function click()
{
$nID = $this->input->id('id');
if (!$nID) {
Func::JSRedirect(SITEURL);
}
$aData = $this->getBannerData($nID);
if (empty($aData)) {
Func::JSRedirect(SITEURL);
}
# +1 к кликам (MySQL ONLY)
$this->db->execute('INSERT INTO ' . TABLE_BANNERS_STAT . ' (id, clicks, period)
VALUES(' . $nID . ',1, ' . $this->db->str2sql(date('Y-m-d')) . ')
ON DUPLICATE KEY UPDATE clicks=clicks+1');
if (empty($aData['clickurl']) || $aData['clickurl'] == '#') {
Func::JSRedirect(SITEURL);
}
Func::JSRedirect('http://' . $aData['clickurl']);
}
function subscribe()
{
$aData = array();
if (func::isPostMethod()) {
$this->input->postm(array('name' => TYPE_NOHTML, 'email' => TYPE_NOHTML), $aData);
$sEmail =& $aData['email'];
if (!$aData['name']) {
$this->errors->set('no_subscriber_name');
}
if (!$sEmail) {
$this->errors->set('no_subscriber_email');
} elseif (!func::IsEmailAddress($sEmail)) {
${$this}->errors->set('subscriber_wrong_email');
} elseif ($this->isSubscribed($sEmail)) {
$this->errors->set('subscriber_email_exists');
}
if ($this->errors->no()) {
$this->db->execute('INSERT INTO ' . DB_PREFIX . 'subscribers (name, email, create_datetime)
VALUES (' . $this->db->str2sql($aData['name']) . ', ' . $this->db->str2sql($sEmail) . ', ' . $this->db->getNOW() . ')');
}
}
Func::JSRedirect('/');
}
function login()
{
if ($this->security->haveAccessToAdminPanel()) {
$this->adminRedirect(null, 'profile');
}
$sLogin = '';
if (bff::$isPost) {
$sLogin = func::POST('login', true);
if (!$sLogin) {
$this->errors->set('no_login');
}
$sPassword = func::POST('password', true);
if (!$sPassword) {
$this->errors->set('no_password');
}
if ($this->errors->no()) {
$sPassword = $this->security->getUserPasswordMD5($sPassword);
$sQuery = 'SELECT user_id, login, email, name, avatar, admin, cat FROM ' . TABLE_USERS . '
WHERE login = '******' AND password = '******'
LIMIT 1';
$aUserData = $this->db->one_array($sQuery);
if (!$aUserData) {
$this->errors->set('login_and_password_unknow', '', false, $sLogin);
} else {
$nUserID = $aUserData['user_id'];
if (bff::i()->Ban_checkBan(Func::getRemoteAddress(), false, false, true)) {
$this->errors->set(Errors::ACCESSDENIED);
} else {
if (!$this->security->haveAccessToAdminPanel($nUserID)) {
$this->errors->set(Errors::ACCESSDENIED);
}
}
if ($this->errors->no()) {
$aUserGroups = $this->getUserGroups($nUserID, true);
//стартуем сессию администратора
session_set_cookie_params(0, '/admin/');
$this->security->sessionStart('a', false);
//update login_last_datetime, login_datetime to current time
$this->db->execute('UPDATE ' . TABLE_USERS . '
SET login_last_ts=login_ts, login_ts=' . $this->db->getNOW() . ', ip_login= '******',
session_id=' . $this->db->str2sql(session_id()) . '
WHERE user_id=' . $nUserID);
$this->security->setUserInfo($nUserID, $aUserData['login'], $aUserData['email'], $aUserGroups, array('avatar' => $aUserData['avatar'], 'name' => $aUserData['name'], 'surname' => $aUserData['surname'], 'admin' => $aUserData['admin'], 'cat' => explode(',', $aUserData['cat'])));
Func::JSRedirect('index.php');
}
}
}
}
$this->errors->assign();
$this->tplAssign('login', $sLogin);
$this->tplDisplay('login.tpl', TPL_PATH, '', '');
exit(0);
}
function logout()
{
if ($this->security->isLogined()) {
if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], 'user/profile') === FALSE) {
$sRedirectURL = $_SERVER['HTTP_REFERER'];
} else {
$sRedirectURL = SITEURL;
}
$this->security->logout($sRedirectURL, true, 'u', '/');
}
Func::JSRedirect(SITEURL);
}
function showError($mErrorKey = '')
{
if ($mErrorKey == Errors::ACCESSDENIED) {
$this->errors->autohide(false);
}
if (!empty($_SERVER['HTTP_REFERER']) && $this->security->isLogined()) {
Func::JSRedirect($_SERVER['HTTP_REFERER'] . '&errno=' . $mErrorKey);
}
$this->errors->set($mErrorKey);
return '';
}