public function action_profile()
{
$this->auto_render = FALSE;
$xml = 'FALSE';
$seoname = $this->request->param('seoname', NULL);
if ($seoname !== NULL) {
$user = new Model_User();
$user->where('seoname', '=', $seoname)->where('status', '=', Model_User::STATUS_ACTIVE)->limit(1)->cached()->find();
if ($user->loaded()) {
$info = array('title' => 'RSS ' . $user->name, 'pubDate' => date("r"), 'description' => $user->name . ' - ' . $user->description, 'generator' => 'Open Classifieds');
$items = array();
//last ads, you can modify this value at: advertisement.feed_elements
$ads = new Model_Ad();
$ads->where('status', '=', Model_Ad::STATUS_PUBLISHED)->where('id_user', '=', $user->id_user)->order_by('published', 'desc')->limit(Core::config('advertisement.feed_elements'));
$ads = $ads->cached()->find_all();
foreach ($ads as $a) {
$url = Route::url('ad', array('category' => $a->category->seoname, 'seotitle' => $a->seotitle));
$item = array('title' => htmlspecialchars($a->title, ENT_QUOTES), 'link' => $url, 'pubDate' => Date::mysql2unix($a->published), 'description' => htmlspecialchars(Text::removebbcode($a->description), ENT_QUOTES), 'guid' => $url);
if ($a->get_first_image() !== NULL) {
$item['description'] = '<img src="' . $a->get_first_image() . '" />' . $item['description'];
}
$items[] = $item;
}
$xml = Feed::create($info, $items);
}
}
$this->response->headers('Content-type', 'text/xml');
$this->response->body($xml);
}
/**
* Handle GET requests.
*/
public function action_get()
{
try {
if (is_numeric($id_user = $this->request->param('id'))) {
$user = new Model_User($id_user);
if ($user->loaded() and $user->status == Model_User::STATUS_ACTIVE) {
$res = $user->as_array();
$res['image'] = $user->get_profile_image();
//remove the hidden fields
foreach ($res as $key => $value) {
if (in_array($key, $this->_hidden_fields)) {
unset($res[$key]);
}
}
$this->rest_output(array('user' => $res));
} else {
$this->_error(__('User not found'), 404);
}
} else {
$this->_error(__('User not found'), 404);
}
} catch (Kohana_HTTP_Exception $khe) {
$this->_error($khe);
return;
}
}
public function action_index()
{
Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Home'))->set_url(Route::url('default')));
Breadcrumbs::add(Breadcrumb::factory()->set_title(__('User Profile')));
$seoname = $this->request->param('seoname', NULL);
if ($seoname !== NULL) {
$user = new Model_User();
$user->where('seoname', '=', $seoname)->limit(1)->cached()->find();
if ($user->loaded()) {
$this->template->title = __('User Profile') . ' - ' . $user->name;
//$this->template->meta_description = $user->name;//@todo phpseo
$this->template->bind('content', $content);
$ads = new Model_Ad();
$ads = $ads->where('id_user', '=', $user->id_user)->where('status', '=', Model_Ad::STATUS_PUBLISHED)->order_by('created', 'desc')->cached()->find_all();
// case when user dont have any ads
if ($ads->count() == 0) {
$profile_ads = NULL;
}
$this->template->content = View::factory('pages/userprofile', array('user' => $user, 'profile_ads' => $ads));
} else {
//throw 404
throw HTTP_Exception::factory(404, __('Page not found'));
}
} else {
//throw 404
throw HTTP_Exception::factory(404, __('Page not found'));
}
}
public function action_delete()
{
$user = new Model_User($this->request->param('id'));
if ($user->loaded()) {
$user->delete();
}
$this->redirect('admin/user/all');
}
public function action_profile_picture()
{
$id = $this->request->param('id');
$param = $this->request->param('param1');
$context_user = new Model_User($id);
if ($id == null || !$context_user->loaded() || empty($context_user->profile_pic_id)) {
$this->request->redirect("/assets/default/img/default-user.jpg");
}
$this->show_picture($context_user->profile_pic_id, $param);
}
/**
* is favorite?
* @param Model_User $user user
* @param Model_Ad $ad ad
* @return boolean
*/
public static function is_favorite(Model_User $user, Model_Ad $ad)
{
if ($user->loaded() and $ad->loaded()) {
$fav = new Model_Favorite();
$fav->where('id_user', '=', $user->id_user)->where('id_ad', '=', $ad->id_ad)->find();
if ($fav->loaded()) {
return TRUE;
}
}
return FALSE;
}
/**
* Returns the information for a user in addition to the role.
* @param Model_User $user
* @return stdClass stdClass of all properties for this user.
* @throws Exception If User object is not valid.
*/
protected function _return_user_element($user)
{
$return_object = new stdClass();
if (!$user->loaded() or get_class($user) != "Model_User") {
throw new Exception("Invalid User.");
}
$return_object->id = $user->id;
$return_object->name = $user->name;
$return_object->email = $user->email;
$return_object->role = $this->_return_role_element($user->role);
$return_object->current_auth_expiration = $user->auth_expiration;
return $return_object;
}
/**
* get the affiliate from the query or from the cookie
* @return Model_Affiliate
*/
public static function get_affiliate()
{
$id_affiliate = core::request('aff', Cookie::get(self::$_cookie_name));
$affiliate = new Model_User();
if (Core::config('affiliate.active') == 1 and is_numeric($id_affiliate) and Theme::get('premium') == 1) {
$affiliate = new Model_User($id_affiliate);
//the user exists so we set again the cookie, just in case it's a different user or to renew it
if ($affiliate->loaded()) {
Cookie::set(self::$_cookie_name, $id_affiliate, time() + 24 * 60 * 60 * Core::config('affiliate.cookie'));
}
}
return $affiliate;
}
/**
*
* Loads a basic list info
* @param string $view template to render
*/
public function action_index($view = NULL)
{
$this->template->title = __('Orders');
$this->template->styles = array('//cdn.jsdelivr.net/bootstrap.datepicker/0.1/css/datepicker.css' => 'screen');
$this->template->scripts['footer'] = array('//cdn.jsdelivr.net/bootstrap.datepicker/0.1/js/bootstrap-datepicker.js', 'js/oc-panel/crud/index.js', 'js/oc-panel/stats/dashboard.js');
$orders = new Model_Order();
$orders = $orders->where('status', '=', Model_Order::STATUS_PAID);
//filter email
if (core::request('email') !== NULL) {
$user = new Model_User();
$user->where('email', '=', core::request('email'))->limit(1)->find();
if ($user->loaded()) {
$orders = $orders->where('id_user', '=', $user->id_user);
}
}
//filter date
if (!empty(Core::request('from_date')) and !empty(Core::request('to_date'))) {
//Getting the dates range
$from_date = Core::request('from_date', strtotime('-1 month'));
$to_date = Core::request('to_date', time());
$orders = $orders->where('pay_date', 'between', array($from_date, $to_date));
}
//filter coupon
if (is_numeric(core::request('id_coupon'))) {
$orders = $orders->where('id_coupon', '=', core::request('id_coupon'));
}
//filter product
if (is_numeric(core::request('id_product'))) {
$orders = $orders->where('id_product', '=', core::request('id_product'));
}
//filter status
if (is_numeric(core::request('status'))) {
$orders = $orders->where('status', '=', core::request('status'));
}
//order by paid if we are filtering paid....
if (core::request('status') == Model_Order::STATUS_PAID) {
$orders->order_by('pay_date', 'desc');
} else {
$orders->order_by('id_order', 'desc');
}
$items_per_page = core::request('items_per_page', 10);
$pagination = Pagination::factory(array('view' => 'oc-panel/crud/pagination', 'total_items' => $orders->count_all(), 'items_per_page' => $items_per_page))->route_params(array('controller' => $this->request->controller(), 'action' => $this->request->action()));
$pagination->title($this->template->title);
$orders = $orders->limit($items_per_page)->offset($pagination->offset)->find_all();
$pagination = $pagination->render();
$products = new Model_Product();
$products = $products->find_all();
$this->render('oc-panel/pages/order/index', array('orders' => $orders, 'pagination' => $pagination, 'products' => $products));
}
/**
* Generate new reflink code
*
* @param Model_User $user
* @param integer $type reflink type
* @param string $data string stored to reflink in database
* @return string
*/
public function generate(Model_User $user, $type, $data = NULL)
{
if (!$user->loaded()) {
throw new Reflink_Exception(' User not loaded ');
}
$type = URL::title($type, '_');
$reflink = $this->reset(FALSE)->where('user_id', '=', $user->id)->where('type', '=', $type)->where('created', '>', DB::expr('CURDATE() - INTERVAL 1 HOUR'))->find();
if (!$reflink->loaded()) {
$values = array('user_id' => (int) $user->id, 'code' => uniqid(TRUE) . sha1(microtime()), 'type' => $type, 'data' => $data);
$reflink = ORM::factory('user_reflink')->values($values, array_keys($values))->create();
} else {
$reflink->set('data', $data)->update();
}
return $reflink->code;
}
/**
* Logs a user in.
*
* @param string $username Username
* @param string $password Password
* @param boolean $remember Enable autologin (not supported)
* @return boolean
*/
protected function _login($username, $password, $remember)
{
if (is_string($password)) {
// Create a hashed password
$password = $this->hash($password);
}
$user = new Model_User();
$user->where('username', '=', $username)->find();
if ($user->loaded() and $user->password === $password) {
// Complete the login
return $this->complete_login($user);
}
// Login failed
return FALSE;
}
public function action_remove()
{
if ($id = $this->request->param('id')) {
$user = new Model_User($id);
if ($user->loaded()) {
$user->status = Model_User::STATUS_ACTIVE;
try {
$user->save();
Alert::set(Alert::SUCCESS, sprintf(__('User %s has been removed from black list.'), $user->name));
$this->redirect(Route::url('oc-panel', array('controller' => 'pool', 'action' => 'index')));
} catch (Exception $e) {
}
}
$this->redirect(Route::url('oc-panel', array('controller' => 'pool', 'action' => 'index')));
}
}
/**
* Handle GET requests.
*/
public function action_get()
{
try {
if (is_numeric($id_user = $this->request->param('id'))) {
$user = new Model_User($id_user);
if ($user->loaded() and $user->status == Model_User::STATUS_ACTIVE) {
$this->rest_output(array('user' => self::get_user_array($user)));
} else {
$this->_error(__('User not found'), 404);
}
} else {
$this->_error(__('User not found'), 404);
}
} catch (Kohana_HTTP_Exception $khe) {
$this->_error($khe);
}
}
public function action_create()
{
try {
if (!is_numeric(core::request('id_ad')) or !is_numeric(core::request('id_product')) or !is_numeric(core::request('id_user'))) {
$this->_error(__('Missing parameters'), 501);
} else {
$user = new Model_User(core::request('id_user'));
$ad = new Model_Ad(core::request('id_ad'));
if ($user->loaded() and $ad->loaded()) {
$id_product = core::request('id_product');
$amount = core::request('amount');
//in case not set by request
if (!is_numeric($amount)) {
//get original price for the product
switch ($id_product) {
case Model_Order::PRODUCT_CATEGORY:
$amount = $ad->category->price;
break;
case Model_Order::PRODUCT_TO_TOP:
$amount = core::config('payment.pay_to_go_on_top');
break;
case Model_Order::PRODUCT_TO_FEATURED:
$amount = Model_Order::get_featured_price(core::request('featured_days'));
break;
case Model_Order::PRODUCT_AD_SELL:
$amount = $ad->price;
break;
default:
$plan = new Model_Plan($id_product);
$amount = $plan->loaded() ? $plan->price : 0;
break;
}
}
$order = Model_Order::new_order($ad, $user, $id_product, $amount, core::request('currency'), Model_Order::product_desc(core::request('id_product')), core::request('featured_days'));
$order->confirm_payment(core::request('paymethod', 'API'), core::request('txn_id'));
$order->save();
$this->rest_output(array('order' => self::get_order_array($order)));
} else {
$this->_error(__('User or Ad not loaded'), 501);
}
}
} catch (Kohana_HTTP_Exception $khe) {
$this->_error($khe);
}
}
/**
*
* view affiliates and payments
*/
public function action_pay()
{
//create an order and mark it as paid to the user_id
if (is_numeric($this->request->param('id'))) {
//get the user
$user = new Model_User($this->request->param('id'));
if ($user->loaded()) {
//commissions due to pay
$query = DB::select(DB::expr('SUM(amount) total'))->from('affiliates')->where('id_user', '=', $user->id_user)->where('date_to_pay', '<', Date::unix2mysql())->where('status', '=', Model_Affiliate::STATUS_CREATED)->group_by('id_user')->execute();
$due_to_pay = $query->as_array();
$due_to_pay = isset($due_to_pay[0]['total']) ? $due_to_pay[0]['total'] : 0;
if ($due_to_pay > 0) {
//create the order
$order = new Model_Order();
$order->id_user = $user->id_user;
$order->amount = $due_to_pay * -1;
//we add the order as a negative, since we pay, we don't get paid.
$order->currency = 'USD';
$order->paymethod = 'paypal';
$order->pay_date = Date::unix2mysql();
$order->notes = 'Affiliate Commissions';
$order->status = Model_Order::STATUS_PAID;
try {
$order->save();
//update the commissions
DB::update('affiliates')->set(array('date_paid' => Date::unix2mysql(), 'status' => Model_Affiliate::STATUS_PAID, 'id_order_payment' => $order->id_order))->where('id_user', '=', $user->id_user)->where('date_to_pay', '<', Date::unix2mysql())->where('status', '=', Model_Affiliate::STATUS_CREATED)->execute();
Alert::set(Alert::SUCCESS, __('Commission Paid'));
} catch (Exception $e) {
}
}
}
}
$this->template->title = __('Affiliates Payments');
$query = DB::select(DB::expr('SUM(amount) total'))->select('id_user')->from('affiliates')->where('date_to_pay', '<', Date::unix2mysql())->where('status', '=', Model_Affiliate::STATUS_CREATED)->group_by('id_user')->having('total', '>=', core::config('affiliate.payment_min'))->execute();
$users_to_pay = $query->as_array('id_user');
$total_to_pay = 0;
foreach ($users_to_pay as $key => $value) {
$total_to_pay += $value['total'];
}
$users = new Model_User();
if (count($users_to_pay)) {
$users = $users->where('id_user', 'in', array_keys($users_to_pay))->where('status', '=', Model_User::STATUS_ACTIVE)->find_all();
}
$this->render('oc-panel/pages/affiliate/pay', array('users' => $users, 'total_to_pay' => $total_to_pay, 'users_to_pay' => $users_to_pay));
}
/**
*
* Loads a basic list info
* @param string $view template to render
*/
public function action_index($view = NULL)
{
$this->template->title = __('Reviews');
$this->template->scripts['footer'][] = 'js/oc-panel/crud/index.js';
$reviews = new Model_Review();
//$reviews = $reviews->where('status', '=', Model_Review::STATUS_ACTIVE);
if (core::get('email') !== NULL) {
$user = new Model_User();
$user->where('email', '=', core::get('email'))->limit(1)->find();
if ($user->loaded()) {
$reviews = $reviews->where('id_user', '=', $user->id_user);
}
}
$pagination = Pagination::factory(array('view' => 'oc-panel/crud/pagination', 'total_items' => $reviews->count_all()))->route_params(array('controller' => $this->request->controller(), 'action' => $this->request->action()));
$pagination->title($this->template->title);
$reviews = $reviews->order_by('created', 'desc')->limit($pagination->items_per_page)->offset($pagination->offset)->find_all();
$pagination = $pagination->render();
$this->render('oc-panel/pages/review/index', array('reviews' => $reviews, 'pagination' => $pagination));
}
/**
* [new_order description]
* @param Model_User $user [description]
* @param Model_Product $product [description]
* @param boolean check_match_product, if set to false will update the order with the product if different
* @return [type] [description]
*/
public static function new_order(Model_User $user, Model_Product $product, $match_product = TRUE)
{
$order = new Model_Order();
if ($user->loaded() and $product->loaded()) {
//get if theres an unpaid order for this user we wwill use it..
$order->where('id_user', '=', $user->id_user)->where('status', '=', Model_Order::STATUS_CREATED);
//also check that matches the product for the order
if ($match_product === TRUE) {
$order->where('id_product', '=', $product->id_product)->where('amount', '=', $product->final_price())->where('currency', '=', $product->currency);
}
$order->limit(1)->find();
//order didnt exist so lets create it.
if ($order->loaded() === FALSE) {
//create order
$order = new Model_Order();
$order->id_user = $user->id_user;
}
// no matter what happens if product is different save! this will also save the order if its new ;)
if ($order->id_product != $product->id_product) {
$order->ip_address = ip2long(Request::$client_ip);
$order->id_product = $product->id_product;
$order->currency = $product->currency;
//add coupon ID and discount
if (Model_Coupon::current()->loaded()) {
$order->id_coupon = Model_Coupon::current()->id_coupon;
}
$order->amount = $product->final_price();
$order->VAT = euvat::vat_percentage();
$order->VAT_number = $user->VAT_number;
$order->country = $user->country;
$order->city = $user->city;
$order->postal_code = $user->postal_code;
$order->address = $user->address;
try {
$order->save();
} catch (Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
}
}
return $order;
}
/**
*
* Loads a basic list info
* @param string $view template to render
*/
public function action_index($view = NULL)
{
$this->template->title = __($this->_orm_model);
$this->template->scripts['footer'][] = 'js/oc-panel/crud/index.js';
$elements = ORM::Factory($this->_orm_model);
//->find_all();
//email search
if (Valid::email(core::get('email'))) {
$users = new Model_User();
$users->where('email', '=', core::get('email'))->limit(1)->find();
if ($users->loaded()) {
$elements->where('id_user', '=', $users->id_user);
}
}
$pagination = Pagination::factory(array('view' => 'oc-panel/crud/pagination', 'total_items' => $elements->count_all()))->route_params(array('controller' => $this->request->controller(), 'action' => $this->request->action()));
$pagination->title($this->template->title);
$elements = $elements->order_by('created', 'desc')->limit($pagination->items_per_page)->offset($pagination->offset)->find_all();
$pagination = $pagination->render();
$this->render('oc-panel/pages/download/index', array('elements' => $elements, 'pagination' => $pagination));
}
public function action_userprofile_contact()
{
$user = new Model_User($this->request->param('id'));
//message to user
if ($user->loaded() and $this->request->post()) {
if (captcha::check('contact')) {
//akismet spam filter
if (!core::akismet(core::post('name'), core::post('email'), core::post('message'))) {
$ret = $user->email('userprofile.contact', array('[EMAIL.BODY]' => core::post('message'), '[EMAIL.SENDER]' => core::post('name'), '[EMAIL.SUBJECT]' => core::post('subject'), '[EMAIL.FROM]' => core::post('email')), core::post('email'), core::post('name'));
//if succesfully sent
if ($ret) {
Alert::set(Alert::SUCCESS, __('Your message has been sent'));
} else {
Alert::set(Alert::ERROR, __('Message not sent'));
}
} else {
Alert::set(Alert::SUCCESS, __('This email has been considered as spam! We are sorry but we can not send this email.'));
}
} else {
Alert::set(Alert::ERROR, __('You made some mistake'));
}
Request::current()->redirect(Route::url('profile', array('seoname' => $user->seoname)));
}
}
/**
* Mark advertisement as active : STATUS = 1
*/
public function action_activate()
{
$user = Auth::instance()->get_user();
$id = $this->request->param('id');
if (isset($id)) {
$active_ad = new Model_Ad($id);
if ($active_ad->loaded()) {
$activate = FALSE;
//admin whatever he wants
if ($user->id_role == Model_Role::ROLE_ADMIN) {
$activate = TRUE;
} elseif ($user->id_user == $active_ad->id_user and !in_array(core::config('general.moderation'), Model_Ad::$moderation_status)) {
$activate = TRUE;
} else {
Alert::set(Alert::ALERT, __("This is not your advertisement."));
}
//its not published
if ($active_ad->status == Model_Ad::STATUS_PUBLISHED) {
$activate = FALSE;
Alert::set(Alert::ALERT, __("Advertisement is already marked as 'active'"));
}
//pending payment
if ($activate === TRUE and ($order = $active_ad->get_order()) !== FALSE and $order->status == Model_Order::STATUS_CREATED) {
$activate = FALSE;
Alert::set(Alert::ALERT, __("Advertisement can not be marked as “active”. There is a pending payment."));
}
//activate the ad
if ($activate === TRUE) {
$active_ad->published = Date::unix2mysql(time());
$active_ad->status = Model_Ad::STATUS_PUBLISHED;
try {
$active_ad->save();
} catch (Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
} else {
HTTP::redirect(Route::url('oc-panel', array('controller' => 'myads', 'action' => 'index')));
}
} else {
//throw 404
throw HTTP_Exception::factory(404, __('Page not found'));
}
}
// send confirmation email
$cat = new Model_Category($active_ad->id_category);
$usr = new Model_User($active_ad->id_user);
if ($usr->loaded()) {
//we get the QL, and force the regen of token for security
$url_ql = $usr->ql('ad', array('category' => $cat->seoname, 'seotitle' => $active_ad->seotitle), TRUE);
$ret = $usr->email('ads-activated', array('[USER.OWNER]' => $usr->name, '[URL.QL]' => $url_ql, '[AD.NAME]' => $active_ad->title));
}
Alert::set(Alert::SUCCESS, __('Advertisement is active and published'));
HTTP::redirect(Route::url('oc-panel', array('controller' => 'myads', 'action' => 'index')));
}
/**
* mark user as spamer, he can no longer login
* @return [type] [description]
*/
public function action_spam()
{
$this->auto_render = FALSE;
$this->template = View::factory('js');
$user = new Model_User($this->request->param('id'));
if ($user->loaded()) {
try {
$user->user_spam();
} catch (Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
HTTP::redirect(Route::url('oc-panel', array('controller' => $this->request->controller())));
}
}
/**
* does the DB migration
* @param pointer $db
* @param string $pf db_prefix
*/
private function migrate($db, $pf)
{
set_time_limit(0);
$db_config = core::config('database.default');
$prefix = $db_config['table_prefix'];
//connect DB original/to where we migrate
$dbo = Database::instance('default');
//oc_accounts --> oc_users
$users_map = array();
$accounts = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'accounts`');
foreach ($accounts as $account) {
$user = new Model_User();
$user->where('email', '=', $account['email'])->limit(1)->find();
if (!$user->loaded()) {
$user->name = $account['name'];
$user->email = $account['email'];
$user->password = $account['password'];
$user->created = $account['createdDate'];
$user->last_modified = $account['lastModifiedDate'];
$user->last_login = $account['lastSigninDate'];
$user->status = $account['active'];
$user->id_role = 1;
$user->seoname = $user->gen_seo_title($user->name);
$user->save();
}
$users_map[$account['email']] = $user->id_user;
}
//categories --> categories
$categories_map = array(0 => 1);
$categories = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'categories` ORDER BY `idCategoryParent` ASC');
foreach ($categories as $category) {
$cat = new Model_Category();
$cat->name = $category['name'];
$cat->order = $category['order'];
$cat->created = $category['created'];
$cat->seoname = $category['friendlyName'];
$cat->price = $category['price'];
$cat->description = substr($category['description'], 0, 250);
$cat->parent_deep = $category['idCategoryParent'] > 0 ? 1 : 0;
//there's only 1 deep
$cat->id_category_parent = isset($categories_map[$category['idCategoryParent']]) ? $categories_map[$category['idCategoryParent']] : 1;
$cat->save();
//we save old_id stores the new ID, so later we know the category parent, and to changes the ADS category id
$categories_map[$category['idCategory']] = $cat->id_category;
}
//locations --> locations
$locations_map = array(0 => 1);
$locations = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'locations` ORDER BY `idLocationParent` ASC');
foreach ($locations as $location) {
$loc = new Model_Location();
$loc->name = $location['name'];
$loc->seoname = $location['friendlyName'];
$loc->parent_deep = $location['idLocationParent'] > 0 ? 1 : 0;
//there's only 1 deep
$loc->id_location_parent = isset($locations_map[$location['idLocationParent']]) ? $locations_map[$location['idLocationParent']] : 1;
$loc->save();
//we save old_id stores the new ID, so later we know the location parent, and to changes the ADS location id
$locations_map[$location['idLocation']] = $loc->id_location;
}
//posts --> ads
$ads_map = array();
$ads = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'posts`');
foreach ($ads as $a) {
if (Valid::email($a['email'])) {
//gettin the id_user
if (isset($users_map[$a['email']])) {
$id_user = $users_map[$a['email']];
} else {
$user = Model_User::create_email($a['email'], $a['name']);
$id_user = $user->id_user;
}
$ad = new Model_Ad();
$ad->id_ad = $a['idPost'];
//so images still work
$ad->id_user = $id_user;
$ad->id_category = isset($categories_map[$a['idCategory']]) ? $categories_map[$a['idCategory']] : 1;
$ad->id_location = isset($locations_map[$a['idLocation']]) ? $locations_map[$a['idLocation']] : 1;
$ad->title = $a['title'];
$ad->seotitle = $ad->gen_seo_title($a['title']);
$ad->description = !empty($a['description']) ? Text::html2bb($a['description']) : $a['title'];
$ad->address = $a['place'];
$ad->price = $a['price'];
$ad->phone = $a['phone'];
$ad->has_images = $a['hasImages'];
$ad->ip_address = ip2long($a['ip']);
$ad->created = $a['insertDate'];
$ad->published = $ad->created;
//Status migration...big mess!
if ($a['isAvailable'] == 0 and $a['isConfirmed'] == 0) {
$ad->status = Model_Ad::STATUS_NOPUBLISHED;
} elseif ($a['isAvailable'] == 1 and $a['isConfirmed'] == 0) {
$ad->status = Model_Ad::STATUS_NOPUBLISHED;
} elseif ($a['isAvailable'] == 1 and $a['isConfirmed'] == 1) {
$ad->status = Model_Ad::STATUS_PUBLISHED;
} elseif ($a['isAvailable'] == 0 and $a['isConfirmed'] == 1) {
$ad->status = Model_Ad::STATUS_UNAVAILABLE;
} elseif ($a['isAvailable'] == 2) {
$ad->status = Model_Ad::STATUS_SPAM;
} else {
$ad->status = Model_Ad::STATUS_UNAVAILABLE;
}
try {
$ad->save();
} catch (ORM_Validation_Exception $e) {
// d($e->errors(''));
}
$ads_map[$a['idPost']] = $ad->id_ad;
}
}
//posthits --> visits, mass migration
$insert = 'INSERT INTO `' . $prefix . 'visits` ( `id_ad`, `created`, `ip_address`) VALUES';
$step = 5000;
$total = $db->query(Database::SELECT, 'SELECT count(*) cont FROM `' . $pf . 'postshits`')->as_array();
$total = $total[0]['cont'];
for ($i = 0; $i < $total; $i += $step) {
$hits = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'postshits` LIMIT ' . $i . ', ' . $step);
$values = '';
foreach ($hits as $hit) {
//build insert query
$values .= '(' . $hit['idPost'] . ', \'' . $hit['hitTime'] . '\', \'' . ip2long($hit['ip']) . '\'),';
}
$dbo->query(Database::INSERT, $insert . substr($values, 0, -1));
}
//old way of migrating
// $hits = $db->query(Database::SELECT, 'SELECT * FROM `'.$pf.'postshits` ');
// foreach ($hits as $hit)
// {
// //build insert query
// $visit = new Model_Visit();
// $visit->id_ad = (isset($ads_map[$hit['idPost']]))?$ads_map[$hit['idPost']]:NULL;
// $visit->created = $hit['hitTime'];
// $visit->ip_address = ip2long($hit['ip']);
// $visit->save();
// }
}
public function action_index()
{
Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Tickets')));
$this->template->title = __('Support');
$user = Auth::instance()->get_user();
$tickets = new Model_Ticket();
//search box
if (core::get('search') !== NULL) {
$this->template->title .= ' ' . core::get('search');
//email seted
if ($user->has_access('supportadmin') and Valid::email(core::get('search'))) {
$users = new Model_User();
$users->where('email', '=', core::get('search'))->limit(1)->find();
if ($users->loaded()) {
$tickets->where('id_user', '=', $users->id_user);
}
$tickets->where('id_ticket_parent', 'IS', NULL);
} elseif (is_numeric(core::get('search'))) {
$tickets->where('id_ticket', '=', core::get('search'));
} elseif (strlen(core::get('search')) > 3) {
$tickets->where_open()->where('title', 'like', '%' . core::get('search') . '%')->or_where('description', 'like', '%' . core::get('search') . '%')->where_close();
}
} elseif (is_numeric(core::request('filter__id_user')) and $user->has_access('supportadmin')) {
$tickets->where('id_user', '=', core::request('filter__id_user'));
} else {
$tickets->where('id_ticket_parent', 'IS', NULL);
}
//by type filter
switch ($this->request->param('id')) {
case 'assigned':
if ($user->has_access('supportadmin')) {
$this->template->title .= ' ' . __('Assigned Tickets');
$tickets->where('id_user_support', '=', $user->id_user);
} else {
$tickets->where('id_user', '=', $user->id_user);
}
break;
case 'admin':
if ($user->has_access('supportadmin')) {
$this->template->title .= ' ' . __('All Tickets');
} else {
$tickets->where('id_user', '=', $user->id_user);
}
break;
default:
case 'client':
$this->template->title .= ' ' . $user->name;
$tickets->where('id_user', '=', $user->id_user);
break;
}
//filter by status
if (is_numeric(core::get('status'))) {
$filter_status = core::get('status');
if (isset(Model_Ticket::$statuses[$filter_status])) {
$this->template->title .= ' ' . Model_Ticket::$statuses[$filter_status];
$tickets->where('status', '=', $filter_status);
}
}
$pagination = Pagination::factory(array('view' => 'oc-panel/crud/pagination', 'total_items' => $tickets->count_all()))->route_params(array('controller' => $this->request->controller(), 'action' => $this->request->action(), 'id' => $this->request->param('id')));
$pagination->title($this->template->title);
$tickets = $tickets->order_by('status', 'asc')->order_by('read_date', 'desc')->limit($pagination->items_per_page)->offset($pagination->offset)->find_all();
$pagination = $pagination->render();
$this->template->bind('content', $content);
$this->template->content = View::factory('oc-panel/pages/support/index', array('title' => $this->template->title, 'tickets' => $tickets, 'pagination' => $pagination));
}
/**
* return TRUE if user is spammer
*
* @param string $email
* @return bool
*/
public static function is_spam($email = NULL)
{
//if he is login we can check if its an spammer
if (Auth::instance()->logged_in() === TRUE) {
if (Auth::instance()->get_user()->status == Model_User::STATUS_SPAM) {
return TRUE;
}
} elseif (Valid::email($email)) {
$spammer = new Model_User();
$spammer->where('email', '=', $email)->where('status', '=', Model_User::STATUS_SPAM)->find();
if ($spammer->loaded()) {
return TRUE;
}
}
return FALSE;
}
/**
* test auth delete multiple users
* @author Gabriel Giannattasio
* @test
*/
public function test_auth_delete_multiple_users()
{
// Setup valid users
$this->add_valid_users();
$validUsers = $this->providerValidUsers();
array_walk($validUsers, function (&$user) {
$username = $user[0]['username'];
$user = new Model_User();
$user->where("username", "=", $username)->find();
});
$this->assertNull(Auth::instance()->unregister($validUsers), "Delete the users in array");
foreach ($validUsers as $user) {
$this->assertFalse($user->loaded(), "Ok, so you think the user was deleted? think again!");
}
}
/**
* Mark advertisement as spam : STATUS = 30
*/
public function action_spam()
{
$id = $this->request->param('id');
$param_current_url = Core::get('current_url');
$format_id = explode('_', $id);
foreach ($format_id as $id) {
if (isset($id) and $id !== '') {
$spam_ad = new Model_Ad($id);
if ($spam_ad->loaded()) {
if ($spam_ad->status != Model_Ad::STATUS_SPAM) {
//mark user as spamer
$user = new Model_User($spam_ad->user->id_user);
if ($user->loaded()) {
$user->user_spam();
}
$spam_ad->status = Model_Ad::STATUS_SPAM;
try {
$spam_ad->save();
} catch (Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
}
}
}
}
Alert::set(Alert::SUCCESS, __('Advertisement is marked as spam'));
if ($param_current_url == Model_Ad::STATUS_NOPUBLISHED and in_array(core::config('general.moderation'), Model_Ad::$moderation_status)) {
HTTP::redirect(Route::url('oc-panel', array('controller' => 'ad', 'action' => 'moderate')));
} elseif ($param_current_url == Model_Ad::STATUS_PUBLISHED) {
HTTP::redirect(Route::url('oc-panel', array('controller' => 'ad', 'action' => 'index')));
} else {
HTTP::redirect(Route::url('oc-panel', array('controller' => 'ad', 'action' => 'index')) . '?status=' . $param_current_url);
}
}
/**
*
* Check if we need to login the user or display the form, same form for normal user and admin
*/
public function action_login()
{
//if user loged in redirect home
if (Auth::instance()->logged_in()) {
Auth::instance()->login_redirect();
} elseif ($this->request->post() and CSRF::valid('login')) {
$blocked_login = FALSE;
// Load the user
$user = new Model_User();
$user->where('email', '=', core::post('email'))->where('status', 'in', array(Model_User::STATUS_ACTIVE, Model_User::STATUS_SPAM))->limit(1)->find();
// Check if we must block this login attempt.
if ($user->loaded() and $user->failed_attempts > 2) {
// failed 2 or 3 attempts, wait 1 minute until next attempt
if ($user->failed_attempts < 5 and $user->last_failed > Date::unix2mysql(strtotime('-1 minute'))) {
$blocked_login = TRUE;
Alert::set(Alert::ERROR, __('Login has been temporarily disabled due to too many unsuccessful login attempts. Please try again in a minute.'));
} elseif ($user->failed_attempts > 4 and $user->last_failed > Date::unix2mysql(strtotime('-24 hours'))) {
$blocked_login = TRUE;
Alert::set(Alert::ERROR, __('Login has been temporarily disabled due to too many unsuccessful login attempts. Please try again in 24 hours.'));
}
}
//not blocked so try to login
if (!$blocked_login) {
Auth::instance()->login(core::post('email'), core::post('password'), (bool) core::post('remember'));
//redirect index
if (Auth::instance()->logged_in()) {
if ($user->loaded()) {
$user->failed_attempts = 0;
try {
// Save the user
$user->update();
} catch (ORM_Validation_Exception $e) {
Form::set_errors($e->errors(''));
} catch (Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
}
//is an admin so redirect to the admin home
Auth::instance()->login_redirect();
} else {
Form::set_errors(array(__('Wrong email or password') . '. ' . '<a class="alert-link" href="' . Route::url('oc-panel', array('directory' => 'user', 'controller' => 'auth', 'action' => 'forgot')) . '">' . __('Have you forgotten your password?') . '</a>'));
if ($user->loaded()) {
// this is fifth failed attempt, invalidate token?
if ($user->failed_attempts == 4) {
$user->token = NULL;
$user->user_agent = NULL;
$user->token_created = NULL;
$user->token_expires = NULL;
}
$user->failed_attempts = new Database_Expression('failed_attempts + 1');
$user->last_failed = Date::unix2mysql(time());
try {
// Save the user
$user->update();
} catch (ORM_Validation_Exception $e) {
Form::set_errors($e->errors(''));
} catch (Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
}
}
}
}
//Login page
$this->template->title = __('Login');
$this->template->meta_description = __('Login to') . ' ' . Core::config('general.site_name');
$this->template->content = View::factory('pages/auth/login');
}
public function action_userprofile_contact()
{
$user_to = new Model_User($this->request->param('id'));
//message to user
if ($user_to->loaded() and $this->request->post()) {
if (captcha::check('contact')) {
//check if user is loged in
if (Auth::instance()->logged_in()) {
$email_from = Auth::instance()->get_user()->email;
$name_from = Auth::instance()->get_user()->name;
} else {
$email_from = core::post('email');
$name_from = core::post('name');
}
//require login to contact
if (core::config('general.messaging') == TRUE and !Auth::instance()->logged_in()) {
Alert::set(Alert::INFO, __('Please, login before contacting'));
HTTP::redirect(Route::url('oc-panel'));
}
//akismet spam filter
if (!core::akismet($name_from, $email_from, core::post('message'))) {
if (core::config('general.messaging')) {
$ret = Model_Message::send_user(core::post('message'), $this->user, $user_to);
} else {
$ret = $user_to->email('user-profile-contact', array('[EMAIL.BODY]' => core::post('message'), '[EMAIL.SENDER]' => $name_from, '[EMAIL.SUBJECT]' => core::post('subject'), '[EMAIL.FROM]' => $email_from), $email_from, $name_from);
}
//if succesfully sent
if ($ret) {
Alert::set(Alert::SUCCESS, __('Your message has been sent'));
} else {
Alert::set(Alert::ERROR, __('Message not sent'));
}
} else {
Alert::set(Alert::SUCCESS, __('This email has been considered as spam! We are sorry but we can not send this email.'));
}
} else {
Alert::set(Alert::ERROR, __('Captcha is not correct'));
}
HTTP::redirect(Route::url('profile', array('seoname' => $user_to->seoname)));
}
}
/**
* This function will upgrade DB that didn't existed in versions prior to 2.3.0
*/
public function action_230()
{
//Cron update
try {
DB::query(Database::UPDATE, "UPDATE `" . self::$db_prefix . "crontab` SET period='00 3 * * *' WHERE callback='Sitemap::generate' LIMIT 1")->execute();
DB::query(Database::UPDATE, "UPDATE `" . self::$db_prefix . "crontab` SET period='00 5 * * *' WHERE callback='Core::delete_cache' LIMIT 1")->execute();
DB::query(Database::UPDATE, "UPDATE `" . self::$db_prefix . "crontab` SET period='00 4 1 * *' WHERE callback='Core::optimize_db' LIMIT 1")->execute();
DB::query(Database::UPDATE, "UPDATE `" . self::$db_prefix . "crontab` SET period='00 7 * * *' WHERE callback='Cron_Ad::unpaid' LIMIT 1")->execute();
DB::query(Database::UPDATE, "UPDATE `" . self::$db_prefix . "crontab` SET period='00 8 * * *' WHERE callback='Cron_Ad::expired_featured' LIMIT 1")->execute();
DB::query(Database::UPDATE, "UPDATE `" . self::$db_prefix . "crontab` SET period='00 9 * * *' WHERE callback='Cron_Ad::expired' LIMIT 1")->execute();
} catch (exception $e) {
}
//control login attempts
try {
DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "users` ADD `last_failed` DATETIME NULL DEFAULT NULL ;")->execute();
} catch (exception $e) {
}
try {
DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "users` ADD `failed_attempts` int(10) unsigned DEFAULT 0")->execute();
} catch (exception $e) {
}
//categories/locations/users/ads has_image/last_modified
try {
DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "categories` ADD `last_modified` DATETIME NULL DEFAULT NULL ;")->execute();
} catch (exception $e) {
}
try {
DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "categories` ADD `has_image` TINYINT( 1 ) NOT NULL DEFAULT '0' ;")->execute();
} catch (exception $e) {
}
try {
DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "locations` ADD `last_modified` DATETIME NULL DEFAULT NULL ;")->execute();
} catch (exception $e) {
}
try {
DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "locations` ADD `has_image` TINYINT( 1 ) NOT NULL DEFAULT '0' ;")->execute();
} catch (exception $e) {
}
try {
DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "users` ADD `has_image` TINYINT( 1 ) NOT NULL DEFAULT '0' ;")->execute();
} catch (exception $e) {
}
try {
DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "ads` ADD `last_modified` DATETIME NULL DEFAULT NULL ;")->execute();
} catch (exception $e) {
}
//new configs
$configs = array(array('config_key' => 'aws_s3_active', 'group_name' => 'image', 'config_value' => 0), array('config_key' => 'aws_access_key', 'group_name' => 'image', 'config_value' => ''), array('config_key' => 'aws_secret_key', 'group_name' => 'image', 'config_value' => ''), array('config_key' => 'aws_s3_bucket', 'group_name' => 'image', 'config_value' => ''), array('config_key' => 'aws_s3_domain', 'group_name' => 'image', 'config_value' => 0), array('config_key' => 'disallow_nudes', 'group_name' => 'image', 'config_value' => 0), array('config_key' => 'html_head', 'group_name' => 'general', 'config_value' => ''), array('config_key' => 'html_footer', 'group_name' => 'general', 'config_value' => ''), array('config_key' => 'login_to_contact', 'group_name' => 'advertisement', 'config_value' => 0), array('config_key' => 'custom_css', 'group_name' => 'appearance', 'config_value' => 0), array('config_key' => 'custom_css_version', 'group_name' => 'appearance', 'config_value' => 0), array('config_key' => 'only_admin_post', 'group_name' => 'advertisement', 'config_value' => 0), array('config_key' => 'map_active', 'group_name' => 'appearance', 'config_value' => 1), array('config_key' => 'map_jscode', 'group_name' => 'appearance', 'config_value' => ''), array('config_key' => 'map_settings', 'group_name' => 'appearance', 'config_value' => ''), array('config_key' => 'recaptcha_active', 'group_name' => 'general', 'config_value' => ''), array('config_key' => 'recaptcha_secretkey', 'group_name' => 'general', 'config_value' => ''), array('config_key' => 'recaptcha_sitekey', 'group_name' => 'general', 'config_value' => ''));
Model_Config::config_array($configs);
//upgrade has_image field to use it as images count
$ads = new Model_Ad();
$ads = $ads->where('has_images', '>', 0)->find_all();
if (count($ads)) {
foreach ($ads as $ad) {
$ad->has_images = 0;
//begin with 0 images
$route = $ad->image_path();
$folder = DOCROOT . $route;
$image_keys = array();
if (is_dir($folder)) {
//retrive ad pictures
foreach (new DirectoryIterator($folder) as $file) {
if (!$file->isDot()) {
$key = explode('_', $file->getFilename());
$key = end($key);
$key = explode('.', $key);
$key = isset($key[0]) ? $key[0] : NULL;
if (is_numeric($key)) {
if (strpos($file->getFilename(), 'thumb_') === 0) {
$image_keys[] = $key;
}
}
}
}
//count images and reordering file names
if (count($image_keys)) {
asort($image_keys);
foreach ($image_keys as $image_key) {
$ad->has_images++;
@rename($folder . $ad->seotitle . '_' . $image_key . '.jpg', $folder . $ad->seotitle . '_' . $ad->has_images . '.jpg');
@rename($folder . 'thumb_' . $ad->seotitle . '_' . $image_key . '.jpg', $folder . 'thumb_' . $ad->seotitle . '_' . $ad->has_images . '.jpg');
}
}
}
//update has_images count
try {
$ad->save();
} catch (Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
}
}
//upgrade categories has_image
$images_path = DOCROOT . 'images/categories';
if (is_dir($images_path)) {
//retrive cat pictures
foreach (new DirectoryIterator($images_path) as $file) {
if ($file->isFile()) {
$cat_name = str_replace('.png', '', $file->getFilename());
$cat = new Model_Category();
$cat->where('seoname', '=', $cat_name)->find();
if ($cat->loaded()) {
$cat->has_image = 1;
$cat->save();
}
}
}
}
//upgrade locations has_image
$images_path = DOCROOT . 'images/locations';
if (is_dir($images_path)) {
//retrive loc pictures
foreach (new DirectoryIterator($images_path) as $file) {
if ($file->isFile()) {
$loc_name = str_replace('.png', '', $file->getFilename());
$loc = new Model_Location();
$loc->where('seoname', '=', $loc_name)->find();
if ($loc->loaded()) {
$loc->has_image = 1;
$loc->save();
}
}
}
}
//upgrade users has_image
$images_path = DOCROOT . 'images/users';
if (is_dir($images_path)) {
//retrive user pictures
foreach (new DirectoryIterator($images_path) as $file) {
if ($file->isFile() and is_numeric($id_user = str_replace('.png', '', $file->getFilename()))) {
$user = new Model_User($id_user);
if ($user->loaded()) {
$user->has_image = 1;
$user->save();
}
}
}
}
}
public function multiple_mails($receivers)
{
foreach ($receivers as $num => $receiver_id) {
if (is_numeric($receiver_id)) {
$ad = new Model_Ad($receiver_id);
$cat = new Model_Category($ad->id_category);
$usr = new Model_User($ad->id_user);
if ($usr->loaded()) {
$edit_url = core::config('general.base_url') . 'oc-panel/profile/update/' . $ad->id_ad;
$delete_url = core::config('general.base_url') . 'oc-panel/ad/delete/' . $ad->id_ad;
//we get the QL, and force the regen of token for security
$url_ql = $usr->ql('ad', array('category' => $cat->seoname, 'seotitle' => $ad->seotitle), TRUE);
$ret = $usr->email('ads.activated', array('[USER.OWNER]' => $usr->name, '[URL.QL]' => $url_ql, '[AD.NAME]' => $ad->title, '[URL.EDITAD]' => $edit_url, '[URL.DELETEAD]' => $delete_url));
}
}
}
}
