Beispiel #1
 function save($front = false)
     $mainframe = JFactory::getApplication();
     require_once JPATH_COMPONENT_ADMINISTRATOR . DS . 'lib' . DS . 'class.upload.php';
     $db = JFactory::getDBO();
     $user = JFactory::getUser();
     $row = JTable::getInstance('K2Item', 'Table');
     $params = JComponentHelper::getParams('com_k2');
     $nullDate = $db->getNullDate();
     if (!$row->bind(JRequest::get('post'))) {
         $mainframe->enqueueMessage($row->getError(), 'error');
     if ($front && $row->id == NULL) {
         JLoader::register('K2HelperPermissions', JPATH_SITE . DS . 'components' . DS . 'com_k2' . DS . 'helpers' . DS . 'permissions.php');
         if (!K2HelperPermissions::canAddItem($row->catid)) {
             $mainframe->enqueueMessage(JText::_('K2_YOU_ARE_NOT_ALLOWED_TO_POST_TO_THIS_CATEGORY_SAVE_FAILED'), 'error');
     $isNew = $row->id ? false : true;
     // If we are in front-end and the item is not new we need to get it's current published state.
     if (!$isNew && $front) {
         $id = JRequest::getInt('id');
         $currentRow = JTable::getInstance('K2Item', 'Table');
         $isAlreadyPublished = $currentRow->published;
         $currentFeaturedState = $currentRow->featured;
     if ($params->get('mergeEditors')) {
         $text = JRequest::getVar('text', '', 'post', 'string', 2);
         if ($params->get('xssFiltering')) {
             $filter = new JFilterInput(array(), array(), 1, 1, 0);
             $text = $filter->clean($text);
         $pattern = '#<hr\\s+id=("|\')system-readmore("|\')\\s*\\/*>#i';
         $tagPos = preg_match($pattern, $text);
         if ($tagPos == 0) {
             $row->introtext = $text;
             $row->fulltext = '';
         } else {
             list($row->introtext, $row->fulltext) = preg_split($pattern, $text, 2);
     } else {
         $row->introtext = JRequest::getVar('introtext', '', 'post', 'string', 2);
         $row->fulltext = JRequest::getVar('fulltext', '', 'post', 'string', 2);
         if ($params->get('xssFiltering')) {
             $filter = new JFilterInput(array(), array(), 1, 1, 0);
             $row->introtext = $filter->clean($row->introtext);
             $row->fulltext = $filter->clean($row->fulltext);
     if ($row->id) {
         $datenow = JFactory::getDate();
         $row->modified = K2_JVERSION == '15' ? $datenow->toMySQL() : $datenow->toSql();
         $row->modified_by = $user->get('id');
     } else {
         $row->ordering = $row->getNextOrder("catid = {$row->catid} AND trash = 0");
         if ($row->featured) {
             $row->featured_ordering = $row->getNextOrder("featured = 1 AND trash = 0", 'featured_ordering');
     $row->created_by = $row->created_by ? $row->created_by : $user->get('id');
     if ($front) {
         $K2Permissions = K2Permissions::getInstance();
         if (!$K2Permissions->permissions->get('editAll')) {
             $row->created_by = $user->get('id');
     if ($row->created && strlen(trim($row->created)) <= 10) {
         $row->created .= ' 00:00:00';
     $config = JFactory::getConfig();
     $tzoffset = K2_JVERSION == '30' ? $config->get('offset') : $config->getValue('config.offset');
     $date = JFactory::getDate($row->created, $tzoffset);
     $row->created = K2_JVERSION == '15' ? $date->toMySQL() : $date->toSql();
     if (strlen(trim($row->publish_up)) <= 10) {
         $row->publish_up .= ' 00:00:00';
     $date = JFactory::getDate($row->publish_up, $tzoffset);
     $row->publish_up = K2_JVERSION == '15' ? $date->toMySQL() : $date->toSql();
     if (trim($row->publish_down) == JText::_('K2_NEVER') || trim($row->publish_down) == '') {
         $row->publish_down = $nullDate;
     } else {
         if (strlen(trim($row->publish_down)) <= 10) {
             $row->publish_down .= ' 00:00:00';
         $date = JFactory::getDate($row->publish_down, $tzoffset);
         $row->publish_down = K2_JVERSION == '15' ? $date->toMySQL() : $date->toSql();
     $metadata = JRequest::getVar('meta', null, 'post', 'array');
     if (is_array($metadata)) {
         $txt = array();
         foreach ($metadata as $k => $v) {
             if ($k == 'description') {
                 $row->metadesc = $v;
             } elseif ($k == 'keywords') {
                 $row->metakey = $v;
             } else {
                 $txt[] = "{$k}={$v}";
         $row->metadata = implode("\n", $txt);
     if (!$row->check()) {
         $mainframe->enqueueMessage($row->getError(), 'error');
         $mainframe->redirect('index.php?option=com_k2&view=item&cid=' . $row->id);
     $dispatcher = JDispatcher::getInstance();
     $result = $dispatcher->trigger('onBeforeK2Save', array(&$row, $isNew));
     if (in_array(false, $result, true)) {
         JError::raiseError(500, $row->getError());
         return false;
     //Trigger the finder before save event
     $dispatcher = JDispatcher::getInstance();
     $results = $dispatcher->trigger('onFinderBeforeSave', array('com_k2.item', $row, $isNew));
     // Try to save the video if there is no need to wait for item ID
     if (!JRequest::getBool('del_video')) {
         if (!isset($files['video'])) {
             if (JRequest::getVar('remoteVideo')) {
                 $fileurl = JRequest::getVar('remoteVideo');
                 $filetype = JFile::getExt($fileurl);
                 $row->video = '{' . $filetype . 'remote}' . $fileurl . '{/' . $filetype . 'remote}';
             if (JRequest::getVar('videoID')) {
                 $provider = JRequest::getWord('videoProvider');
                 $videoID = JRequest::getVar('videoID');
                 $row->video = '{' . $provider . '}' . $videoID . '{/' . $provider . '}';
             if (JRequest::getVar('embedVideo', '', 'post', 'string', JREQUEST_ALLOWRAW)) {
                 $row->video = JRequest::getVar('embedVideo', '', 'post', 'string', JREQUEST_ALLOWRAW);
     // JoomFish! Front-end editing compatibility
     if ($mainframe->isSite() && JFile::exists(JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_joomfish' . DS . 'joomfish.php')) {
         if (version_compare(phpversion(), '5.0') < 0) {
             $tmpRow = $row;
         } else {
             $tmpRow = clone $row;
     if (!$row->store()) {
         $mainframe->enqueueMessage($row->getError(), 'error');
     // JoomFish! Front-end editing compatibility
     if ($mainframe->isSite() && JFile::exists(JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_joomfish' . DS . 'joomfish.php')) {
         $itemID = $row->id;
         $row = $tmpRow;
         $row->id = $itemID;
     if (!$params->get('disableCompactOrdering')) {
         $row->reorder("catid = {$row->catid} AND trash = 0");
     if ($row->featured && !$params->get('disableCompactOrdering')) {
         $row->reorder("featured = 1 AND trash = 0", 'featured_ordering');
     $files = JRequest::get('files');
     if ((int) $params->get('imageMemoryLimit')) {
         ini_set('memory_limit', (int) $params->get('imageMemoryLimit') . 'M');
     $existingImage = JRequest::getVar('existingImage');
     if (($files['image']['error'] === 0 || $existingImage) && !JRequest::getBool('del_image')) {
         if ($files['image']['error'] === 0) {
             $image = $files['image'];
         } else {
             $image = JPATH_SITE . DS . JPath::clean($existingImage);
         $handle = new Upload($image);
         $handle->allowed = array('image/*');
         if ($handle->uploaded) {
             //Image params
             $category = JTable::getInstance('K2Category', 'Table');
             $cparams = class_exists('JParameter') ? new JParameter($category->params) : new JRegistry($category->params);
             if ($cparams->get('inheritFrom')) {
                 $masterCategoryID = $cparams->get('inheritFrom');
                 $query = "SELECT * FROM #__k2_categories WHERE id=" . (int) $masterCategoryID;
                 $db->setQuery($query, 0, 1);
                 $masterCategory = $db->loadObject();
                 $cparams = class_exists('JParameter') ? new JParameter($masterCategory->params) : new JRegistry($masterCategory->params);
             //Original image
             $savepath = JPATH_SITE . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src';
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = 100;
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = md5("Image" . $row->id);
             $filename = $handle->file_dst_name_body;
             $savepath = JPATH_SITE . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache';
             //XLarge image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_XL';
             if (JRequest::getInt('itemImageXL')) {
                 $imageWidth = JRequest::getInt('itemImageXL');
             } else {
                 $imageWidth = $params->get('itemImageXL', '800');
             $handle->image_x = $imageWidth;
             //Large image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_L';
             if (JRequest::getInt('itemImageL')) {
                 $imageWidth = JRequest::getInt('itemImageL');
             } else {
                 $imageWidth = $params->get('itemImageL', '600');
             $handle->image_x = $imageWidth;
             //Medium image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_M';
             if (JRequest::getInt('itemImageM')) {
                 $imageWidth = JRequest::getInt('itemImageM');
             } else {
                 $imageWidth = $params->get('itemImageM', '400');
             $handle->image_x = $imageWidth;
             //Small image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_S';
             if (JRequest::getInt('itemImageS')) {
                 $imageWidth = JRequest::getInt('itemImageS');
             } else {
                 $imageWidth = $params->get('itemImageS', '200');
             $handle->image_x = $imageWidth;
             //XSmall image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_XS';
             if (JRequest::getInt('itemImageXS')) {
                 $imageWidth = JRequest::getInt('itemImageXS');
             } else {
                 $imageWidth = $params->get('itemImageXS', '100');
             $handle->image_x = $imageWidth;
             //Generic image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_Generic';
             $imageWidth = $params->get('itemImageGeneric', '300');
             $handle->image_x = $imageWidth;
             if ($files['image']['error'] === 0) {
         } else {
             $mainframe->enqueueMessage($handle->error, 'error');
     if (JRequest::getBool('del_image')) {
         $current = JTable::getInstance('K2Item', 'Table');
         $filename = md5("Image" . $current->id);
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src' . DS . $filename . '.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src' . DS . $filename . '.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XS.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XS.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_S.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_S.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_M.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_M.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_L.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_L.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XL.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XL.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_Generic.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_Generic.jpg');
         $row->image_caption = '';
         $row->image_credits = '';
     $attachments = JRequest::getVar('attachment_file', NULL, 'FILES', 'array');
     $attachments_names = JRequest::getVar('attachment_name', '', 'POST', 'array');
     $attachments_titles = JRequest::getVar('attachment_title', '', 'POST', 'array');
     $attachments_title_attributes = JRequest::getVar('attachment_title_attribute', '', 'POST', 'array');
     $attachments_existing_files = JRequest::getVar('attachment_existing_file', '', 'POST', 'array');
     $attachmentFiles = array();
     if (count($attachments)) {
         foreach ($attachments as $k => $l) {
             foreach ($l as $i => $v) {
                 if (!array_key_exists($i, $attachmentFiles)) {
                     $attachmentFiles[$i] = array();
                 $attachmentFiles[$i][$k] = $v;
         $path = $params->get('attachmentsFolder', NULL);
         if (is_null($path)) {
             $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'attachments';
         } else {
             $savepath = $path;
         $counter = 0;
         foreach ($attachmentFiles as $key => $file) {
             if ($file["tmp_name"] || $attachments_existing_files[$key]) {
                 if ($attachments_existing_files[$key]) {
                     $src = JPATH_SITE . DS . JPath::clean($attachments_existing_files[$key]);
                     $copyName = basename($src);
                     $dest = $savepath . DS . $copyName;
                     if (JFile::exists($dest)) {
                         $existingFileName = JFile::getName($dest);
                         $ext = JFile::getExt($existingFileName);
                         $basename = JFile::stripExt($existingFileName);
                         $newFilename = $basename . '_' . time() . '.' . $ext;
                         $copyName = $newFilename;
                         $dest = $savepath . DS . $newFilename;
                     JFile::copy($src, $dest);
                     $attachment = JTable::getInstance('K2Attachment', 'Table');
                     $attachment->itemID = $row->id;
                     $attachment->filename = $copyName;
                     $attachment->title = empty($attachments_titles[$counter]) ? $filename : $attachments_titles[$counter];
                     $attachment->titleAttribute = empty($attachments_title_attributes[$counter]) ? $filename : $attachments_title_attributes[$counter];
                 } else {
                     $handle = new Upload($file);
                     if ($handle->uploaded) {
                         $handle->file_auto_rename = true;
                         $handle->allowed[] = 'application/x-zip';
                         $handle->allowed[] = 'application/download';
                         $filename = $handle->file_dst_name;
                         $attachment = JTable::getInstance('K2Attachment', 'Table');
                         $attachment->itemID = $row->id;
                         $attachment->filename = $filename;
                         $attachment->title = empty($attachments_titles[$counter]) ? $filename : $attachments_titles[$counter];
                         $attachment->titleAttribute = empty($attachments_title_attributes[$counter]) ? $filename : $attachments_title_attributes[$counter];
                     } else {
                         $mainframe->enqueueMessage($handle->error, 'error');
     $flickrGallery = JRequest::getVar('flickrGallery');
     if ($flickrGallery) {
         $row->gallery = '{gallery}' . $flickrGallery . '{/gallery}';
     if (isset($files['gallery']) && $files['gallery']['error'] == 0 && !JRequest::getBool('del_gallery')) {
         $handle = new Upload($files['gallery']);
         $handle->file_auto_rename = true;
         $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries';
         $handle->allowed = array("application/download", "application/rar", "application/x-rar-compressed", "application/arj", "application/gnutar", "application/x-bzip", "application/x-bzip2", "application/x-compressed", "application/x-gzip", "application/x-zip-compressed", "application/zip", "multipart/x-zip", "multipart/x-gzip", "application/x-unknown", "application/x-zip");
         if ($handle->uploaded) {
             if (JFolder::exists($savepath . DS . $row->id)) {
                 JFolder::delete($savepath . DS . $row->id);
             if (!JArchive::extract($savepath . DS . $handle->file_dst_name, $savepath . DS . $row->id)) {
                 $mainframe->enqueueMessage(JText::_('K2_GALLERY_UPLOAD_ERROR_CANNOT_EXTRACT_ARCHIVE'), 'error');
             } else {
                 $row->gallery = '{gallery}' . $row->id . '{/gallery}';
             JFile::delete($savepath . DS . $handle->file_dst_name);
         } else {
             $mainframe->enqueueMessage($handle->error, 'error');
     if (JRequest::getBool('del_gallery')) {
         $current = JTable::getInstance('K2Item', 'Table');
         if (JFolder::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries' . DS . $current->id)) {
             JFolder::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries' . DS . $current->id);
         $row->gallery = '';
     if (!JRequest::getBool('del_video')) {
         if (isset($files['video']) && $files['video']['error'] == 0) {
             $videoExtensions = array("flv", "mp4", "ogv", "webm", "f4v", "m4v", "3gp", "3g2", "mov", "mpeg", "mpg", "avi", "wmv", "divx");
             $audioExtensions = array("mp3", "aac", "m4a", "ogg", "wma");
             $validExtensions = array_merge($videoExtensions, $audioExtensions);
             $filetype = JFile::getExt($files['video']['name']);
             if (!in_array($filetype, $validExtensions)) {
                 $mainframe->enqueueMessage(JText::_('K2_INVALID_VIDEO_FILE'), 'error');
             if (in_array($filetype, $videoExtensions)) {
                 $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos';
             } else {
                 $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'audio';
             $filename = JFile::stripExt($files['video']['name']);
             JFile::upload($files['video']['tmp_name'], $savepath . DS . $row->id . '.' . $filetype);
             $filetype = JFile::getExt($files['video']['name']);
             $row->video = '{' . $filetype . '}' . $row->id . '{/' . $filetype . '}';
     } else {
         $current = JTable::getInstance('K2Item', 'Table');
         preg_match_all("#^{(.*?)}(.*?){#", $current->video, $matches, PREG_PATTERN_ORDER);
         $videotype = $matches[1][0];
         $videofile = $matches[2][0];
         if (in_array($videotype, $videoExtensions)) {
             if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos' . DS . $videofile . '.' . $videotype)) {
                 JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos' . DS . $videofile . '.' . $videotype);
         if (in_array($videotype, $audioExtensions)) {
             if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'audio' . DS . $videofile . '.' . $videotype)) {
                 JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'audio' . DS . $videofile . '.' . $videotype);
         $row->video = '';
         $row->video_caption = '';
         $row->video_credits = '';
     //Extra fields
     $objects = array();
     $variables = JRequest::get('post', 2);
     foreach ($variables as $key => $value) {
         if ((bool) JString::stristr($key, 'K2ExtraField_')) {
             $object = new JObject();
             $object->set('id', JString::substr($key, 13));
             if (is_string($value)) {
                 $value = trim($value);
             $object->set('value', $value);
             $objects[] = $object;
     $csvFiles = JRequest::get('files');
     foreach ($csvFiles as $key => $file) {
         if ((bool) JString::stristr($key, 'K2ExtraField_')) {
             $object = new JObject();
             $object->set('id', JString::substr($key, 13));
             $csvFile = $file['tmp_name'][0];
             if (!empty($csvFile) && JFile::getExt($file['name'][0]) == 'csv') {
                 $handle = @fopen($csvFile, 'r');
                 $csvData = array();
                 while (($data = fgetcsv($handle, 1000)) !== FALSE) {
                     $csvData[] = $data;
                 $object->set('value', $csvData);
             } else {
                 require_once JPATH_COMPONENT_ADMINISTRATOR . DS . 'lib' . DS . 'JSON.php';
                 $json = new Services_JSON();
                 $object->set('value', $json->decode(JRequest::getVar('K2CSV_' . $object->id)));
                 if (JRequest::getBool('K2ResetCSV_' . $object->id)) {
                     $object->set('value', null);
             $objects[] = $object;
     require_once JPATH_COMPONENT_ADMINISTRATOR . DS . 'lib' . DS . 'JSON.php';
     $json = new Services_JSON();
     $row->extra_fields = $json->encode($objects);
     require_once JPATH_COMPONENT_ADMINISTRATOR . DS . 'models' . DS . 'extrafield.php';
     $extraFieldModel = K2Model::getInstance('ExtraField', 'K2Model');
     $row->extra_fields_search = '';
     foreach ($objects as $object) {
         $row->extra_fields_search .= $extraFieldModel->getSearchValue($object->id, $object->value);
         $row->extra_fields_search .= ' ';
     if ($user->gid < 24 && $params->get('lockTags')) {
         $params->set('taggingSystem', 0);
     $db = JFactory::getDBO();
     $query = "DELETE FROM #__k2_tags_xref WHERE itemID={intval({$row->id})}";
     if ($params->get('taggingSystem')) {
         if ($user->gid < 24 && $params->get('lockTags')) {
             JError::raiseError(403, JText::_('K2_ALERTNOTAUTH'));
         $tags = JRequest::getVar('tags', NULL, 'POST', 'array');
         if (count($tags)) {
             $tags = array_unique($tags);
             foreach ($tags as $tag) {
                 $tag = JString::trim($tag);
                 if ($tag) {
                     $tagID = false;
                     $K2Tag = JTable::getInstance('K2Tag', 'Table');
                     $K2Tag->name = $tag;
                     // Tag has been filtred and does not exist
                     if ($K2Tag->check()) {
                         $K2Tag->published = 1;
                         if ($K2Tag->store()) {
                             $tagID = $K2Tag->id;
                     } else {
                         if ($K2Tag->name) {
                             $query = "SELECT id FROM #__k2_tags WHERE name=" . $db->Quote($K2Tag->name);
                             $tagID = $db->loadResult();
                     if ($tagID) {
                         $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval({$tagID})}, {intval({$row->id})})";
     } else {
         $tags = JRequest::getVar('selectedTags', NULL, 'POST', 'array');
         if (count($tags)) {
             foreach ($tags as $tagID) {
                 $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval({$tagID})}, {intval({$row->id})})";
     // If we are in front-end check publishing permissions properly.
     if ($front) {
         // New items require the "Publish items" permission.
         if ($isNew && $row->published && !K2HelperPermissions::canPublishItem($row->catid)) {
             $row->published = 0;
             $mainframe->enqueueMessage(JText::_('K2_YOU_DONT_HAVE_THE_PERMISSION_TO_PUBLISH_ITEMS'), 'notice');
         // Existing items require either the "Publish items" or the "Allow editing of already published items" permission.
         if (!$isNew && $row->published) {
             $canEditPublished = $isAlreadyPublished && K2HelperPermissions::canEditPublished($row->catid);
             if (!K2HelperPermissions::canPublishItem($row->catid) && !$canEditPublished) {
                 $row->published = 0;
                 $mainframe->enqueueMessage(JText::_('K2_YOU_DONT_HAVE_THE_PERMISSION_TO_PUBLISH_ITEMS'), 'notice');
         // If user has cannot publish the item then also cannot make it featured
         if (!K2HelperPermissions::canPublishItem($row->catid)) {
             if ($isNew) {
                 $row->featured = 0;
             } else {
                 $row->featured = $currentFeaturedState;
     $query = "UPDATE #__k2_items SET \n        video_caption = " . $db->Quote($row->video_caption) . ", \n        video_credits = " . $db->Quote($row->video_credits) . ", ";
     if (!is_null($row->video)) {
         $query .= " video = " . $db->Quote($row->video) . ", ";
     if (!is_null($row->gallery)) {
         $query .= " gallery = " . $db->Quote($row->gallery) . ", ";
     $query .= " extra_fields = " . $db->Quote($row->extra_fields) . ", \n        extra_fields_search = " . $db->Quote($row->extra_fields_search) . " ,\n        published = " . $db->Quote($row->published) . " \n        WHERE id = " . $row->id;
     if (!$db->query()) {
         $mainframe->enqueueMessage($db->getErrorMsg(), 'error');
     $cache = JFactory::getCache('com_k2');
     $dispatcher->trigger('onAfterK2Save', array(&$row, $isNew));
     if (K2_JVERSION != '15') {
         $dispatcher->trigger('onContentAfterSave', array('com_k2.item', &$row, $isNew));
     } else {
         $dispatcher->trigger('onAfterContentSave', array(&$row, $isNew));
     //Trigger the finder after save event
     $dispatcher = JDispatcher::getInstance();
     $results = $dispatcher->trigger('onFinderAfterSave', array('com_k2.item', $row, $isNew));
     switch (JRequest::getCmd('task')) {
         case 'apply':
             $msg = JText::_('K2_CHANGES_TO_ITEM_SAVED');
             $link = 'index.php?option=com_k2&view=item&cid=' . $row->id;
         case 'saveAndNew':
             $msg = JText::_('K2_ITEM_SAVED');
             $link = 'index.php?option=com_k2&view=item';
         case 'save':
             $msg = JText::_('K2_ITEM_SAVED');
             if ($front) {
                 $link = 'index.php?option=com_k2&view=item&task=edit&cid=' . $row->id . '&tmpl=component&Itemid=' . JRequest::getInt('Itemid');
             } else {
                 $link = 'index.php?option=com_k2&view=items';
Beispiel #2
 function save($front = false)
     $mainframe =& JFactory::getApplication();
     require_once JPATH_COMPONENT_ADMINISTRATOR . DS . 'lib' . DS . 'class.upload.php';
     $db =& JFactory::getDBO();
     $user =& JFactory::getUser();
     $row =& JTable::getInstance('K2Item', 'Table');
     $params =& JComponentHelper::getParams('com_k2');
     $nullDate = $db->getNullDate();
     if (!$row->bind(JRequest::get('post'))) {
         $mainframe->redirect('index.php?option=com_k2&view=items', $row->getError(), 'error');
     if ($front && $row->id == NULL) {
         if (!$user->authorize('com_k2', 'add', 'category', $row->catid) && !$user->authorize('com_k2', 'add', 'category', 'all')) {
             $mainframe->redirect('index.php?option=com_k2&view=item&task=add&tmpl=component', JText::_('You are not allowed to post to this category. Save failed.'), 'error');
     $row->id ? $isNew = false : ($isNew = true);
     if ($params->get('mergeEditors')) {
         $text = JRequest::getVar('text', '', 'post', 'string', 2);
         if ($params->get('xssFiltering')) {
             $filter = new JFilterInput(array(), array(), 1, 1, 0);
             $text = $filter->clean($text);
         $pattern = '#<hr\\s+id=("|\')system-readmore("|\')\\s*\\/*>#i';
         $tagPos = preg_match($pattern, $text);
         if ($tagPos == 0) {
             $row->introtext = $text;
             $row->fulltext = '';
         } else {
             list($row->introtext, $row->fulltext) = preg_split($pattern, $text, 2);
     } else {
         $row->introtext = JRequest::getVar('introtext', '', 'post', 'string', 2);
         $row->fulltext = JRequest::getVar('fulltext', '', 'post', 'string', 2);
         if ($params->get('xssFiltering')) {
             $filter = new JFilterInput(array(), array(), 1, 1, 0);
             $row->introtext = $filter->clean($row->introtext);
             $row->fulltext = $filter->clean($row->fulltext);
     if ($row->id) {
         $datenow =& JFactory::getDate();
         $row->modified = $datenow->toMySQL();
         $row->modified_by = $user->get('id');
     } else {
         $row->ordering = $row->getNextOrder("catid = {$row->catid} AND trash = 0");
         if (JRequest::getInt('featured')) {
             $row->featured_ordering = $row->getNextOrder("featured = 1 AND trash = 0", 'featured_ordering');
     if ($front) {
         if (!$row->id) {
             $row->created_by = $user->get('id');
     } else {
         $row->created_by = $row->created_by ? $row->created_by : $user->get('id');
     if ($row->created && strlen(trim($row->created)) <= 10) {
         $row->created .= ' 00:00:00';
     $config =& JFactory::getConfig();
     $tzoffset = $config->getValue('config.offset');
     $date =& JFactory::getDate($row->created, $tzoffset);
     $row->created = $date->toMySQL();
     if (strlen(trim($row->publish_up)) <= 10) {
         $row->publish_up .= ' 00:00:00';
     $date =& JFactory::getDate($row->publish_up, $tzoffset);
     $row->publish_up = $date->toMySQL();
     if (trim($row->publish_down) == JText::_('Never') || trim($row->publish_down) == '') {
         $row->publish_down = $nullDate;
     } else {
         if (strlen(trim($row->publish_down)) <= 10) {
             $row->publish_down .= ' 00:00:00';
         $date =& JFactory::getDate($row->publish_down, $tzoffset);
         $row->publish_down = $date->toMySQL();
     $metadata = JRequest::getVar('meta', null, 'post', 'array');
     if (is_array($metadata)) {
         $txt = array();
         foreach ($metadata as $k => $v) {
             if ($k == 'description') {
                 $row->metadesc = $v;
             } elseif ($k == 'keywords') {
                 $row->metakey = $v;
             } else {
                 $txt[] = "{$k}={$v}";
         $row->metadata = implode("\n", $txt);
     $row->featured = JRequest::getInt('featured');
     if (!$row->check()) {
         $mainframe->redirect('index.php?option=com_k2&view=item&cid=' . $row->id, $row->getError(), 'error');
     $dispatcher =& JDispatcher::getInstance();
     $result = $dispatcher->trigger('onBeforeK2Save', array(&$row, $isNew));
     if (in_array(false, $result, true)) {
         JError::raiseError(500, $row->getError());
         return false;
     if (version_compare(phpversion(), '5.0') < 0) {
         $tmpRow = $row;
     } else {
         $tmpRow = clone $row;
     if (!$row->store()) {
         $mainframe->redirect('index.php?option=com_k2&view=items', $row->getError(), 'error');
     $itemID = $row->id;
     $row = $tmpRow;
     $row->id = $itemID;
     if (!$params->get('disableCompactOrdering')) {
         $row->reorder("catid = {$row->catid} AND trash = 0");
     if (JRequest::getInt('featured') && !$params->get('disableCompactOrdering')) {
         $row->reorder("featured = 1 AND trash = 0", 'featured_ordering');
     $files = JRequest::get('files');
     $existingImage = JRequest::getVar('existingImage');
     if (($files['image']['error'] === 0 || $existingImage) && !JRequest::getBool('del_image')) {
         if ($files['image']['error'] === 0) {
             $image = $files['image'];
         } else {
             $image = JPATH_SITE . DS . JPath::clean($existingImage);
         $handle = new Upload($image);
         $handle->allowed = array('image/*');
         if ($handle->uploaded) {
             //Image params
             $category =& JTable::getInstance('K2Category', 'Table');
             $cparams = new JParameter($category->params);
             if ($cparams->get('inheritFrom')) {
                 $masterCategoryID = $cparams->get('inheritFrom');
                 $query = "SELECT * FROM #__k2_categories WHERE id=" . (int) $masterCategoryID;
                 $db->setQuery($query, 0, 1);
                 $masterCategory = $db->loadObject();
                 $cparams = new JParameter($masterCategory->params);
             //Original image
             $savepath = JPATH_SITE . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src';
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = 100;
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = md5("Image" . $row->id);
             $filename = $handle->file_dst_name_body;
             $savepath = JPATH_SITE . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache';
             //XLarge image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_XL';
             if (JRequest::getInt('itemImageXL')) {
                 $imageWidth = JRequest::getInt('itemImageXL');
             } else {
                 $imageWidth = $params->get('itemImageXL', '800');
             $handle->image_x = $imageWidth;
             //Large image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_L';
             if (JRequest::getInt('itemImageL')) {
                 $imageWidth = JRequest::getInt('itemImageL');
             } else {
                 $imageWidth = $params->get('itemImageL', '600');
             $handle->image_x = $imageWidth;
             //Medium image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_M';
             if (JRequest::getInt('itemImageM')) {
                 $imageWidth = JRequest::getInt('itemImageM');
             } else {
                 $imageWidth = $params->get('itemImageM', '400');
             $handle->image_x = $imageWidth;
             //Small image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_S';
             if (JRequest::getInt('itemImageS')) {
                 $imageWidth = JRequest::getInt('itemImageS');
             } else {
                 $imageWidth = $params->get('itemImageS', '200');
             $handle->image_x = $imageWidth;
             //XSmall image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_XS';
             if (JRequest::getInt('itemImageXS')) {
                 $imageWidth = JRequest::getInt('itemImageXS');
             } else {
                 $imageWidth = $params->get('itemImageXS', '100');
             $handle->image_x = $imageWidth;
             //Generic image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_Generic';
             $imageWidth = $params->get('itemImageGeneric', '300');
             $handle->image_x = $imageWidth;
             if ($files['image']['error'] === 0) {
         } else {
             $mainframe->redirect('index.php?option=com_k2&view=items', $handle->error, 'error');
     if (JRequest::getBool('del_image')) {
         $current =& JTable::getInstance('K2Item', 'Table');
         $filename = md5("Image" . $current->id);
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src' . DS . $filename . '.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src' . DS . $filename . '.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XS.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XS.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_S.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_S.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_M.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_M.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_L.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_L.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XL.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XL.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_Generic.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_Generic.jpg');
         $row->image_caption = '';
         $row->image_credits = '';
     $attachments = JRequest::getVar('attachment_file', NULL, 'FILES', 'array');
     $attachments_names = JRequest::getVar('attachment_name', '', 'POST', 'array');
     $attachments_titles = JRequest::getVar('attachment_title', '', 'POST', 'array');
     $attachments_title_attributes = JRequest::getVar('attachment_title_attribute', '', 'POST', 'array');
     $attachmentFiles = array();
     if (count($attachments)) {
         foreach ($attachments as $k => $l) {
             foreach ($l as $i => $v) {
                 if (!array_key_exists($i, $attachmentFiles)) {
                     $attachmentFiles[$i] = array();
                 $attachmentFiles[$i][$k] = $v;
         $path = $params->get('attachmentsFolder', NULL);
         if (is_null($path)) {
             $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'attachments';
         } else {
             $savepath = $path;
         $counter = 0;
         foreach ($attachmentFiles as $file) {
             if ($file["tmp_name"]) {
                 $handle = new Upload($file);
                 if ($handle->uploaded) {
                     $handle->file_auto_rename = true;
                     $handle->allowed[] = 'application/x-zip';
                     $filename = $handle->file_dst_name;
                     $attachment =& JTable::getInstance('K2Attachment', 'Table');
                     $attachment->itemID = $row->id;
                     $attachment->filename = $filename;
                     $attachment->title = empty($attachments_titles[$counter]) ? $filename : $attachments_titles[$counter];
                     $attachment->titleAttribute = empty($attachments_title_attributes[$counter]) ? $filename : $attachments_title_attributes[$counter];
                 } else {
                     $mainframe->redirect('index.php?option=com_k2&view=items', $handle->error, 'error');
     if (isset($files['gallery']) && $files['gallery']['error'] == 0 && !JRequest::getBool('del_gallery')) {
         $handle = new Upload($files['gallery']);
         $handle->file_auto_rename = true;
         $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries';
         $handle->allowed = array("application/download", "application/rar", "application/x-rar-compressed", "application/arj", "application/gnutar", "application/x-bzip", "application/x-bzip2", "application/x-compressed", "application/x-gzip", "application/x-zip-compressed", "application/zip", "multipart/x-zip", "multipart/x-gzip", "application/x-unknown", "application/x-zip");
         if ($handle->uploaded) {
             if (JFolder::exists($savepath . DS . $row->id)) {
                 JFolder::delete($savepath . DS . $row->id);
             if (!JArchive::extract($savepath . DS . $handle->file_dst_name, $savepath . DS . $row->id)) {
                 $mainframe->redirect('index.php?option=com_k2&view=items', JText::_('Gallery upload error: Cannot extract archive!'), 'error');
             } else {
                 $row->gallery = '{gallery}' . $row->id . '{/gallery}';
             JFile::delete($savepath . DS . $handle->file_dst_name);
         } else {
             $mainframe->redirect('index.php?option=com_k2&view=items', $handle->error, 'error');
     if (JRequest::getBool('del_gallery')) {
         $current =& JTable::getInstance('K2Item', 'Table');
         if (JFolder::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries' . DS . $current->id)) {
             JFolder::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries' . DS . $current->id);
         $row->gallery = '';
     if (!JRequest::getBool('del_video')) {
         if (isset($files['video']) && $files['video']['error'] == 0) {
             $validExtensions = array('flv', 'swf', 'wmv', 'mov', 'mp4', '3gp', 'avi', 'divx');
             $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos';
             $filetype = JFile::getExt($files['video']['name']);
             if (!in_array($filetype, $validExtensions)) {
                 $mainframe->redirect('index.php?option=com_k2&view=items', JText::_('Invalid video file'), 'error');
             $filename = JFile::stripExt($files['video']['name']);
             JFile::upload($files['video']['tmp_name'], $savepath . DS . $row->id . '.' . $filetype);
             $filetype = JFile::getExt($files['video']['name']);
             $row->video = '{' . $filetype . '}' . $row->id . '{/' . $filetype . '}';
         } else {
             if (JRequest::getVar('remoteVideo')) {
                 $fileurl = JRequest::getVar('remoteVideo');
                 $filetype = JFile::getExt($fileurl);
                 $row->video = '{' . $filetype . 'remote}' . $fileurl . '{/' . $filetype . 'remote}';
             if (JRequest::getVar('videoID')) {
                 $provider = JRequest::getWord('videoProvider');
                 $videoID = JRequest::getVar('videoID');
                 $row->video = '{' . $provider . '}' . $videoID . '{/' . $provider . '}';
             if (JRequest::getVar('embedVideo', '', 'post', 'string', JREQUEST_ALLOWRAW)) {
                 $row->video = JRequest::getVar('embedVideo', '', 'post', 'string', JREQUEST_ALLOWRAW);
     } else {
         $current =& JTable::getInstance('K2Item', 'Table');
         preg_match_all("#^{(.*?)}(.*?){#", $current->video, $matches, PREG_PATTERN_ORDER);
         $videotype = $matches[1][0];
         $videofile = $matches[2][0];
         if ($videotype == 'flv' || $videotype == 'swf' || $videotype == 'wmv' || $videotype == 'mov' || $videotype == 'mp4' || $videotype == '3gp' || $videotype == 'divx') {
             if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos' . DS . $videofile . '.' . $videotype)) {
                 JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos' . DS . $videofile . '.' . $videotype);
         $row->video = '';
         $row->video_caption = '';
         $row->video_credits = '';
     //Extra fields
     $objects = array();
     $variables = JRequest::get('post', 4);
     foreach ($variables as $key => $value) {
         if ((bool) JString::stristr($key, 'K2ExtraField_')) {
             $object = new JObject();
             $object->set('id', JString::substr($key, 13));
             $object->set('value', $value);
             $objects[] = $object;
     $csvFiles = JRequest::get('files');
     foreach ($csvFiles as $key => $file) {
         if ((bool) JString::stristr($key, 'K2ExtraField_')) {
             $object = new JObject();
             $object->set('id', JString::substr($key, 13));
             $csvFile = $file['tmp_name'][0];
             if (!empty($csvFile) && JFile::getExt($file['name'][0]) == 'csv') {
                 $handle = @fopen($csvFile, 'r');
                 $csvData = array();
                 while (($data = fgetcsv($handle, 1000)) !== FALSE) {
                     $csvData[] = $data;
                 $object->set('value', $csvData);
             } else {
                 require_once JPATH_COMPONENT_ADMINISTRATOR . DS . 'lib' . DS . 'JSON.php';
                 $json = new Services_JSON();
                 $object->set('value', $json->decode(JRequest::getVar('K2CSV_' . $object->id)));
                 if (JRequest::getBool('K2ResetCSV_' . $object->id)) {
                     $object->set('value', null);
             $objects[] = $object;
     require_once JPATH_COMPONENT_ADMINISTRATOR . DS . 'lib' . DS . 'JSON.php';
     $json = new Services_JSON();
     $row->extra_fields = $json->encode($objects);
     require_once JPATH_COMPONENT_ADMINISTRATOR . DS . 'models' . DS . 'extrafield.php';
     $extraFieldModel = new K2ModelExtraField();
     $row->extra_fields_search = '';
     foreach ($objects as $object) {
         $row->extra_fields_search .= $extraFieldModel->getSearchValue($object->id, $object->value);
         $row->extra_fields_search .= ' ';
     if ($user->gid < 24 && $params->get('lockTags')) {
         $params->set('taggingSystem', 0);
     $db =& JFactory::getDBO();
     $query = "DELETE FROM #__k2_tags_xref WHERE itemID={intval({$row->id})}";
     if ($params->get('taggingSystem')) {
         if ($user->gid < 24 && $params->get('lockTags')) {
             JError::raiseError(403, JText::_("ALERTNOTAUTH"));
         $tags = JRequest::getVar('tags', NULL, 'POST', 'array');
         if (count($tags)) {
             $tags = array_unique($tags);
             foreach ($tags as $tag) {
                 $tag = str_replace('-', '', $tag);
                 $query = "SELECT id FROM #__k2_tags WHERE name=" . $db->Quote($tag);
                 $tagID = $db->loadResult();
                 if ($tagID) {
                     $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval({$tagID})}, {intval({$row->id})})";
                 } else {
                     $K2Tag =& JTable::getInstance('K2Tag', 'Table');
                     $K2Tag->name = $tag;
                     $K2Tag->published = 1;
                     $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval({$K2Tag->id})}, {intval({$row->id})})";
     } else {
         $tags = JRequest::getVar('selectedTags', NULL, 'POST', 'array');
         if (count($tags)) {
             foreach ($tags as $tagID) {
                 $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval({$tagID})}, {intval({$row->id})})";
     if ($front) {
         if (!K2HelperPermissions::canPublishItem($row->catid) && $row->published == 1) {
             $row->published = 0;
             $mainframe->enqueueMessage(JText::_("You don't have the permission to publish items."), 'notice');
     if (!$row->store()) {
         $mainframe->redirect('index.php?option=com_k2&view=items', $row->getError(), 'error');
     $cache =& JFactory::getCache('com_k2');
     $dispatcher->trigger('onAfterK2Save', array(&$row, $isNew));
     switch (JRequest::getCmd('task')) {
         case 'apply':
             $msg = JText::_('Changes to Item saved');
             $link = 'index.php?option=com_k2&view=item&cid=' . $row->id;
         case 'saveAndNew':
             $msg = JText::_('Item saved');
             $link = 'index.php?option=com_k2&view=item';
         case 'save':
             $msg = JText::_('Item Saved');
             if ($front) {
                 $link = 'index.php?option=com_k2&view=item&task=edit&cid=' . $row->id . '&tmpl=component';
             } else {
                 $link = 'index.php?option=com_k2&view=items';
     $mainframe->redirect($link, $msg);
Beispiel #3
    public function save($item, $front = false)

        require_once (JPATH_ADMINISTRATOR.'/components/com_k2/lib/class.upload.php');
        $db = JFactory::getDBO();
        $user = JFactory::getUser();
        $row = JTable::getInstance('K2Item', 'Table');
        $params = JComponentHelper::getParams('com_k2');
        $nullDate = $db->getNullDate();

        if (!$row->bind($item))
            return false;

        $row->catid = (int)$row->catid;

        if ($front && $row->id == NULL)
            JLoader::register('K2HelperPermissions', JPATH_SITE.DS.'components'.DS.'com_k2'.DS.'helpers'.DS.'permissions.php');
            if (!K2HelperPermissions::canAddItem($row->catid))
                return false;

        ($row->id) ? $isNew = false : $isNew = true;

        if ($params->get('xssFiltering'))
            $filter = new JFilterInput( array(), array(), 1, 1, 0);
            $item['articletext'] = $filter->clean($item['articletext']);
        $pattern = '#<hr\s+id=("|\')system-readmore("|\')\s*\/*>#i';
        $tagPos = preg_match($pattern, $item['articletext']);
        if ($tagPos == 0)
            $row->introtext = $item['articletext'];
            $row->fulltext = '';
            list($row->introtext, $row->fulltext) = preg_split($pattern, $item['articletext'], 2);

        if ($row->id)
            $datenow = JFactory::getDate();
            $row->modified = $datenow->toSql();
            $row->modified_by = $user->get('id');
            $row->ordering = $row->getNextOrder("catid = {$row->catid} AND trash = 0");
            if ($row->featured)
                $row->featured_ordering = $row->getNextOrder("featured = 1 AND trash = 0", 'featured_ordering');

        $row->created_by = $row->created_by ? $row->created_by : $user->get('id');

        if ($front)
            $K2Permissions = K2Permissions::getInstance();
            if (!$K2Permissions->permissions->get('editAll'))
                $row->created_by = $user->get('id');

        if ($row->created && strlen(trim($row->created)) <= 10)
            $row->created .= ' 00:00:00';

        $config = JFactory::getConfig();
        $tzoffset = $config->get('config.offset');
        $date = JFactory::getDate($row->created, $tzoffset);
        $row->created = $date->toSql();

        if (strlen(trim($row->publish_up)) <= 10)
            $row->publish_up .= ' 00:00:00';

        $date = JFactory::getDate($row->publish_up, $tzoffset);
        $row->publish_up = $date->toSql();

        if (trim($row->publish_down) == JText::_('K2_NEVER') || trim($row->publish_down) == '')
            $row->publish_down = $nullDate;
            if (strlen(trim($row->publish_down)) <= 10)
                $row->publish_down .= ' 00:00:00';
            $date = JFactory::getDate($row->publish_down, $tzoffset);
            $row->publish_down = $date->toSql();

        if (!$row->check())
            return false;

        $dispatcher = JDispatcher::getInstance();
        $result = $dispatcher->trigger('onBeforeK2Save', array(&$row, $isNew));
        if (in_array(false, $result, true))
            return false;

        //Trigger the finder before save event
        $dispatcher = JDispatcher::getInstance();
        $results = $dispatcher->trigger('onFinderBeforeSave', array('com_k2.item', $row, $isNew));

        if (!$row->store())
            return false;

        if (!$params->get('disableCompactOrdering'))
            $row->reorder("catid = {$row->catid} AND trash = 0");
        if ($row->featured && !$params->get('disableCompactOrdering'))
            $row->reorder("featured = 1 AND trash = 0", 'featured_ordering');

        // Image copy
        $src = md5("Image".$item['ref_id']);        
        $target = md5("Image".$row->id);
        $sizes = array('XL', 'L', 'M', 'S', 'XS');
        $savepath = JPATH_SITE.DS.'media'.DS.'k2'.DS.'items'.DS.'cache';
        foreach($sizes as $size)
            if(JFile::exists($savepath.DS.$src.'_'.$size.'.jpg') && !JFile::exists($savepath.DS.$target.'_'.$size.'.jpg'))
                JFile::copy($savepath.DS.$src.'_'.$size.'.jpg', $savepath.DS.$target.'_'.$size.'.jpg');

        //Extra fields
        $objects = array();
        $variables = JRequest::get('post', 4);
        foreach ($variables as $key => $value)
            if (( bool )JString::stristr($key, 'K2ExtraField_'))
                $object = new JObject;
                $object->set('id', JString::substr($key, 13));
                $object->set('value', $value);
                $objects[] = $object;

        $csvFiles = JRequest::get('files');
        foreach ($csvFiles as $key => $file)
            if (( bool )JString::stristr($key, 'K2ExtraField_'))
                $object = new JObject;
                $object->set('id', JString::substr($key, 13));
                $csvFile = $file['tmp_name'][0];
                if (!empty($csvFile) && JFile::getExt($file['name'][0]) == 'csv')
                    $handle = @fopen($csvFile, 'r');
                    $csvData = array();
                    while (($data = fgetcsv($handle, 1000)) !== FALSE)
                        $csvData[] = $data;
                    $object->set('value', $csvData);
                    require_once (JPATH_ADMINISTRATOR.DS.'components'.DS.'com_k2'.DS.'lib'.DS.'JSON.php');
                    $json = new Services_JSON;
                    $object->set('value', $json->decode(JRequest::getVar('K2CSV_'.$object->id)));
                    if (JRequest::getBool('K2ResetCSV_'.$object->id))
                        $object->set('value', null);
                $objects[] = $object;

        require_once (JPATH_ADMINISTRATOR.DS.'components'.DS.'com_k2'.DS.'lib'.DS.'JSON.php');
        $json = new Services_JSON;
        $row->extra_fields = $json->encode($objects);

        $row->extra_fields_search = '';

        foreach ($objects as $object)
            $row->extra_fields_search .= $this->getSearchValue($object->id, $object->value);
            $row->extra_fields_search .= ' ';

        $query = "DELETE FROM #__k2_tags_xref WHERE itemID={intval($row->id)}";

        $tags = JRequest::getVar('tags', NULL, 'POST', 'array');
        if (count($tags))
            $tags = array_unique($tags);
            foreach ($tags as $tag)
                $tag = JString::str_ireplace('-', '', $tag);
                $query = "SELECT id FROM #__k2_tags WHERE name=".$db->Quote($tag);
                $tagID = $db->loadResult();
                if ($tagID)
                    $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval($tagID)}, {intval($row->id)})";
                    $K2Tag = JTable::getInstance('K2Tag', 'Table');
                    $K2Tag->name = $tag;
                    $K2Tag->published = 1;
                    $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval($K2Tag->id)}, {intval($row->id)})";

        $files = JRequest::get('files');

        if ((int)$params->get('imageMemoryLimit'))
            ini_set('memory_limit', (int)$params->get('imageMemoryLimit').'M');

        if ($front)
            if (!K2HelperPermissions::canPublishItem($row->catid) && $row->published)
                $row->published = 0;

        $query = "UPDATE #__k2_items SET video_caption = ".$db->Quote($row->video_caption).", video_credits = ".$db->Quote($row->video_credits).", ";

        if (!is_null($row->video))
            $query .= " video = ".$db->Quote($row->video).", ";
        if (!is_null($row->gallery))
            $query .= " gallery = ".$db->Quote($row->gallery).", ";
        $query .= " extra_fields = ".$db->Quote($row->extra_fields).", extra_fields_search = ".$db->Quote($row->extra_fields_search)." , published = ".$db->Quote($row->published)." WHERE id = ".$row->id;

        if (!$db->query())
            return false;


        $cache = JFactory::getCache('com_k2');

        //$dispatcher->trigger('onAfterK2Save', array(&$row, $isNew));
        $dispatcher->trigger('onContentAfterSave', array(&$row, $isNew));

        //Trigger the finder after save event
        $dispatcher = JDispatcher::getInstance();
        $results = $dispatcher->trigger('onFinderAfterSave', array('com_k2.item', $row, $isNew));

        return $row->id;
Beispiel #4
  * This method is copied from admin/com_k2/models/item.php 
  * Modifications have been made
  * Changed all $mainframe redirects
  * Removed the check for extra fields, we don't want to override them
 function save($front = false)
     $mainframe =& JFactory::getApplication();
     require_once JPATH_ADMINISTRATOR . '/components/com_k2' . DS . 'lib' . DS . 'class.upload.php';
     $db =& JFactory::getDBO();
     $user =& JFactory::getUser();
     $row =& JTable::getInstance('K2Item', 'Table');
     $params =& JComponentHelper::getParams('com_k2');
     $nullDate = $db->getNullDate();
     if (!$row->bind(JRequest::get('post'))) {
         return false;
     if ($front && $row->id == NULL) {
         JLoader::register('K2HelperPermissions', JPATH_SITE . DS . 'components' . DS . 'com_k2' . DS . 'helpers' . DS . 'permissions.php');
         if (!K2HelperPermissions::canAddItem($row->catid)) {
             return false;
     $row->id ? $isNew = false : ($isNew = true);
     if ($params->get('mergeEditors')) {
         $text = JRequest::getVar('text', '', 'post', 'string', 2);
         if ($params->get('xssFiltering')) {
             $filter = new JFilterInput(array(), array(), 1, 1, 0);
             $text = $filter->clean($text);
         $pattern = '#<hr\\s+id=("|\')system-readmore("|\')\\s*\\/*>#i';
         $tagPos = preg_match($pattern, $text);
         if ($tagPos == 0) {
             $row->introtext = $text;
             $row->fulltext = '';
         } else {
             list($row->introtext, $row->fulltext) = preg_split($pattern, $text, 2);
     } else {
         $row->introtext = JRequest::getVar('introtext', '', 'post', 'string', 2);
         $row->fulltext = JRequest::getVar('fulltext', '', 'post', 'string', 2);
         if ($params->get('xssFiltering')) {
             $filter = new JFilterInput(array(), array(), 1, 1, 0);
             $row->introtext = $filter->clean($row->introtext);
             $row->fulltext = $filter->clean($row->fulltext);
     if ($row->id) {
         $datenow =& JFactory::getDate();
         $row->modified = $datenow->toMySQL();
         $row->modified_by = $user->get('id');
     } else {
         $row->ordering = $row->getNextOrder("catid = {$row->catid} AND trash = 0");
         if ($row->featured) {
             $row->featured_ordering = $row->getNextOrder("featured = 1 AND trash = 0", 'featured_ordering');
     $row->created_by = $row->created_by ? $row->created_by : $user->get('id');
     if ($front) {
         $K2Permissions =& K2Permissions::getInstance();
         if (!$K2Permissions->permissions->get('editAll')) {
             $row->created_by = $user->get('id');
     if ($row->created && strlen(trim($row->created)) <= 10) {
         $row->created .= ' 00:00:00';
     $config =& JFactory::getConfig();
     $tzoffset = $config->getValue('config.offset');
     $date =& JFactory::getDate($row->created, $tzoffset);
     $row->created = $date->toMySQL();
     if (strlen(trim($row->publish_up)) <= 10) {
         $row->publish_up .= ' 00:00:00';
     $date =& JFactory::getDate($row->publish_up, $tzoffset);
     $row->publish_up = $date->toMySQL();
     if (trim($row->publish_down) == JText::_('K2_NEVER') || trim($row->publish_down) == '') {
         $row->publish_down = $nullDate;
     } else {
         if (strlen(trim($row->publish_down)) <= 10) {
             $row->publish_down .= ' 00:00:00';
         $date =& JFactory::getDate($row->publish_down, $tzoffset);
         $row->publish_down = $date->toMySQL();
     $metadata = JRequest::getVar('meta', null, 'post', 'array');
     if (is_array($metadata)) {
         $txt = array();
         foreach ($metadata as $k => $v) {
             if ($k == 'description') {
                 $row->metadesc = $v;
             } elseif ($k == 'keywords') {
                 $row->metakey = $v;
             } else {
                 $txt[] = "{$k}={$v}";
         $row->metadata = implode("\n", $txt);
     if (!$row->check()) {
         $mainframe->redirect('index.php?option=com_k2&view=item&cid=' . $row->id, $row->getError(), 'error');
     $dispatcher =& JDispatcher::getInstance();
     $result = $dispatcher->trigger('onBeforeK2Save', array(&$row, $isNew));
     if (in_array(false, $result, true)) {
         return false;
     // JoomFish! Front-end editing compatibility
     if ($mainframe->isSite() && JFolder::exists(JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_joomfish' . DS . 'contentelements')) {
         if (version_compare(phpversion(), '5.0') < 0) {
             $tmpRow = $row;
         } else {
             $tmpRow = clone $row;
     if (!$row->store()) {
         return false;
     // JoomFish! Front-end editing compatibility
     if ($mainframe->isSite() && JFolder::exists(JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_joomfish' . DS . 'contentelements')) {
         $itemID = $row->id;
         $row = $tmpRow;
         $row->id = $itemID;
     if (!$params->get('disableCompactOrdering')) {
         $row->reorder("catid = {$row->catid} AND trash = 0");
     if ($row->featured && !$params->get('disableCompactOrdering')) {
         $row->reorder("featured = 1 AND trash = 0", 'featured_ordering');
     $files = JRequest::get('files');
     if ((int) $params->get('imageMemoryLimit')) {
         ini_set('memory_limit', (int) $params->get('imageMemoryLimit') . 'M');
     $existingImage = JRequest::getVar('existingImage');
     if ((@$files['image']['error'] === 0 || $existingImage) && !JRequest::getBool('del_image')) {
         if ($files['image']['error'] === 0) {
             $image = $files['image'];
         } else {
             $image = JPATH_SITE . DS . JPath::clean($existingImage);
         $handle = new Upload($image);
         $handle->allowed = array('image/*');
         if ($handle->uploaded) {
             //Image params
             $category =& JTable::getInstance('K2Category', 'Table');
             $cparams = new JParameter($category->params);
             if ($cparams->get('inheritFrom')) {
                 $masterCategoryID = $cparams->get('inheritFrom');
                 $query = "SELECT * FROM #__k2_categories WHERE id=" . (int) $masterCategoryID;
                 $db->setQuery($query, 0, 1);
                 $masterCategory = $db->loadObject();
                 $cparams = new JParameter($masterCategory->params);
             //Original image
             $savepath = JPATH_SITE . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src';
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = 100;
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = md5("Image" . $row->id);
             $filename = $handle->file_dst_name_body;
             $savepath = JPATH_SITE . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache';
             //XLarge image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_XL';
             if (JRequest::getInt('itemImageXL')) {
                 $imageWidth = JRequest::getInt('itemImageXL');
             } else {
                 $imageWidth = $params->get('itemImageXL', '800');
             $handle->image_x = $imageWidth;
             //Large image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_L';
             if (JRequest::getInt('itemImageL')) {
                 $imageWidth = JRequest::getInt('itemImageL');
             } else {
                 $imageWidth = $params->get('itemImageL', '600');
             $handle->image_x = $imageWidth;
             //Medium image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_M';
             if (JRequest::getInt('itemImageM')) {
                 $imageWidth = JRequest::getInt('itemImageM');
             } else {
                 $imageWidth = $params->get('itemImageM', '400');
             $handle->image_x = $imageWidth;
             //Small image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_S';
             if (JRequest::getInt('itemImageS')) {
                 $imageWidth = JRequest::getInt('itemImageS');
             } else {
                 $imageWidth = $params->get('itemImageS', '200');
             $handle->image_x = $imageWidth;
             //XSmall image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_XS';
             if (JRequest::getInt('itemImageXS')) {
                 $imageWidth = JRequest::getInt('itemImageXS');
             } else {
                 $imageWidth = $params->get('itemImageXS', '100');
             $handle->image_x = $imageWidth;
             //Generic image
             $handle->image_resize = true;
             $handle->image_ratio_y = true;
             $handle->image_convert = 'jpg';
             $handle->jpeg_quality = $params->get('imagesQuality');
             $handle->file_auto_rename = false;
             $handle->file_overwrite = true;
             $handle->file_new_name_body = $filename . '_Generic';
             $imageWidth = $params->get('itemImageGeneric', '300');
             $handle->image_x = $imageWidth;
             if ($files['image']['error'] === 0) {
         } else {
             return false;
     if (JRequest::getBool('del_image')) {
         $current =& JTable::getInstance('K2Item', 'Table');
         $filename = md5("Image" . $current->id);
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src' . DS . $filename . '.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src' . DS . $filename . '.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XS.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XS.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_S.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_S.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_M.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_M.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_L.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_L.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XL.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XL.jpg');
         if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_Generic.jpg')) {
             JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_Generic.jpg');
         $row->image_caption = '';
         $row->image_credits = '';
     $attachments = JRequest::getVar('attachment_file', NULL, 'FILES', 'array');
     $attachments_names = JRequest::getVar('attachment_name', '', 'POST', 'array');
     $attachments_titles = JRequest::getVar('attachment_title', '', 'POST', 'array');
     $attachments_title_attributes = JRequest::getVar('attachment_title_attribute', '', 'POST', 'array');
     $attachments_existing_files = JRequest::getVar('attachment_existing_file', '', 'POST', 'array');
     $attachmentFiles = array();
     if (count($attachments)) {
         foreach ($attachments as $k => $l) {
             foreach ($l as $i => $v) {
                 if (!array_key_exists($i, $attachmentFiles)) {
                     $attachmentFiles[$i] = array();
                 $attachmentFiles[$i][$k] = $v;
         $path = $params->get('attachmentsFolder', NULL);
         if (is_null($path)) {
             $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'attachments';
         } else {
             $savepath = $path;
         $counter = 0;
         foreach ($attachmentFiles as $key => $file) {
             if ($file["tmp_name"] || $attachments_existing_files[$key]) {
                 if ($attachments_existing_files[$key]) {
                     $file = JPATH_SITE . DS . JPath::clean($attachments_existing_files[$key]);
                 $handle = new Upload($file);
                 if ($handle->uploaded) {
                     $handle->file_auto_rename = true;
                     $handle->allowed[] = 'application/x-zip';
                     $handle->allowed[] = 'application/download';
                     $filename = $handle->file_dst_name;
                     $attachment =& JTable::getInstance('K2Attachment', 'Table');
                     $attachment->itemID = $row->id;
                     $attachment->filename = $filename;
                     $attachment->title = empty($attachments_titles[$counter]) ? $filename : $attachments_titles[$counter];
                     $attachment->titleAttribute = empty($attachments_title_attributes[$counter]) ? $filename : $attachments_title_attributes[$counter];
                 } else {
                     return false;
     $flickrGallery = JRequest::getVar('flickrGallery');
     if ($flickrGallery) {
         $row->gallery = '{gallery}' . $flickrGallery . '{/gallery}';
     if (isset($files['gallery']) && $files['gallery']['error'] == 0 && !JRequest::getBool('del_gallery')) {
         $handle = new Upload($files['gallery']);
         $handle->file_auto_rename = true;
         $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries';
         $handle->allowed = array("application/download", "application/rar", "application/x-rar-compressed", "application/arj", "application/gnutar", "application/x-bzip", "application/x-bzip2", "application/x-compressed", "application/x-gzip", "application/x-zip-compressed", "application/zip", "multipart/x-zip", "multipart/x-gzip", "application/x-unknown", "application/x-zip");
         if ($handle->uploaded) {
             if (JFolder::exists($savepath . DS . $row->id)) {
                 JFolder::delete($savepath . DS . $row->id);
             if (!JArchive::extract($savepath . DS . $handle->file_dst_name, $savepath . DS . $row->id)) {
                 return false;
             } else {
                 $row->gallery = '{gallery}' . $row->id . '{/gallery}';
             JFile::delete($savepath . DS . $handle->file_dst_name);
         } else {
             return false;
     if (JRequest::getBool('del_gallery')) {
         $current =& JTable::getInstance('K2Item', 'Table');
         if (JFolder::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries' . DS . $current->id)) {
             JFolder::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries' . DS . $current->id);
         $row->gallery = '';
     if (!JRequest::getBool('del_video')) {
         if (isset($files['video']) && $files['video']['error'] == 0) {
             $videoExtensions = array("flv", "mp4", "ogv", "webm", "f4v", "m4v", "3gp", "3g2", "mov", "mpeg", "mpg", "avi", "wmv", "divx");
             $audioExtensions = array("mp3", "aac", "m4a", "ogg", "wma");
             $validExtensions = array_merge($videoExtensions, $audioExtensions);
             $filetype = JFile::getExt($files['video']['name']);
             if (!in_array($filetype, $validExtensions)) {
                 return false;
             if (in_array($filetype, $videoExtensions)) {
                 $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos';
             } else {
                 $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'audio';
             $filename = JFile::stripExt($files['video']['name']);
             JFile::upload($files['video']['tmp_name'], $savepath . DS . $row->id . '.' . $filetype);
             $filetype = JFile::getExt($files['video']['name']);
             $row->video = '{' . $filetype . '}' . $row->id . '{/' . $filetype . '}';
         } else {
             if (JRequest::getVar('remoteVideo')) {
                 $fileurl = JRequest::getVar('remoteVideo');
                 $filetype = JFile::getExt($fileurl);
                 $row->video = '{' . $filetype . 'remote}' . $fileurl . '{/' . $filetype . 'remote}';
             if (JRequest::getVar('videoID')) {
                 $provider = JRequest::getWord('videoProvider');
                 $videoID = JRequest::getVar('videoID');
                 $row->video = '{' . $provider . '}' . $videoID . '{/' . $provider . '}';
             if (JRequest::getVar('embedVideo', '', 'post', 'string', JREQUEST_ALLOWRAW)) {
                 $row->video = JRequest::getVar('embedVideo', '', 'post', 'string', JREQUEST_ALLOWRAW);
     } else {
         $current =& JTable::getInstance('K2Item', 'Table');
         preg_match_all("#^{(.*?)}(.*?){#", $current->video, $matches, PREG_PATTERN_ORDER);
         $videotype = $matches[1][0];
         $videofile = $matches[2][0];
         if (in_array($videotype, $videoExtensions)) {
             if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos' . DS . $videofile . '.' . $videotype)) {
                 JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos' . DS . $videofile . '.' . $videotype);
         if (in_array($videotype, $audioExtensions)) {
             if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'audio' . DS . $videofile . '.' . $videotype)) {
                 JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'audio' . DS . $videofile . '.' . $videotype);
         $row->video = '';
         $row->video_caption = '';
         $row->video_credits = '';
     if (@$user->gid < 24 && $params->get('lockTags')) {
         $params->set('taggingSystem', 0);
     $db =& JFactory::getDBO();
     $query = "DELETE FROM #__k2_tags_xref WHERE itemID={intval({$row->id})}";
     if ($params->get('taggingSystem')) {
         if (@$user->gid < 24 && $params->get('lockTags')) {
             JError::raiseError(403, JText::_('K2_ALERTNOTAUTH'));
         $tags = JRequest::getVar('tags', NULL, 'POST', 'array');
         if (count($tags)) {
             $tags = array_unique($tags);
             foreach ($tags as $tag) {
                 $tag = str_replace('-', '', $tag);
                 $query = "SELECT id FROM #__k2_tags WHERE name=" . $db->Quote($tag);
                 $tagID = $db->loadResult();
                 if ($tagID) {
                     $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval({$tagID})}, {intval({$row->id})})";
                 } else {
                     $K2Tag =& JTable::getInstance('K2Tag', 'Table');
                     $K2Tag->name = $tag;
                     $K2Tag->published = 1;
                     $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval({$K2Tag->id})}, {intval({$row->id})})";
     } else {
         $tags = JRequest::getVar('selectedTags', NULL, 'POST', 'array');
         if (count($tags)) {
             foreach ($tags as $tagID) {
                 $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval({$tagID})}, {intval({$row->id})})";
     if ($front) {
         if (!K2HelperPermissions::canPublishItem($row->catid) && $row->published) {
             $row->published = 0;
             $mainframe->enqueueMessage(JText::_('K2_YOU_DONT_HAVE_THE_PERMISSION_TO_PUBLISH_ITEMS'), 'notice');
     if (!$row->store()) {
         return false;
     $cache =& JFactory::getCache('com_k2');
     $dispatcher->trigger('onAfterK2Save', array(&$row, $isNew));
     return $row;