public function run() { if (!$this->request->isAjax()) { cmsCore::error404(); } // включено ли голосование от гостей? if (empty($this->options['allow_guest_vote']) && !$this->cms_user->is_logged) { return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_ERROR)); } // Получаем параметры $direction = $this->request->get('direction', ''); $target_controller = $this->request->get('controller', ''); $target_subject = $this->request->get('subject', ''); $target_id = $this->request->get('id', 0); $is_valid = $this->validate_sysname($target_controller) === true && $this->validate_sysname($target_subject) === true && is_numeric($target_id) && in_array($direction, array('up', 'down')); if (!$is_valid) { return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_ERROR)); } // Объединяем всю информацию о голосе $vote = array('user_id' => $this->cms_user->id ? $this->cms_user->id : null, 'target_controller' => $target_controller, 'target_subject' => $target_subject, 'target_id' => $target_id, 'score' => $direction == 'up' ? 1 : -1, 'ip' => sprintf('%u', ip2long(cmsUser::getIp()))); $cookie_key = $target_subject . $target_id . $target_controller; // Этот голос уже учитывался? $is_voted = $this->model->isUserVoted($vote, $this->cms_user->is_logged); if ($is_voted) { // если куки нет, ставим if (!empty($this->options['is_hidden']) && !cmsUser::getCookie($cookie_key)) { cmsUser::setCookie($cookie_key, 1, 2628000); // год } return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_RATING_VOTED)); } $target_model = cmsCore::getModel($target_controller); $target = $target_model->getRatingTarget($target_subject, $target_id); if (!empty($target['user_id'])) { if ($this->cms_user->is_logged) { if ($target['user_id'] == $this->cms_user->id || !cmsUser::isAllowed($target_subject, 'rate')) { return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_RATING_DISABLED)); } } } // Добавляем голос в лог $this->model->addVote($vote); // Обновляем суммарный рейтинг цели $rating = (int) $target['rating'] + $vote['score']; $target_model->updateRating($target_subject, $target_id, $rating); // Оповещаем всех об изменении рейтинга cmsEventsManager::hook('rating_vote', array('subject' => $target_subject, 'id' => $target_id, 'target' => $target, 'vote' => $vote, 'rating' => $rating)); // Собираем результат $result = array('success' => true, 'rating' => html_signed_num($rating), 'css_class' => html_signed_class($rating) . ($this->options['is_show'] ? ' clickable' : ''), 'message' => LANG_RATING_VOTED); // запоминаем в куках if (!empty($this->options['is_hidden'])) { cmsUser::setCookie($cookie_key, 1, 2628000); // год } return $this->cms_template->renderJSON($result); }
public function run() { // // формируем виджеты главной админки // // Виджет статистики $chart_nav = cmsEventsManager::hookAll('admin_dashboard_chart'); $cookie = cmsUser::getCookie('dashboard_chart'); $defaults = array('controller' => 'users', 'section' => 'reg', 'period' => 7); if ($cookie) { $cookie = json_decode($cookie, true); if (is_array($cookie)) { $defaults = array('controller' => $cookie['c'], 'section' => $cookie['s'], 'period' => $cookie['p']); } } $dashboard_blocks[] = array('title' => LANG_CP_DASHBOARD_STATS, 'class' => 'col3', 'html' => $this->cms_template->getRenderedChild('index_chart', array('chart_nav' => $chart_nav, 'defaults' => $defaults))); $uploader = new cmsUploader(); $extensions = get_loaded_extensions(); $sysinfo = array(LANG_CP_DASHBOARD_SI_PHP => phpversion(), LANG_CP_DASHBOARD_SI_ML => files_format_bytes(files_convert_bytes(@ini_get('memory_limit'))), LANG_CP_DASHBOARD_SI_MAX => $uploader->getMaxUploadSize(), LANG_CP_DASHBOARD_SI_IP => filter_input(INPUT_SERVER, 'SERVER_ADDR'), LANG_CP_DASHBOARD_SI_ROOT => ROOT, LANG_CP_DASHBOARD_SI_SESSION => session_save_path(), LANG_CP_DASHBOARD_SI_ION => in_array('ionCube Loader', $extensions), LANG_CP_DASHBOARD_SI_ZEND => in_array('Zend Optimizer', $extensions), LANG_CP_DASHBOARD_SI_ZENDG => in_array('Zend Guard Loader', $extensions)); $dashboard_blocks[] = array('title' => LANG_CP_DASHBOARD_SYSINFO, 'html' => $this->cms_template->getRenderedChild('index_sysinfo', array('sysinfo' => $sysinfo))); $dashboard_blocks[] = array('title' => LANG_CP_DASHBOARD_RESOURCES, 'html' => $this->cms_template->getRenderedChild('index_resources', array())); $dashboard_blocks = array_merge($dashboard_blocks, cmsEventsManager::hookAll('admin_dashboard_block', false, array())); $_block_id = 0; foreach ($dashboard_blocks as $dashboard_block) { // в одном хуке можно создавать несколько виджетов админки // для этого хук должен вернуть массив виджетов if (!isset($dashboard_block['title'])) { foreach ($dashboard_block as $sub_dashboard_block) { $sub_dashboard_block['id'] = $_block_id; $result_dashboard_blocks[$_block_id] = $sub_dashboard_block; $_block_id++; } } else { $dashboard_block['id'] = $_block_id; $result_dashboard_blocks[$_block_id] = $dashboard_block; } $_block_id++; } // формируем с учетом порядка if (!empty($this->options['dashboard_order'])) { $order_id = 1000; foreach ($result_dashboard_blocks as $block_id => $block) { if (isset($this->options['dashboard_order'][$block_id])) { $order_id = $this->options['dashboard_order'][$block_id]; } else { $order_id += 1; } $_result_dashboard_blocks[$order_id] = $block; } ksort($_result_dashboard_blocks); } else { $_result_dashboard_blocks = $result_dashboard_blocks; } return $this->cms_template->render('index', array('dashboard_blocks' => $_result_dashboard_blocks)); }
public function getWidget($target_id, $current_rating, $is_enabled = true) { // разрешено ли голосование гостям if (!$this->cms_user->is_logged && !empty($this->options['allow_guest_vote'])) { $is_enabled = true; } // эта кука ставится только если общий рейтинг не показывается до голосования // все проверки на стороне сервера делает экшн vote // т.е. просто улучшение юзабилити $is_voted = cmsUser::getCookie($this->target_subject . $target_id); return $this->cms_template->renderInternal($this, 'widget', array('options' => $this->getOptions(), 'target_controller' => $this->target_controller, 'target_subject' => $this->target_subject, 'target_id' => $target_id, 'is_guest' => !$this->cms_user->is_logged, 'is_voted' => $is_voted, 'is_enabled' => $is_voted ? false : $is_enabled, 'current_rating' => $current_rating ? $current_rating : 0, 'user' => $this->cms_user)); }
public function run() { $chart_nav = cmsEventsManager::hookAll('admin_dashboard_chart'); $uploader = new cmsUploader(); $extensions = get_loaded_extensions(); $sysinfo = array(LANG_CP_DASHBOARD_SI_PHP => phpversion(), LANG_CP_DASHBOARD_SI_ML => files_format_bytes(files_convert_bytes(@ini_get('memory_limit'))), LANG_CP_DASHBOARD_SI_MAX => $uploader->getMaxUploadSize(), LANG_CP_DASHBOARD_SI_IP => filter_input(INPUT_SERVER, 'SERVER_ADDR'), LANG_CP_DASHBOARD_SI_ROOT => ROOT, LANG_CP_DASHBOARD_SI_ION => in_array('ionCube Loader', $extensions), LANG_CP_DASHBOARD_SI_ZEND => in_array('Zend Optimizer', $extensions), LANG_CP_DASHBOARD_SI_ZENDG => in_array('Zend Guard Loader', $extensions)); $cookie = cmsUser::getCookie('dashboard_chart'); $defaults = array('controller' => 'users', 'section' => 'reg', 'period' => 7); if ($cookie) { $cookie = json_decode($cookie, true); if (is_array($cookie)) { $defaults = array('controller' => $cookie['c'], 'section' => $cookie['s'], 'period' => $cookie['p']); } } return cmsTemplate::getInstance()->render('index', array('dashboard_blocks' => cmsEventsManager::hookAll('admin_dashboard_block'), 'chart_nav' => $chart_nav, 'sysinfo' => $sysinfo, 'defaults' => $defaults)); }
public function run($do = false) { // если нужно, передаем управление другому экшену if ($do) { $this->runAction('content_' . $do, array_slice($this->params, 1)); return; } $content_model = cmsCore::getModel('content'); $ctypes = $content_model->getContentTypes(); $tree_path = cmsUser::getCookie('content_tree_path'); if ($tree_path && ($tree_path = explode('/', $tree_path)) && !empty($tree_path[1]) && ($ctype_id = (int) $tree_path[1])) { $ctype = $content_model->getContentType($ctype_id); } if (!empty($ctype)) { $grid = $this->loadDataGrid('content_items', false, 'admin.grid_filter.content.' . $ctype['name']); } else { $grid = $this->loadDataGrid('content_items'); } $diff_order = cmsUser::getUPS('admin.grid_filter.content.diff_order'); return cmsTemplate::getInstance()->render('content', array('ctypes' => $ctypes, 'grid' => $grid, 'diff_order' => $diff_order)); }
<?php echo html_input('hidden', 'ts', $target_subject); ?> <?php echo html_input('hidden', 'ti', $target_id); ?> <?php echo html_input('hidden', 'timestamp', time()); ?> <?php if (!$user->is_logged) { ?> <?php $this->addJS('templates/default/js/jquery-cookie.js'); $name = cmsUser::getCookie('comments_guest_name'); $email = cmsUser::getCookie('comments_guest_email'); ?> <div class="author_data"> <div class="name field"> <label><?php echo LANG_COMMENTS_AUTHOR_NAME; ?> :</label> <?php echo html_input('text', 'author_name', $name); ?> </div> <div class="email field"> <label><?php echo LANG_COMMENTS_AUTHOR_EMAIL; ?> :</label> <?php
private static function loadDeviceType() { $device_type = (string) cmsUser::getCookie('device_type'); if (!$device_type || !in_array($device_type, self::$device_types, true)) { cmsCore::loadLib('mobile_detect.class'); $detect = new Mobile_Detect(); $device_type = $detect->isMobile() ? $detect->isTablet() ? 'tablet' : 'mobile' : 'desktop'; cmsUser::setCookie('device_type', $device_type, 31536000); // на 1 год } self::$device_type = $device_type; }
public function actionIndex() { header('X-Frame-Options: DENY'); // $original_url для кириллических доменов $url = $original_url = urldecode($this->request->get('url', '')); if (!$url) { cmsCore::error404(); } if ($this->request->isAjax()) { cmsCore::error404(); } $url_host = parse_url($url, PHP_URL_HOST); if (!$url_host) { cmsCore::error404(); } if (!empty($this->options['is_check_refer'])) { if (empty($_SERVER['HTTP_REFERER'])) { cmsCore::error404(); } if (strpos($_SERVER['HTTP_REFERER'], $this->cms_config->protocol . $_SERVER['HTTP_HOST']) !== 0) { cmsCore::error404(); } } // кириллические домены if (preg_match('/^[а-яё]+/iu', $url_host)) { cmsCore::loadLib('idna_convert.class'); $IDN = new idna_convert(); $host = $IDN->encode($url_host); $url = str_ireplace($url_host, $host, $url); } // ссылки, по которым редиректить сразу if (!empty($this->options['no_redirect_list_array'])) { if (in_array($url_host, $this->options['no_redirect_list_array'], true)) { $this->redirect($url); } } // флаг бана домена $is_domain_banned = false; // флаг того, что домен в нашем черном списке $is_domain_in_black_list = false; // сначала проверяем черный список if (!empty($this->options['black_list_array'])) { if (in_array($url_host, $this->options['black_list_array'])) { $is_domain_banned = true; $is_domain_in_black_list = true; } } // если пользователь поставил "печеньку" if (!$is_domain_in_black_list && $this->cms_user->is_logged && cmsUser::getCookie('allow_redirect')) { $this->redirect($url); } // теперь проверяем ссылку if (!$is_domain_banned && function_exists('curl_init') && !empty($this->options['is_check_link'])) { if (empty($this->options['white_list_array']) || $this->options['white_list_array'] && !in_array($url_host, $this->options['white_list_array'])) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'https://api.vk.com/method/utils.checkLink?url=' . $url); curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_TIMEOUT, 2); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 2); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_USERAGENT, 'InstantCMS/2.0 +' . cmsConfig::get('host')); $data = json_decode(curl_exec($ch), true); if (!isset($data['error']) && isset($data['response'])) { $is_domain_banned = $data['response']['status'] == 'banned'; $url = $data['response']['link']; } } } return $this->cms_template->render('index', array('url' => $url, 'user' => $this->cms_user, 'original_url' => $original_url, 'is_domain_banned' => $is_domain_banned, 'is_domain_in_black_list' => $is_domain_in_black_list, 'sitename' => cmsConfig::get('sitename'), 'host' => cmsConfig::get('host'), 'redirect_time' => $this->options['redirect_time'])); }