new Alerts(); foreach ($alertId as $id) { if ($status == 1) { $iUpdated += $mAlerts->activate($id); } else { $iUpdated += $mAlerts->deactivate($id); } } if ($status == 1) { if ($iUpdated == 0) { $msg = _m('No alerts have been activated'); } else { $msg = sprintf(_mn('One alert has been activated', '%s alerts have been activated', $iUpdated), $iUpdated); } } else { if ($iUpdated == 0) { $msg = _m('No alerts have been deactivated'); } else { $msg = sprintf(_mn('One alert has been deactivated', '%s alerts have been deactivated', $iUpdated), $iUpdated); } } osc_add_flash_ok_message($msg, 'admin'); if (Params::getParam('user_id') == '') { $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts'); } else { $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id')); } break; case 'settings': // calling the users settings view $this->doView('users/settings.php'); break; case 'settings_post': // updating users osc_csrf_check(); $iUpdated = 0; $enabledUserValidation = Params::getParam('enabled_user_validation'); $enabledUserValidation = $enabledUserValidation != '' ? true : false; $enabledUserRegistration = Params::getParam('enabled_user_registration'); $enabledUserRegistration = $enabledUserRegistration != '' ? true : false; $enabledUsers = Params::getParam('enabled_users'); $enabledUsers = $enabledUsers != '' ? true : false; $notifyNewUser = Params::getParam('notify_new_user'); $notifyNewUser = $notifyNewUser != '' ? true : false; $usernameBlacklistTmp = explode(",", Params::getParam('username_blacklist')); foreach ($usernameBlacklistTmp as $k => $v) { $usernameBlacklistTmp[$k] = strtolower(trim($v)); } $usernameBlacklist = implode(",", $usernameBlacklistTmp); $iUpdated += osc_set_preference('enabled_user_validation', $enabledUserValidation); $iUpdated += osc_set_preference('enabled_user_registration', $enabledUserRegistration); $iUpdated += osc_set_preference('enabled_users', $enabledUsers); $iUpdated += osc_set_preference('notify_new_user', $notifyNewUser); $iUpdated += osc_set_preference('username_blacklist', $usernameBlacklist); if ($iUpdated > 0) { osc_add_flash_ok_message(_m("User settings have been updated"), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=settings'); break; case 'alerts': // manage alerts view require_once osc_lib_path() . "osclass/classes/datatables/AlertsDataTable.php"; // set default iDisplayLength if (Params::getParam('iDisplayLength') != '') { Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength')); Cookie::newInstance()->set(); } else { // set a default value if it's set in the cookie if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') { Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength')); } else { Params::setParam('iDisplayLength', 10); } } $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength')); // Table header order by related if (Params::getParam('sort') == '') { Params::setParam('sort', 'date'); } if (Params::getParam('direction') == '') { Params::setParam('direction', 'desc'); } $page = (int) Params::getParam('iPage'); if ($page == 0) { $page = 1; } Params::setParam('iPage', $page); $params = Params::getParamsAsArray(); $alertsDataTable = new AlertsDataTable(); $alertsDataTable->table($params); $aData = $alertsDataTable->getData(); if (count($aData['aRows']) == 0 && $page != 1) { $total = (int) $aData['iTotalDisplayRecords']; $maxPage = ceil($total / (int) $aData['iDisplayLength']); $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING']; if ($maxPage == 0) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url); $this->redirectTo($url); } if ($page > 1) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url); $this->redirectTo($url); } } $this->_exportVariableToView('aData', $aData); $this->_exportVariableToView('aRawRows', $alertsDataTable->rawRows()); $this->doView("users/alerts.php"); break; case 'ban': // manage ban rules view if (Params::getParam("action") != "") { osc_run_hook("ban_rules_bulk_" . Params::getParam("action"), Params::getParam('id')); } require_once osc_lib_path() . "osclass/classes/datatables/BanRulesDataTable.php"; // set default iDisplayLength if (Params::getParam('iDisplayLength') != '') { Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength')); Cookie::newInstance()->set(); } else { // set a default value if it's set in the cookie if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') { Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength')); } else { Params::setParam('iDisplayLength', 10); } } $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength')); // Table header order by related if (Params::getParam('sort') == '') { Params::setParam('sort', 'date'); } if (Params::getParam('direction') == '') { Params::setParam('direction', 'desc'); } $page = (int) Params::getParam('iPage'); if ($page == 0) { $page = 1; } Params::setParam('iPage', $page); $params = Params::getParamsAsArray(); $banRulesDataTable = new BanRulesDataTable(); $banRulesDataTable->table($params); $aData = $banRulesDataTable->getData(); if (count($aData['aRows']) == 0 && $page != 1) { $total = (int) $aData['iTotalDisplayRecords']; $maxPage = ceil($total / (int) $aData['iDisplayLength']); $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING']; if ($maxPage == 0) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url); $this->redirectTo($url); } if ($page > 1) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url); $this->redirectTo($url); } } $this->_exportVariableToView('aData', $aData); $this->_exportVariableToView('aRawRows', $banRulesDataTable->rawRows()); $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete_ban_rule', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected ban rules?'), strtolower(__('Delete'))), 'label' => __('Delete'))); $bulk_options = osc_apply_filter("ban_rule_bulk_filter", $bulk_options); $this->_exportVariableToView('bulk_options', $bulk_options); //calling the view... $this->doView('users/ban.php'); break; case 'edit_ban_rule': $this->_exportVariableToView('rule', BanRule::newInstance()->findByPrimaryKey(Params::getParam('id'))); $this->doView('users/ban_frm.php'); break; case 'edit_ban_rule_post': osc_csrf_check(); if (Params::getParam('s_ip') == '' && Params::getParam('s_email') == '') { osc_add_flash_warning_message(_m("Both rules can not be empty"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban'); } BanRule::newInstance()->update(array('s_name' => Params::getParam('s_name'), 's_ip' => Params::getParam('s_ip'), 's_email' => strtolower(Params::getParam('s_email'))), array('pk_i_id' => Params::getParam('id'))); osc_add_flash_ok_message(_m('Rule updated correctly'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban'); break; case 'create_ban_rule': $this->_exportVariableToView('rule', null); $this->doView('users/ban_frm.php'); break; case 'create_ban_rule_post': osc_csrf_check(); if (Params::getParam('s_ip') == '' && Params::getParam('s_email') == '') { osc_add_flash_warning_message(_m("Both rules can not be empty"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban'); } BanRule::newInstance()->insert(array('s_name' => Params::getParam('s_name'), 's_ip' => Params::getParam('s_ip'), 's_email' => strtolower(Params::getParam('s_email')))); osc_add_flash_ok_message(_m('Rule saved correctly'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban'); break; case 'delete_ban_rule': //delete ban rules osc_csrf_check(); $iDeleted = 0; $ruleId = Params::getParam('id'); if (!is_array($ruleId)) { osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban'); } $ruleMgr = BanRule::newInstance(); foreach ($ruleId as $id) { if ($ruleMgr->deleteByPrimaryKey($id)) { $iDeleted++; } } if ($iDeleted == 0) { $msg = _m('No rules have been deleted'); } else { $msg = sprintf(_mn('One ban rule has been deleted', '%s ban rules have been deleted', $iDeleted), $iDeleted); } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban'); break; default: // manage users view if (Params::getParam("action") != "") { osc_run_hook("user_bulk_" . Params::getParam("action"), Params::getParam('id')); } require_once osc_lib_path() . "osclass/classes/datatables/UsersDataTable.php"; // set default iDisplayLength if (Params::getParam('iDisplayLength') != '') { Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength')); Cookie::newInstance()->set(); } else { // set a default value if it's set in the cookie if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') { Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength')); } else { Params::setParam('iDisplayLength', 10); } } $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength')); // Table header order by related if (Params::getParam('sort') == '') { Params::setParam('sort', 'date'); } if (Params::getParam('direction') == '') { Params::setParam('direction', 'desc'); } $page = (int) Params::getParam('iPage'); if ($page == 0) { $page = 1; } Params::setParam('iPage', $page); $params = Params::getParamsAsArray(); $usersDataTable = new UsersDataTable(); $usersDataTable->table($params); $aData = $usersDataTable->getData(); if (count($aData['aRows']) == 0 && $page != 1) { $total = (int) $aData['iTotalDisplayRecords']; $maxPage = ceil($total / (int) $aData['iDisplayLength']); $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING']; if ($maxPage == 0) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url); $this->redirectTo($url); } if ($page > 1) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url); $this->redirectTo($url); } } $this->_exportVariableToView('aData', $aData); $this->_exportVariableToView('withFilters', $usersDataTable->withFilters()); $this->_exportVariableToView('aRawRows', $usersDataTable->rawRows()); $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'activate', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Activate'))), 'label' => __('Activate')), array('value' => 'deactivate', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Deactivate'))), 'label' => __('Deactivate')), array('value' => 'enable', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Unblock'))), 'label' => __('Unblock')), array('value' => 'disable', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Block'))), 'label' => __('Block')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Delete'))), 'label' => __('Delete'))); if (osc_user_validation_enabled()) { $bulk_options[] = array('value' => 'resend_activation', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Resend the activation to'))), 'label' => __('Resend activation')); } $bulk_options = osc_apply_filter("user_bulk_filter", $bulk_options); $this->_exportVariableToView('bulk_options', $bulk_options); //calling the view... $this->doView('users/index.php'); break; } }
/** * * @param <type> $secret * @param <type> $itemId */ public function delete($secret, $itemId) { $item = $this->manager->findByPrimaryKey($itemId); if ($item['s_secret'] == $secret) { $this->deleteResourcesFromHD($itemId); Log::newInstance()->insertLog('item', 'delete', $itemId, $item['s_title'], $this->is_admin ? 'admin' : 'user', $this->is_admin ? osc_logged_admin_id() : osc_logged_user_id()); return $this->manager->deleteByPrimaryKey($itemId); } return false; }
function doModel() { //specific things for this class switch ($this->action) { case 'bulk_actions': break; case 'regions': //Return regions given a countryId $regions = Region::newInstance()->findByCountry(Params::getParam("countryId")); echo json_encode($regions); break; case 'cities': //Returns cities given a regionId $cities = City::newInstance()->findByRegion(Params::getParam("regionId")); echo json_encode($cities); break; case 'location': // This is the autocomplete AJAX $cities = City::newInstance()->ajax(Params::getParam("term")); foreach ($cities as $k => $city) { $cities[$k]['label'] = $city['label'] . " (" . $city['region'] . ")"; } echo json_encode($cities); break; case 'location_countries': // This is the autocomplete AJAX $countries = Country::newInstance()->ajax(Params::getParam("term")); echo json_encode($countries); break; case 'location_regions': // This is the autocomplete AJAX $regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country")); echo json_encode($regions); break; case 'location_cities': // This is the autocomplete AJAX $cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region")); echo json_encode($cities); break; case 'delete_image': // Delete images via AJAX $id = Params::getParam('id'); $item = Params::getParam('item'); $code = Params::getParam('code'); $secret = Params::getParam('secret'); $json = array(); if (Session::newInstance()->_get('userId') != '') { $userId = Session::newInstance()->_get('userId'); $user = User::newInstance()->findByPrimaryKey($userId); } else { $userId = null; $user = null; } // Check for required fields if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) { $json['success'] = false; $json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist"); echo json_encode($json); return false; } $aItem = Item::newInstance()->findByPrimaryKey($item); // Check if the item exists if (count($aItem) == 0) { $json['success'] = false; $json['msg'] = _m("The listing doesn't exist"); echo json_encode($json); return false; } if (!osc_is_admin_user_logged_in()) { // Check if the item belong to the user if ($userId != null && $userId != $aItem['fk_i_user_id']) { $json['success'] = false; $json['msg'] = _m("The listing doesn't belong to you"); echo json_encode($json); return false; } // Check if the secret passphrase match with the item if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) { $json['success'] = false; $json['msg'] = _m("The listing doesn't belong to you"); echo json_encode($json); return false; } } // Does id & code combination exist? $result = ItemResource::newInstance()->existResource($id, $code); if ($result > 0) { $resource = ItemResource::newInstance()->findByPrimaryKey($id); if ($resource['fk_i_item_id'] == $item) { // Delete: file, db table entry if (defined(OC_ADMIN)) { osc_deleteResource($id, true); Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'admin', osc_logged_admin_id()); } else { osc_deleteResource($id, false); Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'user', osc_logged_user_id()); } ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code)); $json['msg'] = _m('The selected photo has been successfully deleted'); $json['success'] = 'true'; } else { $json['msg'] = _m("The selected photo does not belong to you"); $json['success'] = 'false'; } } else { $json['msg'] = _m("The selected photo couldn't be deleted"); $json['success'] = 'false'; } echo json_encode($json); return true; break; case 'alerts': // Allow to register to an alert given (not sure it's used on admin) $alert = Params::getParam("alert"); $email = Params::getParam("email"); $userid = Params::getParam("userid"); if ($alert != '' && $email != '') { if (preg_match("/^[_a-z0-9-+]+(\\.[_a-z0-9-+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", $email)) { $secret = osc_genRandomPassword(); if (Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) { if ((int) $userid > 0) { $user = User::newInstance()->findByPrimaryKey($userid); if ($user['b_active'] == 1 && $user['b_enabled'] == 1) { Alerts::newInstance()->activate($email, $secret); echo '1'; return true; } else { echo '-1'; return false; } } else { osc_run_hook('hook_email_alert_validation', $alert, $email, $secret); } echo "1"; } else { echo "0"; } return true; } else { echo '-1'; return false; } } echo '0'; return false; break; case 'runhook': // run hooks $hook = Params::getParam('hook'); if ($hook == '') { echo json_encode(array('error' => 'hook parameter not defined')); break; } switch ($hook) { case 'item_form': osc_run_hook('item_form', Params::getParam('catId')); break; case 'item_edit': $catId = Params::getParam("catId"); $itemId = Params::getParam("itemId"); osc_run_hook("item_edit", $catId, $itemId); break; default: osc_run_hook('ajax_' . $hook); break; } break; case 'custom': // Execute via AJAX custom file $ajaxFile = Params::getParam("ajaxfile"); if ($ajaxFile == '') { echo json_encode(array('error' => 'no action defined')); break; } // valid file? if (stripos($ajaxFile, '../') !== false) { echo json_encode(array('error' => 'no valid ajaxFile')); break; } if (!file_exists(osc_plugins_path() . $ajaxFile)) { echo json_encode(array('error' => "ajaxFile doesn't exist")); break; } require_once osc_plugins_path() . $ajaxFile; break; default: echo json_encode(array('error' => __('no action defined'))); break; } // clear all keep variables into session Session::newInstance()->_dropKeepForm(); Session::newInstance()->_clearVariables(); }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'create': // callign create view $aCountries = array(); $aRegions = array(); $aCities = array(); $aCountries = Country::newInstance()->listAll(); if (isset($aCountries[0]['pk_c_code'])) { $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']); } if (isset($aRegions[0]['pk_i_id'])) { $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']); } $this->_exportVariableToView('user', null); $this->_exportVariableToView('countries', $aCountries); $this->_exportVariableToView('regions', $aRegions); $this->_exportVariableToView('cities', $aCities); $this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled()); $this->doView("users/frm.php"); break; case 'create_post': // creating the user... require_once LIB_PATH . 'osclass/UserActions.php'; $userActions = new UserActions(true); $success = $userActions->add(); switch ($success) { case 1: osc_add_flash_ok_message(_m('The user has been created. We\'ve sent an activation e-mail'), 'admin'); break; case 2: osc_add_flash_ok_message(_m('The user has been created successfully'), 'admin'); break; case 3: osc_add_flash_warning_message(_m('Sorry, but that e-mail is already in use'), 'admin'); break; case 5: osc_add_flash_warning_message(_m('The specified e-mail is not valid'), 'admin'); break; case 6: osc_add_flash_warning_message(_m('Sorry, the password cannot be empty'), 'admin'); break; case 7: osc_add_flash_warning_message(_m("Sorry, passwords don't match"), 'admin'); break; } $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'edit': // calling the edit view $aUser = array(); $aCountries = array(); $aRegions = array(); $aCities = array(); $aUser = $this->userManager->findByPrimaryKey(Params::getParam("id")); $aCountries = Country::newInstance()->listAll(); $aRegions = array(); if ($aUser['fk_c_country_code'] != '') { $aRegions = Region::newInstance()->findByCountry($aUser['fk_c_country_code']); } else { if (count($aCountries) > 0) { $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']); } } $aCities = array(); if ($aUser['fk_i_region_id'] != '') { $aCities = City::newInstance()->findByRegion($aUser['fk_i_region_id']); } else { if (count($aRegions) > 0) { $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']); } } $this->_exportVariableToView("user", $aUser); $this->_exportVariableToView("countries", $aCountries); $this->_exportVariableToView("regions", $aRegions); $this->_exportVariableToView("cities", $aCities); $this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled()); $this->doView("users/frm.php"); break; case 'edit_post': // edit post require_once LIB_PATH . 'osclass/UserActions.php'; $userActions = new UserActions(true); $success = $userActions->edit(Params::getParam("id")); switch ($success) { case 1: osc_add_flash_error_message(_m('Passwords don\'t match'), 'admin'); break; case 2: osc_add_flash_ok_message(_m('The user has been updated and activated'), 'admin'); break; default: osc_add_flash_ok_message(_m('The user has been updated'), 'admin'); break; } $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'activate': //activate require_once LIB_PATH . 'osclass/UserActions.php'; $iUpdated = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m('User id isn\'t in the correct format'), 'admin'); } $userActions = new UserActions(true); foreach ($userId as $id) { $iUpdated += $userActions->activate($id); } switch ($iUpdated) { case 0: $msg = _m('No user has been activated'); break; case 1: $msg = _m('One user has been activated'); break; default: $msg = sprintf(_m('%s users have been activated'), $iUpdated); break; } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'deactivate': //deactivate require_once LIB_PATH . 'osclass/UserActions.php'; $iUpdated = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m('User id isn\'t in the correct format'), 'admin'); } $userActions = new UserActions(true); foreach ($userId as $id) { $iUpdated += $userActions->deactivate($id); } switch ($iUpdated) { case 0: $msg = _m('No user has been deactivated'); break; case 1: $msg = _m('One user has been deactivated'); break; default: $msg = sprintf(_m('%s users have been deactivated'), $iUpdated); break; } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'enable': require_once LIB_PATH . 'osclass/UserActions.php'; $iUpdated = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m('User id isn\'t in the correct format'), 'admin'); } $userActions = new UserActions(true); foreach ($userId as $id) { $iUpdated += $userActions->enable($id); } switch ($iUpdated) { case 0: $msg = _m('No user has been enabled'); break; case 1: $msg = _m('One user has been enabled'); break; default: $msg = sprintf(_m('%s users have been enabled'), $iUpdated); break; } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'disable': require_once LIB_PATH . 'osclass/UserActions.php'; $iUpdated = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m('User id isn\'t in the correct format'), 'admin'); } $userActions = new UserActions(true); foreach ($userId as $id) { $iUpdated += $userActions->disable($id); } switch ($iUpdated) { case 0: $msg = _m('No user has been disabled'); break; case 1: $msg = _m('One user has been disabled'); break; default: $msg = sprintf(_m('%s users have been disabled'), $iUpdated); break; } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'delete': //delete $iDeleted = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m('User id isn\'t in the correct format'), 'admin'); } foreach ($userId as $id) { $user = $this->userManager->findByPrimaryKey($id); Log::newInstance()->insertLog('user', 'delete', $id, $user['s_email'], 'admin', osc_logged_admin_id()); if ($this->userManager->deleteUser($id)) { $iDeleted++; } } switch ($iDeleted) { case 0: $msg = _m('No user has been deleted'); break; case 1: $msg = _m('One user has been deleted'); break; default: $msg = sprintf(_m('%s users have been deleted'), $iDeleted); break; } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'settings': // calling the users settings view $this->doView('users/settings.php'); break; case 'settings_post': // updating users $iUpdated = 0; $enabledUserValidation = Params::getParam('enabled_user_validation'); $enabledUserValidation = $enabledUserValidation != '' ? true : false; $enabledUserRegistration = Params::getParam('enabled_user_registration'); $enabledUserRegistration = $enabledUserRegistration != '' ? true : false; $enabledUsers = Params::getParam('enabled_users'); $enabledUsers = $enabledUsers != '' ? true : false; $notifyNewUser = Params::getParam('notify_new_user'); $notifyNewUser = $notifyNewUser != '' ? true : false; $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledUserValidation), array('s_name' => 'enabled_user_validation')); $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledUserRegistration), array('s_name' => 'enabled_user_registration')); $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledUsers), array('s_name' => 'enabled_users')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyNewUser), array('s_name' => 'notify_new_user')); if ($iUpdated > 0) { osc_add_flash_ok_message(_m('Users\' settings have been updated'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=settings'); break; default: // manage users view $aUsers = $this->userManager->listAll(); $this->_exportVariableToView("users", $aUsers); $this->doView("users/index.php"); break; } }
function doModel() { switch ($this->action) { case 'dashboard': //dashboard... $max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5; $aItems = Item::newInstance()->findByUserIDEnabled(Session::newInstance()->_get('userId'), 0, $max_items); //calling the view... $this->_exportVariableToView('items', $aItems); $this->_exportVariableToView('max_items', $max_items); $this->doView('user-dashboard.php'); break; case 'profile': //profile... $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); $aCountries = Country::newInstance()->listAll(); $aRegions = array(); if ($user['fk_c_country_code'] != '') { $aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']); } elseif (count($aCountries) > 0) { $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']); } $aCities = array(); if ($user['fk_i_region_id'] != '') { $aCities = City::newInstance()->findByRegion($user['fk_i_region_id']); } else { if (count($aRegions) > 0) { $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']); } } //calling the view... $this->_exportVariableToView('countries', $aCountries); $this->_exportVariableToView('regions', $aRegions); $this->_exportVariableToView('cities', $aCities); $this->_exportVariableToView('user', $user); $this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled()); $this->doView('user-profile.php'); break; case 'profile_post': //profile post... $userId = Session::newInstance()->_get('userId'); require_once LIB_PATH . 'osclass/UserActions.php'; $userActions = new UserActions(false); $success = $userActions->edit($userId); osc_add_flash_ok_message(_m('Your profile has been updated successfully')); $this->redirectTo(osc_user_profile_url()); break; case 'alerts': //alerts $aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId')); $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); foreach ($aAlerts as $k => $a) { $json = base64_decode($a['s_search']); $array_conditions = (array) json_decode($json); // $search = Search::newInstance(); $search = new Search(); $search->setJsonAlert($array_conditions); $search->limit(0, 3); $aAlerts[$k]['items'] = $search->doSearch(); } $this->_exportVariableToView('alerts', $aAlerts); View::newInstance()->_reset('alerts'); $this->_exportVariableToView('user', $user); $this->doView('user-alerts.php'); break; case 'change_email': //change email $this->doView('user-change_email.php'); break; case 'change_email_post': //change email post if (!preg_match("/^[_a-z0-9-\\+]+(\\.[_a-z0-9-\\+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", Params::getParam('new_email'))) { osc_add_flash_error_message(_m('The specified e-mail is not valid')); $this->redirectTo(osc_change_user_email_url()); } else { $user = User::newInstance()->findByEmail(Params::getParam('new_email')); if (!isset($user['pk_i_id'])) { $userEmailTmp = array(); $userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId'); $userEmailTmp['s_new_email'] = Params::getParam('new_email'); UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp); $code = osc_genRandomPassword(30); $date = date('Y-m-d H:i:s'); $userManager = new User(); $userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId'))); $validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code); osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url); $this->redirectTo(osc_user_profile_url()); } else { osc_add_flash_error_message(_m('The specified e-mail is already in use')); $this->redirectTo(osc_change_user_email_url()); } } break; case 'change_password': //change password $this->doView('user-change_password.php'); break; case 'change_password_post': //change password post $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); if (Params::getParam('password', false, false) == '' || Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') { osc_add_flash_warning_message(_m('Password cannot be blank')); $this->redirectTo(osc_change_user_password_url()); } if ($user['s_password'] != sha1(Params::getParam('password', false, false))) { osc_add_flash_error_message(_m("Current password doesn't match")); $this->redirectTo(osc_change_user_password_url()); } if (!Params::getParam('new_password', false, false)) { osc_add_flash_error_message(_m("Passwords can't be empty")); $this->redirectTo(osc_change_user_password_url()); } if (Params::getParam('new_password', false, false) != Params::getParam('new_password2', false, false)) { osc_add_flash_error_message(_m("Passwords don't match")); $this->redirectTo(osc_change_user_password_url()); } User::newInstance()->update(array('s_password' => sha1(Params::getParam('new_password', false, false))), array('pk_i_id' => Session::newInstance()->_get('userId'))); osc_add_flash_ok_message(_m('Password has been changed')); $this->redirectTo(osc_user_profile_url()); break; case 'items': // view items user $itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 5; $page = Params::getParam('iPage') != '' ? Params::getParam('iPage') : 0; $total_items = Item::newInstance()->countByUserIDEnabled($_SESSION['userId']); $total_pages = ceil($total_items / $itemsPerPage); $items = Item::newInstance()->findByUserIDEnabled($_SESSION['userId'], $page * $itemsPerPage, $itemsPerPage); $this->_exportVariableToView('items', $items); $this->_exportVariableToView('list_total_pages', $total_pages); $this->_exportVariableToView('list_total_items', $total_items); $this->_exportVariableToView('items_per_page', $itemsPerPage); $this->_exportVariableToView('list_page', $page); $this->doView('user-items.php'); break; case 'activate_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $result = 0; if ($email != '' && $secret != '') { $result = Alerts::newInstance()->activate($email, $secret); } if ($result == 1) { osc_add_flash_ok_message(_m('Alert activated')); } else { osc_add_flash_error_message(_m('Oops! There was a problem trying to activate your alert. Please contact an administrator')); } $this->redirectTo(osc_base_url()); break; case 'unsub_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); if ($email != '' && $secret != '') { Alerts::newInstance()->delete(array('s_email' => $email, 's_secret' => $secret)); osc_add_flash_ok_message(_m('Unsubscribed correctly')); } else { osc_add_flash_error_message(_m('Oops! There was a problem trying to unsubscribe you. Please contact an administrator')); } $this->redirectTo(osc_user_alerts_url()); break; case 'deleteResource': $id = Params::getParam('id'); $name = Params::getParam('name'); $fkid = Params::getParam('fkid'); $resource = ItemResource::newInstance()->findByPrimaryKey($id); $item = Item::newInstance()->findByPrimaryKey($fkid); if ($resource && $item) { if ($resource['fk_i_item_id'] == $fkid && $item['fk_i_user_id'] == osc_logged_user_id()) { // Delete: file, db table entry osc_deleteResource($id, false); Log::newInstance()->insertLog('user', 'deleteResource', $id, $id, 'user', osc_logged_user_id()); ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $name)); osc_add_flash_ok_message(_m('The selected photo has been successfully deleted')); } else { osc_add_flash_error_message(_m("The selected photo does not belong to you")); } } else { osc_add_flash_error_message(_m("The selected photo couldn't be deleted")); } $this->redirectTo(osc_base_url(true) . "?page=item&action=item_edit&id=" . $fkid); break; } }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'create': // callign create view $aCountries = array(); $aRegions = array(); $aCities = array(); $aCountries = Country::newInstance()->listAll(); if (isset($aCountries[0]['pk_c_code'])) { $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']); } if (isset($aRegions[0]['pk_i_id'])) { $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']); } $this->_exportVariableToView('user', null); $this->_exportVariableToView('countries', $aCountries); $this->_exportVariableToView('regions', $aRegions); $this->_exportVariableToView('cities', $aCities); $this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled()); $this->doView("users/frm.php"); break; case 'create_post': // creating the user... require_once LIB_PATH . 'osclass/UserActions.php'; $userActions = new UserActions(true); $success = $userActions->add(); switch ($success) { case 1: osc_add_flash_ok_message(_m("The user has been created. We've sent an activation e-mail"), 'admin'); break; case 2: osc_add_flash_ok_message(_m('The user has been created successfully'), 'admin'); break; case 3: osc_add_flash_warning_message(_m('Sorry, but that e-mail is already in use'), 'admin'); break; case 5: osc_add_flash_warning_message(_m('The specified e-mail is not valid'), 'admin'); break; case 6: osc_add_flash_warning_message(_m('Sorry, the password cannot be empty'), 'admin'); break; case 7: osc_add_flash_warning_message(_m("Sorry, passwords don't match"), 'admin'); break; } $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'edit': // calling the edit view $aUser = array(); $aCountries = array(); $aRegions = array(); $aCities = array(); $aUser = $this->userManager->findByPrimaryKey(Params::getParam("id")); $aCountries = Country::newInstance()->listAll(); $aRegions = array(); if ($aUser['fk_c_country_code'] != '') { $aRegions = Region::newInstance()->findByCountry($aUser['fk_c_country_code']); } else { if (count($aCountries) > 0) { $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']); } } $aCities = array(); if ($aUser['fk_i_region_id'] != '') { $aCities = City::newInstance()->findByRegion($aUser['fk_i_region_id']); } else { if (count($aRegions) > 0) { $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']); } } $this->_exportVariableToView("user", $aUser); $this->_exportVariableToView("countries", $aCountries); $this->_exportVariableToView("regions", $aRegions); $this->_exportVariableToView("cities", $aCities); $this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled()); $this->doView("users/frm.php"); break; case 'edit_post': // edit post require_once LIB_PATH . 'osclass/UserActions.php'; $userActions = new UserActions(true); $success = $userActions->edit(Params::getParam("id")); switch ($success) { case 1: osc_add_flash_error_message(_m("Passwords don't match"), 'admin'); break; case 2: osc_add_flash_ok_message(_m('The user has been updated and activated'), 'admin'); break; default: osc_add_flash_ok_message(_m('The user has been updated'), 'admin'); break; } $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'resend_activation': //activate require_once LIB_PATH . 'osclass/UserActions.php'; $iUpdated = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); } $userActions = new UserActions(true); foreach ($userId as $id) { $iUpdated += $userActions->resend_activation($id); } if ($iUpdated == 0) { osc_add_flash_error_message(_m('No users have been selected'), 'admin'); } else { osc_add_flash_ok_message(sprintf(_mn('Activation email sent to one user', 'Activation email sent to %s users', $iUpdated), $iUpdated), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'activate': //activate require_once LIB_PATH . 'osclass/UserActions.php'; $iUpdated = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); } $userActions = new UserActions(true); foreach ($userId as $id) { $iUpdated += $userActions->activate($id); } if ($iUpdated == 0) { $msg = _m('No users have been activated'); } else { $msg = sprintf(_mn('One user has been activated', '%s users have been activated', $iUpdated), $iUpdated); } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'deactivate': //deactivate require_once LIB_PATH . 'osclass/UserActions.php'; $iUpdated = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); } $userActions = new UserActions(true); foreach ($userId as $id) { $iUpdated += $userActions->deactivate($id); } if ($iUpdated == 0) { $msg = _m('No users have been deactivated'); } else { $msg = sprintf(_mn('One user has been deactivated', '%s users have been deactivated', $iUpdated), $iUpdated); } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'enable': require_once LIB_PATH . 'osclass/UserActions.php'; $iUpdated = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); } $userActions = new UserActions(true); foreach ($userId as $id) { $iUpdated += $userActions->enable($id); } if ($iUpdated == 0) { $msg = _m('No users have been enabled'); } else { $msg = sprintf(_mn('One user has been unblocked', '%s users have been unblocked', $iUpdated), $iUpdated); } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'disable': require_once LIB_PATH . 'osclass/UserActions.php'; $iUpdated = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); } $userActions = new UserActions(true); foreach ($userId as $id) { $iUpdated += $userActions->disable($id); } if ($iUpdated == 0) { $msg = _m('No users have been disabled'); } else { $msg = sprintf(_mn('One user has been blocked', '%s users have been blocked', $iUpdated), $iUpdated); } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'delete': //delete $iDeleted = 0; $userId = Params::getParam('id'); if (!is_array($userId)) { osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); } foreach ($userId as $id) { $user = $this->userManager->findByPrimaryKey($id); Log::newInstance()->insertLog('user', 'delete', $id, $user['s_email'], 'admin', osc_logged_admin_id()); if ($this->userManager->deleteUser($id)) { $iDeleted++; } } if ($iDeleted == 0) { $msg = _m('No users have been deleted'); } else { $msg = sprintf(_mn('One user has been deleted', '%s users have been deleted', $iDeleted), $iDeleted); } osc_add_flash_ok_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=users'); break; case 'settings': // calling the users settings view $this->doView('users/settings.php'); break; case 'settings_post': // updating users $iUpdated = 0; $enabledUserValidation = Params::getParam('enabled_user_validation'); $enabledUserValidation = $enabledUserValidation != '' ? true : false; $enabledUserRegistration = Params::getParam('enabled_user_registration'); $enabledUserRegistration = $enabledUserRegistration != '' ? true : false; $enabledUsers = Params::getParam('enabled_users'); $enabledUsers = $enabledUsers != '' ? true : false; $notifyNewUser = Params::getParam('notify_new_user'); $notifyNewUser = $notifyNewUser != '' ? true : false; $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledUserValidation), array('s_name' => 'enabled_user_validation')); $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledUserRegistration), array('s_name' => 'enabled_user_registration')); $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledUsers), array('s_name' => 'enabled_users')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyNewUser), array('s_name' => 'notify_new_user')); if ($iUpdated > 0) { osc_add_flash_ok_message(_m("User settings have been updated"), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=settings'); break; default: // manage users view // set default iDisplayLength if (Params::getParam('iDisplayLength') == '') { Params::setParam('iDisplayLength', 10); } $p_iPage = 1; if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') >= 1) { $p_iPage = Params::getParam('iPage'); } Params::setParam('iPage', $p_iPage); $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength')); $this->_exportVariableToView('sSearch', Params::getParam('sSearch')); require_once osc_admin_base_path() . 'ajax/users_processing.php'; $users_processing = new UsersProcessingAjax(Params::getParamsAsArray("get")); $aData = $users_processing->result(); $page = (int) Params::getParam('iPage'); if (count($aData['aaData']) == 0 && $page != 1) { $total = (int) $aData['iTotalDisplayRecords']; $maxPage = ceil($total / (int) $aData['iDisplayLength']); $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING']; if ($maxPage == 0) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url); $this->redirectTo($url); } if ($page > 1) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url); $this->redirectTo($url); } } $this->_exportVariableToView('aUsers', $aData); $this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled()); $this->doView("users/index.php"); break; } }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'bulk_actions': $mItems = new ItemActions(true); switch (Params::getParam('bulk_actions')) { case 'enable_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->enable($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d item has been enabled', '%d items have been enabled', $numSuccess), $numSuccess), 'admin'); } break; case 'disable_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->disable((int) $_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d item has been disabled', '%d items have been disabled', $numSuccess), $numSuccess), 'admin'); } break; case 'activate_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->activate($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d item has been activated', '%d items have been activated', $numSuccess), $numSuccess), 'admin'); } break; case 'deactivate_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->deactivate($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_m('%d item has been deactivated', '%d items have been deactivated', $numSuccess), $numSuccess), 'admin'); } break; case 'premium_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->premium($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d item has been marked as premium', '%d items have been marked as premium', $numSuccess), $numSuccess), 'admin'); } break; case 'depremium_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->premium($_id, false)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin'); } break; case 'spam_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->spam($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d item has been marked as spam', '%d items have been marked as spam', $numSuccess), $numSuccess), 'admin'); } break; case 'despam_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->spam($_id, false)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d change have been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin'); } break; case 'delete_all': $id = Params::getParam('id'); $success = false; if ($id != '') { $numSuccess = 0; foreach ($id as $i) { if ($i) { $item = $this->itemManager->findByPrimaryKey($i); $success = $mItems->delete($item['s_secret'], $item['pk_i_id']); if ($success) { $numSuccess++; } } } } osc_add_flash_ok_message(sprintf(_mn('%d item has been deleted', '%d items have been deleted', $numSuccess), $numSuccess), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'delete': //delete $id = Params::getParam('id'); $success = false; foreach ($id as $i) { if ($i) { $aItem = $this->itemManager->findByPrimaryKey($i); $mItems = new ItemActions(true); $success = $mItems->delete($aItem['s_secret'], $aItem['pk_i_id']); } } if ($success) { osc_add_flash_ok_message(_m('The item has been deleted'), 'admin'); } else { osc_add_flash_error_message(_m('The item couldn\'t be deleted'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'status': //status $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) { return false; } $item = $this->itemManager->findByPrimaryKey($id); $mItems = new ItemActions(true); switch ($value) { case 'ACTIVE': $success = $mItems->activate($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The item has been activated'), 'admin'); } else { if (!$success) { osc_add_flash_error_message(_m('Some error has occurred'), 'admin'); } else { osc_add_flash_error_message(_m('The item cannot be activated, because it is blocked'), 'admin'); } } break; case 'INACTIVE': $success = $mItems->deactivate($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The item has been deactivated'), 'admin'); } else { osc_add_flash_error_message(_m('Some error has occurred'), 'admin'); } break; case 'ENABLE': $success = $mItems->enable($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The item has been enabled'), 'admin'); } else { osc_add_flash_error_message(_m('Some error has occurred'), 'admin'); } break; case 'DISABLE': $success = $mItems->disable($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The item has been disabled'), 'admin'); } else { osc_add_flash_error_message(_m('Some error has occurred'), 'admin'); } break; } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'status_premium': //status premium $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array(0, 1))) { return false; } $mItems = new ItemActions(true); if ($mItems->premium($id, $value == 1 ? true : false)) { osc_add_flash_ok_message(_m('Changes have been applied'), 'admin'); } else { osc_add_flash_error_message(_m('Some error has occurred'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'status_spam': //status spam $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array(0, 1))) { return false; } $mItems = new ItemActions(true); if ($mItems->spam($id, $value == 1 ? true : false)) { osc_add_flash_ok_message(_m('Changes have been applied'), 'admin'); } else { osc_add_flash_error_message(_m('Some error has occurred'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'clear_stat': $id = Params::getParam('id'); $stat = Params::getParam('stat'); if (!$id) { return false; } if (!$stat) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } $success = $this->itemManager->clearStat($id, $stat); if ($success) { osc_add_flash_ok_message(_m('The item has been unmarked as') . " {$stat}", 'admin'); } else { osc_add_flash_error_message(_m('The item hasn\'t been unmarked as') . " {$stat}", 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items&stat=" . $stat); break; case 'item_edit': // edit item $id = Params::getParam('id'); $item = Item::newInstance()->findByPrimaryKey($id); if (count($item) <= 0) { $this->redirectTo(osc_admin_base_url(true) . "?page=items"); } $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } $this->_exportVariableToView("item", $item); $this->_exportVariableToView("new_item", FALSE); $this->doView('items/frm.php'); break; case 'item_edit_post': $mItems = new ItemActions(true); $mItems->prepareData(false); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } $success = $mItems->edit(); if ($success == 1) { Session::newInstance()->_clearVariables(); osc_add_flash_ok_message(_m('Changes saved correctly'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items"); } else { osc_add_flash_error_message($success, 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items&action=item_edit&id=" . Params::getParam('id')); } break; case 'deleteResource': //delete resource $id = Params::getParam('id'); $name = Params::getParam('name'); $fkid = Params::getParam('fkid'); // delete files osc_deleteResource($id, true); Log::newInstance()->insertLog('items', 'deleteResource', $id, $id, 'admin', osc_logged_admin_id()); $result = ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name)); if ($result === false) { osc_add_flash_error_message(_m('Some error has occurred'), 'admin'); } else { osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'post': // add item $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } $this->_exportVariableToView("new_item", TRUE); $this->doView('items/frm.php'); break; case 'post_item': //post item $mItem = new ItemActions(true); $mItem->prepareData(true); // set all parameters into session foreach ($mItem->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } $success = $mItem->add(); if ($success == 1 || $success == 2) { Session::newInstance()->_clearVariables(); osc_add_flash_ok_message(_m('A new item has been added'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items"); } else { osc_add_flash_error_message($success, 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items&action=post"); } break; case 'settings': // calling the items settings view $this->doView('items/settings.php'); break; case 'settings_post': // update item settings $iUpdated = 0; $enabledRecaptchaItems = Params::getParam('enabled_recaptcha_items'); $enabledRecaptchaItems = $enabledRecaptchaItems == '1' ? true : false; $moderateItems = Params::getParam('moderate_items'); $moderateItems = $moderateItems != '' ? true : false; $numModerateItems = Params::getParam('num_moderate_items'); $itemsWaitTime = Params::getParam('items_wait_time'); $loggedUserItemValidation = Params::getParam('logged_user_item_validation'); $loggedUserItemValidation = $loggedUserItemValidation != '' ? true : false; $regUserPost = Params::getParam('reg_user_post'); $regUserPost = $regUserPost != '' ? true : false; $notifyNewItem = Params::getParam('notify_new_item'); $notifyNewItem = $notifyNewItem != '' ? true : false; $notifyContactItem = Params::getParam('notify_contact_item'); $notifyContactItem = $notifyContactItem != '' ? true : false; $notifyContactFriends = Params::getParam('notify_contact_friends'); $notifyContactFriends = $notifyContactFriends != '' ? true : false; $enabledFieldPriceItems = Params::getParam('enableField#f_price@items'); $enabledFieldPriceItems = $enabledFieldPriceItems != '' ? true : false; $enabledFieldImagesItems = Params::getParam('enableField#images@items'); $enabledFieldImagesItems = $enabledFieldImagesItems != '' ? true : false; $numImagesItems = Params::getParam('numImages@items'); if ($numImagesItems == '') { $numImagesItems = 0; } $regUserCanContact = Params::getParam('reg_user_can_contact'); $regUserCanContact = $regUserCanContact != '' ? true : false; $contactItemAttachment = Params::getParam('item_attachment'); $contactItemAttachment = $contactItemAttachment != '' ? true : false; $msg = ''; if (!osc_validate_int(Params::getParam("items_wait_time"))) { $msg .= _m("Wait time has to be numeric only") . "<br/>"; } if (!osc_validate_int(Params::getParam("num_moderate_items"))) { $msg .= _m("Number of moderated items has to be numeric only") . "<br/>"; } if (!osc_validate_int($numImagesItems)) { $msg .= _m("Images per item has to be numeric only") . "<br/>"; } if ($msg != '') { osc_add_flash_error_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings'); } $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledRecaptchaItems), array('s_name' => 'enabled_recaptcha_items')); if ($moderateItems) { $iUpdated += Preference::newInstance()->update(array('s_value' => $numModerateItems), array('s_name' => 'moderate_items')); } else { $iUpdated += Preference::newInstance()->update(array('s_value' => '-1'), array('s_name' => 'moderate_items')); } $iUpdated += Preference::newInstance()->update(array('s_value' => $loggedUserItemValidation), array('s_name' => 'logged_user_item_validation')); $iUpdated += Preference::newInstance()->update(array('s_value' => $regUserPost), array('s_name' => 'reg_user_post')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyNewItem), array('s_name' => 'notify_new_item')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactItem), array('s_name' => 'notify_contact_item')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactFriends), array('s_name' => 'notify_contact_friends')); $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldPriceItems), array('s_name' => 'enableField#f_price@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldImagesItems), array('s_name' => 'enableField#images@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $itemsWaitTime), array('s_name' => 'items_wait_time')); $iUpdated += Preference::newInstance()->update(array('s_value' => $numImagesItems), array('s_name' => 'numImages@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $regUserCanContact), array('s_name' => 'reg_user_can_contact')); $iUpdated += Preference::newInstance()->update(array('s_value' => $contactItemAttachment), array('s_name' => 'item_attachment')); if ($iUpdated > 0) { osc_add_flash_ok_message(_m('Items\' settings have been updated'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings'); break; default: //default $catId = Params::getParam('catId'); $countries = Country::newInstance()->listAll(); $regions = array(); if (count($countries) > 0) { $regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']); } $cities = array(); if (count($regions) > 0) { $cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']); } //preparing variables for the view $this->_exportVariableToView("users", User::newInstance()->listAll()); $this->_exportVariableToView("catId", $catId); $this->_exportVariableToView("stat", Params::getParam('stat')); $this->_exportVariableToView("countries", $countries); $this->_exportVariableToView("regions", $regions); $this->_exportVariableToView("cities", $cities); //calling the view... $this->doView('items/index.php'); } }