public function run()
{
$template = cmsTemplate::getInstance();
$config = cmsConfig::getInstance();
$user = cmsUser::getInstance();
$contact_id = $this->request->get('contact_id') or cmsCore::error404();
$content = $this->request->get('content') or cmsCore::error404();
$csrf_token = $this->request->get('csrf_token');
// Проверяем валидность
$is_valid = is_numeric($contact_id) && cmsForm::validateCSRFToken($csrf_token, false);
if (!$is_valid) {
$result = array('error' => true, 'message' => '');
$template->renderJSON($result);
}
$contact = $this->model->getContact($user->id, $contact_id);
// Контакт существует?
if (!$contact) {
$result = array('error' => true, 'message' => '');
$template->renderJSON($result);
}
// Контакт не в игноре у отправителя?
if ($contact['is_ignored']) {
$result = array('error' => true, 'message' => LANG_PM_CONTACT_IS_IGNORED);
$template->renderJSON($result);
}
// Отправитель не в игноре у контакта?
if ($this->model->isContactIgnored($contact_id, $user->id)) {
$result = array('error' => true, 'message' => LANG_PM_YOU_ARE_IGNORED);
$template->renderJSON($result);
}
// Контакт принимает сообщения от этого пользователя?
if (!$user->isPrivacyAllowed($contact, 'messages_pm')) {
$result = array('error' => true, 'message' => LANG_PM_CONTACT_IS_PRIVATE);
$template->renderJSON($result);
}
//
// Отправляем сообщение
//
$content_html = cmsEventsManager::hook('html_filter', $content);
if (!$content_html) {
$template->renderJSON(array('error' => false, 'date' => false, 'message' => false));
}
$this->setSender($user->id);
$this->addRecipient($contact_id);
$message_id = $this->sendMessage($content_html);
//
// Отправляем уведомление на почту
//
$user_to = cmsCore::getModel('users')->getUser($contact_id);
if (!$user_to['is_online']) {
$this->sendNoticeEmail('messages_new');
}
//
// Получаем и рендерим добавленное сообщение
//
$message = $this->model->getMessage($message_id);
$message_html = $template->render('message', array('messages' => array($message), 'user' => $user), new cmsRequest(array(), cmsRequest::CTX_INTERNAL));
// Результат
$template->renderJSON(array('error' => false, 'date' => date($config->date_format, time()), 'message' => $message_html));
}
public function run($group)
{
if (!cmsUser::isAllowed('groups', 'delete')) {
cmsCore::error404();
}
if (!cmsUser::isAllowed('groups', 'delete', 'all') && $group['owner_id'] != $this->cms_user->id) {
cmsCore::error404();
}
if ($this->request->has('submit')) {
// подтвержение получено
$csrf_token = $this->request->get('csrf_token', '');
$is_delete_content = $this->request->get('is_delete_content', 0);
if (!cmsForm::validateCSRFToken($csrf_token)) {
cmsCore::error404();
}
list($group, $is_delete_content) = cmsEventsManager::hook('group_before_delete', array($group, $is_delete_content));
$this->model->removeContentFromGroup($group['id'], $is_delete_content);
$this->model->deleteGroup($group);
cmsUser::addSessionMessage(sprintf(LANG_GROUPS_DELETED, $group['title']));
$this->redirectToAction('');
} else {
// спрашиваем подтверждение
return $this->cms_template->render('group_delete', array('user' => $this->cms_user, 'group' => $group));
}
}
function insertForm($form_title){
cmsCore::loadClass('form');
return cmsForm::displayForm(trim($form_title), array(), false);
}
public function run($profile)
{
$user = cmsUser::getInstance();
$template = cmsTemplate::getInstance();
// проверяем наличие доступа
if ($profile['id'] != $user->id && !$user->is_admin) {
cmsCore::error404();
}
$pricacy_types = cmsEventsManager::hookAll('user_privacy_types');
$form = new cmsForm();
$fieldset_id = $form->addFieldset();
$default_options = array('', 'anyone', 'friends');
foreach ($pricacy_types as $list) {
foreach ($list as $name => $type) {
$options = array();
if (!isset($type['options'])) {
$type['options'] = $default_options;
}
foreach ($type['options'] as $option) {
if (!$option) {
$options[''] = LANG_USERS_PRIVACY_FOR_NOBODY;
} else {
$options[$option] = constant('LANG_USERS_PRIVACY_FOR_' . mb_strtoupper($option));
}
}
$form->addField($fieldset_id, new fieldList($name, array('title' => $type['title'], 'default' => 'anyone', 'items' => $options)));
}
}
// Форма отправлена?
$is_submitted = $this->request->has('submit');
$options = $this->model->getUserPrivacyOptions($profile['id']);
if ($is_submitted) {
// Парсим форму и получаем поля записи
$options = array_merge($options, $form->parse($this->request, $is_submitted, $options));
// Проверям правильность заполнения
$errors = $form->validate($this, $options);
if (!$errors) {
// Обновляем профиль и редиректим на его просмотр
$this->model->updateUserPrivacyOptions($profile['id'], $options);
$this->redirectTo('users', $profile['id']);
}
if ($errors) {
cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
}
}
return $template->render('profile_edit_privacy', array('id' => $profile['id'], 'profile' => $profile, 'options' => $options, 'form' => $form, 'errors' => isset($errors) ? $errors : false));
}
public function run($friend_id)
{
if (!cmsUser::isLogged()) {
cmsCore::error404();
}
$user = cmsUser::getInstance();
if (!$friend_id) {
cmsCore::error404();
}
if ($user->isFriend($friend_id)) {
return false;
}
$friend = $this->model->getUser($friend_id);
if (!$friend) {
cmsCore::error404();
}
//
// Запрос по ссылке из профиля
//
if ($this->request->isStandard()) {
//
// Если запрос от друга уже существует
//
if ($this->model->isFriendshipRequested($friend_id, $user->id)) {
$this->model->addFriendship($user->id, $friend_id);
cmsUser::addSessionMessage(sprintf(LANG_USERS_FRIENDS_DONE, $friend['nickname']), 'success');
$this->sendNoticeAccepted($friend);
$this->redirectToAction($friend_id);
}
//
// Если запроса от друга не было
//
if ($this->request->has('submit')) {
// подтвержение получено
$csrf_token = $this->request->get('csrf_token');
if (!cmsForm::validateCSRFToken($csrf_token)) {
cmsCore::error404();
}
$this->model->addFriendship($user->id, $friend_id);
cmsUser::addSessionMessage(LANG_USERS_FRIENDS_SENT);
$this->sendNoticeRequest($friend);
$this->redirectToAction($friend_id);
} else {
// спрашиваем подтверждение
return cmsTemplate::getInstance()->render('friend_add', array('user' => $user, 'friend' => $friend));
}
}
//
// Запрос из уведомления (внутренний)
//
if ($this->request->isInternal()) {
$this->model->addFriendship($user->id, $friend_id);
$this->sendNoticeAccepted($friend);
return true;
}
}
public function uploadImage()
{
$csrf_token = $this->request->get('csrf_token', '');
if (!cmsForm::validateCSRFToken($csrf_token)) {
return $this->cms_template->renderPlain('upload', array('allowed_extensions' => $this->allowed_extensions, 'error' => LANG_FORM_ERRORS));
}
$result = $this->images_controller->uploadWithPreset('image', 'wysiwyg_live');
if (!$result['success']) {
return $this->cms_template->renderPlain('upload', array('allowed_extensions' => $this->images_controller->getAllowedExtensions(), 'error' => $result['error']));
}
return $this->cms_template->renderPlain('image', array('url' => $result['image']['url']));
}
public function run($profile)
{
// проверяем наличие доступа
if ($profile['id'] != $this->cms_user->id) {
cmsCore::error404();
}
// Форма отправлена?
$is_submitted = $this->request->has('submit');
if (!$is_submitted && !$profile['invites_count']) {
cmsCore::error404();
}
$form = new cmsForm();
$fieldset_id = $form->addFieldset();
if ($profile['invites_count'] > 1) {
$form->addField($fieldset_id, new fieldText('emails', array('title' => LANG_USERS_INVITES_EMAILS, 'hint' => LANG_USERS_INVITES_EMAILS_HINT, 'rules' => array(array('required')))));
}
if ($profile['invites_count'] == 1) {
$form->addField($fieldset_id, new fieldString('emails', array('title' => LANG_USERS_INVITES_EMAIL, 'rules' => array(array('required'), array('email')))));
}
$input = array();
if ($is_submitted) {
// Парсим форму и получаем поля записи
$input = $form->parse($this->request, $is_submitted);
// Проверям правильность заполнения
$errors = $form->validate($this, $input);
if (!$errors) {
$results = $this->sendInvites($profile, $input['emails']);
return $this->cms_template->render('profile_invites_results', array('id' => $profile['id'], 'profile' => $profile, 'results' => $results));
}
if ($errors) {
cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
}
}
return $this->cms_template->render('profile_invites', array('id' => $profile['id'], 'profile' => $profile, 'form' => $form, 'input' => $input, 'errors' => isset($errors) ? $errors : false));
}
public function run($ctype_id, $parent_id)
{
$items = $this->request->get('selected');
$is_submitted = $this->request->has('items');
$template = cmsTemplate::getInstance();
$content_model = cmsCore::getModel('content');
$ctype = $content_model->getContentType($ctype_id);
$fields = $content_model->getContentFields($ctype['name']);
$form = new cmsForm();
$fieldset_id = $form->addFieldset(LANG_MOVE_TO_CATEGORY);
$form->addField($fieldset_id, new fieldList('category_id', array('default' => $parent_id, 'generator' => function ($data) {
$content_model = cmsCore::getModel('content');
$tree = $content_model->getCategoriesTree($data['ctype_name']);
foreach ($tree as $c) {
$items[$c['id']] = str_repeat('- ', $c['ns_level']) . ' ' . $c['title'];
}
return $items;
})));
$form->addField($fieldset_id, new fieldHidden('items'));
$data = $form->parse($this->request, $is_submitted);
if ($is_submitted) {
// Проверяем правильность заполнения
$errors = $form->validate($this, $data);
if (!$errors) {
$data['items'] = explode(',', $data['items']);
$content_model->moveContentItemsToCategory($ctype, $data['category_id'], $data['items'], $fields);
$template->renderJSON(array('errors' => false, 'callback' => 'contentItemsMoved'));
}
if ($errors) {
$template->renderJSON(array('errors' => true));
}
$this->halt();
}
return $template->render('content_item_move', array('ctype' => $ctype, 'parent_id' => $parent_id, 'items' => $items, 'form' => $form, 'errors' => isset($errors) ? $errors : false));
}
function save_controller_options($controllers)
{
foreach ($controllers as $controller) {
$controller_root_path = cmsConfig::get('root_path') . 'system/controllers/' . $controller . '/';
$form_file = $controller_root_path . 'backend/forms/form_options.php';
$form_name = $controller . 'options';
cmsCore::loadControllerLanguage($controller);
$form = cmsForm::getForm($form_file, $form_name, false);
if ($form) {
$options = $form->parse(new cmsRequest(cmsController::loadOptions($controller)));
cmsCore::getModel('content')->filterEqual('name', $controller)->updateFiltered('controllers', array('options' => $options));
}
}
}
private function componentUpdate($manifest)
{
$model = new cmsModel();
$controller_root_path = $this->cms_config->root_path . 'system/controllers/' . $manifest['package']['name'] . '/';
$form_file = $controller_root_path . 'backend/forms/form_options.php';
$form_name = $manifest['package']['name'] . 'options';
cmsCore::loadControllerLanguage($manifest['package']['name']);
$form = cmsForm::getForm($form_file, $form_name, false);
if ($form) {
$options = $form->parse(new cmsRequest(cmsController::loadOptions($manifest['package']['name'])));
} else {
$options = null;
}
$model->filterEqual('name', $manifest['package']['name'])->updateFiltered('controllers', array('title' => $manifest['info']['title'], 'options' => $options, 'author' => isset($manifest['author']['name']) ? $manifest['author']['name'] : LANG_CP_PACKAGE_NONAME, 'url' => isset($manifest['author']['url']) ? $manifest['author']['url'] : null, 'version' => $manifest['version']['major'] . '.' . $manifest['version']['minor'] . '.' . $manifest['version']['build'], 'is_backend' => file_exists($controller_root_path . 'backend.php')));
return 'controllers';
}
public function init($do)
{
return array('basic' => array('type' => 'fieldset', 'childs' => array(new fieldString('name', array('title' => LANG_SYSTEM_NAME, 'rules' => array(array('required'), array('sysname'), array('max_length', 20), $do == 'add' ? array('unique_field') : false))), new fieldString('title', array('title' => LANG_CP_FIELD_TITLE, 'rules' => array(array('required'), array('max_length', 100)))), new fieldString('hint', array('title' => LANG_CP_FIELD_HINT, 'rules' => array(array('max_length', 255)))))), 'type' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_TYPE, 'childs' => array(new fieldList('type', array('default' => 'string', 'generator' => function () {
$field_types = array();
$field_types = cmsForm::getAvailableFormFields();
return $field_types;
})))), 'group' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_FIELDSET, 'childs' => array(new fieldList('fieldset', array('title' => LANG_CP_FIELD_FIELDSET_SELECT, 'generator' => function ($field) {
$model = cmsCore::getModel('content');
$model->setTablePrefix('');
$fieldsets = $model->getContentFieldsets('users');
$items = array('');
foreach ($fieldsets as $fieldset) {
$items[$fieldset] = $fieldset;
}
return $items;
})), new fieldString('new_fieldset', array('title' => LANG_CP_FIELD_FIELDSET_ADD, 'rules' => array(array('max_length', 100)))))), 'visibility' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_VISIBILITY, 'childs' => array(new fieldCheckbox('is_in_filter', array('title' => LANG_CP_FIELD_IN_FILTER)))), 'labels' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_LABELS, 'childs' => array(new fieldList('options:label_in_item', array('title' => LANG_CP_FIELD_LABELS_IN_ITEM, 'default' => 'left', 'items' => array('left' => LANG_CP_FIELD_LABEL_LEFT, 'top' => LANG_CP_FIELD_LABEL_TOP, 'none' => LANG_CP_FIELD_LABEL_NONE))))), 'format' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_FORMAT, 'childs' => array(new fieldCheckbox('options:is_required', array('title' => LANG_VALIDATE_REQUIRED)), new fieldCheckbox('options:is_digits', array('title' => LANG_VALIDATE_DIGITS)), new fieldCheckbox('options:is_alphanumeric', array('title' => LANG_VALIDATE_ALPHANUMERIC)), new fieldCheckbox('options:is_email', array('title' => LANG_VALIDATE_EMAIL)))), 'values' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_VALUES, 'childs' => array(new fieldText('values', array('size' => 8)))), 'read_access' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_GROUPS_READ, 'childs' => array(new fieldListGroups('groups_read', array('show_all' => true)))), 'edit_access' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_GROUPS_EDIT, 'childs' => array(new fieldListGroups('groups_edit', array('show_all' => true)))));
}
public function run($friend_id)
{
if (!cmsUser::isLogged()) {
cmsCore::error404();
}
$user = cmsUser::getInstance();
if (!$friend_id) {
cmsCore::error404();
}
if (!$this->model->isFriendshipExists($user->id, $friend_id)) {
return false;
}
$friend = $this->model->getUser($friend_id);
if (!$friend) {
cmsCore::error404();
}
//
// Запрос по ссылке из профиля
//
if ($this->request->isStandard()) {
if ($this->request->has('submit')) {
// подтвержение получено
$csrf_token = $this->request->get('csrf_token');
if (!cmsForm::validateCSRFToken($csrf_token)) {
cmsCore::error404();
}
$this->model->deleteFriendship($user->id, $friend_id);
cmsUser::addSessionMessage(sprintf(LANG_USERS_FRIENDS_DELETED, $friend['nickname']));
$this->sendNoticeDeleted($friend);
$this->redirectToAction($friend_id);
} else {
// спрашиваем подтверждение
return cmsTemplate::getInstance()->render('friend_delete', array('user' => $user, 'friend' => $friend));
}
}
//
// Запрос из уведомления (внутренний)
//
if ($this->request->isInternal()) {
$this->model->deleteFriendship($user->id, $friend_id);
$this->sendNoticeDeleted($friend, true);
return true;
}
}
public function uploadImage()
{
$template = cmsTemplate::getInstance();
$csrf_token = $this->request->get('csrf_token');
if (!cmsForm::validateCSRFToken($csrf_token)) {
$html = $template->render('upload', array('allowed_extensions' => $this->allowed_extensions, 'error' => LANG_FORM_ERRORS));
echo $html;
$this->halt();
}
$images_controller = cmsCore::getController('images');
$result = $images_controller->uploadWithPreset('image', 'wysiwyg_live');
if (!$result['success']) {
$html = $template->render('upload', array('allowed_extensions' => $images_controller->getAllowedExtensions(), 'error' => $result['error']));
echo $html;
$this->halt();
}
$html = $template->render('image', array('url' => $result['image']['url']));
echo $html;
$this->halt();
}
public function init($do, $ctype_name)
{
$model = cmsCore::getModel('content');
return array('basic' => array('type' => 'fieldset', 'childs' => array(new fieldString('name', array('title' => LANG_SYSTEM_NAME, 'hint' => $do == 'edit' ? LANG_SYSTEM_EDIT_NOTICE : false, 'rules' => array(array('required'), array('sysname'), array('max_length', 20), $do == 'add' ? array('unique_ctype_field', $ctype_name) : false))), new fieldString('title', array('title' => LANG_CP_FIELD_TITLE, 'rules' => array(array('required'), array('max_length', 100)))), new fieldString('hint', array('title' => LANG_CP_FIELD_HINT, 'rules' => array(array('max_length', 255)))))), 'type' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_TYPE, 'childs' => array(new fieldList('type', array('default' => 'string', 'generator' => function () {
$field_types = array();
$field_types = cmsForm::getAvailableFormFields();
asort($field_types, SORT_STRING);
return $field_types;
})))), 'group' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_FIELDSET, 'childs' => array(new fieldList('fieldset', array('title' => LANG_CP_FIELD_FIELDSET_SELECT, 'generator' => function ($field) use($model) {
$fieldsets = $model->getContentFieldsets($field['ctype_id']);
$items = array('');
foreach ($fieldsets as $fieldset) {
$items[$fieldset] = $fieldset;
}
return $items;
})), new fieldString('new_fieldset', array('title' => LANG_CP_FIELD_FIELDSET_ADD, 'rules' => array(array('max_length', 100)))))), 'visibility' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_VISIBILITY, 'childs' => array(new fieldCheckbox('is_in_item', array('title' => LANG_CP_FIELD_IN_ITEM, 'default' => true)), new fieldCheckbox('is_in_list', array('title' => LANG_CP_FIELD_IN_LIST)), new fieldCheckbox('is_in_filter', array('title' => LANG_CP_FIELD_IN_FILTER)))), 'labels' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_LABELS, 'childs' => array(new fieldList('options:label_in_list', array('title' => LANG_CP_FIELD_LABELS_IN_LIST, 'default' => 'left', 'items' => array('left' => LANG_CP_FIELD_LABEL_LEFT, 'top' => LANG_CP_FIELD_LABEL_TOP, 'none' => LANG_CP_FIELD_LABEL_NONE))), new fieldList('options:label_in_item', array('title' => LANG_CP_FIELD_LABELS_IN_ITEM, 'default' => 'left', 'items' => array('left' => LANG_CP_FIELD_LABEL_LEFT, 'top' => LANG_CP_FIELD_LABEL_TOP, 'none' => LANG_CP_FIELD_LABEL_NONE))))), 'wrap' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_WRAP, 'childs' => array(new fieldList('options:wrap_type', array('title' => LANG_CP_FIELD_WRAP_TYPE, 'default' => 'auto', 'items' => array('left' => LANG_CP_FIELD_WRAP_LTYPE, 'right' => LANG_CP_FIELD_WRAP_RTYPE, 'none' => LANG_CP_FIELD_WRAP_NTYPE, 'auto' => LANG_CP_FIELD_WRAP_ATYPE))), new fieldString('options:wrap_width', array('title' => LANG_CP_FIELD_WRAP_WIDTH, 'hint' => LANG_CP_FIELD_WRAP_WIDTH_HINT, 'default' => '')))), 'format' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_FORMAT, 'childs' => array(new fieldCheckbox('options:is_required', array('title' => LANG_VALIDATE_REQUIRED)), new fieldCheckbox('options:is_digits', array('title' => LANG_VALIDATE_DIGITS)), new fieldCheckbox('options:is_alphanumeric', array('title' => LANG_VALIDATE_ALPHANUMERIC)), new fieldCheckbox('options:is_email', array('title' => LANG_VALIDATE_EMAIL)), new fieldCheckbox('options:is_unique', array('title' => LANG_VALIDATE_UNIQUE)))), 'values' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_VALUES, 'childs' => array(new fieldText('values', array('size' => 8)))), 'profile' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_PROFILE_VALUE, 'childs' => array(new fieldList('options:profile_value', array('hint' => LANG_CP_FIELD_PROFILE_VALUE_HINT, 'generator' => function ($field) use($model) {
$model->setTablePrefix('');
// Ниже модель не используется
$fields = $model->filterIn('type', array('string', 'text', 'html', 'list', 'city'))->getContentFields('{users}');
$items = array('' => LANG_NO) + array_collection_to_list($fields, 'name', 'title');
return $items;
})))), 'read_access' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_GROUPS_READ, 'childs' => array(new fieldListGroups('groups_read', array('show_all' => true)))), 'edit_access' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_GROUPS_EDIT, 'childs' => array(new fieldListGroups('groups_edit', array('show_all' => true)))), 'filter_access' => array('type' => 'fieldset', 'title' => LANG_CP_FIELD_IN_FILTER, 'childs' => array(new fieldListGroups('filter_view', array('show_all' => true)))));
}
public function run($comment_id)
{
if (!$this->request->isAjax()) {
cmsCore::error404();
}
$is_submit = $this->request->get('save', 0);
$comment = $this->model->getComment($comment_id);
if (!$is_submit) {
return $this->cms_template->render('backend/text_edit', array('comment' => $comment, 'action' => href_to($this->root_url, 'text_edit', array($comment['id']))));
}
$csrf_token = $this->request->get('csrf_token', '');
if (!cmsForm::validateCSRFToken($csrf_token) || !$comment) {
$this->cms_template->renderJSON(array('errors' => true));
}
$content = $this->request->get('content', '');
// Типографируем текст
$content_html = cmsEventsManager::hook('html_filter', $content);
if (!$content_html) {
$this->cms_template->renderJSON(array('errors' => array('content' => ERR_VALIDATE_REQUIRED)));
}
list($comment_id, $content, $content_html) = cmsEventsManager::hook('comment_before_update', array($comment_id, $content, $content_html));
$this->model->updateCommentContent($comment_id, $content, $content_html);
return $this->cms_template->renderJSON(array('errors' => false, 'callback' => 'successSaveComment', 'comment_id' => $comment_id, 'text' => string_short($content_html, 350)));
}
function board() {
$inCore = cmsCore::getInstance();
global $_LANG;
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) { cmsCore::loadClass('billing'); }
$do = $inCore->do;
$pagetitle = $inCore->getComponentTitle();
$pagekeys = $pagedesc = '';
cmsCore::c('page')->setTitle($pagetitle);
cmsCore::c('page')->addPathway($pagetitle, '/board');
/////////////////////////////// VIEW CATEGORY //////////////////////////////////
if ($do == 'view') {
//Получаем текущую категорию
$category = cmsCore::m('board')->getCategory(cmsCore::m('board')->category_id);
if (!$category || (!$category['published'] && !cmsCore::c('user')->is_admin)) {
cmsCore::error404();
}
if ($category['id'] != cmsCore::m('board')->root_cat['id']) {
$pagetitle = $category['pagetitle'] ? $category['pagetitle'] : $category['title'];
$pagekeys = $category['meta_keys'];
$pagedesc = $category['meta_desc'];
$category_path = cmsCore::c('db')->getNsCategoryPath('cms_board_cats', $category['NSLeft'], $category['NSRight']);
if ($category_path) {
foreach($category_path as $pcat) {
cmsCore::c('page')->addPathway($pcat['title'], '/board/'. $pcat['id']);
}
}
} else {
$category['title'] = $pagetitle = $inCore->menuTitle();
$category['description'] = cmsCore::m('board')->config['root_description'];
$pagekeys = cmsCore::m('board')->config['meta_keys'];
$pagedesc = cmsCore::m('board')->config['meta_desc'];
}
// rss в адресной строке
$rss_cat_id = $category['id'] == cmsCore::m('board')->root_cat['id'] ? 'all' : $category['id'];
cmsCore::c('page')->addHead('<link rel="alternate" type="application/rss+xml" title="'. $_LANG['BOARD'] .'" href="'. HOST .'/rss/board/'. $rss_cat_id .'/feed.rss">');
//Формируем категории
$cats = cmsCore::m('board')->getSubCats($category['id']);
// Формируем список объявлений
// Устанавливаем категорию
if ($category['id'] != cmsCore::m('board')->root_cat['id']) {
cmsCore::m('board')->whereThisAndNestedCats($category['NSLeft'], $category['NSRight']);
}
//Город
if (cmsCore::m('board')->city) {
cmsCore::m('board')->whereCityIs(cmsCore::m('board')->city);
$pagetitle .= ' :: '. cmsCore::m('board')->city;
}
// Типы объявлений
if (cmsCore::m('board')->obtype && mb_stristr(icms_ucfirst($category['obtypes']), cmsCore::m('board')->obtype)) {
cmsCore::m('board')->whereTypeIs(cmsCore::m('board')->obtype);
$pagetitle .= ' :: '. cmsCore::m('board')->obtype;
}
// модератор или админ
$is_moder = cmsCore::c('user')->is_admin || cmsCore::m('board')->is_moderator_by_group;
// Общее количество объявлений по заданным выше условиям
$total = cmsCore::m('board')->getAdvertsCount($is_moder, true);
//устанавливаем сортировку
$orderby = cmsCore::m('board')->getOrder('orderby', $category['orderby']);
$orderto = cmsCore::m('board')->getOrder('orderto', $category['orderto']);
cmsCore::c('db')->orderBy('is_vip DESC, '. $orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во объявлений на странице
cmsCore::c('db')->limitPage(cmsCore::m('board')->page, $category['perpage']);
// Получаем объявления
$items = cmsCore::m('board')->getAdverts($is_moder, true, false, true);
// Если объявлений на странице большей чем 1 нет, 404
if (!$items && cmsCore::m('board')->page > 1) { cmsCore::error404(); }
// если не указаны ключевые слова, формируем их из названий рубрик и типов
if (!$pagekeys && $cats) {
foreach($cats as $c) {
$keys[] = $c['title'];
foreach (explode("\n", $c['obtypes']) as $obtype) {
$keys[] = trim($obtype);
}
}
$pagekeys = implode(',', $keys);
} else if(!$cats) {
$pagekeys = $category['title'];
}
// если не указано описание, формируем из текущих объявлений
if (!$pagedesc && $items) {
foreach ($items as $i) {
$desc[] = $i['title'];
}
$pagedesc = implode('. ', $desc);
} else if(!$items && $category['description']) {
$pagedesc = crop($category['description']);
}
// Проставляем заголовки страницы и описание согласно выборки
cmsCore::c('page')->setDescription(crop($pagedesc));
cmsCore::c('page')->setKeywords($pagekeys);
cmsCore::c('page')->setTitle($pagetitle);
// Отдаем в шаблон категории
cmsPage::initTemplate('components', 'com_board_cats')->
assign('cats', $cats)->
assign('category', $category)->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('is_user', cmsCore::c('user')->id)->
assign('maxcols', cmsCore::m('board')->config['maxcols'])->
display();
$pagebar = cmsPage::getPagebar($total, cmsCore::m('board')->page, $category['perpage'], '/board/%catid%-%page%', array('catid'=>$category['id']));
$order_form = $category['orderform'] ? cmsCore::m('board')->orderForm($orderby, $orderto, $category) : '';
// Отдаем в шаблон объявления
cmsPage::initTemplate('components', 'com_board_items')->
assign('order_form', $order_form)->
assign('cfg', cmsCore::m('board')->config)->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('items', $items)->
assign('cat', $category)->
assign('maxcols', $category['maxcols'])->
assign('colwidth', round(100/$category['maxcols']))->
assign('pagebar', $pagebar)->
display();
}
/////////////////////////////// VIEW USER ADV //////////////////////////////////
if ($do == 'by_user') {
// логин пользователя
$login = cmsCore::request('login', 'str', cmsCore::c('user')->login);
// получаем данные пользователя
$user = cmsUser::getShortUserData($login);
if (!$user) { cmsCore::error404(); }
$myprofile = cmsCore::m('board')->checkAccess($user['id']);
cmsCore::c('page')->addPathway($user['nickname']);
cmsCore::c('page')->setTitle($_LANG['BOARD'] .' - '. $user['nickname']);
cmsCore::c('page')->setDescription($_LANG['BOARD'] .' - '. $user['nickname']);
// Формируем список объявлений
cmsCore::m('board')->whereUserIs($user['id']);
// Общее количество объявлений по заданным выше условиям
$total = cmsCore::m('board')->getAdvertsCount($myprofile);
//устанавливаем сортировку
cmsCore::c('db')->orderBy('pubdate', 'DESC');
//устанавливаем номер текущей страницы и кол-во объявлений на странице
cmsCore::c('db')->limitPage(cmsCore::m('board')->page, 15);
// Получаем объявления
$items = cmsCore::m('board')->getAdverts($myprofile, true, false, true);
// Если объявлений на странице большей чем 1 нет, 404
if(!$items && cmsCore::m('board')->page > 1){ cmsCore::error404(); }
// Пагинация
$pagebar = cmsPage::getPagebar($total, cmsCore::m('board')->page, 15, '/board/by_user_'.$login.'/page-%page%');
// Показываем даты
$category['showdate'] = 1;
cmsPage::initTemplate('components', 'com_board_items')->
assign('cfg', cmsCore::m('board')->config)->
assign('page_title', $_LANG['BOARD'].' - '.$user['nickname'])->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('items', $items)->
assign('cat', $category)->
assign('maxcols', 1)->
assign('colwidth', 100)->
assign('pagebar', $pagebar)->
display();
}
/////////////////////////////// VIEW ITEM //////////////////////////////////////
if ($do == 'read') {
// получаем объявление
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
// неопубликованные показываем админам, модераторам и автору
if (!$item['published'] && !$item['moderator']) { cmsCore::error404(); }
// для неопубликованного показываем инфо: просрочено/на модерации
if (!$item['published']) {
$info_text = $item['is_overdue'] ? $_LANG['ADV_IS_EXTEND'] : $_LANG['ADV_IS_MODER'];
cmsCore::addSessionMessage($info_text, 'info');
} else {
// увеличиваем кол-во просмотров
cmsCore::c('db')->setFlag('cms_board_items', cmsCore::m('board')->item_id, 'hits', $item['hits']+1);
}
// формируем заголовок и тело сообщения
$item['title'] = $item['obtype'].' '.$item['title'];
$item['content'] = nl2br($item['content']);
$item['content'] = cmsCore::m('board')->config['auto_link'] ? $inCore->parseSmiles($item['content']) : $item['content'];
$category_path = cmsCore::c('db')->getNsCategoryPath('cms_board_cats', $item['NSLeft'], $item['NSRight']);
if ($category_path) {
foreach ($category_path as $pcat) {
cmsCore::c('page')->addPathway($pcat['title'], '/board/'.$pcat['id']);
}
}
cmsCore::c('page')->addPathway($item['title']);
$pagetitle = $item['pagetitle'] ? $item['pagetitle'] : $item['title'];
$pagekeys = $item['meta_keys'] ? $item['meta_keys'] : $item['title'];
$pagedesc = $item['meta_desc'] ? $item['meta_desc'] : $item['content'];
cmsCore::c('page')->setTitle($pagetitle);
cmsCore::c('page')->setDescription(crop($pagedesc));
cmsCore::c('page')->setKeywords($pagekeys);
cmsPage::initTemplate('components', 'com_board_item')->
assign('item', $item)->
assign('cfg', cmsCore::m('board')->config)->
assign('user_id', cmsCore::c('user')->id)->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('formsdata', cmsForm::getFieldsValues($item['form_id'], $item['form_array']))->
assign('is_moder', cmsCore::m('board')->is_moderator_by_group)->
display();
}
/////////////////////////////// NEW BOARD ITEM /////////////////////////////////
if ($do == 'additem') {
// Получаем категории, в которые может загружать пользователь
$catslist = cmsCore::m('board')->getPublicCats(cmsCore::m('board')->category_id);
if (!$catslist) {
cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV_ANY'], 'error');
$inCore->redirect('/board');
}
$cat['is_photos'] = 1;
$formsdata = array();
if (cmsCore::m('board')->category_id && cmsCore::m('board')->category_id != cmsCore::m('board')->root_cat['id']) {
$cat = cmsCore::m('board')->getCategory(cmsCore::m('board')->category_id);
$formsdata = cmsForm::getFieldsHtml($cat['form_id']);
}
cmsCore::c('page')->addPathway($_LANG['ADD_ADV']);
if ( !cmsCore::inRequest('submit') ) {
if (IS_BILLING) { cmsBilling::checkBalance('board', 'add_item'); }
cmsCore::c('page')->setTitle($_LANG['ADD_ADV']);
$item = cmsUser::sessionGet('item');
if ($item) { cmsUser::sessionDel('item'); }
$item['city'] = !empty($item['city']) ? $item['city'] : cmsCore::c('user')->city;
cmsPage::initTemplate('components', 'com_board_edit')->
assign('action', "/board/add.html")->
assign('form_do', 'add')->
assign('cfg', cmsCore::m('board')->config)->
assign('cat', $cat)->
assign('item', $item)->
assign('pagetitle', $_LANG['ADD_ADV'])->
assign('formsdata', $formsdata)->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('is_user', cmsCore::c('user')->id)->
assign('catslist', $catslist)->
assign('is_billing', IS_BILLING)->assign('balance', cmsCore::c('user')->balance)->
display();
cmsUser::sessionClearAll();
return;
}
if ( cmsCore::inRequest('submit') ) {
// проверяем на заполненость скрытое поле
$title_fake = cmsCore::request('title_fake', 'str', '');
// если оно заполнено, считаем что это бот, 404
if ($title_fake) { cmsCore::error404(); }
$errors = false;
// проверяем наличие категории
if (!$cat['id']) {
cmsCore::addSessionMessage($_LANG['NEED_CAT_ADV'], 'error');
$errors = true;
}
// Проверяем количество добавленных за сутки
if (!cmsCore::m('board')->checkLoadedByUser24h($cat)){
cmsCore::addSessionMessage($_LANG['MAX_VALUE_OF_ADD_ADV'], 'error');
$errors = true;
}
// Можем ли добавлять в эту рубрику
if (!cmsCore::m('board')->checkAdd($cat)){
cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV'], 'error');
$errors = true;
}
// входные данные
$obtype = icms_ucfirst(cmsCore::request('obtype', 'str', ''));
$title = trim(str_ireplace($obtype, '', cmsCore::request('title', 'str', '')));
$content = cmsCore::request('content', 'str', '');
$city = cmsCore::request('city', 'str', '');
if ((cmsCore::m('board')->config['seo_user_access'] && cmsCore::c('user')->id) || cmsCore::c('user')->is_admin) {
$pagetitle = cmsCore::request('pagetitle', 'str', '');
$meta_keys = cmsCore::request('meta_keys', 'str', '');
$meta_desc = cmsCore::request('meta_desc', 'str', '');
} else {
$pagetitle = $meta_keys = $meta_desc = '';
}
$form_input = cmsForm::getFieldsInputValues($cat['form_id']);
$formsdata = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values']));
$vipdays = cmsCore::request('vipdays', 'int', 0);
$published = cmsCore::m('board')->checkPublished($cat);
if (cmsCore::m('board')->config['srok']){ $pubdays = (cmsCore::request('pubdays', 'int') <= 50) ? cmsCore::request('pubdays', 'int') : 50; }
if (!cmsCore::m('board')->config['srok']){ $pubdays = isset(cmsCore::m('board')->config['pubdays']) ? cmsCore::m('board')->config['pubdays'] : 14; }
// Проверяем значения
if (!$title) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error');
$errors = true;
}
if (!$content) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error');
$errors = true;
}
if (!$city) {
cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error');
$errors = true;
}
if (!cmsCore::c('user')->id && !cmsCore::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
$errors = true;
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
if ($errors) {
$item['content'] = htmlspecialchars(stripslashes($_REQUEST['content']));
$item['city'] = stripslashes($city);
$item['title'] = stripslashes($title);
$item['obtype'] = $obtype;
cmsUser::sessionPut('item', $item);
cmsCore::redirect('/board/'. cmsCore::m('board')->category_id .'/add.html');
}
if ($cat['is_photos']) {
// Загружаем фото
$file = cmsCore::m('board')->uploadPhoto('', $cat);
} else {
$file['filename'] = '';
cmsCore::addSessionMessage($_LANG['INFO_CAT_NO_PHOTO'], 'info');
}
$add = array(
'category_id' => cmsCore::m('board')->category_id,
'user_id' => cmsCore::c('user')->id,
'obtype' => $obtype,
'title' => $title,
'content' => $content,
'formsdata' => $formsdata,
'city' => $city,
'pubdays' => $pubdays,
'published' => $published,
'pagetitle' => $pagetitle,
'meta_keys' => $meta_keys,
'meta_desc' => $meta_desc,
'file' => $file['filename']
);
$add['id'] = cmsCore::m('board')->addRecord($add);
if (cmsCore::c('user')->is_admin && $vipdays) {
cmsCore::m('board')->setVip($add['id'], $vipdays);
}
if (IS_BILLING) {
cmsBilling::process('board', 'add_item');
if (cmsCore::m('board')->config['vip_enabled'] && $vipdays && cmsCore::m('board')->config['vip_day_cost']) {
if ($vipdays > cmsCore::m('board')->config['vip_max_days']) {
$vipdays = cmsCore::m('board')->config['vip_max_days'];
}
$summ = $vipdays * cmsCore::m('board')->config['vip_day_cost'];
if (cmsCore::c('user')->balance >= $summ) {
cmsBilling::pay(cmsCore::c('user')->id, $summ, $_LANG['VIP_ITEM']);
cmsCore::m('board')->setVip($add['id'], $vipdays);
}
}
}
cmsUser::sessionClearAll();
if ($published) {
//регистрируем событие
cmsActions::log('add_board', array(
'object' => $obtype .' '. $title,
'object_url' => '/board/read'. $add['id'] .'.html',
'object_id' => $add['id'],
'target' => $cat['title'],
'target_url' => '/board/'. $cat['id'],
'target_id' => $cat['id'],
'description' => ''
));
cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'], 'success');
cmsCore::callEvent('ADD_BOARD_DONE', $add);
cmsCore::redirect('/board/read'. $add['id'] .'.html');
}
if (!$published) {
$link = '<a href="/board/read'. $add['id'] .'.html">'. $obtype .' '. $title .'</a>';
if (cmsCore::c('user')->id) {
$user = '******'. cmsUser::getProfileURL(cmsCore::c('user')->login) .'">'. cmsCore::c('user')->nickname .'</a>';
} else {
$user = $_LANG['BOARD_GUEST'] .', ip: '. cmsCore::c('user')->ip;
}
$message = str_replace('%user%', $user, $_LANG['MSG_ADV_SUBMIT']);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'] .'<br>'. $_LANG['ADV_PREMODER_TEXT'], 'success');
cmsCore::redirect('/board/'.cmsCore::m('board')->category_id);
}
}
}
/////////////////////////////// EDIT BOARD ITEM ////////////////////////////////
if ($do == 'edititem') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
$cat = cmsCore::m('board')->getCategory($item['category_id']);
if (!$cat || !$item) { cmsCore::error404(); }
cmsCore::c('page')->setTitle($_LANG['EDIT_ADV']);
cmsCore::c('page')->addPathway($item['category'], '/board/'. $item['cat_id']);
cmsCore::c('page')->addPathway($_LANG['EDIT_ADV']);
if (!$item['moderator']) {
cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
$errors = false;
if (!cmsCore::inRequest('submit')) {
cmsPage::initTemplate('components', 'com_board_edit')->
assign('action', "/board/edit{$item['id']}.html")->
assign('form_do', 'edit')->
assign('cfg', cmsCore::m('board')->config)->
assign('cat', $cat)->
assign('item', $item)->
assign('pagetitle', $_LANG['EDIT_ADV'])->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('catslist', cmsCore::m('board')->getPublicCats($item['category_id'], true))->
assign('formsdata', cmsForm::getFieldsHtml($cat['form_id'], $item['form_array']))->
assign('is_user', cmsCore::c('user')->id)->
assign('is_billing', IS_BILLING)->assign('balance', cmsCore::c('user')->balance)->
display();
cmsUser::sessionClearAll();
}
if (cmsCore::inRequest('submit')) {
$new_cat_id = cmsCore::request('category_id', 'int', 0);
if ($new_cat_id) {
$item['category_id'] = $new_cat_id;
}
$form_input = cmsForm::getFieldsInputValues($cat['form_id']);
$formsdata = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values']));
if ($item['is_overdue'] && !$item['published']) {
if (cmsCore::m('board')->config['srok']) {
$pubdays = (cmsCore::request('pubdays', 'int') <= 50) ? cmsCore::request('pubdays', 'int') : 50;
}
if (!cmsCore::m('board')->config['srok']) {
$pubdays = isset(cmsCore::m('board')->config['pubdays']) ? cmsCore::m('board')->config['pubdays'] : 14;
}
$pubdate = date('Y-m-d H:i:s');
} else {
$pubdays = $item['pubdays'];
$pubdate = $item['fpubdate'];
}
$update['obtype'] = icms_ucfirst(cmsCore::request('obtype', 'str'));
$update['title'] = trim(str_ireplace($update['obtype'], '', cmsCore::request('title', 'str', '')));
$update['category_id'] = $item['category_id'];
$update['content'] = cmsCore::request('content', 'str', '');
$update['formsdata'] = $formsdata;
$update['city'] = cmsCore::request('city', 'str', '');
$update['pubdate'] = $pubdate;
$update['pubdays'] = $pubdays;
$update['published'] = cmsCore::m('board')->checkPublished($cat, true);
if ((cmsCore::m('board')->config['seo_user_access'] && cmsCore::c('user')->id) || cmsCore::c('user')->is_admin) {
$update['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$update['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$update['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
if (!$update['title']) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error');
$errors = true;
}
if (!$update['content']) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error');
$errors = true;
}
if (!$update['city']) {
cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error');
$errors = true;
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
if ($errors) {
$inCore->redirect('/board/edit'. $item['id'] .'.html');
}
if ($cat['is_photos']) {
// Загружаем фото
$file = cmsCore::m('board')->uploadPhoto($item['file'], $cat);
}
$update['file'] = $file['filename'] ? $file['filename'] : $item['file'];
// обновляем объявление
cmsCore::m('board')->updateRecord($item['id'], $update);
// обновляем запись в ленте активности
cmsActions::updateLog('add_board', array('object' => $update['obtype'] .' '. $update['title']), $item['id']);
$vipdays = cmsCore::request('vipdays', 'int', 0);
if (cmsCore::c('user')->is_admin) {
if ($vipdays > 0) {
cmsCore::m('board')->setVip($item['id'], $vipdays);
}
if ($vipdays == -1) {
cmsCore::m('board')->deleteVip($item['id']);
}
}
if (IS_BILLING) {
if (cmsCore::m('board')->config['vip_enabled'] && cmsCore::m('board')->config['vip_prolong'] && $vipdays && cmsCore::m('board')->config['vip_day_cost']) {
if ($vipdays > cmsCore::m('board')->config['vip_max_days']) {
$vipdays = cmsCore::m('board')->config['vip_max_days'];
}
$summ = $vipdays * cmsCore::m('board')->config['vip_day_cost'];
if (cmsCore::c('user')->balance >= $summ) {
cmsBilling::pay(cmsCore::c('user')->id, $summ, $_LANG['VIP_ITEM']);
cmsCore::m('board')->setVip($item['id'], $vipdays);
}
}
}
cmsUser::sessionClearAll();
if (!$update['published']) {
$link = '<a href="/board/read'. $item['id'] .'.html">'. $update['obtype'] .' '. $update['title'] .'</a>';
$user = '******'. cmsUser::getProfileURL(cmsCore::c('user')->login) .'">'. cmsCore::c('user')->nickname .'</a>';
$message = str_replace(array('%link%','%user%'), array($link,$user), $_LANG['MSG_ADV_EDITED']);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
cmsCore::addSessionMessage($_LANG['ADV_EDIT_PREMODER_TEXT'], 'info');
}
cmsCore::addSessionMessage($_LANG['ADV_MODIFIED'], 'success');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
}
///////////////////////// PUBLISH BOARD ITEM ///////////////////////////////////
if ($do == 'publish') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
// если уже опубликовано, 404
if ($item['published']) { cmsCore::error404(); }
// публиковать могут админы и модераторы доски
if (!cmsCore::c('user')->is_admin && !cmsCore::m('board')->is_moderator_by_group) {
cmsCore::error404();
}
// публикуем
cmsCore::c('db')->setFlag('cms_board_items', cmsCore::m('board')->item_id, 'published', 1);
cmsCore::callEvent('ADD_BOARD_DONE', $item);
if ($item['user_id']) {
//регистрируем событие
cmsActions::log('add_board', array(
'object' => $item['obtype'] .' '. $item['title'],
'user_id' => $item['user_id'],
'object_url' => '/board/read'. $item['id'] .'.html',
'object_id' => $item['id'],
'target' => $item['category'],
'target_url' => '/board/'. $item['cat_id'],
'target_id' => $item['cat_id'],
'description' => ''
));
$link = '<a href="/board/read'. $item['id'] .'.html">'. $item['obtype'] .' '. $item['title'] .'</a>';
$message = str_replace('%link%', $link, $_LANG['MSG_ADV_ACCEPTED']);
cmsUser::sendMessage(USER_UPDATER, $item['user_id'], $message);
}
cmsCore::addSessionMessage($_LANG['ADV_IS_ACCEPTED'], 'success');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
/////////////////////////////// DELETE BOARD ITEM //////////////////////////////
if ($do == 'delete') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
if (!$item['moderator']) {
cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error');
cmsCore::redirect('/board/'. $item['cat_id']);
}
if (!cmsCore::inRequest('godelete')) {
cmsCore::c('page')->setTitle($_LANG['DELETE_ADV']);
cmsCore::c('page')->addPathway($item['category'], '/board/'. $item['cat_id']);
cmsCore::c('page')->addPathway($_LANG['DELETE_ADV']);
$confirm['title'] = $_LANG['DELETING_ADV'];
$confirm['text'] = $_LANG['YOU_SURE_DELETE_ADV'] .' "'. $item['title'] .'"?';
$confirm['action'] = $_SERVER['REQUEST_URI'];
$confirm['yes_button']['name'] = 'godelete';
cmsPage::initTemplate('components', 'action_confirm')->
assign('confirm', $confirm)->
display();
}
if (cmsCore::inRequest('godelete')) {
cmsCore::m('board')->deleteRecord(cmsCore::m('board')->item_id);
cmsCore::addSessionMessage($_LANG['ADV_IS_DELETED'], 'success');
cmsCore::redirect('/board/'. $item['cat_id']);
}
}
}
/**
* Возвращает скрытое поле, содержащее актуальный CSRF-токен
* @return string
*/
function html_csrf_token()
{
return html_input('hidden', 'csrf_token', cmsForm::getCSRFToken());
}
public function getProfileOptionsForm()
{
if (!$this->hasProfileThemesOptions()) {
return false;
}
$form_file = $this->path . '/profiles/options.form.php';
$form_name = 'template_profile_options';
$form = cmsForm::getForm($form_file, $form_name);
if (!$form) {
$form = new cmsForm();
}
return $form;
}
/**
* Загружает и возвращает описание структуры формы
* @param type $form_name
* @param type $params
* @return cmsForm
*/
public function getForm($form_name, $params = false, $path_prefix = '')
{
$form_file = $this->root_path . $path_prefix . 'forms/form_' . $form_name . '.php';
$_form_name = $this->name . $form_name;
$form = cmsForm::getForm($form_file, $_form_name, $params);
list($form, $params) = cmsEventsManager::hook('form_' . $this->name . '_' . $form_name, array($form, $params));
return $form;
}
public function getItemForm($ctype, $fields, $action, $data = array(), $item_id = false, $item = false)
{
$user = cmsUser::getInstance();
// Контейнер для передачи дополнительных списков:
// $groups_list, $folders_list и т.д.
extract($data);
// Строим форму
$form = new cmsForm();
$fieldset_id = $form->addFieldset();
// Если включены категории, добавляем в форму поле выбора категории
if ($ctype['is_cats'] && ($action != 'edit' || $ctype['options']['is_cats_change'])) {
$fieldset_id = $form->addFieldset(LANG_CATEGORY, 'category');
$form->addField($fieldset_id, new fieldList('category_id', array('rules' => array(array('required')), 'generator' => function ($item) {
$content_model = cmsCore::getModel('content');
$ctype = $content_model->getContentTypeByName($item['ctype_name']);
$tree = $content_model->getCategoriesTree($item['ctype_name']);
$level_offset = 0;
$last_header_id = false;
$items = array('' => LANG_CONTENT_SELECT_CATEGORY);
if ($tree) {
foreach ($tree as $c) {
if ($ctype['options']['is_cats_only_last']) {
$dash_pad = $c['ns_level'] - 1 >= 0 ? str_repeat('-', $c['ns_level'] - 1) . ' ' : '';
if ($c['ns_right'] - $c['ns_left'] == 1) {
if ($last_header_id !== false && $last_header_id != $c['parent_id']) {
$items['opt' . $c['id']] = array(str_repeat('-', $c['ns_level'] - 1) . ' ' . $c['title']);
}
$items[$c['id']] = $dash_pad . $c['title'];
} else {
if ($c['parent_id'] > 0) {
$items['opt' . $c['id']] = array($dash_pad . $c['title']);
$last_header_id = $c['id'];
}
}
continue;
}
if (!$ctype['options']['is_cats_only_last']) {
if ($c['parent_id'] == 0 && !$ctype['options']['is_cats_open_root']) {
$level_offset = 1;
continue;
}
$items[$c['id']] = str_repeat('-- ', $c['ns_level'] - $level_offset) . ' ' . $c['title'];
continue;
}
}
}
return $items;
})));
if (cmsUser::isAllowed($ctype['name'], 'add_cat')) {
$form->addField($fieldset_id, new fieldString('new_category', array('title' => LANG_ADD_CATEGORY_QUICK)));
}
if (!empty($ctype['options']['is_cats_multi'])) {
$fieldset_id = $form->addFieldset(LANG_ADDITIONAL_CATEGORIES, 'multi_cats', array('is_empty' => true));
}
}
// Если включены личные папки, добавляем в форму поле выбора личной папки
if ($ctype['is_folders']) {
$fieldset_id = $form->addFieldset(LANG_FOLDER, 'folder');
$folders = array('0' => LANG_CONTENT_SELECT_FOLDER);
if ($folders_list) {
$folders = $folders + $folders_list;
}
$form->addField($fieldset_id, new fieldList('folder_id', array('items' => $folders)));
$form->addField($fieldset_id, new fieldString('new_folder', array('title' => LANG_ADD_FOLDER_QUICK)));
}
// Если есть поля-свойства, то добавляем область для них
if ($ctype['props']) {
$form->addFieldset('', 'props', array('is_empty' => true, 'class' => 'highlight'));
}
// Если этот контент можно создавать в группах (сообществах) то добавляем
// поле выбора группы
if ($action == 'add' && $groups_list && $groups_list != array('0' => '')) {
$fieldset_id = $form->addFieldset(LANG_GROUP);
$form->addField($fieldset_id, new fieldList('parent_id', array('items' => $groups_list)));
}
// Разбиваем поля по группам
$fieldsets = cmsForm::mapFieldsToFieldsets($fields, function ($field, $user) {
// пропускаем системные поля
if ($field['is_system']) {
return false;
}
// проверяем что группа пользователя имеет доступ к редактированию этого поля
if ($field['groups_edit'] && !$user->isInGroups($field['groups_edit'])) {
return false;
}
return true;
});
// Добавляем поля в форму
foreach ($fieldsets as $fieldset) {
$fieldset_id = $form->addFieldset($fieldset['title']);
foreach ($fieldset['fields'] as $field) {
// добавляем поле в форму
$form->addField($fieldset_id, $field['handler']);
}
}
//
// Если включены теги, то добавляем поле для них
//
if ($ctype['is_tags']) {
$fieldset_id = $form->addFieldset(LANG_TAGS);
$form->addField($fieldset_id, new fieldString('tags', array('hint' => LANG_TAGS_HINT, 'autocomplete' => array('multiple' => true, 'url' => href_to('tags', 'autocomplete')))));
}
// Если ручной ввод SLUG, то добавляем поле для этого
if (!$ctype['is_auto_url']) {
$slug_field_rules = array(array('required'), array('slug'));
if ($action == 'add') {
$slug_field_rules[] = array('unique', $this->model->table_prefix . $ctype['name'], 'slug');
}
if ($action == 'edit') {
$slug_field_rules[] = array('unique_exclude', $this->model->table_prefix . $ctype['name'], 'slug', $item_id);
}
$fieldset_id = $form->addFieldset(LANG_SLUG);
$form->addField($fieldset_id, new fieldString('slug', array('prefix' => '/' . $ctype['name'] . '/', 'suffix' => '.html', 'rules' => $slug_field_rules)));
}
// Если разрешено управление видимостью, то добавляем поле
if (cmsUser::isAllowed($ctype['name'], 'privacy')) {
$fieldset_id = $form->addFieldset(LANG_PRIVACY);
$form->addField($fieldset_id, new fieldList('is_private', array('items' => array(0 => LANG_PRIVACY_PUBLIC, 1 => LANG_PRIVACY_PRIVATE), 'rules' => array(array('number')))));
}
// если разрешено отключать комментарии к записи
if (cmsUser::isAllowed($ctype['name'], 'disable_comments') && $ctype['is_comments']) {
$fieldset_id = $form->addFieldset(LANG_RULE_CONTENT_COMMENT, 'is_comment');
$form->addField($fieldset_id, new fieldList('is_comments_on', array('default' => 1, 'items' => array(1 => LANG_YES, 0 => LANG_NO))));
}
//
// Если ручной ввод ключевых слов или описания, то добавляем поля для этого
//
if (!empty($ctype['options']['is_manual_title']) || !$ctype['is_auto_keys'] || !$ctype['is_auto_desc']) {
$fieldset_id = $form->addFieldset(LANG_SEO);
if ($ctype['options']['is_manual_title']) {
$form->addField($fieldset_id, new fieldString('seo_title', array('title' => LANG_SEO_TITLE, 'rules' => array(array('max_length', 256)))));
}
if (!$ctype['is_auto_keys']) {
$form->addField($fieldset_id, new fieldString('seo_keys', array('title' => LANG_SEO_KEYS, 'hint' => LANG_SEO_KEYS_HINT, 'rules' => array(array('max_length', 256)))));
}
if (!$ctype['is_auto_desc']) {
$form->addField($fieldset_id, new fieldText('seo_desc', array('title' => LANG_SEO_DESC, 'hint' => LANG_SEO_DESC_HINT, 'rules' => array(array('max_length', 256)))));
}
}
//
// Если включен выбор даты публикации, то добавляем поля
//
$pub_fieldset_id = false;
$is_dates = $ctype['is_date_range'];
$is_pub_start_date = cmsUser::isAllowed($ctype['name'], 'pub_late');
$is_pub_end_date = cmsUser::isAllowed($ctype['name'], 'pub_long', 'any');
$is_pub_end_days = cmsUser::isAllowed($ctype['name'], 'pub_long', 'days');
$is_pub_control = cmsUser::isAllowed($ctype['name'], 'pub_on');
$is_pub_ext = cmsUser::isAllowed($ctype['name'], 'pub_max_ext');
$pub_max_days = intval(cmsUser::getPermissionValue($ctype['name'], 'pub_max_days'));
if ($user->is_admin) {
$is_pub_end_days = false;
}
if ($is_pub_control) {
$pub_fieldset_id = $pub_fieldset_id ? $pub_fieldset_id : $form->addFieldset(LANG_CONTENT_PUB);
$form->addField($pub_fieldset_id, new fieldList('is_pub', array('title' => sprintf(LANG_CONTENT_IS_PUB, $ctype['labels']['create']), 'default' => 1, 'items' => array(1 => LANG_YES, 0 => LANG_NO))));
}
if ($is_dates) {
if ($is_pub_start_date) {
$pub_fieldset_id = $pub_fieldset_id ? $pub_fieldset_id : $form->addFieldset(LANG_CONTENT_PUB);
$m = date('i');
$form->addField($pub_fieldset_id, new fieldDate('date_pub', array('title' => LANG_CONTENT_DATE_PUB, 'default' => date('Y-m-d H:') . ($m - $m % 5), 'options' => array('show_time' => true), 'rules' => array(array('required')))));
}
if ($is_pub_end_date) {
$pub_fieldset_id = $pub_fieldset_id ? $pub_fieldset_id : $form->addFieldset(LANG_CONTENT_PUB);
$form->addField($pub_fieldset_id, new fieldDate('date_pub_end', array('title' => LANG_CONTENT_DATE_PUB_END, 'hint' => LANG_CONTENT_DATE_PUB_END_HINT)));
}
if ($action == 'add' && $is_pub_end_days || $action == 'edit' && $is_pub_ext && $is_pub_end_days) {
$pub_fieldset_id = $pub_fieldset_id ? $pub_fieldset_id : $form->addFieldset(LANG_CONTENT_PUB);
$title = $action == 'add' ? LANG_CONTENT_PUB_LONG : LANG_CONTENT_PUB_LONG_EXT;
$hint = $action == 'add' ? false : sprintf(LANG_CONTENT_PUB_LONG_NOW, html_date($item['date_pub_end']));
if ($pub_max_days) {
$days = array();
$rules = array();
if ($action == 'add') {
$rules[] = array('required');
$min = 1;
}
if ($action == 'edit') {
$min = 0;
}
$rules[] = array('number');
$rules[] = array('min', $min);
$rules[] = array('max', $pub_max_days);
if ($action == 'add') {
$rules[] = array('required');
$min = 1;
}
if ($action == 'edit') {
$min = 0;
}
for ($d = $min; $d <= $pub_max_days; $d++) {
$days[$d] = $d;
}
$form->addField($pub_fieldset_id, new fieldList('pub_days', array('title' => $title, 'hint' => $hint, 'items' => $days, 'rules' => $rules)));
} else {
$rules = array();
if ($action == 'add') {
$rules[] = array('required');
$min = 1;
}
if ($action == 'edit') {
$min = 0;
}
$rules[] = array('min', $min);
$rules[] = array('max', 65535);
$form->addField($pub_fieldset_id, new fieldNumber('pub_days', array('title' => $title, 'default' => 10, 'rules' => $rules)));
}
}
}
return $form;
}
function install_package()
{
$core = cmsCore::getInstance();
$content_model = cmsCore::getModel('content');
$remove_table_indexes = array('{users}_friends' => array('is_mutual', 'friend_id', 'user_id'), 'tags_bind' => array('tag_id'));
$add_table_indexes = array('{users}_friends' => array('user_id' => array('user_id', 'is_mutual'), 'friend_id' => array('friend_id', 'is_mutual')), 'tags_bind' => array('tag_id' => array('tag_id')));
// все таблицы
// удаляем ненужные индексы
foreach ($remove_table_indexes as $table => $ri) {
foreach ($ri as $index_name) {
$core->db->dropIndex($table, $index_name);
}
}
// добавляем нужные
foreach ($add_table_indexes as $table => $indexes) {
foreach ($indexes as $index_name => $fields) {
$core->db->addIndex($table, $fields, $index_name);
}
}
//************************************************************************//
// типы контента
$ctypes = $content_model->getContentTypes();
$varchar_fields = array('seo_keys', 'seo_desc', 'seo_title');
$remove_ctype_indexes = array('_cats' => array('ns_left', 'ns_right', 'ns_differ', 'ns_ignore', 'parent_id'), '_props_bind' => array('cat_id', 'ordering'), '' => array('date_pub', 'user_id', 'parent_id', 'parent_type', 'is_comments_on', 'is_approved', 'date_approved', 'comments', 'rating', 'is_private', 'is_parent_hidden', 'photos_count', 'date_pub_end', 'date_last_modified', 'title'));
$add_ctype_indexes = array('_cats' => array('ns_left' => array('ns_level', 'ns_right', 'ns_left'), 'parent_id' => array('parent_id', 'ns_left')), '_props_bind' => array('ordering' => array('cat_id', 'ordering')), '' => array('date_pub' => array('is_pub', 'is_parent_hidden', 'is_approved', 'date_pub'), 'parent_id' => array('parent_id', 'parent_type', 'date_pub'), 'user_id' => array('user_id', 'date_pub'), 'date_pub_end' => array('date_pub_end')));
$add_ctype_fulltext_indexes = array('' => array('title' => array('title')));
foreach ($ctypes as $ctype) {
// меняем типы сео полям
foreach ($varchar_fields as $varchar_field) {
$core->db->query("ALTER TABLE `{#}{$content_model->table_prefix}{$ctype['name']}` CHANGE `{$varchar_field}` `{$varchar_field}` VARCHAR( 256 ) NULL DEFAULT NULL;");
$core->db->query("ALTER TABLE `{#}{$content_model->table_prefix}{$ctype['name']}_cats` CHANGE `{$varchar_field}` `{$varchar_field}` VARCHAR( 256 ) NULL DEFAULT NULL;");
}
// комментарии по умолчанию включены
$core->db->query("ALTER TABLE `{#}{$content_model->table_prefix}{$ctype['name']}` CHANGE `is_comments_on` `is_comments_on` TINYINT( 1 ) UNSIGNED NULL DEFAULT '1'");
// для текущих записей включаем их
$core->db->query("UPDATE `{#}{$content_model->table_prefix}{$ctype['name']}` SET `is_comments_on` = '1'");
// удаляем ненужные индексы
foreach ($remove_ctype_indexes as $table_postfix => $rcci) {
foreach ($rcci as $index_name) {
$core->db->dropIndex($content_model->table_prefix . $ctype['name'] . $table_postfix, $index_name);
}
}
// добавляем нужные обычные индексы
foreach ($add_ctype_indexes as $table_postfix => $indexes) {
foreach ($indexes as $index_name => $fields) {
$core->db->addIndex($content_model->table_prefix . $ctype['name'] . $table_postfix, $fields, $index_name);
}
}
// добавляем FULLTEXT индексы только для поля title. остальные поля включаются в индекс в настройках
foreach ($add_ctype_fulltext_indexes as $table_postfix => $fulltext_indexes) {
foreach ($fulltext_indexes as $index_name => $fields) {
$core->db->addIndex($content_model->table_prefix . $ctype['name'] . $table_postfix, $fields, $index_name, 'FULLTEXT');
}
}
}
if (!$core->db->isFieldExists('content_datasets', 'index')) {
$core->db->query("ALTER TABLE `{#}content_datasets` ADD `index` VARCHAR(40) NULL DEFAULT NULL COMMENT 'Название используемого индекса' AFTER `sorting`, ADD INDEX (`index`);");
}
if (!$core->db->isFieldExists('controllers', 'is_external')) {
$core->db->query("ALTER TABLE `{#}controllers` ADD `is_external` TINYINT(1) UNSIGNED NULL DEFAULT NULL COMMENT 'Сторонний компонент' AFTER `is_backend`");
}
if (!$core->db->isFieldExists('rss_feeds', 'template')) {
$core->db->query("ALTER TABLE `{#}rss_feeds` ADD `template` VARCHAR(30) NOT NULL DEFAULT 'feed' COMMENT 'Шаблон ленты';");
}
if (!$core->db->isFieldExists('images_presets', 'quality')) {
$core->db->query("ALTER TABLE `{#}images_presets` ADD `quality` TINYINT(1) NOT NULL DEFAULT '90';");
}
if (!$core->db->getRowsCount('perms_rules', "controller = 'content' AND name = 'disable_comments'", 1)) {
$core->db->query("INSERT INTO `{#}perms_rules` (`controller`,`name`,`type`,`options`) VALUES ('content','disable_comments','flag', NULL)");
}
$core->db->query("UPDATE `{#}perms_rules` SET `options` = 'own,all,full_delete' WHERE controller = 'comments' AND name = 'delete'");
// для всех датасетов создаем индексы, если нужно
$datasets = $content_model->select('ct.name', 'ctype_name')->joinInner('content_types', 'ct', 'ct.id = i.ctype_id')->get('content_datasets', function ($item, $model) {
$item['filters'] = cmsModel::yamlToArray($item['filters']);
$item['sorting'] = cmsModel::yamlToArray($item['sorting']);
return $item;
});
if ($datasets) {
foreach ($datasets as $dataset) {
$index = $content_model->addContentDatasetIndex($dataset, $dataset['ctype_name']);
$content_model->update('content_datasets', $dataset['id'], array('index' => $index), true);
}
}
$config = cmsConfig::getInstance();
$values = $config->getAll();
$values['db_engine'] = 'InnoDB';
if (!$config->save($values)) {
cmsUser::addSessionMessage('Не могу записать файл конфигурации сайта. Добавьте в него строку <b>"db_engine" => "InnoDB",</b>', 'info');
}
// если вдруг для каких то компонентов нет конфига в таблице cms_controllers
// пропускаем компонент карты сайта, т.к. там конфиг динамический
// будем надеяться, что опции в нем хоть раз сохранялись =)
$controllers = $content_model->filterNotEqual('name', 'sitemap')->get('controllers', function ($item, $model) {
$item['options'] = cmsModel::yamlToArray($item['options']);
return $item;
}, 'name');
foreach ($controllers as $controller) {
$controller_root_path = cmsConfig::get('root_path') . 'system/controllers/' . $controller['name'] . '/';
$form_file = $controller_root_path . 'backend/forms/form_options.php';
$form_name = $controller['name'] . 'options';
cmsCore::loadControllerLanguage($controller['name']);
$form = cmsForm::getForm($form_file, $form_name, false);
if ($form) {
$options = $form->parse(new cmsRequest(cmsController::loadOptions($controller['name'])));
} else {
$options = null;
}
$content_model->filterEqual('name', $controller['name'])->updateFiltered('controllers', array('options' => $options));
}
}
public function run()
{
if (cmsUser::isLogged() && !cmsUser::isAdmin()) {
$this->redirectToHome();
}
$users_model = cmsCore::getModel('users');
$form = $this->getForm('registration');
//
// Добавляем поле для кода приглашения,
// если регистрация доступна только по приглашениям
//
if ($this->options['is_reg_invites']) {
$fieldset_id = $form->addFieldsetToBeginning(LANG_REG_INVITED_ONLY);
$form->addField($fieldset_id, new fieldString('inv', array('title' => LANG_REG_INVITE_CODE, 'rules' => array(array('required'), array('min_length', 10), array('max_length', 10)))));
}
//
// Добавляем поле выбора группы,
// при наличии публичных групп
//
$public_groups = $users_model->getPublicGroups();
if ($public_groups) {
$pb_items = array();
foreach ($public_groups as $pb) {
$pb_items[$pb['id']] = $pb['title'];
}
$form->addFieldToBeginning('basic', new fieldList('group_id', array('title' => LANG_USER_GROUP, 'items' => $pb_items)));
}
//
// Добавляем в форму обязательные поля профилей
//
$content_model = cmsCore::getModel('content');
$content_model->setTablePrefix('');
$content_model->orderBy('ordering');
$fields = $content_model->getRequiredContentFields('users');
// Разбиваем поля по группам
$fieldsets = cmsForm::mapFieldsToFieldsets($fields);
// Добавляем поля в форму
foreach ($fieldsets as $fieldset) {
$fieldset_id = $form->addFieldset($fieldset['title']);
foreach ($fieldset['fields'] as $field) {
if ($field['is_system']) {
continue;
}
$form->addField($fieldset_id, $field['handler']);
}
}
$user = array();
if ($this->request->hasInQuery('inv')) {
$user['inv'] = $this->request->get('inv');
}
$is_submitted = $this->request->has('submit');
if ($is_submitted) {
if (!$this->options['is_reg_enabled']) {
cmsCore::error404();
}
$errors = false;
$is_captcha_valid = true;
//
// Проверяем капчу
//
if ($this->options['reg_captcha']) {
$is_captcha_valid = cmsEventsManager::hook('captcha_validate', $this->request);
if (!$is_captcha_valid) {
$errors = true;
cmsUser::addSessionMessage(LANG_CAPTCHA_ERROR, 'error');
}
}
//
// Парсим и валидируем форму
//
if (!$errors) {
$user = $form->parse($this->request, $is_submitted);
$user['groups'] = array();
if (!empty($this->options['def_groups'])) {
$user['groups'] = $this->options['def_groups'];
}
if (isset($user['group_id'])) {
if (!in_array($user['group_id'], $user['groups'])) {
$user['groups'][] = $user['group_id'];
}
}
//
// убираем поля которые не относятся к выбранной пользователем группе
//
foreach ($fieldsets as $fieldset) {
foreach ($fieldset['fields'] as $field) {
if (!$field['groups_edit']) {
continue;
}
if (in_array(0, $field['groups_edit'])) {
continue;
}
if (!in_array($user['group_id'], $field['groups_edit'])) {
$form->disableField($field['name']);
unset($user[$field['name']]);
}
}
}
$errors = $form->validate($this, $user);
}
if (!$errors) {
//
// проверяем код приглашения
//
if ($this->options['is_reg_invites']) {
$invite = $this->model->getInviteByCode($user['inv']);
if (!$invite) {
$errors['inv'] = LANG_REG_WRONG_INVITE_CODE;
} else {
if ($this->options['is_invites_strict'] && $invite['email'] != $user['email']) {
$errors['inv'] = LANG_REG_WRONG_INVITE_CODE_EMAIL;
} else {
$user['inviter_id'] = $invite['user_id'];
}
}
}
//
// проверяем допустимость e-mail, имени и IP
//
if (!$this->isEmailAllowed($user['email'])) {
$errors['email'] = sprintf(LANG_AUTH_RESTRICTED_EMAIL, $user['email']);
}
if (!$this->isNameAllowed($user['nickname'])) {
$errors['nickname'] = sprintf(LANG_AUTH_RESTRICTED_NAME, $user['nickname']);
}
if (!$this->isIPAllowed(cmsUser::get('ip'))) {
cmsUser::addSessionMessage(sprintf(LANG_AUTH_RESTRICTED_IP, cmsUser::get('ip')), 'error');
$errors = true;
}
}
if (!$errors) {
unset($user['inv']);
//
// Блокируем пользователя, если включена верификация e-mail
//
if ($this->options['verify_email']) {
$user = array_merge($user, array('is_locked' => true, 'lock_reason' => LANG_REG_CFG_VERIFY_LOCK_REASON, 'pass_token' => string_random(32, $user['email']), 'date_token' => ''));
}
$result = $users_model->addUser($user);
if ($result['success']) {
$user['id'] = $result['id'];
cmsUser::addSessionMessage(LANG_REG_SUCCESS, 'success');
// отправляем письмо верификации e-mail
if ($this->options['verify_email']) {
$messenger = cmsCore::getController('messages');
$to = array('email' => $user['email'], 'name' => $user['nickname']);
$letter = array('name' => 'reg_verify');
$messenger->sendEmail($to, $letter, array('nickname' => $user['nickname'], 'page_url' => href_to_abs('auth', 'verify', $user['pass_token']), 'valid_until' => html_date(date('d.m.Y H:i', time() + $this->options['verify_exp'] * 3600), true)));
cmsUser::addSessionMessage(sprintf(LANG_REG_SUCCESS_NEED_VERIFY, $user['email']), 'info');
} else {
cmsEventsManager::hook('user_registered', $user);
}
$back_url = cmsUser::sessionGet('auth_back_url') ? cmsUser::sessionGet('auth_back_url', true) : false;
if ($back_url) {
$this->redirect($back_url);
} else {
$this->redirectToHome();
}
} else {
$errors = $result['errors'];
}
}
if ($errors && $is_captcha_valid) {
cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
}
}
// Капча
if ($this->options['reg_captcha']) {
$captcha_html = cmsEventsManager::hook('captcha_html');
}
return cmsTemplate::getInstance()->render('registration', array('user' => $user, 'form' => $form, 'captcha_html' => isset($captcha_html) ? $captcha_html : false, 'errors' => isset($errors) ? $errors : false));
}
public function run()
{
if (!$this->request->isAjax()) {
cmsCore::error404();
}
$action = $this->request->get('action');
$user = cmsUser::getInstance();
$is_guests_allowed = !empty($this->options['is_guests']);
$is_guest = $is_guests_allowed && !$user->is_logged;
$is_user_allowed = $user->is_logged && cmsUser::isAllowed('comments', 'add') || $is_guests_allowed;
$is_karma_allowed = $user->is_logged && !cmsUser::isPermittedLimitHigher('comments', 'karma', $user->karma) || $is_guests_allowed;
$is_add_allowed = $is_user_allowed && $is_karma_allowed;
if ($action == 'add' && !$is_add_allowed) {
cmsCore::error404();
}
if ($action == 'update' && !cmsUser::isAllowed('comments', 'edit')) {
cmsCore::error404();
}
$template = cmsTemplate::getInstance();
$csrf_token = $this->request->get('csrf_token');
$target_controller = $this->request->get('tc');
$target_subject = $this->request->get('ts');
$target_id = $this->request->get('ti');
$target_user_id = $this->request->get('tud');
$parent_id = $this->request->get('parent_id');
$comment_id = $this->request->get('id');
$content = $this->request->get('content');
if ($is_guest) {
$author_name = $this->request->get('author_name');
$author_email = $this->request->get('author_email');
if (!$author_name) {
$template->renderJSON(array('error' => true, 'message' => LANG_COMMENT_ERROR_NAME, 'html' => false));
}
if ($author_email && !preg_match("/^([a-zA-Z0-9\\._-]+)@([a-zA-Z0-9\\._-]+)\\.([a-zA-Z]{2,4})\$/i", $author_email)) {
$template->renderJSON(array('error' => true, 'message' => LANG_COMMENT_ERROR_EMAIL, 'html' => false));
}
if (!empty($this->options['restricted_ips'])) {
if (string_in_mask_list($user->ip, $this->options['restricted_ips'])) {
$template->renderJSON(array('error' => true, 'message' => LANG_COMMENT_ERROR_IP, 'html' => false));
}
}
if (!empty($this->options['guest_ip_delay'])) {
$last_comment_time = $this->model->getGuestLastCommentTime($user->ip);
$now_time = time();
$minutes_passed = ($now_time - $last_comment_time) / 60;
if ($minutes_passed < $this->options['guest_ip_delay']) {
$spellcount = html_spellcount($this->options['guest_ip_delay'], LANG_MINUTE1, LANG_MINUTE2, LANG_MINUTE10);
$template->renderJSON(array('error' => true, 'message' => sprintf(LANG_COMMENT_ERROR_TIME, $spellcount), 'html' => false));
}
}
}
// Проверяем валидность
$is_valid = $this->validate_sysname($target_controller) === true && $this->validate_sysname($target_subject) === true && is_numeric($target_id) && is_numeric($parent_id) && (!$comment_id || is_numeric($comment_id)) && cmsForm::validateCSRFToken($csrf_token, false) && in_array($action, array('add', 'preview', 'update'));
if (!$is_valid) {
$result = array('error' => true, 'message' => LANG_COMMENT_ERROR);
$template->renderJSON($result);
}
// Типографируем текст
$content_html = cmsEventsManager::hook('html_filter', $content);
if (!$content_html) {
$result = array('error' => false, 'message' => false, 'html' => false);
$template->renderJSON($result);
}
//
// Превью комментария
//
if ($action == 'preview') {
$result = array('error' => false, 'html' => $content_html);
$template->renderJSON($result);
}
//
// Редактирование комментария
//
if ($action == 'update') {
$comment = $this->model->getComment($comment_id);
if (!cmsUser::isAllowed('comments', 'edit', 'all')) {
if (cmsUser::isAllowed('comments', 'edit', 'own') && $comment['user']['id'] != $user->id) {
$result = array('error' => true, 'message' => LANG_COMMENT_ERROR);
$template->renderJSON($result);
}
}
$this->model->updateCommentContent($comment_id, $content, $content_html);
$comment_html = $content_html;
}
//
// Добавление комментария
//
if ($action == 'add') {
// Собираем данные комментария
$comment = array('user_id' => $user->id, 'parent_id' => $parent_id, 'target_controller' => $target_controller, 'target_subject' => $target_subject, 'target_id' => $target_id, 'content' => $content, 'content_html' => $content_html, 'author_url' => $user->ip);
if ($is_guest) {
$comment['author_name'] = $author_name;
$comment['author_email'] = $author_email;
}
// Получаем модель целевого контроллера
$target_model = cmsCore::getModel($target_controller);
// Получаем URL и заголовок комментируемой страницы
$target_info = $target_model->getTargetItemInfo($target_subject, $target_id);
if ($target_info) {
$comment['target_url'] = $target_info['url'];
$comment['target_title'] = $target_info['title'];
$comment['is_private'] = empty($target_info['is_private']) ? false : $target_info['is_private'];
// Сохраняем комментарий
$comment_id = $this->model->addComment($comment);
}
if ($comment_id) {
// Получаем и рендерим добавленный комментарий
$comment = $this->model->getComment($comment_id);
$comment_html = $template->render('comment', array('comments' => array($comment), 'target_user_id' => $target_user_id, 'user' => $user), new cmsRequest(array(), cmsRequest::CTX_INTERNAL));
// Уведомляем модель целевого контента об изменении количества комментариев
$comments_count = $this->model->filterEqual('target_controller', $target_controller)->filterEqual('target_subject', $target_subject)->filterEqual('target_id', $target_id)->getCommentsCount();
$target_model->updateCommentsCount($target_subject, $target_id, $comments_count);
$parent_comment = $parent_id ? $this->model->getComment($parent_id) : false;
// Уведомляем подписчиков
$this->notifySubscribers($comment, $parent_comment);
// Уведомляем об ответе на комментарий
if ($parent_comment) {
$this->notifyParent($comment, $parent_comment);
}
}
}
// Формируем и возвращаем результат
$result = array('error' => $comment_id ? false : true, 'message' => $comment_id ? LANG_COMMENT_SUCCESS : LANG_COMMENT_ERROR, 'id' => $comment_id, 'parent_id' => isset($comment['parent_id']) ? $comment['parent_id'] : 0, 'level' => isset($comment['level']) ? $comment['level'] : 0, 'html' => isset($comment_html) ? $comment_html : false);
$template->renderJSON($result);
}
/**
* Загружает и возвращает описание структуры формы
* @param type $form_name
* @param type $params
* @return cmsForm
*/
public function getForm($form_name, $params = false, $path_prefix = '')
{
$form_file = $this->root_path . $path_prefix . 'forms/form_' . $form_name . '.php';
$form_name = $this->name . $form_name;
return cmsForm::getForm($form_file, $form_name, $params);
}
function registration()
{
header('X-Frame-Options: DENY');
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$inConf = cmsConfig::getInstance();
$model = new cms_model_registration();
cmsCore::loadModel('users');
$users_model = new cms_model_users();
global $_LANG;
$do = $inCore->do;
//============================================================================//
if ($do == 'sendremind') {
if ($inUser->id) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['REMINDER_PASS']);
$inPage->addPathway($_LANG['REMINDER_PASS']);
if (!cmsCore::inRequest('goremind')) {
cmsPage::initTemplate('components', 'com_registration_sendremind')->display('com_registration_sendremind.tpl');
} else {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$email = cmsCore::request('email', 'email', '');
if (!$email) {
cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error');
cmsCore::redirectBack();
}
$usr = cmsUser::getShortUserData($email);
if (!$usr || $usr['is_locked'] || $usr['is_deleted']) {
cmsCore::addSessionMessage($_LANG['ADRESS'] . ' "' . $email . '" ' . $_LANG['NOT_IN_OUR_BASE'], 'error');
cmsCore::redirectBack();
}
if (cmsUser::userIsAdmin($usr['id'])) {
cmsCore::addSessionMessage($_LANG['NOT_ADMIN_SENDREMIND'], 'error');
cmsCore::redirectBack();
}
$usercode = md5($usr['id'] . '-' . uniqid() . '-' . microtime() . '-' . PATH);
$sql = "INSERT cms_users_activate (pubdate, user_id, code)\n VALUES (NOW(), '{$usr['id']}', '{$usercode}')";
$inDB->query($sql);
$newpass_link = HOST . '/registration/remind/' . $usercode;
$mail_message = $_LANG['HELLO'] . ', ' . $usr['nickname'] . '!' . "\n\n";
$mail_message .= $_LANG['REMINDER_TEXT'] . ' "' . $inConf->sitename . '".' . "\n\n";
$mail_message .= $_LANG['YOUR_LOGIN'] . ': ' . $usr['login'] . "\n\n";
$mail_message .= $_LANG['NEW_PASS_LINK'] . ":\n" . $newpass_link . "\n\n";
$mail_message .= $_LANG['LINK_EXPIRES'] . "\n\n";
$mail_message .= $_LANG['SIGNATURE'] . ', ' . $inConf->sitename . ' (' . HOST . ').' . "\n";
$mail_message .= date('d-m-Y (H:i)');
$inCore->mailText($email, $inConf->sitename . ' - ' . $_LANG['REMINDER_PASS'], $mail_message);
cmsCore::addSessionMessage($_LANG['NEW_PAS_SENDED'], 'info');
cmsCore::redirect('/login');
}
}
//============================================================================//
if ($do == 'remind') {
if ($inUser->id) {
cmsCore::error404();
}
$usercode = cmsCore::request('code', 'str', '');
//проверяем формат кода
if (!preg_match('/^[0-9a-f]{32}$/i', $usercode)) {
cmsCore::error404();
}
// проверяем код
$user_id = $inDB->get_field('cms_users_activate', "code = '{$usercode}'", 'user_id');
if (!$user_id) {
cmsCore::error404();
}
//получаем пользователя
$user = $inDB->get_fields('cms_users', "id = '{$user_id}'", '*');
if (!$user) {
cmsCore::error404();
}
if (cmsUser::userIsAdmin($user['id'])) {
cmsCore::error404();
}
if (cmsCore::inRequest('submit')) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$errors = false;
$pass = cmsCore::request('pass', 'str', '');
$pass2 = cmsCore::request('pass2', 'str', '');
if (!$pass) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error');
$errors = true;
}
if ($pass && !$pass2) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error');
$errors = true;
}
if ($pass && $pass2 && mb_strlen($pass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($pass && $pass2 && $pass != $pass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
if ($errors) {
cmsCore::redirectBack();
}
$md5_pass = md5($pass);
$inDB->query("UPDATE cms_users SET password = '******', logdate = NOW() WHERE id = '{$user['id']}'");
$inDB->query("DELETE FROM cms_users_activate WHERE code = '{$usercode}'");
cmsCore::addSessionMessage($_LANG['CHANGE_PASS_COMPLETED'], 'info');
$inUser->signInUser($user['login'], $pass, true);
cmsCore::redirect(cmsUser::getProfileURL($user['login']));
}
$inPage->setTitle($_LANG['RECOVER_PASS']);
$inPage->addPathway($_LANG['RECOVER_PASS']);
cmsPage::initTemplate('components', 'com_registration_remind')->assign('cfg', $model->config)->assign('user', $user)->display('com_registration_remind.tpl');
}
//============================================================================//
if ($do == 'register') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if ($inUser->id && !$inUser->is_admin) {
if ($inCore->menuId() == 1) {
return;
} else {
cmsCore::error404();
}
}
// регистрация закрыта
if (!$model->config['is_on']) {
cmsCore::error404();
}
// регистрация по инвайтам
if ($model->config['reg_type'] == 'invite') {
if (!$users_model->checkInvite(cmsUser::sessionGet('invite_code'))) {
cmsCore::error404();
}
}
$errors = false;
// получаем данные
$item['login'] = cmsCore::request('login', 'str', '');
$item['email'] = cmsCore::request('email', 'email');
$item['icq'] = cmsCore::request('icq', 'str', '');
$item['city'] = cmsCore::request('city', 'str', '');
$item['nickname'] = cmsCore::request('nickname', 'str', '');
$item['realname1'] = cmsCore::request('realname1', 'str', '');
$item['realname2'] = cmsCore::request('realname2', 'str', '');
$pass = cmsCore::request('pass', 'str', '');
$pass2 = cmsCore::request('pass2', 'str', '');
// проверяем логин
if (mb_strlen($item['login']) < 2 || mb_strlen($item['login']) > 15 || is_numeric($item['login']) || !preg_match("/^([a-z0-9])+\$/ui", $item['login'])) {
cmsCore::addSessionMessage($_LANG['ERR_LOGIN'], 'error');
$errors = true;
}
// проверяем пароль
if (!$pass) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error');
$errors = true;
}
if ($pass && !$pass2) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error');
$errors = true;
}
if ($pass && $pass2 && mb_strlen($pass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($pass && $pass2 && $pass != $pass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
// Проверяем nickname или имя и фамилию
if ($model->config['name_mode'] == 'nickname') {
if (!$item['nickname']) {
cmsCore::addSessionMessage($_LANG['TYPE_NICKNAME'], 'error');
$errors = true;
}
} else {
if (!$item['realname1']) {
cmsCore::addSessionMessage($_LANG['TYPE_NAME'], 'error');
$errors = true;
}
if (!$item['realname2']) {
cmsCore::addSessionMessage($_LANG['TYPE_SONAME'], 'error');
$errors = true;
}
$item['nickname'] = trim($item['realname1']) . ' ' . trim($item['realname2']);
}
if (mb_strlen($item['nickname']) < 2) {
cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error');
$errors = true;
}
if ($model->getBadNickname($item['nickname'])) {
cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error');
$errors = true;
}
// Проверяем email
if (!$item['email']) {
cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error');
$errors = true;
}
// День рождения
list($item['bday'], $item['bmonth'], $item['byear']) = array_values(cmsCore::request('birthdate', 'array_int', array()));
$item['birthdate'] = sprintf('%04d-%02d-%02d', $item['byear'], $item['bmonth'], $item['bday']);
// получаем данные конструктора форм
$item['formsdata'] = '';
if (isset($users_model->config['privforms'])) {
if (is_array($users_model->config['privforms'])) {
foreach ($users_model->config['privforms'] as $form_id) {
$form_input = cmsForm::getFieldsInputValues($form_id);
$item['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
}
}
}
// Проверяем каптчу
if (!cmsPage::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
$errors = true;
}
// проверяем есть ли такой пользователь
$user_exist = $inDB->get_fields('cms_users', "(login LIKE '{$item['login']}' OR email LIKE '{$item['email']}') AND is_deleted = 0", 'id, login, email');
if ($user_exist) {
if ($user_exist['login'] == $item['login']) {
cmsCore::addSessionMessage($_LANG['LOGIN'] . ' "' . $item['login'] . '" ' . $_LANG['IS_BUSY'], 'error');
$errors = true;
} else {
cmsCore::addSessionMessage($_LANG['EMAIL_IS_BUSY'], 'error');
$errors = true;
}
}
// В случае ошибок, возвращаемся в форму
if ($errors) {
cmsUser::sessionPut('item', $item);
cmsCore::redirect('/registration');
}
//////////////////////////////////////////////
//////////// РЕГИСТРАЦИЯ /////////////////////
//////////////////////////////////////////////
$item['is_locked'] = $model->config['act'];
$item['password'] = md5($pass);
$item['orig_password'] = $pass;
$item['group_id'] = $model->config['default_gid'];
$item['regdate'] = date('Y-m-d H:i:s');
$item['logdate'] = date('Y-m-d H:i:s');
if (cmsUser::sessionGet('invite_code')) {
$invite_code = cmsUser::sessionGet('invite_code');
$item['invited_by'] = (int) $users_model->getInviteOwner($invite_code);
if ($item['invited_by']) {
$users_model->closeInvite($invite_code);
}
cmsUser::sessionDel('invite_code');
} else {
$item['invited_by'] = 0;
}
$item = cmsCore::callEvent('USER_BEFORE_REGISTER', $item);
$item['id'] = $item['user_id'] = $inDB->insert('cms_users', $item);
if (!$item['id']) {
cmsCore::error404();
}
$inDB->insert('cms_user_profiles', $item);
cmsCore::callEvent('USER_REGISTER', $item);
if ($item['is_locked']) {
$model->sendActivationNotice($pass, $item['id']);
cmsPage::includeTemplateFile('special/regactivate.php');
cmsCore::halt();
} else {
cmsActions::log('add_user', array('object' => '', 'user_id' => $item['id'], 'object_url' => '', 'object_id' => $item['id'], 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
if ($model->config['send_greetmsg']) {
$model->sendGreetsMessage($item['id']);
}
$model->sendRegistrationNotice($pass, $item['id']);
$back_url = $inUser->signInUser($item['login'], $pass, true);
cmsCore::redirect($back_url);
}
}
//============================================================================//
if ($do == 'view') {
$pagetitle = $inCore->getComponentTitle();
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle);
$inPage->addHeadJsLang(array('WRONG_PASS'));
// Если пользователь авторизован, то не показываем форму регистрации, редирект в профиль.
if ($inUser->id && !$inUser->is_admin) {
if ($inCore->menuId() == 1) {
return;
} else {
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
$correct_invite = cmsUser::sessionGet('invite_code') ? true : false;
if ($model->config['reg_type'] == 'invite' && cmsCore::inRequest('invite_code')) {
$invite_code = cmsCore::request('invite_code', 'str', '');
$correct_invite = $users_model->checkInvite($invite_code);
if ($correct_invite) {
cmsUser::sessionPut('invite_code', $invite_code);
} else {
cmsCore::addSessionMessage($_LANG['INCORRECT_INVITE'], 'error');
}
}
$item = cmsUser::sessionGet('item');
if ($item) {
cmsUser::sessionDel('item');
}
if (empty($item['birthdate'])) {
$item['birthdate'] = date('Y-m-d');
}
$private_forms = array();
if (isset($users_model->config['privforms'])) {
if (is_array($users_model->config['privforms'])) {
foreach ($users_model->config['privforms'] as $form_id) {
$private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, array(), true));
}
}
}
cmsPage::initTemplate('components', 'com_registration')->assign('cfg', $model->config)->assign('item', $item)->assign('pagetitle', $pagetitle)->assign('correct_invite', $correct_invite)->assign('private_forms', $private_forms)->display('com_registration.tpl');
}
//============================================================================//
if ($do == 'activate') {
$code = cmsCore::request('code', 'str', '');
if (!$code) {
cmsCore::error404();
}
$user_id = $inDB->get_field('cms_users_activate', "code = '{$code}'", 'user_id');
if (!$user_id) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_users SET is_locked = 0 WHERE id = '{$user_id}'");
$inDB->query("DELETE FROM cms_users_activate WHERE code = '{$code}'");
cmsCore::callEvent('USER_ACTIVATED', $user_id);
if ($model->config['send_greetmsg']) {
$model->sendGreetsMessage($user_id);
}
// Регистрируем событие
cmsActions::log('add_user', array('object' => '', 'user_id' => $user_id, 'object_url' => '', 'object_id' => $user_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
cmsCore::addSessionMessage($_LANG['ACTIVATION_COMPLETE'], 'info');
cmsUser::goToLogin();
}
//============================================================================//
if ($do == 'auth') {
//====================//
//== разлогивание ==//
if (cmsCore::inRequest('logout')) {
$inUser->logout();
cmsCore::redirect('/');
}
//====================//
//== авторизация ==//
if (!cmsCore::inRequest('logout')) {
// флаг неуспешных авторизаций
$anti_brute_force = cmsUser::sessionGet('anti_brute_force');
$login = cmsCore::request('login', 'str', '');
$passw = cmsCore::request('pass', 'str', '');
$remember_pass = cmsCore::inRequest('remember');
// если нет логина или пароля, показываем форму входа
if (!$login || !$passw) {
if ($inUser->id && !$inUser->is_admin) {
cmsCore::redirect('/');
}
$inPage->setTitle($_LANG['SITE_LOGIN']);
$inPage->addPathway($_LANG['SITE_LOGIN']);
cmsPage::initTemplate('components', 'com_registration_login')->assign('cfg', $model->config)->assign('anti_brute_force', $anti_brute_force)->assign('is_sess_back', cmsUser::sessionGet('auth_back_url'))->display('com_registration_login.tpl');
if (!mb_strstr(cmsCore::getBackURL(), 'login')) {
cmsUser::sessionPut('auth_back_url', cmsCore::getBackURL());
}
return;
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// Проверяем каптчу
if ($anti_brute_force && !cmsPage::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
cmsCore::redirect('/login');
}
cmsUser::sessionDel('anti_brute_force');
$back_url = $inUser->signInUser($login, $passw, $remember_pass);
cmsCore::redirect($back_url);
}
}
//============================================================================//
if ($do == 'autherror') {
cmsUser::sessionPut('anti_brute_force', 1);
cmsPage::includeTemplateFile('special/autherror.php');
cmsCore::halt();
}
//============================================================================//
}
<div class="value"><?php
echo $field['html'];
?>
</div>
</div>
<?php
}
?>
<?php
if ($props && array_filter((array) $props_values)) {
?>
<?php
$props_fields = $this->controller->getPropsFields($props);
$props_fieldsets = cmsForm::mapFieldsToFieldsets($props);
?>
<div class="content_item_props <?php
echo $ctype['name'];
?>
_item_props">
<table>
<tbody>
<?php
foreach ($props_fieldsets as $fieldset) {
?>
<?php
if ($fieldset['title']) {
?>
<tr>
<td class="heading" colspan="2"><?php
function users()
{
header('X-Frame-Options: DENY');
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
$model = new cms_model_users();
// id пользователя
$id = cmsCore::request('id', 'int', 0);
// логин пользователя
$login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', '')));
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$pagetitle = $inCore->getComponentTitle();
if ($model->config['sw_search'] != 2) {
$inPage->addPathway($pagetitle, '/users');
}
$inPage->setTitle($pagetitle);
$inPage->setDescription($pagetitle);
// js только авторизованным
if ($inUser->id) {
$inPage->addHeadJS('components/users/js/profile.js');
$inPage->addHeadJsLang(array('CONFIRM_CLEAN_CAT', 'CHOOSE_RECIPIENT', 'SEND_TO_USER', 'FRIENDSHIP_OFFER', 'STOP_FRIENDLY', 'REALY_STOP_FRIENDLY', 'ENTER_STATUS', 'HAVE_JUST'));
}
//============================================================================//
//========================= Список пользователей ============================//
//============================================================================//
if ($do == 'view') {
// если запрещен просмотр всех пользователей, 404
if ($model->config['sw_search'] == 2) {
cmsCore::error404();
}
//очищаем поисковые запросы если пришли со другой страницы
if (!strstr(cmsCore::getBackURL(), '/users')) {
cmsUser::sessionClearAll();
}
$stext = array();
// Возможные входные переменные
$name = cmsCore::getSearchVar('name');
$city = cmsCore::getSearchVar('city');
$hobby = cmsCore::getSearchVar('hobby');
$gender = cmsCore::getSearchVar('gender');
$orderby = cmsCore::request('orderby', array('karma', 'rating', 'regdate'), 'regdate');
$orderto = cmsCore::request('orderto', array('asc', 'desc'), 'desc');
$age_to = (int) cmsCore::getSearchVar('ageto', 'all');
$age_fr = (int) cmsCore::getSearchVar('agefrom', 'all');
$group_id = cmsCore::request('group_id', 'int', 0);
// Флаг о показе только онлайн пользователей
if (cmsCore::inRequest('online')) {
cmsUser::sessionPut('usr_online', (bool) cmsCore::request('online', 'int'));
$page = 1;
}
$only_online = cmsUser::sessionGet('usr_online');
if ($only_online) {
$stext[] = $_LANG['SHOWING_ONLY_ONLINE'];
}
///////////////////////////////////////
//////////Условия выборки//////////////
///////////////////////////////////////
// группа
if ($group_id) {
$model->whereUserGroupIs($group_id);
$link['group'] = '/users/group/' . $group_id;
$_LANG['GROUP_SEARCH_NAME'] = cmsUser::getGroupTitle($group_id);
}
// Добавляем в выборку имя, если оно есть
if ($name) {
$model->whereNameIs($name);
$stext[] = $_LANG['NAME'] . " — " . htmlspecialchars(stripslashes($name));
}
// Добавляем в выборку город, если он есть
if ($city) {
$model->whereCityIs($city);
$stext[] = $_LANG['CITY'] . " — " . htmlspecialchars(stripslashes($city));
}
// Добавляем в выборку хобби, если есть
if ($hobby) {
$model->whereHobbyIs($hobby);
$stext[] = $_LANG['HOBBY'] . " — " . htmlspecialchars(stripslashes($hobby));
}
// Добавляем в выборку пол, если есть
if ($gender) {
$model->whereGenderIs($gender);
if ($gender == 'm') {
$stext[] = $_LANG['MALE'];
} else {
$stext[] = $_LANG['FEMALE'];
}
}
// Добавляем в выборку возраст, более
if ($age_fr) {
$model->whereAgeFrom($age_fr);
$stext[] = $_LANG['NOT_YOUNG'] . " {$age_fr} " . $_LANG['YEARS'];
}
// Добавляем в выборку возраст, менее
if ($age_to) {
$model->whereAgeTo($age_to);
$stext[] = $_LANG['NOT_OLD'] . " {$age_fr} " . $_LANG['YEARS'];
}
// Считаем общее количество согласно выборки
$total = $model->getUsersCount($only_online);
if ($total) {
//устанавливаем сортировку
$inDB->orderBy($orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во пользователей на странице
$inDB->limitPage($page, $model->config['users_perpage']);
// Загружаем пользователей согласно выборки
$users = $model->getUsers($only_online);
} else {
$inDB->resetConditions();
}
$link['latest'] = '/users';
$link['positive'] = '/users/positive.html';
$link['rating'] = '/users/rating.html';
if ($orderby == 'regdate') {
$link['selected'] = 'latest';
}
if ($orderby == 'karma') {
$link['selected'] = 'positive';
}
if ($orderby == 'rating') {
$link['selected'] = 'rating';
}
$pagebar_link = '/users/' . $link['selected'] . '%page%.html';
if ($group_id) {
$link['selected'] = 'group';
$pagebar_link = '/users/' . $link['selected'] . '/' . $group_id . '-%page%';
}
cmsPage::initTemplate('components', 'com_users_view')->assign('stext', $stext)->assign('orderby', $orderby)->assign('orderto', $orderto)->assign('users', $users)->assign('total', $total)->assign('only_online', $only_online)->assign('gender', $gender)->assign('name', stripslashes($name))->assign('city', stripslashes($city))->assign('hobby', stripslashes($hobby))->assign('age_to', $age_to)->assign('age_fr', $age_fr)->assign('cfg', $model->config)->assign('link', $link)->assign('pagebar', cmsPage::getPagebar($total, $page, $model->config['users_perpage'], $pagebar_link))->display('com_users_view.tpl');
}
//============================================================================//
//======================= Редактирование профиля ============================//
//============================================================================//
if ($do == 'editprofile') {
// неавторизованным, не владельцам и не админам тут делать нечего
if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) {
cmsCore::error404();
}
$usr = $model->getUser($id);
if (!$usr) {
cmsCore::error404();
}
$opt = cmsCore::request('opt', 'str', 'edit');
// главного админа может редактировать только он сам
if ($id == 1 && $inUser->id != $id) {
cmsCore::error404();
}
// показываем форму
if ($opt == 'edit') {
$inPage->setTitle($_LANG['CONFIG_PROFILE'] . ' - ' . $usr['nickname']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['CONFIG_PROFILE']);
$private_forms = array();
if (isset($model->config['privforms'])) {
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, $usr['formsdata']));
}
}
}
cmsPage::initTemplate('components', 'com_users_edit_profile')->assign('opt', $opt)->assign('usr', $usr)->assign('private_forms', $private_forms)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('cfg', $model->config)->display('com_users_edit_profile.tpl');
return;
}
// Если сохраняем профиль
if ($opt == 'save') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$errors = false;
$users['nickname'] = cmsCore::request('nickname', 'str');
if (mb_strlen($users['nickname']) < 2) {
cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error');
$errors = true;
}
cmsCore::loadModel('registration');
$modreg = new cms_model_registration();
if (!$inUser->is_admin) {
if ($modreg->getBadNickname($users['nickname'])) {
cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error');
$errors = true;
}
}
$profiles['gender'] = cmsCore::request('gender', 'str');
$profiles['city'] = cmsCore::request('city', 'str');
if (mb_strlen($profiles['city']) > 50) {
cmsCore::addSessionMessage($_LANG['LONG_CITY_NAME'], 'error');
$errors = true;
}
$users['email'] = cmsCore::request('email', 'email');
if (!$users['email']) {
cmsCore::addSessionMessage($_LANG['REALY_ADRESS_EMAIL'], 'error');
$errors = true;
}
if ($usr['email'] != $users['email']) {
$is_set_email = $inDB->get_field('cms_users', "email='{$users['email']}'", 'id');
if ($is_set_email) {
cmsCore::addSessionMessage($_LANG['ADRESS_EMAIL_IS_BUSY'], 'error');
$errors = true;
} else {
// формируем токен
$token = md5($usr['email'] . uniqid() . microtime());
$inDB->insert('cms_users_activate', array('user_id' => $inUser->id, 'pubdate' => date("Y-m-d H:i:s"), 'code' => $token));
$codelink = HOST . '/users/change_email/' . $token . '/' . $users['email'];
// по старому адресу высылаем письмо с подтверждением
$letter = cmsCore::getLanguageTextFile('change_email');
$letter = str_replace(array('{nickname}', '{codelink}'), array($inUser->nickname, $codelink), $letter);
cmsCore::mailText($usr['email'], '', $letter);
cmsCore::addSessionMessage(sprintf($_LANG['YOU_CHANGE_EMAIL'], $usr['email']), 'info');
// email не меняем
$users['email'] = $usr['email'];
}
}
$profiles['showphone'] = cmsCore::request('showphone', 'int', 0);
$profiles['showmail'] = cmsCore::request('showmail', 'int');
$profiles['email_newmsg'] = cmsCore::request('email_newmsg', 'int');
$profiles['showbirth'] = cmsCore::request('showbirth', 'int');
$profiles['description'] = cmsCore::request('description', 'str', '');
$users['birthdate'] = (int) $_REQUEST['birthdate']['year'] . '-' . (int) $_REQUEST['birthdate']['month'] . '-' . (int) $_REQUEST['birthdate']['day'];
$profiles['signature'] = $inDB->escape_string(cmsCore::badTagClear(cmsCore::request('signature', 'html', '')));
$profiles['signature_html'] = $inDB->escape_string(cmsCore::parseSmiles(cmsCore::request('signature', 'html', ''), true));
$profiles['allow_who'] = cmsCore::request('allow_who', 'str');
if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['allow_who'])) {
$errors = true;
}
$users['icq'] = cmsCore::request('icq', 'str', '');
$profiles['showicq'] = cmsCore::request('showicq', 'int');
$profiles['cm_subscribe'] = cmsCore::request('cm_subscribe', 'str');
if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['cm_subscribe'])) {
$errors = true;
}
$users['phone'] = cmsCore::request('phone', 'int', 0);
// получаем данные форм
$profiles['formsdata'] = '';
if (isset($model->config['privforms'])) {
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$form_input = cmsForm::getFieldsInputValues($form_id);
$profiles['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
}
}
}
if ($errors) {
cmsCore::redirectBack();
}
$inDB->update('cms_user_profiles', cmsCore::callEvent('UPDATE_USER_PROFILES', array_merge(array('id' => $usr['pid'], 'user_id' => $usr['id']), $profiles)), $usr['pid']);
$inDB->update('cms_users', cmsCore::callEvent('UPDATE_USER_USERS', array_merge(array('id' => $usr['id']), $users)), $usr['id']);
cmsCore::addSessionMessage($_LANG['PROFILE_SAVED'], 'info');
cmsCore::redirect(cmsUser::getProfileURL($usr['login']));
}
if ($opt == 'changepass') {
$errors = false;
$oldpass = cmsCore::request('oldpass', 'str');
$newpass = cmsCore::request('newpass', 'str');
$newpass2 = cmsCore::request('newpass2', 'str');
if ($inUser->password != md5($oldpass)) {
cmsCore::addSessionMessage($_LANG['OLD_PASS_WRONG'], 'error');
$errors = true;
}
if ($newpass != $newpass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
if ($oldpass && $newpass && $newpass2 && mb_strlen($newpass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($errors) {
cmsCore::redirectBack();
}
cmsCore::callEvent('UPDATE_USER_PASSWORD', array('user_id' => $usr['id'], 'oldpass' => $oldpass, 'newpass' => $newpass));
$sql = "UPDATE cms_users SET password='******' WHERE id = '{$id}' AND password='******'";
$inDB->query($sql);
cmsCore::addSessionMessage($_LANG['PASS_CHANGED'], 'info');
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
//============================================================================//
//============================= Просмотр профиля ============================//
//============================================================================//
if ($do == 'profile') {
$inPage->addHeadJsLang(array('NEW_POST_ON_WALL', 'CONFIRM_DEL_POST_ON_WALL'));
// если просмотр профиля гостям запрещен
if (!$inUser->id && !$model->config['sw_guest']) {
cmsUser::goToLogin();
}
if (is_numeric($login)) {
cmsCore::error404();
}
$usr = $model->getUser($login);
if (!$usr) {
cmsCore::error404();
}
$myprofile = $inUser->id == $usr['id'];
$inPage->setTitle($usr['nickname']);
$inPage->addPathway($usr['nickname']);
// просмотр профиля запрещен
if (!cmsUser::checkUserContentAccess($usr['allow_who'], $usr['id'])) {
cmsPage::initTemplate('components', 'com_users_not_allow')->assign('is_auth', $inUser->id)->assign('usr', $usr)->display('com_users_not_allow.tpl');
return;
}
// Профиль удален
if ($usr['is_deleted']) {
cmsPage::initTemplate('components', 'com_users_deleted.tpl')->assign('usr', $usr)->assign('is_admin', $inUser->is_admin)->assign('others_active', $inDB->rows_count('cms_users', "login='******'login']}' AND is_deleted=0", 1))->display('com_users_deleted.tpl');
return;
}
// Данные о друзьях
$usr['friends_total'] = cmsUser::getFriendsCount($usr['id']);
$usr['friends'] = cmsUser::getFriends($usr['id']);
// очищать сессию друзей если в своем профиле и количество друзей из базы не совпадает с количеством друзей в сессии
if ($myprofile && sizeof($usr['friends']) != $usr['friends_total']) {
cmsUser::clearSessionFriends();
}
// обрезаем список
$usr['friends'] = array_slice($usr['friends'], 0, 6);
// выясняем друзья ли мы с текущим пользователем
$usr['isfriend'] = !$myprofile ? cmsUser::isFriend($usr['id']) : false;
// награды пользователя
$usr['awards'] = $model->config['sw_awards'] ? $model->getUserAwards($usr['id']) : false;
// стена
if ($model->config['sw_wall']) {
$inDB->limitPage(1, $model->config['wall_perpage']);
$usr['wall_html'] = cmsUser::getUserWall($usr['id'], 'users', $myprofile, $inUser->is_admin);
}
// можно ли пользователю изменять карму
$usr['can_change_karma'] = $model->isUserCanChangeKarma($usr['id']) && $inUser->id;
// Фотоальбомы пользователя
if ($model->config['sw_photo']) {
$usr['albums'] = $model->getPhotoAlbums($usr['id'], $usr['isfriend'], !$inCore->isComponentEnable('photos'));
$usr['albums_total'] = sizeof($usr['albums']);
$usr['albums_show'] = 6;
if ($usr['albums_total'] > $usr['albums_show']) {
array_splice($usr['albums'], $usr['albums_show']);
}
}
$usr['board_count'] = $model->config['sw_board'] ? $inDB->rows_count('cms_board_items', "user_id='{$usr['id']}' AND published=1") : 0;
$usr['comments_count'] = $model->config['sw_comm'] ? $inDB->rows_count('cms_comments', "user_id='{$usr['id']}' AND published=1") : 0;
$usr['forum_count'] = $model->config['sw_forum'] ? $inDB->rows_count('cms_forum_posts', "user_id = '{$usr['id']}'") : 0;
$usr['files_count'] = $model->config['sw_files'] ? $inDB->rows_count('cms_user_files', "user_id = '{$usr['id']}'") : 0;
$cfg_reg = $inCore->loadComponentConfig('registration');
$usr['invites_count'] = $inUser->id && $myprofile && $cfg_reg['reg_type'] == 'invite' ? $model->getUserInvitesCount($inUser->id) : 0;
$usr['blog'] = $model->config['sw_blogs'] ? $inDB->get_fields('cms_blogs', "user_id = '{$usr['id']}' AND owner = 'user'", 'title, seolink') : false;
$usr['form_fields'] = array();
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$usr['form_fields'] = array_merge($usr['form_fields'], cmsForm::getFieldsValues($form_id, $usr['formsdata']));
}
}
if ($usr['city']) {
cmsCore::loadModel('geo');
$geo = new cms_model_geo();
$city_parents = $geo->getCityParents($usr['city']);
if ($city_parents) {
$usr['country'] = $city_parents['country_name'];
}
}
$plugins = $model->getPluginsOutput($usr);
cmsPage::initTemplate('components', 'com_users_profile.tpl')->assign('usr', $usr)->assign('plugins', $plugins)->assign('cfg', $model->config)->assign('myprofile', $myprofile)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('is_admin', $inUser->is_admin)->assign('is_auth', $inUser->id)->display('com_users_profile.tpl');
}
//============================================================================//
//============================= Список сообщений ============================//
//============================================================================//
if ($do == 'messages') {
if (!$model->config['sw_msg']) {
cmsCore::error404();
}
if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['MY_MESS']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['MY_MESS'], '/users/' . $id . '/messages.html');
include 'components/users/messages.php';
}
//============================================================================//
//=========================== Отправка сообщения ============================//
//============================================================================//
if ($do == 'sendmessage') {
if (!$model->config['sw_msg']) {
cmsCore::halt();
}
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id && !cmsCore::inRequest('massmail') && !cmsCore::request('send_to_group', 'int', 0)) {
cmsCore::halt();
}
if (!cmsCore::inRequest('gosend')) {
$replyid = cmsCore::request('replyid', 'int', 0);
if ($replyid) {
$msg = $model->getReplyMessage($replyid, $inUser->id);
if (!$msg) {
cmsCore::halt();
}
}
$inPage->setRequestIsAjax();
cmsPage::initTemplate('components', 'com_users_messages_add')->assign('msg', isset($msg) ? $msg : array())->assign('is_reply_user', $replyid)->assign('id', $id)->assign('bbcodetoolbar', cmsPage::getBBCodeToolbar('message'))->assign('smilestoolbar', cmsPage::getSmilesPanel('message'))->assign('groups', $inUser->is_admin ? cmsUser::getGroups(true) : array())->assign('friends', cmsUser::getFriends($inUser->id))->assign('id_admin', $inUser->is_admin)->display('com_users_messages_add.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
if (cmsCore::inRequest('gosend')) {
// Кому отправляем
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::halt();
}
$message = cmsCore::parseSmiles(cmsCore::request('message', 'html', ''), true);
if (mb_strlen($message) < 2) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_SEND_MESS']));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$output = cmsCore::callEvent('USER_SEND_MESSEDGE', array('text' => $message, 'to_id' => $id));
$message = $output['text'];
$id = $output['to_id'];
$send_to_group = cmsCore::request('send_to_group', 'int', 0);
$group_id = cmsCore::request('group_id', 'int', 0);
//
// Обычная отправка (1 получатель)
//
if (!cmsCore::inRequest('massmail') && !$send_to_group) {
//отправляем сообщение
$msg_id = cmsUser::sendMessage($inUser->id, $id, $message);
// отправляем уведомление на email если нужно
$model->sendNotificationByEmail($id, $inUser->id, $msg_id);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['SEND_MESS_OK']));
}
//
// далее идут массовые рассылки, доступные только админам
//
if (!$inUser->is_admin) {
cmsCore::halt();
}
// отправить всем: получаем список всех пользователей
if (cmsCore::inRequest('massmail')) {
$userlist = cmsUser::getAllUsers();
// проверяем что есть кому отправлять
if (!$userlist) {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ERR_SEND_MESS']));
}
$count = array();
// отправляем всем по списку
foreach ($userlist as $usr) {
$count[] = cmsUser::sendMessage(USER_MASSMAIL, $usr['id'], $message);
}
cmsCore::jsonOutput(array('error' => false, 'text' => sprintf($_LANG['SEND_MESS_ALL_OK'], sizeof($count))));
}
// отправить группе: получаем список членов группы
if ($send_to_group) {
$count = cmsUser::sendMessageToGroup(USER_MASSMAIL, $group_id, $message);
$success_msg = sprintf($_LANG['SEND_MESS_GROUP_OK'], $count, cmsUser::getGroupTitle($group_id));
cmsCore::jsonOutput(array('error' => false, 'text' => $success_msg));
}
}
}
//============================================================================//
//============================= Удаление сообщения ==========================//
//============================================================================//
if ($do == 'delmessage') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$model->config['sw_msg']) {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$msg = $inDB->get_fields('cms_user_msg', "id='{$id}'", '*');
if (!$msg) {
cmsCore::halt();
}
$can_delete = $inUser->id == $msg['to_id'] || $inUser->id == $msg['from_id'] ? true : false;
if (!$can_delete && !$inUser->is_admin) {
cmsCore::halt();
}
// Сообщения с from_id < 0
if ($msg['from_id'] < 0) {
$inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1");
$info_text = $_LANG['MESS_NOTICE_DEL_OK'];
}
// мне сообщение от пользователя
if ($msg['to_id'] == $inUser->id && $msg['from_id'] > 0) {
$inDB->query("UPDATE cms_user_msg SET to_del=1 WHERE id='{$id}'");
$info_text = $_LANG['MESS_DEL_OK'];
}
// от меня сообщение
if ($msg['from_id'] == $inUser->id && !$msg['is_new']) {
$inDB->query("UPDATE cms_user_msg SET from_del=1 WHERE id='{$id}'");
$info_text = $_LANG['MESS_DEL_OK'];
}
// отзываем сообщение
if ($msg['from_id'] == $inUser->id && $msg['is_new']) {
$inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1");
$info_text = $_LANG['MESS_BACK_OK'];
}
// удаляем сообщения, которые удалены с двух сторон
$inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1");
cmsCore::jsonOutput(array('error' => false, 'text' => $info_text));
}
//============================================================================//
//=========================== Удаление сообщений ============================//
//============================================================================//
if ($do == 'delmessages') {
if (!$model->config['sw_msg']) {
cmsCore::error404();
}
if ($inUser->id != $id && !$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$opt = cmsCore::request('opt', 'str', 'in');
if ($opt == 'notices') {
$inDB->query("DELETE FROM cms_user_msg WHERE to_id = '{$id}' AND from_id < 0");
} else {
$del_flag = $opt == 'in' ? 'to_del' : 'from_del';
$id_flag = $opt == 'in' ? 'to_id' : 'from_id';
$inDB->query("UPDATE cms_user_msg SET {$del_flag}=1 WHERE {$id_flag}='{$id}'");
$inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1");
}
cmsCore::addSessionMessage($_LANG['MESS_ALL_DEL_OK'], 'info');
cmsCore::redirectBack();
}
//============================================================================//
//============================= Загрузка аватара ============================//
//============================================================================//
if ($do == 'avatar') {
if (!$inUser->id || $inUser->id && $inUser->id != $id) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['LOAD_AVATAR']);
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['LOAD_AVATAR']);
if (cmsCore::inRequest('upload')) {
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/';
$inUploadPhoto->dir_medium = 'users/avatars/';
$inUploadPhoto->dir_small = 'users/avatars/small/';
$inUploadPhoto->small_size_w = $model->config['smallw'];
$inUploadPhoto->medium_size_w = $model->config['medw'];
$inUploadPhoto->medium_size_h = $model->config['medh'];
$inUploadPhoto->is_watermark = false;
$inUploadPhoto->input_name = 'picture';
$file = $inUploadPhoto->uploadPhoto($inUser->orig_imageurl);
if (!$file) {
cmsCore::addSessionMessage('<strong>' . $_LANG['ERROR'] . ':</strong> ' . cmsCore::uploadError() . '!', 'error');
cmsCore::redirect('/users/' . $id . '/avatar.html');
}
$sql = "UPDATE cms_user_profiles SET imageurl = '{$file['filename']}' WHERE user_id = '{$id}' LIMIT 1";
$inDB->query($sql);
// очищаем предыдущую запись о смене аватара
cmsActions::removeObjectLog('add_avatar', $id);
// выводим сообщение в ленту
cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava">
<img border="0" src="/images/users/avatars/small/' . $file['filename'] . '">
</a>'));
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
} else {
cmsPage::initTemplate('components', 'com_users_avatar_upload')->assign('id', $id)->display('com_users_avatar_upload.tpl');
}
}
//============================================================================//
//============================= Библиотека аватаров =========================//
//============================================================================//
if ($do == 'select_avatar') {
if (!$inUser->id || $inUser->id && $inUser->id != $id) {
cmsCore::error404();
}
$avatars_dir = PATH . "/images/users/avatars/library";
$avatars_dir_rel = "/images/users/avatars/library";
$avatars_dir_handle = opendir($avatars_dir);
$avatars = array();
while ($nextfile = readdir($avatars_dir_handle)) {
if ($nextfile != '.' && $nextfile != '..' && (mb_strstr($nextfile, '.gif') || mb_strstr($nextfile, '.jpg') || mb_strstr($nextfile, '.jpeg') || mb_strstr($nextfile, '.png'))) {
$avatars[] = $nextfile;
}
}
closedir($avatars_dir_handle);
if (!cmsCore::inRequest('set_avatar')) {
$inPage->setTitle($_LANG['SELECT_AVATAR']);
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['SELECT_AVATAR']);
$perpage = 20;
$total = sizeof($avatars);
$avatars = array_slice($avatars, ($page - 1) * $perpage, $perpage);
cmsPage::initTemplate('components', 'com_users_avatars')->assign('userid', $id)->assign('avatars', $avatars)->assign('avatars_dir', $avatars_dir_rel)->assign('page', $page)->assign('perpage', $perpage)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, '/users/%user_id%/select-avatar-%page%.html', array('user_id' => $id)))->display('com_users_avatars.tpl');
} else {
$avatar_id = cmsCore::request('avatar_id', 'int', 0);
$file = $avatars[$avatar_id];
if (file_exists($avatars_dir . '/' . $file)) {
$uploaddir = PATH . '/images/users/avatars/';
$realfile = $file;
$filename = md5($realfile . '-' . $id . '-' . time()) . '.jpg';
$uploadfile = $avatars_dir . '/' . $realfile;
$uploadavatar = $uploaddir . $filename;
$uploadthumb = $uploaddir . 'small/' . $filename;
if ($inUser->orig_imageurl && $inUser->orig_imageurl != 'nopic.jpg') {
@unlink(PATH . '/images/users/avatars/' . $inUser->orig_imageurl);
@unlink(PATH . '/images/users/avatars/small/' . $inUser->orig_imageurl);
}
cmsCore::includeGraphics();
copy($uploadfile, $uploadavatar);
@img_resize($uploadfile, $uploadthumb, $model->config['smallw'], $model->config['smallw']);
$sql = "UPDATE cms_user_profiles SET imageurl = '{$filename}' WHERE user_id = '{$id}' LIMIT 1";
$inDB->query($sql);
// очищаем предыдущую запись о смене аватара
cmsActions::removeObjectLog('add_avatar', $id);
// выводим сообщение в ленту
cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava">
<img border="0" src="/images/users/avatars/small/' . $filename . '">
</a>'));
}
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
//============================================================================//
//======================== Работа с фотографиями ============================//
//============================================================================//
if ($do == 'photos') {
if (!$model->config['sw_photo']) {
cmsCore::error404();
}
$pdo = cmsCore::request('pdo', 'str', '');
include 'components/users/photos.php';
}
//============================================================================//
//============================= Друзья пользователя =========================//
//============================================================================//
if ($do == 'friendlist') {
if (!$inUser->id) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$perpage = 10;
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['FRIENDS']);
$inPage->setTitle($_LANG['FRIENDS']);
// все друзья
$friends = cmsUser::getFriends($usr['id']);
// их общее количество
$total = count($friends);
// получаем только нужных на странице
$friends = array_slice($friends, ($page - 1) * $perpage, $perpage);
cmsPage::initTemplate('components', 'com_users_friends')->assign('friends', $friends)->assign('usr', $usr)->assign('myprofile', $id == $inUser->id)->assign('total', $total)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, 'javascript:centerLink(\'/users/' . $id . '/friendlist%page%.html\')'))->display('com_users_friends.tpl');
}
//============================================================================//
//============================= Запрос на дружбу ============================//
//============================================================================//
if ($do == 'addfriend') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id) {
cmsCore::halt();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::halt();
}
cmsUser::clearSessionFriends();
if (cmsUser::isFriend($id)) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['YOU_ARE_BE_FRIENDS']));
}
// проверяем был ли ранее запрос на дружбу
// если был, то делаем accept запросу
$is_need_accept_id = cmsUser::getFriendFieldId($id, 0, 'to_me');
if ($is_need_accept_id) {
$inDB->query("UPDATE cms_user_friends SET is_accepted = 1 WHERE id = '{$is_need_accept_id}'");
//регистрируем событие
cmsActions::log('add_friend', array('object' => $inUser->nickname, 'user_id' => $usr['id'], 'object_url' => cmsUser::getProfileURL($inUser->login), 'object_id' => $is_need_accept_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
cmsCore::callEvent('USER_ACCEPT_FRIEND', $id);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_FRIEND_OK'] . $usr['nickname']));
}
// Если пользователь пытается добавиться в друзья к
// пользователю, к которому уже отправил запрос
if (cmsUser::getFriendFieldId($id, 0, 'from_me')) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ADD_TO_FRIEND_SEND_ERR']));
}
// Мы вообще не друзья с пользователем, создаем запрос
cmsUser::addFriend($id);
cmsUser::sendMessage(USER_UPDATER, $id, sprintf($_LANG['RECEIVED_F_O'], cmsUser::getProfileLink($inUser->login, $inUser->nickname), '<a class="ajaxlink" href="javascript:void(0)" onclick="users.acceptFriend(' . $inUser->id . ', this);return false;">' . $_LANG['ACCEPT'] . '</a>', '<a class="ajaxlink" href="javascript:void(0)" onclick="users.rejectFriend(' . $inUser->id . ', this);return false;">' . $_LANG['REJECT'] . '</a>'));
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_TO_FRIEND_SEND']));
}
//============================================================================//
//============================= Прекращение дружбы ==========================//
//============================================================================//
if ($do == 'delfriend') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id) {
cmsCore::halt();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
if (cmsUser::getFriendFieldId($id)) {
$is_accepted_friend = cmsUser::isFriend($id);
if (cmsUser::deleteFriend($id)) {
// Если подтвержденный друг
if ($is_accepted_friend) {
cmsCore::jsonOutput(array('error' => false, 'text' => $usr['nickname'] . $_LANG['DEL_FRIEND']));
} else {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['REJECT_FRIEND'] . $usr['nickname']));
}
} else {
cmsCore::halt();
}
} else {
cmsCore::halt();
}
}
//============================================================================//
//============================= История кармы ===============================//
//============================================================================//
if ($do == 'karma') {
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['KARMA_HISTORY']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['KARMA_HISTORY']);
cmsPage::initTemplate('components', 'com_users_karma')->assign('karma', $model->getUserKarma($usr['id']))->assign('usr', $usr)->display('com_users_karma.tpl');
}
//============================================================================//
//============================= Изменение кармы =============================//
//============================================================================//
if ($do == 'votekarma') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$points = cmsCore::request('sign', 'str', 'plus') == 'plus' ? 1 : -1;
$to = cmsCore::request('to', 'int', 0);
$user = cmsUser::getShortUserData($to);
if (!$user) {
cmsCore::halt();
}
if (!$model->isUserCanChangeKarma($to)) {
cmsCore::halt();
}
cmsCore::halt(cmsUser::changeKarmaUser($to, $points));
}
//============================================================================//
//======================= Наградить пользователя ============================//
//============================================================================//
if ($do == 'giveaward') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['AWARD_USER']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['AWARD']);
if (!cmsCore::inRequest('gosend')) {
cmsPage::initTemplate('components', 'com_users_awards_give')->assign('usr', $usr)->assign('awardslist', cmsUser::getAwardsImages())->display('com_users_awards_give.tpl');
} else {
$award['title'] = cmsCore::request('title', 'str', $_LANG['AWRD']);
$award['description'] = cmsCore::request('description', 'str', '');
$award['imageurl'] = cmsCore::request('imageurl', 'str', '');
$award['from_id'] = $inUser->id;
$award['id'] = 0;
cmsUser::giveAward($award, $id);
cmsCore::redirect(cmsUser::getProfileURL($usr['login']));
}
}
//============================================================================//
//============================= Удаление награды ============================//
//============================================================================//
if ($do == 'delaward') {
$aw = $inDB->get_fields('cms_user_awards', "id = '{$id}'", '*');
if (!$aw) {
cmsCore::error404();
}
if (!$inUser->id || $inUser->id != $aw['user_id'] && !$inUser->is_admin) {
cmsCore::error404();
}
$inDB->delete('cms_user_awards', "id = '{$id}'", 1);
cmsActions::removeObjectLog('add_award', $id);
cmsCore::redirectBack();
}
//============================================================================//
//============================= Награды на сайте ============================//
//============================================================================//
if ($do == 'awardslist') {
$inPage->setTitle($_LANG['SITE_AWARDS']);
$inPage->addPathway($_LANG['SITE_AWARDS']);
$awards = cmsUser::getAutoAwards();
if (!$awards) {
cmsCore::error404();
}
foreach ($awards as $aw) {
//Перебираем все награды и ищем пользователей с текущей наградой
$sql = "SELECT u.id as id, u.nickname as nickname, u.login as login, IFNULL(p.gender, 'm') as gender\r\n FROM cms_user_awards aw\r\n LEFT JOIN cms_users u ON u.id = aw.user_id\r\n LEFT JOIN cms_user_profiles p ON p.user_id = u.id\r\n WHERE aw.award_id = '{$aw['id']}'";
$rs = $inDB->query($sql);
$aw['uhtml'] = '';
if ($inDB->num_rows($rs)) {
while ($user = $inDB->fetch_assoc($rs)) {
$aw['uhtml'] .= cmsUser::getGenderLink($user['id'], $user['nickname'], $user['gender'], $user['login']) . ', ';
}
$aw['uhtml'] = rtrim($aw['uhtml'], ', ');
} else {
$aw['uhtml'] = $_LANG['NOT_USERS_WITH_THIS_AWARD'];
}
$aws[] = $aw;
}
cmsPage::initTemplate('components', 'com_users_awards_site')->assign('aws', $aws)->display('com_users_awards_site.tpl');
}
//============================================================================//
//============================= Удаление профиля ============================//
//============================================================================//
if ($do == 'delprofile') {
// неавторизованным тут делать нечего
if (!$inUser->id) {
cmsCore::error404();
}
// есть ли удаляемый профиль
$data = cmsUser::getShortUserData($id);
if (!$data) {
cmsCore::error404();
}
// владелец профиля или админ
if ($inUser->is_admin) {
// могут ли администраторы удалять профиль
if (!cmsUser::isAdminCan('admin/users', cmsUser::getAdminAccess())) {
cmsCore::error404();
}
// администратор сам себя не удалит
if ($inUser->id == $data['id']) {
cmsCore::error404();
}
} else {
// удаляем только свой профиль
if ($inUser->id != $data['id']) {
cmsCore::error404();
}
}
if (isset($_POST['csrf_token'])) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$model->deleteUser($id);
if (!$inUser->is_admin) {
session_destroy();
cmsCore::redirect('/logout');
} else {
cmsCore::addSessionMessage($_LANG['DELETING_PROFILE_OK'], 'info');
cmsCore::redirect('/users');
}
} else {
$inPage->setTitle($_LANG['DELETING_PROFILE']);
$inPage->addPathway($data['nickname'], $inUser->getProfileURL($data['login']));
$inPage->addPathway($_LANG['DELETING_PROFILE']);
$confirm['title'] = $_LANG['DELETING_PROFILE'];
$confirm['text'] = '<p>' . $_LANG['REALLY_DEL_PROFILE'] . '</p>';
$confirm['action'] = '/users/' . $id . '/delprofile.html';
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
cmsPage::initTemplate('components', 'action_confirm.tpl')->assign('confirm', $confirm)->display('action_confirm.tpl');
}
}
//============================================================================//
//============================ Восстановить профиль =========================//
//============================================================================//
if ($do == 'restoreprofile') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_users SET is_deleted = 0 WHERE id = '{$id}'");
cmsCore::redirectBack();
}
//============================================================================//
//============================= Файлы пользователей =========================//
//============================================================================//
if ($do == 'files') {
if (!$model->config['sw_files']) {
cmsCore::error404();
}
$fdo = cmsCore::request('fdo', 'str', '');
include 'components/users/files.php';
}
//============================================================================//
//================================ Инвайты =================================//
//============================================================================//
if ($do == 'invites') {
$reg_cfg = $inCore->loadComponentConfig('registration');
if ($reg_cfg['reg_type'] != 'invite') {
cmsCore::error404();
}
$invites_count = $model->getUserInvitesCount($inUser->id);
if (!$invites_count) {
cmsCore::error404();
}
if (!cmsCore::inRequest('send_invite')) {
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_INVITES']);
cmsPage::initTemplate('components', 'com_users_invites')->assign('invites_count', $invites_count)->display('com_users_invites.tpl');
return;
}
if (cmsCore::inRequest('send_invite')) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$invite_email = cmsCore::request('invite_email', 'email', '');
if (!$invite_email) {
cmsCore::redirectBack();
}
if ($model->sendInvite($inUser->id, $invite_email)) {
cmsCore::addSessionMessage(sprintf($_LANG['INVITE_SENDED'], $invite_email), 'success');
} else {
cmsCore::addSessionMessage($_LANG['INVITE_ERROR'], 'error');
}
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
if ($do == 'change_email') {
if (!$inUser->id) {
cmsUser::goToLogin();
}
$email = cmsCore::request('email', 'email', '');
$token = cmsCore::request('token', 'str', '');
// не занят ли email
$is_email = $inDB->get_field('cms_users', "email='{$email}'", 'id');
if ($is_email || !$email || !$token) {
cmsCore::error404();
}
// проверяем токен
$valid_id = $inDB->get_field('cms_users_activate', "code='{$token}' AND user_id = '{$inUser->id}'", 'id');
if (!$valid_id) {
cmsCore::error404();
}
$inDB->delete('cms_users_activate', "id = '{$valid_id}'");
// Сохраняем новый email
$inDB->update('cms_users', array('email' => $email), $inUser->id);
cmsCore::addSessionMessage($_LANG['NEW_EMAIL_SAVED'], 'success');
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}
public static function getWidgetOptionsForm($widget_name, $controller_name = false, $options = false)
{
$widget_path = self::getWidgetPath($widget_name, $controller_name);
$path = cmsConfig::get('system_path') . $widget_path;
$form_file = $path . '/options.form.php';
$form_name = 'widget' . ($controller_name ? "_{$controller_name}_" : '_') . "{$widget_name}_options";
$form = cmsForm::getForm($form_file, $form_name, array($options));
if (!$form) {
$form = new cmsForm();
}
$form->is_tabbed = true;
//
// Опции внешнего вида
//
$design_fieldset_id = $form->addFieldset(LANG_DESIGN);
$form->addField($design_fieldset_id, new fieldString('class_wrap', array('title' => LANG_CSS_CLASS_WRAP)));
$form->addField($design_fieldset_id, new fieldString('class_title', array('title' => LANG_CSS_CLASS_TITLE)));
$form->addField($design_fieldset_id, new fieldString('class', array('title' => LANG_CSS_CLASS_BODY)));
$form->addField($design_fieldset_id, new fieldString('tpl_wrap', array('title' => LANG_WIDGET_WRAPPER_TPL, 'hint' => LANG_WIDGET_WRAPPER_TPL_HINT)));
$form->addField($design_fieldset_id, new fieldString('tpl_body', array('title' => LANG_WIDGET_BODY_TPL, 'hint' => sprintf(LANG_WIDGET_BODY_TPL_HINT, $widget_path))));
//
// Опции доступа
//
$access_fieldset_id = $form->addFieldset(LANG_PERMISSIONS);
// Показывать группам
$form->addField($access_fieldset_id, new fieldListGroups('groups_view', array('title' => LANG_SHOW_TO_GROUPS, 'show_all' => true, 'show_guests' => true)));
// Не показывать группам
$form->addField($access_fieldset_id, new fieldListGroups('groups_hide', array('title' => LANG_HIDE_FOR_GROUPS, 'show_all' => false, 'show_guests' => true)));
//
// Опции заголовка
//
$title_fieldset_id = $form->addFieldsetToBeginning(LANG_BASIC_OPTIONS);
// ID виджета
$form->addField($title_fieldset_id, new fieldNumber('id', array('is_hidden' => true)));
// Заголовок виджета
$form->addField($title_fieldset_id, new fieldString('title', array('title' => LANG_TITLE, 'rules' => array(array('required'), array('min_length', 3), array('max_length', 128)))));
// Флаг показа заголовка
$form->addField($title_fieldset_id, new fieldCheckbox('is_title', array('title' => LANG_SHOW_TITLE, 'default' => true)));
// Флаг объединения с предыдущим виджетом
$form->addField($title_fieldset_id, new fieldCheckbox('is_tab_prev', array('title' => LANG_WIDGET_TAB_PREV)));
// Ссылки в заголовке
$form->addField($title_fieldset_id, new fieldText('links', array('title' => LANG_WIDGET_TITLE_LINKS, 'hint' => LANG_WIDGET_TITLE_LINKS_HINT)));
return $form;
}
function forms()
{
cmsCore::loadClass('form');
$do = cmsCore::getInstance()->do;
global $_LANG;
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'view') {
// Получаем форму
$form = cmsForm::getFormData(cmsCore::request('form_id', 'int'));
if (!$form) {
cmsCore::error404();
}
// Получаем данные полей формы
$form_fields = cmsForm::getFormFields($form['id']);
// Если полей нет, 404
if (!$form_fields) {
cmsCore::error404();
}
$errors = array();
$attachment = array();
// Получаем данные формы
// Если не переданы, назад
$form_input = cmsForm::getFieldsInputValues($form['id']);
if (!$form_input) {
$errors[] = $_LANG['FORM_ERROR'];
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
$errors[] = $field_error;
}
}
// проверяем каптчу
if (!cmsPage::checkCaptchaCode()) {
$errors[] = $_LANG['ERR_CAPTCHA'];
}
if ($errors) {
if (cmsCore::isAjax()) {
cmsCore::jsonOutput(array('error' => true, 'text' => end($errors)));
} else {
foreach ($errors as $error) {
cmsCore::addSessionMessage($error, 'error');
}
cmsCore::redirectBack();
}
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// Подготовим начало письма
$mail_message = '<h3>' . $_LANG['FORM'] . ': ' . $form['title'] . '</h3>';
// Добавляем заполненные поля в письмо
foreach ($form_fields as $field) {
// Значение поля
$value = $form_input['values'][$field['id']];
if (!$value) {
continue;
}
if (is_string($value)) {
$mail_message .= '<h5>' . $field['title'] . '</h5><p>' . $value . '</p>';
} elseif (is_array($value)) {
// если массив, значит к форме прикреплен файл
if ($form['sendto'] == 'mail') {
$attachment[] = !empty($value['url']) ? PATH . $value['url'] : '';
} elseif (!empty($value['url'])) {
$mail_message .= '<h5>' . $field['title'] . '</h5><p><a href="' . $value['url'] . '">' . $value['name'] . '</a></p>';
}
}
}
// Отправляем форму
if ($form['sendto'] == 'mail') {
$emails = explode(',', $form['email']);
if ($emails) {
foreach ($emails as $email) {
cmsCore::mailText(trim($email), cmsConfig::getConfig('sitename') . ': ' . $form['title'], $mail_message, $attachment);
}
}
// удаляем прикрепленные файлы
foreach ($attachment as $attach) {
@unlink($attach);
}
} else {
cmsUser::sendMessage(-2, $form['user_id'], $mail_message);
}
cmsUser::sessionClearAll();
if (cmsCore::isAjax()) {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['FORM_IS_SEND']));
} else {
cmsCore::addSessionMessage($_LANG['FORM_IS_SEND'], 'info');
cmsCore::redirectBack();
}
}
//========================================================================================================================//
}
echo $_LANG['AD_FIELD_ADD'];
} else {
echo $_LANG['AD_FIELD_SAVE'];
}
?>
" />
</p>
</form>
</td>
<td width="440" valign="top" class="proptable"><h4 style="border-bottom:solid 1px black;font-size: 14px; margin-bottom: 5px"><b><?php
echo $_LANG['AD_PREVIEV'];
?>
</b></h4>
<?php
echo cmsForm::displayForm($item_id, array(), true);
?>
</td>
</tr>
</table>
<script type="text/javascript">
$(document).ready(function(){
show();
});
</script>
{/tabs}
<?php
echo jwTabs(ob_get_clean());
?>
<?php
