function moreedit_item_edit()
{
if (Params::getParam('page') == 'item' && Params::getParam('action') == 'item_edit') {
if (osc_get_preference('disable_edit', 'moreedit') == '1') {
osc_add_flash_error_message(__('Sorry, editing is not allowed', 'moreedit'));
if (osc_is_web_user_logged_in()) {
header("location: " . osc_user_dashboard_url());
} else {
header("location: " . osc_base_url());
}
exit;
}
if (osc_get_preference('moderate_edit', 'moreedit') == '1') {
osc_add_flash_info_message(__('Your ad will be needed to be moderated by an admin after you edit it. Until it gets approved it will not be visible to the rest of the users', 'moreedit'));
}
}
}
//.........这里部分代码省略.........
case 'change_password_post':
//change password post
osc_csrf_check();
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
if (Params::getParam('password', false, false) == '' || Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_change_user_password_url());
}
if (!osc_verify_password(Params::getParam('password', false, false), $user['s_password'])) {
osc_add_flash_error_message(_m("Current password doesn't match"));
$this->redirectTo(osc_change_user_password_url());
}
if (!Params::getParam('new_password', false, false)) {
osc_add_flash_error_message(_m("Passwords can't be empty"));
$this->redirectTo(osc_change_user_password_url());
}
if (Params::getParam('new_password', false, false) != Params::getParam('new_password2', false, false)) {
osc_add_flash_error_message(_m("Passwords don't match"));
$this->redirectTo(osc_change_user_password_url());
}
User::newInstance()->update(array('s_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_ok_message(_m('Password has been changed'));
$this->redirectTo(osc_user_profile_url());
break;
case 'items':
// view items user
$itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 10;
$page = Params::getParam('iPage') > 0 ? Params::getParam('iPage') - 1 : 0;
$itemType = Params::getParam('itemType');
$total_items = Item::newInstance()->countItemTypesByUserID(osc_logged_user_id(), $itemType);
$total_pages = ceil($total_items / $itemsPerPage);
$items = Item::newInstance()->findItemTypesByUserID(osc_logged_user_id(), $page * $itemsPerPage, $itemsPerPage, $itemType);
$this->_exportVariableToView('items', $items);
$this->_exportVariableToView('search_total_pages', $total_pages);
$this->_exportVariableToView('search_total_items', $total_items);
$this->_exportVariableToView('items_per_page', $itemsPerPage);
$this->_exportVariableToView('items_type', $itemType);
$this->_exportVariableToView('search_page', $page);
$this->doView('user-items.php');
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$result = 0;
if ($email != '' && $secret != '') {
$result = Alerts::newInstance()->activate($email, $secret);
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Alert activated'));
} else {
osc_add_flash_error_message(_m('Oops! There was a problem trying to activate your alert. Please contact an administrator'));
}
$this->redirectTo(osc_base_url());
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$alert = Alerts::newInstance()->findByPrimaryKey($id);
$result = 0;
if (!empty($alert)) {
if ($email == $alert['s_email'] && $secret == $alert['s_secret']) {
$result = Alerts::newInstance()->unsub($id);
}
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Oops! There was a problem trying to unsubscribe you. Please contact an administrator'));
}
$this->redirectTo(osc_user_alerts_url());
break;
case 'delete':
$id = Params::getParam('id');
$secret = Params::getParam('secret');
if (osc_is_web_user_logged_in()) {
$user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
View::newInstance()->_exportVariableToView('user', $user);
if (!empty($user) && osc_logged_user_id() == $id && $secret == $user['s_secret']) {
User::newInstance()->deleteUser(osc_logged_user_id());
Session::newInstance()->_drop('userId');
Session::newInstance()->_drop('userName');
Session::newInstance()->_drop('userEmail');
Session::newInstance()->_drop('userPhone');
Cookie::newInstance()->pop('oc_userId');
Cookie::newInstance()->pop('oc_userSecret');
Cookie::newInstance()->set();
osc_add_flash_ok_message(_m("Your account have been deleted"));
$this->redirectTo(osc_base_url());
} else {
osc_add_flash_error_message(_m("Oops! you can not do that"));
$this->redirectTo(osc_user_dashboard_url());
}
} else {
osc_add_flash_error_message(_m("Oops! you can not do that"));
$this->redirectTo(osc_base_url());
}
break;
}
}
开发者ID:naneri,项目名称:Osclass,代码行数:101,代码来源:user.php
示例12: doModel
function doModel()
{
switch ($this->action) {
case 'login_post':
//post execution for the login
$user = User::newInstance()->findByEmail(Params::getParam('email'));
if (!$user) {
osc_add_flash_message(_m('The username doesn\'t exist'));
$this->redirectTo(osc_user_login_url());
}
if (!$user['b_enabled']) {
osc_add_flash_message(_m('The user has not been validated yet'));
$this->redirectTo(osc_user_login_url());
}
if ($user["s_password"] == sha1(Params::getParam('password'))) {
if (Params::getParam('remember') == 1) {
//this include contains de osc_genRandomPassword function
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$secret = osc_genRandomPassword();
User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
Cookie::newInstance()->set_expires(osc_time_cookie());
Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
Cookie::newInstance()->push('oc_userSecret', $secret);
Cookie::newInstance()->set();
}
//we are logged in... let's go!
Session::newInstance()->_set('userId', $user['pk_i_id']);
Session::newInstance()->_set('userName', $user['s_name']);
Session::newInstance()->_set('userEmail', $user['s_email']);
$phone = $user['s_phone_mobile'] ? $user['s_phone_mobile'] : $user['s_phone_land'];
Session::newInstance()->_set('userPhone', $phone);
} else {
osc_add_flash_message(_m('The password is incorrect'));
}
//returning logged in to the main page...
$this->redirectTo(osc_user_dashboard_url());
break;
case 'recover':
//form to recover the password (in this case we have the form in /gui/)
$this->doView('user-recover.php');
break;
case 'recover_post':
//post execution to recover the password
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(false);
$recaptcha_ok = $userActions->recover_password();
if ($recaptcha_ok) {
// We ALWAYS show the same message, so we don't give clues about which emails are in our database and which don't!
osc_add_flash_message(_m('We have sent you an email with the instructions to reset your password'));
$this->redirectTo(osc_base_url());
} else {
osc_add_flash_message(_m('The recaptcha code is wrong'));
$this->redirectTo(osc_recover_user_password_url());
}
break;
case 'forgot':
//form to recover the password (in this case we have the form in /gui/)
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user) {
$this->doView('user-forgot_password.php');
} else {
osc_add_flash_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
break;
case 'forgot_post':
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user) {
if (Params::getParam('new_password') == Params::getParam('new_password2')) {
User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => $_SERVER['REMOTE_ADDR'], 's_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => $user['pk_i_id']));
osc_add_flash_message(_m('The password has been changed'));
$this->redirectTo(osc_user_login_url());
} else {
osc_add_flash_message(_m('Error, the password don\'t match'));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
} else {
osc_add_flash_message(_m('Sorry, the link is not valid'));
}
$this->redirectTo(osc_base_url());
break;
default:
//login
if (osc_logged_user_id() != '') {
$this->redirectTo(osc_user_dashboard_url());
}
$this->doView('user-login.php');
}
}
<?php
$data = payment_get_custom(Params::getParam('extra'));
$url = osc_base_url();
if (isset($data['product']) && isset($data['itemid'])) {
$product = explode('x', $data['product']);
if ($product[0] == '301') {
// PACK PAYMENT FROM USER'S DASHBOARD
$url = osc_user_dashboard_url();
} else {
$item = Item::newInstance()->findByPrimaryKey($data['itemid']);
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
View::newInstance()->_exportVariableToView('category', $category);
$url = osc_search_category_url();
}
} else {
}
osc_add_flash_error_message(__('You cancel the payment process or there was an error. If the error continue, please contact the administrator', 'payment'));
_e('You cancel the payment process or there was an error. If the error continue, please contact the administrator', 'payment');
payment_js_redirect_to($url);
请发表评论