/** * Method to get a list of options for a list input. * * @return array An array of JHtml options. */ public function getOptions() { // Get the user object. $user = JFactory::getUser(); // Create a new query object. $db = JFactory::getDBO(); $query = $db->getQuery(true); $query->select($db->quoteName(array('a.id', 'a.name'), array('id', 'testcompanies_name'))); $query->from($db->quoteName('#__costbenefitprojection_company', 'a')); $query->where($db->quoteName('a.published') . ' = 1'); if (!$user->authorise('core.options', 'com_costbenefitprojection')) { $companies = CostbenefitprojectionHelper::hisCompanies($user->id); if (CostbenefitprojectionHelper::checkArray($companies)) { $companies = implode(',', $companies); // only load this users companies $query->where('a.id IN (' . $companies . ')'); } else { // dont allow user to see any companies $query->where('a.id = -4'); } } $query->order('a.name ASC'); $db->setQuery((string) $query); $items = $db->loadObjectList(); $options = array(); if ($items) { foreach ($items as $item) { $tmp = array('value' => $item->id, 'text' => ' <strong>' . $item->testcompanies_name . '</strong>', 'checked' => false); $options[] = (object) $tmp; } } return $options; }
/** * Method to build an SQL query to load the list data. * * @return string An SQL query */ protected function getListQuery() { // Get the current user for authorisation checks $this->user = JFactory::getUser(); $this->userId = $this->user->get('id'); $this->guest = $this->user->get('guest'); $this->groups = $this->user->get('groups'); $this->authorisedGroups = $this->user->getAuthorisedGroups(); $this->levels = $this->user->getAuthorisedViewLevels(); $this->app = JFactory::getApplication(); $this->input = $this->app->input; $this->initSet = true; // Make sure all records load, since no pagination allowed. $this->setState('list.limit', 0); // Get a db connection. $db = JFactory::getDbo(); // Create a new query object. $query = $db->getQuery(true); // Filtering. $ids = (array) array_map('intval', explode('_', $this->input->get('cid', null, 'CMD'))); if (!$this->user->authorise('core.options', 'com_costbenefitprojection') && CostbenefitprojectionHelper::checkArray($ids)) { // make absolutely sure that these companies can be viewed $companies = CostbenefitprojectionHelper::hisCompanies($this->userId); foreach ($ids as $nr => $pk) { if (!CostbenefitprojectionHelper::checkArray($companies) || !in_array($pk, $companies)) { // remove if not found unset($ids[$nr]); } } } // only continue if we have ids if (!CostbenefitprojectionHelper::checkArray($ids)) { // redirect away if not a correct (TODO for now we go to default view) JError::raiseWarning(500, JText::_('No companies selected!')); $app = JFactory::getApplication(); if ($app->isAdmin()) { JFactory::getApplication()->redirect('index.php?option=com_costbenefitprojection'); } else { JFactory::getApplication()->redirect('index.php?option=com_costbenefitprojection&view=cpanel'); } } // Get from #__costbenefitprojection_company as a $query->select($db->quoteName(array('a.id', 'a.name', 'a.user', 'a.department', 'a.per', 'a.country', 'a.service_provider', 'a.datayear', 'a.working_days', 'a.total_salary', 'a.total_healthcare', 'a.productivity_losses', 'a.males', 'a.females', 'a.medical_turnovers_males', 'a.medical_turnovers_females', 'a.sick_leave_males', 'a.sick_leave_females', 'a.percentmale', 'a.percentfemale', 'a.causesrisks', 'a.published', 'a.access'), array('id', 'name', 'user', 'department', 'per', 'country', 'service_provider', 'datayear', 'working_days', 'total_salary', 'total_healthcare', 'productivity_losses', 'males', 'females', 'medical_turnovers_males', 'medical_turnovers_females', 'sick_leave_males', 'sick_leave_females', 'percentmale', 'percentfemale', 'causesrisks', 'published', 'access'))); $query->from($db->quoteName('#__costbenefitprojection_company', 'a')); // Get from #__costbenefitprojection_country as e $query->select($db->quoteName(array('e.id', 'e.name', 'e.alias', 'e.user', 'e.currency', 'e.datayear', 'e.worldzone', 'e.codethree', 'e.codetwo', 'e.working_days', 'e.presenteeism', 'e.medical_turnovers', 'e.sick_leave', 'e.healthcare', 'e.productivity_losses', 'e.publicname', 'e.publicemail', 'e.publicnumber', 'e.publicaddress', 'e.percentmale', 'e.percentfemale', 'e.causesrisks', 'e.maledeath', 'e.femaledeath', 'e.maleyld', 'e.femaleyld', 'e.access'), array('country_id', 'country_name', 'country_alias', 'country_user', 'country_currency', 'country_datayear', 'country_worldzone', 'country_codethree', 'country_codetwo', 'country_working_days', 'country_presenteeism', 'country_medical_turnovers', 'country_sick_leave', 'country_healthcare', 'country_productivity_losses', 'country_publicname', 'country_publicemail', 'country_publicnumber', 'country_publicaddress', 'country_percentmale', 'country_percentfemale', 'country_causesrisks', 'country_maledeath', 'country_femaledeath', 'country_maleyld', 'country_femaleyld', 'country_access'))); $query->join('LEFT', $db->quoteName('#__costbenefitprojection_country', 'e') . ' ON (' . $db->quoteName('a.country') . ' = ' . $db->quoteName('e.id') . ')'); // Get from #__costbenefitprojection_currency as f $query->select($db->quoteName(array('f.id', 'f.name', 'f.alias', 'f.codethree', 'f.numericcode', 'f.symbol', 'f.thousands', 'f.decimalplace', 'f.decimalsymbol', 'f.positivestyle', 'f.negativestyle', 'f.published', 'f.access', 'f.ordering'), array('currency_id', 'currency_name', 'currency_alias', 'currency_codethree', 'currency_numericcode', 'currency_symbol', 'currency_thousands', 'currency_decimalplace', 'currency_decimalsymbol', 'currency_positivestyle', 'currency_negativestyle', 'currency_published', 'currency_access', 'currency_ordering'))); $query->join('LEFT', $db->quoteName('#__costbenefitprojection_currency', 'f') . ' ON (' . $db->quoteName('e.currency') . ' = ' . $db->quoteName('f.codethree') . ')'); // Check if $ids is an array with values. $array = $ids; if (isset($array) && CostbenefitprojectionHelper::checkArray($array)) { $query->where('a.id IN (' . implode(',', $array) . ')'); } else { return false; } // return the query object return $query; }
/** * Method override to check if you can edit an existing record. * * @param array $data An array of input data. * @param string $key The name of the key for the primary key. * * @return boolean * * @since 1.6 */ protected function allowEdit($data = array(), $key = 'id') { // get user object. $user = JFactory::getUser(); // get record id. $recordId = (int) isset($data[$key]) ? $data[$key] : 0; // get company id $company = CostbenefitprojectionHelper::getId('intervention', $recordId, 'id', 'company'); if (!$user->authorise('core.options', 'com_costbenefitprojection')) { // make absolutely sure that this intervention can be edited $companies = CostbenefitprojectionHelper::hisCompanies($user->id); if (!CostbenefitprojectionHelper::checkArray($companies) || !in_array($company, $companies)) { return false; } } // now check the access by sharing if (!CostbenefitprojectionHelper::checkIntervetionAccess($recordId, null, $company)) { return false; } // Access check. $access = $user->authorise('intervention.access', 'com_costbenefitprojection.intervention.' . (int) $recordId) && $user->authorise('intervention.access', 'com_costbenefitprojection'); if (!$access) { return false; } if ($recordId) { // The record has been set. Check the record permissions. $permission = $user->authorise('intervention.edit', 'com_costbenefitprojection.intervention.' . (int) $recordId); if (!$permission && !is_null($permission)) { if ($user->authorise('intervention.edit.own', 'com_costbenefitprojection.intervention.' . $recordId)) { // Now test the owner is the user. $ownerId = (int) isset($data['created_by']) ? $data['created_by'] : 0; if (empty($ownerId)) { // Need to do a lookup from the model. $record = $this->getModel()->getItem($recordId); if (empty($record)) { return false; } $ownerId = $record->created_by; } // If the owner matches 'me' then allow. if ($ownerId == $user->id) { if ($user->authorise('intervention.edit.own', 'com_costbenefitprojection')) { return true; } } } return false; } } // Since there is no permission, revert to the component permissions. return $user->authorise('intervention.edit', $this->option); }
/** * Method to get list data. * * @return mixed An array of data items on success, false on failure. */ public function getVwhcompanies() { // Get the user object. $user = JFactory::getUser(); // Create a new query object. $db = JFactory::getDBO(); $query = $db->getQuery(true); // Select some fields $query->select('a.*'); // From the costbenefitprojection_company table $query->from($db->quoteName('#__costbenefitprojection_company', 'a')); // Filter by companies (admin sees all) if (!$user->authorise('core.options', 'com_costbenefitprojection')) { $companies = CostbenefitprojectionHelper::hisCompanies($user->id); if (CostbenefitprojectionHelper::checkArray($companies)) { $companies = implode(',', $companies); // only load this users companies $query->where('a.id IN (' . $companies . ')'); } else { // dont allow user to see any companies $query->where('a.id = -4'); } } // From the users table. $query->select($db->quoteName('g.name', 'user_name')); $query->join('LEFT', $db->quoteName('#__users', 'g') . ' ON (' . $db->quoteName('a.user') . ' = ' . $db->quoteName('g.id') . ')'); // From the costbenefitprojection_country table. $query->select($db->quoteName('h.name', 'country_name')); $query->join('LEFT', $db->quoteName('#__costbenefitprojection_country', 'h') . ' ON (' . $db->quoteName('a.country') . ' = ' . $db->quoteName('h.id') . ')'); // From the costbenefitprojection_service_provider table. $query->select($db->quoteName('i.user', 'service_provider_user')); $query->join('LEFT', $db->quoteName('#__costbenefitprojection_service_provider', 'i') . ' ON (' . $db->quoteName('a.service_provider') . ' = ' . $db->quoteName('i.id') . ')'); // Filter by countryvvwa global. $countryvvwa = $this->countryvvwa; if (is_numeric($countryvvwa)) { $query->where('a.country = ' . (int) $countryvvwa); } elseif (is_string($countryvvwa)) { $query->where('a.country = ' . $db->quote($countryvvwa)); } else { $query->where('a.country = -5'); } // Join over the asset groups. $query->select('ag.title AS access_level'); $query->join('LEFT', '#__viewlevels AS ag ON ag.id = a.access'); // Filter by access level. if ($access = $this->getState('filter.access')) { $query->where('a.access = ' . (int) $access); } // Implement View Level Access if (!$user->authorise('core.options', 'com_costbenefitprojection')) { $groups = implode(',', $user->getAuthorisedViewLevels()); $query->where('a.access IN (' . $groups . ')'); } // Order the results by ordering $query->order('a.published ASC'); $query->order('a.ordering ASC'); // Load the items $db->setQuery($query); $db->execute(); if ($db->getNumRows()) { $items = $db->loadObjectList(); // set values to display correctly. if (CostbenefitprojectionHelper::checkArray($items)) { // get user object. $user = JFactory::getUser(); foreach ($items as $nr => &$item) { $access = $user->authorise('company.access', 'com_costbenefitprojection.company.' . (int) $item->id) && $user->authorise('company.access', 'com_costbenefitprojection'); if (!$access) { unset($items[$nr]); continue; } } } // set selection value to a translatable value if (CostbenefitprojectionHelper::checkArray($items)) { foreach ($items as $nr => &$item) { // convert department $item->department = $this->selectionTranslationVwhcompanies($item->department, 'department'); // convert per $item->per = $this->selectionTranslationVwhcompanies($item->per, 'per'); } } return $items; } return false; }
/** * Method to get a list of options for a list input. * * @return array An array of JHtml options. */ public function getOptions() { // get the input from url $jinput = JFactory::getApplication()->input; // get the view name & id $interId = $jinput->getInt('id', 0); // Get the user object. $user = JFactory::getUser(); $userIs = CostbenefitprojectionHelper::userIs($user->id); $db = JFactory::getDBO(); $query = $db->getQuery(true); $query->select($db->quoteName(array('a.id', 'a.name', 'a.company', 'a.share'), array('id', 'interventions_name', 'company', 'share'))); $query->from($db->quoteName('#__costbenefitprojection_intervention', 'a')); $query->where($db->quoteName('a.published') . ' = 1'); $query->where($db->quoteName('a.id') . ' != ' . $interId); if (!$user->authorise('core.admin')) { $companies = CostbenefitprojectionHelper::hisCompanies($user->id); if (CostbenefitprojectionHelper::checkArray($companies)) { $companies = implode(',', $companies); // only load this users companies $query->where('a.company IN (' . $companies . ')'); } else { // dont allow user to see any companies $query->where('a.company = -4'); } } $query->order('a.name ASC'); $db->setQuery((string) $query); $items = $db->loadObjectList(); $options = array(); if ($items) { foreach ($items as $item) { if (!CostbenefitprojectionHelper::checkIntervetionAccess($item->id, $item->share, $item->company)) { continue; } if (1 == $userIs) { $options[] = JHtml::_('select.option', $item->id, $item->interventions_name); } else { $compName = CostbenefitprojectionHelper::getId('company', $item->company, 'id', 'name'); $options[] = JHtml::_('select.option', $item->id, $item->interventions_name . ' (' . $compName . ')'); } } } return $options; }
/** * Function that allows child controller access to model data * after the data has been saved. * * @param JModel &$model The data model object. * @param array $validData The validated data. * * @return void * * @since 11.1 */ protected function postSaveHook(JModelLegacy $model, $validData = array()) { if ($validData['id'] >= 0) { // get user object $user = JFactory::getUser(); // if id is 0 get id if (0 >= (int) $validData['id']) { // Get the created by id $created_by = isset($validData['created_by']) && $validData['created_by'] > 0 ? $validData['created_by'] : $user->id; // Get a db connection. $db = JFactory::getDbo(); // Create a new query object. $query = $db->getQuery(true); // Select id of this company $query->select($db->quoteName(array('id'))); $query->from($db->quoteName('#__costbenefitprojection_company')); $query->where($db->quoteName('name') . ' = ' . $db->quote($validData['name'])); $query->where($db->quoteName('email') . ' = ' . $db->quote($validData['email'])); $query->where($db->quoteName('country') . ' = ' . (int) $validData['country']); $query->where($db->quoteName('service_provider') . ' = ' . (int) $validData['service_provider']); $query->where($db->quoteName('created_by') . ' = ' . (int) $created_by); if (isset($validData['created'])) { $query->where($db->quoteName('created') . ' = ' . $db->quote($validData['created'])); } $db->setQuery($query); $db->execute(); if ($db->getNumRows()) { $validData['id'] = $db->loadResult(); } else { return; } } // user setup if not set if (0 >= (int) $validData['user'] && (int) $validData['id'] > 0) { $userIs = CostbenefitprojectionHelper::userIs($user->id); if (1 == $userIs) { // this is a company so just use its id $userId = $user->id; // add this user id to this company $validData['user'] = $userId; $model->save($validData); } else { // setup config array $newUser = array('name' => $validData['name'], 'email' => $validData['email']); $userId = CostbenefitprojectionHelper::createUser($newUser); if (!is_int($userId)) { $this->setMessage($userId, 'error'); } else { // add this user id to this company $validData['user'] = $userId; $model->save($validData); } } } // only continue if we have a company id if ((int) $validData['id'] > 0) { // get params $params = JComponentHelper::getParams('com_costbenefitprojection'); // get all this users companies $hisCompanies = CostbenefitprojectionHelper::hisCompanies($validData['user']); if (CostbenefitprojectionHelper::checkArray($hisCompanies)) { // set the user group based on the overall status of its companies $departments = CostbenefitprojectionHelper::getVars('company', $hisCompanies, 'id', 'department'); if (in_array(2, $departments)) { $memberGroups = $params->get('advancedmembergroup'); } else { $memberGroups = $params->get('memberbasicgroup'); } } else { // first company so act simply on this company department status if (2 == $validData['department']) { $memberGroups = $params->get('advancedmembergroup'); } else { $memberGroups = $params->get('memberbasicgroup'); } } // update the user groups JUserHelper::setUserGroups((int) $validData['user'], (array) $memberGroups); // Get a db connection. $db = JFactory::getDbo(); // Create a new query object. $query = $db->getQuery(true); // Select all records in scaling factors the belong to this company $query->select($db->quoteName(array('id', 'causerisk', 'published'))); $query->from($db->quoteName('#__costbenefitprojection_scaling_factor')); $query->where($db->quoteName('company') . ' = ' . (int) $validData['id']); $db->setQuery($query); $db->execute(); if ($db->getNumRows()) { // load the scaling factors already set $already = $db->loadObjectList(); $publish = array(); $archive = array(); $bucket = array(); foreach ($already as $scale) { if (CostbenefitprojectionHelper::checkArray($validData['causesrisks'])) { if (in_array($scale->causerisk, $validData['causesrisks']) && $scale->published != 1) { // publish the scaling factor (update) $publish[$scale->id] = $scale->id; } elseif (!in_array($scale->causerisk, $validData['causesrisks'])) { // archive the scaling factor (update) $archive[$scale->id] = $scale->id; } $bucket[] = $scale->causerisk; } else { // archive the scaling factor (update) $archive[$scale->id] = $scale->id; } } // update the needed records $types = array('publish' => 1, 'archive' => 2); foreach ($types as $type => $int) { if (CostbenefitprojectionHelper::checkArray(${$type})) { foreach (${$type} as $id) { $query = $db->getQuery(true); // Fields to update. $fields = array($db->quoteName('published') . ' = ' . (int) $int); // Conditions for which records should be updated. $conditions = array($db->quoteName('id') . ' = ' . (int) $id); $query->update($db->quoteName('#__costbenefitprojection_scaling_factor'))->set($fields)->where($conditions); $db->setQuery($query); $db->execute(); } } } } if (CostbenefitprojectionHelper::checkArray($validData['causesrisks'])) { // remove those already set from the saved list of causesrisks if (CostbenefitprojectionHelper::checkArray($bucket)) { $insert = array(); foreach ($validData['causesrisks'] as $causerisk) { if (!in_array($causerisk, $bucket)) { $insert[] = $causerisk; } } } else { $insert = $validData['causesrisks']; } } // insert the new records if (CostbenefitprojectionHelper::checkArray($insert)) { $created = $db->quote(JFactory::getDate()->toSql()); $created_by = JFactory::getUser()->get('id'); $company = $validData['id']; // Create a new query object. $query = $db->getQuery(true); // Insert columns. $columns = array('causerisk', 'company', 'mortality_scaling_factor_females', 'mortality_scaling_factor_males', 'presenteeism_scaling_factor_females', 'presenteeism_scaling_factor_males', 'yld_scaling_factor_females', 'yld_scaling_factor_males', 'published', 'created_by', 'created'); // setup the values $values = array(); foreach ($insert as $new) { $array = array($new, $company, 1, 1, 1, 1, 1, 1, 1, $created_by, $created); $values[] = implode(',', $array); } // Prepare the insert query. $query->insert($db->quoteName('#__costbenefitprojection_scaling_factor'))->columns($db->quoteName($columns))->values(implode('), (', $values)); // Set the query using our newly populated query object and execute it. $db->setQuery($query); $done = $db->execute(); if ($done) { // we must set the assets foreach ($insert as $causerisk) { // get all the ids. Create a new query object. $query = $db->getQuery(true); $query->select($db->quoteName(array('id'))); $query->from($db->quoteName('#__costbenefitprojection_scaling_factor')); $query->where($db->quoteName('causerisk') . ' = ' . (int) $causerisk); $query->where($db->quoteName('company') . ' = ' . (int) $company); $db->setQuery($query); $db->execute(); if ($db->getNumRows()) { $aId = $db->loadResult(); // make sure the access of asset is set CostbenefitprojectionHelper::setAsset($aId, 'scaling_factor'); } } } } } } return; }
/** * Batch move items to a new category * * @param integer $value The new category ID. * @param array $pks An array of row IDs. * @param array $contexts An array of item contexts. * * @return boolean True if successful, false otherwise and internal error is set. * * @since 12.2 */ protected function batchMove($values, $pks, $contexts) { if (empty($this->batchSet)) { // Set some needed variables. $this->user = JFactory::getUser(); $this->table = $this->getTable(); $this->tableClassName = get_class($this->table); $this->contentType = new JUcmType(); $this->type = $this->contentType->getTypeByTable($this->tableClassName); $this->canDo = CostbenefitprojectionHelper::getActions('scaling_factor'); } if (!$this->canDo->get('scaling_factor.edit') && !$this->canDo->get('scaling_factor.batch')) { $this->setError(JText::_('JLIB_APPLICATION_ERROR_BATCH_CANNOT_EDIT')); return false; } if (!$this->user->authorise('core.options', 'com_costbenefitprojection')) { // make absolutely sure that this scaling factor can be moved $companies = CostbenefitprojectionHelper::hisCompanies($this->user->id); if (CostbenefitprojectionHelper::checkArray($companies)) { foreach ($pks as $nr => $pk) { $company = CostbenefitprojectionHelper::getId('scaling_factor', $pk, 'id', 'company'); if (!in_array($company, $companies)) { unset($pks[$nr]); } } if (empty($pks)) { $this->setError(JText::sprintf('JLIB_APPLICATION_ERROR_BATCH_MOVE_ROW_NOT_FOUND', 0)); return false; } } else { $this->setError(JText::sprintf('JLIB_APPLICATION_ERROR_BATCH_MOVE_ROW_NOT_FOUND', 0)); return false; } } // make sure published only updates if user has the permission. if (isset($values['published']) && !$this->canDo->get('scaling_factor.edit.state')) { unset($values['published']); } // remove move_copy from array unset($values['move_copy']); // Parent exists so we proceed foreach ($pks as $pk) { if (!$this->user->authorise('scaling_factor.edit', $contexts[$pk])) { $this->setError(JText::_('JLIB_APPLICATION_ERROR_BATCH_CANNOT_EDIT')); return false; } // Check that the row actually exists if (!$this->table->load($pk)) { if ($error = $this->table->getError()) { // Fatal error $this->setError($error); return false; } else { // Not fatal error $this->setError(JText::sprintf('JLIB_APPLICATION_ERROR_BATCH_MOVE_ROW_NOT_FOUND', $pk)); continue; } } // insert all set values. if (CostbenefitprojectionHelper::checkArray($values)) { foreach ($values as $key => $value) { // Do special action for access. if ('access' == $key && strlen($value) > 0) { $this->table->{$key} = $value; } elseif (strlen($value) > 0 && isset($this->table->{$key})) { $this->table->{$key} = $value; } } } // Check the row. if (!$this->table->check()) { $this->setError($this->table->getError()); return false; } if (!empty($this->type)) { $this->createTagsHelper($this->tagsObserver, $this->type, $pk, $this->typeAlias, $this->table); } // Store the row. if (!$this->table->store()) { $this->setError($this->table->getError()); return false; } } // Clean the cache $this->cleanCache(); return true; }
/** * Method to get article data. * * @param integer $pk The id of the article. * * @return mixed Menu item data object on success, false on failure. */ public function getItem($pk = null) { $this->user = JFactory::getUser(); // check if this user has permission to access item if (!$this->user->authorise('site.companyresults.access', 'com_costbenefitprojection')) { $app = JFactory::getApplication(); $app->enqueueMessage(JText::_('Not authorised!'), 'error'); // redirect away if not a correct (TODO for now we go to default view) $app->redirect(JRoute::_('index.php?option=com_costbenefitprojection&view=cpanel')); return false; } $this->userId = $this->user->get('id'); $this->guest = $this->user->get('guest'); $this->groups = $this->user->get('groups'); $this->authorisedGroups = $this->user->getAuthorisedGroups(); $this->levels = $this->user->getAuthorisedViewLevels(); $this->initSet = true; $pk = !empty($pk) ? $pk : (int) $this->getState('companyresults.id'); if (!$this->user->authorise('core.options', 'com_costbenefitprojection')) { // make absolutely sure that this company can be viewed $companies = CostbenefitprojectionHelper::hisCompanies($this->userId); if (!CostbenefitprojectionHelper::checkArray($companies) || !in_array($pk, $companies)) { JError::raiseWarning(500, JText::_('Access denied!')); // redirect away if not a correct (TODO for now we go to default view) $app = JFactory::getApplication(); if ($app->isAdmin()) { JFactory::getApplication()->redirect('index.php?option=com_costbenefitprojection'); } else { JFactory::getApplication()->redirect('index.php?option=com_costbenefitprojection&view=cpanel'); } return false; } } if ($this->_item === null) { $this->_item = array(); } if (!isset($this->_item[$pk])) { try { // Get the advanced encription. $advancedkey = CostbenefitprojectionHelper::getCryptKey('advanced'); // Get the encription object. $advanced = new FOFEncryptAes($advancedkey, 256); // Get a db connection. $db = JFactory::getDbo(); // Create a new query object. $query = $db->getQuery(true); // Get from #__costbenefitprojection_company as a $query->select($db->quoteName(array('a.id', 'a.name', 'a.user', 'a.department', 'a.per', 'a.country', 'a.service_provider', 'a.datayear', 'a.working_days', 'a.total_salary', 'a.total_healthcare', 'a.productivity_losses', 'a.males', 'a.females', 'a.medical_turnovers_males', 'a.medical_turnovers_females', 'a.sick_leave_males', 'a.sick_leave_females', 'a.percentmale', 'a.percentfemale', 'a.causesrisks', 'a.published', 'a.access'), array('id', 'name', 'user', 'department', 'per', 'country', 'service_provider', 'datayear', 'working_days', 'total_salary', 'total_healthcare', 'productivity_losses', 'males', 'females', 'medical_turnovers_males', 'medical_turnovers_females', 'sick_leave_males', 'sick_leave_females', 'percentmale', 'percentfemale', 'causesrisks', 'published', 'access'))); $query->from($db->quoteName('#__costbenefitprojection_company', 'a')); // Get from #__costbenefitprojection_country as e $query->select($db->quoteName(array('e.id', 'e.name', 'e.alias', 'e.user', 'e.currency', 'e.datayear', 'e.worldzone', 'e.codethree', 'e.codetwo', 'e.working_days', 'e.presenteeism', 'e.medical_turnovers', 'e.sick_leave', 'e.healthcare', 'e.productivity_losses', 'e.publicname', 'e.publicemail', 'e.publicnumber', 'e.publicaddress', 'e.percentmale', 'e.percentfemale', 'e.causesrisks', 'e.maledeath', 'e.femaledeath', 'e.maleyld', 'e.femaleyld', 'e.access'), array('country_id', 'country_name', 'country_alias', 'country_user', 'country_currency', 'country_datayear', 'country_worldzone', 'country_codethree', 'country_codetwo', 'country_working_days', 'country_presenteeism', 'country_medical_turnovers', 'country_sick_leave', 'country_healthcare', 'country_productivity_losses', 'country_publicname', 'country_publicemail', 'country_publicnumber', 'country_publicaddress', 'country_percentmale', 'country_percentfemale', 'country_causesrisks', 'country_maledeath', 'country_femaledeath', 'country_maleyld', 'country_femaleyld', 'country_access'))); $query->join('LEFT', $db->quoteName('#__costbenefitprojection_country', 'e') . ' ON (' . $db->quoteName('a.country') . ' = ' . $db->quoteName('e.id') . ')'); // Get from #__costbenefitprojection_currency as f $query->select($db->quoteName(array('f.id', 'f.name', 'f.alias', 'f.codethree', 'f.numericcode', 'f.symbol', 'f.thousands', 'f.decimalplace', 'f.decimalsymbol', 'f.positivestyle', 'f.negativestyle', 'f.published', 'f.access', 'f.ordering'), array('currency_id', 'currency_name', 'currency_alias', 'currency_codethree', 'currency_numericcode', 'currency_symbol', 'currency_thousands', 'currency_decimalplace', 'currency_decimalsymbol', 'currency_positivestyle', 'currency_negativestyle', 'currency_published', 'currency_access', 'currency_ordering'))); $query->join('LEFT', $db->quoteName('#__costbenefitprojection_currency', 'f') . ' ON (' . $db->quoteName('e.currency') . ' = ' . $db->quoteName('f.codethree') . ')'); $query->where('a.id = ' . (int) $pk); // Reset the query using our newly populated query object. $db->setQuery($query); // Load the results as a stdClass object. $data = $db->loadObject(); if (empty($data)) { $app = JFactory::getApplication(); // If no data is found redirect to default page and show warning. $app->enqueueMessage(JText::_('COM_COSTBENEFITPROJECTION_NOT_FOUND_OR_ACCESS_DENIED'), 'warning'); $app->redirect('index.php?option=com_costbenefitprojection&view=cpanel'); return false; } if (!empty($data->medical_turnovers_females) && $advancedkey && !is_numeric($data->medical_turnovers_females) && $data->medical_turnovers_females === base64_encode(base64_decode($data->medical_turnovers_females, true))) { // Decode medical_turnovers_females $data->medical_turnovers_females = rtrim($advanced->decryptString($data->medical_turnovers_females), ""); } if (!empty($data->females) && $advancedkey && !is_numeric($data->females) && $data->females === base64_encode(base64_decode($data->females, true))) { // Decode females $data->females = rtrim($advanced->decryptString($data->females), ""); } if (!empty($data->sick_leave_males) && $advancedkey && !is_numeric($data->sick_leave_males) && $data->sick_leave_males === base64_encode(base64_decode($data->sick_leave_males, true))) { // Decode sick_leave_males $data->sick_leave_males = rtrim($advanced->decryptString($data->sick_leave_males), ""); } if (CostbenefitprojectionHelper::checkString($data->causesrisks)) { // Decode causesrisks $data->causesrisks = json_decode($data->causesrisks, true); } if (!empty($data->medical_turnovers_males) && $advancedkey && !is_numeric($data->medical_turnovers_males) && $data->medical_turnovers_males === base64_encode(base64_decode($data->medical_turnovers_males, true))) { // Decode medical_turnovers_males $data->medical_turnovers_males = rtrim($advanced->decryptString($data->medical_turnovers_males), ""); } if (!empty($data->total_salary) && $advancedkey && !is_numeric($data->total_salary) && $data->total_salary === base64_encode(base64_decode($data->total_salary, true))) { // Decode total_salary $data->total_salary = rtrim($advanced->decryptString($data->total_salary), ""); } if (!empty($data->sick_leave_females) && $advancedkey && !is_numeric($data->sick_leave_females) && $data->sick_leave_females === base64_encode(base64_decode($data->sick_leave_females, true))) { // Decode sick_leave_females $data->sick_leave_females = rtrim($advanced->decryptString($data->sick_leave_females), ""); } if (!empty($data->total_healthcare) && $advancedkey && !is_numeric($data->total_healthcare) && $data->total_healthcare === base64_encode(base64_decode($data->total_healthcare, true))) { // Decode total_healthcare $data->total_healthcare = rtrim($advanced->decryptString($data->total_healthcare), ""); } if (!empty($data->males) && $advancedkey && !is_numeric($data->males) && $data->males === base64_encode(base64_decode($data->males, true))) { // Decode males $data->males = rtrim($advanced->decryptString($data->males), ""); } if (CostbenefitprojectionHelper::checkString($data->country_causesrisks)) { // Decode country_causesrisks $data->country_causesrisks = json_decode($data->country_causesrisks, true); } // Make sure the content prepare plugins fire on country_publicaddress. $data->country_publicaddress = JHtml::_('content.prepare', $data->country_publicaddress); // Checking if country_publicaddress has uikit components that must be loaded. $this->uikitComp = CostbenefitprojectionHelper::getUikitComp($data->country_publicaddress, $this->uikitComp); // set the global causesrisks value. $this->a_causesrisks = $data->causesrisks; // set the global datayear value. $this->a_datayear = $data->datayear; // set the global datayear value. $this->e_datayear = $data->country_datayear; // set the global causesrisks value. $this->e_causesrisks = $data->country_causesrisks; // set countryCountryHealth_dataB to the $data object. $data->countryCountryHealth_dataB = $this->getCountryCountryHealth_dataEbbe_B($data->country); // set idCompanyScaling_factorC to the $data object. $data->idCompanyScaling_factorC = $this->getIdCompanyScaling_factorEbbe_C($data->id); // set idCompanyInterventionD to the $data object. $data->idCompanyInterventionD = $this->getIdCompanyInterventionEbbe_D($data->id); // set causesrisksIdCauseriskG to the $data object. $data->causesrisksIdCauseriskG = $this->getCausesrisksIdCauseriskEbbe_G($data->causesrisks); // set countryCountryHealth_dataBB to the $data object. $data->countryCountryHealth_dataBB = $this->getCountryCountryHealth_dataEbbe_BB($data->country); // set causesrisksIdCauseriskGG to the $data object. $data->causesrisksIdCauseriskGG = $this->getCausesrisksIdCauseriskEbbe_GG($data->country_causesrisks); // set countryCountryInterventionDD to the $data object. $data->countryCountryInterventionDD = $this->getCountryCountryInterventionEbbe_DD($data->country); // set data object to item. $this->_item[$pk] = $data; } catch (Exception $e) { if ($e->getCode() == 404) { // Need to go thru the error handler to allow Redirect to work. JError::raiseWaring(404, $e->getMessage()); } else { $this->setError($e); $this->_item[$pk] = false; } } } return $this->_item[$pk]; }
protected function setCompanies($limited = false) { // check if there is any countries loaded if (CostbenefitprojectionHelper::checkArray($this->countries)) { // remove dummy companies $remove = $this->getDummyComp(); // Create a new query object. $query = $this->db->getQuery(true); // Get from #__costbenefitprojection_company as a $query->select($this->db->quoteName(array('a.id', 'a.user', 'a.name', 'a.country', 'a.department', 'a.males', 'a.females'), array('id', 'user', 'name', 'country', 'department', 'males', 'females'))); $query->from($this->db->quoteName('#__costbenefitprojection_company', 'a')); if ($limited) { // get his companies $ids = CostbenefitprojectionHelper::hisCompanies($this->user->id); if ($remove) { $ids = array_diff($ids, $remove); } // limit to only load his companies $query->where('a.id IN (' . implode(',', $ids) . ')'); } elseif ($remove) { // limit to only real companies $query->where('a.id NOT IN (' . implode(',', $remove) . ')'); } // Check that we only use the real companies and none of the dummy companies $query->where('a.mode = 1'); // this will insure only real companies are loaded // get only from set countries $countryIds = array_keys($this->countries); // limit to only load these countries $query->where('a.country IN (' . implode(',', $countryIds) . ')'); $query->order('a.country ASC'); // load the query $this->db->setQuery($query); $this->db->execute(); if ($this->db->getNumRows()) { return $this->db->loadObjectList(); } } return false; }
/** * Method to get list export data. * * @return mixed An array of data items on success, false on failure. */ public function getExportData($pks) { // setup the query if (CostbenefitprojectionHelper::checkArray($pks)) { // Set a value to know this is exporting method. $_export = true; // Get the user object. $user = JFactory::getUser(); // Create a new query object. $db = JFactory::getDBO(); $query = $db->getQuery(true); // Select some fields $query->select('a.*'); // From the costbenefitprojection_company table $query->from($db->quoteName('#__costbenefitprojection_company', 'a')); $query->where('a.id IN (' . implode(',', $pks) . ')'); // Filter by companies (admin sees all) if (!$user->authorise('core.options', 'com_costbenefitprojection')) { $companies = CostbenefitprojectionHelper::hisCompanies($user->id); if (CostbenefitprojectionHelper::checkArray($companies)) { $companies = implode(',', $companies); // only load this users companies $query->where('a.id IN (' . $companies . ')'); } else { // dont allow user to see any companies $query->where('a.id = -4'); } } // Implement View Level Access if (!$user->authorise('core.options', 'com_costbenefitprojection')) { $groups = implode(',', $user->getAuthorisedViewLevels()); $query->where('a.access IN (' . $groups . ')'); } // Order the results by ordering $query->order('a.ordering ASC'); // Load the items $db->setQuery($query); $db->execute(); if ($db->getNumRows()) { $items = $db->loadObjectList(); // Get the advanced encription key. $advancedkey = CostbenefitprojectionHelper::getCryptKey('advanced'); // Get the encription object. $advanced = new FOFEncryptAes($advancedkey, 256); // set values to display correctly. if (CostbenefitprojectionHelper::checkArray($items)) { // get user object. $user = JFactory::getUser(); foreach ($items as $nr => &$item) { $access = $user->authorise('company.access', 'com_costbenefitprojection.company.' . (int) $item->id) && $user->authorise('company.access', 'com_costbenefitprojection'); if (!$access) { unset($items[$nr]); continue; } if ($advancedkey && !is_numeric($item->medical_turnovers_females) && $item->medical_turnovers_females === base64_encode(base64_decode($item->medical_turnovers_females, true))) { // decrypt medical_turnovers_females $item->medical_turnovers_females = $advanced->decryptString($item->medical_turnovers_females); } if ($advancedkey && !is_numeric($item->females) && $item->females === base64_encode(base64_decode($item->females, true))) { // decrypt females $item->females = $advanced->decryptString($item->females); } if ($advancedkey && !is_numeric($item->sick_leave_males) && $item->sick_leave_males === base64_encode(base64_decode($item->sick_leave_males, true))) { // decrypt sick_leave_males $item->sick_leave_males = $advanced->decryptString($item->sick_leave_males); } if ($advancedkey && !is_numeric($item->medical_turnovers_males) && $item->medical_turnovers_males === base64_encode(base64_decode($item->medical_turnovers_males, true))) { // decrypt medical_turnovers_males $item->medical_turnovers_males = $advanced->decryptString($item->medical_turnovers_males); } if ($advancedkey && !is_numeric($item->total_salary) && $item->total_salary === base64_encode(base64_decode($item->total_salary, true))) { // decrypt total_salary $item->total_salary = $advanced->decryptString($item->total_salary); } if ($advancedkey && !is_numeric($item->sick_leave_females) && $item->sick_leave_females === base64_encode(base64_decode($item->sick_leave_females, true))) { // decrypt sick_leave_females $item->sick_leave_females = $advanced->decryptString($item->sick_leave_females); } if ($advancedkey && !is_numeric($item->total_healthcare) && $item->total_healthcare === base64_encode(base64_decode($item->total_healthcare, true))) { // decrypt total_healthcare $item->total_healthcare = $advanced->decryptString($item->total_healthcare); } if ($advancedkey && !is_numeric($item->males) && $item->males === base64_encode(base64_decode($item->males, true))) { // decrypt males $item->males = $advanced->decryptString($item->males); } // unset the values we don't want exported. unset($item->asset_id); unset($item->checked_out); unset($item->checked_out_time); } } // Add headers to items array. $headers = $this->getExImPortHeaders(); if (CostbenefitprojectionHelper::checkObject($headers)) { array_unshift($items, $headers); } return $items; } } return false; }
/** * Method to get list export data. * * @return mixed An array of data items on success, false on failure. */ public function getExportData($pks) { // setup the query if (CostbenefitprojectionHelper::checkArray($pks)) { // Set a value to know this is exporting method. $_export = true; // Get the user object. $user = JFactory::getUser(); // Create a new query object. $db = JFactory::getDBO(); $query = $db->getQuery(true); // Select some fields $query->select('a.*'); // From the costbenefitprojection_intervention table $query->from($db->quoteName('#__costbenefitprojection_intervention', 'a')); $query->where('a.id IN (' . implode(',', $pks) . ')'); // Filter the companies (admin sees all) if (!$user->authorise('core.options', 'com_costbenefitprojection')) { $companies = CostbenefitprojectionHelper::hisCompanies($user->id); if (CostbenefitprojectionHelper::checkArray($companies)) { $companies = implode(',', $companies); // only load this users companies $query->where('a.company IN (' . $companies . ')'); } else { // don't allow user to see any companies $query->where('a.company = -4'); } } // Order the results by ordering $query->order('a.ordering ASC'); // Load the items $db->setQuery($query); $db->execute(); if ($db->getNumRows()) { $items = $db->loadObjectList(); // set values to display correctly. if (CostbenefitprojectionHelper::checkArray($items)) { // get user object. $user = JFactory::getUser(); foreach ($items as $nr => &$item) { $access = $user->authorise('intervention.access', 'com_costbenefitprojection.intervention.' . (int) $item->id) && $user->authorise('intervention.access', 'com_costbenefitprojection'); if (!$access) { unset($items[$nr]); continue; } // unset the values we don't want exported. unset($item->asset_id); unset($item->checked_out); unset($item->checked_out_time); } } // Add headers to items array. $headers = $this->getExImPortHeaders(); if (CostbenefitprojectionHelper::checkObject($headers)) { array_unshift($items, $headers); } // check if item is to load based on sharing setting if (CostbenefitprojectionHelper::checkArray($items)) { foreach ($items as $nr => &$item) { if (!CostbenefitprojectionHelper::checkIntervetionAccess($item->id, $item->share, $item->company)) { unset($items[$nr]); continue; } } } return $items; } } return false; }
/** * Method to get a list of options for a list input. * * @return array An array of JHtml options. */ public function getOptions() { // Get the user object. $user = JFactory::getUser(); // Create a new query object. $db = JFactory::getDBO(); $query = $db->getQuery(true); $query->select($db->quoteName(array('a.id', 'a.name'), array('id', 'company_name'))); $query->from($db->quoteName('#__costbenefitprojection_company', 'a')); $query->where($db->quoteName('a.published') . ' = 1'); if (!$user->authorise('core.options', 'com_costbenefitprojection')) { $companies = CostbenefitprojectionHelper::hisCompanies($user->id); if (CostbenefitprojectionHelper::checkArray($companies)) { $companies = implode(',', $companies); // only load this users companies $query->where('a.id IN (' . $companies . ')'); } else { // dont allow user to see any companies $query->where('a.id = -4'); } } $query->order('a.name ASC'); $db->setQuery((string) $query); $items = $db->loadObjectList(); $options = array(); if ($items) { $userIs = CostbenefitprojectionHelper::userIs($user->id); if (3 == $userIs || $user->authorise('core.options', 'com_costbenefitprojection')) { $options[] = JHtml::_('select.option', 0, '-- ' . JText::_('A Country') . ' --'); } foreach ($items as $item) { $options[] = JHtml::_('select.option', $item->id, $item->company_name); } } return $options; }