public function executeUpload()
{
$upload_max_filesize = str_replace('M', '', ini_get('upload_max_filesize'));
$res = new \AjaxResponse();
$upload_dir = PUBLIC_DIR . '/media/editor_upload/';
Folder::create($upload_dir, 0777);
$error = array();
$fileUploader = new Uploader($upload_dir, 'file_upload');
$fileUploader->setMaximumFileSize($upload_max_filesize);
$fileUploader->setFilterType('.jpg, .jpeg, .png, .bmp, .gif');
$fileUploader->setIsEncryptFileName(true);
if ($fileUploader->upload('file_upload')) {
$data = $fileUploader->getData();
$file_path = '/media/editor_upload/' . $data['file_name'];
$file_url = rtrim($this->document()->getBaseUrl(), '/') . preg_replace('/(\\/+)/', '/', '/../' . $file_path);
$image = ['file_name' => $data['file_name'], 'url' => $file_url, 'path' => $file_path];
$res->type = \AjaxResponse::SUCCESS;
$res->image = $image;
return $this->renderText($res->toString());
} else {
$error['upload'] = $fileUploader->getError();
}
$res->type = \AjaxResponse::ERROR;
$res->error = $error;
return $this->renderText($res->toString());
}
public function executeRemove()
{
$this->validAjaxRequest();
$res = new \AjaxResponse();
if (!($banner = \Banner::retrieveById($this->request()->get('id')))) {
$res->type = \AjaxResponse::ERROR;
$res->message = t('Banner not found');
return $this->renderText($res->toString());
}
$banner->delete();
$res->type = \AjaxResponse::SUCCESS;
$res->id = $banner->getId();
$res->banner = $banner->toArray();
$res->message = t('Banner ' . $banner->getTitle() . ' was removed!');
return $this->renderText($res->toString());
}
public function index()
{
if (!$this->auth->loggedin()) {
$this->public_class->redirect('/404');
}
if ($this->public_class->isPostRequest()) {
$ajax = new AjaxResponse();
$data = $this->input->post(NULL, TRUE);
$dt_update = array('nickname' => $data['fullname'], 'telephone' => $data['telephone'], 'address' => $data['addr']);
$changepass = FALSE;
$changed = FALSE;
if ($data['current_password']) {
$changepass = TRUE;
/*Check CurrentPass*/
$r_check = $this->user_model->check_password($data['current_password'], $this->data['logger']['password']);
/*Set new password if pass*/
if ($r_check) {
if ($data['password'] === $data['confirmation'] && strlen($data['password']) >= 6) {
$dt_update['password'] = $data['password'];
$changed = TRUE;
}
}
}
$result = $this->user_model->update($this->data['logger']['id'], $dt_update);
if ($result && $result > 0) {
$ajax->type = AjaxResponse::SUCCESS;
$ajax->message = 'Cập nhật thông tin thành công';
if ($changepass) {
if ($changed) {
$ajax->type_changepass = 1;
$ajax->message_changepass = '******';
} else {
$ajax->type_changepass = 0;
$ajax->message_changepass = '******';
}
}
$ajax->toString();
exit($ajax->toString());
} else {
$ajax->type = AjaxResponse::ERROR;
$ajax->message = 'Có lỗi xảy ra. Vui lòng nhập đúng thông tin!';
exit($ajax->toString());
}
}
$this->load->view('frontend/user/index', $this->data);
}
public function executeRemoveCf()
{
if ($this->validAjaxRequest() || !$this->request()->isPostRequest()) {
Base::end('Invalid request!');
}
$ajax = new \AjaxResponse();
$customField = \TermCustomFields::retrieveById($this->request()->get('id'));
if (!$customField) {
$ajax->message = t("Custom field not found!");
$ajax->type = \AjaxResponse::ERROR;
return $this->renderText($ajax->toString());
}
$customField->beginTransaction();
if ($customField->delete()) {
\PostCustomFields::write()->delete(\PostCustomFields::getTableName())->where('cf_id = ?')->setParameter(1, $customField->getId(), \PDO::PARAM_INT)->execute();
$customField->commit();
$ajax->message = t($customField->getName() . ' was removed!');
$ajax->type = \AjaxResponse::SUCCESS;
return $this->renderText($ajax->toString());
}
$customField->rollBack();
$ajax->message = t("Could not remove {$customField->getName()}!");
$ajax->type = \AjaxResponse::ERROR;
return $this->renderText($ajax->toString());
}
public function search()
{
$this->load->model(array('Mproduct'));
$this->data['title'] = 'Tìm kiếm toàn bộ cửa hàng - eShop';
$last_id = 1;
$sort = 'created_at desc';
$where = array();
$like = array();
$categories = array();
$this->data['selected'] = array();
$startIndex = 0;
$limit = 40;
if ($data_search = $this->input->get(NULL, TRUE)) {
/*Sortlist*/
if (isset($data_search['sortlist']) && $data_search['sortlist']) {
if ($data_search['sortlist'] === 'product_sale_desc') {
$sort = 'created_at desc, deal desc';
} elseif ($data_search['sortlist'] === 'product_saleoff_desc') {
$sort = 'deal desc, created_at desc';
} elseif ($data_search['sortlist'] === 'product_sale_buy') {
$sort = 'transaction_num desc, created_at desc';
} elseif ($data_search['sortlist'] === 'product_view_desc') {
$sort = 'view_num desc, created_at desc';
} elseif ($data_search['sortlist'] === 'product_brand') {
$where = array('brande REGEXP' => '[1-9]');
}
$this->data['sortlist'] = $data_search['sortlist'];
}
$this->data['search_value'] = $data_search['q'];
if ($data_search['q']) {
$this->Mproduct->db->like('title', $data_search['q']);
}
/*Categories*/
if (isset($data_search['categories'])) {
$last_id = end($data_search['categories']);
$like['category_id'] = '|' . $last_id . '|';
}
/*Colors*/
if (isset($data_search['colors'])) {
$sub_q = '';
foreach ($data_search['colors'] as $key => $value) {
if ($value) {
$sub_q .= $key == 0 ? 'colors LIKE "%|' . $value . '|%"' : ' OR colors LIKE "%|' . $value . '|%"';
}
}
if ($sub_q) {
$this->Mproduct->db->where('(' . $sub_q . ')', null, false);
}
}
/*Sizes*/
if (isset($data_search['sizes'])) {
$sub_q = '';
foreach ($data_search['sizes'] as $key => $value) {
if ($value) {
$sub_q .= $key == 0 ? 'sizes LIKE "%|' . $value . '|%"' : ' OR sizes LIKE "%|' . $value . '|%"';
}
}
if ($sub_q) {
$this->Mproduct->db->where('(' . $sub_q . ')', null, false);
}
}
/*Styles*/
if (isset($data_search['styles'])) {
$sub_q = '';
foreach ($data_search['styles'] as $key => $value) {
if ($value) {
$sub_q .= $key == 0 ? 'styles LIKE "%|' . $value . '|%"' : ' OR styles LIKE "%|' . $value . '|%"';
}
}
if ($sub_q) {
$this->Mproduct->db->where('(' . $sub_q . ')', null, false);
}
}
/*Brandes*/
if (isset($data_search['brandes'])) {
$where = array('brande REGEXP' => '[1-9]');
$this->data['l_brandes'] = TRUE;
$sub_q = '';
foreach ($data_search['brandes'] as $key => $value) {
if ($value) {
$sub_q .= !$sub_q ? 'brande LIKE "%|' . $value . '|%"' : ' OR brande LIKE "%|' . $value . '|%"';
}
}
if ($sub_q) {
$this->Mproduct->db->where('(' . $sub_q . ')', null, false);
}
}
/*Prices*/
if (isset($data_search['prices'])) {
$sub_q = '';
foreach ($data_search['prices'] as $key => $value) {
if ($value) {
if ($value == 1) {
$sub_q .= $key == 0 ? 'buy_price <= 1000000' : ' OR buy_price <= 1000000';
} elseif ($value == 2) {
$sub_q .= $key == 0 ? '(buy_price >= 1000000 AND buy_price <= 2000000)' : ' OR (buy_price >= 1000000 AND buy_price <= 2000000)';
} elseif ($value == 3) {
$sub_q .= $key == 0 ? '(buy_price >= 2000000 AND buy_price <= 3000000)' : ' OR (buy_price >= 2000000 AND buy_price <= 3000000)';
}
}
}
if ($sub_q) {
$this->Mproduct->db->where('(' . $sub_q . ')', null, false);
}
}
/*Page*/
if (isset($data_search['page']) && $data_search['page']) {
$startIndex = intval($data_search['page']) * $limit;
}
$this->data['selected'] = $data_search;
}
/*die(json_encode($startIndex));*/
/*Current LINK*/
$this->data['currentLink'] = $this->curPageURL();
foreach ($this->temp['category'] as $c) {
if (!isset($data_search['categories']) && $c['level'] == 1) {
$categories[] = $c;
} elseif ($data_search['categories']) {
foreach ($data_search['categories'] as $s_c) {
if ($s_c == $c['id'] || $c['parent_id'] == $last_id) {
if (!in_array($c, $categories)) {
$categories[] = $c;
}
}
}
}
}
$list_item = $this->Mproduct->list_all_item_category($limit, $startIndex, $pId, $sort, $where, $like, TRUE);
if (isset($data_search['ajax']) && $data_search['ajax']) {
$stopped = $list_item == 0 ? 1 : 0;
$content = $this->generate_filter_table($data_search, $list_item);
$t_content = $content['filter_table'];
$list_item = $content['list_item'];
$ajax = new AjaxResponse();
$ajax->type = AjaxResponse::SUCCESS;
$ajax->element = 'success';
$ajax->message = '';
$ajax->stopped = $stopped;
$ajax->list_item = $list_item;
$ajax->table_filter_content = $t_content;
exit($ajax->toString());
}
$this->data['list_item'] = $list_item;
$this->data['categories'] = $categories;
$this->data['onepage'] = TRUE;
$this->data['template'] = 'frontend/search/index';
$this->load->view('frontend/layout', $this->data);
}
public function executePin()
{
$this->validAjaxRequest();
$res = new \AjaxResponse();
if (!($post = \Posts::retrieveById($this->request()->get('id')))) {
$res->type = \AjaxResponse::ERROR;
$res->message = t('Post not found!');
return $this->renderText($res->toString());
}
$post->setIsPin(true);
$post->save(false);
$res->type = \AjaxResponse::SUCCESS;
$res->id = $post->getId();
$res->post = $post->toArray();
return $this->renderText($res->toString());
}
public function getWard()
{
if ($this->input->get('districtId', TRUE)) {
$districtId = $this->input->get('districtId', TRUE);
$this->load->model('Mlocation');
$type = 3;
$list_ward = '<option value="" selected="selected">Xã / Phường</option>';
$lists = $this->Mlocation->getItems($type, $districtId);
foreach ($lists as $l) {
if ($l['wardid'] && $l['name']) {
$list_ward .= '<option value="' . $l['wardid'] . '">' . $l['name'] . '</option>';
}
}
$ajax = new AjaxResponse();
$ajax->type = AjaxResponse::SUCCESS;
$ajax->element = 'success';
$ajax->message = '';
$ajax->list_ward = $list_ward;
echo $ajax->toString();
}
}
public function lostpass()
{
if ($this->input->is_ajax_request()) {
$result = 0;
$data = $this->input->post(NULL, TRUE);
$ajax = new AjaxResponse();
$credential = $data['credential'];
/*GET user with email*/
$user = $this->user_model->get('email', $credential);
if (!empty($user)) {
/*SET NEW PASSWORD*/
$newPass = $this->generateRandomString(10);
/*SEND MAIL WITH SMTP*/
$config = array('protocol' => 'smtp', 'smtp_host' => 'ssl://smtp.googlemail.com', 'smtp_port' => 465, 'smtp_user' => '*****@*****.**', 'smtp_pass' => 'jechoicena', 'mailtype' => 'html', 'charset' => 'utf-8');
$this->load->library('email', $config);
$this->email->set_newline("\r\n");
// Set to, from, message, etc.
$this->email->from('*****@*****.**', 'ESHOP SUPPORT');
$this->email->to($credential);
$this->email->subject('Reset mật khẩu - ' . $user['nickname'] . ' - ' . $user['email']);
$this->email->message('Mật khẩu mới của quý khách là: <b>' . $newPass . '</b> <br><br> Cảm ơn quý khách đã sử dụng ESHOP <br><br> Website: ' . base_url('/'));
$result = $this->email->send();
if ($result) {
/*UPDATE PASSWORD FOR THIS USER*/
$data_update_user = array('password' => $newPass);
$this->user_model->update($user['id'], $data_update_user);
}
}
if ($result && $result > 0) {
$ajax->type = AjaxResponse::SUCCESS;
$ajax->message = 'Vui lòng kiểm tra hộp thư email <b>' . $credential . '</b>. Xin cám ơn!';
$ajax->toString();
exit($ajax->toString());
} else {
$ajax->type = AjaxResponse::ERROR;
$ajax->message = 'Không tìm thấy thông tin email <b>' . $credential . '</b>. Xin cám ơn!';
exit($ajax->toString());
}
}
}
public function executeRemove()
{
$this->validAjaxRequest();
$res = new \AjaxResponse();
if (!($postImg = \PostImages::retrieveById($this->request()->post('id')))) {
$res->type = \AjaxResponse::ERROR;
$res->message = t("Image not found");
return $this->renderText($res->toString());
}
if ($postImg->delete()) {
$otherImages = [];
if (($otherImages = \PostPeer::getPostImg($postImg->getPostId())) && $postImg->getIsMain()) {
$otherImages[0]->setIsMain(true);
$otherImages[0]->save();
}
$result = [];
foreach ($otherImages as $image) {
$t = $image->toArray();
$t['thumb_url'] = $image->getThumbs(96, 96);
$t['url'] = $image->getUrl();
$result[] = $t;
}
$res->images = $result;
$res->postImg = $postImg->toArray();
$res->type = \AjaxResponse::SUCCESS;
return $this->renderText($res->toString());
}
$res->type = \AjaxResponse::ERROR;
$res->message = t("Unknown error");
return $this->renderText($res->toString());
}
/**
* Change password, XHR request
*
* POST /user/change_pass
* @return string
*/
public function executeChangePass()
{
$current = $this->post('current_pass');
$new = $this->post('new_pass');
$confirm = $this->post('confirm_pass');
$user = $this->getSessionUser();
$error = [];
if ($new != $confirm) {
$error['confirm'] = t('Confirm password not match!');
}
if ($user->getPassword() != \Users::hashPassword($current, $user->getPassword())) {
$error['current_pass'] = t('Current password not valid!');
}
$ajax = new \AjaxResponse();
$ajax->type = \AjaxResponse::ERROR;
if (!empty($error)) {
$ajax->message = t('Lỗi');
$ajax->error = $error;
return $this->renderText($ajax->toString());
}
//everything ok
$user->setPassword(\Users::hashPassword($new, $user->getPassword()));
//reset password but keep salt
if ($user->save(false)) {
//quick save
$ajax->type = \AjaxResponse::SUCCESS;
$ajax->message = t('Password was change. Plz login again with new password!');
CMSBackendAuth::getInstance()->logout();
} else {
$ajax->message = t('Something went wrong, plz try again. Thanks!');
}
return $this->renderText($ajax->toString());
}
public function executeSetPermission()
{
$this->validAjaxRequest();
$ajax = new \AjaxResponse();
if (!$this->isAllowed(PERMISSION_ROLE_PERMISSION_MANAGE)) {
$ajax->type = \AjaxResponse::ERROR;
$ajax->message = t("You don't have permission");
return $this->renderText($ajax->toString());
}
$role_id = $this->post('role_id', 'INT', 0);
$permission = $this->post('permission');
$allow = $this->post('allow');
if ($allow == 'true') {
$allow = true;
} else {
$allow = false;
}
if (!$role_id || !($role = \Roles::retrieveById($role_id))) {
$ajax->type = \AjaxResponse::ERROR;
$ajax->message = t("Role not found");
return $this->renderText($ajax->toString());
}
if (!$permission) {
$ajax->type = \AjaxResponse::ERROR;
$ajax->message = t("Empty permission code");
return $this->renderText($ajax->toString());
}
if ($allow) {
$role->addPermission($permission);
} else {
$role->removePermission($permission);
}
$ajax->type = \AjaxResponse::SUCCESS;
$ajax->message = t("Change role permission success!");
return $this->renderText($ajax->toString());
}
public function check_username()
{
if ($this->input->is_ajax_request()) {
$ajax = new AjaxResponse();
$nameUser = strtolower($this->input->post('username'));
if ($this->_inValidUsername($nameUser) != true) {
$ajax->type = AjaxResponse::ERROR;
$ajax->element = 'error-username';
$ajax->message = 'Tên đăng nhập này không được sử dụng!';
exit($ajax->toString());
}
if (Public_class::isValidUsername($nameUser) != 1) {
$ajax->type = AjaxResponse::ERROR;
$ajax->element = 'error-username';
$ajax->message = 'Tên đăng nhập từ 3-15 ký tự và không chứa ký tự đặc biệt!';
exit($ajax->toString());
}
$user = $this->db->get_where('users', array('username' => trim($nameUser)));
if ($user->num_rows() > 0) {
$ajax->type = AjaxResponse::ERROR;
$ajax->element = 'error-username';
$ajax->message = 'Tên đăng nhập này đã tồn tại!';
exit($ajax->toString());
}
$ajax->type = AjaxResponse::SUCCESS;
$ajax->message = 'Tên đăng nhập hợp lệ!';
exit($ajax->toString());
} else {
exit('Invalid request!');
}
}
public function executeRemove()
{
$this->validAjaxRequest();
$res = new \AjaxResponse();
$res->type = \AjaxResponse::ERROR;
$item_id = $this->get('id');
if (!$item_id || !($item = \Items::retrieveById($item_id))) {
$res->message = t('Item not found!');
return $this->renderText($res->toString());
}
if ($item->delete()) {
$res->message = t('Item was removed!');
$res->type = \AjaxResponse::SUCCESS;
$res->item_id = $item_id;
}
return $this->renderText($res->toString());
}
public function executeRemove()
{
$id = $this->get('id');
$ajax = new \AjaxResponse();
$ajax->type = \AjaxResponse::ERROR;
if ($id && !($menu = \Menus::retrieveById($id))) {
$ajax->message = t('Menu not found');
return $this->renderText($ajax->toString());
}
if ($menu->hasChildren()) {
$ajax->message = t('Menu has children, could not be delete!');
} else {
$menu->delete();
$ajax->message = t('Delete success!');
$ajax->type = \AjaxResponse::SUCCESS;
}
return $this->renderText($ajax->toString());
}
