/**
* Makes this plugin the first to be loaded.
* - Bumps this plugin at the top of the active_plugins stack.
*/
function mdh_emailmagick_bump_me()
{
if (OC_ADMIN) {
// @legacy : ALWAYS remove this if active.
if (osc_plugin_is_enabled("madhouse_utils/index.php")) {
Plugins::deactivate("madhouse_utils/index.php");
}
// Sanitize & get the {PLUGIN_NAME}/index.php.
$path = str_replace(osc_plugins_path(), '', osc_plugin_path(__FILE__));
if (osc_plugin_is_installed($path)) {
// Get the active plugins.
$plugins_list = unserialize(osc_active_plugins());
if (!is_array($plugins_list)) {
return false;
}
// Remove $path from the active plugins list
foreach ($plugins_list as $k => $v) {
if ($v == $path) {
unset($plugins_list[$k]);
}
}
// Re-add the $path at the beginning of the active plugins.
array_unshift($plugins_list, $path);
// Serialize the new active_plugins list.
osc_set_preference('active_plugins', serialize($plugins_list));
if (Params::getParam("page") === "plugins" && Params::getParam("action") === "enable" && Params::getParam("plugin") === $path) {
//osc_redirect_to(osc_admin_base_url(true) . "?page=plugins");
} else {
osc_redirect_to(osc_admin_base_url(true) . "?" . http_build_query(Params::getParamsAsArray("get")));
}
}
}
}
/**
* This function is called every time the page footer is being rendered
*/
function google_analytics_footer()
{
if (osc_google_analytics_id() != '') {
$id = osc_google_analytics_id();
require osc_plugins_path() . 'google_analytics/footer.php';
}
}
/**
* Render the specified file
*
* @param string $file must be a relative path, from PLUGINS_PATH
*/
function osc_render_file($file = '') {
if($file=='') {
$file = __get('file');
}
// Clean $file to prevent hacking of some type
osc_sanitize_url($file);
$file = str_replace("../", "", str_replace("..\\", "", str_replace("://", "", preg_replace("|http([s]*)|", "", $file))));
include osc_plugins_path().$file;
}
public function define_constant()
{
// Define constants
define('DLN_CLF_VERSION', '1.0.0');
define('DLN_CLF', 'dln-classified');
define('DLN_CLF_PLUGIN_DIR', osc_plugins_path() . DLN_CLF . '/');
//define( 'FB_APP_ID', get_option( 'dln_fb_app_id' ) ? get_option( 'dln_fb_app_id' ) : '251847918233636' );
//define( 'FB_SECRET', get_option( 'dln_fb_secret' ) ? get_option( 'dln_fb_secret' ) : '31f3e2be38cd9a9e6e0a399c40ef18cd' );
}
function doModel()
{
$id = Params::getParam('id');
$page = false;
if (is_numeric($id)) {
$page = $this->pageManager->findByPrimaryKey($id);
} else {
$page = $this->pageManager->findByInternalName(Params::getParam('slug'));
}
// page not found
if ($page == false) {
$this->do404();
return;
}
// this page shouldn't be shown (i.e.: e-mail templates)
if ($page['b_indelible'] == 1) {
$this->do404();
return;
}
$kwords = array('{WEB_URL}', '{WEB_TITLE}');
$rwords = array(osc_base_url(), osc_page_title());
foreach ($page['locale'] as $k => $v) {
$page['locale'][$k]['s_title'] = str_ireplace($kwords, $rwords, osc_apply_filter('email_description', $v['s_title']));
$page['locale'][$k]['s_text'] = str_ireplace($kwords, $rwords, osc_apply_filter('email_description', $v['s_text']));
}
// export $page content to View
$this->_exportVariableToView('page', $page);
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$meta = json_decode($page['s_meta'], true);
// load the right template file
if (file_exists(osc_themes_path() . osc_theme() . '/page-' . $page['s_internal_name'] . '.php')) {
$this->doView('page-' . $page['s_internal_name'] . '.php');
} else {
if (isset($meta['template']) && file_exists(osc_themes_path() . osc_theme() . '/' . $meta['template'])) {
$this->doView($meta['template']);
} else {
if (isset($meta['template']) && file_exists(osc_plugins_path() . '/' . $meta['template'])) {
osc_run_hook('before_html');
require osc_plugins_path() . '/' . $meta['template'];
Session::newInstance()->_clearVariables();
osc_run_hook('after_html');
} else {
$this->doView('page.php');
}
}
}
}
function doModel()
{
$file = Params::getParam('file');
// valid file?
if (stripos($file, '../') !== false) {
$this->do404();
return;
}
// check if the file exists
if (!file_exists(osc_plugins_path() . $file)) {
$this->do404();
return;
}
$this->_exportVariableToView('file', $file);
$this->doView('custom.php');
}
function doModel()
{
$user_menu = false;
if(Params::existParam('route')) {
$routes = Rewrite::newInstance()->getRoutes();
$rid = Params::getParam('route');
$file = '../';
if(isset($routes[$rid]) && isset($routes[$rid]['file'])) {
$file = $routes[$rid]['file'];
$user_menu = $routes[$rid]['user_menu'];
}
} else {
// DEPRECATED: Disclosed path in URL is deprecated, use routes instead
// This will be REMOVED in 3.4
$file = Params::getParam('file');
}
// valid file?
if( strpos($file, '../') !== false || strpos($file, '..\\') !==false || stripos($file, '/admin/') !== false ) { //If the file is inside an "admin" folder, it should NOT be opened in frontend
$this->do404();
return;
}
// check if the file exists
if( !file_exists(osc_plugins_path() . $file) ) {
$this->do404();
return;
}
osc_run_hook('custom_controller');
$this->_exportVariableToView('file', $file);
if($user_menu) {
if(osc_is_web_user_logged_in()) {
Params::setParam('in_user_menu', true);
$this->doView('user-custom.php');
} else {
$this->redirectTo(osc_user_login_url());
}
} else {
$this->doView('custom.php');
}
}
function __construct($install = false)
{
if (!$install) {
// get user/admin locale
if (OC_ADMIN) {
$locale = osc_current_admin_locale();
} else {
$locale = osc_current_user_locale();
}
// load core
$core_file = osc_translations_path() . $locale . '/core.mo';
$this->_load($core_file, 'core');
// load messages
$messages_file = osc_themes_path() . osc_theme() . '/languages/' . $locale . '/messages.mo';
if (!file_exists($messages_file)) {
$messages_file = osc_translations_path() . $locale . '/messages.mo';
}
$this->_load($messages_file, 'messages');
// load theme
$domain = osc_theme();
$theme_file = osc_themes_path() . $domain . '/languages/' . $locale . '/theme.mo';
if (!file_exists($theme_file)) {
if (!file_exists(osc_themes_path() . $domain)) {
$domain = 'modern';
}
$theme_file = osc_translations_path() . $locale . '/theme.mo';
}
$this->_load($theme_file, $domain);
// load plugins
$aPlugins = Plugins::listInstalled();
foreach ($aPlugins as $plugin) {
$domain = preg_replace('|/.*|', '', $plugin);
$plugin_file = osc_plugins_path() . $domain . '/languages/' . $locale . '/messages.mo';
if (file_exists($plugin_file)) {
$this->_load($plugin_file, $domain);
}
}
} else {
$core_file = osc_translations_path() . osc_current_admin_locale() . '/core.mo';
$this->_load($core_file, 'core');
}
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
echo json_encode($cities);
break;
case 'userajax':
// This is the autocomplete AJAX
$users = User::newInstance()->ajax(Params::getParam("term"));
if (count($users) == 0) {
echo json_encode(array(0 => array('id' => '', 'label' => __('No results'), 'value' => __('No results'))));
} else {
echo json_encode($users);
}
break;
case 'date_format':
echo json_encode(array('format' => Params::getParam('format'), 'str_formatted' => osc_format_date(date('Y-m-d H:i:s'), Params::getParam('format'))));
break;
case 'runhook':
// run hooks
$hook = Params::getParam('hook');
if ($hook == '') {
echo json_encode(array('error' => 'hook parameter not defined'));
break;
}
switch ($hook) {
case 'item_form':
osc_run_hook('item_form', Params::getParam('catId'));
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
osc_run_hook('ajax_admin_' . $hook);
break;
}
break;
case 'categories_order':
// Save the order of the categories
osc_csrf_check(false);
$aIds = Params::getParam('list');
$orderParent = 0;
$orderSub = 0;
$catParent = 0;
$error = 0;
$catManager = Category::newInstance();
$aRecountCat = array();
foreach ($aIds as $id => $parent) {
if ($parent == 'root') {
$res = $catManager->updateOrder($id, $orderParent);
if (is_bool($res) && !$res) {
$error = 1;
}
// find category
$auxCategory = Category::newInstance()->findByPrimaryKey($id);
// set parent category
$conditions = array('pk_i_id' => $id);
$array['fk_i_parent_id'] = NULL;
$res = $catManager->update($array, $conditions);
if (is_bool($res) && !$res) {
$error = 1;
} else {
if ($res == 1) {
// updated ok
$parentId = $auxCategory['fk_i_parent_id'];
if ($parentId) {
// update parent category stats
array_push($aRecountCat, $id);
array_push($aRecountCat, $parentId);
}
}
}
$orderParent++;
} else {
if ($parent != $catParent) {
$catParent = $parent;
$orderSub = 0;
}
$res = $catManager->updateOrder($id, $orderSub);
if (is_bool($res) && !$res) {
$error = 1;
}
// set parent category
$auxCategory = Category::newInstance()->findByPrimaryKey($id);
$auxCategoryP = Category::newInstance()->findByPrimaryKey($catParent);
$conditions = array('pk_i_id' => $id);
$array['fk_i_parent_id'] = $catParent;
$res = $catManager->update($array, $conditions);
if (is_bool($res) && !$res) {
$error = 1;
} else {
if ($res == 1) {
// updated ok
// update category parent
$prevParentId = $auxCategory['fk_i_parent_id'];
$parentId = $auxCategoryP['pk_i_id'];
array_push($aRecountCat, $prevParentId);
array_push($aRecountCat, $parentId);
}
}
$orderSub++;
}
}
// update category stats
foreach ($aRecountCat as $rId) {
osc_update_cat_stats_id($rId);
}
if ($error) {
$result = array('error' => __("An error occurred"));
} else {
$result = array('ok' => __("Order saved"));
}
echo json_encode($result);
break;
case 'category_edit_iframe':
$this->_exportVariableToView('category', Category::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView('languages', OSCLocale::newInstance()->listAllEnabled());
$this->doView("categories/iframe.php");
break;
case 'field_categories_iframe':
$selected = Field::newInstance()->categories(Params::getParam("id"));
if ($selected == null) {
$selected = array();
}
$this->_exportVariableToView("selected", $selected);
$this->_exportVariableToView("field", Field::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
$this->doView("fields/iframe.php");
break;
case 'field_categories_post':
osc_csrf_check(false);
$error = 0;
$field = Field::newInstance()->findByName(Params::getParam("s_name"));
if (!isset($field['pk_i_id']) || isset($field['pk_i_id']) && $field['pk_i_id'] == Params::getParam("id")) {
// remove categories from a field
Field::newInstance()->cleanCategoriesFromField(Params::getParam("id"));
// no error... continue updating fields
if ($error == 0) {
$slug = Params::getParam("field_slug") != '' ? Params::getParam("field_slug") : Params::getParam("s_name");
$slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($slug)));
$slug_k = 0;
while (true) {
$field = Field::newInstance()->findBySlug($slug);
if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
break;
} else {
$slug_k++;
$slug = $slug_tmp . "_" . $slug_k;
}
}
// trim options
$s_options = '';
$aux = Params::getParam('s_options');
$aAux = explode(',', $aux);
foreach ($aAux as &$option) {
$option = trim($option);
}
$s_options = implode(',', $aAux);
$res = Field::newInstance()->update(array('s_name' => Params::getParam("s_name"), 'e_type' => Params::getParam("field_type"), 's_slug' => $slug, 'b_required' => Params::getParam("field_required") == "1" ? 1 : 0, 's_options' => $s_options), array('pk_i_id' => Params::getParam("id")));
if (is_bool($res) && !$res) {
$error = 1;
}
}
// no error... continue inserting categories-field
if ($error == 0) {
$aCategories = Params::getParam("categories");
if (is_array($aCategories) && count($aCategories) > 0) {
$res = Field::newInstance()->insertCategories(Params::getParam("id"), $aCategories);
if (!$res) {
$error = 1;
}
}
}
// error while updating?
if ($error == 1) {
$message = __("An error occurred while updating.");
}
} else {
$error = 1;
$message = __("Sorry, you already have a field with that name");
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"), 'text' => Params::getParam("s_name"), 'field_id' => Params::getParam("id"));
}
echo json_encode($result);
break;
case 'delete_field':
osc_csrf_check(false);
$res = Field::newInstance()->deleteByPrimaryKey(Params::getParam('id'));
if ($res > 0) {
$result = array('ok' => __('The custom field has been deleted'));
} else {
$result = array('error' => __('An error occurred while deleting'));
}
echo json_encode($result);
break;
case 'add_field':
osc_csrf_check(false);
$s_name = __('NEW custom field');
$slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($s_name)));
$slug_k = 0;
while (true) {
$field = Field::newInstance()->findBySlug($slug);
if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
break;
} else {
$slug_k++;
$slug = $slug_tmp . "_" . $slug_k;
}
}
$fieldManager = Field::newInstance();
$result = $fieldManager->insertField($s_name, 'TEXT', $slug, 0, '', array());
if ($result) {
echo json_encode(array('error' => 0, 'field_id' => $fieldManager->dao->insertedId(), 'field_name' => $s_name));
} else {
echo json_encode(array('error' => 1));
}
break;
case 'enable_category':
osc_csrf_check(false);
$id = strip_tags(Params::getParam('id'));
$enabled = Params::getParam('enabled') != '' ? Params::getParam('enabled') : 0;
$error = 0;
$result = array();
$aUpdated = array();
$mCategory = Category::newInstance();
$aCategory = $mCategory->findByPrimaryKey($id);
if ($aCategory == false) {
$result = array('error' => sprintf(__("No category with id %d exists"), $id));
echo json_encode($result);
break;
}
// root category
if ($aCategory['fk_i_parent_id'] == '') {
$mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
$mCategory->update(array('b_enabled' => $enabled), array('fk_i_parent_id' => $id));
$subCategories = $mCategory->findSubcategories($id);
$aIds = array($id);
$aUpdated[] = array('id' => $id);
foreach ($subCategories as $subcategory) {
$aIds[] = $subcategory['pk_i_id'];
$aUpdated[] = array('id' => $subcategory['pk_i_id']);
}
Item::newInstance()->enableByCategory($enabled, $aIds);
if ($enabled) {
$result = array('ok' => __('The category as well as its subcategories have been enabled'));
} else {
$result = array('ok' => __('The category as well as its subcategories have been disabled'));
}
$result['affectedIds'] = $aUpdated;
echo json_encode($result);
break;
}
// subcategory
$parentCategory = $mCategory->findRootCategory($id);
if (!$parentCategory['b_enabled']) {
$result = array('error' => __('Parent category is disabled, you can not enable that category'));
echo json_encode($result);
break;
}
$mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
if ($enabled) {
$result = array('ok' => __('The subcategory has been enabled'));
} else {
$result = array('ok' => __('The subcategory has been disabled'));
}
$result['affectedIds'] = array(array('id' => $id));
echo json_encode($result);
break;
case 'delete_category':
osc_csrf_check(false);
$id = Params::getParam("id");
$error = 0;
$categoryManager = Category::newInstance();
$res = $categoryManager->deleteByPrimaryKey($id);
if ($res > 0) {
$message = __('The categories have been deleted');
} else {
$error = 1;
$message = __('An error occurred while deleting');
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"));
}
echo json_encode($result);
break;
case 'edit_category_post':
osc_csrf_check(false);
$id = Params::getParam("id");
$fields['i_expiration_days'] = Params::getParam("i_expiration_days") != '' ? Params::getParam("i_expiration_days") : 0;
$error = 0;
$has_one_title = 0;
$postParams = Params::getParamsAsArray();
foreach ($postParams as $k => $v) {
if (preg_match('|(.+?)#(.+)|', $k, $m)) {
if ($m[2] == 's_name') {
if ($v != "") {
$has_one_title = 1;
$aFieldsDescription[$m[1]][$m[2]] = $v;
$s_text = $v;
} else {
$aFieldsDescription[$m[1]][$m[2]] = NULL;
$error = 1;
}
} else {
$aFieldsDescription[$m[1]][$m[2]] = $v;
}
}
}
$l = osc_language();
if ($error == 0 || $error == 1 && $has_one_title == 1) {
$categoryManager = Category::newInstance();
$res = $categoryManager->updateByPrimaryKey(array('fields' => $fields, 'aFieldsDescription' => $aFieldsDescription), $id);
$categoryManager->updateExpiration($id, $fields['i_expiration_days']);
if (is_bool($res)) {
$error = 2;
}
}
if (Params::getParam('apply_changes_to_subcategories') == 1) {
$subcategories = $categoryManager->findSubcategories($id);
foreach ($subcategories as $subc) {
$categoryManager->updateExpiration($subc['pk_i_id'], $fields['i_expiration_days']);
}
}
if ($error == 0) {
$msg = __("Category updated correctly");
} else {
if ($error == 1) {
if ($has_one_title == 1) {
$error = 4;
$msg = __('Category updated correctly, but some titles are empty');
} else {
$msg = __('Sorry, including at least a title is mandatory');
}
} else {
if ($error == 2) {
$msg = __('An error occurred while updating');
}
}
}
echo json_encode(array('error' => $error, 'msg' => $msg, 'text' => $aFieldsDescription[$l]['s_name']));
break;
case 'custom':
// Execute via AJAX custom file
$ajaxFile = Params::getParam("ajaxfile");
if ($ajaxFile == '') {
echo json_encode(array('error' => 'no action defined'));
break;
}
// valid file?
if (stripos($ajaxFile, '../') !== false) {
echo json_encode(array('error' => 'no valid ajaxFile'));
break;
}
if (!file_exists(osc_plugins_path() . $ajaxFile)) {
echo json_encode(array('error' => "ajaxFile doesn't exist"));
break;
}
require_once osc_plugins_path() . $ajaxFile;
break;
case 'test_mail':
$title = sprintf(__('Test email, %s'), osc_page_title());
$body = __("Test email") . "<br><br>" . osc_page_title();
$emailParams = array('subject' => $title, 'to' => osc_contact_email(), 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
$array = array();
if (osc_sendMail($emailParams)) {
$array = array('status' => '1', 'html' => __('Email sent successfully'));
} else {
$array = array('status' => '0', 'html' => __('An error occurred while sending email'));
}
echo json_encode($array);
break;
case 'test_mail_template':
// replace por valores por defecto
$email = Params::getParam("email");
$title = Params::getParam("title");
$body = urldecode(Params::getParam("body"));
$emailParams = array('subject' => $title, 'to' => $email, 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
$array = array();
if (osc_sendMail($emailParams)) {
$array = array('status' => '1', 'html' => __('Email sent successfully'));
} else {
$array = array('status' => '0', 'html' => __('An error occurred while sending email'));
}
echo json_encode($array);
break;
case 'order_pages':
osc_csrf_check(false);
$order = Params::getParam("order");
$id = Params::getParam("id");
if ($order != '' && $id != '') {
$mPages = Page::newInstance();
$actual_page = $mPages->findByPrimaryKey($id);
$actual_order = $actual_page['i_order'];
$array = array();
$condition = array();
$new_order = $actual_order;
if ($order == 'up') {
$page = $mPages->findPrevPage($actual_order);
} else {
if ($order == 'down') {
$page = $mPages->findNextPage($actual_order);
}
}
if (isset($page['i_order'])) {
$mPages->update(array('i_order' => $page['i_order']), array('pk_i_id' => $id));
$mPages->update(array('i_order' => $actual_order), array('pk_i_id' => $page['pk_i_id']));
}
}
break;
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
case 'upgrade':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
osc_csrf_check(false);
$message = "";
$error = 0;
$sql_error_msg = "";
$rm_errors = 0;
$perms = osc_save_permissions();
osc_change_permissions();
$maintenance_file = ABS_PATH . '.maintenance';
$fileHandler = @fopen($maintenance_file, 'w');
fclose($fileHandler);
/***********************
**** DOWNLOAD FILE ****
***********************/
$data = osc_file_get_contents("http://osclass.org/latest_version.php");
$data = json_decode(substr($data, 1, strlen($data) - 3), true);
$source_file = $data['url'];
if ($source_file != '') {
$tmp = explode("/", $source_file);
$filename = end($tmp);
$result = osc_downloadFile($source_file, $filename);
if ($result) {
// Everything is OK, continue
/**********************
***** UNZIP FILE *****
**********************/
@mkdir(ABS_PATH . 'oc-temp', 0777);
$res = osc_unzip_file(osc_content_path() . 'downloads/' . $filename, ABS_PATH . 'oc-temp/');
if ($res == 1) {
// Everything is OK, continue
/**********************
***** COPY FILES *****
**********************/
$fail = -1;
if ($handle = opendir(ABS_PATH . 'oc-temp')) {
$fail = 0;
while (false !== ($_file = readdir($handle))) {
if ($_file != '.' && $_file != '..' && $_file != 'remove.list' && $_file != 'upgrade.sql' && $_file != 'customs.actions') {
$data = osc_copy(ABS_PATH . "oc-temp/" . $_file, ABS_PATH . $_file);
if ($data == false) {
$fail = 1;
}
}
}
closedir($handle);
//TRY TO REMOVE THE ZIP PACKAGE
@unlink(osc_content_path() . 'downloads/' . $filename);
if ($fail == 0) {
// Everything is OK, continue
/************************
*** UPGRADE DATABASE ***
************************/
$error_queries = array();
if (file_exists(osc_lib_path() . 'osclass/installer/struct.sql')) {
$sql = file_get_contents(osc_lib_path() . 'osclass/installer/struct.sql');
$conn = DBConnectionClass::newInstance();
$c_db = $conn->getOsclassDb();
$comm = new DBCommandClass($c_db);
$error_queries = $comm->updateDB(str_replace('/*TABLE_PREFIX*/', DB_TABLE_PREFIX, $sql));
}
if ($error_queries[0]) {
// Everything is OK, continue
/**********************************
** EXECUTING ADDITIONAL ACTIONS **
**********************************/
if (file_exists(osc_lib_path() . 'osclass/upgrade-funcs.php')) {
// There should be no errors here
define('AUTO_UPGRADE', true);
require_once osc_lib_path() . 'osclass/upgrade-funcs.php';
}
// Additional actions is not important for the rest of the proccess
// We will inform the user of the problems but the upgrade could continue
/****************************
** REMOVE TEMPORARY FILES **
****************************/
$path = ABS_PATH . 'oc-temp';
$rm_errors = 0;
$dir = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path), RecursiveIteratorIterator::CHILD_FIRST);
for ($dir->rewind(); $dir->valid(); $dir->next()) {
if ($dir->isDir()) {
if ($dir->getFilename() != '.' && $dir->getFilename() != '..') {
if (!rmdir($dir->getPathname())) {
$rm_errors++;
}
}
} else {
if (!unlink($dir->getPathname())) {
$rm_errors++;
}
}
}
if (!rmdir($path)) {
$rm_errors++;
}
$deleted = @unlink(ABS_PATH . '.maintenance');
if ($rm_errors == 0) {
$message = __('Everything looks good! Your Osclass installation is up-to-date');
} else {
$message = __('Nearly everything looks good! Your Osclass installation is up-to-date, but there were some errors removing temporary files. Please manually remove the "oc-temp" folder');
$error = 6;
// Some errors removing files
}
} else {
$sql_error_msg = $error_queries[2];
$message = __('Problems when upgrading the database');
$error = 5;
// Problems upgrading the database
}
} else {
$message = __('Problems when copying files. Please check your permissions. ');
$error = 4;
// Problems copying files. Maybe permissions are not correct
}
} else {
$message = __('Nothing to copy');
$error = 99;
// Nothing to copy. THIS SHOULD NEVER HAPPEN, means we don't update any file!
}
} else {
$message = __('Unzip failed');
$error = 3;
// Unzip failed
}
} else {
$message = __('Download failed');
$error = 2;
// Download failed
}
} else {
$message = __('Missing download URL');
$error = 1;
// Missing download URL
}
if ($error == 5) {
$message .= "<br /><br />" . __('We had some errors upgrading your database. The follwing queries failed:') . implode("<br />", $sql_error_msg);
}
echo $message;
foreach ($perms as $k => $v) {
@chmod($k, $v);
}
break;
/*******************************
** COMPLETE MARKET PROCESS **
*******************************/
/*******************************
** COMPLETE MARKET PROCESS **
*******************************/
case 'market':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
osc_csrf_check(false);
$section = Params::getParam('section');
$code = Params::getParam('code');
$plugin = false;
$re_enable = false;
$message = "";
$error = 0;
$data = array();
/************************
*** CHECK VALID CODE ***
************************/
if ($code != '' && $section != '') {
if (stripos($code, "http://") === FALSE) {
// OSCLASS OFFICIAL REPOSITORY
$url = osc_market_url($section, $code);
$data = json_decode(osc_file_get_contents($url), true);
} else {
// THIRD PARTY REPOSITORY
if (osc_market_external_sources()) {
$data = json_decode(osc_file_get_contents($code), true);
} else {
echo json_encode(array('error' => 8, 'error_msg' => __('No external sources are allowed')));
break;
}
}
/***********************
**** DOWNLOAD FILE ****
***********************/
if (isset($data['s_update_url']) && isset($data['s_source_file']) && isset($data['e_type'])) {
if ($data['e_type'] == 'THEME') {
$folder = 'themes/';
} else {
if ($data['e_type'] == 'LANGUAGE') {
$folder = 'languages/';
} else {
// PLUGINS
$folder = 'plugins/';
$plugin = Plugins::findByUpdateURI($data['s_update_url']);
if ($plugin != false) {
if (Plugins::isEnabled($plugin)) {
Plugins::runHook($plugin . '_disable');
Plugins::deactivate($plugin);
$re_enable = true;
}
}
}
}
$filename = $data['s_update_url'] . "_" . $data['s_version'] . ".zip";
$url_source_file = $data['s_source_file'];
// error_log('Source file: ' . $url_source_file);
// error_log('Filename: ' . $filename);
$result = osc_downloadFile($url_source_file, $filename);
if ($result) {
// Everything is OK, continue
/**********************
***** UNZIP FILE *****
**********************/
@mkdir(ABS_PATH . 'oc-temp', 0777);
$res = osc_unzip_file(osc_content_path() . 'downloads/' . $filename, osc_content_path() . 'downloads/oc-temp/');
if ($res == 1) {
// Everything is OK, continue
/**********************
***** COPY FILES *****
**********************/
$fail = -1;
if ($handle = opendir(osc_content_path() . 'downloads/oc-temp')) {
$folder_dest = ABS_PATH . "oc-content/" . $folder;
if (function_exists('posix_getpwuid')) {
$current_user = posix_getpwuid(posix_geteuid());
$ownerFolder = posix_getpwuid(fileowner($folder_dest));
}
$fail = 0;
while (false !== ($_file = readdir($handle))) {
if ($_file != '.' && $_file != '..') {
$copyprocess = osc_copy(osc_content_path() . "downloads/oc-temp/" . $_file, $folder_dest . $_file);
if ($copyprocess == false) {
$fail = 1;
}
}
}
closedir($handle);
// Additional actions is not important for the rest of the proccess
// We will inform the user of the problems but the upgrade could continue
// Also remove the zip package
/****************************
** REMOVE TEMPORARY FILES **
****************************/
@unlink(osc_content_path() . 'downloads/' . $filename);
$path = osc_content_path() . 'downloads/oc-temp';
$rm_errors = 0;
$dir = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path), RecursiveIteratorIterator::CHILD_FIRST);
for ($dir->rewind(); $dir->valid(); $dir->next()) {
if ($dir->isDir()) {
if ($dir->getFilename() != '.' && $dir->getFilename() != '..') {
if (!rmdir($dir->getPathname())) {
$rm_errors++;
}
}
} else {
if (!unlink($dir->getPathname())) {
$rm_errors++;
}
}
}
if (!rmdir($path)) {
$rm_errors++;
}
if ($fail == 0) {
// Everything is OK, continue
if ($data['e_type'] != 'THEME' && $data['e_type'] != 'LANGUAGE') {
if ($plugin != false && $re_enable) {
$enabled = Plugins::activate($plugin);
if ($enabled) {
Plugins::runHook($plugin . '_enable');
}
}
}
// recount plugins&themes for update
if ($section == 'plugins') {
osc_check_plugins_update(true);
} else {
if ($section == 'themes') {
osc_check_themes_update(true);
} else {
if ($section == 'languages') {
// load oc-content/
if (osc_checkLocales()) {
$message .= __('The language has been installed correctly');
} else {
$message .= __('There was a problem adding the language');
$error = 8;
}
osc_check_languages_update(true);
}
}
}
if ($rm_errors == 0) {
$message = __('Everything looks good!');
$error = 0;
} else {
$message = __('Nearly everything looks good! but there were some errors removing temporary files. Please manually remove the \\"oc-temp\\" folder');
$error = 6;
// Some errors removing files
}
} else {
$message = __('Problems when copying files. Please check your permissions. ');
if ($current_user['uid'] != $ownerFolder['uid']) {
if (function_exists('posix_getgrgid')) {
$current_group = posix_getgrgid($current_user['gid']);
$message .= '<p><strong>' . sprintf(__('NOTE: Web user and destination folder user is not the same, you might have an issue there. <br/>Do this in your console:<br/>chown -R %s:%s %s'), $current_user['name'], $current_group['name'], $folder_dest) . '</strong></p>';
}
}
$error = 4;
// Problems copying files. Maybe permissions are not correct
}
} else {
$message = __('Nothing to copy');
$error = 99;
// Nothing to copy. THIS SHOULD NEVER HAPPEN, means we don't update any file!
}
} else {
$message = __('Unzip failed');
$error = 3;
// Unzip failed
}
} else {
$message = __('Download failed');
$error = 2;
// Download failed
}
} else {
$message = __('Input code not valid');
$error = 7;
// Input code not valid
}
} else {
$message = __('Missing download URL');
$error = 1;
// Missing download URL
}
echo json_encode(array('error' => $error, 'message' => $message, 'data' => $data));
break;
case 'check_market':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
$section = Params::getParam('section');
$code = Params::getParam('code');
$data = array();
/************************
*** CHECK VALID CODE ***
************************/
if ($code != '' && $section != '') {
if (stripos($code, "http://") === FALSE) {
// OSCLASS OFFICIAL REPOSITORY
$data = json_decode(osc_file_get_contents(osc_market_url($section, $code)), true);
} else {
// THIRD PARTY REPOSITORY
if (osc_market_external_sources()) {
$data = json_decode(osc_file_get_contents($code), true);
} else {
echo json_encode(array('error' => 3, 'error_msg' => __('No external sources are allowed')));
break;
}
}
if (!isset($data['s_source_file']) || !isset($data['s_update_url'])) {
$data = array('error' => 2, 'error_msg' => __('Invalid code'));
}
} else {
$data = array('error' => 1, 'error_msg' => __('No code was submitted'));
}
echo json_encode($data);
break;
case 'market_data':
$section = Params::getParam('section');
$page = Params::getParam("mPage");
$featured = Params::getParam("featured");
$sort = Params::getParam("sort");
$order = Params::getParam("order");
// for the moment this value is static
$length = 9;
if ($page >= 1) {
$page--;
}
$url = osc_market_url($section) . "page/" . $page . '/';
if ($length != '' && is_numeric($length)) {
$url .= 'length/' . $length . '/';
}
if ($sort != '') {
$url .= 'order/' . $sort;
if ($order != '') {
$url .= '/' . $order;
}
}
if ($featured != '') {
$url = osc_market_featured_url($section);
}
$data = array();
$data = json_decode(osc_file_get_contents($url), true);
if (!isset($data[$section])) {
$data = array('error' => 1, 'error_msg' => __('No market data'));
}
echo 'var market_data = window.market_data || {}; market_data.' . $section . ' = ' . json_encode($data) . ';';
break;
case 'local_market':
// AVOID CROSS DOMAIN PROBLEMS OF AJAX REQUEST
$marketPage = Params::getParam("mPage");
if ($marketPage >= 1) {
$marketPage--;
}
$out = osc_file_get_contents(osc_market_url(Params::getParam("section")) . "page/" . $marketPage);
$array = json_decode($out, true);
// do pagination
$pageActual = $array['page'];
$totalPages = ceil($array['total'] / $array['sizePage']);
$params = array('total' => $totalPages, 'selected' => $pageActual, 'url' => '#{PAGE}', 'sides' => 5);
// set pagination
$pagination = new Pagination($params);
$aux = $pagination->doPagination();
$array['pagination_content'] = $aux;
// encode to json
echo json_encode($array);
break;
case 'dashboardbox_market':
$error = 0;
// make market call
$url = getPreference('marketURL') . 'dashboardbox/';
$content = '';
if (false === ($json = @osc_file_get_contents($url))) {
$error = 1;
} else {
$content = $json;
}
if ($error == 1) {
echo json_encode(array('error' => 1));
} else {
// replace content with correct urls
$content = str_replace('{URL_MARKET_THEMES}', osc_admin_base_url(true) . '?page=market&action=themes', $content);
$content = str_replace('{URL_MARKET_PLUGINS}', osc_admin_base_url(true) . '?page=market&action=plugins', $content);
echo json_encode(array('html' => $content));
}
break;
case 'location_stats':
osc_csrf_check(false);
$workToDo = osc_update_location_stats();
if ($workToDo > 0) {
$array['status'] = 'more';
$array['pending'] = $workToDo;
echo json_encode($array);
} else {
$array['status'] = 'done';
echo json_encode($array);
}
break;
case 'error_permissions':
echo json_encode(array('error' => __("You don't have the necessary permissions")));
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
_e('Cannot install new plugin');
?>
</p>
</div>
<p class="text">
<?php
_e('The plugin folder is not writable on your server so you cannot upload plugins from the administration panel. Please make the folder writable and try again.');
?>
</p>
<p class="text">
<?php
_e('To make the directory writable under UNIX execute this command from the shell:');
?>
</p>
<pre>chmod a+w <?php
echo osc_plugins_path();
?>
</pre>
<?php
}
?>
</div>
</div>
<div id="market_installer" class="has-form-actions hide">
<form action="" method="post">
<input type="hidden" name="market_code" id="market_code" value="" />
<div class="osc-modal-content-market">
<img src="" id="market_thumb" class="float-left"/>
<table class="table" cellpadding="0" cellspacing="0">
<tbody>
static function addHook($hook, $function, $priority = 5)
{
$hook = preg_replace('|/+|', '/', str_replace('\\', '/', $hook));
$plugin_path = str_replace('\\', '/', osc_plugins_path());
$hook = str_replace($plugin_path, '', $hook);
$found_plugin = false;
if (isset(self::$hooks[$hook])) {
for ($_priority = 0; $_priority <= 10; $_priority++) {
if (isset(self::$hooks[$hook][$_priority])) {
foreach (self::$hooks[$hook][$_priority] as $fxName) {
if ($fxName == $function) {
$found_plugin = true;
break;
}
}
}
}
}
if (!$found_plugin) {
self::$hooks[$hook][$priority][] = $function;
}
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
echo json_encode($cities);
break;
case 'location_countries':
// This is the autocomplete AJAX
$countries = Country::newInstance()->ajax(Params::getParam("term"));
echo json_encode($countries);
break;
case 'location_regions':
// This is the autocomplete AJAX
$regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country"));
echo json_encode($regions);
break;
case 'location_cities':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region"));
echo json_encode($cities);
break;
case 'delete_image':
// Delete images via AJAX
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
$json = array();
if (Session::newInstance()->_get('userId') != '') {
$userId = Session::newInstance()->_get('userId');
$user = User::newInstance()->findByPrimaryKey($userId);
} else {
$userId = null;
$user = null;
}
// Check for required fields
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
$json['success'] = false;
$json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist");
echo json_encode($json);
return false;
}
$aItem = Item::newInstance()->findByPrimaryKey($item);
// Check if the item exists
if (count($aItem) == 0) {
$json['success'] = false;
$json['msg'] = _m('The item doesn\'t exist');
echo json_encode($json);
return false;
}
// Check if the item belong to the user
if ($userId != null && $userId != $aItem['fk_i_user_id']) {
$json['success'] = false;
$json['msg'] = _m('The item doesn\'t belong to you');
echo json_encode($json);
return false;
}
// Check if the secret passphrase match with the item
if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) {
$json['success'] = false;
$json['msg'] = _m('The item doesn\'t belong to you');
echo json_encode($json);
return false;
}
// Does id & code combination exist?
$result = ItemResource::newInstance()->existResource($id, $code);
if ($result > 0) {
// Delete: file, db table entry
osc_deleteResource($id);
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
$json['msg'] = _m('The selected photo has been successfully deleted');
$json['success'] = 'true';
} else {
$json['msg'] = _m("The selected photo couldn't be deleted");
$json['success'] = 'false';
}
echo json_encode($json);
return true;
break;
case 'alerts':
// Allow to register to an alert given (not sure it's used on admin)
$alert = Params::getParam("alert");
$email = Params::getParam("email");
$userid = Params::getParam("userid");
if ($alert != '' && $email != '') {
if (preg_match("/^[_a-z0-9-+]+(\\.[_a-z0-9-+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", $email)) {
$secret = osc_genRandomPassword();
if (Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) {
if ((int) $userid > 0) {
$user = User::newInstance()->findByPrimaryKey($userid);
if ($user['b_active'] == 1 && $user['b_enabled'] == 1) {
Alerts::newInstance()->activate($email, $secret);
echo '1';
return true;
} else {
echo '-1';
return false;
}
} else {
osc_run_hook('hook_email_alert_validation', $alert, $email, $secret);
}
echo "1";
} else {
echo "0";
}
return true;
} else {
echo '-1';
return false;
}
}
echo '0';
return false;
break;
case 'runhook':
//Run hooks
$hook = Params::getParam("hook");
switch ($hook) {
case 'item_form':
$catId = Params::getParam("catId");
if ($catId != '') {
osc_run_hook("item_form", $catId);
} else {
osc_run_hook("item_form");
}
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
if ($hook == '') {
return false;
} else {
osc_run_hook($hook);
}
break;
}
break;
case 'custom':
// Execute via AJAX custom file
$ajaxfile = Params::getParam("ajaxfile");
if ($ajaxfile != '') {
require_once osc_plugins_path() . $ajaxfile;
} else {
echo json_encode(array('error' => __('no action defined')));
}
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->getByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->getByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
echo json_encode($cities);
break;
case 'alerts':
// Allow to register to an alert given (not sure it's used on admin)
$alert = Params::getParam("alert");
$email = Params::getParam("email");
$userid = Params::getParam("userid");
if ($alert != '' && $email != '') {
if (preg_match("/^[_a-z0-9-+]+(\\.[_a-z0-9-+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", $email)) {
Alerts::newInstance()->createAlert($userid, $email, $alert);
echo "1";
} else {
echo '0';
}
return true;
}
echo '0';
return false;
break;
case 'runhook':
//Run hooks
$hook = Params::getParam("hook");
switch ($hook) {
case 'item_form':
$catId = Params::getParam("catId");
if ($catId != '') {
osc_run_hook("item_form", $catId);
} else {
osc_run_hook("item_form");
}
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
if ($hook == '') {
return false;
} else {
osc_run_hook($hook);
}
break;
}
break;
case 'custom':
// Execute via AJAX custom file
$ajaxfile = Params::getParam("ajaxfile");
if ($ajaxfile != '') {
require_once osc_plugins_path() . $ajaxfile;
} else {
echo json_encode(array('error' => __('no action defined')));
}
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
}
$conn->osc_dbExec($qry);
$item_count++;
}
osc_add_flash_ok_message($item_count . ' Cover Photo(s) Denied ', 'admin');
header('Location:' . osc_admin_render_plugin_url($file));
}
break;
case 'delete':
$user_ids = Params::getParam('chk');
$count = count($user_ids);
if ($count > 0) {
$item_count = 0;
foreach ($user_ids as $user_id) {
$conn = getConnection();
$qry = 'DELETE FROM ' . DB_TABLE_PREFIX . 't_cover_photo WHERE user_id = ' . $user_id;
$img_path = osc_plugins_path() . 'cover_photo/images/profile' . $user_id . get_image_extension($user_id);
unlink($img_path);
$conn->osc_dbExec($qry);
$item_count++;
}
osc_add_flash_ok_message($item_count . ' Cover Photo(s) Deleted ', 'admin');
header('Location:' . osc_admin_render_plugin_url($file));
}
break;
}
break;
}
if (Params::getParam('start') == '') {
$start = 0;
} else {
$start = Params::getParam('start');
/**
* Fix the problem of symbolics links in the path of the file
*
* @param string $file The filename of plugin.
* @return string The fixed path of a plugin.
*/
function osc_plugin_path($file)
{
// Sanitize windows paths and duplicated slashes
$file = preg_replace('|/+|', '/', str_replace('\\', '/', $file));
$plugin_path = preg_replace('|/+|', '/', str_replace('\\', '/', osc_plugins_path()));
$file = $plugin_path . preg_replace('#^.*oc-content\\/plugins\\/#', '', $file);
return $file;
}
}
}
if ($message == "") {
$message = __('Files removed');
}
} else {
$message = __('No files to remove');
}
break;
case 'copy-files':
$fail = -1;
if ($handle = opendir(ABS_PATH . 'oc-temp')) {
$fail = 0;
while (false !== ($_file = readdir($handle))) {
if ($_file != '.' && $_file != '..' && $_file != 'remove.list' && $_file != 'upgrade.sql' && $_file != 'customs.actions') {
$fail += osc_copy(ABS_PATH . "/oc-temp/" . $_file, osc_plugins_path() . $_file);
}
}
closedir($handle);
switch ($fail) {
case 0:
$message = __('There were problems copying files');
break;
case 1:
$message = __('Nothing to copy');
break;
default:
$message = __('Files copied');
}
} else {
$message = __('Nothing to copy');
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'add':
$this->doView("plugins/add.php");
break;
case 'add_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
$package = Params::getFiles("package");
if (isset($package['size']) && $package['size'] != 0) {
$path = osc_plugins_path();
(int) ($status = osc_unzip_file($package['tmp_name'], $path));
} else {
$status = 3;
}
switch ($status) {
case 0:
$msg = _m('The plugin folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
case 1:
$msg = _m('The plugin has been uploaded correctly');
osc_add_flash_ok_message($msg, 'admin');
break;
case 2:
$msg = _m('The zip file is not valid');
osc_add_flash_error_message($msg, 'admin');
break;
case 3:
$msg = _m('No file was uploaded');
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins&action=add");
break;
case -1:
default:
$msg = _m('There was a problem adding the plugin');
osc_add_flash_error_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'install':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
$pn = Params::getParam('plugin');
// set header just in case it's triggered some fatal error
header("Location: " . osc_admin_base_url(true) . "?page=plugins&error=" . $pn, true, '302');
$installed = Plugins::install($pn);
if (is_array($installed)) {
switch ($installed['error_code']) {
case 'error_output':
osc_add_flash_error_message(sprintf(_m('The plugin generated %d characters of <strong>unexpected output</strong> during the installation'), strlen($installed['output'])), 'admin');
break;
case 'error_installed':
osc_add_flash_error_message(_m('Plugin is already installed'), 'admin');
break;
case 'error_file':
osc_add_flash_error_message(_m("Plugin couldn't be installed because their files are missing"), 'admin');
break;
case 'custom_error':
osc_add_flash_error_message(sprintf(_m("Plugin couldn't be installed because of: %s"), $installed['msg']), 'admin');
break;
default:
osc_add_flash_error_message(_m("Plugin couldn't be installed"), 'admin');
break;
}
} else {
osc_add_flash_ok_message(_m('Plugin installed'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
break;
case 'uninstall':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
if (Plugins::uninstall(Params::getParam("plugin"))) {
osc_add_flash_ok_message(_m('Plugin uninstalled'), 'admin');
} else {
osc_add_flash_error_message(_m("Plugin couldn't be uninstalled"), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
break;
case 'enable':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
if (Plugins::activate(Params::getParam('plugin'))) {
osc_add_flash_ok_message(_m('Plugin enabled'), 'admin');
} else {
osc_add_flash_error_message(_m('Plugin is already enabled'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
break;
case 'disable':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
if (Plugins::deactivate(Params::getParam('plugin'))) {
osc_add_flash_ok_message(_m('Plugin disabled'), 'admin');
} else {
osc_add_flash_error_message(_m('Plugin is already disabled'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
break;
case 'admin':
$plugin = Params::getParam("plugin");
if ($plugin != "") {
Plugins::runHook($plugin . '_configure');
}
break;
case 'admin_post':
Plugins::runHook('admin_post');
case 'renderplugin':
$file = Params::getParam("file");
if ($file != "") {
// We pass the GET variables (in case we have somes)
if (preg_match('|(.+?)\\?(.*)|', $file, $match)) {
$file = $match[1];
if (preg_match_all('|&([^=]+)=([^&]*)|', urldecode('&' . $match[2] . '&'), $get_vars)) {
for ($var_k = 0; $var_k < count($get_vars[1]); $var_k++) {
//$_GET[$get_vars[1][$var_k]] = $get_vars[2][$var_k];
//$_REQUEST[$get_vars[1][$var_k]] = $get_vars[2][$var_k];
Params::setParam($get_vars[1][$var_k], $get_vars[2][$var_k]);
}
}
} else {
$file = $_REQUEST['file'];
}
$this->_exportVariableToView("file", osc_plugins_path() . $file);
//osc_renderPluginView($file);
$this->doView("plugins/view.php");
}
break;
case 'render':
$file = Params::getParam("file");
if ($file != "") {
// We pass the GET variables (in case we have somes)
if (preg_match('|(.+?)\\?(.*)|', $file, $match)) {
$file = $match[1];
if (preg_match_all('|&([^=]+)=([^&]*)|', urldecode('&' . $match[2] . '&'), $get_vars)) {
for ($var_k = 0; $var_k < count($get_vars[1]); $var_k++) {
Params::setParam($get_vars[1][$var_k], $get_vars[2][$var_k]);
}
}
} else {
$file = $_REQUEST['file'];
}
$this->_exportVariableToView("file", ABS_PATH . $file);
$this->doView("theme/view.php");
}
break;
case 'configure':
$plugin = Params::getParam("plugin");
if ($plugin != '') {
$plugin_data = Plugins::getInfo($plugin);
$this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
$this->_exportVariableToView("selected", PluginCategory::newInstance()->listSelected($plugin_data['short_name']));
$this->_exportVariableToView("plugin_data", $plugin_data);
$this->doView("plugins/configuration.php");
} else {
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
}
break;
case 'configure_post':
$plugin_short_name = Params::getParam("plugin_short_name");
$categories = Params::getParam("categories");
if ($plugin_short_name != "") {
Plugins::cleanCategoryFromPlugin($plugin_short_name);
if (isset($categories)) {
Plugins::addToCategoryPlugin($categories, $plugin_short_name);
}
} else {
osc_add_flash_error_message(_m('No plugin selected'), 'admin');
$this->doView("plugins/index.php");
}
osc_add_flash_ok_message(_m('Configuration was saved'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'error_plugin':
// force php errors and simulate plugin installation to show the errors in the iframe
if (!OSC_DEBUG) {
error_reporting(E_ALL | E_STRICT);
}
@ini_set('display_errors', 1);
include osc_plugins_path() . Params::getParam('plugin');
Plugins::install(Params::getParam('plugin'));
exit;
break;
default:
$this->_exportVariableToView("plugins", Plugins::listAll());
$this->doView("plugins/index.php");
}
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
foreach ($cities as $k => $city) {
$cities[$k]['label'] = $city['label'] . " (" . $city['region'] . ")";
}
echo json_encode($cities);
break;
case 'location_countries':
// This is the autocomplete AJAX
$countries = Country::newInstance()->ajax(Params::getParam("term"));
echo json_encode($countries);
break;
case 'location_regions':
// This is the autocomplete AJAX
$regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country"));
echo json_encode($regions);
break;
case 'location_cities':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region"));
echo json_encode($cities);
break;
case 'delete_image':
// Delete images via AJAX
$ajax_photo = Params::getParam('ajax_photo');
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
$json = array();
if ($ajax_photo != '') {
$files = Session::newInstance()->_get('ajax_files');
$success = false;
foreach ($files as $uuid => $file) {
if ($file == $ajax_photo) {
$filename = $files[$uuid];
unset($files[$uuid]);
Session::newInstance()->_set('ajax_files', $files);
$success = @unlink(osc_content_path() . 'uploads/temp/' . $filename);
break;
}
}
echo json_encode(array('success' => $success, 'msg' => $success ? _m('The selected photo has been successfully deleted') : _m("The selected photo couldn't be deleted")));
return false;
}
if (Session::newInstance()->_get('userId') != '') {
$userId = Session::newInstance()->_get('userId');
$user = User::newInstance()->findByPrimaryKey($userId);
} else {
$userId = null;
$user = null;
}
// Check for required fields
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
$json['success'] = false;
$json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist");
echo json_encode($json);
return false;
}
$aItem = Item::newInstance()->findByPrimaryKey($item);
// Check if the item exists
if (count($aItem) == 0) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't exist");
echo json_encode($json);
return false;
}
if (!osc_is_admin_user_logged_in()) {
// Check if the item belong to the user
if ($userId != null && $userId != $aItem['fk_i_user_id']) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't belong to you");
echo json_encode($json);
return false;
}
// Check if the secret passphrase match with the item
if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't belong to you");
echo json_encode($json);
return false;
}
}
// Does id & code combination exist?
$result = ItemResource::newInstance()->existResource($id, $code);
if ($result > 0) {
$resource = ItemResource::newInstance()->findByPrimaryKey($id);
if ($resource['fk_i_item_id'] == $item) {
// Delete: file, db table entry
if (defined(OC_ADMIN)) {
osc_deleteResource($id, true);
Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'admin', osc_logged_admin_id());
} else {
osc_deleteResource($id, false);
Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'user', osc_logged_user_id());
}
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
$json['msg'] = _m('The selected photo has been successfully deleted');
$json['success'] = 'true';
} else {
$json['msg'] = _m("The selected photo does not belong to you");
$json['success'] = 'false';
}
} else {
$json['msg'] = _m("The selected photo couldn't be deleted");
$json['success'] = 'false';
}
echo json_encode($json);
return true;
break;
case 'alerts':
// Allow to register to an alert given (not sure it's used on admin)
$encoded_alert = Params::getParam("alert");
$alert = osc_decrypt_alert(base64_decode($encoded_alert));
// check alert integrity / signature
$stringToSign = osc_get_alert_public_key() . $encoded_alert;
$signature = hex2b64(hmacsha1(osc_get_alert_private_key(), $stringToSign));
$server_signature = Session::newInstance()->_get('alert_signature');
if ($server_signature != $signature) {
echo '-2';
return false;
}
$email = Params::getParam("email");
$userid = Params::getParam("userid");
if (osc_is_web_user_logged_in()) {
$userid = osc_logged_user_id();
$user = User::newInstance()->findByPrimaryKey($userid);
$email = $user['s_email'];
}
if ($alert != '' && $email != '') {
if (osc_validate_email($email)) {
$secret = osc_genRandomPassword();
if ($alertID = Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) {
if ((int) $userid > 0) {
$user = User::newInstance()->findByPrimaryKey($userid);
if ($user['b_active'] == 1 && $user['b_enabled'] == 1) {
Alerts::newInstance()->activate($alertID);
echo '1';
return true;
} else {
echo '-1';
return false;
}
} else {
$aAlert = Alerts::newInstance()->findByPrimaryKey($alertID);
osc_run_hook('hook_email_alert_validation', $aAlert, $email, $secret);
}
echo "1";
} else {
echo "0";
}
return true;
} else {
echo '-1';
return false;
}
}
echo '0';
return false;
break;
case 'runhook':
// run hooks
$hook = Params::getParam('hook');
if ($hook == '') {
echo json_encode(array('error' => 'hook parameter not defined'));
break;
}
switch ($hook) {
case 'item_form':
osc_run_hook('item_form', Params::getParam('catId'));
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
osc_run_hook('ajax_' . $hook);
break;
}
break;
case 'custom':
// Execute via AJAX custom file
if (Params::existParam('route')) {
$routes = Rewrite::newInstance()->getRoutes();
$rid = Params::getParam('route');
$file = '../';
if (isset($routes[$rid]) && isset($routes[$rid]['file'])) {
$file = $routes[$rid]['file'];
}
} else {
// DEPRECATED: Disclosed path in URL is deprecated, use routes instead
// This will be REMOVED in 3.4
$file = Params::getParam('ajaxfile');
}
if ($file == '') {
echo json_encode(array('error' => 'no action defined'));
break;
}
// valid file?
if (strpos($file, '../') !== false || strpos($file, '..\\') !== false || stripos($file, '/admin/') !== false) {
//If the file is inside an "admin" folder, it should NOT be opened in frontend
echo json_encode(array('error' => 'no valid ajaxFile'));
break;
}
if (!file_exists(osc_plugins_path() . $file)) {
echo json_encode(array('error' => "ajaxFile doesn't exist"));
break;
}
require_once osc_plugins_path() . $file;
break;
case 'check_username_availability':
$username = osc_sanitize_username(Params::getParam('s_username'));
if (!osc_is_username_blacklisted($username)) {
$user = User::newInstance()->findByUsername($username);
if (isset($user['s_username'])) {
echo json_encode(array('exists' => 1, 's_username' => $username));
} else {
echo json_encode(array('exists' => 0, 's_username' => $username));
}
} else {
echo json_encode(array('exists' => 1, 's_username' => $username));
}
break;
case 'ajax_upload':
// Include the uploader class
require_once LIB_PATH . "AjaxUploader.php";
$uploader = new AjaxUploader();
$original = pathinfo($uploader->getOriginalName());
$filename = uniqid("qqfile_") . "." . $original['extension'];
$result = $uploader->handleUpload(osc_content_path() . 'uploads/temp/' . $filename);
$result['uploadName'] = $filename;
echo htmlspecialchars(json_encode($result), ENT_NOQUOTES);
break;
case 'ajax_validate':
$id = Params::getParam('id');
if (!is_numeric($id)) {
echo json_encode(array('success' => false));
die;
}
$secret = Params::getParam('secret');
$item = Item::newInstance()->findByPrimaryKey($id);
if ($item['s_secret'] != $secret) {
echo json_encode(array('success' => false));
die;
}
$nResources = ItemResource::newInstance()->countResources($id);
$result = array('success' => $nResources < osc_max_images_per_item(), 'count' => $nResources);
echo json_encode($result);
break;
case 'delete_ajax_upload':
$files = Session::newInstance()->_get('ajax_files');
$success = false;
$filename = '';
if (isset($files[Params::getParam('qquuid')]) && $files[Params::getParam('qquuid')] != '') {
$filename = $files[Params::getParam('qquuid')];
unset($files[Params::getParam('qquuid')]);
Session::newInstance()->_set('ajax_files', $files);
$success = @unlink(osc_content_path() . 'uploads/temp/' . $filename);
}
echo json_encode(array('success' => $success, 'uploadName' => $filename));
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
require_once osc_plugins_path() . osc_plugin_folder(__FILE__) . 'payments/paypal/Paypal.php';
}
if (osc_get_preference('blockchain_enabled', 'payment') == 1) {
require_once osc_plugins_path() . osc_plugin_folder(__FILE__) . 'payments/blockchain/Blockchain.php';
// Ready, but untested
}
if (osc_get_preference('braintree_enabled', 'payment') == 1) {
require_once osc_plugins_path() . osc_plugin_folder(__FILE__) . 'payments/braintree/BraintreePayment.php';
osc_add_hook('ajax_braintree', array('BraintreePayment', 'ajaxPayment'));
}
if (osc_get_preference('stripe_enabled', 'payment') == 1) {
require_once osc_plugins_path() . osc_plugin_folder(__FILE__) . 'payments/stripe/StripePayment.php';
osc_add_hook('ajax_stripe', array('StripePayment', 'ajaxPayment'));
}
if (osc_get_preference('coinjar_enabled', 'payment') == 1) {
require_once osc_plugins_path() . osc_plugin_folder(__FILE__) . 'payments/coinjar/CoinjarPayment.php';
osc_add_route('coinjar-notify', 'payment/coinjar-notify/(.+)', 'payment/coinjar-notify/{extra}', osc_plugin_folder(__FILE__) . 'payments/coinjar/notify_url.php', true);
osc_add_route('coinjar-return', 'payment/coinjar-return/(.+)', 'payment/coinjar-return/{extra}', osc_plugin_folder(__FILE__) . 'payments/coinjar/return.php', true);
osc_add_route('coinjar-cancel', 'payment/coinjar-cancel/(.+)', 'payment/coinjar-cancel/{extra}', osc_plugin_folder(__FILE__) . 'payments/coinjar/cancel.php', true);
osc_add_hook('ajax_coinjar', array('CoinjarPayment', 'createOrder'));
}
/**
* Create tables and variables on t_preference and t_pages
*/
function payment_install()
{
ModelPayment::newInstance()->install();
}
/**
* Clean up all the tables and preferences
*/
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
echo json_encode($cities);
break;
case 'userajax':
// This is the autocomplete AJAX
$users = User::newInstance()->ajax(Params::getParam("term"));
if (count($users) == 0) {
echo json_encode(array(0 => array('id' => '', 'label' => __('No results'), 'value' => __('No results'))));
} else {
echo json_encode($users);
}
break;
case 'date_format':
echo json_encode(array('format' => Params::getParam('format'), 'str_formatted' => osc_format_date(date(Params::getParam('format')))));
break;
case 'runhook':
// run hooks
$hook = Params::getParam('hook');
if ($hook == '') {
echo json_encode(array('error' => 'hook parameter not defined'));
break;
}
switch ($hook) {
case 'item_form':
osc_run_hook('item_form', Params::getParam('catId'));
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
osc_run_hook('ajax_admin_' . $hook);
break;
}
break;
case 'items':
// Return items (use external file oc-admin/ajax/item_processing.php)
require_once osc_admin_base_path() . 'ajax/items_processing.php';
$items_processing = new ItemsProcessingAjax(Params::getParamsAsArray("get"));
break;
case 'users':
// Return items (use external file oc-admin/ajax/item_processing.php)
require_once osc_admin_base_path() . 'ajax/users_processing.php';
$users_processing = new UsersProcessingAjax(Params::getParamsAsArray("get"));
break;
case 'media':
// Return items (use external file oc-admin/ajax/media_processing.php)
require_once osc_admin_base_path() . 'ajax/media_processing.php';
$media_processing = new MediaProcessingAjax(Params::getParamsAsArray("get"));
break;
case 'categories_order':
// Save the order of the categories
$aIds = Params::getParam('list');
$orderParent = 0;
$orderSub = 0;
$catParent = 0;
$error = 0;
$catManager = Category::newInstance();
$aRecountCat = array();
foreach ($aIds as $id => $parent) {
if ($parent == 'root') {
$res = $catManager->updateOrder($id, $orderParent);
if (is_bool($res) && !$res) {
$error = 1;
}
// find category
$auxCategory = Category::newInstance()->findByPrimaryKey($id);
// set parent category
$conditions = array('pk_i_id' => $id);
$array['fk_i_parent_id'] = NULL;
$res = $catManager->update($array, $conditions);
if (is_bool($res) && !$res) {
$error = 1;
} else {
if ($res == 1) {
// updated ok
$parentId = $auxCategory['fk_i_parent_id'];
if ($parentId) {
// update parent category stats
array_push($aRecountCat, $id);
array_push($aRecountCat, $parentId);
}
}
}
$orderParent++;
} else {
if ($parent != $catParent) {
$catParent = $parent;
$orderSub = 0;
}
$res = $catManager->updateOrder($id, $orderSub);
if (is_bool($res) && !$res) {
$error = 1;
}
// set parent category
$auxCategory = Category::newInstance()->findByPrimaryKey($id);
$auxCategoryP = Category::newInstance()->findByPrimaryKey($catParent);
$conditions = array('pk_i_id' => $id);
$array['fk_i_parent_id'] = $catParent;
$res = $catManager->update($array, $conditions);
if (is_bool($res) && !$res) {
$error = 1;
} else {
if ($res == 1) {
// updated ok
// update category parent
$prevParentId = $auxCategory['fk_i_parent_id'];
$parentId = $auxCategoryP['pk_i_id'];
array_push($aRecountCat, $prevParentId);
array_push($aRecountCat, $parentId);
}
}
$orderSub++;
}
}
// update category stats
foreach ($aRecountCat as $rId) {
osc_update_cat_stats_id($rId);
}
if ($error) {
$result = array('error' => __("Some error ocurred"));
} else {
$result = array('ok' => __("Order saved"));
}
echo json_encode($result);
break;
case 'category_edit_iframe':
$this->_exportVariableToView('category', Category::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView('languages', OSCLocale::newInstance()->listAllEnabled());
$this->doView("categories/iframe.php");
break;
case 'field_categories_iframe':
$selected = Field::newInstance()->categories(Params::getParam("id"));
if ($selected == null) {
$selected = array();
}
$this->_exportVariableToView("selected", $selected);
$this->_exportVariableToView("field", Field::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
$this->doView("fields/iframe.php");
break;
case 'field_categories_post':
$error = 0;
$field = Field::newInstance()->findByName(Params::getParam("s_name"));
if (!isset($field['pk_i_id']) || isset($field['pk_i_id']) && $field['pk_i_id'] == Params::getParam("id")) {
// remove categories from a field
Field::newInstance()->cleanCategoriesFromField(Params::getParam("id"));
// no error... continue updating fields
if ($error == 0) {
$slug = Params::getParam("field_slug") != '' ? Params::getParam("field_slug") : Params::getParam("s_name");
$slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($slug)));
$slug_k = 0;
while (true) {
$field = Field::newInstance()->findBySlug($slug);
if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
break;
} else {
$slug_k++;
$slug = $slug_tmp . "_" . $slug_k;
}
}
$res = Field::newInstance()->update(array('s_name' => Params::getParam("s_name"), 'e_type' => Params::getParam("field_type"), 's_slug' => $slug, 'b_required' => Params::getParam("field_required") == "1" ? 1 : 0, 's_options' => Params::getParam('s_options')), array('pk_i_id' => Params::getParam("id")));
if (is_bool($res) && !$res) {
$error = 1;
}
}
// no error... continue inserting categories-field
if ($error == 0) {
$aCategories = Params::getParam("categories");
if (is_array($aCategories) && count($aCategories) > 0) {
$res = Field::newInstance()->insertCategories(Params::getParam("id"), $aCategories);
if (!$res) {
$error = 1;
}
}
}
// error while updating?
if ($error == 1) {
$message = __("Error while updating.");
}
} else {
$error = 1;
$message = __("Sorry, you already have one field with that name");
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"), 'text' => Params::getParam("s_name"), 'field_id' => $field['pk_i_id']);
}
echo json_encode($result);
break;
case 'delete_field':
$id = Params::getParam("id");
$error = 0;
$fieldManager = Field::newInstance();
$res = $fieldManager->deleteByPrimaryKey($id);
if ($res > 0) {
$message = __('The custom field have been deleted');
} else {
$error = 1;
$message = __('Error while deleting');
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"));
}
echo json_encode($result);
break;
case 'add_field':
$s_name = __('NEW custom field');
$slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($s_name)));
$slug_k = 0;
while (true) {
$field = Field::newInstance()->findBySlug($slug);
if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
break;
} else {
$slug_k++;
$slug = $slug_tmp . "_" . $slug_k;
}
}
$fieldManager = Field::newInstance();
$result = $fieldManager->insertField($s_name, 'TEXT', $slug, 0, '', array());
if ($result) {
echo json_encode(array('error' => 0, 'field_id' => $fieldManager->dao->insertedId(), 'field_name' => $s_name));
} else {
echo json_encode(array('error' => 1));
}
break;
case 'enable_category':
$id = strip_tags(Params::getParam('id'));
$enabled = Params::getParam('enabled') != '' ? Params::getParam('enabled') : 0;
$error = 0;
$result = array();
$aUpdated = array();
$mCategory = Category::newInstance();
$aCategory = $mCategory->findByPrimaryKey($id);
if ($aCategory == false) {
$result = array('error' => sprintf(__("It doesn't exist a category with this id: %d"), $id));
echo json_encode($result);
break;
}
// root category
if ($aCategory['fk_i_parent_id'] == '') {
$mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
$mCategory->update(array('b_enabled' => $enabled), array('fk_i_parent_id' => $id));
$subCategories = $mCategory->findSubcategories($id);
$aIds = array($id);
$aUpdated[] = array('id' => $id);
foreach ($subCategories as $subcategory) {
$aIds[] = $subcategory['pk_i_id'];
$aUpdated[] = array('id' => $subcategory['pk_i_id']);
}
Item::newInstance()->enableByCategory($enabled, $aIds);
if ($enabled) {
$result = array('ok' => __('The category and its subcategories have been enabled'));
} else {
$result = array('ok' => __('The category and its subcategories have been disabled'));
}
$result['affectedIds'] = $aUpdated;
echo json_encode($result);
break;
}
// subcategory
$parentCategory = $mCategory->findRootCategory($id);
if (!$parentCategory['b_enabled']) {
$result = array('error' => __('Parent category is disabled, you can not enable that category'));
echo json_encode($result);
break;
}
$mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
if ($enabled) {
$result = array('ok' => __('The subcategory has been enabled'));
} else {
$result = array('ok' => __('The subcategory has been disabled'));
}
$result['affectedIds'] = array(array('id' => $id));
echo json_encode($result);
break;
case 'delete_category':
$id = Params::getParam("id");
$error = 0;
$categoryManager = Category::newInstance();
$res = $categoryManager->deleteByPrimaryKey($id);
if ($res > 0) {
$message = __('The categories have been deleted');
} else {
$error = 1;
$message = __('Error while deleting');
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"));
}
echo json_encode($result);
break;
case 'edit_category_post':
$id = Params::getParam("id");
$fields['i_expiration_days'] = Params::getParam("i_expiration_days") != '' ? Params::getParam("i_expiration_days") : 0;
$error = 0;
$has_one_title = 0;
$postParams = Params::getParamsAsArray();
foreach ($postParams as $k => $v) {
if (preg_match('|(.+?)#(.+)|', $k, $m)) {
if ($m[2] == 's_name') {
if ($v != "") {
$has_one_title = 1;
$aFieldsDescription[$m[1]][$m[2]] = $v;
$s_text = $v;
} else {
$aFieldsDescription[$m[1]][$m[2]] = ' ';
$error = 1;
}
} else {
$aFieldsDescription[$m[1]][$m[2]] = $v;
}
}
}
$l = osc_language();
if ($error == 0 || $error == 1 && $has_one_title == 1) {
$categoryManager = Category::newInstance();
$res = $categoryManager->updateByPrimaryKey(array('fields' => $fields, 'aFieldsDescription' => $aFieldsDescription), $id);
if (is_bool($res)) {
$error = 2;
}
}
if ($error == 0) {
$msg = __("Category updated correctly");
} else {
if ($error == 1) {
if ($has_one_title == 1) {
$error = 4;
$msg = __('Category updated correctly, but some titles were empty');
} else {
$msg = __('Sorry, at least a title is needed');
}
} else {
if ($error == 2) {
$msg = __('Error while updating');
}
}
}
echo json_encode(array('error' => $error, 'msg' => $msg, 'text' => $aFieldsDescription[$l]['s_name']));
break;
case 'custom':
// Execute via AJAX custom file
$ajaxFile = Params::getParam("ajaxfile");
if ($ajaxFile == '') {
echo json_encode(array('error' => 'no action defined'));
break;
}
// valid file?
if (stripos($ajaxFile, '../') !== false) {
echo json_encode(array('error' => 'no valid ajaxFile'));
break;
}
if (!file_exists(osc_plugins_path() . $ajaxFile)) {
echo json_encode(array('error' => "ajaxFile doesn't exist"));
break;
}
require_once osc_plugins_path() . $ajaxFile;
break;
case 'test_mail':
$title = sprintf(__('Test email, %s'), osc_page_title());
$body = __("Test email") . "<br><br>" . osc_page_title();
$emailParams = array('subject' => $title, 'to' => osc_contact_email(), 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
$array = array();
if (osc_sendMail($emailParams)) {
$array = array('status' => '1', 'html' => __('Email sent successfully'));
} else {
$array = array('status' => '0', 'html' => __('An error has occurred while sending email'));
}
echo json_encode($array);
break;
case 'order_pages':
$order = Params::getParam("order");
$id = Params::getParam("id");
if ($order != '' && $id != '') {
$mPages = Page::newInstance();
$actual_page = $mPages->findByPrimaryKey($id);
$actual_order = $actual_page['i_order'];
$array = array();
$condition = array();
$new_order = $actual_order;
if ($order == 'up') {
$page = $mPages->findPrevPage($actual_order);
} else {
if ($order == 'down') {
$page = $mPages->findNextPage($actual_order);
}
}
if (isset($page['i_order'])) {
$mPages->update(array('i_order' => $page['i_order']), array('pk_i_id' => $id));
$mPages->update(array('i_order' => $actual_order), array('pk_i_id' => $page['pk_i_id']));
}
// TO BE IMPROVED
// json for datatables
$prefLocale = osc_current_user_locale();
$this->_exportVariableToView('pages', $mPages->listAll(0));
$o_json = array();
while (osc_has_static_pages()) {
$row = array();
$page = osc_static_page();
$content = array();
if (isset($page['locale'][$prefLocale]) && !empty($page['locale'][$prefLocale]['s_title'])) {
$content = $page['locale'][$prefLocale];
} else {
$content = current($page['locale']);
}
$options = array();
$options[] = '<a href="' . osc_static_page_url() . '">' . __('View page') . '</a>';
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=pages&action=edit&id=' . osc_static_page_id() . '">' . __('Edit') . '</a>';
if (!$page['b_indelible']) {
$options[] = '<a onclick="javascript:return confirm(\'' . osc_esc_js("This action can't be undone. Are you sure you want to continue?") . '\')" href="' . osc_admin_base_url(true) . '?page=pages&action=delete&id=' . osc_static_page_id() . '">' . __('Delete') . '</a>';
}
$row[] = '<input type="checkbox" name="id[]"" value="' . osc_static_page_id() . '"" />';
$row[] = $page['s_internal_name'] . '<div id="datatables_quick_edit" style="display: none;">' . implode(' · ', $options) . '</div>';
$row[] = $content['s_title'];
$row[] = osc_static_page_order() . ' <img id="up" onclick="order_up(' . osc_static_page_id() . ');" style="cursor:pointer; width:15px; height:15px;" src="' . osc_current_admin_theme_url('images/arrow_up.png') . '"/> <br/><img id="down" onclick="order_down(' . osc_static_page_id() . ');" style="cursor:pointer; width:15px; height:15px; margin-left: 10px;" src="' . osc_current_admin_theme_url('images/arrow_down.png') . '"/>';
$o_json[] = $row;
}
echo json_encode($o_json);
}
break;
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
case 'upgrade':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
$message = "";
$error = 0;
$sql_error_msg = "";
$rm_errors = 0;
$perms = osc_save_permissions();
osc_change_permissions();
$maintenance_file = ABS_PATH . '.maintenance';
$fileHandler = @fopen($maintenance_file, 'w');
fclose($fileHandler);
/***********************
**** DOWNLOAD FILE ****
***********************/
$data = osc_file_get_contents("http://osclass.org/latest_version.php");
$data = json_decode(substr($data, 1, strlen($data) - 3), true);
$source_file = $data['url'];
if ($source_file != '') {
$tmp = explode("/", $source_file);
$filename = end($tmp);
$result = osc_downloadFile($source_file, $filename);
if ($result) {
// Everything is OK, continue
/**********************
***** UNZIP FILE *****
**********************/
@mkdir(ABS_PATH . 'oc-temp', 0777);
$res = osc_unzip_file(osc_content_path() . 'downloads/' . $filename, ABS_PATH . 'oc-temp/');
if ($res == 1) {
// Everything is OK, continue
/**********************
***** COPY FILES *****
**********************/
$fail = -1;
if ($handle = opendir(ABS_PATH . 'oc-temp')) {
$fail = 0;
while (false !== ($_file = readdir($handle))) {
if ($_file != '.' && $_file != '..' && $_file != 'remove.list' && $_file != 'upgrade.sql' && $_file != 'customs.actions') {
$data = osc_copy(ABS_PATH . "oc-temp/" . $_file, ABS_PATH . $_file);
if ($data == false) {
$fail = 1;
}
}
}
closedir($handle);
if ($fail == 0) {
// Everything is OK, continue
/************************
*** UPGRADE DATABASE ***
************************/
$error_queries = array();
if (file_exists(osc_lib_path() . 'osclass/installer/struct.sql')) {
$sql = file_get_contents(osc_lib_path() . 'osclass/installer/struct.sql');
$conn = DBConnectionClass::newInstance();
$c_db = $conn->getOsclassDb();
$comm = new DBCommandClass($c_db);
$error_queries = $comm->updateDB(str_replace('/*TABLE_PREFIX*/', DB_TABLE_PREFIX, $sql));
}
if ($error_queries[0]) {
// Everything is OK, continue
/**********************************
** EXECUTING ADDITIONAL ACTIONS **
**********************************/
if (file_exists(osc_lib_path() . 'osclass/upgrade-funcs.php')) {
// There should be no errors here
define('AUTO_UPGRADE', true);
require_once osc_lib_path() . 'osclass/upgrade-funcs.php';
}
// Additional actions is not important for the rest of the proccess
// We will inform the user of the problems but the upgrade could continue
/****************************
** REMOVE TEMPORARY FILES **
****************************/
$path = ABS_PATH . 'oc-temp';
$rm_errors = 0;
$dir = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path), RecursiveIteratorIterator::CHILD_FIRST);
for ($dir->rewind(); $dir->valid(); $dir->next()) {
if ($dir->isDir()) {
if ($dir->getFilename() != '.' && $dir->getFilename() != '..') {
if (!rmdir($dir->getPathname())) {
$rm_errors++;
}
}
} else {
if (!unlink($dir->getPathname())) {
$rm_errors++;
}
}
}
if (!rmdir($path)) {
$rm_errors++;
}
$deleted = @unlink(ABS_PATH . '.maintenance');
if ($rm_errors == 0) {
$message = __('Everything was OK! Your OSClass installation is updated');
} else {
$message = __('Almost everything was OK! Your OSClass installation is updated, but there were some errors removing temporary files. Please, remove manually the "oc-temp" folder');
$error = 6;
// Some errors removing files
}
} else {
$sql_error_msg = $error_queries[2];
$message = __('Problems upgrading the database');
$error = 5;
// Problems upgrading the database
}
} else {
$message = __('Problems copying files. Maybe permissions are not correct');
$error = 4;
// Problems copying files. Maybe permissions are not correct
}
} else {
$message = __('Nothing to copy');
$error = 99;
// Nothing to copy. THIS SHOULD NEVER HAPPENS, means we dont update any file!
}
} else {
$message = __('Unzip failed');
$error = 3;
// Unzip failed
}
} else {
$message = __('Download failed');
$error = 2;
// Download failed
}
} else {
$message = __('Missing download URL');
$error = 1;
// Missing download URL
}
if ($error == 5) {
$message .= "<br /><br />" . __('We had some errors upgrading your database. The follwing queries failed') . implode("<br />", $sql_error_msg);
}
echo $message;
foreach ($perms as $k => $v) {
@chmod($k, $v);
}
break;
case 'location_stats':
$workToDo = LocationsTmp::newInstance()->count();
if ($workToDo > 0) {
// there are wotk to do
$aLocations = LocationsTmp::newInstance()->getLocations(1000);
foreach ($aLocations as $location) {
$id = $location['id_location'];
$type = $location['e_type'];
$data = 0;
// update locations stats
switch ($type) {
case 'COUNTRY':
$numItems = CountryStats::newInstance()->calculateNumItems($id);
$data = CountryStats::newInstance()->setNumItems($id, $numItems);
unset($numItems);
break;
case 'REGION':
$numItems = RegionStats::newInstance()->calculateNumItems($id);
$data = RegionStats::newInstance()->setNumItems($id, $numItems);
unset($numItems);
break;
case 'CITY':
$numItems = CityStats::newInstance()->calculateNumItems($id);
$data = CityStats::newInstance()->setNumItems($id, $numItems);
unset($numItems);
break;
default:
break;
}
if ($data >= 0) {
LocationsTmp::newInstance()->delete(array('e_type' => $location['e_type'], 'id_location' => $location['id_location']));
}
}
$array['status'] = 'more';
$array['pending'] = $workToDo = LocationsTmp::newInstance()->count();
echo json_encode($array);
} else {
$array['status'] = 'done';
echo json_encode($array);
}
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
static function addHook($hook, $function, $priority = 5)
{
$hook = str_replace(osc_plugins_path(), '', $hook);
$found_plugin = false;
if (isset(Plugins::$hooks[$hook])) {
if (is_array(Plugins::$hooks[$hook])) {
foreach (Plugins::$hooks[$hook] as $fxName) {
if ($fxName == $function) {
$found_plugin = true;
break;
}
}
}
}
if (!$found_plugin) {
Plugins::$hooks[$hook][$priority][] = $function;
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'add':
$this->doView("plugins/add.php");
break;
case 'add_post':
$package = Params::getFiles("package");
$path = osc_plugins_path();
(int) ($status = osc_unzip_file($package['tmp_name'], $path));
switch ($status) {
case 0:
$msg = _m('The plugin folder is not writable');
break;
case 1:
$msg = _m('The plugin has been uploaded correctly');
break;
case 2:
$msg = _m('The zip file is not valid');
break;
case -1:
default:
$msg = _m('There was a problem adding the plugin');
break;
}
osc_add_flash_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'install':
$pn = Params::getParam("plugin");
Plugins::activate($pn);
//run this after installing the plugin
Plugins::runHook('install_' . $pn);
osc_add_flash_message(_m('Plugin installed'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'uninstall':
$pn = Params::getParam("plugin");
Plugins::runHook($pn . '_uninstall');
Plugins::deactivate($pn);
osc_add_flash_message(_m('Plugin uninstalled'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'admin':
global $active_plugins;
$plugin = Params::getParam("plugin");
if ($plugin != "") {
Plugins::runHook($plugin . '_configure');
}
break;
case 'admin_post':
Plugins::runHook('admin_post');
case 'renderplugin':
global $active_plugins;
$file = Params::getParam("file");
if ($file != "") {
// We pass the GET variables (in case we have somes)
if (preg_match('|(.+?)\\?(.*)|', $file, $match)) {
$file = $match[1];
if (preg_match_all('|&([^=]+)=([^&]*)|', urldecode('&' . $match[2] . '&'), $get_vars)) {
for ($var_k = 0; $var_k < count($get_vars[1]); $var_k++) {
//$_GET[$get_vars[1][$var_k]] = $get_vars[2][$var_k];
//$_REQUEST[$get_vars[1][$var_k]] = $get_vars[2][$var_k];
Params::setParam($get_vars[1][$var_k], $get_vars[2][$var_k]);
}
}
} else {
$file = $_REQUEST['file'];
}
$this->_exportVariableToView("file", osc_plugins_path() . $file);
//osc_renderPluginView($file);
$this->doView("plugins/view.php");
}
break;
case 'configure':
$plugin = Params::getParam("plugin");
if ($plugin != '') {
$plugin_data = Plugins::getInfo($plugin);
$this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
$this->_exportVariableToView("selected", PluginCategory::newInstance()->listSelected($plugin_data['short_name']));
$this->_exportVariableToView("plugin_data", $plugin_data);
$this->doView("plugins/configuration.php");
} else {
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
}
break;
case 'configure_post':
$plugin_short_name = Params::getParam("plugin_short_name");
$categories = Params::getParam("categories");
if ($plugin_short_name != "") {
Plugins::cleanCategoryFromPlugin($plugin_short_name);
if (isset($categories)) {
Plugins::addToCategoryPlugin($categories, $plugin_short_name);
}
} else {
osc_add_flash_message(_m('No plugin selected'), 'admin');
$this->doView("plugins/index.php");
}
osc_add_flash_message(_m('Configuration was saved'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
default:
$this->_exportVariableToView("plugins", Plugins::listAll());
$this->doView("plugins/index.php");
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'add':
$this->doView("plugins/add.php");
break;
case 'add_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
$package = Params::getFiles("package");
if (isset($package['size']) && $package['size'] != 0) {
$path = osc_plugins_path();
(int) ($status = osc_unzip_file($package['tmp_name'], $path));
} else {
$status = 3;
}
switch ($status) {
case 0:
$msg = _m('The plugin folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
case 1:
$msg = _m('The plugin has been uploaded correctly');
osc_add_flash_ok_message($msg, 'admin');
break;
case 2:
$msg = _m('The zip file is not valid');
osc_add_flash_error_message($msg, 'admin');
break;
case 3:
$msg = _m('No file was uploaded');
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins&action=add");
break;
case -1:
default:
$msg = _m('There was a problem adding the plugin');
osc_add_flash_error_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'install':
$pn = Params::getParam("plugin");
// CATCH FATAL ERRORS
$old_value = error_reporting(0);
register_shutdown_function(array($this, 'errorHandler'), $pn);
$installed = Plugins::install($pn);
if ($installed) {
//run this after installing the plugin
Plugins::runHook('install_' . $pn);
osc_add_flash_ok_message(_m('Plugin installed'), 'admin');
} else {
osc_add_flash_error_message(_m('Error: Plugin already installed'), 'admin');
}
error_reporting($old_value);
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'uninstall':
$pn = Params::getParam("plugin");
Plugins::runHook($pn . '_uninstall');
Plugins::uninstall($pn);
osc_add_flash_ok_message(_m('Plugin uninstalled'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'enable':
$pn = Params::getParam("plugin");
// CATCH FATAL ERRORS
$old_value = error_reporting(0);
register_shutdown_function(array($this, 'errorHandler'), $pn);
$enabled = Plugins::activate($pn);
if ($enabled) {
Plugins::runHook($pn . '_enable');
osc_add_flash_ok_message(_m('Plugin enabled'), 'admin');
} else {
osc_add_flash_error_message(_m('Error: Plugin already enabled'), 'admin');
}
error_reporting($old_value);
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'disable':
$pn = Params::getParam("plugin");
Plugins::runHook($pn . '_disable');
Plugins::deactivate($pn);
osc_add_flash_ok_message(_m('Plugin disabled'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'admin':
global $active_plugins;
$plugin = Params::getParam("plugin");
if ($plugin != "") {
Plugins::runHook($plugin . '_configure');
}
break;
case 'admin_post':
Plugins::runHook('admin_post');
case 'renderplugin':
global $active_plugins;
$file = Params::getParam("file");
if ($file != "") {
// We pass the GET variables (in case we have somes)
if (preg_match('|(.+?)\\?(.*)|', $file, $match)) {
$file = $match[1];
if (preg_match_all('|&([^=]+)=([^&]*)|', urldecode('&' . $match[2] . '&'), $get_vars)) {
for ($var_k = 0; $var_k < count($get_vars[1]); $var_k++) {
//$_GET[$get_vars[1][$var_k]] = $get_vars[2][$var_k];
//$_REQUEST[$get_vars[1][$var_k]] = $get_vars[2][$var_k];
Params::setParam($get_vars[1][$var_k], $get_vars[2][$var_k]);
}
}
} else {
$file = $_REQUEST['file'];
}
$this->_exportVariableToView("file", osc_plugins_path() . $file);
//osc_renderPluginView($file);
$this->doView("plugins/view.php");
}
break;
case 'render':
$file = Params::getParam("file");
if ($file != "") {
// We pass the GET variables (in case we have somes)
if (preg_match('|(.+?)\\?(.*)|', $file, $match)) {
$file = $match[1];
if (preg_match_all('|&([^=]+)=([^&]*)|', urldecode('&' . $match[2] . '&'), $get_vars)) {
for ($var_k = 0; $var_k < count($get_vars[1]); $var_k++) {
Params::setParam($get_vars[1][$var_k], $get_vars[2][$var_k]);
}
}
} else {
$file = $_REQUEST['file'];
}
$this->_exportVariableToView("file", ABS_PATH . $file);
$this->doView("theme/view.php");
}
break;
case 'configure':
$plugin = Params::getParam("plugin");
if ($plugin != '') {
$plugin_data = Plugins::getInfo($plugin);
$this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
$this->_exportVariableToView("selected", PluginCategory::newInstance()->listSelected($plugin_data['short_name']));
$this->_exportVariableToView("plugin_data", $plugin_data);
$this->doView("plugins/configuration.php");
} else {
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
}
break;
case 'configure_post':
$plugin_short_name = Params::getParam("plugin_short_name");
$categories = Params::getParam("categories");
if ($plugin_short_name != "") {
Plugins::cleanCategoryFromPlugin($plugin_short_name);
if (isset($categories)) {
Plugins::addToCategoryPlugin($categories, $plugin_short_name);
}
} else {
osc_add_flash_error_message(_m('No plugin selected'), 'admin');
$this->doView("plugins/index.php");
}
osc_add_flash_ok_message(_m('Configuration was saved'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
default:
$this->_exportVariableToView("plugins", Plugins::listAll());
$this->doView("plugins/index.php");
}
}
public static function processPayment()
{
require_once osc_plugins_path() . osc_plugin_folder(__FILE__) . 'lib/Stripe.php';
if (osc_get_preference('stripe_sandbox', 'payment') == 0) {
$stripe = array("secret_key" => osc_get_preference('stripe_secret_key', 'payment'), "publishable_key" => osc_get_preference('stripe_public_key', 'payment'));
} else {
$stripe = array("secret_key" => osc_get_preference('stripe_secret_key_test', 'payment'), "publishable_key" => osc_get_preference('stripe_public_key_test', 'payment'));
}
Stripe::setApiKey($stripe['secret_key']);
$token = Params::getParam('stripeToken');
$data = payment_get_custom(Params::getParam('extra'));
$amount = payment_get_amount($data['product']);
if ($amount <= 0) {
return PAYMENT_FAILED;
}
$customer = Stripe_Customer::create(array('email' => $data['email'], 'card' => $token));
try {
$charge = @Stripe_Charge::create(array('customer' => $customer->id, 'amount' => $amount * 100, 'currency' => osc_get_preference("currency", "payment")));
if ($charge->__get('paid') == 1) {
$exists = ModelPayment::newInstance()->getPaymentByCode($charge->__get('id'), 'STRIPE');
if (isset($exists['pk_i_id'])) {
return PAYMENT_ALREADY_PAID;
}
$product_type = explode('x', $data['product']);
Params::setParam('stripe_transaction_id', $charge->__get('id'));
// SAVE TRANSACTION LOG
$payment_id = ModelPayment::newInstance()->saveLog($data['concept'], $charge->__get('id'), $charge->__get('amount') / 100, $charge->__get('currency'), $data['email'], $data['user'], $data['itemid'], $product_type[0], 'STRIPE');
//source
if ($product_type[0] == '101') {
ModelPayment::newInstance()->payPublishFee($product_type[2], $payment_id);
} else {
if ($product_type[0] == '201') {
ModelPayment::newInstance()->payPremiumFee($product_type[2], $payment_id);
} else {
ModelPayment::newInstance()->addWallet($data['user'], $charge->__get('amount') / 100);
}
}
return PAYMENT_COMPLETED;
}
return PAYMENT_FAILED;
} catch (Stripe_CardError $e) {
return PAYMENT_FAILED;
}
return PAYMENT_FAILED;
}
<?php
require_once osc_plugins_path() . osc_plugin_folder(__FILE__) . 'CoinJar.php';
class CoinjarPayment
{
public function __construct()
{
}
public static function button($amount = '0.00', $description = '', $itemnumber = '101', $extra_array = null)
{
$extra = payment_prepare_custom($extra_array);
$extra .= 'concept,' . $description . '|';
$extra .= 'product,' . $itemnumber . '|';
$r = rand(0, 1000);
$extra .= 'random,' . $r;
echo '<li class="payment coinjar-btn"><a href="javascript:coinjar_pay(\'' . $amount . '\',\'' . $description . '\',\'' . $itemnumber . '\',\'' . $extra . '\');" ><img src="' . osc_base_url() . 'oc-content/plugins/' . osc_plugin_folder(__FILE__) . 'payment.png" ></a></li>';
}
public static function dialogJS()
{
?>
<div id="coinjar-dialog" title="<?php
_e('CoinJar', 'payment');
?>
" style="display: none;"><span id="coinjar-dialog-text"></span></div>
<script type="text/javascript">
function coinjar_pay(amount, description, itemnumber, extra) {
$('#coinjar-dialog-text').html('<?php
_e('You are going to be redirected to our payment processor to continue with the payment. Please wait', 'payment');
?>
');
$('#coinjar-dialog').dialog('open');
/**
* This function is called every time the page header is being rendered
*/
function fb_page_plugin()
{
if (dd_fb_page_url() != '') {
$fb_page_url = dd_fb_page_url();
$fb_page_width = dd_fb_page_width();
$fb_page_height = dd_fb_page_height();
$fb_show_faces = dd_fb_show_faces();
$hide_page_cover = dd_hide_page_cover();
$show_page_posts = dd_show_page_posts();
$use_small_header = dd_use_small_header();
$adapt_container_width = dd_adapt_container_width();
require_once osc_plugins_path() . 'fb_page_plugin/code.php';
}
}
public static function processPayment()
{
require_once osc_plugins_path() . osc_plugin_folder(__FILE__) . 'lib/Braintree.php';
Braintree_Configuration::environment(osc_get_preference('braintree_sandbox', 'payment'));
Braintree_Configuration::merchantId(payment_decrypt(osc_get_preference('braintree_merchant_id', 'payment')));
Braintree_Configuration::publicKey(payment_decrypt(osc_get_preference('braintree_public_key', 'payment')));
Braintree_Configuration::privateKey(payment_decrypt(osc_get_preference('braintree_private_key', 'payment')));
$data = payment_get_custom(Params::getParam('extra'));
$tmp = explode('x', $data['product']);
if (count($tmp) > 1) {
$amount = $tmp[1];
} else {
return PAYMENT_FAILED;
}
$result = Braintree_Transaction::sale(array('amount' => $amount, 'creditCard' => array('number' => Params::getParam('braintree_number'), 'cvv' => Params::getParam('braintree_cvv'), 'expirationMonth' => Params::getParam('braintree_month'), 'expirationYear' => Params::getParam('braintree_year')), 'options' => array('submitForSettlement' => true)));
print_r($result);
if ($result->success == 1) {
Params::setParam('braintree_transaction_id', $result->transaction->id);
$exists = ModelPayment::newInstance()->getPaymentByCode($result->transaction->id, 'BRAINTREE');
if (isset($exists['pk_i_id'])) {
return PAYMENT_ALREADY_PAID;
}
$product_type = explode('x', $data['product']);
// SAVE TRANSACTION LOG
$payment_id = ModelPayment::newInstance()->saveLog($data['concept'], $result->transaction->id, $result->transaction->amount, $result->transaction->currencyIsoCode, $data['email'], $data['user'], $data['itemid'], $product_type[0], 'BRAINTREE');
//source
if ($product_type[0] == '101') {
ModelPayment::newInstance()->payPublishFee($product_type[2], $payment_id);
} else {
if ($product_type[0] == '201') {
ModelPayment::newInstance()->payPremiumFee($product_type[2], $payment_id);
} else {
ModelPayment::newInstance()->addWallet($data['user'], $result->transaction->amount);
}
}
return PAYMENT_COMPLETED;
} else {
return PAYMENT_FAILED;
}
}
/**
* Gets urls for custom plugin administrations options
*
* @param string $file
* @return string
*/
function osc_admin_render_plugin_url($file = '')
{
$file = preg_replace('|/+|', '/', str_replace('\\', '/', $file));
$plugin_path = str_replace('\\', '/', osc_plugins_path());
$file = str_replace($plugin_path, '', $file);
return osc_admin_base_url(true) . '?page=plugins&action=renderplugin&file=' . $file;
}
/**
* Gets urls for custom plugin administrations options
*
* @param string $file
* @return string
*/
function osc_admin_render_plugin_url($file = '')
{
$file = str_replace(osc_plugins_path(), '', $file);
return osc_admin_base_url(true) . '?page=plugins&action=renderplugin&file=' . $file;
}
function current_user_picture()
{
// Configuration - Your Options ///////////////////////////////////////////////////////
$width = '100';
$height = '';
// height is optional. If you use a height, *MAKE SURE* it's proportional to the WIDTH
////// ***** No modifications below here should be needed ***** /////////////////////
// First, check to see if user has existing profile picture...
$user_id = osc_logged_user_id();
// the user id of the user profile we're at
$conn = getConnection();
$result = $conn->osc_dbFetchResult("SELECT user_id, pic_ext FROM %st_profile_picture WHERE user_id = {$user_id} ", DB_TABLE_PREFIX, $user_id);
if ($result > 0) {
$upload_path = osc_plugins_path() . 'profile_picture/images/';
$modtime = filemtime($upload_path . 'profile' . $user_id . $result['pic_ext']);
//ensures browser cache is refreshed if newer version of picture exists
// This is the picture HTML code displayed on page
echo '<img src="' . osc_base_url() . 'oc-content/plugins/profile_picture/images/profile' . $user_id . $result['pic_ext'] . '?' . $modtime . '">';
// width="'.$width.'" height="'.$height.'"display picture
} else {
echo '<img src="' . osc_base_url() . 'oc-content/plugins/profile_picture/no_picture.jpg">';
//width="'.$width.'" height="'.$height.'"
}
}
