/**
* This method provides a generic item list overview.
*
* @param string $ot Treated object type.
* @param string $sort Sorting field.
* @param string $sortdir Sorting direction.
* @param int $pos Current pager position.
* @param int $num Amount of entries to display.
* @param string $tpl Name of alternative template (for alternative display options, feeds and xml output)
* @param boolean $raw Optional way to display a template instead of fetching it (needed for standalone output)
* @return mixed Output.
*/
public function view($args)
{
$ot = $this->request->getGet()->filter('ot', 'category', FILTER_SANITIZE_STRING);
$type = $this->request->getGet()->filter('type', 'user', FILTER_SANITIZE_STRING);
$func = $this->request->getGet()->filter('func', 'view', FILTER_SANITIZE_STRING);
if ($ot == 'category') {
$sortdir = ModUtil::getVar('MUBoard', 'sortingCategories');
}
if ($ot == 'posting') {
$sortdir = ModUtil::getVar('MUBoard', 'sortingPostings');
}
//view of postings is blocked
if ($ot == 'posting') {
return System::redirect(ModUtil::url($this->name, 'user', 'view'));
}
if (($ot == 'category' || $ot == 'forum') && $type == 'user') {
$args['sort'] = 'pos';
if ($sortdir == 'descending') {
$args['sortdir'] = 'desc';
} else {
$args['sortdir'] = 'asc';
}
}
// get actual time
$nowtime = DateUtil::getDatetime();
// set sessionvar with calling time
SessionUtil::setVar('muboardonline', $nowtime);
$lastlogin = SessionUtil::getVar('muboardonline');
$this->view->assign('func', $func)->assign('lastlogin', $lastlogin);
$dom = ZLanguage::getModuleDomain($this->name);
$sitename = ModUtil::getVar('ZConfig', 'sitename');
PageUtil::setVar('title', $sitename . ' - ' . __('Forum - Category Overview', $dom));
return parent::view($args);
}
/**
* Update the configuration values
* @author: Sara Arjona Téllez (sarjona@xtec.cat)
* @params The config values from the form
* @return Thue if success
*/
public function confupdate($args) {
$skins = FormUtil::getPassedValue('skins', isset($args['skins']) ? $args['skins'] : null, 'POST');
$langs = FormUtil::getPassedValue('langs', isset($args['langs']) ? $args['langs'] : null, 'POST');
$maxdelivers = FormUtil::getPassedValue('maxdelivers', isset($args['maxdelivers']) ? $args['maxdelivers'] : null, 'POST');
$basedisturl = FormUtil::getPassedValue('basedisturl', isset($args['basedisturl']) ? $args['basedisturl'] : null, 'POST');
// Security check
if (!SecurityUtil::checkPermission('IWqv::', "::", ACCESS_ADMIN)) {
throw new Zikula_Exception_Forbidden();
}
// Confirm authorisation code
$this->checkCsrfToken();
if (isset($skins))
ModUtil::setVar('IWqv', 'skins', $skins);
if (isset($langs))
ModUtil::setVar('IWqv', 'langs', $langs);
if (isset($maxdelivers))
ModUtil::setVar('IWqv', 'maxdelivers', $maxdelivers);
if (isset($basedisturl))
ModUtil::setVar('IWqv', 'basedisturl', $basedisturl);
LogUtil::registerStatus($this->__f('Done! %1$s updated.', $this->__('settings')));
return System::redirect(ModUtil::url('IWqv', 'admin', 'main'));
}
/**
* This method provides a generic handling of all edit requests.
*
* @param string $ot Treated object type.
* @param string $tpl Name of alternative template (for alternative display options, feeds and xml output)
* @param boolean $raw Optional way to display a template instead of fetching it (needed for standalone output)
*
* @return mixed Output.
*/
public function edit()
{
$id = $this->request->query->filter('id', 0);
if ($id > 0) {
$url = ModUtil::url($this->name, 'user', 'view');
return System::redirect($url);
}
$controllerHelper = new Reviews_Util_Controller($this->serviceManager);
// parameter specifying which type of objects we are treating
$objectType = $this->request->query->filter('ot', 'review', FILTER_SANITIZE_STRING);
$utilArgs = array('controller' => 'user', 'action' => 'edit');
if (!in_array($objectType, $controllerHelper->getObjectTypes('controllerAction', $utilArgs))) {
$objectType = $controllerHelper->getDefaultObjectType('controllerAction', $utilArgs);
}
$this->throwForbiddenUnless(SecurityUtil::checkPermission($this->name . ':' . ucwords($objectType) . ':', '::', ACCESS_EDIT), LogUtil::getErrorMsgPermission());
// create new Form reference
$view = FormUtil::newForm($this->name, $this);
// build form handler class name
$handlerClass = $this->name . '_Form_Handler_User_' . ucfirst($objectType) . '_Edit';
// determine the output template
$viewHelper = new Reviews_Util_View($this->serviceManager);
$template = $viewHelper->getViewTemplate($this->view, 'user', $objectType, 'edit', array());
// execute form using supplied template and page event handler
return $view->execute($template, new $handlerClass());
}
public function updateConfig($args)
{
// Security check
if (!SecurityUtil::checkPermission('SiriusXtecAuth::', '::', ACCESS_ADMIN)) {
return LogUtil::registerPermissionError();
}
$items = array( 'ldap_active' => FormUtil::getPassedValue('ldap_active', false, 'POST')?true:false,
'users_creation' => FormUtil::getPassedValue('users_creation', false, 'POST')?true:false,
'new_users_activation' => FormUtil::getPassedValue('new_users_activation', false, 'POST')?true:false,
'iw_write' => FormUtil::getPassedValue('iw_write', false, 'POST')?true:false,
'iw_lastnames' => FormUtil::getPassedValue('iw_lastnames', false, 'POST')?true:false,
'new_users_groups' => FormUtil::getPassedValue('new_users_groups', array(), 'POST'),
'ldap_server' => FormUtil::getPassedValue('ldap_server', false, 'POST'),
'ldap_basedn' => FormUtil::getPassedValue('ldap_basedn', false, 'POST'),
'ldap_searchattr' => FormUtil::getPassedValue('ldap_searchattr', false, 'POST'),
'loginXtecApps' => FormUtil::getPassedValue('loginXtecApps', false, 'POST'),
'logoutXtecApps' => FormUtil::getPassedValue('logoutXtecApps', false, 'POST'),
'gtafProtocol' => FormUtil::getPassedValue('gtafProtocol', false, 'POST'),
'e13Protocol' => FormUtil::getPassedValue('e13Protocol', false, 'POST'),
'gtafURL' => FormUtil::getPassedValue('gtafURL', false, 'POST'),
'e13URL' => FormUtil::getPassedValue('e13URL', false, 'POST'),
'loginTime' => FormUtil::getPassedValue('loginTime', false, 'POST'),
'logoutTime' => FormUtil::getPassedValue('logoutTime', false, 'POST'));
ModUtil::setVars($this->name,$items);
LogUtil::registerStatus($this->__('S\'ha actualitzat la configuració del mòdul.'));
return System::redirect(ModUtil::url('SiriusXtecAuth', 'admin', 'main'));
}
function delete()
{
// security check
if (!SecurityUtil::checkPermission('AddressBook::', '::', ACCESS_ADMIN)) {
return LogUtil::registerPermissionError();
}
$ot = FormUtil::getPassedValue('ot', 'categories', 'GETPOST');
$id = (int) FormUtil::getPassedValue('id', 0, 'GETPOST');
$url = ModUtil::url('AddressBook', 'admin', 'view', array('ot' => $ot));
$class = 'AddressBook_DBObject_' . ucfirst($ot);
if (!class_exists($class)) {
return z_exit(__f('Error! Unable to load class [%s]', $ot));
}
$object = new $class();
$data = $object->get($id);
if (!$data) {
LogUtil::registerError(__f('%1$s with ID of %2$s doesn\'\\t seem to exist', array($ot, $id)));
return System::redirect($url);
}
$object->delete();
if ($ot == "customfield") {
$sql = "ALTER TABLE addressbook_address DROP adr_custom_" . $id;
try {
DBUtil::executeSQL($sql, -1, -1, true, true);
} catch (Exception $e) {
}
}
LogUtil::registerStatus($this->__('Done! Item deleted.'));
return System::redirect($url);
}
/**
* Validate name for ID in URL and redirect if necessary
* @param string
* @param int
* @param string
*/
public static function validate($strKey, $intId, $strName)
{
$strValid = $intId . '-' . standardize($strName);
if (Input::getAutoItem($strKey) != $strValid) {
/** @type \PageModel $objPage */
global $objPage;
$strParams = '/' . $strValid;
// Check if key is auto_item enabled
if (!$GLOBALS['TL_CONFIG']['useAutoItem'] || !in_array($strKey, $GLOBALS['TL_AUTO_ITEM'])) {
$strParams = '/' . $strKey . $strParams;
}
\System::redirect($objPage->getFrontendUrl($strParams), 301);
}
}
/**
* Export data
*
* @access public
* @param string
* @return void
*/
public static function run($dc = null, $strName = 'formsubmissions', $blnHeaders = true)
{
if (!in_array('!composer', \ModuleLoader::getActive())) {
\Message::addError($GLOBALS['TL_LANG']['ERR']['exportExcelNoComposer']);
\System::redirect(str_ireplace('&key=exportExcel', '', \Environment::get('request')));
return;
}
if (!is_file(TL_ROOT . '/composer/vendor/phpoffice/phpexcel/Classes/PHPExcel.php')) {
\Message::addError($GLOBALS['TL_LANG']['ERR']['exportExcelNoPHPExcel']);
\System::redirect(str_ireplace('&key=exportExcel', '', \Environment::get('request')));
return;
}
parent::run($dc, $strName, $blnHeaders);
}
/**
* Session fixation detection.
* This method should be called after succesfull login.
*/
public static function checkSessionFixation()
{
if (Config::SESSION_FIXATION_DETECTION_ENABLED !== true) {
return;
}
if (!isset($_SESSION[Config::SERVER_FQDN]["remote_addr"]) || !isset($_SESSION[Config::SERVER_FQDN]["http_user_agent"])) {
$_SESSION[Config::SERVER_FQDN]["remote_addr"] = $_SERVER["REMOTE_ADDR"];
$_SESSION[Config::SERVER_FQDN]["http_user_agent"] = $_SERVER["HTTP_USER_AGENT"];
} else {
if ($_SESSION[Config::SERVER_FQDN]["remote_addr"] !== $_SERVER["REMOTE_ADDR"] || $_SESSION[Config::SERVER_FQDN]["http_user_agent"] !== $_SERVER["HTTP_USER_AGENT"]) {
session_unset();
session_destroy();
System::redirect(Config::SITE_PATH . Config::SESSION_FIXATION_REDIRECT_PATH);
}
}
}
public function getYoutubeVideos($channelId = '', $collectionId = 0)
{
$dom = ZLanguage::getModuleDomain($this->name);
$youtubeApi = ModUtil::getVar($this->name, 'youtubeApi');
$collectionRepository = MUVideo_Util_Model::getCollectionRepository();
$collectionObject = $collectionRepository->selectById($collectionId);
$api = self::getData("https://www.googleapis.com/youtube/v3/search?part=snippet&channelId=" . $channelId . "&key=" . $youtubeApi);
// https://www.googleapis.com/youtube/v3/search?part=snippet&channelId=UCJC8ynLpY_q89tmNhqIf1Sg&key={YOUR_API_KEY}
//$api = self::getData("https://www.googleapis.com/youtube/v3/playlistItems?part=snippet&playlistId={DEINE_PLAYLIST_ID}&maxResults=10&fields=items%2Fsnippet&key=" . $youtubeApi);
$videos = json_decode($api, true);
$movieRepository = MUVideo_Util_Model::getMovieRepository();
$where = 'tbl.urlOfYoutube != \'' . DataUtil::formatForStore('') . '\'';
// we look for movies with a youtube url entered
$existingYoutubeVideos = $movieRepository->selectWhere($where);
if ($existingYoutubeVideos && count($existingYoutubeVideos > 0)) {
foreach ($existingYoutubeVideos as $existingYoutubeVideo) {
$youtubeId = str_replace('https://www.youtube.com/watch?v=', '', $existingYoutubeVideo['urlOfYoutube']);
$videoIds[] = $youtubeId;
}
}
if (is_array($videos['items'])) {
foreach ($videos['items'] as $videoData) {
if (isset($videoData['id']['videoId'])) {
if (isset($videoIds) && is_array($videoIds)) {
if (in_array($videoData['id']['videoId'], $videoIds)) {
continue;
}
}
$serviceManager = ServiceUtil::getManager();
$entityManager = $serviceManager->getService('doctrine.entitymanager');
$newYoutubeVideo = new MUVideo_Entity_Movie();
$newYoutubeVideo->setTitle($videoData['snippet']['title']);
$newYoutubeVideo->setDescription($videoData['snippet']['description']);
$newYoutubeVideo->setUrlOfYoutube('https://www.youtube.com/watch?v=' . $videoData['id']['videoId']);
$newYoutubeVideo->setWidthOfMovie('400');
$newYoutubeVideo->setHeightOfMovie('300');
$newYoutubeVideo->setWorkflowState('approved');
$newYoutubeVideo->setCollection($collectionObject);
$entityManager->persist($newYoutubeVideo);
$entityManager->flush();
LogUtil::registerStatus(__('The movie', $dom) . ' ' . $videoData['snippet']['title'] . ' ' . __('was created and put into the collection', $dom) . ' ' . $collectionObject['title']);
}
}
}
$redirectUrl = ModUtil::url($this->name, 'user', 'display', array('ot' => 'collection', 'id' => $collectionId));
return System::redirect($redirectUrl);
}
/**
* Command event handler.
*
* This event handler is called when a command is issued by the user.
*/
public function handleCommand(Zikula_Form_View $view, &$args)
{
parent::HandleCommand($view, $args);
$dom = ZLanguage::getModuleDomain($this->name);
// we handle the redirect to the frontend after moving an issue
// to another forum
$work = $this->request->query->filter('work', 'none', FILTER_SANITIZE_STRING);
$id = $this->request->query->filter('id', 0, FILTER_SANITIZE_NUMBER_INT);
if ($id > 0) {
$url = ModUtil::url($this->name, 'user', 'display', array('ot' => 'posting', 'id' => $id));
return LogUtil::registerStatus(__('Done! Moving of issue successful.', $dom), $url);
} else {
$url = ModUtil::url($this->name, 'user');
LogUtil::registerError('Sorry! Moving the issue failed', $dom);
}
return System::redirect($url);
}
/**
* Redirects to a route.
*/
public function route()
{
$url = strtolower($_SERVER['REQUEST_URI']);
if (strpos($url, Configuration::WEB_ROOT) === 0) {
$url = substr($url, strlen(Configuration::WEB_ROOT));
}
$url = '/' . trim($url, '/');
foreach ($this->routes as $pattern => $callback) {
if (preg_match($pattern, $url, $params)) {
array_shift($params);
$actions = explode('/', $callback);
$class = $actions[0];
$function = $actions[1];
$this->matchfound = true;
$route = new $class();
call_user_func_array(array($route, $function), array_values($params));
}
}
if (!$this->matchfound) {
System::redirect(Configuration::NOTFOUND_URI);
}
}
/**
* Generate module
*/
protected function compile()
{
// get all dca tables
foreach ($GLOBALS['BE_MOD'] as $groupName => $group) {
foreach ($group as $moduleName => $modules) {
if (is_array($modules['tables'])) {
foreach ($modules['tables'] as $table) {
$arrGroups[$groupName]['title'] = $GLOBALS['TL_LANG']['MOD'][$groupName];
$arrGroups[$groupName]['tables'][] = array($table, $GLOBALS['TL_LANG']['MOD'][$moduleName][0], $moduleName);
}
}
}
}
// handle submit
if (\Input::post('FORM_SUBMIT') == 'om_backend_id_search' && \Input::post('option')) {
// handle post data
$arrSelected = explode('::', \Input::post('option'));
// get data
$objData = $this->Database->prepare("SELECT * FROM " . $arrSelected[1] . " WHERE id=?")->execute(\Input::post('id'));
// id exists
if ($objData->numRows) {
// redirect
\System::redirect('contao/main.php?do=' . $arrSelected[0] . '&table=' . $arrSelected[1] . '&act=edit&id=' . \Input::post('id') . '&rt=' . $_SESSION['REQUEST_TOKEN']);
} else {
// error
$this->Template->id = \Input::post('id');
$this->Template->selected = $arrSelected[1];
$this->Template->error = sprintf($GLOBALS['TL_LANG']['om_backend']['error_id_not_found'], \Input::post('id'));
}
}
// set template vars
$this->Template->button = $GLOBALS['TL_LANG']['MSC']['backBT'];
$this->Template->title = specialchars($GLOBALS['TL_LANG']['MSC']['backBT']);
$this->Template->headline = $GLOBALS['TL_LANG']['aid_training_overview']['headline'];
$this->Template->groups = $arrGroups;
}
public static function initialize()
{
if (static::$blnInitialized === false) {
static::$blnInitialized = true;
// Make sure field data is available
Haste::getInstance()->call('loadDataContainer', 'tl_iso_product');
\System::loadLanguageFile('tl_iso_product');
// Initialize request cache for product list filters
if (\Input::get('isorc') != '') {
if (static::getRequestCache()->isEmpty()) {
global $objPage;
$objPage->noSearch = 1;
} elseif (static::getRequestCache()->id != \Input::get('isorc')) {
unset($_GET['isorc']);
// Unset the language parameter
if ($GLOBALS['TL_CONFIG']['addLanguageToUrl']) {
unset($_GET['language']);
}
$strQuery = http_build_query($_GET);
\System::redirect(preg_replace('/\\?.*$/i', '', \Environment::get('request')) . ($strQuery ? '?' . $strQuery : ''));
}
}
}
}
/**
* Update the module configuration
* @author: Albert Pérez Monfort (aperezm@xtec.cat)
* @param: Configuration values
* @return: The form with needed to change the parameters
*/
public function updateConf($args) {
$friendsSystemAvailable = FormUtil::getPassedValue('friendsSystemAvailable', isset($args['friendsSystemAvailable']) ? $args['friendsSystemAvailable'] : 0, 'POST');
$groups = FormUtil::getPassedValue('groups', isset($args['groups']) ? $args['groups'] : null, 'POST');
$usersCanManageName = FormUtil::getPassedValue('usersCanManageName', isset($args['usersCanManageName']) ? $args['usersCanManageName'] : null, 'POST');
$allowUserChangeAvatar = FormUtil::getPassedValue('allowUserChangeAvatar', isset($args['allowUserChangeAvatar']) ? $args['allowUserChangeAvatar'] : 0, 'POST');
$avatarChangeValidationNeeded = FormUtil::getPassedValue('avatarChangeValidationNeeded', isset($args['avatarChangeValidationNeeded']) ? $args['avatarChangeValidationNeeded'] : 0, 'POST');
$usersPictureFolder = FormUtil::getPassedValue('usersPictureFolder', isset($args['usersPictureFolder']) ? $args['usersPictureFolder'] : null, 'POST');
$allowUserSetTheirSex = FormUtil::getPassedValue('allowUserSetTheirSex', isset($args['allowUserSetTheirSex']) ? $args['allowUserSetTheirSex'] : 0, 'POST');
$allowUserDescribeTheirSelves = FormUtil::getPassedValue('allowUserDescribeTheirSelves', isset($args['allowUserDescribeTheirSelves']) ? $args['allowUserDescribeTheirSelves'] : 0, 'POST');
// Security check
if (!SecurityUtil::checkPermission('IWusers::', "::", ACCESS_ADMIN)) {
throw new Zikula_Exception_Forbidden();
}
$this->checkCsrfToken();
$groupsString = '$';
foreach ($groups as $group) {
$groupsString .= '$' . $group . '$';
}
$this->setVar('friendsSystemAvailable', $friendsSystemAvailable)
->setVar('invisibleGroupsInList', $groupsString)
->setVar('usersPictureFolder', $usersPictureFolder)
->setVar('allowUserChangeAvatar', $allowUserChangeAvatar)
->setVar('avatarChangeValidationNeeded', $avatarChangeValidationNeeded)
->setVar('usersCanManageName', $usersCanManageName)
->setVar('allowUserSetTheirSex', $allowUserSetTheirSex)
->setVar('allowUserDescribeTheirSelves', $allowUserDescribeTheirSelves);
LogUtil::registerStatus($this->__('The configuration has changed'));
return System::redirect(ModUtil::url('IWusers', 'admin', 'config'));
}
public function removeGCalendarUseVar($args) {
// Security check
$this->throwForbiddenUnless(SecurityUtil::checkPermission('IWagendas::', '::', ACCESS_READ));
$mes = FormUtil::getPassedValue('mes', isset($args['mes']) ? $args['mes'] : date("m"), 'GET');
$any = FormUtil::getPassedValue('any', isset($args['any']) ? $args['any'] : date("Y"), 'GET');
$daid = FormUtil::getPassedValue('daid', isset($args['daid']) ? $args['daid'] : 0, 'GET');
$sv = ModUtil::func('IWmain', 'user', 'genSecurityValue');
$result = ModUtil::func('IWmain', 'user', 'userDelVar', array('uid' => UserUtil::getVar('uid'),
'name' => 'sincroGCalendar',
'module' => 'IWagendas',
'sv' => $sv));
return System::redirect(ModUtil::url('IWagendas', 'user', 'main', array('mes' => $mes,
'any' => $any,
'daid' => $daid)));
}
/**
* Initialise Zikula.
*
* Carries out a number of initialisation tasks to get Zikula up and
* running.
*
* @param integer $stage Stage to load.
*
* @return boolean True initialisation successful false otherwise.
*/
public function init($stage = self::STAGE_ALL)
{
$coreInitEvent = new Zikula_Event('core.init', $this);
// store the load stages in a global so other API's can check whats loaded
$this->stage = $this->stage | $stage;
if ($stage & self::STAGE_PRE && $this->stage & ~self::STAGE_PRE) {
ModUtil::flushCache();
System::flushCache();
$this->eventManager->notify(new Zikula_Event('core.preinit', $this));
}
// Initialise and load configuration
if ($stage & self::STAGE_CONFIG) {
if (System::isLegacyMode()) {
require_once 'lib/legacy/Compat.php';
}
// error reporting
if (!System::isInstalling()) {
// this is here because it depends on the config.php loading.
$event = new Zikula_Event('setup.errorreporting', null, array('stage' => $stage));
$this->eventManager->notify($event);
}
// initialise custom event listeners from config.php settings
$coreInitEvent->setArg('stage', self::STAGE_CONFIG);
$this->eventManager->notify($coreInitEvent);
}
// Check that Zikula is installed before continuing
if (System::getVar('installed') == 0 && !System::isInstalling()) {
System::redirect(System::getBaseUrl() . 'install.php?notinstalled');
System::shutDown();
}
if ($stage & self::STAGE_DB) {
try {
$dbEvent = new Zikula_Event('core.init', $this, array('stage' => self::STAGE_DB));
$this->eventManager->notify($dbEvent);
} catch (PDOException $e) {
if (!System::isInstalling()) {
header('HTTP/1.1 503 Service Unavailable');
require_once System::getSystemErrorTemplate('dbconnectionerror.tpl');
System::shutDown();
} else {
return false;
}
}
}
if ($stage & self::STAGE_TABLES) {
// Initialise dbtables
ModUtil::dbInfoLoad('Extensions', 'Extensions');
ModUtil::initCoreVars();
ModUtil::dbInfoLoad('Settings', 'Settings');
ModUtil::dbInfoLoad('Theme', 'Theme');
ModUtil::dbInfoLoad('Users', 'Users');
ModUtil::dbInfoLoad('Groups', 'Groups');
ModUtil::dbInfoLoad('Permissions', 'Permissions');
ModUtil::dbInfoLoad('Categories', 'Categories');
if (!System::isInstalling()) {
ModUtil::registerAutoloaders();
}
$coreInitEvent->setArg('stage', self::STAGE_TABLES);
$this->eventManager->notify($coreInitEvent);
}
if ($stage & self::STAGE_SESSIONS) {
SessionUtil::requireSession();
$coreInitEvent->setArg('stage', self::STAGE_SESSIONS);
$this->eventManager->notify($coreInitEvent);
}
// Have to load in this order specifically since we cant setup the languages until we've decoded the URL if required (drak)
// start block
if ($stage & self::STAGE_LANGS) {
$lang = ZLanguage::getInstance();
}
if ($stage & self::STAGE_DECODEURLS) {
System::queryStringDecode();
$coreInitEvent->setArg('stage', self::STAGE_DECODEURLS);
$this->eventManager->notify($coreInitEvent);
}
if ($stage & self::STAGE_LANGS) {
$lang->setup();
$coreInitEvent->setArg('stage', self::STAGE_LANGS);
$this->eventManager->notify($coreInitEvent);
}
// end block
if ($stage & self::STAGE_MODS) {
// Set compression on if desired
if (System::getVar('UseCompression') == 1) {
//ob_start("ob_gzhandler");
}
ModUtil::load('SecurityCenter');
$coreInitEvent->setArg('stage', self::STAGE_MODS);
$this->eventManager->notify($coreInitEvent);
}
if ($stage & self::STAGE_THEME) {
// register default page vars
PageUtil::registerVar('title');
PageUtil::setVar('title', System::getVar('defaultpagetitle'));
PageUtil::registerVar('keywords', true);
PageUtil::registerVar('stylesheet', true);
PageUtil::registerVar('javascript', true);
PageUtil::registerVar('jsgettext', true);
PageUtil::registerVar('body', true);
PageUtil::registerVar('header', true);
PageUtil::registerVar('footer', true);
$theme = Zikula_View_Theme::getInstance();
// set some defaults
// Metadata for SEO
$this->serviceManager['zikula_view.metatags']['description'] = System::getVar('defaultmetadescription');
$this->serviceManager['zikula_view.metatags']['keywords'] = System::getVar('metakeywords');
$coreInitEvent->setArg('stage', self::STAGE_THEME);
$this->eventManager->notify($coreInitEvent);
}
// check the users status, if not 1 then log him out
if (UserUtil::isLoggedIn()) {
$userstatus = UserUtil::getVar('activated');
if ($userstatus != Users_Constant::ACTIVATED_ACTIVE) {
UserUtil::logout();
// TODO - When getting logged out this way, the existing session is destroyed and
// then a new one is created on the reentry into index.php. The message
// set by the registerStatus call below gets lost.
LogUtil::registerStatus(__('You have been logged out.'));
System::redirect(ModUtil::url('Users', 'user', 'login'));
}
}
if ($stage & self::STAGE_POST && $this->stage & ~self::STAGE_POST) {
$this->eventManager->notify(new Zikula_Event('core.postinit', $this, array('stages' => $stage)));
}
}
/**
* This is a standard function to update the configuration parameters of the
* module given the information passed back by the modification form
*/
public function updateconfig()
{
$this->throwForbiddenUnless(SecurityUtil::checkPermission('Pages::', '::', ACCESS_ADMIN), LogUtil::getErrorMsgPermission());
$this->checkCsrfToken();
// Update module variables
$itemsperpage = (int)FormUtil::getPassedValue('itemsperpage', 25, 'POST');
if ($itemsperpage < 1) {
$itemsperpage = 25;
}
$this->setVar('itemsperpage', $itemsperpage);
$enablecategorization = (bool)FormUtil::getPassedValue('enablecategorization', false, 'POST');
$this->setVar('enablecategorization', $enablecategorization);
$def_displaywrapper = (bool)FormUtil::getPassedValue('def_displaywrapper', false, 'POST');
$this->setVar('def_displaywrapper', $def_displaywrapper);
$def_displaytitle = (bool)FormUtil::getPassedValue('def_displaytitle', false, 'POST');
$this->setVar('def_displaytitle', $def_displaytitle);
$def_displaycreated = (bool)FormUtil::getPassedValue('def_displaycreated', false, 'POST');
$this->setVar('def_displaycreated', $def_displaycreated);
$def_displayupdated = (bool)FormUtil::getPassedValue('def_displayupdated', false, 'POST');
$this->setVar('def_displayupdated', $def_displayupdated);
$def_displaytextinfo = (bool)FormUtil::getPassedValue('def_displaytextinfo', false, 'POST');
$this->setVar('def_displaytextinfo', $def_displaytextinfo);
$def_displayprint = (bool)FormUtil::getPassedValue('def_displayprint', false, 'POST');
$this->setVar('def_displayprint', $def_displayprint);
$addcategorytitletopermalink = (bool)FormUtil::getPassedValue('addcategorytitletopermalink', false, 'POST');
$this->setVar('addcategorytitletopermalink', $addcategorytitletopermalink);
$showpermalinkinput = (bool)FormUtil::getPassedValue('showpermalinkinput', false, 'POST');
$this->setVar('showpermalinkinput', $showpermalinkinput);
// the module configuration has been updated successfuly
LogUtil::registerStatus($this->__('Done! Module configuration updated.'));
return System::redirect(ModUtil::url('Pages', 'admin', 'view'));
}
/**
* download file
*
* This function downloads the files attached to messages available.
* @param integer $msg_id the ID of the message
* @param integer $file the number of the file to download
* @return file The file request
*/
public function download($args) {
// Get the parameters
$msg_id = FormUtil::getPassedValue('msg_id', isset($args['msg_id']) ? $args['msg_id'] : null, 'GET');
$file = FormUtil::getPassedValue('file', isset($args['file']) ? $args['file'] : null, 'GET');
// Security check
if (!SecurityUtil::checkPermission('IWmessages::', '::', ACCESS_OVERVIEW) ||
!UserUtil::isLoggedIn()) {
throw new Zikula_Exception_Forbidden();
}
// Needed arguments
if (!isset($file) || !isset($msg_id) || !is_numeric($msg_id) || !is_numeric($file)) {
return LogUtil::registerError($this->__('Error! Could not do what you wanted. Please check your input.'));
}
$uid = UserUtil::getVar('uid');
// The API function is called. The arguments to the function are passed in
// as their own arguments array
$item = ModUtil::apiFunc('IWmessages', 'user', 'get',
array('uid' => $uid,
'msgid' => $msg_id));
// The return value of the function is checked here, and if the function
// suceeded then an appropriate message is posted. Note that if the
// function did not succeed then the API function should have already
// posted a failure message so no action is required
if (!$item || ($item['to_userid'] != $uid && $item['from_userid'] != $uid)) {
LogUtil::registerError($this->__('Message not found'));
return System::redirect(ModUtil::url('IWmessages', 'user', 'main'));
}
switch ($file) {
case 1: $file = $item['file1'];
break;
case 2: $file = $item['file2'];
break;
case 3: $file = $item['file3'];
break;
}
//Create the name of the file to search in the server
$fileNameInServer = md5($file . $item['from_userid']);
$fileNameInServer = ModUtil::getVar('IWmessages', 'uploadFolder') . '/' . $fileNameInServer;
$sv = ModUtil::func('IWmain', 'user', 'genSecurityValue');
return ModUtil::func('IWmain', 'user', 'downloadFile', array('fileName' => $file,
'fileNameInServer' => $fileNameInServer,
'sv' => $sv));
}
function update_company()
{
// Confirm the forms authorisation key
$this->checkCsrfToken();
$ot = FormUtil::getPassedValue('ot', 'address', 'GETPOST');
$id = (int) FormUtil::getPassedValue('id', 0, 'GETPOST');
$oldvalue = (int) FormUtil::getPassedValue('oldvalue', 0, 'GETPOST');
$startnum = FormUtil::getPassedValue('startnum', 1, 'GET');
$letter = FormUtil::getPassedValue('letter', 0);
$sort = FormUtil::getPassedValue('sort', ModUtil::getVar('AddressBook', 'addressbooktype') == 1 ? 'sortname ASC' : 'sortcompany ASC');
$search = FormUtil::getPassedValue('search', 0);
$category = FormUtil::getPassedValue('category', 0);
$private = FormUtil::getPassedValue('private', 0);
$url = ModUtil::url('AddressBook', 'user', 'view', array('ot' => $ot, 'startnum' => $startnum, 'letter' => $letter, 'sort' => $sort, 'search' => $search, 'category' => $category, 'private' => $private));
$object = new AddressBook_DBObject_Address();
$data = $object->get($id);
// security check
// Get user id
if (UserUtil::isLoggedIn()) {
$user_id = UserUtil::getVar('uid');
} else {
$user_id = 0;
}
if (!(SecurityUtil::checkPermission('AddressBook::', '::', ACCESS_EDIT) || $user_id == $data['user_id'])) {
return LogUtil::registerPermissionError();
}
$obj = array('company' => $data['company'], 'address1' => $data['address1'], 'address2' => $data['address2'], 'zip' => $data['zip'], 'city' => $data['city'], 'state' => $data['state'], 'country' => $data['country']);
$res = DBUtil::updateObject($obj, 'addressbook_address', '', 'company');
if (!$res) {
LogUtil::registerError($this->__('Error! Company update failed.'));
return System::redirect($url);
}
// clear respective cache
ModUtil::apiFunc('AddressBook', 'user', 'clearItemCache', $data);
LogUtil::registerStatus($this->__('Done! Company update successful.'));
return System::redirect($url);
}
/**
* Perform the search.
*
* @param string $args['g'] query string to search
* @param bool $args['firstPage'] is this first search attempt? is so - basic search is performed
* @param string $args['searchtype'] (optional) search type (default='AND')
* @param string $args['searchorder'] (optional) search order (default='newest')
* @param int $args['numlimit'] (optional) number of items to return (default value based on Search settings, -1 for no limit)
* @param int $args['page'] (optional) page number (default=1)
* @param array $args['active'] (optional) array of search plugins to search (if empty all plugins are used)
* @param array $args['modvar'] (optional) array with extrainfo for search plugins
*
* @return array array of items array and result count, or false on failure
*/
public function search($args)
{
// query string and firstPage params are required
if (!isset($args['q']) || empty($args['q']) || !isset($args['firstPage'])) {
return LogUtil::registerArgsError();
}
$vars = array();
$vars['q'] = $args['q'];
$vars['searchtype'] = isset($args['searchtype']) && !empty($args['searchtype']) ? $args['searchtype'] : 'AND';
$vars['searchorder'] = isset($args['searchorder']) && !empty($args['searchorder']) ? $args['searchorder'] : 'newest';
$vars['numlimit'] = isset($args['numlimit']) && !empty($args['numlimit']) ? $args['numlimit'] : $this->getVar('itemsperpage', 25);
$vars['page'] = isset($args['page']) && !empty($args['page']) ? (int)$args['page'] : 1;
$firstPage = isset($args['firstPage']) ? $args['firstPage'] : false;
$active = isset($args['active']) && is_array($args['active']) && !empty($args['active']) ? $args['active'] : array();
$modvar = isset($args['modvar']) && is_array($args['modvar']) && !empty($args['modvar']) ? $args['modvar'] : array();
// work out row index from page number
$vars['startnum'] = $vars['numlimit'] > 0 ? (($vars['page'] - 1) * $vars['numlimit']) + 1 : 1;
// Load database stuff
ModUtil::dbInfoLoad('Search');
$dbtable = DBUtil::getTables();
$userId = (int)UserUtil::getVar('uid');
$searchTable = $dbtable['search_result'];
$searchColumn = $dbtable['search_result_column'];
// Create restriction on result table (so user only sees own results)
$userResultWhere = "$searchColumn[session] = '" . session_id() . "'";
// Do all the heavy database stuff on the first page only
if ($firstPage) {
// Clear current search result for current user - before showing the first page
// Clear also older searches from other users.
$dbDriverName = strtolower(Doctrine_Manager::getInstance()->getCurrentConnection()->getDriverName());
$where = $userResultWhere;
if ($dbDriverName == 'pgsql') {
$where .= " OR $searchColumn[found] + INTERVAL '8 HOUR' < NOW()";
} else {
$where .= " OR DATE_ADD($searchColumn[found], INTERVAL 8 HOUR) < NOW()";
}
DBUtil::deleteWhere('search_result', $where);
// get all the search plugins
$search_modules = ModUtil::apiFunc('Search', 'user', 'getallplugins');
// Ask active modules to find their items and put them into $searchTable for the current user
// At the same time convert modules list from numeric index to modname index
$searchModulesByName = array();
foreach ($search_modules as $mod) {
// check we've a valid search plugin
if (isset($mod['functions']) && (empty($active) || isset($active[$mod['title']]))) {
foreach ($mod['functions'] as $contenttype => $function) {
if (isset($modvar[$mod['title']])) {
$param = array_merge($vars, $modvar[$mod['title']]);
} else {
$param = $vars;
}
$searchModulesByName[$mod['name']] = $mod;
$ok = ModUtil::apiFunc($mod['title'], 'search', $function, $param);
if (!$ok) {
LogUtil::registerError($this->__f('Error! \'%1$s\' module returned false in search function \'%2$s\'.', array($mod['title'], $function)));
return System::redirect(ModUtil::url('Search', 'user', 'main'));
}
}
}
}
// Count number of found results
$resultCount = DBUtil::selectObjectCount('search_result', $userResultWhere);
SessionUtil::setVar('searchResultCount', $resultCount);
SessionUtil::setVar('searchModulesByName', $searchModulesByName);
} else {
$resultCount = SessionUtil::getVar('searchResultCount');
$searchModulesByName = SessionUtil::getVar('searchModulesByName');
}
// Fetch search result - do sorting and paging in database
// Figure out what to sort by
switch ($args['searchorder']) {
case 'alphabetical':
$sort = 'title';
break;
case 'oldest':
$sort = 'created';
break;
case 'newest':
$sort = 'created DESC';
break;
default:
$sort = 'title';
break;
}
// Get next N results from the current user's result set
// The "checker" object is used to:
// 1) do secondary access control (deprecated more or less)
// 2) let the modules add "url" to the found (and viewed) items
$checker = new search_result_checker($searchModulesByName);
$sqlResult = DBUtil::selectObjectArrayFilter('search_result', $userResultWhere, $sort,
$vars['startnum'] - 1, $vars['numlimit'], '',
$checker, null);
// add displayname of modules found
$cnt = count($sqlResult);
for ($i = 0; $i < $cnt; $i++) {
$modinfo = ModUtil::getInfoFromName($sqlResult[$i]['module']);
$sqlResult[$i]['displayname'] = $modinfo['displayname'];
}
$result = array(
'resultCount' => $resultCount,
'sqlResult' => $sqlResult
);
return $result;
}
/**
* Change position or id_parent of an item
* @author: Albert Pï¿œrez Monfort (aperezm@xtec.cat)
* @param: Array with the identity of the item and his parent
* @return: Redirect user to admin main page
*/
public function movelevel($args) {
// Get parameters from whatever input we need
$confirmation = FormUtil::getPassedValue('confirmation', isset($args['confirmation']) ? $args['confirmation'] : null, 'POST');
$mid = FormUtil::getPassedValue('mid', isset($args['mid']) ? $args['mid'] : null, 'REQUEST');
$upmid = FormUtil::getPassedValue('upmid', isset($args['upmid']) ? $args['upmid'] : null, 'POST');
if (!SecurityUtil::checkPermission('IWmenu::', '::', ACCESS_ADMIN)) {
throw new Zikula_Exception_Forbidden();
}
// Get item information
$registre = ModUtil::apiFunc('IWmenu', 'admin', 'get', array('mid' => $mid));
if (!$registre) {
return LogUtil::registerError($this->__('Menu option not found'));
}
$text = unserialize($registre['text']);
// Ask confirmation to change the level
if (empty($confirmation)) {
//Agafem els nemï¿œs que tenen per id_parent el mateix que el registre que es vol pujar
$records = ModUtil::apiFunc('IWmenu', 'admin', 'getall', array('id_parent' => '-1'));
// get all the submenus from the menu
$submenusId = ModUtil::func('IWmenu', 'admin', 'getsubmenusIds', array('mid' => $mid));
// add the root in the records array
$records_array[] = array('mid' => 0,
'text' => $this->__('Root'));
// get current lang code
$currentLang = ZLanguage::getLanguageCode();
foreach ($records as $record) {
if (!in_array($record['mid'], $submenusId)) {
$textArray = unserialize($record['text']);
$records_array[] = array('mid' => $record['mid'],
'text' => $textArray[$currentLang]);
}
}
return $this->view->assign('registres', $records_array)
->assign('text', $text[$currentLang])
->assign('mid', $mid)
->fetch('IWmenu_admin_movelevel.htm');
}
// User has confirmed the action
// Confirm authorisation code
$this->checkCsrfToken();
// Up the item level
if (ModUtil::apiFunc('IWmenu', 'admin', 'move_level', array('mid' => $mid,
'id_parent' => $upmid))) {
// Update successful
LogUtil::registerStatus($this->__('The option has been moved to the parent level'));
// Reset the users menus for all users
$sv = ModUtil::func('IWmain', 'user', 'genSecurityValue');
ModUtil::func('IWmain', 'user', 'usersVarsDelModule', array('module' => 'IWmenu',
'name' => 'userMenu',
'sv' => $sv));
}
// Redirect user to admin main page
return System::redirect(ModUtil::url('IWmenu', 'admin', 'main'));
}
/**
* Update the module configuration
* @author: Albert Pérez Monfort (aperezm@xtec.cat)
* @return: True if success or false in other case
*/
public function updateconfig($args) {
$check = ModUtil::func('Files', 'user', 'checkingModule');
if ($check['status'] != 'ok') {
$this->view->assign('check', $check);
return $this->view->fetch('Files_user_failedConf.tpl');
}
$folderPath = $check['folderPath'];
// Get parameters from whatever input we need.
$showHideFiles = FormUtil::getPassedValue('showHideFiles', isset($args['showHideFiles']) ? $args['showHideFiles'] : 0, 'POST');
$usersFolder = FormUtil::getPassedValue('usersFolder', isset($args['usersFolder']) ? $args['usersFolder'] : null, 'POST');
$allowedExtensions = FormUtil::getPassedValue('allowedExtensions', isset($args['allowedExtensions']) ? $args['allowedExtensions'] : null, 'POST');
$defaultQuota = FormUtil::getPassedValue('defaultQuota', isset($args['defaultQuota']) ? $args['defaultQuota'] : null, 'POST');
$filesMaxSize = FormUtil::getPassedValue('filesMaxSize', isset($args['filesMaxSize']) ? $args['filesMaxSize'] : null, 'POST');
$maxWidth = FormUtil::getPassedValue('maxWidth', isset($args['maxWidth']) ? $args['maxWidth'] : null, 'POST');
$maxHeight = FormUtil::getPassedValue('maxHeight', isset($args['maxHeight']) ? $args['maxHeight'] : null, 'POST');
$editableExtensions = FormUtil::getPassedValue('editableExtensions', isset($args['editableExtensions']) ? $args['editableExtensions'] : null, 'POST');
$defaultPublic = FormUtil::getPassedValue('defaultPublic', $args['defaultPublic']==1 ? $args['defaultPublic'] : 0, 'POST');
$scribite_v4 = FormUtil::getPassedValue('scribite_v4', $args['scribite_v4']== true ? true : false, 'POST');
$scribite_v5 = FormUtil::getPassedValue('scribite_v5', $args['scribite_v5']== true ? true : false, 'POST');
$scribite_v4_name = FormUtil::getPassedValue('scribite_v4_name', isset($args['scribite_v4_name']) ? $args['scribite_v4_name'] : '', 'POST');
$scribite_v5_name = FormUtil::getPassedValue('scribite_v5_name', isset($args['scribite_v5_name']) ? $args['scribite_v5_name'] : '', 'POST');
// Security check
if (!SecurityUtil::checkPermission('Files::', '::', ACCESS_ADMIN)) {
return LogUtil::registerPermissionError();
}
// Confirm authorisation code
$this->checkCsrfToken();
$moduleVars = array('showHideFiles' => $showHideFiles,
'allowedExtensions' => $allowedExtensions,
'defaultQuota' => $defaultQuota,
'filesMaxSize' => $filesMaxSize,
'maxWidth' => $maxWidth,
'maxHeight' => $maxHeight,
'editableExtensions' => $editableExtensions,
'defaultPublic' => $defaultPublic,
'scribite_v4' => $scribite_v4,
'scribite_v5' => $scribite_v5,
'scribite_v4_name' => $scribite_v4_name,
'scribite_v5_name' => $scribite_v5_name);
if ($usersFolder == '' || $usersFolder == null) {
LogUtil::registerError($this->__("Users folder can't be empty"));
return System::redirect(ModUtil::url('Files', 'admin', 'main'));
}
$usersFolder = (substr($usersFolder, -1) == '/') ? substr($usersFolder, 0, strlen($usersFolder) - 1) : $usersFolder;
$usersFolder = (substr($usersFolder, 0, 1) == '/') ? substr($usersFolder, 1, strlen($usersFolder)) : $usersFolder;
$moduleVars['usersFolder'] = $usersFolder;
ModUtil::setVars('Files', $moduleVars);
LogUtil::registerStatus($this->__('The configuration has been updated'));
// This function generated no output, and so now it is complete we redirect
// the user to an appropriate page for them to carry on their work
return System::redirect(ModUtil::url('Files', 'admin', 'main'));
}
/**
* Create a comment for a specific item
*
* This is a standard function that is called with the results of the
* form supplied by EZComments_user_view to create a new item
*
* @param $comment the comment (taken from HTTP put)
* @param $mod the name of the module the comment is for (taken from HTTP put)
* @param $objectid ID of the item the comment is for (taken from HTTP put)
* @param $redirect URL to return to (taken from HTTP put)
* @param $subject The subject of the comment (if any) (taken from HTTP put)
* @param $replyto The ID of the comment for which this an anser to (taken from HTTP put)
* @since 0.1
*/
public function create($args)
{
$mod = isset($args['mod']) ? $args['mod'] : FormUtil::getPassedValue('mod', null, 'POST');
$objectid = isset($args['objectid']) ? $args['objectid'] : FormUtil::getPassedValue('objectid', null, 'POST');
$areaid = isset($args['areaid']) ? $args['areaid'] : FormUtil::getPassedValue('areaid', null, 'POST');
$comment = isset($args['comment']) ? $args['comment'] : FormUtil::getPassedValue('comment', null, 'POST');
$subject = isset($args['subject']) ? $args['subject'] : FormUtil::getPassedValue('subject', null, 'POST');
$replyto = isset($args['replyto']) ? $args['replyto'] : FormUtil::getPassedValue('replyto', null, 'POST');
$owneruid = isset($args['owneruid']) ? $args['owneruid'] : FormUtil::getPassedValue('owneruid', null, 'POST');
$redirect = isset($args['redirect']) ? $args['redirect'] : FormUtil::getPassedValue('redirect', null, 'POST');
$useurl = isset($args['useurl']) ? $args['useurl'] : FormUtil::getPassedValue('useurl', null, 'POST');
// check if the user logged in and if we're allowing anon users to
// set a name and email address
if (!UserUtil::isLoggedIn()) {
$anonname = isset($args['anonname']) ? $args['anonname'] : FormUtil::getPassedValue('anonname', null, 'POST');
$anonmail = isset($args['anonmail']) ? $args['anonmail'] : FormUtil::getPassedValue('anonmail', null, 'POST');
$anonwebsite = isset($args['anonwebsite']) ? $args['anonwebsite'] : FormUtil::getPassedValue('anonwebsite', null, 'POST');
} else {
$anonname = '';
$anonmail = '';
$anonwebsite = '';
}
if (!isset($owneruid) || !($owneruid > 1)) {
$owneruid = 0;
}
$redirect = str_replace('&', '&', base64_decode($redirect));
$redirect = !empty($redirect) ? $redirect : System::serverGetVar('HTTP_REFERER');
$useurl = base64_decode($useurl);
// save the submitted data if any error occurs
$ezcomment = unserialize(SessionUtil::getVar('ezcomment', 'a:0:{}'));
if (isset($ezcomment[$mod][$objectid])) {
unset($ezcomment[$mod][$objectid]);
}
if (!empty($subject)) {
$ezcomment[$mod][$objectid]['subject'] = $subject;
}
if (!empty($comment)) {
$ezcomment[$mod][$objectid]['comment'] = $comment;
}
if (!empty($anonname)) {
$ezcomment[$mod][$objectid]['anonname'] = $anonname;
}
if (!empty($anonmail)) {
$ezcomment[$mod][$objectid]['anonmail'] = $anonmail;
}
if (!empty($anonwebsite)) {
$ezcomment[$mod][$objectid]['anonwebsite'] = $anonwebsite;
}
// Confirm authorisation code
// check csrf token
SessionUtil::setVar('ezcomment', serialize($ezcomment));
$this->checkCsrfToken();
SessionUtil::delVar('ezcomment');
// and check we've actually got a comment....
if (empty($comment)) {
SessionUtil::setVar('ezcomment', serialize($ezcomment));
return LogUtil::registerError($this->__('Error! The comment contains no text.'), null, $redirect . "#commentform_{$mod}_{$objectid}");
}
// Check hooked modules for validation
$hookvalidators = $this->notifyHooks(new Zikula_ValidationHook('ezcomments.ui_hooks.comments.validate_edit', new Zikula_Hook_ValidationProviders()))->getValidators();
if ($hookvalidators->hasErrors()) {
SessionUtil::setVar('ezcomment', serialize($ezcomment));
return LogUtil::registerError($this->__('Error! The hooked content does not validate. Could it possibly be that a captcha code was entered incorrectly?'), null, $redirect . "#commentform_{$mod}_{$objectid}");
}
// now parse out the hostname+subfolder from the url for storing in the DB
$url = str_replace(System::getBaseUri(), '', $useurl);
$id = ModUtil::apiFunc('EZComments', 'user', 'create', array('mod' => $mod, 'objectid' => $objectid, 'areaid' => $areaid, 'url' => $url, 'comment' => $comment, 'subject' => $subject, 'replyto' => $replyto, 'uid' => UserUtil::getVar('uid'), 'owneruid' => $owneruid, 'useurl' => $useurl, 'redirect' => $redirect, 'anonname' => $anonname, 'anonmail' => $anonmail, 'anonwebsite' => $anonwebsite));
if ($id) {
// clear respective cache
ModUtil::apiFunc('EZComments', 'user', 'clearItemCache', array('id' => $id, 'modname' => $mod, 'objectid' => $objectid, 'url' => $url));
} else {
// redirect if it was not successful
SessionUtil::setVar('ezcomment', $ezcomment);
System::redirect($redirect . "#commentform_{$mod}_{$objectid}");
}
// clean/set the session data
if (isset($ezcomment[$mod][$objectid])) {
unset($ezcomment[$mod][$objectid]);
if (empty($ezcomment[$mod])) {
unset($ezcomment[$mod]);
}
}
if (empty($ezcomment)) {
SessionUtil::delVar('ezcomment');
} else {
SessionUtil::setVar('ezcomment', serialize($ezcomment));
}
return System::redirect($redirect . '#comment' . $id);
}
/**
* Decode the path string into a set of variable/value pairs.
*
* This API works in conjunction with the new short urls
* system to extract a path based variable set into the Get, Post
* and request superglobals.
* A sample path is /modname/function/var1:value1.
*
* @return void
*/
public static function queryStringDecode()
{
if (self::isInstalling()) {
return;
}
// get our base parameters to work out if we need to decode the url
$module = FormUtil::getPassedValue('module', null, 'GETPOST', FILTER_SANITIZE_STRING);
$func = FormUtil::getPassedValue('func', null, 'GETPOST', FILTER_SANITIZE_STRING);
$type = FormUtil::getPassedValue('type', null, 'GETPOST', FILTER_SANITIZE_STRING);
// check if we need to decode the url
if (self::getVar('shorturls') && (empty($module) && empty($type) && empty($func))) {
// user language is not set at this stage
$lang = System::getVar('language_i18n', '');
$customentrypoint = self::getVar('entrypoint');
$expectEntrypoint = !self::getVar('shorturlsstripentrypoint');
$root = empty($customentrypoint) ? 'index.php' : $customentrypoint;
// check if we hit baseurl, e.g. domain.com/ and if we require the language URL
// then we should redirect to the language URL.
if (ZLanguage::isRequiredLangParam() && self::getCurrentUrl() == self::getBaseUrl()) {
$uri = $expectEntrypoint ? "{$root}/{$lang}" : "{$lang}";
self::redirect(self::getBaseUrl() . $uri);
self::shutDown();
}
// check if entry point is part of the URL expectation. If so throw error if it's not present
// since this URL is technically invalid.
if ($expectEntrypoint && strpos(self::getCurrentUrl(), self::getBaseUrl() . $root) !== 0) {
$protocol = System::serverGetVar('SERVER_PROTOCOL');
header("{$protocol} 404 Not Found");
echo __('The requested URL cannot be found');
system::shutDown();
}
if (!$expectEntrypoint && self::getCurrentUrl() == self::getBaseUrl() . $root) {
self::redirect(self::getHomepageUrl());
self::shutDown();
}
if (!$expectEntrypoint && strpos(self::getCurrentUrl(), self::getBaseUrl() . $root) === 0) {
$protocol = System::serverGetVar('SERVER_PROTOCOL');
header("{$protocol} 404 Not Found");
echo __('The requested URL cannot be found');
system::shutDown();
}
// get base path to work out our current url
$parsedURL = parse_url(self::getCurrentUri());
// strip any unwanted content from the provided URL
$tobestripped = array(self::getBaseUri(), "{$root}");
$path = str_replace($tobestripped, '', $parsedURL['path']);
$path = trim($path, '/');
// split the path into a set of argument strings
$args = explode('/', rtrim($path, '/'));
// ensure that each argument is properly decoded
foreach ($args as $k => $v) {
$args[$k] = urldecode($v);
}
$modinfo = null;
$frontController = $expectEntrypoint ? "{$root}/" : '';
// if no arguments present
if (!$args[0] && !isset($_GET['lang']) && !isset($_GET['theme'])) {
// we are in the homepage, checks if language code is forced
if (ZLanguage::getLangUrlRule() && $lang) {
// and redirect then
System::redirect(self::getCurrentUrl() . "/{$lang}");
System::shutDown();
}
} else {
// check the existing shortURL parameters
// validation of the first parameter as language code
if (ZLanguage::isLangParam($args[0]) && in_array($args[0], ZLanguage::getInstalledLanguages())) {
// checks if the language is not enforced and this url is passing the default lang
if (!ZLanguage::getLangUrlRule() && $lang == $args[0]) {
// redirects the passed arguments without the default site language
array_shift($args);
foreach ($args as $k => $v) {
$args[$k] = urlencode($v);
}
System::redirect(self::getBaseUrl() . $frontController . ($args ? implode('/', $args) : ''));
System::shutDown();
}
self::queryStringSetVar('lang', $args[0]);
array_shift($args);
} elseif (ZLanguage::getLangUrlRule()) {
// if the lang is forced, redirects the passed arguments plus the lang
foreach ($args as $k => $v) {
$args[$k] = urlencode($v);
}
$langTheme = isset($_GET['theme']) ? "{$lang}/{$_GET['theme']}" : $lang;
System::redirect(self::getBaseUrl() . $frontController . $langTheme . '/' . implode('/', $args));
System::shutDown();
}
// check if there are remaining arguments
if ($args) {
// try the first argument as a module
$modinfo = ModUtil::getInfoFromName($args[0]);
if ($modinfo) {
array_shift($args);
}
}
// if that fails maybe it's a theme
if ($args && !$modinfo) {
$themeinfo = ThemeUtil::getInfo(ThemeUtil::getIDFromName($args[0]));
if ($themeinfo) {
self::queryStringSetVar('theme', $themeinfo['name']);
// now shift the vars and continue as before
array_shift($args);
if ($args) {
$modinfo = ModUtil::getInfoFromName($args[0]);
if ($modinfo) {
array_shift($args);
}
}
}
}
// if there are parameters (not homepage)
// try to see if there's a default shortURLs module
if ($args && !$modinfo) {
// add the default module handler into the code
$modinfo = ModUtil::getInfoFromName(self::getVar('shorturlsdefaultmodule'));
}
}
// check if there is a module and a custom url handler for it
// if not decode the url using the default handler
if ($modinfo && $modinfo['type'] != 0) {
// prepare the arguments to the module handler
array_unshift($args, '');
// support for 1.2- empty parameter due the initial explode
array_unshift($args, $modinfo['url']);
// set the REQUEST parameters
self::queryStringSetVar('module', $modinfo['name']);
// the user.function name can be the second argument string, set a default
// later the custom module handler (if exists) must setup a new one if needed
self::queryStringSetVar('type', 'user');
if (isset($args[2])) {
self::queryStringSetVar('func', $args[2]);
} else {
self::queryStringSetVar('func', 'main');
}
if (!ModUtil::apiFunc($modinfo['name'], 'user', 'decodeurl', array('vars' => $args))) {
// any remaining arguments are specific to the module
$argscount = count($args);
for ($i = 3; $i < $argscount; $i = $i + 2) {
if (isset($args[$i]) && isset($args[$i + 1])) {
self::queryStringSetVar($args[$i], urldecode($args[$i + 1]));
}
}
}
}
}
}
/**
* This function processes the results of the test form
* @author Francesc Bassas i Bullich
* @param string args['toname'] name to the recipient
* @param string args['toaddress'] the address of the recipient
* @param string args['subject'] message subject
* @param string args['body'] message body
* @param int args['html'] HTML flag
* @return bool true if successful, false otherwise
*/
public function sendmessage($args) {
// security check
if (!SecurityUtil::checkPermission('SiriusXtecMailer::', '::', ACCESS_ADMIN)) {
return LogUtil::registerPermissionError();
}
$toaddress = (string) FormUtil::getPassedValue('toaddress', isset($args['toaddress']) ? $args['toaddress'] : null, 'POST');
$subject = (string) FormUtil::getPassedValue('subject', isset($args['subject']) ? $args['subject'] : null, 'POST');
$body = (string) FormUtil::getPassedValue('body', isset($args['body']) ? $args['body'] : null, 'POST');
$html = (bool) FormUtil::getPassedValue('html', isset($args['html']) ? $args['html'] : false, 'POST');
// Confirm authorisation code
$this->checkCsrfToken();
$result = ModUtil::apiFunc('Mailer', 'user', 'sendmessage', array('toaddress' => $toaddress,
'subject' => $subject,
'body' => $body,
'html' => $html));
// check our result and return the correct error code
if ($result === true) {
// Success
LogUtil::registerStatus(__('Done! Message sent.'));
} elseif ($result === false) {
// Failure
LogUtil::registerError(__f('Error! Could not send message. %s', ''));
} else {
// Failure with error
LogUtil::registerError(__f('Error! Could not send message. %s', $result));
}
// This function generated no output, and so now it is complete we redirect
// the user to an appropriate page for them to carry on their work
return System::redirect(ModUtil::url('SiriusXtecMailer', 'admin', 'main'));
}
/**
* create the fields necessary for synchronization
* @author: Albert Pérez Monfort (aperezm@xtec.cat)
* @param: id of the note, id of the form and ids of the needed fields
* @return: True if success and false otherwise
*/
public function fieldsToDelete($args) {
$fid = (isset($args['fid'])) ? $args['fid'] : null;
$fmid = (isset($args['fmid'])) ? $args['fmid'] : null;
// Security check
if (!SecurityUtil::checkPermission('IWforms::', "::", ACCESS_READ)) {
throw new Zikula_Exception_Forbidden();
}
//check user access to this form
$access = ModUtil::func('IWforms', 'user', 'access', array('fid' => $fid));
if ($access['level'] < 7) {
LogUtil::registerError($this->__('You can not access this form to view the annotations'));
// Redirect to the main site for the user
return System::redirect(ModUtil::url('IWforms', 'user', 'main'));
}
$noteContent = ModUtil::apiFunc('IWforms', 'user', 'getAllNoteContents', array('fid' => $fid,
'fmid' => $fmid));
if (!$noteContent) {
LogUtil::registerError($this->__('Note content not found'));
return System::redirect(ModUtil::url('IWforms', 'user', 'manage', array('fid' => $fid,
'order' => $order,
'ipp' => $ipp,
'init' => $init,
'filterValue' => $filterValue,
'filter' => $filter)));
}
$fieldsIdsNoteArray = array();
foreach ($noteContent as $noteContentId) {
$fieldsIdsNoteArray[] = $noteContentId['fndid'];
}
//get form fields
$fields = ModUtil::apiFunc('IWforms', 'user', 'getAllFormFields', array('fid' => $fid,
'whereArray' => 'active|1'));
if (!$fields) {
LogUtil::registerError($this->__('Note fields not found'));
return System::redirect(ModUtil::url('IWforms', 'user', 'manage', array('fid' => $fid,
'order' => $order,
'ipp' => $ipp,
'init' => $init,
'filterValue' => $filterValue,
'filter' => $filter)));
}
foreach ($fields as $field) {
if ($field['fieldType'] < 10) {
$fieldsIdsArray[] = $field['fndid'];
}
}
// get the fields that must be deleted
$toDelete = array_diff($fieldsIdsNoteArray, $fieldsIdsArray);
$pntable = DBUtil::getTables();
$c = $pntable['IWforms_note_column'];
foreach ($toDelete as $delete) {
$where = "$c[fmid]=$fmid AND $c[fndid]=$delete";
if (!DBUTil::deleteWhere('IWforms_note', $where)) {
return LogUtil::registerError($this->__('Error! delete attempt failed during field synchronization.'));
}
}
return false;
}
include $phpbb_root_path . 'extension.inc';
include $phpbb_root_path . 'common.' . $phpEx;
include $phpbb_root_path . 'includes/functions_post.' . $phpEx;
$topic = isset($_POST['topic']) ? $_POST['topic'] : $_GET['topic'];
$friendname = $_POST['friendname'];
$message = $_POST['message'];
// Begin PNphpBB2 Module
$link = System::getBaseUrl() . append_sid("viewtopic") . "&" . $_GET['link'];
// End PNphpBB2 Module
$PHP_SELF = $_SERVER['PHP_SELF'];
$userdata = session_pagestart($user_ip, PAGE_INDEX);
init_userprefs($userdata);
if (!$userdata['session_logged_in']) {
// ZphpBB2 - use Zikula login and redirect
//redirect(append_sid("login.$phpEx?redirect=tellafriend.$phpEx&topic=$topic_title&link=" . POST_TOPIC_URL . "=$topic_id", true));
System::redirect(ModUtil::url('Users', 'user', 'login', array('returnpage' => urlencode(System::getCurrentUri()))));
// <= ZphpBB2
}
$mail_body = str_replace("{TOPIC}", trim(stripslashes($topic)), $lang['Tell_Friend_Body']);
$mail_body = str_replace("{LINK}", $link, $mail_body);
$mail_body = str_replace("{SITENAME}", $board_config['sitename'], $mail_body);
$template->assign_vars(array('L_TELL_FRIEND_TITLE' => $lang['Tell_Friend_Title'], 'L_TELL_FRIEND_EMAIL_MESSAGE' => $lang['Tell_Friend_Email_Message'], 'L_TELL_FRIEND_SENDER_USER' => $lang['Tell_Friend'], 'L_TELL_FRIEND_SENDER_USER' => $lang['Tell_Friend_Sender_User'], 'L_TELL_FRIEND_SENDER_EMAIL' => $lang['Tell_Friend_Sender_Email'], 'L_TELL_FRIEND_RECIEVER_USER' => $lang['Tell_Friend_Reciever_User'], 'L_TELL_FRIEND_RECIEVER_EMAIL' => $lang['Tell_Friend_Reciever_Email'], 'L_TELL_FRIEND_MSG' => $lang['Tell_Friend_Msg'], 'L_TELL_FRIEND_BODY' => $mail_body, 'SUBMIT_ACTION' => append_sid("tellafriend"), 'L_SUBMIT' => $lang['Send_email'], 'SITENAME' => $board_config['sitename'], 'TOPIC' => trim(stripslashes($topic)), 'LINK' => $link, 'SENDER_NAME' => DataUtil::formatForDisplay($userdata['username']), 'SENDER_MAIL' => $userdata['user_email']));
if (isset($_POST['submit'])) {
$error = FALSE;
if (!empty($_POST['friendemail']) && strpos($_POST['friendemail'], "@") > 0) {
$friendemail = trim(stripslashes($_POST['friendemail']));
if (!$_POST['friendname']) {
$friendname = substr($friendemail, 0, strpos($_POST['friendemail'], "@"));
}
} else {
$error = TRUE;
/**
* This is a standard function to update the configuration parameters of the
* module given the information passed back by the modification form.
*
* @return boolean True.
*/
public function updateconfig()
{
$this->checkCsrfToken();
// Security check
$this->throwForbiddenUnless(SecurityUtil::checkPermission('Groups::', '::', ACCESS_ADMIN));
// Update module variables.
$itemsperpage = (int) FormUtil::getPassedValue('itemsperpage', 25, 'POST');
$this->setVar('itemsperpage', $itemsperpage);
$defaultgroupid = (int) FormUtil::getPassedValue('defaultgroupid', 1, 'POST');
// convert id to name
$group = ModUtil::apiFunc('Groups', 'user', 'get', array('gid' => $defaultgroupid));
if ($group == false) {
LogUtil::registerError($this->__('Error! Could not save the module configuration.'));
return System::redirect(ModUtil::url('Groups', 'admin', 'view'));
}
$this->setVar('defaultgroup', $group['gid']);
$mailwarning = (bool) FormUtil::getPassedValue('mailwarning', false, 'POST');
$this->setVar('mailwarning', $mailwarning);
$hideclosed = (bool) FormUtil::getPassedValue('hideclosed', false, 'POST');
$this->setVar('hideclosed', $hideclosed);
// the module configuration has been updated successfuly
LogUtil::registerStatus($this->__('Done! Saved module configuration.'));
// This function generated no output
$this->redirect(ModUtil::url('Groups', 'admin', 'view'));
}
/**
* delete an avatar or, if users use it, forward to listusers
*
*/
public function delete()
{
if (!SecurityUtil::checkPermission('Avatar::', '::', ACCESS_ADMIN)) {
return LogUtil::registerPermissionError();
}
$avatar = FormUtil::getPassedValue('avatar', '', 'GETPOST');
if (empty($avatar)) {
return System::redirect(ModUtil::url('Avatar', 'Admin', 'main'));
}
// get all users that use this avatar
$users = ModUtil::apiFunc('Avatar', 'admin', 'getusersbyavatar', array('avatar' => $avatar));
if (count($users) != 0) {
// there are users, at least one, using this avatar, redirect to listusers
return LogUtil::registerError($this->__('Warning! This avatar is in use and cannot be deleted. If you want to delete it, please change the avatars of the users listed below.'), null, ModUtil::url('Avatar', 'admin', 'listusers', array('avatar' => $avatar)));
}
// ok to delete
$submit = FormUtil::getPassedValue('submit', null, 'POST');
if ($submit) {
// delete avatar
ModUtil::apiFunc('Avatar', 'admin', 'deleteavatar', array('avatar' => $avatar));
return System::redirect(ModUtil::url('Avatar', 'admin', 'main'));
} else {
$this->view->assign('avatarpath', ModUtil::getVar('Users', 'avatarpath'));
$this->view->assign('avatar', $avatar);
return $this->view->fetch('Avatar_admin_delete.htm');
}
// we should never get here
return System::redirect(ModUtil::url('Avatar', 'Admin', 'main'));
}
public function summary() {
if (!SecurityUtil::checkPermission('IWstats::', '::', ACCESS_ADMIN)) {
//throw new Zikula_Exception_Forbidden();
}
$days = 7;
ModUtil::apiFunc('IWstats', 'admin', 'summary', array('days' => $days,
));
// Success
LogUtil::registerStatus($this->__('Summary reported'));
return System::redirect(ModUtil::url('IWstats', 'admin', 'view'));
}
