function doModel() { switch ($this->action) { case 'login_post': //post execution for the login if (!osc_users_enabled()) { osc_add_flash_error_message(_m('Users are not enabled')); $this->redirectTo(osc_base_url()); } osc_csrf_check(); osc_run_hook('before_validating_login'); // e-mail or/and password is/are empty or incorrect $wrongCredentials = false; $email = Params::getParam('email'); $password = Params::getParam('password', false, false); if ($email == '') { osc_add_flash_error_message(_m('Please provide an email address')); $wrongCredentials = true; } if ($password == '') { osc_add_flash_error_message(_m('Empty passwords are not allowed. Please provide a password')); $wrongCredentials = true; } if ($wrongCredentials) { $this->redirectTo(osc_user_login_url()); } if (osc_validate_email($email)) { $user = User::newInstance()->findByEmail($email); } if (empty($user)) { $user = User::newInstance()->findByUsername($email); } if (empty($user)) { osc_add_flash_error_message(_m("The user doesn't exist")); $this->redirectTo(osc_user_login_url()); } if (!osc_verify_password($password, isset($user['s_password']) ? $user['s_password'] : '')) { osc_add_flash_error_message(_m('The password is incorrect')); $this->redirectTo(osc_user_login_url()); // @TODO if valid user, send email parameter back to the login form } else { if (@$user['s_password'] != '') { if (preg_match('|\\$2y\\$([0-9]{2})\\$|', $user['s_password'], $cost)) { if ($cost[1] != BCRYPT_COST) { User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id'])); } } else { User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id'])); } } } // e-mail or/and IP is/are banned $banned = osc_is_banned($email); // int 0: not banned or unknown, 1: email is banned, 2: IP is banned, 3: both email & IP are banned if ($banned & 1) { osc_add_flash_error_message(_m('Your current email is not allowed')); } if ($banned & 2) { osc_add_flash_error_message(_m('Your current IP is not allowed')); } if ($banned !== 0) { $this->redirectTo(osc_user_login_url()); } osc_run_hook('before_login'); $url_redirect = osc_get_http_referer(); $page_redirect = ''; if (osc_rewrite_enabled()) { if ($url_redirect != '') { $request_uri = urldecode(preg_replace('@^' . osc_base_url() . '@', "", $url_redirect)); $tmp_ar = explode("?", $request_uri); $request_uri = $tmp_ar[0]; $rules = Rewrite::newInstance()->listRules(); foreach ($rules as $match => $uri) { if (preg_match('#' . $match . '#', $request_uri, $m)) { $request_uri = preg_replace('#' . $match . '#', $uri, $request_uri); if (preg_match('|([&?]{1})page=([^&]*)|', '&' . $request_uri . '&', $match)) { $page_redirect = $match[2]; if ($page_redirect == '' || $page_redirect == 'login') { $url_redirect = osc_user_dashboard_url(); } } break; } } } } require_once LIB_PATH . 'osclass/UserActions.php'; $uActions = new UserActions(false); $logged = $uActions->bootstrap_login($user['pk_i_id']); if ($logged == 0) { osc_add_flash_error_message(_m("The user doesn't exist")); } else { if ($logged == 1) { if (time() - strtotime($user['dt_access_date']) > 1200) { // EACH 20 MINUTES osc_add_flash_error_message(sprintf(_m('The user has not been validated yet. Would you like to re-send your <a href="%s">activation?</a>'), osc_user_resend_activation_link($user['pk_i_id'], $user['s_email']))); } else { osc_add_flash_error_message(_m('The user has not been validated yet')); } } else { if ($logged == 2) { osc_add_flash_error_message(_m('The user has been suspended')); } else { if ($logged == 3) { if (Params::getParam('remember') == 1) { //this include contains de osc_genRandomPassword function require_once osc_lib_path() . 'osclass/helpers/hSecurity.php'; $secret = osc_genRandomPassword(); User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id'])); Cookie::newInstance()->set_expires(osc_time_cookie()); Cookie::newInstance()->push('oc_userId', $user['pk_i_id']); Cookie::newInstance()->push('oc_userSecret', $secret); Cookie::newInstance()->set(); } if ($url_redirect == '') { $url_redirect = osc_user_dashboard_url(); } osc_run_hook("after_login", $user, $url_redirect); $this->redirectTo(osc_apply_filter('correct_login_url_redirect', $url_redirect)); } else { osc_add_flash_error_message(_m('This should never happen')); } } } } if (!$user['b_enabled']) { $this->redirectTo(osc_user_login_url()); } $this->redirectTo(osc_user_login_url()); break; case 'resend': $id = Params::getParam('id'); $email = Params::getParam('email'); $user = User::newInstance()->findByPrimaryKey($id); if ($id == '' || $email == '' || !isset($user) || $user['b_active'] == 1 || $email != $user['s_email']) { osc_add_flash_error_message(_m('Incorrect link')); $this->redirectTo(osc_user_login_url()); } if (time() - strtotime($user['dt_access_date']) > 1200) { // EACH 20 MINUTES if (osc_notify_new_user()) { osc_run_hook('hook_email_admin_new_user', $user); } if (osc_user_validation_enabled()) { osc_run_hook('hook_email_user_validation', $user, $user); } User::newInstance()->update(array('dt_access_date' => date('Y-m-d H:i:s')), array('pk_i_id' => $user['pk_i_id'])); osc_add_flash_ok_message(_m('Validation email re-sent')); } else { osc_add_flash_warning_message(_m('We have just sent you an email to validate your account, you will have to wait a few minutes to resend it again')); } $this->redirectTo(osc_user_login_url()); break; case 'recover': //form to recover the password (in this case we have the form in /gui/) $this->doView('user-recover.php'); break; case 'recover_post': //post execution to recover the password osc_csrf_check(); require_once LIB_PATH . 'osclass/UserActions.php'; // e-mail is incorrect if (!preg_match('|^[a-z0-9\\.\\_\\+\\-]+@[a-z0-9\\.\\-]+\\.[a-z]{2,3}$|i', Params::getParam('s_email'))) { osc_add_flash_error_message(_m('Invalid email address')); $this->redirectTo(osc_recover_user_password_url()); } $userActions = new UserActions(false); $success = $userActions->recover_password(); switch ($success) { case 0: // recover ok osc_add_flash_ok_message(_m('We have sent you an email with the instructions to reset your password')); $this->redirectTo(osc_base_url()); break; case 1: // e-mail does not exist osc_add_flash_error_message(_m('We were not able to identify you given the information provided')); $this->redirectTo(osc_recover_user_password_url()); break; case 2: // recaptcha wrong osc_add_flash_error_message(_m('The recaptcha code is wrong')); $this->redirectTo(osc_recover_user_password_url()); break; } break; case 'forgot': //form to recover the password (in this case we have the form in /gui/) $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code')); if ($user) { $this->doView('user-forgot_password.php'); } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); $this->redirectTo(osc_base_url()); } break; case 'forgot_post': osc_csrf_check(); if (Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') { osc_add_flash_warning_message(_m('Password cannot be blank')); $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code'))); } $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code')); if ($user['b_enabled'] == 1) { if (Params::getParam('new_password', false, false) == Params::getParam('new_password2', false, false)) { User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => Params::getServerParam('REMOTE_ADDR'), 's_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => $user['pk_i_id'])); osc_add_flash_ok_message(_m('The password has been changed')); $this->redirectTo(osc_user_login_url()); } else { osc_add_flash_error_message(_m("Error, the password don't match")); $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code'))); } } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); } $this->redirectTo(osc_base_url()); break; default: //login Session::newInstance()->_setReferer(osc_get_http_referer()); if (osc_logged_user_id() != '') { $this->redirectTo(osc_user_dashboard_url()); } $this->doView('user-login.php'); } }
public function init() { // $_SERVER is not supported by Params Class... we should fix that if (isset($_SERVER['REQUEST_URI'])) { $request_uri = urldecode(preg_replace('@^' . REL_WEB_URL . '@', "", $_SERVER['REQUEST_URI'])); if (osc_rewrite_enabled()) { foreach ($this->rules as $match => $uri) { // UNCOMMENT TO DEBUG //echo 'Request URI: '.$request_uri." # Match : ".$match." # URI to go : ".$uri." <br />"; if (preg_match('#' . $match . '#', $request_uri, $m)) { $request_uri = preg_replace('#' . $match . '#', $uri, $request_uri); break; } } } $this->extractParams($request_uri); $this->request_uri = $request_uri; //$this->uri = $this->extractURL($request_uri); //$this->location = str_replace(".php", "", $this->uri); if (Params::getParam('page') != '') { $this->location = Params::getParam('page'); } if (Params::getParam('action') != '') { $this->section = Params::getParam('action'); } } }
function osc_static_page_url($locale = '') { if ($locale != '') { if (osc_rewrite_enabled()) { return osc_base_url() . osc_static_page_field("s_internal_name") . "-p" . osc_static_page_field("pk_i_id") . "-" . $locale; } else { return osc_base_url(true) . "?page=page&id=" . osc_static_page_field("pk_i_id") . "&lang=" . $locale; } } else { if (osc_rewrite_enabled()) { return osc_base_url() . osc_static_page_field("s_internal_name") . "-p" . osc_static_page_field("pk_i_id"); } else { return osc_base_url(true) . "?page=page&id=" . osc_static_page_field("pk_i_id"); } } }
function pop_init_config() { // block send_friend, send_friend_post if (Params::getParam('action') == 'send_friend' || Params::getParam('action') == 'send_friend_post') { pop_redirect_404(); } if (Params::getParam('action') == 'pub_profile') { Params::setParam('itemsPerPage', osc_default_results_per_page_at_search()); } if (!osc_rewrite_enabled()) { if (Params::getParam('page') == 'search' && Params::getParam('hook') == 'load_more_listing') { // no stdio at search page, only via ajax osc_add_hook('after_search', 'pop_echo_pop_print_listing_card'); } } }
/** * Gets link for mark as expired the current item * * @return string */ function osc_item_link_expired() { if (!osc_rewrite_enabled()) { $url = osc_base_url(true) . "?page=item&action=mark&as=expired&id=" . osc_item_id(); } else { $url = osc_base_url() . osc_get_preference('rewrite_item_mark') . "/expired/" . osc_item_id(); } return (string) $url; }
public function init() { if (Params::existServerParam('REQUEST_URI')) { if (preg_match('|[\\?&]{1}http_referer=(.*)$|', urldecode(Params::getServerParam('REQUEST_URI', false, false)), $ref_match)) { $this->http_referer = $ref_match[1]; $_SERVER['REQUEST_URI'] = preg_replace('|[\\?&]{1}http_referer=(.*)$|', "", urldecode(Params::getServerParam('REQUEST_URI', false, false))); } $request_uri = preg_replace('@^' . REL_WEB_URL . '@', "", urldecode(Params::getServerParam('REQUEST_URI', false, false))); $this->raw_request_uri = $request_uri; $route_used = false; foreach ($this->routes as $id => $route) { // UNCOMMENT TO DEBUG //echo 'Request URI: '.$request_uri." # Match : ".$route['regexp']." # URI to go : ".$route['url']." <br />"; if (preg_match('#^' . $route['regexp'] . '#', $request_uri, $m)) { if (!preg_match_all('#\\{([^\\}]+)\\}#', $route['url'], $args)) { $args[1] = array(); } $l = count($m); for ($p = 1; $p < $l; $p++) { if (isset($args[1][$p - 1])) { Params::setParam($args[1][$p - 1], $m[$p]); } else { Params::setParam('route_param_' . $p, $m[$p]); } } Params::setParam('page', 'custom'); Params::setParam('route', $id); $route_used = true; $this->location = $route['location']; $this->section = $route['section']; $this->title = $route['title']; break; } } if (!$route_used) { if (osc_rewrite_enabled()) { $tmp_ar = explode("?", $request_uri); $request_uri = $tmp_ar[0]; // if try to access directly to a php file if (preg_match('#^(.+?)\\.php(.*)$#', $request_uri)) { $file = explode("?", $request_uri); if (!file_exists(ABS_PATH . $file[0])) { Rewrite::newInstance()->set_location('error'); header('HTTP/1.1 404 Not Found'); osc_current_web_theme_path('404.php'); exit; } } foreach ($this->rules as $match => $uri) { // UNCOMMENT TO DEBUG // echo 'Request URI: '.$request_uri." # Match : ".$match." # URI to go : ".$uri." <br />"; if (preg_match('#^' . $match . '#', $request_uri, $m)) { $request_uri = preg_replace('#' . $match . '#', $uri, $request_uri); break; } } } $this->extractParams($request_uri); $this->request_uri = $request_uri; if (Params::getParam('page') != '') { $this->location = Params::getParam('page'); } if (Params::getParam('action') != '') { $this->section = Params::getParam('action'); } } } }
/** * Gets the url of current "list city"" * * @return string */ function osc_list_city_url() { if (osc_rewrite_enabled()) { $url = osc_base_url(); if (osc_get_preference('seo_url_search_prefix') != '') { $url .= osc_get_preference('seo_url_search_prefix') . '/'; } $url .= osc_sanitizeString(osc_list_city_name()) . '-c' . osc_list_city_id(); return $url; } else { return osc_search_url(array('sCity' => osc_list_city_id())); } }
function doModel() { osc_run_hook('before_search'); if (osc_rewrite_enabled()) { // IF rewrite is not enabled, skip this part, preg_match is always time&resources consuming task $p_sParams = "/" . Params::getParam('sParams', false, false); if (preg_match_all('|\\/([^,]+),([^\\/]*)|', $p_sParams, $m)) { $l = count($m[0]); for ($k = 0; $k < $l; $k++) { switch ($m[1][$k]) { case osc_get_preference('rewrite_search_country'): $m[1][$k] = 'sCountry'; break; case osc_get_preference('rewrite_search_region'): $m[1][$k] = 'sRegion'; break; case osc_get_preference('rewrite_search_city'): $m[1][$k] = 'sCity'; break; case osc_get_preference('rewrite_search_city_area'): $m[1][$k] = 'sCityArea'; break; case osc_get_preference('rewrite_search_category'): $m[1][$k] = 'sCategory'; break; case osc_get_preference('rewrite_search_user'): $m[1][$k] = 'sUser'; break; case osc_get_preference('rewrite_search_pattern'): $m[1][$k] = 'sPattern'; break; default: // custom fields if (preg_match("/meta(\\d+)-?(.*)?/", $m[1][$k], $results)) { $meta_key = $m[1][$k]; $meta_value = $m[2][$k]; $array_r = array(); if (Params::existParam('meta')) { $array_r = Params::getParam('meta'); } if ($results[2] == '') { // meta[meta_id] = meta_value $meta_key = $results[1]; $array_r[$meta_key] = $meta_value; } else { // meta[meta_id][meta_key] = meta_value $meta_key = $results[1]; $meta_key2 = $results[2]; $array_r[$meta_key][$meta_key2] = $meta_value; } $m[1][$k] = 'meta'; $m[2][$k] = $array_r; } break; } Params::setParam($m[1][$k], $m[2][$k]); } Params::unsetParam('sParams'); } } $uriParams = Params::getParamsAsArray(); $searchUri = osc_search_url($uriParams); if ($this->uri != 'feed') { if (str_replace("%20", '+', $searchUri) != str_replace("%20", '+', WEB_PATH . $this->uri)) { $this->redirectTo($searchUri, 301); } } //////////////////////////////// //GETTING AND FIXING SENT DATA// //////////////////////////////// $p_sCategory = Params::getParam('sCategory'); if (!is_array($p_sCategory)) { if ($p_sCategory == '') { $p_sCategory = array(); } else { $p_sCategory = explode(",", $p_sCategory); } } $p_sCityArea = Params::getParam('sCityArea'); if (!is_array($p_sCityArea)) { if ($p_sCityArea == '') { $p_sCityArea = array(); } else { $p_sCityArea = explode(",", $p_sCityArea); } } $p_sCity = Params::getParam('sCity'); if (!is_array($p_sCity)) { if ($p_sCity == '') { $p_sCity = array(); } else { $p_sCity = explode(",", $p_sCity); } } $p_sRegion = Params::getParam('sRegion'); if (!is_array($p_sRegion)) { if ($p_sRegion == '') { $p_sRegion = array(); } else { $p_sRegion = explode(",", $p_sRegion); } } $p_sCountry = Params::getParam('sCountry'); if (!is_array($p_sCountry)) { if ($p_sCountry == '') { $p_sCountry = array(); } else { $p_sCountry = explode(",", $p_sCountry); } } $p_sUser = Params::getParam('sUser'); if (!is_array($p_sUser)) { if ($p_sUser == '') { $p_sUser = ''; } else { $p_sUser = explode(",", $p_sUser); } } $p_sLocale = Params::getParam('sLocale'); if (!is_array($p_sLocale)) { if ($p_sLocale == '') { $p_sLocale = ''; } else { $p_sLocale = explode(",", $p_sLocale); } } $p_sPattern = trim(strip_tags(Params::getParam('sPattern'))); // ADD TO THE LIST OF LAST SEARCHES if (osc_save_latest_searches() && (!Params::existParam('iPage') || Params::getParam('iPage') == 1)) { $savePattern = osc_apply_filter('save_latest_searches_pattern', $p_sPattern); if ($savePattern != '') { LatestSearches::newInstance()->insert(array('s_search' => $savePattern, 'd_date' => date('Y-m-d H:i:s'))); } } $p_bPic = Params::getParam('bPic'); $p_bPic = $p_bPic == 1 ? 1 : 0; $p_bPremium = Params::getParam('bPremium'); $p_bPremium = $p_bPremium == 1 ? 1 : 0; $p_sPriceMin = Params::getParam('sPriceMin'); $p_sPriceMax = Params::getParam('sPriceMax'); //WE CAN ONLY USE THE FIELDS RETURNED BY Search::getAllowedColumnsForSorting() $p_sOrder = Params::getParam('sOrder'); if (!in_array($p_sOrder, Search::getAllowedColumnsForSorting())) { $p_sOrder = osc_default_order_field_at_search(); } $old_order = $p_sOrder; //ONLY 0 ( => 'asc' ), 1 ( => 'desc' ) AS ALLOWED VALUES $p_iOrderType = Params::getParam('iOrderType'); $allowedTypesForSorting = Search::getAllowedTypesForSorting(); $orderType = osc_default_order_type_at_search(); foreach ($allowedTypesForSorting as $k => $v) { if ($p_iOrderType == $v) { $orderType = $k; break; } } $p_iOrderType = $orderType; $p_sFeed = Params::getParam('sFeed'); $p_iPage = 0; if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') > 0) { $p_iPage = intval(Params::getParam('iPage')) - 1; } if ($p_sFeed != '') { $p_sPageSize = 1000; } $p_sShowAs = Params::getParam('sShowAs'); $aValidShowAsValues = array('list', 'gallery'); if (!in_array($p_sShowAs, $aValidShowAsValues)) { $p_sShowAs = osc_default_show_as_at_search(); } // search results: it's blocked with the maxResultsPerPage@search defined in t_preferences $p_iPageSize = intval(Params::getParam('iPagesize')); if ($p_iPageSize > 0) { if ($p_iPageSize > osc_max_results_per_page_at_search()) { $p_iPageSize = osc_max_results_per_page_at_search(); } } else { $p_iPageSize = osc_default_results_per_page_at_search(); } //FILTERING CATEGORY $bAllCategoriesChecked = false; $successCat = false; if (count($p_sCategory) > 0) { foreach ($p_sCategory as $category) { $successCat = $this->mSearch->addCategory($category) || $successCat; } } else { $bAllCategoriesChecked = true; } //FILTERING CITY_AREA foreach ($p_sCityArea as $city_area) { $this->mSearch->addCityArea($city_area); } $p_sCityArea = implode(", ", $p_sCityArea); //FILTERING CITY foreach ($p_sCity as $city) { $this->mSearch->addCity($city); } $p_sCity = implode(", ", $p_sCity); //FILTERING REGION foreach ($p_sRegion as $region) { $this->mSearch->addRegion($region); } $p_sRegion = implode(", ", $p_sRegion); //FILTERING COUNTRY foreach ($p_sCountry as $country) { $this->mSearch->addCountry($country); } $p_sCountry = implode(", ", $p_sCountry); // FILTERING PATTERN if ($p_sPattern != '') { $this->mSearch->addPattern($p_sPattern); $osc_request['sPattern'] = $p_sPattern; } else { // hardcoded - if there isn't a search pattern, order by dt_pub_date desc if ($p_sOrder == 'relevance') { $p_sOrder = 'dt_pub_date'; foreach ($allowedTypesForSorting as $k => $v) { if ($p_iOrderType == 'desc') { $orderType = $k; break; } } $p_iOrderType = $orderType; } } // FILTERING USER if ($p_sUser != '') { $this->mSearch->fromUser($p_sUser); } // FILTERING LOCALE $this->mSearch->addLocale($p_sLocale); // FILTERING IF WE ONLY WANT ITEMS WITH PICS if ($p_bPic) { $this->mSearch->withPicture(true); } // FILTERING IF WE ONLY WANT PREMIUM ITEMS if ($p_bPremium) { $this->mSearch->onlyPremium(true); } //FILTERING BY RANGE PRICE $this->mSearch->priceRange($p_sPriceMin, $p_sPriceMax); //ORDERING THE SEARCH RESULTS $this->mSearch->order($p_sOrder, $allowedTypesForSorting[$p_iOrderType]); //SET PAGE if ($p_sFeed == 'rss') { // If param sFeed=rss, just output last 'osc_num_rss_items()' $this->mSearch->page(0, osc_num_rss_items()); } else { $this->mSearch->page($p_iPage, $p_iPageSize); } // CUSTOM FIELDS $custom_fields = Params::getParam('meta'); $fields = Field::newInstance()->findIDSearchableByCategories($p_sCategory); $table = DB_TABLE_PREFIX . 't_item_meta'; if (is_array($custom_fields)) { foreach ($custom_fields as $key => $aux) { if (in_array($key, $fields)) { $field = Field::newInstance()->findByPrimaryKey($key); switch ($field['e_type']) { case 'TEXTAREA': case 'TEXT': case 'URL': if ($aux != '') { $aux = "%{$aux}%"; $sql = "SELECT fk_i_item_id FROM {$table} WHERE "; $str_escaped = Search::newInstance()->dao->escape($aux); $sql .= $table . '.fk_i_field_id = ' . $key . ' AND '; $sql .= $table . ".s_value LIKE " . $str_escaped; $this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')'); } break; case 'DROPDOWN': case 'RADIO': if ($aux != '') { $sql = "SELECT fk_i_item_id FROM {$table} WHERE "; $str_escaped = Search::newInstance()->dao->escape($aux); $sql .= $table . '.fk_i_field_id = ' . $key . ' AND '; $sql .= $table . ".s_value = " . $str_escaped; $this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')'); } break; case 'CHECKBOX': if ($aux != '') { $sql = "SELECT fk_i_item_id FROM {$table} WHERE "; $sql .= $table . '.fk_i_field_id = ' . $key . ' AND '; $sql .= $table . ".s_value = 1"; $this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')'); } break; case 'DATE': if ($aux != '') { $y = (int) date('Y', $aux); $m = (int) date('n', $aux); $d = (int) date('j', $aux); $start = mktime('0', '0', '0', $m, $d, $y); $end = mktime('23', '59', '59', $m, $d, $y); $sql = "SELECT fk_i_item_id FROM {$table} WHERE "; $sql .= $table . '.fk_i_field_id = ' . $key . ' AND '; $sql .= $table . ".s_value >= " . $start . " AND "; $sql .= $table . ".s_value <= " . $end; $this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')'); } break; case 'DATEINTERVAL': if (is_array($aux) && (!empty($aux['from']) && !empty($aux['to']))) { $from = $aux['from']; $to = $aux['to']; $start = $from; $end = $to; $sql = "SELECT fk_i_item_id FROM {$table} WHERE "; $sql .= $table . '.fk_i_field_id = ' . $key . ' AND '; $sql .= $start . " >= " . $table . ".s_value AND s_multi = 'from'"; $sql1 = "SELECT fk_i_item_id FROM {$table} WHERE "; $sql1 .= $table . ".fk_i_field_id = " . $key . " AND "; $sql1 .= $end . " <= " . $table . ".s_value AND s_multi = 'to'"; $sql_interval = "select a.fk_i_item_id from (" . $sql . ") a where a.fk_i_item_id IN (" . $sql1 . ")"; $this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql_interval . ')'); } break; default: break; } } } } osc_run_hook('search_conditions', Params::getParamsAsArray()); // RETRIEVE ITEMS AND TOTAL $key = md5(osc_base_url() . $this->mSearch->toJson()); $found = null; $cache = osc_cache_get($key, $found); $aItems = null; $iTotalItems = null; if ($cache) { $aItems = $cache['aItems']; $iTotalItems = $cache['iTotalItems']; } else { $aItems = $this->mSearch->doSearch(); $iTotalItems = $this->mSearch->count(); $_cache['aItems'] = $aItems; $_cache['iTotalItems'] = $iTotalItems; osc_cache_set($key, $_cache, OSC_CACHE_TTL); } $iStart = $p_iPage * $p_iPageSize; $iEnd = min(($p_iPage + 1) * $p_iPageSize, $iTotalItems); $iNumPages = ceil($iTotalItems / $p_iPageSize); // works with cache enabled ? osc_run_hook('search', $this->mSearch); //preparing variables... $countryName = $p_sCountry; if (strlen($p_sCountry) == 2) { $c = Country::newInstance()->findByCode($p_sCountry); if ($c) { $countryName = $c['s_name']; } } $regionName = $p_sRegion; if (is_numeric($p_sRegion)) { $r = Region::newInstance()->findByPrimaryKey($p_sRegion); if ($r) { $regionName = $r['s_name']; } } $cityName = $p_sCity; if (is_numeric($p_sCity)) { $c = City::newInstance()->findByPrimaryKey($p_sCity); if ($c) { $cityName = $c['s_name']; } } $this->_exportVariableToView('search_start', $iStart); $this->_exportVariableToView('search_end', $iEnd); $this->_exportVariableToView('search_category', $p_sCategory); // hardcoded - non pattern and order by relevance $p_sOrder = $old_order; $this->_exportVariableToView('search_order_type', $p_iOrderType); $this->_exportVariableToView('search_order', $p_sOrder); $this->_exportVariableToView('search_pattern', $p_sPattern); $this->_exportVariableToView('search_from_user', $p_sUser); $this->_exportVariableToView('search_total_pages', $iNumPages); $this->_exportVariableToView('search_page', $p_iPage); $this->_exportVariableToView('search_has_pic', $p_bPic); $this->_exportVariableToView('search_only_premium', $p_bPremium); $this->_exportVariableToView('search_country', $countryName); $this->_exportVariableToView('search_region', $regionName); $this->_exportVariableToView('search_city', $cityName); $this->_exportVariableToView('search_price_min', $p_sPriceMin); $this->_exportVariableToView('search_price_max', $p_sPriceMax); $this->_exportVariableToView('search_total_items', $iTotalItems); $this->_exportVariableToView('items', $aItems); $this->_exportVariableToView('search_show_as', $p_sShowAs); $this->_exportVariableToView('search', $this->mSearch); // json $json = $this->mSearch->toJson(); $encoded_alert = base64_encode(osc_encrypt_alert($json)); // Create the HMAC signature and convert the resulting hex hash into base64 $stringToSign = osc_get_alert_public_key() . $encoded_alert; $signature = hex2b64(hmacsha1(osc_get_alert_private_key(), $stringToSign)); $server_signature = Session::newInstance()->_set('alert_signature', $signature); $this->_exportVariableToView('search_alert', $encoded_alert); // calling the view... if (count($aItems) === 0) { header('HTTP/1.1 404 Not Found'); } osc_run_hook("after_search"); if (!Params::existParam('sFeed')) { $this->doView('search.php'); } else { if ($p_sFeed == '' || $p_sFeed == 'rss') { // FEED REQUESTED! header('Content-type: text/xml; charset=utf-8'); $feed = new RSSFeed(); $feed->setTitle(__('Latest listings added') . ' - ' . osc_page_title()); $feed->setLink(osc_base_url()); $feed->setDescription(__('Latest listings added in') . ' ' . osc_page_title()); if (osc_count_items() > 0) { while (osc_has_items()) { if (osc_count_item_resources() > 0) { osc_has_item_resources(); $feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'country' => osc_item_country(), 'region' => osc_item_region(), 'city' => osc_item_city(), 'city_area' => osc_item_city_area(), 'category' => osc_item_category(), 'dt_pub_date' => osc_item_pub_date(), 'image' => array('url' => htmlentities(osc_resource_thumbnail_url(), ENT_COMPAT, "UTF-8"), 'title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8")))); } else { $feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'country' => osc_item_country(), 'region' => osc_item_region(), 'city' => osc_item_city(), 'city_area' => osc_item_city_area(), 'category' => osc_item_category(), 'dt_pub_date' => osc_item_pub_date())); } } } osc_run_hook('feed', $feed); $feed->dumpXML(); } else { osc_run_hook('feed_' . $p_sFeed, $aItems); } } }
/** * Gets current page url * * @param string $locale * @return string */ function osc_static_page_url($locale = '') { if (osc_rewrite_enabled()) { $sanitized_categories = array(); $cat = Category::newInstance()->hierarchy(osc_item_category_id()); for ($i = count($cat); $i > 0; $i--) { $sanitized_categories[] = $cat[$i - 1]['s_slug']; } $url = str_replace('{PAGE_TITLE}', osc_static_page_title(), str_replace('{PAGE_ID}', osc_static_page_id(), str_replace('{PAGE_SLUG}', urlencode(osc_static_page_slug()), osc_get_preference('rewrite_page_url')))); if ($locale != '') { $path = osc_base_url() . $locale . "/" . $url; } else { $path = osc_base_url() . $url; } } else { if ($locale != '') { $path = osc_base_url(true) . "?page=page&id=" . osc_static_page_id() . "&lang=" . $locale; } else { $path = osc_base_url(true) . "?page=page&id=" . osc_static_page_id(); } } return $path; }
</div> <div class="form-row"> <div class="form-label"><?php _e('User change email confirm'); ?></div> <div class="form-controls"> <input type="text" class="input-large" name="rewrite_user_change_email_confirm" value="<?php echo osc_esc_html(osc_get_preference('rewrite_user_change_email_confirm')); ?>" /> </div> </div> <div class="form-row"> <div class="form-label"><?php _e('User change username'); ?></div> <div class="form-controls"> <input type="text" class="input-large" name="rewrite_user_change_username" value="<?php echo osc_esc_html(osc_get_preference('rewrite_user_change_username')); ?>" /> </div> </div> </div> </div> <?php if( osc_rewrite_enabled() ) { ?> <?php if( file_exists(osc_base_path() . '.htaccess') ) { ?> <div class="form-row"> <h3 class="separate-top"><?php _e('Your .htaccess file') ?></h3> <pre><?php $htaccess_content = file_get_contents(osc_base_path() . '.htaccess'); echo htmlentities($htaccess_content); ?></pre> </div> <div class="form-row"> <h3 class="separate-top"><?php _e('What your .htaccess file should look like') ?></h3> <pre><?php $rewrite_base = REL_WEB_URL; $htaccess = <<<HTACCESS <IfModule mod_rewrite.c> RewriteEngine On
function doModel() { //calling the view... $locales = OSCLocale::newInstance()->listAllEnabled(); $this->_exportVariableToView('locales', $locales); switch ($this->action) { case 'item_add': // post if (osc_reg_user_post() && $this->user == null) { osc_add_flash_warning_message(_m('Only registered users are allowed to post listings')); $this->redirectTo(osc_user_login_url()); } $countries = Country::newInstance()->listAll(); $regions = array(); if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') { $regions = Region::newInstance()->findByCountry($this->user['fk_c_country_code']); } else { if (count($countries) > 0) { $regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']); } } $cities = array(); if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') { $cities = City::newInstance()->findByRegion($this->user['fk_i_region_id']); } else { if (count($regions) > 0) { $cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']); } } $this->_exportVariableToView('countries', $countries); $this->_exportVariableToView('regions', $regions); $this->_exportVariableToView('cities', $cities); $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } if (Session::newInstance()->_getForm('countryId') != "") { $countryId = Session::newInstance()->_getForm('countryId'); $regions = Region::newInstance()->findByCountry($countryId); $this->_exportVariableToView('regions', $regions); if (Session::newInstance()->_getForm('regionId') != "") { $regionId = Session::newInstance()->_getForm('regionId'); $cities = City::newInstance()->findByRegion($regionId); $this->_exportVariableToView('cities', $cities); } } $this->_exportVariableToView('user', $this->user); osc_run_hook('post_item'); $this->doView('item-post.php'); break; case 'item_add_post': //post_item if (osc_reg_user_post() && $this->user == null) { osc_add_flash_warning_message(_m('Only registered users are allowed to post listings')); $this->redirectTo(osc_base_url(true)); } $mItems = new ItemActions(false); // prepare data for ADD ITEM $mItems->prepareData(true); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_post_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } if (!osc_is_web_user_logged_in()) { $user = User::newInstance()->findByEmail($mItems->data['contactEmail']); // The user exists but it's not logged if (isset($user['pk_i_id'])) { foreach ($mItems->data as $key => $value) { Session::newInstance()->_keepForm($key); } osc_add_flash_error_message(_m('A user with that email address already exists, if it is you, please log in')); $this->redirectTo(osc_user_login_url()); } } // POST ITEM ( ADD ITEM ) $success = $mItems->add(); if ($success != 1 && $success != 2) { osc_add_flash_error_message($success); $this->redirectTo(osc_item_post_url()); } else { Session::newInstance()->_dropkeepForm('meta_' . $key); if ($success == 1) { osc_add_flash_ok_message(_m('Check your inbox to validate your listing')); } else { osc_add_flash_ok_message(_m('Your listing has been published')); } $itemId = Params::getParam('itemId'); $item = $this->itemManager->findByPrimaryKey($itemId); osc_run_hook('posted_item', $item); $category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId')); View::newInstance()->_exportVariableToView('category', $category); $this->redirectTo(osc_search_category_url()); } break; case 'item_edit': // edit item $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId)); if (count($item) == 1) { $item = Item::newInstance()->findByPrimaryKey($id); $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } $this->_exportVariableToView('item', $item); osc_run_hook("before_item_edit", $item); $this->doView('item-edit.php'); } else { // add a flash message [ITEM NO EXISTE] osc_add_flash_error_message(_m("Sorry, we don't have any listings with that ID")); if ($this->user != null) { $this->redirectTo(osc_user_list_items_url()); } else { $this->redirectTo(osc_base_url()); } } break; case 'item_edit_post': // recoger el secret y el $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId)); if (count($item) == 1) { $this->_exportVariableToView('item', $item[0]); $mItems = new ItemActions(false); // prepare data for ADD ITEM $mItems->prepareData(false); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_edit_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $success = $mItems->edit(); osc_run_hook('edited_item', Item::newInstance()->findByPrimaryKey($id)); if ($success == 1) { osc_add_flash_ok_message(_m("Great! We've just updated your listing")); View::newInstance()->_exportVariableToView("item", Item::newInstance()->findByPrimaryKey($id)); $this->redirectTo(osc_item_url()); } else { osc_add_flash_error_message($success); $this->redirectTo(osc_item_edit_url($secret)); } } break; case 'activate': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId)); // item doesn't exist if (count($item) == 0) { $this->do404(); return; } View::newInstance()->_exportVariableToView('item', $item[0]); if ($item[0]['b_active'] == 0) { // ACTIVETE ITEM $mItems = new ItemActions(false); $success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']); if ($success) { osc_add_flash_ok_message(_m('The listing has been validated')); } else { osc_add_flash_error_message(_m("The listing can't be validated")); } } else { osc_add_flash_warning_message(_m('The listing has already been validated')); } $this->redirectTo(osc_item_url()); break; case 'item_delete': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId)); if (count($item) == 1) { $mItems = new ItemActions(false); $success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']); if ($success) { osc_add_flash_ok_message(_m('Your listing has been deleted')); } else { osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted")); } if ($this->user != null) { $this->redirectTo(osc_user_list_items_url()); } else { $this->redirectTo(osc_base_url()); } } else { osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted")); $this->redirectTo(osc_base_url()); } break; case 'mark': $id = Params::getParam('id'); $as = Params::getParam('as'); $item = Item::newInstance()->findByPrimaryKey($id); View::newInstance()->_exportVariableToView('item', $item); require_once osc_lib_path() . 'osclass/user-agents.php'; foreach ($user_agents as $ua) { if (preg_match('|' . $ua . '|', @$_SERVER['HTTP_USER_AGENT'])) { // mark item if it's not a bot $mItem = new ItemActions(false); $mItem->mark($id, $as); break; } } osc_add_flash_ok_message(_m("Thanks! That's very helpful")); $this->redirectTo(osc_item_url()); break; case 'send_friend': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); $this->doView('item-send-friend.php'); break; case 'send_friend_post': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail')); Session::newInstance()->_setForm("yourName", Params::getParam('yourName')); Session::newInstance()->_setForm("friendName", Params::getParam('friendName')); Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail')); Session::newInstance()->_setForm("message_body", Params::getParam('message')); if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_send_friend_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $mItem = new ItemActions(false); $success = $mItem->send_friend(); if ($success) { Session::newInstance()->_clearVariables(); $this->redirectTo(osc_item_url()); } else { $this->redirectTo(osc_item_send_friend_url()); } break; case 'contact': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); if (empty($item)) { osc_add_flash_error_message(_m("This listing doesn't exist")); $this->redirectTo(osc_base_url(true)); } else { $this->_exportVariableToView('item', $item); if (osc_item_is_expired()) { osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller")); $this->redirectTo(osc_item_url()); } if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) { $this->doView('item-contact.php'); } else { osc_add_flash_error_message(_m("You can't contact the seller, only registered users can")); $this->redirectTo(osc_item_url()); } } break; case 'contact_post': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail')); Session::newInstance()->_setForm("yourName", Params::getParam('yourName')); Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber')); Session::newInstance()->_setForm("message_body", Params::getParam('message')); $this->redirectTo(osc_item_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } if (osc_isExpired($item['dt_expiration'])) { osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller")); $this->redirectTo(osc_item_url()); } $mItem = new ItemActions(false); $result = $mItem->contact(); if (is_string($result)) { osc_add_flash_error_message($result); } else { osc_add_flash_ok_message(_m("We've just sent an e-mail to the seller")); } $this->redirectTo(osc_item_url()); break; case 'add_comment': $mItem = new ItemActions(false); $status = $mItem->add_comment(); switch ($status) { case -1: $msg = _m('Sorry, we could not save your comment. Try again later'); osc_add_flash_error_message($msg); break; case 1: $msg = _m('Your comment is awaiting moderation'); osc_add_flash_info_message($msg); break; case 2: $msg = _m('Your comment has been approved'); osc_add_flash_ok_message($msg); break; case 3: $msg = _m('Please fill the required field (email)'); osc_add_flash_warning_message($msg); break; case 4: $msg = _m('Please type a comment'); osc_add_flash_warning_message($msg); break; case 5: $msg = _m('Your comment has been marked as spam'); osc_add_flash_error_message($msg); break; } $this->redirectTo(osc_item_url()); break; case 'delete_comment': $mItem = new ItemActions(false); $status = $mItem->add_comment(); $itemId = Params::getParam('id'); $commentId = Params::getParam('comment'); $item = Item::newInstance()->findByPrimaryKey($itemId); if (count($item) == 0) { osc_add_flash_error_message(_m("This listing doesn't exist")); $this->redirectTo(osc_base_url(true)); } View::newInstance()->_exportVariableToView('item', $item); if ($this->userId == null) { osc_add_flash_error_message(_m('You must be logged in to delete a comment')); $this->redirectTo(osc_item_url()); } $commentManager = ItemComment::newInstance(); $aComment = $commentManager->findByPrimaryKey($commentId); if (count($aComment) == 0) { osc_add_flash_error_message(_m("The comment doesn't exist")); $this->redirectTo(osc_item_url()); } if ($aComment['b_active'] != 1) { osc_add_flash_error_message(_m('The comment is not active, you cannot delete it')); $this->redirectTo(osc_item_url()); } if ($aComment['fk_i_user_id'] != $this->userId) { osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it')); $this->redirectTo(osc_item_url()); } $commentManager->deleteByPrimaryKey($commentId); osc_add_flash_ok_message(_m('The comment has been deleted')); $this->redirectTo(osc_item_url()); break; default: // if there isn't ID, show an error 404 if (Params::getParam('id') == '') { $this->do404(); return; } if (Params::getParam('lang') != '') { Session::newInstance()->_set('userLocale', Params::getParam('lang')); } $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); // if item doesn't exist show an error 404 if (count($item) == 0) { $this->do404(); return; } if ($item['b_active'] != 1) { if ($this->userId == $item['fk_i_user_id']) { osc_add_flash_warning_message(_m("The listing hasn't been validated. Please validate it in order to make it public")); } else { osc_add_flash_warning_message(_m("This listing hasn't been validated")); $this->redirectTo(osc_base_url(true)); } } else { if ($item['b_enabled'] == 0) { osc_add_flash_warning_message(_m('The listing has been suspended')); $this->redirectTo(osc_base_url(true)); } } if (!osc_is_admin_user_logged_in()) { require_once osc_lib_path() . 'osclass/user-agents.php'; foreach ($user_agents as $ua) { if (preg_match('|' . $ua . '|', @$_SERVER['HTTP_USER_AGENT'])) { $mStats = new ItemStats(); $mStats->increase('i_num_views', $item['pk_i_id']); break; } } } foreach ($item['locale'] as $k => $v) { $item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']); $item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description'])); } if ($item['fk_i_user_id'] != '') { $user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']); $this->_exportVariableToView('user', $user); } $this->_exportVariableToView('item', $item); osc_run_hook('show_item', $item); // redirect to the correct url just in case it has changed $itemURI = str_replace(osc_base_url(), '', osc_item_url()); $URI = preg_replace('|^' . REL_WEB_URL . '|', '', $_SERVER['REQUEST_URI']); // do not clean QUERY_STRING if permalink is not enabled if (osc_rewrite_enabled()) { $URI = str_replace('?' . $_SERVER['QUERY_STRING'], '', $URI); } else { $params_keep = array('page', 'id'); $params = array(); foreach (Params::getParamsAsArray('get') as $k => $v) { if (in_array($k, $params_keep)) { $params[] = "{$k}={$v}"; } } $URI = 'index.php?' . implode('&', $params); } // redirect to the correct url if ($itemURI != $URI) { $this->redirectTo(osc_base_url() . $itemURI); } $this->doView('item.php'); break; } }
<div class="form-row"> <div class="form-label"><?php _e('User change username'); ?> </div> <div class="form-controls"> <input type="text" class="input-large" name="rewrite_user_change_username" value="<?php echo osc_esc_html(osc_get_preference('rewrite_user_change_username')); ?> " /> </div> </div> </div> </div> <?php if (osc_rewrite_enabled()) { ?> <?php if (file_exists(osc_base_path() . '.htaccess')) { ?> <div class="form-row"> <h3 class="separate-top"><?php _e('Your .htaccess file'); ?> </h3> <pre><?php $htaccess_content = file_get_contents(osc_base_path() . '.htaccess'); echo htmlentities($htaccess_content); ?> </pre> </div>
public function init() { // $_SERVER is not supported by Params Class... we should fix that if(isset($_SERVER['REQUEST_URI'])) { if(preg_match('|[\?&]{1}http_referer=(.*)$|', urldecode($_SERVER['REQUEST_URI']), $ref_match)) { $this->http_referer = $ref_match[1]; $_SERVER['REQUEST_URI'] = preg_replace('|[\?&]{1}http_referer=(.*)$|', "", urldecode($_SERVER['REQUEST_URI'])); } $request_uri = preg_replace('@^' . REL_WEB_URL . '@', "", urldecode($_SERVER['REQUEST_URI'])); $this->raw_request_uri = $request_uri; $route_used = false; foreach($this->routes as $id => $route) { // UNCOMMENT TO DEBUG //echo 'Request URI: '.$request_uri." # Match : ".$route['regexp']." # URI to go : ".$route['url']." <br />"; if(preg_match('#^'.$route['regexp'].'#', $request_uri, $m)) { if(!preg_match_all('#\{([^\}]+)\}#', $route['url'], $args)) { $args[1] = array(); } $l = count($m); for($p=1;$p<$l;$p++) { if(isset($args[1][$p-1])) { Params::setParam($args[1][$p-1], $m[$p]); } else { Params::setParam('route_param_'.$p, $m[$p]); } } Params::setParam('page', 'custom'); Params::setParam('route', $id); $route_used = true; $this->location = $route['location']; $this->section = $route['section']; $this->title = $route['title']; break; } } if(!$route_used) { if(osc_rewrite_enabled()) { $tmp_ar = explode("?", $request_uri); $request_uri = $tmp_ar[0]; foreach($this->rules as $match => $uri) { // UNCOMMENT TO DEBUG //echo 'Request URI: '.$request_uri." # Match : ".$match." # URI to go : ".$uri." <br />"; if(preg_match('#^'.$match.'#', $request_uri, $m)) { $request_uri = preg_replace('#'.$match.'#', $uri, $request_uri); break; } } } $this->extractParams($request_uri); $this->request_uri = $request_uri; if(Params::getParam('page')!='') { $this->location = Params::getParam('page'); }; if(Params::getParam('action')!='') { $this->section = Params::getParam('action'); }; } } }
/** * Gets search url given params * * @params array $params * @return string */ function osc_search_url($params = null) { if (osc_rewrite_enabled()) { $url = osc_base_url() . osc_get_preference('rewrite_search_url'); if ($params != null) { $url .= "/"; foreach ($params as $k => $v) { switch ($k) { case 'sCountry': $k = osc_get_preference('rewrite_search_country'); break; case 'sRegion': $k = osc_get_preference('rewrite_search_region'); break; case 'sCity': $k = osc_get_preference('rewrite_search_city'); break; case 'sCityArea': $k = osc_get_preference('rewrite_search_city_area'); break; case 'sCategory': $k = osc_get_preference('rewrite_search_category'); break; case 'sUser': $k = osc_get_preference('rewrite_search_user'); break; case 'sPattern': $k = osc_get_preference('rewrite_search_pattern'); break; default: break; } if ($k != 'page') { $url .= $k . "," . $v . "/"; } } } } else { $url = osc_base_url(true) . '?page=search'; if ($params != null) { foreach ($params as $k => $v) { $url .= "&" . $k . "=" . $v; } } } return $url; }
function osc_item_link_expired() { if (!osc_rewrite_enabled()) { $url = osc_base_url(true) . "?page=item&action=mark&as=expired&id=" . osc_item_id(); } else { $url = osc_base_url() . "item/mark/expired/" . osc_item_id(); } return $url; }
/** * Gets user's profile url * * @return string */ function osc_user_public_profile_url($id = null) { if ($id == null) { $id = osc_user_id(); } if ($id != '') { if (osc_rewrite_enabled()) { $path = osc_base_url() . 'user/profile/' . $id; } else { $path = sprintf(osc_base_url(true) . '?page=user&action=pub_profile&id=%d', $id); } } else { $path = ''; } return $path; }
/** * @param $id * @param $args * @since 3.2 */ function osc_route_url($id, $args = array()) { $routes = Rewrite::newInstance()->getRoutes(); if (!isset($routes[$id])) { return ''; } if (osc_rewrite_enabled()) { $uri = $routes[$id]['url']; $params_url = ''; foreach ($args as $k => $v) { $old_uri = $uri; $uri = str_ireplace('{' . $k . '}', $v, $uri); if ($old_uri == $uri) { $params_url .= '&' . $k . '=' . $v; } } return osc_base_url() . $uri . ($params_url != '' ? '?' . $params_url : ''); } else { $params_url = ''; foreach ($args as $k => $v) { $params_url .= '&' . $k . '=' . $v; } return osc_base_url(true) . "?page=custom&route=" . $id . $params_url; } }
function doModel() { switch ($this->action) { case 'login_post': //post execution for the login if (!osc_users_enabled()) { osc_add_flash_error_message(_m('Users are not enabled')); $this->redirectTo(osc_base_url()); } require_once LIB_PATH . 'osclass/UserActions.php'; $user = User::newInstance()->findByEmail(Params::getParam('email')); $url_redirect = osc_user_dashboard_url(); $page_redirect = ''; if (osc_rewrite_enabled()) { if (isset($_SERVER['HTTP_REFERER'])) { $request_uri = urldecode(preg_replace('@^' . osc_base_url() . '@', "", $_SERVER['HTTP_REFERER'])); $tmp_ar = explode("?", $request_uri); $request_uri = $tmp_ar[0]; $rules = Rewrite::newInstance()->listRules(); foreach ($rules as $match => $uri) { if (preg_match('#' . $match . '#', $request_uri, $m)) { $request_uri = preg_replace('#' . $match . '#', $uri, $request_uri); if (preg_match('|([&?]{1})page=([^&]*)|', '&' . $request_uri . '&', $match)) { $page_redirect = $match[2]; } break; } } } } else { if (preg_match('|[\\?&]page=([^&]+)|', $_SERVER['HTTP_REFERER'] . '&', $match)) { $page_redirect = $match[1]; } } if (Params::getParam('http_referer') != '') { Session::newInstance()->_setReferer(Params::getParam('http_referer')); $url_redirect = Params::getParam('http_referer'); } else { if (Session::newInstance()->_getReferer() != '') { Session::newInstance()->_setReferer(Session::newInstance()->_getReferer()); $url_redirect = Session::newInstance()->_getReferer(); } else { if ($page_redirect != '' && $page_redirect != 'login') { Session::newInstance()->_setReferer($_SERVER['HTTP_REFERER']); $url_redirect = $_SERVER['HTTP_REFERER']; } } } if (!$user) { osc_add_flash_error_message(_m('The username doesn\'t exist')); $this->redirectTo(osc_user_login_url()); } if ($user["s_password"] != sha1(Params::getParam('password'))) { osc_add_flash_error_message(_m('The password is incorrect')); $this->redirectTo(osc_user_login_url()); } $uActions = new UserActions(false); $logged = $uActions->bootstrap_login($user['pk_i_id']); if ($logged == 0) { osc_add_flash_error_message(_m('The username doesn\'t exist')); } else { if ($logged == 1) { osc_add_flash_error_message(_m('The user has not been validated yet')); } else { if ($logged == 2) { osc_add_flash_error_message(_m('The user has been suspended')); } else { if ($logged == 3) { if (Params::getParam('remember') == 1) { //this include contains de osc_genRandomPassword function require_once osc_lib_path() . 'osclass/helpers/hSecurity.php'; $secret = osc_genRandomPassword(); User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id'])); Cookie::newInstance()->set_expires(osc_time_cookie()); Cookie::newInstance()->push('oc_userId', $user['pk_i_id']); Cookie::newInstance()->push('oc_userSecret', $secret); Cookie::newInstance()->set(); } $this->redirectTo($url_redirect); } else { osc_add_flash_error_message(_m('This should never happens')); } } } } if (!$user['b_enabled']) { $this->redirectTo(osc_user_login_url()); } $this->redirectTo(osc_user_login_url()); break; case 'recover': //form to recover the password (in this case we have the form in /gui/) $this->doView('user-recover.php'); break; case 'recover_post': //post execution to recover the password require_once LIB_PATH . 'osclass/UserActions.php'; // e-mail is incorrect if (!preg_match('|^[a-z0-9\\.\\_\\+\\-]+@[a-z0-9\\.\\-]+\\.[a-z]{2,3}$|i', Params::getParam('s_email'))) { osc_add_flash_error_message(_m('Invalid email address')); $this->redirectTo(osc_recover_user_password_url()); } $userActions = new UserActions(false); $success = $userActions->recover_password(); switch ($success) { case 0: // recover ok osc_add_flash_ok_message(_m('We have sent you an email with the instructions to reset your password')); $this->redirectTo(osc_base_url()); break; case 1: // e-mail does not exist osc_add_flash_error_message(_m('We were not able to identify you given the information provided')); $this->redirectTo(osc_recover_user_password_url()); break; case 2: // recaptcha wrong osc_add_flash_error_message(_m('The recaptcha code is wrong')); $this->redirectTo(osc_recover_user_password_url()); break; } break; case 'forgot': //form to recover the password (in this case we have the form in /gui/) $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code')); if ($user) { $this->doView('user-forgot_password.php'); } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); $this->redirectTo(osc_base_url()); } break; case 'forgot_post': if (Params::getParam('new_password') == '' || Params::getParam('new_password2') == '') { osc_add_flash_warning_message(_m('Password cannot be blank')); $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code'))); } $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code')); if ($user['b_enabled'] == 1) { if (Params::getParam('new_password') == Params::getParam('new_password2')) { User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => $_SERVER['REMOTE_ADDR'], 's_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => $user['pk_i_id'])); osc_add_flash_ok_message(_m('The password has been changed')); $this->redirectTo(osc_user_login_url()); } else { osc_add_flash_error_message(_m('Error, the password don\'t match')); $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code'))); } } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); } $this->redirectTo(osc_base_url()); break; default: //login if (osc_logged_user_id() != '') { $this->redirectTo(osc_user_dashboard_url()); } $this->doView('user-login.php'); } }
public function init() { // $_SERVER is not supported by Params Class... we should fix that if (isset($_SERVER['REQUEST_URI'])) { if (preg_match('|[\\?&]{1}http_referer=(.*)$|', urldecode($_SERVER['REQUEST_URI']), $ref_match)) { $this->http_referer = $ref_match[1]; $_SERVER['REQUEST_URI'] = preg_replace('|[\\?&]{1}http_referer=(.*)$|', "", urldecode($_SERVER['REQUEST_URI'])); } $request_uri = preg_replace('@^' . REL_WEB_URL . '@', "", urldecode($_SERVER['REQUEST_URI'])); if (osc_rewrite_enabled()) { $this->extractParams($request_uri); $tmp_ar = explode("?", $request_uri); $request_uri = $tmp_ar[0]; foreach ($this->rules as $match => $uri) { // UNCOMMENT TO DEBUG //echo 'Request URI: '.$request_uri." # Match : ".$match." # URI to go : ".$uri." <br />"; if (preg_match('#' . $match . '#', $request_uri, $m)) { $request_uri = preg_replace('#' . $match . '#', $uri, $request_uri); break; } } } $this->extractParams($request_uri); $this->request_uri = $request_uri; if (Params::getParam('page') != '') { $this->location = Params::getParam('page'); } if (Params::getParam('action') != '') { $this->section = Params::getParam('action'); } } }
/** * Gets for a default search (all categories, noother option) * * @return string */ function osc_search_show_all_url() { if (osc_rewrite_enabled()) { return osc_base_url() . 'search/'; } else { return osc_base_url(true) . '?page=search'; } }
function osc_item_send_friend_url() { if (osc_rewrite_enabled()) { return osc_base_url() . 'item/send-friend/' . osc_item_id(); } else { return osc_base_url(true) . "?page=item&action=send_friend&id=" . osc_item_id(); } }
/** * Gets user's profile url * * @return string */ function osc_user_public_profile_url($id = null) { if ($id == null) { $id = osc_user_id(); } if ($id != '') { if (osc_rewrite_enabled()) { $user = User::newInstance()->findByPrimaryKey($id); $path = osc_base_url() . osc_get_preference('rewrite_user_profile') . "/" . $user['s_username']; } else { $path = sprintf(osc_base_url(true) . '?page=user&action=pub_profile&id=%d', $id); } } else { $path = ''; } return $path; }
/** * Gets url of send a friend (current item) * * @return string */ function osc_item_send_friend_url() { if (osc_rewrite_enabled()) { return osc_base_url() . osc_get_preference('rewrite_item_send_friend') . '/' . osc_item_id(); } else { return osc_base_url(true) . "?page=item&action=send_friend&id=" . osc_item_id(); } }
function breadcrumbs_category_url($category_id) { $path = ''; if (osc_rewrite_enabled()) { if ($category_id != '') { $category = Category::newInstance()->hierarchy($category_id); $sanitized_category = ""; for ($i = count($category); $i > 0; $i--) { $sanitized_category .= $category[$i - 1]['s_slug'] . '/'; } $path = osc_base_url() . $sanitized_category; } } else { $path = sprintf(osc_base_url(true) . '?page=search&sCategory=%d', $category_id); } return rtrim($path, "/"); }
/** * Gets search url given params * * @params array $params * @return string */ function osc_search_url($params = null) { if (is_array($params)) { osc_prune_array($params); } $countP = count($params); if ($countP == 0) { $params['page'] = 'search'; } $base_url = osc_base_url(); $http_url = osc_is_ssl() ? "https://" : "http://"; if (osc_subdomain_type() == 'category' && isset($params['sCategory'])) { if ($params['sCategory'] != Params::getParam('sCategory')) { if (is_array($params['sCategory'])) { $params['sCategory'] = implode(",", $params['sCategory']); } if ($params['sCategory'] != '' && strpos($params['sCategory'], ",") === false) { if (is_numeric($params['sCategory'])) { $category = Category::newInstance()->findByPrimaryKey($params['sCategory']); } else { $category = Category::newInstance()->findBySlug($params['sCategory']); } if (isset($category['s_slug'])) { $base_url = $http_url . $category['s_slug'] . "." . osc_subdomain_host() . REL_WEB_URL; unset($params['sCategory']); } } } else { if (osc_is_subdomain()) { unset($params['sCategory']); } } } else { if (osc_subdomain_type() == 'country' && isset($params['sCountry'])) { if ($params['sCountry'] != Params::getParam('sCountry')) { if (is_array($params['sCountry'])) { $params['sCountry'] = implode(",", $params['sCountry']); } if ($params['sCountry'] != '' && strpos($params['sCountry'], ",") === false) { if (is_numeric($params['sCountry'])) { $country = Country::newInstance()->findByPrimaryKey($params['sCountry']); } else { $country = Country::newInstance()->findByCode($params['sCountry']); } if (isset($country['s_slug'])) { $base_url = $http_url . $country['s_slug'] . "." . osc_subdomain_host() . REL_WEB_URL; unset($params['sCountry']); } } } else { if (osc_is_subdomain()) { unset($params['sCountry']); } } } else { if (osc_subdomain_type() == 'region' && isset($params['sRegion'])) { if ($params['sRegion'] != Params::getParam('sRegion')) { if (is_array($params['sRegion'])) { $params['sRegion'] = implode(",", $params['sRegion']); } if ($params['sRegion'] != '' && strpos($params['sRegion'], ",") === false) { if (is_numeric($params['sRegion'])) { $region = Region::newInstance()->findByPrimaryKey($params['sRegion']); } else { $region = Region::newInstance()->findByName($params['sRegion']); } if (isset($region['s_slug'])) { $base_url = $http_url . $region['s_slug'] . "." . osc_subdomain_host() . REL_WEB_URL; unset($params['sRegion']); } } } else { if (osc_is_subdomain()) { unset($params['sRegion']); } } } else { if (osc_subdomain_type() == 'city' && isset($params['sCity'])) { if ($params['sCity'] != Params::getParam('sCity')) { if (is_array($params['sCity'])) { $params['sCity'] = implode(",", $params['sCity']); } if ($params['sCity'] != '' && strpos($params['sCity'], ",") === false) { if (is_numeric($params['sCity'])) { $city = City::newInstance()->findByPrimaryKey($params['sCity']); } else { $city = City::newInstance()->findByName($params['sCity']); } if (isset($city['s_slug'])) { $base_url = $http_url . $city['s_slug'] . "." . osc_subdomain_host() . REL_WEB_URL; unset($params['sCity']); } } } else { if (osc_is_subdomain()) { unset($params['sCity']); } } } else { if (osc_subdomain_type() == 'user' && isset($params['sUser'])) { if ($params['sUser'] != Params::getParam('sUser')) { if (is_array($params['sUser'])) { $params['sUser'] = implode(",", $params['sUser']); } if ($params['sUser'] != '' && strpos($params['sUser'], ",") === false) { if (is_numeric($params['sUser'])) { $user = User::newInstance()->findByPrimaryKey($params['sUser']); } else { $user = User::newInstance()->findByUsername($params['sUser']); } if (isset($user['s_username'])) { $base_url = $http_url . $user['s_username'] . "." . osc_subdomain_host() . REL_WEB_URL; unset($params['sUser']); } } } else { if (osc_is_subdomain()) { unset($params['sUser']); } } } } } } } $countP = count($params); if ($countP == 0) { return $base_url; } unset($params['page']); $countP = count($params); if (osc_rewrite_enabled()) { $url = $base_url . osc_get_preference('rewrite_search_url'); // CANONICAL URLS if (isset($params['sCategory']) && !is_array($params['sCategory']) && strpos($params['sCategory'], ',') === false && ($countP == 1 || $countP == 2 && isset($params['iPage']))) { if (osc_category_id() == $params['sCategory']) { $category['pk_i_id'] = osc_category_id(); $category['s_slug'] = osc_category_slug(); } else { if (is_numeric($params['sCategory'])) { $category = Category::newInstance()->findByPrimaryKey($params['sCategory']); } else { $category = Category::newInstance()->findBySlug($params['sCategory']); } } if (isset($category['pk_i_id'])) { $url = osc_get_preference('rewrite_cat_url'); if (preg_match('|{CATEGORIES}|', $url)) { $categories = Category::newInstance()->hierarchy($category['pk_i_id']); $sanitized_categories = array(); $mCat = Category::newInstance(); for ($i = count($categories); $i > 0; $i--) { $tmpcat = $mCat->findByPrimaryKey($categories[$i - 1]['pk_i_id']); $sanitized_categories[] = $tmpcat['s_slug']; } $url = str_replace('{CATEGORIES}', implode("/", $sanitized_categories), $url); } $seo_prefix = ''; if (osc_get_preference('seo_url_search_prefix') != '') { $seo_prefix = osc_get_preference('seo_url_search_prefix') . '/'; } $url = str_replace('{CATEGORY_NAME}', $category['s_slug'], $url); // DEPRECATED : CATEGORY_SLUG is going to be removed in 3.4 $url = str_replace('{CATEGORY_SLUG}', $category['s_slug'], $url); $url = str_replace('{CATEGORY_ID}', $category['pk_i_id'], $url); } else { // Search by a category which does not exists (by form) // TODO CHANGE TO NEW ROUTES!! return $base_url . 'index.php?page=search&sCategory=' . urlencode($params['sCategory']); } if (isset($params['iPage']) && $params['iPage'] != '' && $params['iPage'] != 1) { $url .= '/' . $params['iPage']; } $url = $base_url . $seo_prefix . $url; } else { if (isset($params['sRegion']) && is_string($params['sRegion']) && strpos($params['sRegion'], ',') === false && ($countP == 1 || $countP == 2 && (isset($params['iPage']) || isset($params['sCategory'])) || $countP == 3 && isset($params['iPage']) && isset($params['sCategory']))) { $url = $base_url; if (osc_get_preference('seo_url_search_prefix') != '') { $url .= osc_get_preference('seo_url_search_prefix') . '/'; } if (isset($params['sCategory'])) { $_auxSlug = _aux_search_category_slug($params['sCategory']); if ($_auxSlug != '') { $url .= $_auxSlug . '_'; } } if (isset($params['sRegion'])) { if (osc_list_region_id() == $params['sRegion']) { $url .= osc_sanitizeString(osc_list_region_slug()) . '-r' . osc_list_region_id(); } else { if (is_numeric($params['sRegion'])) { $region = Region::newInstance()->findByPrimaryKey($params['sRegion']); } else { $region = Region::newInstance()->findByName($params['sRegion']); } if (isset($region['s_slug'])) { $url .= osc_sanitizeString($region['s_slug']) . '-r' . $region['pk_i_id']; } else { // Search by a region which does not exists (by form) // TODO CHANGE TO NEW ROUTES!! return $url . 'index.php?page=search&sRegion=' . urlencode($params['sRegion']); } } } if (isset($params['iPage']) && $params['iPage'] != '' && $params['iPage'] != 1) { $url .= '/' . $params['iPage']; } } else { if (isset($params['sCity']) && !is_array($params['sCity']) && strpos($params['sCity'], ',') === false && ($countP == 1 || $countP == 2 && (isset($params['iPage']) || isset($params['sCategory'])) || $countP == 3 && isset($params['iPage']) && isset($params['sCategory']))) { $url = $base_url; if (osc_get_preference('seo_url_search_prefix') != '') { $url .= osc_get_preference('seo_url_search_prefix') . '/'; } if (isset($params['sCategory'])) { $_auxSlug = _aux_search_category_slug($params['sCategory']); if ($_auxSlug != '') { $url .= $_auxSlug . '_'; } } if (isset($params['sCity'])) { if (osc_list_city_id() == $params['sCity']) { $url .= osc_sanitizeString(osc_list_city_slug()) . '-c' . osc_list_city_id(); } else { if (is_numeric($params['sCity'])) { $city = City::newInstance()->findByPrimaryKey($params['sCity']); } else { $city = City::newInstance()->findByName($params['sCity']); } if (isset($city['s_slug'])) { $url .= osc_sanitizeString($city['s_slug']) . '-c' . $city['pk_i_id']; } else { // Search by a city which does not exists (by form) // TODO CHANGE TO NEW ROUTES!! return $url . 'index.php?page=search&sCity=' . urlencode($params['sCity']); } } } if (isset($params['iPage']) && $params['iPage'] != '' && $params['iPage'] != 1) { $url .= '/' . $params['iPage']; } } else { if ($params != null && is_array($params)) { foreach ($params as $k => $v) { switch ($k) { case 'sCountry': $k = osc_get_preference('rewrite_search_country'); break; case 'sRegion': $k = osc_get_preference('rewrite_search_region'); break; case 'sCity': $k = osc_get_preference('rewrite_search_city'); break; case 'sCityArea': $k = osc_get_preference('rewrite_search_city_area'); break; case 'sCategory': $k = osc_get_preference('rewrite_search_category'); if (is_array($v)) { $v = implode(",", $v); } break; case 'sUser': $k = osc_get_preference('rewrite_search_user'); if (is_array($v)) { $v = implode(",", $v); } break; case 'sPattern': $k = osc_get_preference('rewrite_search_pattern'); break; case 'meta': // meta(@id),value/meta(@id),value2/... foreach ($v as $key => $value) { if (is_array($value)) { foreach ($value as $_key => $_value) { if ($value != '') { $url .= '/meta' . $key . '-' . $_key . ',' . urlencode($_value); } } } else { if ($value != '') { $url .= '/meta' . $key . ',' . urlencode($value); } } } break; default: break; } if (!is_array($v) && $v != '') { $url .= "/" . $k . "," . urlencode($v); } } } } } } } else { $url = $base_url . 'index.php?page=search'; if ($params != null && is_array($params)) { foreach ($params as $k => $v) { if ($k == 'meta') { if (is_array($v)) { foreach ($v as $_k => $aux) { if (is_array($aux)) { foreach (array_keys($aux) as $aux_k) { $url .= "&" . $k . "[{$_k}][{$aux_k}]=" . urlencode($aux[$aux_k]); } } else { $url .= "&" . $_k . "[]=" . urlencode($aux); } } } } else { if (is_array($v)) { $v = implode(",", $v); } $url .= "&" . $k . "=" . urlencode($v); } } } } return str_replace('%2C', ',', $url); }
function doModel() { osc_run_hook('before_search'); $mCategories = Category::newInstance(); if (osc_rewrite_enabled()) { // IF rewrite is not enabled, skip this part, preg_match is always time&resources consuming task $p_sParams = "/" . Params::getParam('sParams', false, false); if (preg_match_all('|\\/([^,]+),([^\\/]*)|', $p_sParams, $m)) { $l = count($m[0]); for ($k = 0; $k < $l; $k++) { switch ($m[1][$k]) { case osc_get_preference('rewrite_search_country'): $m[1][$k] = 'sCountry'; break; case osc_get_preference('rewrite_search_region'): $m[1][$k] = 'sRegion'; break; case osc_get_preference('rewrite_search_city'): $m[1][$k] = 'sCity'; break; case osc_get_preference('rewrite_search_city_area'): $m[1][$k] = 'sCityArea'; break; case osc_get_preference('rewrite_search_category'): $m[1][$k] = 'sCategory'; break; case osc_get_preference('rewrite_search_user'): $m[1][$k] = 'sUser'; break; case osc_get_preference('rewrite_search_pattern'): $m[1][$k] = 'sPattern'; break; default: break; } $_REQUEST[$m[1][$k]] = $m[2][$k]; $_GET[$m[1][$k]] = $m[2][$k]; unset($_REQUEST['sParams']); unset($_GET['sParams']); unset($_POST['sParams']); } } } //////////////////////////////// //GETTING AND FIXING SENT DATA// //////////////////////////////// $p_sCategory = Params::getParam('sCategory'); if (!is_array($p_sCategory)) { if ($p_sCategory == '') { $p_sCategory = array(); } else { $p_sCategory = explode(",", $p_sCategory); } } $p_sCityArea = Params::getParam('sCityArea'); if (!is_array($p_sCityArea)) { if ($p_sCityArea == '') { $p_sCityArea = array(); } else { $p_sCityArea = explode(",", $p_sCityArea); } } $p_sCity = Params::getParam('sCity'); if (!is_array($p_sCity)) { if ($p_sCity == '') { $p_sCity = array(); } else { $p_sCity = explode(",", $p_sCity); } } $p_sRegion = Params::getParam('sRegion'); if (!is_array($p_sRegion)) { if ($p_sRegion == '') { $p_sRegion = array(); } else { $p_sRegion = explode(",", $p_sRegion); } } $p_sCountry = Params::getParam('sCountry'); if (!is_array($p_sCountry)) { if ($p_sCountry == '') { $p_sCountry = array(); } else { $p_sCountry = explode(",", $p_sCountry); } } $p_sUser = Params::getParam('sUser'); if (!is_array($p_sUser)) { if ($p_sUser == '') { $p_sUser = ''; } else { $p_sUser = explode(",", $p_sUser); } } $p_sPattern = strip_tags(Params::getParam('sPattern')); // ADD TO THE LIST OF LAST SEARCHES if (osc_save_latest_searches()) { if (trim($p_sPattern) != '') { LatestSearches::newInstance()->insert(array('s_search' => trim($p_sPattern), 'd_date' => date('Y-m-d H:i:s'))); } } $p_bPic = Params::getParam('bPic'); $p_bPic == 1 ? $p_bPic = 1 : ($p_bPic = 0); $p_sPriceMin = Params::getParam('sPriceMin'); $p_sPriceMax = Params::getParam('sPriceMax'); //WE CAN ONLY USE THE FIELDS RETURNED BY Search::getAllowedColumnsForSorting() $p_sOrder = Params::getParam('sOrder'); if (!in_array($p_sOrder, Search::getAllowedColumnsForSorting())) { $p_sOrder = osc_default_order_field_at_search(); } $old_order = $p_sOrder; //ONLY 0 ( => 'asc' ), 1 ( => 'desc' ) AS ALLOWED VALUES $p_iOrderType = Params::getParam('iOrderType'); $allowedTypesForSorting = Search::getAllowedTypesForSorting(); $orderType = osc_default_order_type_at_search(); foreach ($allowedTypesForSorting as $k => $v) { if ($p_iOrderType == $v) { $orderType = $k; break; } } $p_iOrderType = $orderType; $p_sFeed = Params::getParam('sFeed'); $p_iPage = 0; if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') > 0) { $p_iPage = intval(Params::getParam('iPage')) - 1; } if ($p_sFeed != '') { $p_sPageSize = 1000; } $p_sShowAs = Params::getParam('sShowAs'); $aValidShowAsValues = array('list', 'gallery'); if (!in_array($p_sShowAs, $aValidShowAsValues)) { $p_sShowAs = osc_default_show_as_at_search(); } // search results: it's blocked with the maxResultsPerPage@search defined in t_preferences $p_iPageSize = intval(Params::getParam('iPagesize')); if ($p_iPageSize > 0) { if ($p_iPageSize > osc_max_results_per_page_at_search()) { $p_iPageSize = osc_max_results_per_page_at_search(); } } else { $p_iPageSize = osc_default_results_per_page_at_search(); } //FILTERING CATEGORY $bAllCategoriesChecked = false; if (count($p_sCategory) > 0) { foreach ($p_sCategory as $category) { $this->mSearch->addCategory($category); } } else { $bAllCategoriesChecked = true; } //FILTERING CITY_AREA foreach ($p_sCityArea as $city_area) { $this->mSearch->addCityArea($city_area); } $p_sCityArea = implode(", ", $p_sCityArea); //FILTERING CITY foreach ($p_sCity as $city) { $this->mSearch->addCity($city); } $p_sCity = implode(", ", $p_sCity); //FILTERING REGION foreach ($p_sRegion as $region) { $this->mSearch->addRegion($region); } $p_sRegion = implode(", ", $p_sRegion); //FILTERING COUNTRY foreach ($p_sCountry as $country) { $this->mSearch->addCountry($country); } $p_sCountry = implode(", ", $p_sCountry); // FILTERING PATTERN if ($p_sPattern != '') { $this->mSearch->addPattern($p_sPattern); $osc_request['sPattern'] = $p_sPattern; } else { // hardcoded - if there isn't a search pattern, order by dt_pub_date desc if ($p_sOrder == 'relevance') { $p_sOrder = 'dt_pub_date'; foreach ($allowedTypesForSorting as $k => $v) { if ($p_iOrderType == 'desc') { $orderType = $k; break; } } $p_iOrderType = $orderType; } } // FILTERING USER if ($p_sUser != '') { $this->mSearch->fromUser($p_sUser); } // FILTERING IF WE ONLY WANT ITEMS WITH PICS if ($p_bPic) { $this->mSearch->withPicture(true); } //FILTERING BY RANGE PRICE $this->mSearch->priceRange($p_sPriceMin, $p_sPriceMax); //ORDERING THE SEARCH RESULTS $this->mSearch->order($p_sOrder, $allowedTypesForSorting[$p_iOrderType]); //SET PAGE $this->mSearch->page($p_iPage, $p_iPageSize); osc_run_hook('search_conditions', Params::getParamsAsArray()); if (!Params::existParam('sFeed')) { // RETRIEVE ITEMS AND TOTAL $aItems = $this->mSearch->doSearch(); $iTotalItems = $this->mSearch->count(); $iStart = $p_iPage * $p_iPageSize; $iEnd = min(($p_iPage + 1) * $p_iPageSize, $iTotalItems); $iNumPages = ceil($iTotalItems / $p_iPageSize); osc_run_hook('search', $this->mSearch); //preparing variables... $regionName = $p_sRegion; if (is_numeric($p_sRegion)) { $r = Region::newInstance()->findByPrimaryKey($p_sRegion); if ($r) { $regionName = $r['s_name']; } } $cityName = $p_sCity; if (is_numeric($p_sCity)) { $c = City::newInstance()->findByPrimaryKey($p_sCity); if ($c) { $cityName = $c['s_name']; } } //$this->_exportVariableToView('non_empty_categories', $aCategories) ; $this->_exportVariableToView('search_start', $iStart); $this->_exportVariableToView('search_end', $iEnd); $this->_exportVariableToView('search_category', $p_sCategory); // hardcoded - non pattern and order by relevance $p_sOrder = $old_order; $this->_exportVariableToView('search_order_type', $p_iOrderType); $this->_exportVariableToView('search_order', $p_sOrder); $this->_exportVariableToView('search_pattern', $p_sPattern); $this->_exportVariableToView('search_from_user', $p_sUser); $this->_exportVariableToView('search_total_pages', $iNumPages); $this->_exportVariableToView('search_page', $p_iPage); $this->_exportVariableToView('search_has_pic', $p_bPic); $this->_exportVariableToView('search_region', $regionName); $this->_exportVariableToView('search_city', $cityName); $this->_exportVariableToView('search_price_min', $p_sPriceMin); $this->_exportVariableToView('search_price_max', $p_sPriceMax); $this->_exportVariableToView('search_total_items', $iTotalItems); $this->_exportVariableToView('items', $aItems); $this->_exportVariableToView('search_show_as', $p_sShowAs); $this->_exportVariableToView('search', $this->mSearch); // json $json = $this->mSearch->toJson(); $this->_exportVariableToView('search_alert', base64_encode($json)); //calling the view... $this->doView('search.php'); } else { $this->mSearch->page(0, osc_num_rss_items()); // RETRIEVE ITEMS AND TOTAL $iTotalItems = $this->mSearch->count(); $aItems = $this->mSearch->doSearch(); $this->_exportVariableToView('items', $aItems); if ($p_sFeed == '' || $p_sFeed == 'rss') { // FEED REQUESTED! header('Content-type: text/xml; charset=utf-8'); $feed = new RSSFeed(); $feed->setTitle(__('Latest listings added') . ' - ' . osc_page_title()); $feed->setLink(osc_base_url()); $feed->setDescription(__('Latest listings added in') . ' ' . osc_page_title()); if (osc_count_items() > 0) { while (osc_has_items()) { if (osc_count_item_resources() > 0) { osc_has_item_resources(); $feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'dt_pub_date' => osc_item_pub_date(), 'image' => array('url' => htmlentities(osc_resource_thumbnail_url(), ENT_COMPAT, "UTF-8"), 'title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8")))); } else { $feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'dt_pub_date' => osc_item_pub_date())); } } } osc_run_hook('feed', $feed); $feed->dumpXML(); } else { osc_run_hook('feed_' . $p_sFeed, $aItems); } } }
function osc_search_footer_links() { if (!osc_rewrite_enabled()) { return array(); } $categoryID = osc_search_category_id(); if (!empty($categoryID)) { if (Category::newInstance()->isRoot(current($categoryID))) { $cat = Category::newInstance()->findSubcategories(current($categoryID)); if (count($cat) > 0) { $categoryID = array(); foreach ($cat as $c) { $categoryID[] = $c['pk_i_id']; } } } } if (osc_search_city() != '') { return array(); } $regionID = ''; if (osc_search_region() != '') { $aRegion = Region::newInstance()->findByName(osc_search_region()); if (isset($aRegion['pk_i_id'])) { $regionID = $aRegion['pk_i_id']; } } $conn = DBConnectionClass::newInstance(); $data = $conn->getOsclassDb(); $comm = new DBCommandClass($data); $comm->select('i.fk_i_category_id'); $comm->select('l.*'); $comm->select('COUNT(*) AS total'); $comm->from(DB_TABLE_PREFIX . 't_item as i'); $comm->from(DB_TABLE_PREFIX . 't_item_location as l'); if (!empty($categoryID)) { $comm->whereIn('i.fk_i_category_id', $categoryID); } $comm->where('i.pk_i_id = l.fk_i_item_id'); $comm->where('i.b_enabled = 1'); $comm->where('i.b_active = 1'); $comm->where(sprintf("dt_expiration >= '%s'", date('Y-m-d H:i:s'))); $comm->where('l.fk_i_region_id IS NOT NULL'); $comm->where('l.fk_i_city_id IS NOT NULL'); if ($regionID != '') { $comm->where('l.fk_i_region_id', $regionID); $comm->groupBy('l.fk_i_city_id'); } else { $comm->groupBy('l.fk_i_region_id'); } $rs = $comm->get(); if (!$rs) { return array(); } return $rs->result(); }