/**
  * Method to build the WHERE clause
  *
  * @access private
  * @return string
  */
 function _buildItemWhere()
 {
     $user = JFactory::getUser();
     $db = JFactory::getDBO();
     // Get the view's parameters
     $cparams = $this->_params;
     // Date-Times are stored as UTC, we should use current UTC time to compare and not user time (requestTime),
     //  thus the items are published globally at the time the author specified in his/her local clock
     //$app  = JFactory::getApplication();
     //$now  = FLEXI_J16GE ? $app->requestTime : $app->get('requestTime');   // NOT correct behavior it should be UTC (below)
     //$date = JFactory::getDate();
     //$now  = FLEXI_J16GE ? $date->toSql() : $date->toMySQL();              // NOT good if string passed to function that will be cached, because string continuesly different
     $_nowDate = 'UTC_TIMESTAMP()';
     //$db->Quote($now);
     $nullDate = $db->getNullDate();
     // First thing we need to do is to select only the requested FAVOURED items
     $where = ' WHERE fav.userid = ' . (int) $user->get('id');
     // Get privilege to view non viewable items (upublished, archived, trashed, expired, scheduled).
     // NOTE:  ACL view level is checked at a different place
     if (FLEXI_J16GE) {
         $ignoreState = $user->authorise('flexicontent.ignoreviewstate', 'com_flexicontent');
     } else {
         if (FLEXI_ACCESS) {
             $ignoreState = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'ignoreviewstate', 'users', $user->gmid) : 1;
         } else {
             $ignoreState = $user->gid > 19;
         }
     }
     // author has 19 and editor has 20
     if (!$ignoreState) {
         // Limit by publication state. Exception: when displaying personal user items or items modified by the user
         $where .= ' AND ( i.state IN (1, -5) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )';
         //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )';
         // Limit by publish up/down dates. Exception: when displaying personal user items or items modified by the user
         $where .= ' AND ( ( i.publish_up = ' . $this->_db->Quote($nullDate) . ' OR i.publish_up <= ' . $_nowDate . ' ) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )';
         //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )';
         $where .= ' AND ( ( i.publish_down = ' . $this->_db->Quote($nullDate) . ' OR i.publish_down >= ' . $_nowDate . ' ) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )';
         //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )';
     }
     $where .= !FLEXI_J16GE ? ' AND i.sectionid = ' . FLEXI_SECTION : '';
     /*
      * If we have a filter, and this is enabled... lets tack the AND clause
      * for the filter onto the WHERE clause of the item query.
      */
     // ****************************************
     // Create WHERE clause part for Text Search
     // ****************************************
     $text = JRequest::getString('filter', JRequest::getString('q', ''), 'default');
     // Check for LIKE %word% search, for languages without spaces
     $filter_word_like_any = $cparams->get('filter_word_like_any', 0);
     $phrase = $filter_word_like_any ? JRequest::getWord('searchphrase', JRequest::getWord('p', 'any'), 'default') : JRequest::getWord('searchphrase', JRequest::getWord('p', 'exact'), 'default');
     $si_tbl = 'flexicontent_items_ext';
     $search_prefix = $cparams->get('add_search_prefix') ? 'vvv' : '';
     // SEARCH WORD Prefix
     $text = !$search_prefix ? trim($text) : preg_replace('/(\\b[^\\s,\\.]+\\b)/u', $search_prefix . '$0', trim($text));
     $words = preg_split('/\\s\\s*/u', $text);
     if (strlen($text)) {
         $ts = 'ie';
         $escaped_text = FLEXI_J16GE ? $db->escape($text, true) : $db->getEscaped($text, true);
         $quoted_text = $db->Quote($escaped_text, false);
         switch ($phrase) {
             case 'natural':
                 $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ') ';
                 break;
             case 'natural_expanded':
                 $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' WITH QUERY EXPANSION) ';
                 break;
             case 'exact':
                 $stopwords = array();
                 $shortwords = array();
                 if (!$search_prefix) {
                     $words = flexicontent_db::removeInvalidWords($words, $stopwords, $shortwords, $si_tbl, 'search_index', $isprefix = 0);
                 }
                 if (empty($words)) {
                     // All words are stop-words or too short, we could try to execute a query that only contains a LIKE %...% , but it would be too slow
                     JRequest::setVar('ignoredwords', implode(' ', $stopwords));
                     JRequest::setVar('shortwords', implode(' ', $shortwords));
                     $_text_match = ' 0=1 ';
                 } else {
                     // speed optimization ... 2-level searching: first require ALL words, then require exact text
                     $newtext = '+' . implode(' +', $words);
                     $quoted_text = FLEXI_J16GE ? $db->escape($newtext, true) : $db->getEscaped($newtext, true);
                     $quoted_text = $db->Quote($quoted_text, false);
                     $exact_text = $db->Quote('%' . $escaped_text . '%', false);
                     $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' IN BOOLEAN MODE) AND ' . $ts . '.search_index LIKE ' . $exact_text;
                 }
                 break;
             case 'all':
                 $stopwords = array();
                 $shortwords = array();
                 if (!$search_prefix) {
                     $words = flexicontent_db::removeInvalidWords($words, $stopwords, $shortwords, $si_tbl, 'search_index', $isprefix = 1);
                 }
                 JRequest::setVar('ignoredwords', implode(' ', $stopwords));
                 JRequest::setVar('shortwords', implode(' ', $shortwords));
                 $newtext = '+' . implode('* +', $words) . '*';
                 $quoted_text = FLEXI_J16GE ? $db->escape($newtext, true) : $db->getEscaped($newtext, true);
                 $quoted_text = $db->Quote($quoted_text, false);
                 $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' IN BOOLEAN MODE) ';
                 break;
             case 'any':
             default:
                 $stopwords = array();
                 $shortwords = array();
                 if (!$search_prefix) {
                     $words = flexicontent_db::removeInvalidWords($words, $stopwords, $shortwords, $si_tbl, 'search_index', $isprefix = 1);
                 }
                 JRequest::setVar('ignoredwords', implode(' ', $stopwords));
                 JRequest::setVar('shortwords', implode(' ', $shortwords));
                 $newtext = implode('* ', $words) . '*';
                 $quoted_text = FLEXI_J16GE ? $db->escape($newtext, true) : $db->getEscaped($newtext, true);
                 $quoted_text = $db->Quote($quoted_text, false);
                 $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' IN BOOLEAN MODE) ';
                 break;
         }
         $where .= ' AND ' . $_text_match;
     }
     return $where;
 }
Beispiel #2
0
		<tr>
			<td colspan="13">
				<?php 
echo $pagination_footer;
?>
			</td>
		</tr>
	</tfoot>

	<tbody>
		<?php 
if (FLEXI_J16GE) {
    $canCheckinRecords = $user->authorise('core.admin', 'checkin');
} else {
    if (FLEXI_ACCESS) {
        $canCheckinRecords = $user->gid < 25 ? FAccess::checkComponentAccess('com_checkin', 'manage', 'users', $user->gmid) : 1;
    } else {
        $canCheckinRecords = $user->gid >= 24;
    }
}
if (FLEXI_J16GE) {
    $originalOrders = array();
    $extension = 'com_content';
}
$k = 0;
$i = 0;
foreach ($this->rows as $row) {
    if (FLEXI_J16GE) {
        $canEdit = $user->authorise('core.edit', $extension . '.category.' . $row->id);
        $canEditOwn = $user->authorise('core.edit.own', $extension . '.category.' . $row->id) && $row->created_user_id == $user->get('id');
        $canEditState = $user->authorise('core.edit.state', $extension . '.category.' . $row->id);
Beispiel #3
0
 /**
  * Method to get the assigned items for a category
  *
  * @access private
  * @return int
  */
 function _getassigned($id)
 {
     global $globalcats;
     $user = JFactory::getUser();
     $db = JFactory::getDBO();
     // Get the view's parameters
     $params = $this->_params;
     $use_tmp = true;
     // Date-Times are stored as UTC, we should use current UTC time to compare and not user time (requestTime),
     //  thus the items are published globally at the time the author specified in his/her local clock
     //$app  = JFactory::getApplication();
     //$now  = FLEXI_J16GE ? $app->requestTime : $app->get('requestTime');   // NOT correct behavior it should be UTC (below)
     //$date = JFactory::getDate();
     //$now  = FLEXI_J16GE ? $date->toSql() : $date->toMySQL();              // NOT good if string passed to function that will be cached, because string continuesly different
     $_nowDate = 'UTC_TIMESTAMP()';
     //$db->Quote($now);
     $nullDate = $db->getNullDate();
     // Get some parameters and other info
     $catlang = $params->get('language', '');
     // category language (currently UNUSED), this is property in J2.5 instead of as parameter in FC J1.5
     $lang = flexicontent_html::getUserCurrentLang();
     // Get user current language
     $filtercat = $params->get('filtercat', 0);
     // Filter items using currently selected language
     $show_noauth = $params->get('show_noauth', 0);
     // Show unauthorized items
     // First thing we need to do is to select only the requested items
     $where = ' WHERE 1 ';
     if ($this->_authorid) {
         $where .= ' AND i.created_by = ' . $db->Quote($this->_authorid);
     }
     // Filter the category view with the current user language
     if ((FLEXI_FISH || FLEXI_J16GE) && $filtercat) {
         $lta = FLEXI_J16GE || $use_tmp ? 'i' : 'ie';
         $where .= ' AND ( ' . $lta . '.language LIKE ' . $db->Quote($lang . '%') . (FLEXI_J16GE ? ' OR ' . $lta . '.language="*" ' : '') . ' ) ';
     }
     // Get privilege to view non viewable items (upublished, archived, trashed, expired, scheduled).
     // NOTE:  ACL view level is checked at a different place
     if (FLEXI_J16GE) {
         $ignoreState = $user->authorise('flexicontent.ignoreviewstate', 'com_flexicontent');
     } else {
         if (FLEXI_ACCESS) {
             $ignoreState = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'ignoreviewstate', 'users', $user->gmid) : 1;
         } else {
             $ignoreState = $user->gid > 19;
         }
     }
     // author has 19 and editor has 20
     if (!$ignoreState) {
         // Limit by publication state. Exception: when displaying personal user items or items modified by the user
         $where .= ' AND ( i.state IN (1, -5) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )';
         //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )';
         // Limit by publish up/down dates. Exception: when displaying personal user items or items modified by the user
         $where .= ' AND ( ( i.publish_up = ' . $db->Quote($nullDate) . ' OR i.publish_up <= ' . $_nowDate . ' ) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )';
         //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )';
         $where .= ' AND ( ( i.publish_down = ' . $db->Quote($nullDate) . ' OR i.publish_down >= ' . $_nowDate . ' ) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )';
         //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )';
     }
     // Count items according to full depth level !!!
     $catlist = !empty($globalcats[$id]->descendants) ? $globalcats[$id]->descendants : $id;
     $where .= ' AND rel.catid IN (' . $catlist . ')';
     // Select only items that user has view access, if listing of unauthorized content is not enabled
     // Checking item, category, content type access level
     $joinaccess = '';
     if (!$show_noauth) {
         if (FLEXI_J16GE) {
             $aid_arr = JAccess::getAuthorisedViewLevels($user->id);
             $aid_list = implode(",", $aid_arr);
             $where .= ' AND ty.access IN (0,' . $aid_list . ')';
             $where .= ' AND mc.access IN (0,' . $aid_list . ')';
             $where .= ' AND  i.access IN (0,' . $aid_list . ')';
         } else {
             $aid = (int) $user->get('aid');
             if (FLEXI_ACCESS) {
                 $joinaccess .= ' LEFT JOIN #__flexiaccess_acl AS gt ON ty.id = gt.axo AND gt.aco = "read" AND gt.axosection = "type"';
                 $joinaccess .= ' LEFT JOIN #__flexiaccess_acl AS gc ON mc.id = gc.axo AND gc.aco = "read" AND gc.axosection = "category"';
                 $joinaccess .= ' LEFT JOIN #__flexiaccess_acl AS gi ON  i.id = gi.axo AND gi.aco = "read" AND gi.axosection = "item"';
                 $where .= ' AND (gt.aro IN ( ' . $user->gmid . ' ) OR ty.access <= ' . $aid . ')';
                 $where .= ' AND (gc.aro IN ( ' . $user->gmid . ' ) OR mc.access <= ' . $aid . ')';
                 $where .= ' AND (gi.aro IN ( ' . $user->gmid . ' ) OR  i.access <= ' . $aid . ')';
             } else {
                 $where .= ' AND ty.access <= ' . $aid;
                 $where .= ' AND mc.access <= ' . $aid;
                 $where .= ' AND  i.access <= ' . $aid;
             }
         }
     }
     $query = 'SELECT COUNT(DISTINCT rel.itemid)' . ' FROM #__flexicontent_cats_item_relations AS rel' . (!$use_tmp ? ' JOIN #__content AS i ON rel.itemid = i.id' : ' JOIN #__flexicontent_items_tmp AS i ON rel.itemid = i.id') . (!$use_tmp ? ' JOIN #__flexicontent_items_ext AS ie ON rel.itemid = ie.item_id' : '') . ' JOIN #__flexicontent_types AS ty ON ' . (!$use_tmp ? 'ie' : 'i') . '.type_id = ty.id' . ' JOIN #__categories AS mc ON mc.id =   i.catid AND mc.published = 1' . $joinaccess . $where;
     $db->setQuery($query);
     $assigneditems = $db->loadResult();
     if ($db->getErrorNum()) {
         JFactory::getApplication()->enqueueMessage(__FUNCTION__ . '(): SQL QUERY ERROR:<br/>' . nl2br($db->getErrorMsg()), 'error');
     }
     return $assigneditems;
 }
Beispiel #4
0
 /**
  * Method to fetch the tags form
  * 
  * @since 1.5
  */
 function gettags()
 {
     $id = JRequest::getInt('id', 0);
     $model = $this->getModel('item');
     $tags = $model->gettags();
     $user = JFactory::getUser();
     $used = null;
     if ($id) {
         $used = $model->getUsedtagsIds($id);
     }
     if (!is_array($used)) {
         $used = array();
     }
     if (FLEXI_J16GE) {
         $permission = FlexicontentHelperPerm::getPerm();
         $CanNewTags = $permission->CanNewTags;
         $CanUseTags = $permission->CanUseTags;
     }
     if (FLEXI_ACCESS) {
         $CanNewTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'newtags', 'users', $user->gmid) : 1;
         $CanUseTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'usetags', 'users', $user->gmid) : 1;
     } else {
         // no FLEXIAccess everybody can create / use tags
         $CanNewTags = 1;
         $CanUseTags = 1;
     }
     $CanUseTags = $CanUseTags ? '' : ' disabled="disabled"';
     $n = count($tags);
     $rsp = '';
     if ($n > 0) {
         $rsp .= '<div class="qf_tagbox">';
         $rsp .= '<ul>';
         for ($i = 0, $n; $i < $n; $i++) {
             $tag = $tags[$i];
             $rsp .= '<li><div><span class="qf_tagidbox"><input type="checkbox" name="tag[]" value="' . $tag->id . '"' . (in_array($tag->id, $used) ? 'checked="checked"' : '') . $CanUseTags . ' /></span>' . $tag->name . '</div></li>';
             if ($CanUseTags && in_array($tag->id, $used)) {
                 $rsp .= '<input type="hidden" name="tag[]" value="' . $tag->id . '" />';
             }
         }
         $rsp .= '</ul>';
         $rsp .= '</div>';
         $rsp .= '<div class="clear"></div>';
     }
     if ($CanNewTags) {
         $rsp .= '<div class="qf_addtag">';
         $rsp .= '<label for="addtags">' . JText::_('FLEXI_ADD_TAG') . '</label>';
         $rsp .= '<input type="text" id="tagname" class="inputbox" size="30" />';
         $rsp .= '<input type="button" class="fc_button" value="' . JText::_('FLEXI_ADD') . '" onclick="addtag()" />';
         $rsp .= '</div>';
     }
     echo $rsp;
 }
Beispiel #5
0
 /**
  * Logic to delete categories
  *
  * @access public
  * @return void
  * @since 1.0
  */
 function remove()
 {
     // Check for request forgeries
     JRequest::checkToken() or jexit('Invalid Token');
     $user = JFactory::getUser();
     if (FLEXI_J16GE) {
         $perms = FlexicontentHelperPerm::getPerm();
         $CanCats = $perms->CanCats;
     } else {
         if (FLEXI_ACCESS) {
             $CanCats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'categories', 'users', $user->gmid) : 1;
         } else {
             $CanCats = 1;
         }
     }
     $cid = JRequest::getVar('cid', array(0), 'post', 'array');
     $msg = '';
     if (!is_array($cid) || count($cid) < 1) {
         // no category selected
         JError::raiseWarning(500, JText::_('FLEXI_SELECT_ITEM_DELETE'));
     } else {
         if (!$CanCats) {
             // no access rights
             JError::raiseWarning(500, JText::_('FLEXI_ALERTNOTAUTH_TASK'));
         } else {
             // try to delete the category and clean cache
             $model = $this->getModel('categories');
             $msg = $model->delete($cid);
             if (!$msg) {
                 JError::raiseWarning(500, $model->getError());
                 $this->setRedirect('index.php?option=com_flexicontent&view=categories', $msg);
                 return;
             }
             // clean cache
             $cache = JFactory::getCache('com_flexicontent');
             $cache->clean();
             $catscache = JFactory::getCache('com_flexicontent_cats');
             $catscache->clean();
         }
     }
     // redirect to categories management tab
     $this->setRedirect('index.php?option=com_flexicontent&view=categories', $msg);
 }
Beispiel #6
0
 /**
  * Build the where clause
  *
  * @access private
  * @return string
  */
 function _buildContentWhere()
 {
     $app = JFactory::getApplication();
     $user = JFactory::getUser();
     $option = JRequest::getVar('option');
     $langparent_item = $app->getUserStateFromRequest($option . '.itemelement.langparent_item', 'langparent_item', 0, 'int');
     $type_id = $app->getUserStateFromRequest($option . '.itemelement.type_id', 'type_id', 0, 'int');
     $created_by = $app->getUserStateFromRequest($option . '.itemelement.created_by', 'created_by', 0, 'int');
     if ($langparent_item) {
         $user_fullname = JFactory::getUser($created_by)->name;
         $this->_db->setQuery('SELECT name FROM #__flexicontent_types WHERE id = ' . $type_id);
         $type_name = $this->_db->loadResult();
         $msg = sprintf("Selecting ORIGINAL Content item for a translating item of &nbsp; Content Type: \"%s\" &nbsp; and &nbsp; User: \"%s\"", $type_name, $user_fullname);
         $jAp = JFactory::getApplication();
         $jAp->enqueueMessage($msg, 'message');
     }
     $filter_state = $app->getUserStateFromRequest($option . '.itemelement.filter_state', 'filter_state', '', 'word');
     $filter_cats = $app->getUserStateFromRequest($option . '.itemelement.filter_cats', 'filter_cats', '', 'int');
     $filter_type = $app->getUserStateFromRequest($option . '.itemelement.filter_type', 'filter_type', '', 'int');
     if (FLEXI_FISH || FLEXI_J16GE) {
         if ($langparent_item) {
             $filter_lang = flexicontent_html::getSiteDefaultLang();
         } else {
             $filter_lang = $app->getUserStateFromRequest($option . '.itemelement.filter_lang', 'filter_lang', '', 'cmd');
         }
     }
     $search = $app->getUserStateFromRequest($option . '.itemelement.search', 'search', '', 'string');
     $search = trim(JString::strtolower($search));
     $where = array();
     $where[] = ' i.state != -2';
     // Exclude trashed
     if (!FLEXI_J16GE) {
         $where[] = ' sectionid = ' . FLEXI_SECTION;
     }
     if ($filter_state) {
         if ($filter_state == 'P') {
             $where[] = 'i.state = 1';
         } else {
             if ($filter_state == 'U') {
                 $where[] = 'i.state = 0';
             } else {
                 if ($filter_state == 'PE') {
                     $where[] = 'i.state = -3';
                 } else {
                     if ($filter_state == 'OQ') {
                         $where[] = 'i.state = -4';
                     } else {
                         if ($filter_state == 'IP') {
                             $where[] = 'i.state = -5';
                         } else {
                             if ($filter_state == 'A') {
                                 $where[] = 'i.state = ' . (FLEXI_J16GE ? 2 : -1);
                             }
                         }
                     }
                 }
             }
         }
     }
     if ($filter_cats) {
         $where[] = 'rel.catid = ' . $filter_cats;
     }
     if ($langparent_item && $type_id) {
         $where[] = 'ie.type_id = ' . $type_id;
     } else {
         if ($filter_type) {
             $where[] = 'ie.type_id = ' . $filter_type;
         }
     }
     if (FLEXI_FISH || FLEXI_J16GE) {
         if ($filter_lang) {
             $where[] = 'ie.language = ' . $this->_db->Quote($filter_lang);
         }
     }
     if ($search) {
         $search_escaped = FLEXI_J16GE ? $this->_db->escape($search, true) : $this->_db->getEscaped($search, true);
         $where[] = ' LOWER(i.title) LIKE ' . $this->_db->Quote('%' . $search_escaped . '%', false);
     }
     /*if (FLEXI_J16GE) {
     			$isAdmin = JAccess::check($user->id, 'core.admin', 'root.1');
     		} else {
     			$isAdmin = $user->gid >= 24;
     		}*/
     if (FLEXI_J16GE) {
         $assocanytrans = $user->authorise('flexicontent.assocanytrans', 'com_flexicontent');
     } else {
         if (FLEXI_ACCESS) {
             $assocanytrans = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'assocanytrans', 'users', $user->gmid) : 1;
         } else {
             $assocanytrans = $user->gid >= 24;
         }
     }
     // is at least admin
     if (!$assocanytrans) {
         if ($langparent_item && $created_by) {
             $where[] = ' i.created_by=' . $created_by;
         }
     }
     $where = count($where) ? ' WHERE ' . implode(' AND ', $where) : '';
     return $where;
 }
 /**
  * Method (for J1.5) to check if the user can add an item anywhere
  *
  * @access	public
  * @return	boolean	True on success
  * @since	1.5
  */
 function canAdd()
 {
     $user = JFactory::getUser();
     if (FLEXI_ACCESS && $user->gid < 25) {
         $canSubmit = FAccess::checkComponentAccess('com_content', 'submit', 'users', $user->gmid);
         $canAdd = FAccess::checkAllContentAccess('com_content', 'add', 'users', $user->gmid, 'content', 'all');
         if (!$canSubmit && !$canAdd) {
             return false;
         }
     } else {
         $canAdd = $user->authorize('com_content', 'add', 'content', 'all');
         if (!$canAdd) {
             return false;
         }
     }
     return true;
 }
	/**
	 * Check in a record
	 *
	 * @since	1.5
	 */
	static function checkin($tbl, $redirect_url, & $controller)
	{
		$cid  = JRequest::getVar( 'cid', array(0), 'post', 'array' );
		$pk   = (int)$cid[0];
		$user = JFactory::getUser();
		$controller->setRedirect( $redirect_url, '' );

		static $canCheckinRecords = null;
		if ($canCheckinRecords === null) {
			if (FLEXI_J16GE) {
				$canCheckinRecords = $user->authorise('core.admin', 'checkin');
			} else if (FLEXI_ACCESS) {
				$canCheckinRecords = ($user->gid < 25) ? FAccess::checkComponentAccess('com_checkin', 'manage', 'users', $user->gmid) : 1;
			} else {
				// Only admin or super admin can check-in
				$canCheckinRecords = $user->gid >= 24;
			}
		}

		// Only attempt to check the row in if it exists.
		if ($pk)
		{
			// Get an instance of the row to checkin.
			$table = JTable::getInstance($tbl, '');
			if (!$table->load($pk))
			{
				$controller->setError($table->getError());
				return;// false;
			}

			// Record check-in is allowed if either (a) current user has Global Checkin privilege OR (b) record checked out by current user
			if ($table->checked_out) {
				if ( !$canCheckinRecords && $table->checked_out != $user->id) {
					$controller->setError(JText::_( 'FLEXI_RECORD_CHECKED_OUT_DIFF_USER'));
					return;// false;
				}
			}

			// Attempt to check the row in.
			if (!$table->checkin($pk))
			{
				$controller->setError($table->getError());
				return;// false;
			}
		}

		$controller->setRedirect( $redirect_url, JText::sprintf('FLEXI_RECORD_CHECKED_IN_SUCCESSFULLY', 1) );
		return;// true;
	}
    /**
     * Method to select new state for many items
     * 
     * @since 1.5
     */
    function selectstate()
    {
        $user = JFactory::getUser();
        // General permission since we do not have a specific item yet
        if (FLEXI_J16GE) {
            $permission = FlexicontentHelperPerm::getPerm();
            $auth_publish = $permission->CanPublish || $permission->CanPublishOwn;
            $auth_delete = $permission->CanDelete || $permission->CanDeleteOwn;
            $auth_archive = $permission->CanArchives;
        } else {
            if (FLEXI_ACCESS) {
                $auth_publish = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'publish', 'users', $user->gmid) || FAccess::checkComponentAccess('com_content', 'publishown', 'users', $user->gmid) : 1;
                $auth_delete = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'delete', 'users', $user->gmid) || FAccess::checkComponentAccess('com_content', 'deleteown', 'users', $user->gmid) : 1;
                $auth_archive = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'archives', 'users', $user->gmid) : 1;
            } else {
                $auth_publish = $user->authorize('com_content', 'publish', 'content', 'all');
                $auth_delete = $user->gid >= 23;
                // is at least manager
                $auth_archive = $user->gid >= 23;
                // is at least manager
            }
        }
        if ($auth_publish || $auth_archive || $auth_delete) {
            //header('Content-type: application/json');
            @ob_end_clean();
            header('Content-type: text/html; charset=utf-8');
            header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
            header("Cache-Control: no-cache");
            header("Pragma: no-cache");
            if (FLEXI_J30GE) {
                $fc_css = JURI::base(true) . '/components/com_flexicontent/assets/css/j3x.css';
            } else {
                if (FLEXI_J16GE) {
                    $fc_css = JURI::base(true) . '/components/com_flexicontent/assets/css/j25.css';
                }
            }
            echo '
			<link rel="stylesheet" href="' . JURI::base(true) . '/components/com_flexicontent/assets/css/flexicontentbackend.css" />
			<link rel="stylesheet" href="' . $fc_css . '" />
			<link rel="stylesheet" href="' . JURI::root(true) . '/media/jui/css/bootstrap.min.css" />
			';
            ?>
	<div id="flexicontent" class="flexicontent">

			<?php 
            $btn_class = FLEXI_J30GE ? ' btn btn-small' : ' fc_button fcsimple fcsmall';
            if ($auth_publish) {
                $state['P'] = array('name' => 'FLEXI_PUBLISHED', 'desc' => 'FLEXI_PUBLISHED_DESC', 'icon' => 'tick.png', 'btn_class' => 'btn-success');
                $state['IP'] = array('name' => 'FLEXI_IN_PROGRESS', 'desc' => 'FLEXI_NOT_FINISHED_YET', 'icon' => 'publish_g.png', 'btn_class' => 'btn-success', 'clear' => true);
                $state['U'] = array('name' => 'FLEXI_UNPUBLISHED', 'desc' => 'FLEXI_UNPUBLISHED_DESC', 'icon' => 'publish_x.png', 'btn_class' => 'btn-warning');
                $state['PE'] = array('name' => 'FLEXI_PENDING', 'desc' => 'FLEXI_NEED_TO_BE_APPROVED', 'icon' => 'publish_r.png', 'btn_class' => 'btn-warning');
                $state['OQ'] = array('name' => 'FLEXI_TO_WRITE', 'desc' => 'FLEXI_TO_WRITE_DESC', 'icon' => 'publish_y.png', 'btn_class' => 'btn-warning', 'clear' => true);
            }
            if ($auth_archive) {
                $state['A'] = array('name' => 'FLEXI_ARCHIVED', 'desc' => 'FLEXI_ARCHIVED_STATE', 'icon' => 'archive.png', 'btn_class' => 'btn-info');
            }
            if ($auth_delete) {
                $state['T'] = array('name' => 'FLEXI_TRASHED', 'desc' => 'FLEXI_TRASHED_TO_BE_DELETED', 'icon' => 'trash.png', 'btn_class' => 'btn-danger');
            }
            echo "<b>" . JText::_('FLEXI_SELECT_STATE') . ":</b><br /><br />";
            ?>
			
		<?php 
            foreach ($state as $shortname => $statedata) {
                $css = "width:216px; margin:0px 24px 12px 0px;";
                $link = JURI::base(true) . "/index.php?option=com_flexicontent&task=items.changestate&newstate=" . $shortname . "&" . (FLEXI_J30GE ? JSession::getFormToken() : JUtility::getToken()) . "=1";
                $icon = "../components/com_flexicontent/assets/images/" . $statedata['icon'];
                ?>
			<span class="fc-filter nowrap_box">
				<?php 
                /*<img src="<?php echo $icon; ?>" style="margin:4px 0 0 0; border-width:0px; vertical-align:top;" alt="<?php echo JText::_( $statedata['desc'] ); ?>" /> &nbsp;*/
                ?>
				<span style="<?php 
                echo $css;
                ?>
" class="<?php 
                echo $btn_class . ' ' . $statedata['btn_class'];
                ?>
"
					onclick="window.parent.document.adminForm.newstate.value='<?php 
                echo $shortname;
                ?>
'; window.parent.document.adminForm.boxchecked.value==0  ?  alert('<?php 
                echo JText::_('FLEXI_NO_ITEMS_SELECTED');
                ?>
')  :  window.parent.Joomla.submitbutton('items.changestate')"
				>
					<?php 
                echo JText::_($statedata['name']);
                ?>
				</span>
			</span>
		<?php 
                if (isset($statedata['clear'])) {
                    echo '<div class="fcclear"></div>';
                }
            }
            ?>
	</div>
		<?php 
            exit;
        }
    }
Beispiel #10
0
    /**
     * Method to select new state for many items
     * 
     * @since 1.5
     */
    function selectstate()
    {
        $user = JFactory::getUser();
        // General permission since we do not have a specific item yet
        if (FLEXI_J16GE) {
            $permission = FlexicontentHelperPerm::getPerm();
            $auth_publish = $permission->CanPublish || $permission->CanPublishOwn;
            $auth_delete = $permission->CanDelete || $permission->CanDeleteOwn;
            $auth_archive = $permission->CanArchives;
        } else {
            if (FLEXI_ACCESS) {
                $auth_publish = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'publish', 'users', $user->gmid) || FAccess::checkComponentAccess('com_content', 'publishown', 'users', $user->gmid) : 1;
                $auth_delete = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'delete', 'users', $user->gmid) || FAccess::checkComponentAccess('com_content', 'deleteown', 'users', $user->gmid) : 1;
                $auth_archive = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'archives', 'users', $user->gmid) : 1;
            } else {
                $auth_publish = $user->authorize('com_content', 'publish', 'content', 'all');
                $auth_delete = $user->gid >= 23;
                // is at least manager
                $auth_archive = $user->gid >= 23;
                // is at least manager
            }
        }
        if ($auth_publish || $auth_archive || $auth_delete) {
            //header('Content-type: application/json');
            @ob_end_clean();
            header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
            header("Cache-Control: no-cache");
            header("Pragma: no-cache");
            echo '<link rel="stylesheet" href="' . JURI::base() . 'components/com_flexicontent/assets/css/flexicontentbackend.css" />';
            if (FLEXI_J30GE) {
                $fc_css = JURI::base() . 'components/com_flexicontent/assets/css/j3x.css';
            } else {
                if (FLEXI_J16GE) {
                    $fc_css = JURI::base() . 'components/com_flexicontent/assets/css/j25.css';
                } else {
                    $fc_css = JURI::base() . 'components/com_flexicontent/assets/css/j15.css';
                }
            }
            echo '<link rel="stylesheet" href="' . $fc_css . '" />';
            if ($auth_publish) {
                $state['P'] = array('name' => 'FLEXI_PUBLISHED', 'desc' => 'FLEXI_PUBLISHED_DESC', 'icon' => 'tick.png', 'color' => 'darkgreen');
                $state['IP'] = array('name' => 'FLEXI_IN_PROGRESS', 'desc' => 'FLEXI_NOT_FINISHED_YET', 'icon' => 'publish_g.png', 'color' => 'darkgreen', 'clear' => true);
                $state['U'] = array('name' => 'FLEXI_UNPUBLISHED', 'desc' => 'FLEXI_UNPUBLISHED_DESC', 'icon' => 'publish_x.png', 'color' => 'darkred');
                $state['PE'] = array('name' => 'FLEXI_PENDING', 'desc' => 'FLEXI_NEED_TO_BE_APPROVED', 'icon' => 'publish_r.png', 'color' => 'darkred');
                $state['OQ'] = array('name' => 'FLEXI_TO_WRITE', 'desc' => 'FLEXI_TO_WRITE_DESC', 'icon' => 'publish_y.png', 'color' => 'darkred', 'clear' => true);
            }
            if ($auth_archive) {
                $state['A'] = array('name' => 'FLEXI_ARCHIVED', 'desc' => 'FLEXI_ARCHIVED_STATE', 'icon' => 'archive.png', 'color' => 'gray');
            }
            if ($auth_delete) {
                $state['T'] = array('name' => 'FLEXI_TRASHED', 'desc' => 'FLEXI_TRASHED_TO_BE_DELETED', 'icon' => 'trash.png', 'color' => 'gray');
            }
            echo "<b>" . JText::_('FLEXI_SELECT_STATE') . ":</b><br /><br />";
            ?>
			
		<?php 
            foreach ($state as $shortname => $statedata) {
                $css = "width:28%; margin:0px 1% 12px 1%; padding:1%; color:" . $statedata['color'] . ";";
                $link = JURI::base(true) . "/index.php?option=com_flexicontent&task=items.changestate&newstate=" . $shortname . "&" . (FLEXI_J30GE ? JSession::getFormToken() : JUtility::getToken()) . "=1";
                $icon = "../components/com_flexicontent/assets/images/" . $statedata['icon'];
                ?>
				<a style="<?php 
                echo $css;
                ?>
" class="fc_button" href="javascript:;"
						onclick="
							window.parent.document.adminForm.newstate.value='<?php 
                echo $shortname;
                ?>
';
							if(window.parent.document.adminForm.boxchecked.value==0)
								alert('<?php 
                echo JText::_('FLEXI_NO_ITEMS_SELECTED');
                ?>
');
							else
		<?php 
                if (FLEXI_J16GE) {
                    ?>
								window.parent.Joomla.submitbutton('items.changestate')";
		<?php 
                } else {
                    ?>
								window.parent.submitbutton('changestate')";
		<?php 
                }
                ?>
						target="_parent">
					<img src="<?php 
                echo $icon;
                ?>
" width="16" height="16" border="0" alt="<?php 
                echo JText::_($statedata['desc']);
                ?>
" />
					<?php 
                echo JText::_($statedata['name']);
                ?>
				</a>
		<?php 
                if (isset($statedata['clear'])) {
                    echo "<div style='width:100%; float: left; clear both;'></div>";
                }
            }
            ?>
			
		<?php 
            exit;
        }
    }
Beispiel #11
0
 static function getUserPerms($user_id = null)
 {
     // handle jcomments integration
     if (JPluginHelper::isEnabled('system', 'jcomments')) {
         $Comments_Enabled = 1;
         $destpath = JPATH_SITE . DS . 'components' . DS . 'com_jcomments' . DS . 'plugins';
         $dest = $destpath . DS . 'com_flexicontent.plugin.php';
         $source = JPATH_SITE . DS . 'components' . DS . 'com_flexicontent' . DS . 'librairies' . DS . 'jcomments' . DS . 'com_flexicontent.plugin.php';
         jimport('joomla.filesystem.file');
         if (!JFile::exists($dest)) {
             if (!JFolder::exists($destpath)) {
                 if (!JFolder::create($destpath)) {
                     JError::raiseWarning(100, JText::_('FLEXIcontent: Unable to create jComments plugin folder'));
                 }
             }
             if (!JFile::copy($source, $dest)) {
                 JError::raiseWarning(100, JText::_('FLEXIcontent: Unable to copy jComments plugin'));
             } else {
                 $mainframe->enqueueMessage(JText::_('Copied FLEXIcontent jComments plugin'));
             }
         }
     } else {
         $Comments_Enabled = 0;
     }
     // Find permissions for given user id
     $user = $user_id ? JFactory::getUser($user_id) : JFactory::getUser();
     // no user id given, use current user)
     $permission = new stdClass();
     // !!! This is the Super User Privelege of GLOBAL Configuration		(==> (for J2.5) core.admin ACTION allowed on ROOT ASSET: 'root.1')
     $permission->SuperAdmin = $user->gid > 24;
     //!!! ALLOWs USERS to change component's CONFIGURATION						(==> (for J2.5) core.admin ACTION allowed on COMPONENT ASSET: e.g. 'com_flexicontent')
     $permission->CanConfig = $permission->SuperAdmin;
     // No FLEXI ACCESS ..
     if (!FLEXI_ACCESS) {
         $permission->CanManage = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->CanAdd = $user->authorize('com_content', 'add', 'content', 'all');
         // ($user->gid >= 19);  // At least J1.5 Author
         $permission->CanEdit = $user->authorize('com_content', 'edit', 'content', 'all');
         // ($user->gid >= 20);  // At least J1.5 Editor
         $permission->CanEditOwn = $user->authorize('com_content', 'edit', 'content', 'own');
         // ($user->gid >= 20);  // At least J1.5 Editor
         $permission->CanPublish = $user->authorize('com_content', 'publish', 'content', 'all');
         // ($user->gid >= 21);  // At least J1.5 Publisher
         $permission->CanPublishOwn = $user->authorize('com_content', 'publish', 'content', 'own');
         // ($user->gid >= 21);  // At least J1.5 Publisher
         $permission->CanDelete = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->CanDeleteOwn = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->CanChangeCat = 1;
         // J1.5 lacks this
         $permission->CanChangeSecCat = 1;
         // J1.5 lacks this
         $permission->CanChangeFeatCat = 1;
         // J1.5 lacks this
         $permission->CanRights = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->CanAccLvl = $user->gid >= 20;
         // At least J1.5 Editor
         // ITEMS: component controlled permissions
         $permission->DisplayAllItems = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->CanCopy = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->CanOrder = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->CanParams = $user->gid >= 19;
         // At least J1.5 Author
         $permission->CanVersion = $user->gid >= 19;
         // At least J1.5 Author
         $permission->AssocAnyTrans = $user->gid >= 19;
         // At least J1.5 Author
         //$permission->EditCreationDate	= ($user->gid >= 23);  // At least J1.5 Manager
         $permission->IgnoreViewState = $user->gid >= 20;
         // At least J1.5 Editor
         $permission->RequestApproval = $user->gid >= 20;
         // At least J1.5 Editor
         // CATEGORIES: management tab and usage
         $permission->CanCats = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->ViewAllCats = 1;
         $permission->ViewTree = 1;
         $permission->MultiCat = $user->gid >= 19;
         // At least J1.5 Author
         $permission->CanAddCats = $user->gid >= 23;
         // At least J1.5 Manager
         // TAGS: management tab and usage
         $permission->CanTags = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->CanUseTags = $user->gid >= 19;
         // At least J1.5 Author
         $permission->CanNewTags = $user->gid >= 19;
         // At least J1.5 Author
         // VARIOUS management TABS: types, archives, statistics, templates, tags
         $permission->CanTypes = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->CanArchives = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->CanTemplates = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->CanStats = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->CanImport = $user->gid >= 23;
         // At least J1.5 Manager
         // FIELDS: management tab
         $permission->CanFields = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->CanCopyFields = $user->gid >= 24;
         // At least J1.5 Administrator
         $permission->CanOrderFields = $user->gid >= 24;
         // At least J1.5 Administrator
         $permission->CanAddField = $user->gid >= 24;
         // At least J1.5 Administrator
         $permission->CanEditField = $user->gid >= 24;
         // At least J1.5 Administrator
         $permission->CanDeleteField = $user->gid >= 24;
         // At least J1.5 Administrator
         $permission->CanPublishField = $user->gid >= 24;
         // At least J1.5 Administrator
         // FILES: management tab
         $permission->CanFiles = $user->gid >= 19;
         // At least J1.5 Author
         $permission->CanUpload = $user->gid >= 19;
         // At least J1.5 Author
         $permission->CanViewAllFiles = $user->gid >= 23;
         // At least J1.5 Manager
         // AUTHORS: management tab
         $permission->CanAuthors = $user->gid >= 24;
         // At least J1.5 Administrator
         $permission->CanGroups = 0;
         //FLEXI_J16GE ? $permission->CanAuthors : 0;
         // SEARCH INDEX: management tab
         $permission->CanIndex = $user->gid >= 23;
         // At least J1.5 Manager
         // OTHER components permissions
         $permission->CanPlugins = $user->gid >= 24;
         // At least J1.5 Administrator
         $permission->CanComments = $user->gid >= 23;
         // At least J1.5 Manager
         $permission->CanComments = $permission->CanComments && $Comments_Enabled;
         // Global parameter to force always displaying of categories as tree
         if (JComponentHelper::getParams('com_flexicontent')->get('cats_always_astree', 1)) {
             $permission->ViewTree = 1;
         }
         return $permission;
     }
     //!!! ALLOWs USERS in JOOMLA BACKEND : (not used in J1.5)
     //   (a) to view the FLEXIcontent menu item in Components Menu and
     //   (b) to access the FLEXIcontent component screens (whatever they are allowed to see by individual FLEXIcontent area permissions)
     //       NOTE: the initially installed permissions allows all areas to be managed for J2.5 and none (except for items) for J1.5
     $permission->CanManage = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'manage', 'users', $user->gmid) : 1;
     // ITEMS/CATEGORIES: category-inherited permissions, (NOTE: these are the global settings, so:)
     // *** 1. the action permissions of individual items are checked seperately per item
     // *** 2. the view permission is checked via the access level of each item
     $permission->CanAdd = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'submit', 'users', $user->gmid) || FAccess::checkAllContentAccess('com_content', 'add', 'users', $user->gmid, 'content', 'all') : 1;
     $permission->CanEdit = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'edit', 'users', $user->gmid) : 1;
     $permission->CanEditOwn = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'editown', 'users', $user->gmid) : 1;
     $permission->CanPublish = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'publish', 'users', $user->gmid) : 1;
     $permission->CanPublishOwn = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'publishown', 'users', $user->gmid) : 1;
     $permission->CanDelete = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'delete', 'users', $user->gmid) : 1;
     $permission->CanDeleteOwn = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'deleteown', 'users', $user->gmid) : 1;
     $permission->CanChangeCat = 1;
     $permission->CanChangeSecCat = 1;
     $permission->CanChangeFeatCat = 1;
     // Permission for changing the ACL rules of items and categories that user can edit
     // Given to users that FLEXIaccess configuration
     $permission->CanRights = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexiaccess', 'manage', 'users', $user->gmid) : 1;
     // Permission for changing the access level of items and categories that user can edit
     // (a) In J1.5 with FLEXIaccess, this is given to those that can edit the FLEXIaccess configuration
     // (b) In J1.5 without FLEXIaccess, this is given to users being at least an Editor
     // (c) In J2.5, this is the FLEXIcontent component ACTION 'accesslevel'
     $permission->CanAccLvl = $permission->CanRights;
     // ITEMS: component controlled permissions
     $permission->DisplayAllItems = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'displayallitems', 'users', $user->gmid) : 1;
     // (backend) List all items (otherwise only items that can be edited)
     $permission->CanCopy = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'copyitems', 'users', $user->gmid) : 1;
     // (backend) Item Copy Task
     $permission->CanOrder = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'order', 'users', $user->gmid) : 1;
     // (backend) Reorder items inside the category
     $permission->CanParams = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'paramsitems', 'users', $user->gmid) : 1;
     // (backend) Edit item parameters like meta data and template parameters
     $permission->CanVersion = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'versioning', 'users', $user->gmid) : 1;
     // (backend) Use item versioning
     $permission->AssocAnyTrans = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'assocanytrans', 'users', $user->gmid) : 1;
     // (item edit form) associate any translation
     //$permission->EditCreationDate	= ($user->gid < 25) ? FAccess::checkComponentAccess('com_flexicontent', 'editcreationdate', 'users', $user->gmid) : 1; // (item edit form) edit creation date (frontend)
     $permission->IgnoreViewState = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'ignoreviewstate', 'users', $user->gmid) : 1;
     // (Frontend Content Lists) ignore view state
     $permission->RequestApproval = $user->gid >= 20;
     // At least J1.5 Editor
     // CATEGORIES: management tab and usage
     $permission->CanCats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'categories', 'users', $user->gmid) : 1;
     // (backend) Allow management of Categories
     $permission->ViewAllCats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'usercats', 'users', $user->gmid) : 1;
     // (e.g. item edit form) view the categories which user cannot assign to items
     $permission->ViewTree = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'cattree', 'users', $user->gmid) : 1;
     // (e.g. item edit form) view categories as tree instead of flat list
     $permission->MultiCat = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'multicat', 'users', $user->gmid) : 1;
     // (e.g. item edit form) allow user to assign each item to multiple categories
     $permission->CanAddCats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'addcats', 'users', $user->gmid) : 1;
     // add new Categories
     // TAGS: management tab and usage
     $permission->CanTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'tags', 'users', $user->gmid) : 1;
     // (backend) Allow management of Item Types
     $permission->CanUseTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'usetags', 'users', $user->gmid) : 1;
     // edit already assigned Tags of items
     $permission->CanNewTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'newtags', 'users', $user->gmid) : 1;
     // add new Tags to items
     // VARIOUS management TABS: types, archives, statistics, templates, tags
     $permission->CanTypes = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'types', 'users', $user->gmid) : 1;
     // (backend) Allow management of Item Types
     $permission->CanArchives = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'archives', 'users', $user->gmid) : 1;
     // (backend) Allow management of Archives
     $permission->CanTemplates = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'templates', 'users', $user->gmid) : 1;
     // (backend) Allow management of Templates
     $permission->CanStats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'stats', 'users', $user->gmid) : 1;
     // (backend) Allow management of Statistics
     $permission->CanImport = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'import', 'users', $user->gmid) : 1;
     // (backend) Allow management of (Content) Import
     // FIELDS: management tab
     $permission->CanFields = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'fields', 'users', $user->gmid) : 1;
     // (backend) Allow management of Fields
     $permission->CanCopyFields = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'copyfields', 'users', $user->gmid) : 1;
     // (backend) Field Copy Task
     $permission->CanOrderFields = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'orderfields', 'users', $user->gmid) : 1;
     // (backend) Reorder fields inside each item type
     $permission->CanAddField = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'createfield', 'users', $user->gmid) : 1;
     // (backend) Create fields
     $permission->CanEditField = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'editfield', 'users', $user->gmid) : 1;
     // (backend) Edit fields
     $permission->CanDeleteField = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'deletefield', 'users', $user->gmid) : 1;
     // (backend) Delete fields
     $permission->CanPublishField = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'publishfield', 'users', $user->gmid) : 1;
     // (backend) Publish fields
     // FILES: management tab
     $permission->CanFiles = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'files', 'users', $user->gmid) : 1;
     $permission->CanUpload = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'uploadfiles', 'users', $user->gmid) : 1;
     // allow user to upload Files
     $permission->CanViewAllFiles = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'viewallfiles', 'users', $user->gmid) : 1;
     // allow user to view all Files
     // AUTHORS: management tab
     $permission->CanAuthors = $user->gid < 25 ? FAccess::checkComponentAccess('com_users', 'manage', 'users', $user->gmid) : 1;
     $permission->CanGroups = 0;
     //FLEXI_J16GE ? $permission->CanAuthors : 0;
     // SEARCH INDEX: management tab
     $permission->CanIndex = $permission->CanFields && ($permission->CanAddField || $permission->CanEditField);
     // OTHER components permissions
     $permission->CanPlugins = $user->gid < 25 ? FAccess::checkComponentAccess('com_plugins', 'manage', 'users', $user->gmid) : 1;
     $permission->CanComments = $user->gid < 25 ? FAccess::checkComponentAccess('com_jcomments', 'manage', 'users', $user->gmid) : 1;
     $permission->CanComments = $permission->CanComments && $Comments_Enabled;
     // Global parameter to force always displaying of categories as tree
     if (JComponentHelper::getParams('com_flexicontent')->get('cats_always_astree', 1)) {
         $permission->ViewTree = 1;
     }
     return $permission;
 }
Beispiel #12
0
	/**
	 * Method to fetch the tags form
	 * 
	 * @since 1.5
	 */
	function viewtags() {
		// Check for request forgeries
		JRequest::checkToken('request') or jexit( 'Invalid Token' );

		$user = JFactory::getUser();
		if (FLEXI_J16GE) {
			$CanUseTags = FlexicontentHelperPerm::getPerm()->CanUseTags;
		} else if (FLEXI_ACCESS) {
			$CanUseTags = ($user->gid < 25) ? FAccess::checkComponentAccess('com_flexicontent', 'usetags', 'users', $user->gmid) : 1;
		} else {
			$CanUseTags = 1;
		}

		if($CanUseTags) {
			//header('Content-type: application/json');
			@ob_end_clean();
			header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
			header("Cache-Control: no-cache");
			header("Pragma: no-cache");
			//header("Content-type:text/json");
			$model 		=  $this->getModel(FLEXI_ITEMVIEW);
			$tagobjs 	=  $model->gettags(JRequest::getVar('q'));
			$array = array();
			echo "[";
			foreach($tagobjs as $tag) {
				$array[] = "{\"id\":\"".$tag->id."\",\"name\":\"".$tag->name."\"}";
			}
			echo implode(",", $array);
			echo "]";
			jexit();
		}
	}