cot_die_message(404, TRUE);
}
$item = $sql->fetch();
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('folio', $item['item_cat'], 'RWA');
cot_block($usr['auth_read']);
if ($item['item_state'] != 0 && !$usr['isadmin'] && $usr['id'] != $item['item_userid']) {
cot_log("Attempt to directly access an un-validated", 'sec');
cot_redirect(cot_url('message', "msg=930", '', true));
exit;
}
if ($usr['id'] != $item['item_userid'] && (!$usr['isadmin'] || $cfg['folio']['count_admin'])) {
$item['item_count']++;
$db->update($db_folio, array('item_count' => $item['item_count']), "item_id=" . (int) $item['item_id']);
}
$title_params = array('TITLE' => empty($item['item_metatitle']) ? $item['item_title'] : $item['item_metatitle'], 'CATEGORY' => $structure['folio'][$item['item_cat']]['title']);
$out['subtitle'] = cot_title($cfg['folio']['title_folio'], $title_params);
$out['desc'] = !empty($item['item_metadesc']) ? $item['item_metadesc'] : cot_cutstring(strip_tags(cot_parse($item['item_text'], $cfg['folio']['markup'], $item['item_parser'])), 160);
$out['meta_keywords'] = !empty($item['item_keywords']) ? $item['item_keywords'] : $structure['folio'][$item['item_cat']]['keywords'];
// Building the canonical URL
$pageurl_params = array('c' => $item['item_cat']);
empty($al) ? $pageurl_params['id'] = $id : ($pageurl_params['al'] = $al);
$out['canonical_uri'] = cot_url('folio', $pageurl_params);
$mskin = cot_tplfile(array('folio', $structure['folio'][$item['item_cat']]['tpl']));
/* === Hook === */
foreach (cot_getextplugins('folio.main') as $pl) {
include $pl;
}
/* ===== */
$t = new XTemplate($mskin);
$t->assign(cot_generate_usertags($item, 'PRD_OWNER_'));
$t->assign(cot_generate_foliotags($item, 'PRD_', $cfg['folio']['shorttextlen'], $usr['isadmin'], $cfg['homebreadcrumb']));
cot_forums_sectionsetlast($rowpost['fp_cat']);
if ($cache) {
$cfg['cache_forums'] && $cache->page->clear('forums');
$cfg['cache_index'] && $cache->page->clear('index');
}
cot_redirect(cot_url('forums', "m=posts&q=" . $q . '&d=' . $durl, '#' . $p, true));
}
require_once cot_incfile('forms');
$crumbs = cot_forums_buildpath($s);
$crumbs[] = array(cot_url('forums', "m=posts&p=" . $p, "#" . $p), ($rowt['ft_mode'] == 1 ? '# ' : '') . htmlspecialchars($rowt['ft_title']));
$crumbs[] = array(cot_url('forums', "m=editpost&s={$s}&q=" . $q . "&p=" . $p . "&" . cot_xg()), $L['Edit']);
$toptitle = cot_breadcrumbs($crumbs, $cfg['homebreadcrumb']);
$toptitle .= $usr['isadmin'] ? $R['forums_code_admin_mark'] : '';
$sys['sublocation'] = $structure['forums'][$s]['title'];
$title_params = array('FORUM' => $L['Forums'], 'SECTION' => $structure['forums'][$s]['title'], 'TOPIC' => $rowt['ft_title'], 'EDIT' => $L['Edit']);
$out['subtitle'] = cot_title('{EDIT} - {TOPIC}', $title_params);
$out['head'] .= $R['code_noindex'];
/* === Hook === */
foreach (cot_getextplugins('forums.editpost.main') as $pl) {
include $pl;
}
/* ===== */
require_once $cfg['system_dir'] . '/header.php';
$mskin = cot_tplfile(array('forums', 'editpost', $structure['forums'][$s]['tpl']));
$t = new XTemplate($mskin);
cot_display_messages($t);
if ($db->query("SELECT fp_id FROM {$db_forum_posts} WHERE fp_topicid = {$q} ORDER BY fp_id ASC LIMIT 1")->fetchColumn() == $p) {
$t->assign(array('FORUMS_EDITPOST_TOPICTITTLE' => cot_inputbox('text', 'rtopictitle', $rowt['ft_title'], array('size' => 56, 'maxlength' => 255)), 'FORUMS_EDITPOST_TOPICDESCRIPTION' => cot_inputbox('text', 'rtopicdesc', $rowt['ft_desc'], array('size' => 56, 'maxlength' => 255))));
// Extra fields
foreach ($cot_extrafields[$db_forum_topics] as $exfld) {
$uname = strtoupper($exfld['field_name']);
}
if ($filter == 'unread') {
$sqlfilter .= " AND pm_tostate = 0";
$title[] = $L['pm_unread'];
} elseif ($filter == 'starred') {
$sqlfilter .= $f == 'sentbox' ? " AND pm_fromstate = 2" : " AND pm_tostate = 2";
$title[] = $L['pm_starred'];
}
/* === Hook === */
foreach (cot_getextplugins('pm.list.main') as $pl) {
include $pl;
}
/* ===== */
/* === Title === */
$title_params = array('PM' => $L['Private_Messages'], 'COUNT' => $totalcount, 'BOX' => $subtitle);
$out['subtitle'] = cot_title('{BOX} ({COUNT}) - {PM}', $title_params);
$out['head'] .= $R['code_noindex'];
Resources::linkFileFooter(cot::$cfg['modules_dir'] . '/pm/js/pm.js');
/* === Title === */
$totallines = $db->query("SELECT COUNT(*) FROM {$db_pm} WHERE {$sqlfilter}")->fetchColumn();
$elem = $f == 'sentbox' ? 'pm_touserid' : 'pm_fromuserid';
$pm_sql = $db->query("SELECT p.*, u.* FROM {$db_pm} AS p\n\t\tLEFT JOIN {$db_users} AS u\n\t\tON u.user_id = p.{$elem}\n\t\tWHERE {$sqlfilter}\n\t\tORDER BY pm_date DESC LIMIT {$d}," . $cfg['pm']['maxpmperpage']);
$pagenav = cot_pagenav('pm', 'f=' . $f . '&filter=' . $filter, $d, $totallines, $cfg['pm']['maxpmperpage'], 'd', '', $cfg['pm']['turnajax']);
require_once $cfg['system_dir'] . '/header.php';
$t = new XTemplate(cot_tplfile(array('pm', 'list', $pmalttpl)));
$jj = 0;
/* === Hook - Part1 : Set === */
$extp = cot_getextplugins('pm.list.loop');
/* ===== */
foreach ($pm_sql->fetchAll() as $row) {
$jj++;
/**
* Sends mail with standard PHP mail().
* If cot_mail_custom() function exists, it will be called instead of the PHP
* function. This way custom mail delivery methods, such as SMTP, are
* supported.
*
* @global $cfg
* @param string $fmail Recipient
* @param string $subject Subject
* @param string $body Message body
* @param string $headers Message headers
* @param bool $customtemplate Use custom template
* @param string $additional_parameters Additional parameters passed to sendmail
* @return bool
*/
function cot_mail($fmail, $subject, $body, $headers = '', $customtemplate = false, $additional_parameters = null, $html = false)
{
global $cfg, $cot_mail_senders;
if (function_exists('cot_mail_custom')) {
return cot_mail_custom($fmail, $subject, $body, $headers, $customtemplate, $additional_parameters, $html);
}
if (is_array($cot_mail_senders) && count($cot_mail_senders) > 0) {
foreach ($cot_mail_senders as $func) {
$ret &= $func($fmail, $subject, $body, $headers, $additional_parameters, $html);
}
return $ret;
}
if (empty($fmail)) {
return false;
} else {
$sitemaintitle = mb_encode_mimeheader($cfg['maintitle'], 'UTF-8', 'B', "\n");
$headers = empty($headers) ? "From: \"" . $sitemaintitle . "\" <" . $cfg['adminemail'] . ">\n" . "Reply-To: <" . $cfg['adminemail'] . ">\n" : $headers;
$headers .= "Message-ID: <" . md5(uniqid(microtime())) . "@" . $_SERVER['SERVER_NAME'] . ">\n";
$type_body = $html ? "html" : "plain";
$headers .= "Content-Type: text/" . $type_body . "; charset=UTF-8\n";
$headers .= "Content-Transfer-Encoding: 8bit\n";
if (!$customtemplate) {
$body_params = array('SITE_TITLE' => $cfg['maintitle'], 'SITE_URL' => $cfg['mainurl'], 'SITE_DESCRIPTION' => $cfg['subtitle'], 'ADMIN_EMAIL' => $cfg['adminemail'], 'MAIL_SUBJECT' => $subject, 'MAIL_BODY' => $body);
$subject_params = array('SITE_TITLE' => $cfg['maintitle'], 'SITE_DESCRIPTION' => $cfg['subtitle'], 'MAIL_SUBJECT' => $subject);
$subject = cot_title($cfg['subject_mail'], $subject_params, false);
$body = cot_title(str_replace("\r\n", "\n", $cfg['body_mail']), $body_params, false);
}
$subject = mb_encode_mimeheader($subject, 'UTF-8', 'B', "\n");
if (ini_get('safe_mode')) {
mail($fmail, $subject, $body, $headers);
} else {
mail($fmail, $subject, $body, $headers, $additional_parameters);
}
return true;
}
}
$touser_ids[] = $row['user_id'];
$touser_names[] = htmlspecialchars($row['user_name']);
}
$sql_pm_users->closeCursor();
$touser = implode(", ", $touser_names);
if ($totalrecipients < $touser_req) {
cot_error('pm_wrongname', 'newpmrecipient');
}
if (!$usr['isadmin'] && $totalrecipients > 10) {
cot_error(sprintf($L['pm_toomanyrecipients'], 10), 'newpmrecipient');
}
}
}
list($totalsentbox, $totalinbox) = cot_message_count($usr['id']);
$title_params = array('PM' => $L['Private_Messages'], 'SEND_NEW' => $L['pm_sendnew']);
$out['subtitle'] = cot_title('{SEND_NEW} - {PM}', $title_params);
$out['head'] .= $R['code_noindex'];
/* === Hook === */
foreach (cot_getextplugins('pm.send.main') as $pl) {
include $pl;
}
/* ===== */
if ($id) {
$pmsql = $db->query("SELECT *, u.user_name FROM {$db_pm} AS p LEFT JOIN {$db_users} AS u ON u.user_id=p.pm_touserid WHERE pm_id={$id} AND pm_tostate=0 LIMIT 1");
if ($pmsql->rowCount() != 0) {
$row = $pmsql->fetch();
$newpmtitle = !empty($newpmtitle) ? $newpmtitle : $row['pm_title'];
$newpmtext = !empty($newpmtext) ? $newpmtext : $row['pm_text'];
$idurl = '&id=' . $id;
} else {
cot_die();
[BEGIN_COT_EXT]
Hooks=page.main
Order=5
[END_COT_EXT]
==================== */
/**
* I18n for pages: redefines page body and title
*
* @package I18n
* @copyright (c) Cotonti Team
* @license https://github.com/Cotonti/Cotonti/blob/master/License.txt
*/
defined('COT_CODE') or die('Wrong URL');
$i18n_enabled = $i18n_read && cot_i18n_enabled($pag['page_cat']);
if ($i18n_enabled && $i18n_notmain) {
$pag_i18n = cot_i18n_get_page($id, $i18n_locale);
$cat_i18n = cot_i18n_get_cat($pag['page_cat'], $i18n_locale);
if (!$cat_i18n) {
$cat_i18n =& $structure['page'][$pag['page_cat']];
}
if ($pag_i18n) {
// Override <title>, subtitle and desc
$title_params = array('TITLE' => $pag_i18n['ipage_title'], 'CATEGORY' => $cat_i18n['title']);
$out['subtitle'] = cot_title($cfg['page']['title_page'], $title_params);
$out['desc'] = htmlspecialchars(strip_tags($pag_i18n['ipage_desc']));
// Enable indexing
$sys['noindex'] = false;
// Merge with page data
$pag = array_merge($pag, $pag_i18n);
}
}
include $pl;
}
/* ===== */
if ($id > 0 || !empty($al)) {
$where = !empty($al) ? "item_alias='" . $al . "'" : 'item_id=' . $id;
$sql = $db->query("SELECT p.*, u.* FROM {$db_projects} AS p LEFT JOIN {$db_users} AS u ON u.user_id=p.item_userid WHERE {$where} LIMIT 1");
}
if (!$id && empty($al) || !$sql || $sql->rowCount() == 0) {
cot_die_message(404, TRUE);
}
$item = $sql->fetch();
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin'], $usr['auth_offers']) = cot_auth('projects', $item['item_cat'], 'RWA1');
cot_block($usr['auth_read']);
$id = $item['item_id'];
$title_params = array('TITLE' => empty($item['item_metatitle']) ? $item['item_title'] : $item['item_metatitle'], 'TYPE' => $projects_types[$item['item_type']], 'CATEGORY' => $structure['projects'][$item['item_cat']]['title']);
$out['subtitle'] = cot_title($cfg['projects']['title_projects'], $title_params);
$out['desc'] = !empty($item['item_metadesc']) ? $item['item_metadesc'] : cot_cutstring(strip_tags(cot_parse($item['item_text'], $cfg['projects']['markup'], $item['item_parser'])), 160);
$out['meta_keywords'] = !empty($item['item_keywords']) ? $item['item_keywords'] : $structure['projects'][$item['item_cat']]['keywords'];
if ($item['item_state'] != 0 && !$usr['isadmin'] && $usr['id'] != $item['item_userid']) {
$userofferexists = (bool) $db->query("SELECT COUNT(*) FROM {$db_projects_offers} \n\t\t\tWHERE offer_userid=" . $usr['id'] . " AND offer_pid=" . $item['item_id'])->fetchColumn();
if (!$userofferexists) {
cot_log("Attempt to directly access an un-validated", 'sec');
cot_redirect(cot_url('message', "msg=930", '', true));
exit;
}
}
if (!$usr['isadmin'] || $cfg['count_admin']) {
$item['item_count']++;
$db->update($db_projects, array('item_count' => $item['item_count']), "item_id=" . (int) $item['item_id']);
}
// Building the canonical URL
foreach (cot_getextplugins('users.details.first') as $pl) {
include $pl;
}
/* ===== */
if (!empty($u) && empty($id)) {
$u = $db->query("SELECT user_id FROM {$db_users} WHERE user_name=" . $db->quote($u) . " LIMIT 1")->fetch();
$id = $u['user_id'];
} elseif (empty($id) && empty($u) && $usr['id'] > 0) {
$id = $usr['id'];
}
cot_die(empty($id), true);
$sql = $db->query("SELECT * FROM {$db_users} WHERE user_id={$id} LIMIT 1");
cot_die($sql->rowCount() == 0, true);
$urr = $sql->fetch();
$title_params = array('USER' => $L['User'], 'NAME' => $urr['user_name']);
$out['subtitle'] = cot_title('title_users_details', $title_params);
$mskin = cot_tplfile(array('users', 'details'), 'module');
/* === Hook === */
foreach (cot_getextplugins('users.details.main') as $pl) {
include $pl;
}
/* ===== */
require_once $cfg['system_dir'] . '/header.php';
$t = new XTemplate($mskin);
$t->assign(cot_generate_usertags($urr, 'USERS_DETAILS_', '', true));
$t->assign(array('USERS_DETAILS_TITLE' => cot_breadcrumbs(array(array(cot_url('users'), $L['Users']), array(cot_url('users', 'm=details&id=' . $urr['user_id'] . '&u=' . $urr['user_name']), $urr['user_name'])), $cfg['homebreadcrumb']), 'USERS_DETAILS_SUBTITLE' => $L['use_subtitle']));
/* === Hook === */
foreach (cot_getextplugins('users.details.tags') as $pl) {
include $pl;
}
/* ===== */
cot_die_message(404, TRUE);
}
$item = $sql->fetch();
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('market', $item['item_cat'], 'RWA');
cot_block($usr['auth_read']);
if ($item['item_state'] == 1 && !$usr['isadmin'] && $usr['id'] != $item['item_userid']) {
cot_log("Attempt to directly access an un-validated", 'sec');
cot_redirect(cot_url('message', "msg=930", '', true));
exit;
}
if ($usr['id'] != $item['item_userid'] && (!$usr['isadmin'] || $cfg['market']['count_admin'])) {
$item['item_count']++;
$db->update($db_market, array('item_count' => $item['item_count']), "item_id=" . (int) $item['item_id']);
}
$title_params = array('TITLE' => empty($item['item_metatitle']) ? $item['item_title'] : $item['item_metatitle'], 'CATEGORY' => $structure['market'][$item['item_cat']]['title']);
$out['subtitle'] = cot_title($cfg['market']['title_market'], $title_params);
$out['desc'] = !empty($item['item_metadesc']) ? $item['item_metadesc'] : cot_cutstring(strip_tags(cot_parse($item['item_text'], $cfg['market']['markup'], $item['item_parser'])), 160);
$out['meta_keywords'] = !empty($item['item_keywords']) ? $item['item_keywords'] : $structure['market'][$item['item_cat']]['keywords'];
// Building the canonical URL
$pageurl_params = array('c' => $item['item_cat']);
empty($al) ? $pageurl_params['id'] = $id : ($pageurl_params['al'] = $al);
$out['canonical_uri'] = cot_url('market', $pageurl_params);
$mskin = cot_tplfile(array('market', $structure['market'][$item['item_cat']]['tpl']));
/* === Hook === */
foreach (cot_getextplugins('market.main') as $pl) {
include $pl;
}
/* ===== */
$t = new XTemplate($mskin);
$t->assign(cot_generate_usertags($item, 'PRD_OWNER_'));
$t->assign(cot_generate_markettags($item, 'PRD_', $cfg['market']['shorttextlen'], $usr['isadmin'], $cfg['homebreadcrumb']));
foreach (cot_getextplugins('users.edit.update.done') as $pl) {
include $pl;
}
/* ===== */
cot_auth_clear($id);
cot_log("Edited user #" . $id, 'adm');
cot_message('User_data_updated');
cot_redirect(cot_url('users', "m=edit&id=" . $id, '', true));
} else {
cot_redirect(cot_url('users', "m=edit&id={$id}", '', true));
}
}
$sql = $db->query("SELECT * FROM {$db_users} WHERE user_id={$id} LIMIT 1");
$urr = $sql->fetch();
$title_params = array('EDIT' => $L['Edit'], 'NAME' => $urr['user_name']);
$out['subtitle'] = cot_title('{EDIT} - {NAME}', $title_params);
$out['head'] .= $R['code_noindex'];
$mskin = cot_tplfile(array('users', 'edit', $usr['maingrp']), 'module');
/* === Hook === */
foreach (cot_getextplugins('users.edit.main') as $pl) {
include $pl;
}
/* ===== */
require_once $cfg['system_dir'] . '/header.php';
$t = new XTemplate($mskin);
require_once cot_incfile('forms');
$protected = $sys['protecttopadmin'] ? array('disabled' => 'disabled') : array();
$editor_class = $cfg['users']['usertextimg'] ? 'minieditor' : '';
$delete_pfs = cot_module_active('pfs') ? cot_checkbox(false, 'ruserdelpfs', $L['PFS']) : '';
$t->assign(array('USERS_EDIT_TITLE' => cot_breadcrumbs(array(array(cot_url('users'), $L['Users']), array(cot_url('users', 'm=details&id=' . $urr['user_id'] . '&u=' . $urr['user_name']), $urr['user_name']), array(cot_url('users', 'm=edit&id=' . $urr['user_id']), $L['Edit'])), $cfg['homebreadcrumb']), 'USERS_EDIT_DETAILSLINK' => cot_url('users', 'm=details&id=' . $urr['user_id']), 'USERS_EDIT_EDITLINK' => cot_url('users', 'm=edit&id=' . $urr['user_id']), 'USERS_EDIT_SUBTITLE' => $L['useed_subtitle'], 'USERS_EDIT_SEND' => cot_url('users', 'm=edit&a=update&' . cot_xg() . '&id=' . $urr['user_id']), 'USERS_EDIT_ID' => $urr['user_id'], 'USERS_EDIT_NAME' => cot_inputbox('text', 'rusername', $urr['user_name'], array('size' => 32, 'maxlength' => 100) + $protected), 'USERS_EDIT_ACTIVE' => $user_form_active, 'USERS_EDIT_BANNED' => $user_form_banned, 'USERS_EDIT_THEME' => cot_inputbox('text', 'rusertheme', $urr['user_theme'], array('size' => 32, 'maxlength' => 32)), 'USERS_EDIT_LANG' => cot_inputbox('text', 'ruserlang', $urr['user_lang'], array('size' => 32, 'maxlength' => 32)), 'USERS_EDIT_NEWPASS' => cot_inputbox('password', 'rusernewpass', '', array('size' => 12, 'maxlength' => 32, 'autocomplete' => 'off') + $protected), 'USERS_EDIT_MAINGRP' => cot_build_group($urr['user_maingrp']), 'USERS_EDIT_GROUPS' => cot_build_groupsms($urr['user_id'], $usr['isadmin'], $urr['user_maingrp']), 'USERS_EDIT_COUNTRY' => cot_selectbox_countries($urr['user_country'], 'rusercountry'), 'USERS_EDIT_EMAIL' => cot_inputbox('text', 'ruseremail', $urr['user_email'], array('size' => 32, 'maxlength' => 64)), 'USERS_EDIT_HIDEEMAIL' => cot_radiobox($urr['user_hideemail'], 'ruserhideemail', array(1, 0), array($L['Yes'], $L['No'])), 'USERS_EDIT_TEXT' => cot_textarea('rusertext', $urr['user_text'], 4, 56, array('class' => $editor_class)), 'USERS_EDIT_GENDER' => cot_selectbox_gender($urr['user_gender'], 'rusergender'), 'USERS_EDIT_BIRTHDATE' => cot_selectbox_date(cot_date2stamp($urr['user_birthdate']), 'short', 'ruserbirthdate', cot_date('Y', $sys['now']), cot_date('Y', $sys['now']) - 100, false), 'USERS_EDIT_TIMEZONE' => cot_selectbox_timezone($urr['user_timezone'], 'rusertimezone'), 'USERS_EDIT_REGDATE' => cot_date('datetime_medium', $urr['user_regdate']), 'USERS_EDIT_REGDATE_STAMP' => $urr['user_regdate'], 'USERS_EDIT_LASTLOG' => cot_date('datetime_medium', $urr['user_lastlog']), 'USERS_EDIT_LASTLOG_STAMP' => $urr['user_lastlog'], 'USERS_EDIT_LOGCOUNT' => $urr['user_logcount'], 'USERS_EDIT_LASTIP' => cot_build_ipsearch($urr['user_lastip']), 'USERS_EDIT_DELETE' => $sys['user_istopadmin'] ? cot_radiobox(0, 'ruserdelete', array(1, 0), array($L['Yes'], $L['No'])) . $delete_pfs : $L['na']));
// Extra fields
foreach (cot_getextplugins('header.first') as $pl) {
include $pl;
}
/* ===== */
$out['logstatus'] = $usr['id'] > 0 ? $L['hea_youareloggedas'] . ' ' . $usr['name'] : $L['hea_youarenotlogged'];
$out['userlist'] = cot_auth('users', 'a', 'R') ? cot_rc_link(cot_url('users'), $L['Users']) : '';
unset($title_tags, $title_data);
if (is_numeric($pg) && $pg > 1) {
// Append page number to subtitle
$out['subtitle'] .= cot_rc('code_title_page_num', array('num' => $pg));
}
$title_params = array('MAINTITLE' => $cfg['maintitle'], 'DESCRIPTION' => $cfg['subtitle'], 'SUBTITLE' => $out['subtitle']);
if (defined('COT_INDEX')) {
$out['fulltitle'] = cot_title('title_header_index', $title_params);
} else {
$out['fulltitle'] = cot_title('title_header', $title_params);
}
if ($cfg['jquery'] && $cfg['jquery_cdn']) {
Resources::linkFile($cfg['jquery_cdn'], 'js', 30);
}
$html = Resources::render();
if ($html) {
$out['head_head'] = $html . $out['head_head'];
}
$out['meta_contenttype'] = $cfg['xmlclient'] ? 'application/xml' : 'text/html';
$out['basehref'] = $R['code_basehref'];
$out['meta_charset'] = 'UTF-8';
$out['meta_desc'] = empty($out['desc']) ? $cfg['subtitle'] : htmlspecialchars($out['desc']);
$out['meta_keywords'] = empty($out['keywords']) ? $cfg['metakeywords'] : htmlspecialchars($out['keywords']);
$out['meta_lastmod'] = gmdate('D, d M Y H:i:s');
$out['head_head'] .= $out['head'];
}
/* === Hook === */
foreach (cot_getextplugins('forums.posts.query') as $pl) {
include $pl;
}
/* ===== */
$where = array_diff($where, array(''));
$totalposts = $db->query("SELECT COUNT(*) FROM {$db_forum_posts} AS p {$join_condition} WHERE " . implode(' AND ', $where))->fetchColumn();
// Disallow accessing non-existent pages
if (empty($id) && $totalposts > 0 && $d > $totalposts) {
cot_die_message(404);
}
$orderlimit = empty($id) ? " ORDER BY {$order} LIMIT {$d}, " . $cfg['forums']['maxpostsperpage'] : '';
$sql_forums = $db->query("SELECT p.*, u.* {$join_columns}\n\tFROM {$db_forum_posts} AS p LEFT JOIN {$db_users} AS u ON u.user_id=p.fp_posterid {$join_condition}\n\tWHERE " . implode(' AND ', $where) . $orderlimit);
$title_params = array('FORUM' => $L['Forums'], 'SECTION' => $structure['forums'][$s]['title'], 'TITLE' => $rowt['ft_title']);
$out['subtitle'] = cot_title($cfg['forums']['title_posts'], $title_params);
$out['desc'] = htmlspecialchars(strip_tags($rowt['ft_desc']));
$topicurl_params = array('m' => 'posts', 'q' => $q);
if ($durl > 1 && $cfg['easypagenav'] || $durl > 0 && !$cfg['easypagenav']) {
$topicurl_params['d'] = $durl;
}
$out['canonical_uri'] = cot_url('forums', $topicurl_params);
/* === Hook === */
foreach (cot_getextplugins('forums.posts.main') as $pl) {
include $pl;
}
/* ===== */
require_once $cfg['system_dir'] . '/header.php';
$mskin = cot_tplfile(array('forums', 'posts', $structure['forums'][$s]['tpl']));
$t = new XTemplate($mskin);
/* === Hook - Part1 : Set === */
/**
* Просмотр одного объявления
*/
public function adView()
{
global $structure, $Ls;
list(cot::$usr['auth_read'], cot::$usr['auth_write'], cot::$usr['isadmin']) = cot_auth('advboard', 'any');
cot_block(cot::$usr['auth_read']);
$id = cot_import('id', 'G', 'INT');
$al = cot_import('al', 'G', 'TXT');
$c = cot_import('c', 'G', 'TXT');
/* === Hook === */
foreach (cot_getextplugins('advboard.first') as $pl) {
include $pl;
}
/* ===== */
if (empty($id) && empty($al)) {
cot_die_message(404, TRUE);
}
if (!empty($al)) {
$advert = advboard_model_Advert::fetchOne(array(array('alias', $al)));
} else {
$advert = advboard_model_Advert::getById($id);
}
if (!$advert) {
cot_die_message(404, TRUE);
}
list(cot::$usr['auth_read'], cot::$usr['auth_write'], cot::$usr['isadmin'], cot::$usr['auth_upload']) = cot_auth('advboard', $advert->rawValue('category'), 'RWA1');
cot_block(cot::$usr['auth_read']);
$al = empty($advert->alias) ? '' : $advert->alias;
$id = (int) $advert->id;
$category = array('config' => array());
if (isset($structure['advboard'][$advert->rawValue('category')])) {
$category = $structure['advboard'][$advert->rawValue('category')];
$category['config'] = cot::$cfg['advboard']['cat_' . $advert->rawValue('category')];
}
$category['code'] = $advert->rawValue('category');
cot::$sys['sublocation'] = $advert->title;
if (($advert->state == advboard_model_Advert::AWAITING_MODERATION || $advert->state == advboard_model_Advert::DRAFT || $advert->begin > cot::$sys['now'] || $advert->expire > 0 && cot::$sys['now'] > $advert->expire) && !$advert->canEdit()) {
cot_log("Attempt to directly access an un-validated or future/expired advboard", 'sec');
cot_die_message(403, TRUE);
}
if (!cot::$usr['isadmin'] || cot::$cfg['advboard']['count_admin']) {
$advert->inc('views');
}
$title_params = array('TITLE' => $advert->title, 'CATEGORY' => $category['title']);
cot::$out['subtitle'] = cot_title(cot::$cfg['page']['title_page'], $title_params);
cot::$out['desc'] = $advert->description;
cot::$out['keywords'] = strip_tags($category['config']['keywords']);
// Building the canonical URL
cot::$out['canonical_uri'] = $advert->url;
$template = array('advboard', 'advert', $category['tpl']);
if (!empty($advert->updated)) {
cot::$env['last_modified'] = strtotime($advert->updated);
}
$allowComments = cot_plugin_active('comments');
if ($allowComments) {
if (!isset(cot::$cfg['advboard']['cat_' . $advert->category])) {
$allowComments = false;
}
$allowComments = cot::$cfg['advboard']['cat_' . $advert->category]['enable_comments'];
}
/* === Hook === */
foreach (cot_getextplugins('advboard.main') as $pl) {
include $pl;
}
/* ===== */
// Сообщение об истечении срока публикации
$expDays = null;
if ($advert->expire > 0 && $advert->state == advboard_model_Advert::PUBLISHED) {
$diff = $advert->expire - cot::$sys['now'];
$expDays = floor($diff / 86400);
if ($advert->canEdit()) {
if (cot::$cfg['advboard']['expNotifyPeriod'] > 0) {
if ($diff < 86400 * cot::$cfg['advboard']['expNotifyPeriod'] && $diff > 0) {
if ($expDays >= 1) {
cot_message(sprintf(cot::$L['advboard_expire_soon'], cot_declension($expDays, $Ls['Days'], false, true)), 'warning');
} else {
cot_message(cot::$L['advboard_expire_today'], 'warning');
}
} elseif ($diff <= 0) {
cot_message(cot::$L['advboard_expired'], 'warning');
}
}
}
}
// Если незарег может редактировать объявление, не кешировать эту страницу
if (cot::$usr['id'] == 0 && !empty($_SESSION['advboard']) && in_array($advert->id, $_SESSION['advboard'])) {
cot::$cfg['cache_advert'] = cot::$cfg['cache_index'] = false;
}
$crumbs = cot_structure_buildpath('advboard', $advert->category);
if (cot::$cfg['advboard']['firstCrumb']) {
array_unshift($crumbs, array(cot_url('advboard'), cot::$L['advboard_ads']));
}
$crumbs[] = !empty($advert->title) ? $advert->title : cot::$L['advboard_advert'] . " #" . $advert->id;
$urlParams = array('c' => $advert->category);
if ($advert->alias != '') {
$urlParams['al'] = $advert->alias;
} else {
$urlParams['id'] = $advert->id;
}
$view = new View();
$view->breadcrumbs = cot_breadcrumbs($crumbs, cot::$cfg['homebreadcrumb'], true);
$view->page_title = $advert->title;
$view->advert = $advert;
$view->category = $category;
$view->allowComments = $allowComments;
$view->daysLeft = $expDays;
$view->urlParams = $urlParams;
/* === Hook === */
foreach (cot_getextplugins('advboard.view') as $pl) {
include $pl;
}
/* ===== */
return $view->render($template);
}
if (!file_exists($inc_file)) {
cot_die();
}
$allow_img['0']['0'] = $R['admin_icon_deny'];
$allow_img['1']['0'] = $R['admin_icon_allow'];
$allow_img['0']['1'] = $R['admin_icon_deny_locked'];
$allow_img['1']['1'] = $R['admin_icon_allow_locked'];
$usr['admin_config'] = cot_auth('admin', 'a', 'A');
$usr['admin_structure'] = cot_auth('structure', 'a', 'A');
$usr['admin_users'] = cot_auth('users', 'a', 'A') || $usr['maingrp'] == COT_GROUP_SUPERADMINS;
$adminpath = array(array(cot_url('admin'), $L['Adminpanel']));
require $inc_file;
$adminhelp = empty($adminhelp) ? '' : $adminhelp;
$title_params = array('ADMIN' => $L['Administration'], 'SUBTITLE' => $adminsubtitle);
$out['head'] .= $R['code_noindex'];
$out['subtitle'] = empty($adminsubtitle) ? cot_title('{ADMIN}', $title_params) : cot_title('{SUBTITLE} - {ADMIN}', $title_params);
require_once $cfg['system_dir'] . '/header.php';
$t = new XTemplate(cot_tplfile('admin', 'core'));
$t->assign(array('ADMIN_TITLE' => cot_breadcrumbs($adminpath, false), 'ADMIN_SUBTITLE' => $adminsubtitle, 'ADMIN_MAIN' => $adminmain, 'ADMIN_HELP' => $adminhelp));
/* === Hook for the plugins === */
foreach (cot_getextplugins('admin.tags') as $pl) {
include $pl;
}
/* ===== */
$t->parse('MAIN.BODY');
if (!COT_AJAX) {
$t->parse('MAIN');
$t->out('MAIN');
} else {
$t->out('MAIN.BODY');
}
