public function action_profile() { $this->auto_render = FALSE; $xml = 'FALSE'; $seoname = $this->request->param('seoname', NULL); if ($seoname !== NULL) { $user = new Model_User(); $user->where('seoname', '=', $seoname)->where('status', '=', Model_User::STATUS_ACTIVE)->limit(1)->cached()->find(); if ($user->loaded()) { $info = array('title' => 'RSS ' . $user->name, 'pubDate' => date("r"), 'description' => $user->name . ' - ' . $user->description, 'generator' => 'Open Classifieds'); $items = array(); //last ads, you can modify this value at: advertisement.feed_elements $ads = new Model_Ad(); $ads->where('status', '=', Model_Ad::STATUS_PUBLISHED)->where('id_user', '=', $user->id_user)->order_by('published', 'desc')->limit(Core::config('advertisement.feed_elements')); $ads = $ads->cached()->find_all(); foreach ($ads as $a) { $url = Route::url('ad', array('category' => $a->category->seoname, 'seotitle' => $a->seotitle)); $item = array('title' => htmlspecialchars($a->title, ENT_QUOTES), 'link' => $url, 'pubDate' => Date::mysql2unix($a->published), 'description' => htmlspecialchars(Text::removebbcode($a->description), ENT_QUOTES), 'guid' => $url); if ($a->get_first_image() !== NULL) { $item['description'] = '<img src="' . $a->get_first_image() . '" />' . $item['description']; } $items[] = $item; } $xml = Feed::create($info, $items); } } $this->response->headers('Content-type', 'text/xml'); $this->response->body($xml); }
/** * Handle GET requests. */ public function action_get() { try { if (is_numeric($id_user = $this->request->param('id'))) { $user = new Model_User($id_user); if ($user->loaded() and $user->status == Model_User::STATUS_ACTIVE) { $res = $user->as_array(); $res['image'] = $user->get_profile_image(); //remove the hidden fields foreach ($res as $key => $value) { if (in_array($key, $this->_hidden_fields)) { unset($res[$key]); } } $this->rest_output(array('user' => $res)); } else { $this->_error(__('User not found'), 404); } } else { $this->_error(__('User not found'), 404); } } catch (Kohana_HTTP_Exception $khe) { $this->_error($khe); return; } }
public function action_index() { Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Home'))->set_url(Route::url('default'))); Breadcrumbs::add(Breadcrumb::factory()->set_title(__('User Profile'))); $seoname = $this->request->param('seoname', NULL); if ($seoname !== NULL) { $user = new Model_User(); $user->where('seoname', '=', $seoname)->limit(1)->cached()->find(); if ($user->loaded()) { $this->template->title = __('User Profile') . ' - ' . $user->name; //$this->template->meta_description = $user->name;//@todo phpseo $this->template->bind('content', $content); $ads = new Model_Ad(); $ads = $ads->where('id_user', '=', $user->id_user)->where('status', '=', Model_Ad::STATUS_PUBLISHED)->order_by('created', 'desc')->cached()->find_all(); // case when user dont have any ads if ($ads->count() == 0) { $profile_ads = NULL; } $this->template->content = View::factory('pages/userprofile', array('user' => $user, 'profile_ads' => $ads)); } else { //throw 404 throw HTTP_Exception::factory(404, __('Page not found')); } } else { //throw 404 throw HTTP_Exception::factory(404, __('Page not found')); } }
public function action_delete() { $user = new Model_User($this->request->param('id')); if ($user->loaded()) { $user->delete(); } $this->redirect('admin/user/all'); }
public function action_profile_picture() { $id = $this->request->param('id'); $param = $this->request->param('param1'); $context_user = new Model_User($id); if ($id == null || !$context_user->loaded() || empty($context_user->profile_pic_id)) { $this->request->redirect("/assets/default/img/default-user.jpg"); } $this->show_picture($context_user->profile_pic_id, $param); }
/** * is favorite? * @param Model_User $user user * @param Model_Ad $ad ad * @return boolean */ public static function is_favorite(Model_User $user, Model_Ad $ad) { if ($user->loaded() and $ad->loaded()) { $fav = new Model_Favorite(); $fav->where('id_user', '=', $user->id_user)->where('id_ad', '=', $ad->id_ad)->find(); if ($fav->loaded()) { return TRUE; } } return FALSE; }
/** * Returns the information for a user in addition to the role. * @param Model_User $user * @return stdClass stdClass of all properties for this user. * @throws Exception If User object is not valid. */ protected function _return_user_element($user) { $return_object = new stdClass(); if (!$user->loaded() or get_class($user) != "Model_User") { throw new Exception("Invalid User."); } $return_object->id = $user->id; $return_object->name = $user->name; $return_object->email = $user->email; $return_object->role = $this->_return_role_element($user->role); $return_object->current_auth_expiration = $user->auth_expiration; return $return_object; }
/** * get the affiliate from the query or from the cookie * @return Model_Affiliate */ public static function get_affiliate() { $id_affiliate = core::request('aff', Cookie::get(self::$_cookie_name)); $affiliate = new Model_User(); if (Core::config('affiliate.active') == 1 and is_numeric($id_affiliate) and Theme::get('premium') == 1) { $affiliate = new Model_User($id_affiliate); //the user exists so we set again the cookie, just in case it's a different user or to renew it if ($affiliate->loaded()) { Cookie::set(self::$_cookie_name, $id_affiliate, time() + 24 * 60 * 60 * Core::config('affiliate.cookie')); } } return $affiliate; }
/** * * Loads a basic list info * @param string $view template to render */ public function action_index($view = NULL) { $this->template->title = __('Orders'); $this->template->styles = array('//cdn.jsdelivr.net/bootstrap.datepicker/0.1/css/datepicker.css' => 'screen'); $this->template->scripts['footer'] = array('//cdn.jsdelivr.net/bootstrap.datepicker/0.1/js/bootstrap-datepicker.js', 'js/oc-panel/crud/index.js', 'js/oc-panel/stats/dashboard.js'); $orders = new Model_Order(); $orders = $orders->where('status', '=', Model_Order::STATUS_PAID); //filter email if (core::request('email') !== NULL) { $user = new Model_User(); $user->where('email', '=', core::request('email'))->limit(1)->find(); if ($user->loaded()) { $orders = $orders->where('id_user', '=', $user->id_user); } } //filter date if (!empty(Core::request('from_date')) and !empty(Core::request('to_date'))) { //Getting the dates range $from_date = Core::request('from_date', strtotime('-1 month')); $to_date = Core::request('to_date', time()); $orders = $orders->where('pay_date', 'between', array($from_date, $to_date)); } //filter coupon if (is_numeric(core::request('id_coupon'))) { $orders = $orders->where('id_coupon', '=', core::request('id_coupon')); } //filter product if (is_numeric(core::request('id_product'))) { $orders = $orders->where('id_product', '=', core::request('id_product')); } //filter status if (is_numeric(core::request('status'))) { $orders = $orders->where('status', '=', core::request('status')); } //order by paid if we are filtering paid.... if (core::request('status') == Model_Order::STATUS_PAID) { $orders->order_by('pay_date', 'desc'); } else { $orders->order_by('id_order', 'desc'); } $items_per_page = core::request('items_per_page', 10); $pagination = Pagination::factory(array('view' => 'oc-panel/crud/pagination', 'total_items' => $orders->count_all(), 'items_per_page' => $items_per_page))->route_params(array('controller' => $this->request->controller(), 'action' => $this->request->action())); $pagination->title($this->template->title); $orders = $orders->limit($items_per_page)->offset($pagination->offset)->find_all(); $pagination = $pagination->render(); $products = new Model_Product(); $products = $products->find_all(); $this->render('oc-panel/pages/order/index', array('orders' => $orders, 'pagination' => $pagination, 'products' => $products)); }
/** * Generate new reflink code * * @param Model_User $user * @param integer $type reflink type * @param string $data string stored to reflink in database * @return string */ public function generate(Model_User $user, $type, $data = NULL) { if (!$user->loaded()) { throw new Reflink_Exception(' User not loaded '); } $type = URL::title($type, '_'); $reflink = $this->reset(FALSE)->where('user_id', '=', $user->id)->where('type', '=', $type)->where('created', '>', DB::expr('CURDATE() - INTERVAL 1 HOUR'))->find(); if (!$reflink->loaded()) { $values = array('user_id' => (int) $user->id, 'code' => uniqid(TRUE) . sha1(microtime()), 'type' => $type, 'data' => $data); $reflink = ORM::factory('user_reflink')->values($values, array_keys($values))->create(); } else { $reflink->set('data', $data)->update(); } return $reflink->code; }
/** * Logs a user in. * * @param string $username Username * @param string $password Password * @param boolean $remember Enable autologin (not supported) * @return boolean */ protected function _login($username, $password, $remember) { if (is_string($password)) { // Create a hashed password $password = $this->hash($password); } $user = new Model_User(); $user->where('username', '=', $username)->find(); if ($user->loaded() and $user->password === $password) { // Complete the login return $this->complete_login($user); } // Login failed return FALSE; }
public function action_remove() { if ($id = $this->request->param('id')) { $user = new Model_User($id); if ($user->loaded()) { $user->status = Model_User::STATUS_ACTIVE; try { $user->save(); Alert::set(Alert::SUCCESS, sprintf(__('User %s has been removed from black list.'), $user->name)); $this->redirect(Route::url('oc-panel', array('controller' => 'pool', 'action' => 'index'))); } catch (Exception $e) { } } $this->redirect(Route::url('oc-panel', array('controller' => 'pool', 'action' => 'index'))); } }
/** * Handle GET requests. */ public function action_get() { try { if (is_numeric($id_user = $this->request->param('id'))) { $user = new Model_User($id_user); if ($user->loaded() and $user->status == Model_User::STATUS_ACTIVE) { $this->rest_output(array('user' => self::get_user_array($user))); } else { $this->_error(__('User not found'), 404); } } else { $this->_error(__('User not found'), 404); } } catch (Kohana_HTTP_Exception $khe) { $this->_error($khe); } }
public function action_create() { try { if (!is_numeric(core::request('id_ad')) or !is_numeric(core::request('id_product')) or !is_numeric(core::request('id_user'))) { $this->_error(__('Missing parameters'), 501); } else { $user = new Model_User(core::request('id_user')); $ad = new Model_Ad(core::request('id_ad')); if ($user->loaded() and $ad->loaded()) { $id_product = core::request('id_product'); $amount = core::request('amount'); //in case not set by request if (!is_numeric($amount)) { //get original price for the product switch ($id_product) { case Model_Order::PRODUCT_CATEGORY: $amount = $ad->category->price; break; case Model_Order::PRODUCT_TO_TOP: $amount = core::config('payment.pay_to_go_on_top'); break; case Model_Order::PRODUCT_TO_FEATURED: $amount = Model_Order::get_featured_price(core::request('featured_days')); break; case Model_Order::PRODUCT_AD_SELL: $amount = $ad->price; break; default: $plan = new Model_Plan($id_product); $amount = $plan->loaded() ? $plan->price : 0; break; } } $order = Model_Order::new_order($ad, $user, $id_product, $amount, core::request('currency'), Model_Order::product_desc(core::request('id_product')), core::request('featured_days')); $order->confirm_payment(core::request('paymethod', 'API'), core::request('txn_id')); $order->save(); $this->rest_output(array('order' => self::get_order_array($order))); } else { $this->_error(__('User or Ad not loaded'), 501); } } } catch (Kohana_HTTP_Exception $khe) { $this->_error($khe); } }
/** * * view affiliates and payments */ public function action_pay() { //create an order and mark it as paid to the user_id if (is_numeric($this->request->param('id'))) { //get the user $user = new Model_User($this->request->param('id')); if ($user->loaded()) { //commissions due to pay $query = DB::select(DB::expr('SUM(amount) total'))->from('affiliates')->where('id_user', '=', $user->id_user)->where('date_to_pay', '<', Date::unix2mysql())->where('status', '=', Model_Affiliate::STATUS_CREATED)->group_by('id_user')->execute(); $due_to_pay = $query->as_array(); $due_to_pay = isset($due_to_pay[0]['total']) ? $due_to_pay[0]['total'] : 0; if ($due_to_pay > 0) { //create the order $order = new Model_Order(); $order->id_user = $user->id_user; $order->amount = $due_to_pay * -1; //we add the order as a negative, since we pay, we don't get paid. $order->currency = 'USD'; $order->paymethod = 'paypal'; $order->pay_date = Date::unix2mysql(); $order->notes = 'Affiliate Commissions'; $order->status = Model_Order::STATUS_PAID; try { $order->save(); //update the commissions DB::update('affiliates')->set(array('date_paid' => Date::unix2mysql(), 'status' => Model_Affiliate::STATUS_PAID, 'id_order_payment' => $order->id_order))->where('id_user', '=', $user->id_user)->where('date_to_pay', '<', Date::unix2mysql())->where('status', '=', Model_Affiliate::STATUS_CREATED)->execute(); Alert::set(Alert::SUCCESS, __('Commission Paid')); } catch (Exception $e) { } } } } $this->template->title = __('Affiliates Payments'); $query = DB::select(DB::expr('SUM(amount) total'))->select('id_user')->from('affiliates')->where('date_to_pay', '<', Date::unix2mysql())->where('status', '=', Model_Affiliate::STATUS_CREATED)->group_by('id_user')->having('total', '>=', core::config('affiliate.payment_min'))->execute(); $users_to_pay = $query->as_array('id_user'); $total_to_pay = 0; foreach ($users_to_pay as $key => $value) { $total_to_pay += $value['total']; } $users = new Model_User(); if (count($users_to_pay)) { $users = $users->where('id_user', 'in', array_keys($users_to_pay))->where('status', '=', Model_User::STATUS_ACTIVE)->find_all(); } $this->render('oc-panel/pages/affiliate/pay', array('users' => $users, 'total_to_pay' => $total_to_pay, 'users_to_pay' => $users_to_pay)); }
/** * * Loads a basic list info * @param string $view template to render */ public function action_index($view = NULL) { $this->template->title = __('Reviews'); $this->template->scripts['footer'][] = 'js/oc-panel/crud/index.js'; $reviews = new Model_Review(); //$reviews = $reviews->where('status', '=', Model_Review::STATUS_ACTIVE); if (core::get('email') !== NULL) { $user = new Model_User(); $user->where('email', '=', core::get('email'))->limit(1)->find(); if ($user->loaded()) { $reviews = $reviews->where('id_user', '=', $user->id_user); } } $pagination = Pagination::factory(array('view' => 'oc-panel/crud/pagination', 'total_items' => $reviews->count_all()))->route_params(array('controller' => $this->request->controller(), 'action' => $this->request->action())); $pagination->title($this->template->title); $reviews = $reviews->order_by('created', 'desc')->limit($pagination->items_per_page)->offset($pagination->offset)->find_all(); $pagination = $pagination->render(); $this->render('oc-panel/pages/review/index', array('reviews' => $reviews, 'pagination' => $pagination)); }
/** * [new_order description] * @param Model_User $user [description] * @param Model_Product $product [description] * @param boolean check_match_product, if set to false will update the order with the product if different * @return [type] [description] */ public static function new_order(Model_User $user, Model_Product $product, $match_product = TRUE) { $order = new Model_Order(); if ($user->loaded() and $product->loaded()) { //get if theres an unpaid order for this user we wwill use it.. $order->where('id_user', '=', $user->id_user)->where('status', '=', Model_Order::STATUS_CREATED); //also check that matches the product for the order if ($match_product === TRUE) { $order->where('id_product', '=', $product->id_product)->where('amount', '=', $product->final_price())->where('currency', '=', $product->currency); } $order->limit(1)->find(); //order didnt exist so lets create it. if ($order->loaded() === FALSE) { //create order $order = new Model_Order(); $order->id_user = $user->id_user; } // no matter what happens if product is different save! this will also save the order if its new ;) if ($order->id_product != $product->id_product) { $order->ip_address = ip2long(Request::$client_ip); $order->id_product = $product->id_product; $order->currency = $product->currency; //add coupon ID and discount if (Model_Coupon::current()->loaded()) { $order->id_coupon = Model_Coupon::current()->id_coupon; } $order->amount = $product->final_price(); $order->VAT = euvat::vat_percentage(); $order->VAT_number = $user->VAT_number; $order->country = $user->country; $order->city = $user->city; $order->postal_code = $user->postal_code; $order->address = $user->address; try { $order->save(); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } } } return $order; }
/** * * Loads a basic list info * @param string $view template to render */ public function action_index($view = NULL) { $this->template->title = __($this->_orm_model); $this->template->scripts['footer'][] = 'js/oc-panel/crud/index.js'; $elements = ORM::Factory($this->_orm_model); //->find_all(); //email search if (Valid::email(core::get('email'))) { $users = new Model_User(); $users->where('email', '=', core::get('email'))->limit(1)->find(); if ($users->loaded()) { $elements->where('id_user', '=', $users->id_user); } } $pagination = Pagination::factory(array('view' => 'oc-panel/crud/pagination', 'total_items' => $elements->count_all()))->route_params(array('controller' => $this->request->controller(), 'action' => $this->request->action())); $pagination->title($this->template->title); $elements = $elements->order_by('created', 'desc')->limit($pagination->items_per_page)->offset($pagination->offset)->find_all(); $pagination = $pagination->render(); $this->render('oc-panel/pages/download/index', array('elements' => $elements, 'pagination' => $pagination)); }
public function action_userprofile_contact() { $user = new Model_User($this->request->param('id')); //message to user if ($user->loaded() and $this->request->post()) { if (captcha::check('contact')) { //akismet spam filter if (!core::akismet(core::post('name'), core::post('email'), core::post('message'))) { $ret = $user->email('userprofile.contact', array('[EMAIL.BODY]' => core::post('message'), '[EMAIL.SENDER]' => core::post('name'), '[EMAIL.SUBJECT]' => core::post('subject'), '[EMAIL.FROM]' => core::post('email')), core::post('email'), core::post('name')); //if succesfully sent if ($ret) { Alert::set(Alert::SUCCESS, __('Your message has been sent')); } else { Alert::set(Alert::ERROR, __('Message not sent')); } } else { Alert::set(Alert::SUCCESS, __('This email has been considered as spam! We are sorry but we can not send this email.')); } } else { Alert::set(Alert::ERROR, __('You made some mistake')); } Request::current()->redirect(Route::url('profile', array('seoname' => $user->seoname))); } }
/** * Mark advertisement as active : STATUS = 1 */ public function action_activate() { $user = Auth::instance()->get_user(); $id = $this->request->param('id'); if (isset($id)) { $active_ad = new Model_Ad($id); if ($active_ad->loaded()) { $activate = FALSE; //admin whatever he wants if ($user->id_role == Model_Role::ROLE_ADMIN) { $activate = TRUE; } elseif ($user->id_user == $active_ad->id_user and !in_array(core::config('general.moderation'), Model_Ad::$moderation_status)) { $activate = TRUE; } else { Alert::set(Alert::ALERT, __("This is not your advertisement.")); } //its not published if ($active_ad->status == Model_Ad::STATUS_PUBLISHED) { $activate = FALSE; Alert::set(Alert::ALERT, __("Advertisement is already marked as 'active'")); } //pending payment if ($activate === TRUE and ($order = $active_ad->get_order()) !== FALSE and $order->status == Model_Order::STATUS_CREATED) { $activate = FALSE; Alert::set(Alert::ALERT, __("Advertisement can not be marked as “active”. There is a pending payment.")); } //activate the ad if ($activate === TRUE) { $active_ad->published = Date::unix2mysql(time()); $active_ad->status = Model_Ad::STATUS_PUBLISHED; try { $active_ad->save(); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } } else { HTTP::redirect(Route::url('oc-panel', array('controller' => 'myads', 'action' => 'index'))); } } else { //throw 404 throw HTTP_Exception::factory(404, __('Page not found')); } } // send confirmation email $cat = new Model_Category($active_ad->id_category); $usr = new Model_User($active_ad->id_user); if ($usr->loaded()) { //we get the QL, and force the regen of token for security $url_ql = $usr->ql('ad', array('category' => $cat->seoname, 'seotitle' => $active_ad->seotitle), TRUE); $ret = $usr->email('ads-activated', array('[USER.OWNER]' => $usr->name, '[URL.QL]' => $url_ql, '[AD.NAME]' => $active_ad->title)); } Alert::set(Alert::SUCCESS, __('Advertisement is active and published')); HTTP::redirect(Route::url('oc-panel', array('controller' => 'myads', 'action' => 'index'))); }
/** * mark user as spamer, he can no longer login * @return [type] [description] */ public function action_spam() { $this->auto_render = FALSE; $this->template = View::factory('js'); $user = new Model_User($this->request->param('id')); if ($user->loaded()) { try { $user->user_spam(); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } HTTP::redirect(Route::url('oc-panel', array('controller' => $this->request->controller()))); } }
/** * does the DB migration * @param pointer $db * @param string $pf db_prefix */ private function migrate($db, $pf) { set_time_limit(0); $db_config = core::config('database.default'); $prefix = $db_config['table_prefix']; //connect DB original/to where we migrate $dbo = Database::instance('default'); //oc_accounts --> oc_users $users_map = array(); $accounts = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'accounts`'); foreach ($accounts as $account) { $user = new Model_User(); $user->where('email', '=', $account['email'])->limit(1)->find(); if (!$user->loaded()) { $user->name = $account['name']; $user->email = $account['email']; $user->password = $account['password']; $user->created = $account['createdDate']; $user->last_modified = $account['lastModifiedDate']; $user->last_login = $account['lastSigninDate']; $user->status = $account['active']; $user->id_role = 1; $user->seoname = $user->gen_seo_title($user->name); $user->save(); } $users_map[$account['email']] = $user->id_user; } //categories --> categories $categories_map = array(0 => 1); $categories = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'categories` ORDER BY `idCategoryParent` ASC'); foreach ($categories as $category) { $cat = new Model_Category(); $cat->name = $category['name']; $cat->order = $category['order']; $cat->created = $category['created']; $cat->seoname = $category['friendlyName']; $cat->price = $category['price']; $cat->description = substr($category['description'], 0, 250); $cat->parent_deep = $category['idCategoryParent'] > 0 ? 1 : 0; //there's only 1 deep $cat->id_category_parent = isset($categories_map[$category['idCategoryParent']]) ? $categories_map[$category['idCategoryParent']] : 1; $cat->save(); //we save old_id stores the new ID, so later we know the category parent, and to changes the ADS category id $categories_map[$category['idCategory']] = $cat->id_category; } //locations --> locations $locations_map = array(0 => 1); $locations = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'locations` ORDER BY `idLocationParent` ASC'); foreach ($locations as $location) { $loc = new Model_Location(); $loc->name = $location['name']; $loc->seoname = $location['friendlyName']; $loc->parent_deep = $location['idLocationParent'] > 0 ? 1 : 0; //there's only 1 deep $loc->id_location_parent = isset($locations_map[$location['idLocationParent']]) ? $locations_map[$location['idLocationParent']] : 1; $loc->save(); //we save old_id stores the new ID, so later we know the location parent, and to changes the ADS location id $locations_map[$location['idLocation']] = $loc->id_location; } //posts --> ads $ads_map = array(); $ads = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'posts`'); foreach ($ads as $a) { if (Valid::email($a['email'])) { //gettin the id_user if (isset($users_map[$a['email']])) { $id_user = $users_map[$a['email']]; } else { $user = Model_User::create_email($a['email'], $a['name']); $id_user = $user->id_user; } $ad = new Model_Ad(); $ad->id_ad = $a['idPost']; //so images still work $ad->id_user = $id_user; $ad->id_category = isset($categories_map[$a['idCategory']]) ? $categories_map[$a['idCategory']] : 1; $ad->id_location = isset($locations_map[$a['idLocation']]) ? $locations_map[$a['idLocation']] : 1; $ad->title = $a['title']; $ad->seotitle = $ad->gen_seo_title($a['title']); $ad->description = !empty($a['description']) ? Text::html2bb($a['description']) : $a['title']; $ad->address = $a['place']; $ad->price = $a['price']; $ad->phone = $a['phone']; $ad->has_images = $a['hasImages']; $ad->ip_address = ip2long($a['ip']); $ad->created = $a['insertDate']; $ad->published = $ad->created; //Status migration...big mess! if ($a['isAvailable'] == 0 and $a['isConfirmed'] == 0) { $ad->status = Model_Ad::STATUS_NOPUBLISHED; } elseif ($a['isAvailable'] == 1 and $a['isConfirmed'] == 0) { $ad->status = Model_Ad::STATUS_NOPUBLISHED; } elseif ($a['isAvailable'] == 1 and $a['isConfirmed'] == 1) { $ad->status = Model_Ad::STATUS_PUBLISHED; } elseif ($a['isAvailable'] == 0 and $a['isConfirmed'] == 1) { $ad->status = Model_Ad::STATUS_UNAVAILABLE; } elseif ($a['isAvailable'] == 2) { $ad->status = Model_Ad::STATUS_SPAM; } else { $ad->status = Model_Ad::STATUS_UNAVAILABLE; } try { $ad->save(); } catch (ORM_Validation_Exception $e) { // d($e->errors('')); } $ads_map[$a['idPost']] = $ad->id_ad; } } //posthits --> visits, mass migration $insert = 'INSERT INTO `' . $prefix . 'visits` ( `id_ad`, `created`, `ip_address`) VALUES'; $step = 5000; $total = $db->query(Database::SELECT, 'SELECT count(*) cont FROM `' . $pf . 'postshits`')->as_array(); $total = $total[0]['cont']; for ($i = 0; $i < $total; $i += $step) { $hits = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'postshits` LIMIT ' . $i . ', ' . $step); $values = ''; foreach ($hits as $hit) { //build insert query $values .= '(' . $hit['idPost'] . ', \'' . $hit['hitTime'] . '\', \'' . ip2long($hit['ip']) . '\'),'; } $dbo->query(Database::INSERT, $insert . substr($values, 0, -1)); } //old way of migrating // $hits = $db->query(Database::SELECT, 'SELECT * FROM `'.$pf.'postshits` '); // foreach ($hits as $hit) // { // //build insert query // $visit = new Model_Visit(); // $visit->id_ad = (isset($ads_map[$hit['idPost']]))?$ads_map[$hit['idPost']]:NULL; // $visit->created = $hit['hitTime']; // $visit->ip_address = ip2long($hit['ip']); // $visit->save(); // } }
public function action_index() { Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Tickets'))); $this->template->title = __('Support'); $user = Auth::instance()->get_user(); $tickets = new Model_Ticket(); //search box if (core::get('search') !== NULL) { $this->template->title .= ' ' . core::get('search'); //email seted if ($user->has_access('supportadmin') and Valid::email(core::get('search'))) { $users = new Model_User(); $users->where('email', '=', core::get('search'))->limit(1)->find(); if ($users->loaded()) { $tickets->where('id_user', '=', $users->id_user); } $tickets->where('id_ticket_parent', 'IS', NULL); } elseif (is_numeric(core::get('search'))) { $tickets->where('id_ticket', '=', core::get('search')); } elseif (strlen(core::get('search')) > 3) { $tickets->where_open()->where('title', 'like', '%' . core::get('search') . '%')->or_where('description', 'like', '%' . core::get('search') . '%')->where_close(); } } elseif (is_numeric(core::request('filter__id_user')) and $user->has_access('supportadmin')) { $tickets->where('id_user', '=', core::request('filter__id_user')); } else { $tickets->where('id_ticket_parent', 'IS', NULL); } //by type filter switch ($this->request->param('id')) { case 'assigned': if ($user->has_access('supportadmin')) { $this->template->title .= ' ' . __('Assigned Tickets'); $tickets->where('id_user_support', '=', $user->id_user); } else { $tickets->where('id_user', '=', $user->id_user); } break; case 'admin': if ($user->has_access('supportadmin')) { $this->template->title .= ' ' . __('All Tickets'); } else { $tickets->where('id_user', '=', $user->id_user); } break; default: case 'client': $this->template->title .= ' ' . $user->name; $tickets->where('id_user', '=', $user->id_user); break; } //filter by status if (is_numeric(core::get('status'))) { $filter_status = core::get('status'); if (isset(Model_Ticket::$statuses[$filter_status])) { $this->template->title .= ' ' . Model_Ticket::$statuses[$filter_status]; $tickets->where('status', '=', $filter_status); } } $pagination = Pagination::factory(array('view' => 'oc-panel/crud/pagination', 'total_items' => $tickets->count_all()))->route_params(array('controller' => $this->request->controller(), 'action' => $this->request->action(), 'id' => $this->request->param('id'))); $pagination->title($this->template->title); $tickets = $tickets->order_by('status', 'asc')->order_by('read_date', 'desc')->limit($pagination->items_per_page)->offset($pagination->offset)->find_all(); $pagination = $pagination->render(); $this->template->bind('content', $content); $this->template->content = View::factory('oc-panel/pages/support/index', array('title' => $this->template->title, 'tickets' => $tickets, 'pagination' => $pagination)); }
/** * return TRUE if user is spammer * * @param string $email * @return bool */ public static function is_spam($email = NULL) { //if he is login we can check if its an spammer if (Auth::instance()->logged_in() === TRUE) { if (Auth::instance()->get_user()->status == Model_User::STATUS_SPAM) { return TRUE; } } elseif (Valid::email($email)) { $spammer = new Model_User(); $spammer->where('email', '=', $email)->where('status', '=', Model_User::STATUS_SPAM)->find(); if ($spammer->loaded()) { return TRUE; } } return FALSE; }
/** * test auth delete multiple users * @author Gabriel Giannattasio * @test */ public function test_auth_delete_multiple_users() { // Setup valid users $this->add_valid_users(); $validUsers = $this->providerValidUsers(); array_walk($validUsers, function (&$user) { $username = $user[0]['username']; $user = new Model_User(); $user->where("username", "=", $username)->find(); }); $this->assertNull(Auth::instance()->unregister($validUsers), "Delete the users in array"); foreach ($validUsers as $user) { $this->assertFalse($user->loaded(), "Ok, so you think the user was deleted? think again!"); } }
/** * Mark advertisement as spam : STATUS = 30 */ public function action_spam() { $id = $this->request->param('id'); $param_current_url = Core::get('current_url'); $format_id = explode('_', $id); foreach ($format_id as $id) { if (isset($id) and $id !== '') { $spam_ad = new Model_Ad($id); if ($spam_ad->loaded()) { if ($spam_ad->status != Model_Ad::STATUS_SPAM) { //mark user as spamer $user = new Model_User($spam_ad->user->id_user); if ($user->loaded()) { $user->user_spam(); } $spam_ad->status = Model_Ad::STATUS_SPAM; try { $spam_ad->save(); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } } } } } Alert::set(Alert::SUCCESS, __('Advertisement is marked as spam')); if ($param_current_url == Model_Ad::STATUS_NOPUBLISHED and in_array(core::config('general.moderation'), Model_Ad::$moderation_status)) { HTTP::redirect(Route::url('oc-panel', array('controller' => 'ad', 'action' => 'moderate'))); } elseif ($param_current_url == Model_Ad::STATUS_PUBLISHED) { HTTP::redirect(Route::url('oc-panel', array('controller' => 'ad', 'action' => 'index'))); } else { HTTP::redirect(Route::url('oc-panel', array('controller' => 'ad', 'action' => 'index')) . '?status=' . $param_current_url); } }
/** * * Check if we need to login the user or display the form, same form for normal user and admin */ public function action_login() { //if user loged in redirect home if (Auth::instance()->logged_in()) { Auth::instance()->login_redirect(); } elseif ($this->request->post() and CSRF::valid('login')) { $blocked_login = FALSE; // Load the user $user = new Model_User(); $user->where('email', '=', core::post('email'))->where('status', 'in', array(Model_User::STATUS_ACTIVE, Model_User::STATUS_SPAM))->limit(1)->find(); // Check if we must block this login attempt. if ($user->loaded() and $user->failed_attempts > 2) { // failed 2 or 3 attempts, wait 1 minute until next attempt if ($user->failed_attempts < 5 and $user->last_failed > Date::unix2mysql(strtotime('-1 minute'))) { $blocked_login = TRUE; Alert::set(Alert::ERROR, __('Login has been temporarily disabled due to too many unsuccessful login attempts. Please try again in a minute.')); } elseif ($user->failed_attempts > 4 and $user->last_failed > Date::unix2mysql(strtotime('-24 hours'))) { $blocked_login = TRUE; Alert::set(Alert::ERROR, __('Login has been temporarily disabled due to too many unsuccessful login attempts. Please try again in 24 hours.')); } } //not blocked so try to login if (!$blocked_login) { Auth::instance()->login(core::post('email'), core::post('password'), (bool) core::post('remember')); //redirect index if (Auth::instance()->logged_in()) { if ($user->loaded()) { $user->failed_attempts = 0; try { // Save the user $user->update(); } catch (ORM_Validation_Exception $e) { Form::set_errors($e->errors('')); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } } //is an admin so redirect to the admin home Auth::instance()->login_redirect(); } else { Form::set_errors(array(__('Wrong email or password') . '. ' . '<a class="alert-link" href="' . Route::url('oc-panel', array('directory' => 'user', 'controller' => 'auth', 'action' => 'forgot')) . '">' . __('Have you forgotten your password?') . '</a>')); if ($user->loaded()) { // this is fifth failed attempt, invalidate token? if ($user->failed_attempts == 4) { $user->token = NULL; $user->user_agent = NULL; $user->token_created = NULL; $user->token_expires = NULL; } $user->failed_attempts = new Database_Expression('failed_attempts + 1'); $user->last_failed = Date::unix2mysql(time()); try { // Save the user $user->update(); } catch (ORM_Validation_Exception $e) { Form::set_errors($e->errors('')); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } } } } } //Login page $this->template->title = __('Login'); $this->template->meta_description = __('Login to') . ' ' . Core::config('general.site_name'); $this->template->content = View::factory('pages/auth/login'); }
public function action_userprofile_contact() { $user_to = new Model_User($this->request->param('id')); //message to user if ($user_to->loaded() and $this->request->post()) { if (captcha::check('contact')) { //check if user is loged in if (Auth::instance()->logged_in()) { $email_from = Auth::instance()->get_user()->email; $name_from = Auth::instance()->get_user()->name; } else { $email_from = core::post('email'); $name_from = core::post('name'); } //require login to contact if (core::config('general.messaging') == TRUE and !Auth::instance()->logged_in()) { Alert::set(Alert::INFO, __('Please, login before contacting')); HTTP::redirect(Route::url('oc-panel')); } //akismet spam filter if (!core::akismet($name_from, $email_from, core::post('message'))) { if (core::config('general.messaging')) { $ret = Model_Message::send_user(core::post('message'), $this->user, $user_to); } else { $ret = $user_to->email('user-profile-contact', array('[EMAIL.BODY]' => core::post('message'), '[EMAIL.SENDER]' => $name_from, '[EMAIL.SUBJECT]' => core::post('subject'), '[EMAIL.FROM]' => $email_from), $email_from, $name_from); } //if succesfully sent if ($ret) { Alert::set(Alert::SUCCESS, __('Your message has been sent')); } else { Alert::set(Alert::ERROR, __('Message not sent')); } } else { Alert::set(Alert::SUCCESS, __('This email has been considered as spam! We are sorry but we can not send this email.')); } } else { Alert::set(Alert::ERROR, __('Captcha is not correct')); } HTTP::redirect(Route::url('profile', array('seoname' => $user_to->seoname))); } }
/** * This function will upgrade DB that didn't existed in versions prior to 2.3.0 */ public function action_230() { //Cron update try { DB::query(Database::UPDATE, "UPDATE `" . self::$db_prefix . "crontab` SET period='00 3 * * *' WHERE callback='Sitemap::generate' LIMIT 1")->execute(); DB::query(Database::UPDATE, "UPDATE `" . self::$db_prefix . "crontab` SET period='00 5 * * *' WHERE callback='Core::delete_cache' LIMIT 1")->execute(); DB::query(Database::UPDATE, "UPDATE `" . self::$db_prefix . "crontab` SET period='00 4 1 * *' WHERE callback='Core::optimize_db' LIMIT 1")->execute(); DB::query(Database::UPDATE, "UPDATE `" . self::$db_prefix . "crontab` SET period='00 7 * * *' WHERE callback='Cron_Ad::unpaid' LIMIT 1")->execute(); DB::query(Database::UPDATE, "UPDATE `" . self::$db_prefix . "crontab` SET period='00 8 * * *' WHERE callback='Cron_Ad::expired_featured' LIMIT 1")->execute(); DB::query(Database::UPDATE, "UPDATE `" . self::$db_prefix . "crontab` SET period='00 9 * * *' WHERE callback='Cron_Ad::expired' LIMIT 1")->execute(); } catch (exception $e) { } //control login attempts try { DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "users` ADD `last_failed` DATETIME NULL DEFAULT NULL ;")->execute(); } catch (exception $e) { } try { DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "users` ADD `failed_attempts` int(10) unsigned DEFAULT 0")->execute(); } catch (exception $e) { } //categories/locations/users/ads has_image/last_modified try { DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "categories` ADD `last_modified` DATETIME NULL DEFAULT NULL ;")->execute(); } catch (exception $e) { } try { DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "categories` ADD `has_image` TINYINT( 1 ) NOT NULL DEFAULT '0' ;")->execute(); } catch (exception $e) { } try { DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "locations` ADD `last_modified` DATETIME NULL DEFAULT NULL ;")->execute(); } catch (exception $e) { } try { DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "locations` ADD `has_image` TINYINT( 1 ) NOT NULL DEFAULT '0' ;")->execute(); } catch (exception $e) { } try { DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "users` ADD `has_image` TINYINT( 1 ) NOT NULL DEFAULT '0' ;")->execute(); } catch (exception $e) { } try { DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "ads` ADD `last_modified` DATETIME NULL DEFAULT NULL ;")->execute(); } catch (exception $e) { } //new configs $configs = array(array('config_key' => 'aws_s3_active', 'group_name' => 'image', 'config_value' => 0), array('config_key' => 'aws_access_key', 'group_name' => 'image', 'config_value' => ''), array('config_key' => 'aws_secret_key', 'group_name' => 'image', 'config_value' => ''), array('config_key' => 'aws_s3_bucket', 'group_name' => 'image', 'config_value' => ''), array('config_key' => 'aws_s3_domain', 'group_name' => 'image', 'config_value' => 0), array('config_key' => 'disallow_nudes', 'group_name' => 'image', 'config_value' => 0), array('config_key' => 'html_head', 'group_name' => 'general', 'config_value' => ''), array('config_key' => 'html_footer', 'group_name' => 'general', 'config_value' => ''), array('config_key' => 'login_to_contact', 'group_name' => 'advertisement', 'config_value' => 0), array('config_key' => 'custom_css', 'group_name' => 'appearance', 'config_value' => 0), array('config_key' => 'custom_css_version', 'group_name' => 'appearance', 'config_value' => 0), array('config_key' => 'only_admin_post', 'group_name' => 'advertisement', 'config_value' => 0), array('config_key' => 'map_active', 'group_name' => 'appearance', 'config_value' => 1), array('config_key' => 'map_jscode', 'group_name' => 'appearance', 'config_value' => ''), array('config_key' => 'map_settings', 'group_name' => 'appearance', 'config_value' => ''), array('config_key' => 'recaptcha_active', 'group_name' => 'general', 'config_value' => ''), array('config_key' => 'recaptcha_secretkey', 'group_name' => 'general', 'config_value' => ''), array('config_key' => 'recaptcha_sitekey', 'group_name' => 'general', 'config_value' => '')); Model_Config::config_array($configs); //upgrade has_image field to use it as images count $ads = new Model_Ad(); $ads = $ads->where('has_images', '>', 0)->find_all(); if (count($ads)) { foreach ($ads as $ad) { $ad->has_images = 0; //begin with 0 images $route = $ad->image_path(); $folder = DOCROOT . $route; $image_keys = array(); if (is_dir($folder)) { //retrive ad pictures foreach (new DirectoryIterator($folder) as $file) { if (!$file->isDot()) { $key = explode('_', $file->getFilename()); $key = end($key); $key = explode('.', $key); $key = isset($key[0]) ? $key[0] : NULL; if (is_numeric($key)) { if (strpos($file->getFilename(), 'thumb_') === 0) { $image_keys[] = $key; } } } } //count images and reordering file names if (count($image_keys)) { asort($image_keys); foreach ($image_keys as $image_key) { $ad->has_images++; @rename($folder . $ad->seotitle . '_' . $image_key . '.jpg', $folder . $ad->seotitle . '_' . $ad->has_images . '.jpg'); @rename($folder . 'thumb_' . $ad->seotitle . '_' . $image_key . '.jpg', $folder . 'thumb_' . $ad->seotitle . '_' . $ad->has_images . '.jpg'); } } } //update has_images count try { $ad->save(); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } } } //upgrade categories has_image $images_path = DOCROOT . 'images/categories'; if (is_dir($images_path)) { //retrive cat pictures foreach (new DirectoryIterator($images_path) as $file) { if ($file->isFile()) { $cat_name = str_replace('.png', '', $file->getFilename()); $cat = new Model_Category(); $cat->where('seoname', '=', $cat_name)->find(); if ($cat->loaded()) { $cat->has_image = 1; $cat->save(); } } } } //upgrade locations has_image $images_path = DOCROOT . 'images/locations'; if (is_dir($images_path)) { //retrive loc pictures foreach (new DirectoryIterator($images_path) as $file) { if ($file->isFile()) { $loc_name = str_replace('.png', '', $file->getFilename()); $loc = new Model_Location(); $loc->where('seoname', '=', $loc_name)->find(); if ($loc->loaded()) { $loc->has_image = 1; $loc->save(); } } } } //upgrade users has_image $images_path = DOCROOT . 'images/users'; if (is_dir($images_path)) { //retrive user pictures foreach (new DirectoryIterator($images_path) as $file) { if ($file->isFile() and is_numeric($id_user = str_replace('.png', '', $file->getFilename()))) { $user = new Model_User($id_user); if ($user->loaded()) { $user->has_image = 1; $user->save(); } } } } }
public function multiple_mails($receivers) { foreach ($receivers as $num => $receiver_id) { if (is_numeric($receiver_id)) { $ad = new Model_Ad($receiver_id); $cat = new Model_Category($ad->id_category); $usr = new Model_User($ad->id_user); if ($usr->loaded()) { $edit_url = core::config('general.base_url') . 'oc-panel/profile/update/' . $ad->id_ad; $delete_url = core::config('general.base_url') . 'oc-panel/ad/delete/' . $ad->id_ad; //we get the QL, and force the regen of token for security $url_ql = $usr->ql('ad', array('category' => $cat->seoname, 'seotitle' => $ad->seotitle), TRUE); $ret = $usr->email('ads.activated', array('[USER.OWNER]' => $usr->name, '[URL.QL]' => $url_ql, '[AD.NAME]' => $ad->title, '[URL.EDITAD]' => $edit_url, '[URL.DELETEAD]' => $delete_url)); } } } }