public function make() { $post_id = (int) system::getInstance()->get('id'); $user_id = (int) user::getInstance()->get('id'); $message = system::getInstance()->nohtml(system::getInstance()->post('message')); // thank unknown tester for detect XSS vuln $time_between_posts = extension::getInstance()->getConfig('wall_post_delay', 'user', 'components', 'int'); if ($post_id > 0 && $user_id > 0 && system::getInstance()->length($message) > 0 && permission::getInstance()->have('global/write')) { $stmt = database::getInstance()->con()->prepare("SELECT time FROM " . property::getInstance()->get('db_prefix') . "_user_wall_answer WHERE poster = ? ORDER BY id DESC LIMIT 1"); $stmt->bindParam(1, $user_id, PDO::PARAM_INT); $stmt->execute(); $res = $stmt->fetch(); $last_post_time = $res['time']; $stmt = null; $current_time = time(); if ($current_time - $last_post_time >= $time_between_posts) { $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_user_wall_answer (wall_post_id, poster, message, time) VALUES(?, ?, ?, ?)"); $stmt->bindParam(1, $post_id, PDO::PARAM_INT); $stmt->bindParam(2, $user_id, PDO::PARAM_INT); $stmt->bindParam(3, $message, PDO::PARAM_STR); $stmt->bindParam(4, $current_time, PDO::PARAM_INT); $stmt->execute(); $stmt = null; } } api::getInstance()->call('front', 'wallview')->make(); // refresh list }
public function make() { if (user::getInstance()->get('id') > 0) { $userid = user::getInstance()->get('id'); $title = system::getInstance()->nohtml(system::getInstance()->post('title')); $url = system::getInstance()->nohtml(system::getInstance()->post('url')); // only self domain if (system::getInstance()->prefixEquals($url, property::getInstance()->get('script_url')) && filter_var($url, FILTER_VALIDATE_URL) && system::getInstance()->length($title) > 0) { $stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_user_bookmarks WHERE target = ? AND href = ?"); $stmt->bindParam(1, $userid, PDO::PARAM_INT); $stmt->bindParam(2, $url, PDO::PARAM_STR); $stmt->execute(); $res = $stmt->fetch(); $stmt = null; if ($res[0] < 1) { $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_user_bookmarks (`target`, `title`, `href`) VALUES (?, ?, ?)"); $stmt->bindParam(1, $userid, PDO::PARAM_INT); $stmt->bindParam(2, $title, PDO::PARAM_STR); $stmt->bindParam(3, $url, PDO::PARAM_STR); $stmt->execute(); $stmt = null; } } } }
public function make() { $comment_count = extension::getInstance()->getConfig('last_count', 'lastcomments', 'modules', 'int'); if ($comment_count < 1) { $comment_count = 1; } $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE `pathway` != '' AND moderate = '0' ORDER BY `time` DESC LIMIT 0,?"); $stmt->bindParam(1, $comment_count, PDO::PARAM_INT); $stmt->execute(); $res = $stmt->fetchAll(PDO::FETCH_ASSOC); $stmt = null; if (sizeof($res) > 0) { // have comments in db $max_comment_char_size = extension::getInstance()->getConfig('text_length', 'lastcomments', 'modules', 'int'); $prepared_userlist = system::getInstance()->extractFromMultyArray('author', $res); user::getInstance()->listload($prepared_userlist); $params = array(); foreach ($res as $result) { $comment_text = extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->nobbcode($result['comment']); $params['comment'][] = array('user_id' => $result['author'], 'user_name' => user::getInstance()->get('nick', $result['author']), 'user_avatar' => user::getInstance()->buildAvatar('small', $result['author']), 'uri' => $result['pathway'], 'preview' => system::getInstance()->altsubstr($comment_text, 0, $max_comment_char_size), 'date' => system::getInstance()->toDate($result['time'], 'd'), 'guest_name' => system::getInstance()->nohtml($result['guest_name'])); } $render = template::getInstance()->twigRender('modules/lastcomments/lastcomments.tpl', array('local' => $params)); template::getInstance()->set(template::TYPE_MODULE, 'lastcomments', $render); } }
public function make() { $params = array(); // get all menu data - 1 query with 2 left joins is better then 2 query's for each menu. $stmt = database::getInstance()->con()->query("SELECT h.*, g.g_id, g.g_name, g.g_url, d.d_name, d.d_url FROM `" . property::getInstance()->get('db_prefix') . "_mod_menu_gitem` as g\n LEFT OUTER JOIN `" . property::getInstance()->get('db_prefix') . "_mod_menu_ditem` as d ON g.g_id = d.d_owner_gid\n LEFT OUTER JOIN `" . property::getInstance()->get('db_prefix') . "_mod_menu_header` as h ON h.menu_id = g.g_menu_head_id\n WHERE h.menu_display = 1\n ORDER BY g.g_priority ASC, d.d_priority ASC"); $resultItems = $stmt->fetchAll(\PDO::FETCH_ASSOC); $stmt = null; foreach ($resultItems as $row) { $serial_hname = unserialize($row['menu_name']); $serial_gname = unserialize($row['g_name']); $serial_dname = unserialize($row['d_name']); $params['modmenu'][$row['menu_id']]['name'] = $serial_hname[language::getInstance()->getUseLanguage()]; $params['modmenu'][$row['menu_id']]['tag'] = $row['menu_tag']; $params['modmenu'][$row['menu_id']]['tpl'] = $row['menu_tpl']; $params['modmenu'][$row['menu_id']]['item'][$row['g_id']]['name'] = $serial_gname[language::getInstance()->getUseLanguage()]; $params['modmenu'][$row['menu_id']]['item'][$row['g_id']]['url'] = $this->urlRelativeToAbsolute($row['g_url']); if ($row['d_name'] != null) { $params['modmenu'][$row['menu_id']]['item'][$row['g_id']]['depend_array'][] = array('name' => $serial_dname[language::getInstance()->getUseLanguage()], 'url' => $this->urlRelativeToAbsolute($row['d_url'])); } } $set_var = array(); foreach ($params['modmenu'] as $menu) { $tag = $menu['tag']; $tpl = $menu['tpl']; $compile_tpl = template::getInstance()->twigRender('modules/menu/' . $tpl, array('modmenu' => $menu)); $set_var[$tag] = $compile_tpl; } template::getInstance()->set(template::TYPE_MODULE, 'menu', $set_var); }
private function viewStreamList() { csrf::getInstance()->buildToken(); $params = array(); $params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle(); $page_index = (int) system::getInstance()->get('index'); $db_index = $page_index * self::ITEM_PER_PAGE; if (system::getInstance()->post('deleteSelected') && csrf::getInstance()->check()) { if (permission::getInstance()->have('global/owner') || permission::getInstance()->have('admin/components/stream/delete')) { $toDelete = system::getInstance()->post('check_array'); if (is_array($toDelete) && sizeof($toDelete) > 0) { $listDelete = system::getInstance()->altimplode(',', $toDelete); if (system::getInstance()->isIntList($listDelete)) { database::getInstance()->con()->query("DELETE FROM " . property::getInstance()->get('db_prefix') . "_com_stream WHERE id IN (" . $listDelete . ")"); } } } } $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_stream ORDER BY `date` DESC LIMIT ?," . self::ITEM_PER_PAGE); $stmt->bindParam(1, $db_index, \PDO::PARAM_INT); $stmt->execute(); $resultAll = $stmt->fetchAll(\PDO::FETCH_ASSOC); $stmt = null; $ids = system::getInstance()->extractFromMultyArray('caster_id', $resultAll); user::getInstance()->listload($ids); foreach ($resultAll as $row) { $params['stream'][] = array('id' => $row['id'], 'type' => $row['type'], 'user_id' => $row['caster_id'], 'user_name' => user::getInstance()->get('nick', $row['caster_id']), 'url' => $row['target_object'], 'text' => system::getInstance()->nohtml($row['text_preview']), 'date' => system::getInstance()->todate($row['date'], 'h')); } $count_all = extension::getInstance()->call(extension::TYPE_COMPONENT, 'stream', false)->streamCount(); $params['pagination'] = template::getInstance()->showFastPagination($page_index, self::ITEM_PER_PAGE, $count_all, '?object=components&action=stream&index='); return template::getInstance()->twigRender('components/stream/list.tpl', $params); }
public function make() { $params = array(); $news_count = extension::getInstance()->getConfig('new_count', 'news_new', extension::TYPE_MODULE, 'int'); if ($news_count < 1) { $news_count = 1; } $stmt = database::getInstance()->con()->prepare("SELECT a.id,a.title,a.link,b.path FROM " . property::getInstance()->get('db_prefix') . "_com_news_entery a," . property::getInstance()->get('db_prefix') . "_com_news_category b\n WHERE a.category = b.category_id AND a.display > 0 ORDER BY a.date DESC LIMIT 0,?"); $stmt->bindParam(1, $news_count, \PDO::PARAM_INT); $stmt->execute(); $result = $stmt->fetchAll(\PDO::FETCH_ASSOC); $stmt = null; foreach ($result as $row) { $full_path = null; $image = null; if (property::getInstance()->get('use_multi_language')) { $full_path .= '/' . language::getInstance()->getUseLanguage(); } $full_path .= '/news/'; if ($row['path'] != null) { $full_path .= $row['path'] . '/'; } $full_path .= $row['link']; $serial_title = system::getInstance()->altstripslashes(unserialize($row['title'])); if (file_exists(root . '/upload/news/poster_' . $row['id'] . '.jpg')) { $image = 'poster_' . $row['id']; } $params['latest'][] = array('title' => $serial_title[language::getInstance()->getUseLanguage()], 'image' => $image, 'pathway' => $full_path); } $tmp = template::getInstance()->twigRender('modules/news_new/list.tpl', array('local' => $params)); template::getInstance()->set(template::TYPE_MODULE, 'news_new', $tmp); }
private function getFeedCount() { $stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_com_feedback"); $stmt->execute(); $res = $stmt->fetch(); $stmt = null; return $res[0]; }
public function make() { $comment_id = (int) system::getInstance()->get('id'); if (user::getInstance()->get('id') > 0 && permission::getInstance()->have('comment/delete') && $comment_id > 0) { $stmt = database::getInstance()->con()->prepare("DELETE FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?"); $stmt->bindParam(1, $comment_id, PDO::PARAM_INT); $stmt->execute(); } }
private function buildTagCloud() { $tag_count = extension::getInstance()->getConfig('tag_count', 'tagcloud', 'modules', 'int'); $stmt = database::getInstance()->con()->prepare("SELECT SQL_CALC_FOUND_ROWS tag, COUNT(*) AS count FROM " . property::getInstance()->get('db_prefix') . "_mod_tags WHERE object_type = 'news' GROUP BY tag ORDER BY count DESC LIMIT 0,?"); $stmt->bindParam(1, $tag_count, PDO::PARAM_INT); $stmt->execute(); $result = $stmt->fetchAll(PDO::FETCH_ASSOC); $stmt = null; return template::getInstance()->twigRender('modules/tagcloud/cloud.tpl', array('local' => $result)); }
/** * Comments count by URI * @param string|null $way * @return mixed */ public function getCount($way = null) { if (is_null($way)) { $way = router::getInstance()->getUriString(); } $stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = 0"); $stmt->bindParam(1, $way, PDO::PARAM_STR); $stmt->execute(); $resultSet = $stmt->fetch(); return $resultSet[0]; }
public function make() { $post_id = (int) system::getInstance()->get('id'); $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_user_wall_answer WHERE wall_post_id = ? ORDER BY id DESC"); $stmt->bindParam(1, $post_id, PDO::PARAM_INT); $stmt->execute(); $result = $stmt->fetchAll(PDO::FETCH_ASSOC); user::getInstance()->listload(system::getInstance()->extractFromMultyArray('poster', $result)); $params = array(); foreach ($result as $item) { $params['answer'][] = array('poster_id' => $item['poster'], 'poster_name' => user::getInstance()->get('nick', $item['poster']), 'poster_avatar' => user::getInstance()->buildAvatar('small', $item['poster']), 'message' => $item['message'], 'time' => system::getInstance()->toDate($item['time'], 'h')); } echo template::getInstance()->twigRender('components/user/profile/profile_answer.tpl', array('local' => $params)); }
private function searchOnPage($query) { $params = array(); $queryBuild = '%' . $query . '%'; $stmt = database::getInstance()->con()->prepare("SELECT title,text,pathway,date FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE text like ? OR title like ? ORDER BY `date` LIMIT 50"); $stmt->bindParam(1, $queryBuild, PDO::PARAM_STR); $stmt->bindParam(2, $queryBuild, PDO::PARAM_STR); $stmt->execute(); $compiled_body = null; while ($result = $stmt->fetch(PDO::FETCH_ASSOC)) { $title = unserialize($result['title']); $serial_text = unserialize($result['text']); $text = system::getInstance()->altsubstr(system::getInstance()->nohtml($serial_text[language::getInstance()->getUseLanguage()]), 0, 200); $link = "static/" . $result['pathway']; $params['static'][] = array('link' => $link, 'title' => $title[language::getInstance()->getUseLanguage()], 'snippet' => $text, 'date' => system::getInstance()->toDate($result['date'], 'h')); } return $params; }
public function make() { $obj = api::getInstance()->call('front', 'commentedit'); if (is_object($obj)) { $comment_id = (int) system::getInstance()->post('comment_id'); if (!$obj->canEdit($comment_id)) { return null; } $comment_text = system::getInstance()->nohtml(system::getInstance()->post('comment_text'), true); if ($comment_id > 0 && strlen($comment_text) > 0) { $stmt = database::getInstance()->con()->prepare("UPDATE " . property::getInstance()->get('db_prefix') . "_mod_comments set comment = ? where id = ?"); $stmt->bindParam(1, $comment_text, PDO::PARAM_STR); $stmt->bindParam(2, $comment_id, PDO::PARAM_INT); $stmt->execute(); $stmt = null; } } }
/** * Get comment list * @param null $way * @param int $end * @param bool $show_all * @return array */ public function getCommentsParams($way = null, $end = 0, $show_all = false) { $userid = user::getInstance()->get('id'); $stmt = null; if (is_null($way)) { $way = router::getInstance()->getUriString(); } if ($show_all) { $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC"); $stmt->bindParam(1, $way, PDO::PARAM_STR); $stmt->execute(); } else { $comment_count = extension::getInstance()->getConfig('comments_count', 'comments', 'modules', 'int'); if ($end < 1) { $end = 1; } $end *= $comment_count; $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC LIMIT 0,?"); $stmt->bindParam(1, $way, PDO::PARAM_STR); $stmt->bindParam(2, $end, PDO::PARAM_INT); $stmt->execute(); } $result = $stmt->fetchAll(PDO::FETCH_ASSOC); user::getInstance()->listload(system::getInstance()->extractFromMultyArray('author', $result)); $params = array(); foreach ($result as $item) { $poster_id = $item['author']; $can_edit = false; $can_delete = false; $editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int'); if ($userid > 0) { if ($poster_id == $userid && time() - $item['time'] <= $editconfig || permission::getInstance()->have('comment/edit')) { $can_edit = true; } if (permission::getInstance()->have('comment/delete')) { $can_delete = true; } } $params[] = array('author_id' => $poster_id, 'author_nick' => user::getInstance()->get('nick', $poster_id), 'author_avatar' => user::getInstance()->buildAvatar('small', $poster_id), 'comment_text' => extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->bbcode2html($item['comment']), 'comment_date' => system::getInstance()->toDate($item['time'], 'h'), 'unixtime' => $item['time'], 'comment_id' => $item['id'], 'can_edit' => $can_edit, 'can_delete' => $can_delete, 'guest_name' => system::getInstance()->nohtml($item['guest_name'])); } $stmt = null; return $params; }
public function make() { $params = array(); $params['captcha_full'] = extension::getInstance()->getConfig('captcha_type', 'captcha', 'hooks') == "recaptcha" ? true : false; $params['captcha'] = extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->show(); if (system::getInstance()->post('dofeedback')) { $poster_name = system::getInstance()->nohtml(system::getInstance()->post('topic_name')); $topic_title = system::getInstance()->nohtml(system::getInstance()->post('topic_title')); $topic_text = system::getInstance()->nohtml(system::getInstance()->post('topic_body')); $poster_email = user::getInstance()->get('id') > 0 ? user::getInstance()->get('email') : system::getInstance()->post('topic_email'); $captcha = system::getInstance()->post('captcha'); $date = time(); if (!filter_var($poster_email, FILTER_VALIDATE_EMAIL)) { $params['notify']['wrong_email'] = true; } if (system::getInstance()->length($topic_title) < 3 || system::getInstance()->length($topic_title) > 70) { $params['notify']['wrong_title'] = true; } if (system::getInstance()->length($poster_name) < 3 || system::getInstance()->length($poster_name) > 50) { $params['notify']['wrong_name'] = true; } if (system::getInstance()->length($topic_text) < 10) { $params['notify']['wrong_text'] = true; } if (!extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->validate($captcha)) { $params['notify']['wrong_captcha'] = true; } if (sizeof($params['notify']) == 0) { $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_com_feedback (`from_name`, `from_email`, `title`, `text`, `time`) VALUES (?, ?, ?, ?, ?)"); $stmt->bindParam(1, $poster_name, PDO::PARAM_STR); $stmt->bindParam(2, $poster_email, PDO::PARAM_STR); $stmt->bindParam(3, $topic_title, PDO::PARAM_STR); $stmt->bindParam(4, $topic_text, PDO::PARAM_STR); $stmt->bindParam(5, $date, PDO::PARAM_INT); $stmt->execute(); $params['notify']['success'] = true; } } meta::getInstance()->add('title', language::getInstance()->get('feedback_form_title')); $render = template::getInstance()->twigRender('components/feedback/form.tpl', array('local' => $params)); template::getInstance()->set(template::TYPE_CONTENT, 'body', $render); }
public function make() { $params = array(); if (system::getInstance()->post('submit')) { if (admin::getInstance()->saveExtensionConfigs()) { $params['notify']['save_success'] = true; } } $params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle(); $params['config']['show_date'] = extension::getInstance()->getConfig('show_date', 'static_on_main', extension::TYPE_MODULE, 'int'); $params['config']['news_id'] = extension::getInstance()->getConfig('news_id', 'static_on_main', extension::TYPE_MODULE, 'int'); $stmt = database::getInstance()->con()->prepare("SELECT `id`, `title` FROM " . property::getInstance()->get('db_prefix') . "_com_static ORDER BY `id` DESC"); $stmt->execute(); $resultAll = $stmt->fetchAll(PDO::FETCH_ASSOC); foreach ($resultAll as $row) { $serial_title = unserialize($row['title']); $params['staticpages'][] = array('id' => $row['id'], 'title' => $serial_title[language::getInstance()->getUseLanguage()]); } $stmt = null; return template::getInstance()->twigRender('modules/static_on_main/settings.tpl', $params); }
private function showNewPmCount() { $userid = user::getInstance()->get('id'); $lastpmview = user::getInstance()->get('lastpmview'); //$stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM ".property::getInstance()->get('db_prefix')."_user_messages WHERE `to` = ? AND timeupdate >= ?"); $stmt = database::getInstance()->con()->prepare("SELECT COUNT(DISTINCT msg.id) FROM " . property::getInstance()->get('db_prefix') . "_user_messages as msg\n LEFT OUTER JOIN " . property::getInstance()->get('db_prefix') . "_user_messages_answer as ans ON msg.id = ans.topic\n WHERE (msg.to = ? OR ans.from != ?) AND (msg.timeupdate >= ? OR ans.time >= ?) GROUP BY msg.id"); $stmt->bindParam(1, $userid, \PDO::PARAM_INT); $stmt->bindParam(2, $userid, \PDO::PARAM_INT); $stmt->bindParam(3, $lastpmview, \PDO::PARAM_INT); $stmt->bindParam(4, $lastpmview, \PDO::PARAM_INT); //$stmt->bindParam(1, $userid, PDO::PARAM_INT); //$stmt->bindParam(2, $lastpmview, PDO::PARAM_INT); $stmt->execute(); $result = $stmt->fetch(); $stmt = null; $new_pm_count = $result[0]; if ($new_pm_count < 1) { $new_pm_count = 0; } template::getInstance()->set(template::TYPE_MODULE, 'message_new_count', $new_pm_count); }
/** * Set in body position static page for $pathway * @param string $pathway * @param int $id * @param boolean $show_date * @param boolean $is_main * @return string|null */ public function display($pathway, $id = null, $show_date = true, $is_main = false) { $stmt = null; if (is_null($id)) { $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE pathway = ?"); $stmt->bindParam(1, $pathway, PDO::PARAM_STR); $stmt->execute(); } else { $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE id = ?"); $stmt->bindParam(1, $id, PDO::PARAM_INT); $stmt->execute(); } if ($stmt != null && ($result = $stmt->fetch())) { $serial_title = unserialize($result['title']); $serial_text = unserialize($result['text']); $serial_keywords = unserialize($result['keywords']); $serial_description = unserialize($result['description']); if (system::getInstance()->length($serial_title[language::getInstance()->getUseLanguage()]) < 1 || system::getInstance()->length($serial_text[language::getInstance()->getUseLanguage()]) < 1) { return null; } $urlfix_object = extension::getInstance()->call(extension::TYPE_HOOK, 'urlfixer'); if (is_object($urlfix_object)) { $serial_text = $urlfix_object->fix($serial_text); } if ($pathway) { meta::getInstance()->add('title', $serial_title[language::getInstance()->getUseLanguage()]); meta::getInstance()->add('keywords', $serial_keywords[language::getInstance()->getUseLanguage()]); meta::getInstance()->add('description', $serial_description[language::getInstance()->getUseLanguage()]); } $params = array('title' => $serial_title[language::getInstance()->getUseLanguage()], 'text' => $serial_text[language::getInstance()->getUseLanguage()], 'date' => system::getInstance()->toDate($result['date'], 'd'), 'show_date' => $show_date, 'is_main' => $is_main, 'pathway' => property::getInstance()->get('url') . '/static/' . $pathway); if (system::getInstance()->get('print') == 'true') { template::getInstance()->justPrint(template::getInstance()->twigRender('components/static/print.tpl', array('local' => $params))); } return template::getInstance()->twigRender('components/static/page.tpl', array('local' => $params)); } return null; }
public function canEdit($comment_id) { if (permission::getInstance()->have('global/owner')) { // no limits for full admin return true; } if (user::getInstance()->get('id') < 1) { return false; } if (!permission::getInstance()->have('global/write')) { return false; } $userid = user::getInstance()->get('id'); $stmt = database::getInstance()->con()->prepare("SELECT author,time FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?"); $stmt->bindParam(1, $comment_id, PDO::PARAM_INT); $stmt->execute(); if ($result = $stmt->fetch()) { $editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int'); if ($result['author'] != $userid || time() - $result['time'] > $editconfig && !permission::getInstance()->have('comment/edit')) { return false; } } return true; }
private function viewFeedMain() { $params = array(); $way = router::getInstance()->shiftUriArray(); meta::getInstance()->add('title', language::getInstance()->get('feed_global_title')); $item_per_page = extension::getInstance()->getConfig('item_per_page', 'feed', extension::TYPE_COMPONENT, 'int'); if ($item_per_page < 1) { $item_per_page = 1; } $index = (int) $way[1]; $db_index = $index * $item_per_page; $stmt = database::getInstance()->con()->prepare("SELECT a.item_title,a.item_id,a.target_list,a.item_date,b.title FROM " . property::getInstance()->get('db_prefix') . "_com_feed_item a,\n " . property::getInstance()->get('db_prefix') . "_com_feed_list b WHERE b.id = a.target_list ORDER BY a.item_date DESC LIMIT ?,?"); $stmt->bindParam(1, $db_index, \PDO::PARAM_INT); $stmt->bindParam(2, $item_per_page, \PDO::PARAM_INT); $stmt->execute(); $result = $stmt->fetchAll(\PDO::FETCH_ASSOC); $stmt = null; foreach ($result as $row) { $cat_title = unserialize($row['title']); $params['rssfeed'][] = array('title' => system::getInstance()->nohtml($row['item_title']), 'id' => $row['item_id'], 'cat_title' => $cat_title[language::getInstance()->getUseLanguage()], 'cat_id' => $row['target_list'], 'date' => system::getInstance()->toDate($row['item_date'], 'h')); } // get total count for pagination $stmt = database::getInstance()->con()->query("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_com_feed_item"); $res = $stmt->fetch(); $stmt = null; $total_count = $res[0]; $params['pagination'] = template::getInstance()->showFastPagination($index, $item_per_page, $total_count, 'feed/list'); return template::getInstance()->twigRender('components/feed/stream.tpl', $params); }
public function make() { $params = array(); $item_count = extension::getInstance()->getConfig('discus_count', 'news_top_discus', extension::TYPE_MODULE, 'int'); if ($item_count < 1) { $item_count = 1; } $day_unixlimit = extension::getInstance()->getConfig('discus_days', 'news_top_discus', extension::TYPE_MODULE, 'int'); $day_unixlimit *= 60 * 60 * 24; $day_diff = $day_unixlimit === 0 ? 0 : time() - $day_unixlimit; $stmt = database::getInstance()->con()->prepare("SELECT pathway,COUNT(*) as count FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE moderate = 0 AND time >= ? GROUP BY `pathway` ORDER BY count DESC LIMIT 0,?"); $stmt->bindParam(1, $day_diff, \PDO::PARAM_INT); $stmt->bindParam(2, $item_count, \PDO::PARAM_INT); $stmt->execute(); $result = $stmt->fetchAll(\PDO::FETCH_ASSOC); $stmt = null; $article_url = array(); $article_cat = array(); $main_cat = false; $comment_key_count = array(); foreach ($result as $item) { $comment_key_count[$item['pathway']] = $item['count']; } foreach (system::getInstance()->extractFromMultyArray('pathway', $result) as $uri_string) { $uri = system::getInstance()->altexplode('/', $uri_string); if (property::getInstance()->get('use_multi_language')) { array_shift($uri); } // remove /ru/ or /en/. array_shift($uri); // remove /news/ if (sizeof($uri) === 1) { $article_url[] = system::getInstance()->altimplode('/', $uri); $main_cat = true; } else { $article_url[] = array_pop($uri); $article_cat[] = system::getInstance()->altimplode('/', $uri); } } $article_link_list = "'" . system::getInstance()->altimplode('\',\'', $article_url) . "'"; $article_cat_list = null; if ($main_cat) { $article_cat_list .= "'',"; } $article_cat_list .= "'" . system::getInstance()->altimplode('\',\'', $article_cat) . "'"; $stmt = database::getInstance()->con()->query("SELECT a.title,a.link,b.path FROM " . property::getInstance()->get('db_prefix') . "_com_news_entery a," . property::getInstance()->get('db_prefix') . "_com_news_category b\n WHERE a.link IN ({$article_link_list}) AND b.path in ({$article_cat_list}) AND a.category = b.category_id"); $news_result = $stmt->fetchAll(\PDO::FETCH_ASSOC); $stmt = null; $news_data = array(); foreach ($news_result as $row) { $full_path = null; if (property::getInstance()->get('use_multi_language')) { $full_path .= '/' . language::getInstance()->getUseLanguage(); } $full_path .= '/news/'; if ($row['path'] != null) { $full_path .= $row['path'] . '/'; } $full_path .= $row['link']; if ($comment_key_count[$full_path] > 0) { $serial_title = unserialize($row['title']); $news_data[$full_path] = array('title' => $serial_title[language::getInstance()->getUseLanguage()]); } } foreach ($comment_key_count as $item_path => $item_repeat) { if (sizeof($news_data[$item_path]) > 0) { $params['top'][] = array('title' => $news_data[$item_path]['title'], 'comments' => $item_repeat, 'pathway' => $item_path); } } $tmp = template::getInstance()->twigRender('modules/news_top_discus/list.tpl', array('local' => $params)); template::getInstance()->set(template::TYPE_MODULE, 'news_top_discus', $tmp); }
public function checkVideoOwnerExist($owner_id, $video_id) { $stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery WHERE id = ? AND author = ? AND display = 0"); $stmt->bindParam(1, $video_id, PDO::PARAM_INT); $stmt->bindParam(2, $owner_id, PDO::PARAM_INT); $stmt->execute(); $res = $stmt->fetch(); return $res > 0; }
private function checkPageWay($way, $id = 0) { if (preg_match('/[\'~`\\!@#\\$%\\^&\\*\\(\\)+=\\{\\}\\[\\]\\|;:"\\<\\>,\\?\\\\]/', $way) || strlen($way) < 1) { return false; } $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE pathway = ? AND id != ?"); $stmt->bindParam(1, $way, PDO::PARAM_STR); $stmt->bindParam(2, $id, PDO::PARAM_INT); $stmt->execute(); return $stmt->rowCount() > 0 ? false : true; }
public function streamCount() { $stmt = database::getInstance()->con()->query("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_com_stream"); $result = $stmt->fetch(); $stmt = null; return $result[0]; }
public function _install() { $lang_ru = array('ru' => array('front' => array('feed_global_title' => 'Лента материалов', 'feed_breadcrumb_main' => 'Лента', 'feed_breadcrumb_category' => 'Список лент', 'feed_category_title' => 'Список каналов', 'feed_category_header' => 'Канал', 'feed_category_list' => 'Список лент', 'feed_category_allitem' => 'Все материалы'), 'back' => array('admin_components_feed.name' => 'RSS ленты', 'admin_components_feed.desc' => 'Реализация компонента сборщика информации из разных RSS потоков на сайт', 'admin_components_feed_list_title' => 'Список лент', 'admin_components_feed_settings' => 'Настройки', 'admin_components_feed_edit_title' => 'Редактирование фида', 'admin_components_feed_config_count_title' => 'Кол-во на страницу', 'admin_components_feed_config_count_desc' => 'Количество записей отображаемых на 1 странице', 'admin_components_feed_th_title' => 'Название', 'admin_components_feed_th_source' => 'Источник', 'admin_components_feed_th_actions' => 'Операции', 'admin_components_feed_button_add' => 'Добавить ленту', 'admin_components_feed_edit_form_title' => 'Название фида', 'admin_components_feed_edit_form_desc' => 'Описание', 'admin_components_feed_edit_form_desc_helper' => 'Краткое описание ленты, которое будет отображено на сайте в разделе данной ленты', 'admin_components_feed_edit_form_url' => 'RSS источник', 'admin_components_feed_edit_form_url_helper' => 'Ссылка на RSS ленту источника, которая будет обрабатываться сайтом', 'admin_components_feed_edit_button_save' => 'Сохранить', 'admin_components_feed_notify_length' => 'Длина заголовка некоректна', 'admin_components_feed_notify_source_wrong' => 'Длина ссылки на источник RSS некоректна', 'admin_components_feed_delete_title' => 'Удаление ленты', 'admin_components_feed_delete_desc' => 'Вы уверены что хотите удалить данную ленту?', 'admin_components_feed_delete_button' => 'Удалить'))); $lang_en = array('en' => array('front' => array('feed_global_title' => 'Rss feed', 'feed_breadcrumb_main' => 'Feed', 'feed_breadcrumb_category' => 'Feed list', 'feed_category_title' => 'Channel list', 'feed_category_header' => 'Channel', 'feed_category_list' => 'List of feeds', 'feed_category_allitem' => 'All materials'), 'back' => array('admin_components_feed.name' => 'RSS feeds', 'admin_components_feed.desc' => 'This component allow to make your own rss catalog', 'admin_components_feed_list_title' => 'Feeds list', 'admin_components_feed_settings' => 'Settings', 'admin_components_feed_edit_title' => 'Edit feed', 'admin_components_feed_config_count_title' => 'Count per page', 'admin_components_feed_config_count_desc' => 'Count of items displayed on 1 page', 'admin_components_feed_th_title' => 'Title', 'admin_components_feed_th_source' => 'Source', 'admin_components_feed_th_actions' => 'Actions', 'admin_components_feed_button_add' => 'Add feed', 'admin_components_feed_edit_form_title' => 'Feed title', 'admin_components_feed_edit_form_desc' => 'Description', 'admin_components_feed_edit_form_desc_helper' => 'Short description of feed what be displayed on website', 'admin_components_feed_edit_form_url' => 'RSS source', 'admin_components_feed_edit_form_url_helper' => 'Link to URL of RSS feed to parse', 'admin_components_feed_edit_button_save' => 'Save', 'admin_components_feed_notify_length' => 'Title length is incorrent', 'admin_components_feed_notify_source_wrong' => 'Rss source URL is wrong', 'admin_components_feed_delete_title' => 'Delete feed', 'admin_components_feed_delete_desc' => 'Are you sure to delete this feed?', 'admin_components_feed_delete_button' => 'Delete'))); language::getInstance()->add($lang_en); language::getInstance()->add($lang_ru); database::getInstance()->con()->exec("CREATE TABLE IF NOT EXISTS `" . property::getInstance()->get('db_prefix') . "_com_feed_list` (\n `id` int(12) NOT NULL AUTO_INCREMENT,\n `title` text NOT NULL,\n `desc` text NOT NULL,\n `url` varchar(512) NOT NULL,\n `update` int(16) NOT NULL DEFAULT '0',\n PRIMARY KEY (`id`)\n ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1;\n CREATE TABLE IF NOT EXISTS `" . property::getInstance()->get('db_prefix') . "_com_feed_item` (\n `item_id` int(32) NOT NULL AUTO_INCREMENT,\n `target_list` int(12) NOT NULL,\n `item_title` text NOT NULL,\n `item_desc` text NOT NULL,\n `source_url` varchar(512) NOT NULL,\n `item_date` int(16) NOT NULL,\n `fulltext` text NOT NULL,\n PRIMARY KEY (`item_id`)\n ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;\n "); $cfgs = 'a:1:{s:13:"item_per_page";s:2:"10";}'; $stmt = database::getInstance()->con()->prepare("UPDATE " . property::getInstance()->get('db_prefix') . "_extensions SET `configs` = ? WHERE `type` = 'components' AND `dir` = 'feed'"); $stmt->bindParam(1, $cfgs, \PDO::PARAM_STR); $stmt->execute(); $stmt = null; }
private function loadDefaults() { $global_title = property::getInstance()->get('seo_title'); $this->add('/', date('c'), 'daily', '1.0', $global_title[language::getInstance()->getUseLanguage()]); // main page $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_news_entery a, " . property::getInstance()->get('db_prefix') . "_com_news_category b WHERE a.display = 1 AND a.category = b.category_id ORDER BY a.id ASC"); $stmt->execute(); while ($result = $stmt->fetch(PDO::FETCH_ASSOC)) { $link = null; if ($result['path'] == null) { $link = "/news/" . $result['link']; } else { $link = "/news/" . $result['path'] . "/" . $result['link']; } $news_title = system::getInstance()->altstripslashes(unserialize($result['title'])); $this->add($link, date('c', $result['date']), 'weekly', '0.3', $news_title[language::getInstance()->getUseLanguage()]); } $stmt = null; $stmt = database::getInstance()->con()->prepare("SELECT `pathway`, `date`, `title` FROM " . property::getInstance()->get('db_prefix') . "_com_static"); $stmt->execute(); while ($result = $stmt->fetch(PDO::FETCH_ASSOC)) { $static_title = system::getInstance()->altstripslashes(unserialize($result['title'])); $this->add("/static/" . $result['pathway'], date('c', $result['date']), 'weekly', '0.4', $static_title[language::getInstance()->getUseLanguage()]); } $stmt = null; $stmt = database::getInstance()->con()->prepare("SELECT id,nick,login FROM " . property::getInstance()->get('db_prefix') . "_user WHERE aprove = 0"); $stmt->execute(); while ($result = $stmt->fetch(PDO::FETCH_ASSOC)) { $u_title = $result['nick']; if (system::getInstance()->length($u_title) < 1) { $u_title = $result['login']; } // unsafe .. but didnt care (: $this->add("/user/id" . $result['id'], date('c'), 'weekly', '0.2', $u_title); } $stmt = null; $stmt = database::getInstance()->con()->prepare("SELECT a.`path`, a.`name`, b.`date` FROM `" . property::getInstance()->get('db_prefix') . "_com_news_category` a, `" . property::getInstance()->get('db_prefix') . "_com_news_entery` b WHERE a.category_id = b.category AND a.path != '' GROUP BY a.path ORDER BY b.`date` DESC"); $stmt->execute(); while ($result = $stmt->fetch(PDO::FETCH_ASSOC)) { $cat_name = unserialize($result['name']); $this->add("/news/" . $result['path'], date('c', $result['date']), 'weekly', '0.3', $cat_name[language::getInstance()->getUseLanguage()]); } }
private function tagIsUsed($tag, $defined_id = 0) { $stmt = null; if ($defined_id > 0) { $stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_mod_menu_header WHERE `menu_tag` = ? AND `menu_id` != ?"); $stmt->bindParam(1, $tag, \PDO::PARAM_STR); $stmt->bindParam(2, $defined_id, \PDO::PARAM_INT); } else { $stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_mod_menu_header WHERE `menu_tag` = ?"); $stmt->bindParam(1, $tag, \PDO::PARAM_STR); } $stmt->execute(); $res = $stmt->fetch(); $stmt = null; return $res[0] > 0; }
public function getTotalVideoCount($filter = 0) { $query = null; switch ($filter) { case 1: $query = "SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery WHERE display = 0"; break; case 2: $query = "SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery WHERE important = 1"; break; default: $query = "SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery"; break; } $stmt = database::getInstance()->con()->prepare($query); $stmt->execute(); $result = $stmt->fetch(); $stmt = null; return $result[0]; }
public function getTotalCommentCount($filter) { $stmt = null; if ($filter == self::FILTER_MODERATE) { $stmt = database::getInstance()->con()->query("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE moderate = 1"); } else { $stmt = database::getInstance()->con()->query("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_mod_comments"); } $result = $stmt->fetch(); $stmt = null; return $result[0]; }
<?php /** |==========================================================| |========= @copyright Pyatinskii Mihail, 2013-2014 ========| |================= @website: www.ffcms.ru =================| |========= @license: GNU GPL V3, file: license.txt ========| |==========================================================| */ // system are not installed or file is missed if (!file_exists(root . "/config.php")) { exit("System are not installed or file config.php is missed. Run <a href='/install/'>Installer</a>."); } else { require_once root . '/config.php'; } \engine\property::getInstance()->init(); // processing of URI for multi-language and friendly url's \engine\timezone::getInstance()->init(); // prepare tz_data worker date_default_timezone_set(\engine\property::getInstance()->get('time_zone')); // default timezone from configs \engine\language::getInstance()->init(); \engine\database::getInstance()->init(); // init database PDO connect \engine\user::getInstance()->init(); \engine\router::getInstance()->init(); \engine\extension::getInstance()->init(); // init extension controller \engine\template::getInstance()->init(); echo \engine\admin::getInstance()->make();