/** * View items of the wurfl object * */ function wurfl_admin_view($args) { if (!xarSecurityCheck('ManageWurfl')) { return; } $modulename = 'wurfl'; // Define which object will be shown if (!xarVarFetch('objectname', 'str', $objectname, null, XARVAR_DONT_SET)) { return; } if (!empty($objectname)) { xarModUserVars::set($modulename, 'defaultmastertable', $objectname); } // Set a return url xarSession::setVar('ddcontext.' . $modulename, array('return_url' => xarServer::getCurrentURL())); // Get the available dropdown options $object = DataObjectMaster::getObjectList(array('objectid' => 1)); $data['objectname'] = xarModUserVars::get($modulename, 'defaultmastertable'); $items = $object->getItems(); $options = array(); foreach ($items as $item) { if (strpos($item['name'], $modulename) !== false) { $options[] = array('id' => $item['name'], 'name' => $item['name']); } } $data['options'] = $options; return $data; }
function publications_admin_modify_pubtype($args) { if (!xarSecurityCheck('AdminPublications')) { return; } extract($args); // Get parameters if (!xarVarFetch('itemid', 'isset', $data['itemid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('returnurl', 'str:1', $data['returnurl'], 'view', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('name', 'str:1', $name, '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('tab', 'str:1', $data['tab'], '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } if (empty($name) && empty($itemid)) { return xarResponse::NotFound(); } // Get our object $data['object'] = DataObjectMaster::getObject(array('name' => 'publications_types')); if (!empty($data['itemid'])) { $data['object']->getItem(array('itemid' => $data['itemid'])); } else { $type_list = DataObjectMaster::getObjectList(array('name' => 'publications_types')); $where = 'name = ' . $name; $items = $type_list->getItems(array('where' => $where)); $item = current($items); $data['object']->getItem(array('itemid' => $item['id'])); } // Send the publication type and the object properties to the template $data['properties'] = $data['object']->getProperties(); // Get the settings of the publication type we are using $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['itemid'])); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return; } // Get the data from the form $isvalid = $data['object']->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with error messages return xarTplModule('publications', 'admin', 'modify_pubtype', $data); } else { // Good data: create the item $itemid = $data['object']->updateItem(array('itemid' => $data['itemid'])); // Jump to the next page xarController::redirect(xarModURL('publications', 'admin', 'view_pubtypes')); return true; } } return $data; }
/** * View the cart */ function shop_user_viewcart() { // If the user returns to the cart after taking other steps, unset any errors from earlier in the session. xarSession::delVar('errors'); sys::import('modules.dynamicdata.class.objects.master'); $subtotals = array(); $products = array(); $total = 0; // May want to display cust info with the cart... $cust = xarMod::APIFunc('shop', 'user', 'customerinfo'); $data['cust'] = $cust; $shop = xarSession::getVar('shop'); foreach ($shop as $pid => $val) { // If this post variable is set, we must need to update the quantity if (isset($_POST['qty' . $pid])) { unset($qty_new); // Have to unset this since we're in a foreach if (!xarVarFetch('qty' . $pid, 'isset', $qty_new, NULL, XARVAR_DONT_SET)) { return; } if ($qty_new == 0) { unset($shop[$pid]); } else { $shop[$pid]['qty'] = $qty_new; } } // If the quantity hasn't been set to zero, add it to the $products array... if (isset($shop[$pid])) { // Commas in the quantity seem to mess up our math $products[$pid]['qty'] = str_replace(',', '', $shop[$pid]['qty']); // Get the product info $object = DataObjectMaster::getObject(array('name' => 'shop_products')); $some_id = $object->getItem(array('itemid' => $pid)); $values = $object->getFieldValues(); $products[$pid]['title'] = xarVarPrepForDisplay($values['title']); $products[$pid]['price'] = $values['price']; $subtotal = $values['price'] * $products[$pid]['qty']; $subtotals[] = $subtotal; // so we can use array_sum() to add it all up if (substr($subtotal, 0, 1) == '.') { $subtotal = '0' . $subtotal; } $products[$pid]['subtotal'] = number_format($subtotal, 2); } } xarSession::setVar('shop', $shop); $total = array_sum($subtotals); // Add a zero to the front of the number if it starts with a decimal... if (substr($total, 0, 1) == '.') { $total = '0' . $total; } $total = number_format($total, 2); xarSession::setVar('products', $products); // update the session variable $data['products'] = $products; // don't want too much session stuff in the templates xarSession::setVar('total', $total); $data['total'] = $total; return $data; }
function publications_user_new($args) { extract($args); // Get parameters if (!xarVarFetch('ptid', 'id', $data['ptid'], xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('catid', 'str', $catid, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemtype', 'id', $itemtype, NULL, XARVAR_NOT_REQUIRED)) { return; } $data['items'] = array(); $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $data['properties'] = $data['object']->getProperties(); if (!empty($data['ptid'])) { $template = $pubtypeobject->properties['template']->value; } else { // TODO: allow templates per category ? $template = null; } // Get the settings of the publication type we are using $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid'])); return xarTplModule('publications', 'admin', 'new', $data, $template); }
function wurfl_admin_delete() { if (!xarSecurityCheck('ManageWurfl')) { return; } if (!xarVarFetch('name', 'str:1', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'int', $data['itemid'], '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('confirm', 'str:1', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['object']->getItem(array('itemid' => $data['itemid'])); $data['tplmodule'] = 'wurfl'; $data['authid'] = xarSecGenAuthKey('wurfl'); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return; } // Delete the item $item = $data['object']->deleteItem(); // Jump to the next page xarController::redirect(xarModURL('wurfl', 'admin', 'view')); return true; } return $data; }
/** * Get products */ function shop_userapi_getproducts($args) { $startnum = 1; extract($args); if (!xarSecurityCheck('ViewShop')) { return; } if (!isset($items_per_page)) { $items_per_page = xarModVars::get('shop', 'items_per_page'); } $data['items_per_page'] = $items_per_page; // Load the DD master object class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.objects.master'); sys::import('modules.dynamicdata.class.properties.master'); // Get the object we'll be working with. Note this is a so called object list $mylist = DataObjectMaster::getObjectList(array('name' => 'shop_products')); $data['sort'] = xarMod::ApiFunc('shop', 'admin', 'sort', array('sortfield_fallback' => 'id', 'ascdesc_fallback' => 'ASC')); // We have some filters for the items $filters = array('startnum' => $startnum, 'status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE, 'sort' => $data['sort']); if (isset($where)) { $filters['where'] = $where; } // Get the items $products = $mylist->getItems($filters); // return the products $data['products'] = $products; // Return the template variables defined in this function return $data; }
/** * Modify a customer */ function shop_admin_modifycustomer() { if (!xarVarFetch('itemid', 'id', $data['itemid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } $objectname = 'shop_customers'; $data['objectname'] = $objectname; // Check if we still have no id of the item to modify. if (empty($data['itemid'])) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'admin', 'modify', 'shop'); throw new Exception($msg); } if (!xarSecurityCheck('AdminShop', 1, 'Item', $data['itemid'])) { return; } sys::import('modules.dynamicdata.class.objects.master'); $object = DataObjectMaster::getObject(array('name' => $objectname)); $data['object'] = $object; $data['label'] = $object->label; $object->getItem(array('itemid' => $data['itemid'])); $values = $object->getFieldValues(); foreach ($values as $name => $value) { $data[$name] = xarVarPrepForDisplay($value); } $rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users')); $rolesobject->getItem(array('itemid' => $data['itemid'])); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Get the data from the form $isvalid = $object->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with the data we picked up and with error messages return xarTplModule('shop', 'admin', 'modifycustomer', $data); } elseif (isset($data['preview'])) { // Show a preview, same thing as the above essentially return xarTplModule('shop', 'admin', 'modifycustomer', $data); } else { $first_name = $object->properties['first_name']->getValue(); $last_name = $object->properties['last_name']->getValue(); $rolesobject->properties['name']->setValue($first_name . ' ' . $last_name); $rolesobject->updateItem(); $object->updateItem(); // Jump to the next page xarResponse::redirect(xarModURL('shop', 'admin', 'modifycustomer', array('itemid' => $data['itemid']))); return $data; } } else { // Get that specific item of the object $object->getItem(array('itemid' => $data['itemid'])); } // Return the template variables defined in this function return $data; }
/** * Create a new customer */ function shop_user_newcustomer() { if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('returnurl', 'str', $returnurl, NULL, XARVAR_NOT_REQUIRED)) { return; } sys::import('modules.dynamicdata.class.objects.master'); $rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users')); $data['properties'] = $rolesobject->properties; // Check if we are in 'preview' mode from the input here - the rest is handled by checkInput() // Here we are testing for a button clicked, so we test for a string if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) { return; } // Check if we are submitting the form // Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false) if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } if ($data['confirm']) { // Check for a valid confirmation key. The value is automatically gotten from the template if (!xarSecConfirmAuthKey()) { return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Get the data from the form and see if it is all valid // Either way the values are now stored in the object $isvalid = $rolesobject->properties['email']->checkInput(); $isvalid2 = $rolesobject->properties['password']->checkInput(); if (!$isvalid || !$isvalid2) { // Bad data: redisplay the form with the data we picked up and with error messages return xarTplModule('shop', 'user', 'newcustomer', $data); } else { $email = $rolesobject->properties['email']->getValue(); $password = $rolesobject->properties['password']->getValue(); $rolesobject->properties['name']->setValue($email); $rolesobject->properties['email']->setValue($email); $rolesobject->properties['uname']->setValue($email); $rolesobject->properties['password']->setValue($password); $rolesobject->properties['state']->setValue(3); $authmodule = (int) xarMod::getID('shop'); $rolesobject->properties['authmodule']->setValue($authmodule); $uid = $rolesobject->createItem(); $custobject = DataObjectMaster::getObject(array('name' => 'shop_customers')); $custobject->createItem(array('id' => $uid)); if (isset($returnurl)) { xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $password)); xarResponse::redirect($returnurl); } else { xarResponse::redirect(xarModURL('shop')); } // Always add the next line even if processing never reaches it return true; } } // Return the template variables defined in this function return $data; }
function publications_admin_templates_page($args) { if (!xarSecurityCheck('AdminPublications')) { return; } extract($args); if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('ptid', 'id', $data['ptid'], 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'id', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('file', 'str', $data['file'], 'summary', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('source_data', 'str', $data['source_data'], '', XARVAR_NOT_REQUIRED)) { return; } if (empty($data['itemid']) || empty($data['ptid'])) { return xarResponse::NotFound(); } $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $pubtype = explode('_', $pubtypeobject->properties['name']->value); $pubtype = isset($pubtype[1]) ? $pubtype[1] : $pubtype[0]; $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $basepath = sys::code() . "modules/publications/xartemplates/objects/" . $pubtype; $sourcefile = $basepath . "/" . $data['file'] . "_" . $data['itemid'] . ".xt"; $overridepath = "themes/" . xarModVars::get('themes', 'default_theme') . "/modules/publications/objects/" . $pubtype; $overridefile = $overridepath . "/" . $data['file'] . "-" . $data['itemid'] . ".xt"; // If we are saving, write the file now if ($confirm && !empty($data['source_data'])) { xarMod::apiFunc('publications', 'admin', 'write_file', array('file' => $overridefile, 'data' => $data['source_data'])); } // Let the template know what kind of file this is if (file_exists($overridefile)) { $data['filetype'] = 'theme'; $filepath = $overridefile; $data['writable'] = is_writable($overridefile); } else { $data['filetype'] = 'module'; $filepath = $sourcefile; $data['writable'] = is_writeable_dir($overridepath); } $data['source_data'] = trim(xarMod::apiFunc('publications', 'admin', 'read_file', array('file' => $filepath))); // Initialize the template if (empty($data['source_data'])) { $data['source_data'] = '<xar:template xmlns:xar="http://xaraya.com/2004/blocklayout">'; $data['source_data'] .= "\n"; $data['source_data'] .= "\n" . '</xar:template>'; } $data['files'] = array(array('id' => 'summary', 'name' => 'summary display'), array('id' => 'detail', 'name' => 'detail display')); return $data; }
/** * List the product attributes */ function shop_admin_attributes() { if (!xarVarFetch('startnum', 'isset', $data['startnum'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('user_id', 'isset', $user_id, NULL, XARVAR_DONT_SET)) { return; } $objectname = 'shop_attributes'; $data['objectname'] = $objectname; // Security check - important to do this as early as possible to avoid // potential security holes or just too much wasted processing if (!xarSecurityCheck('AdminShop')) { return; } $data['items_per_page'] = xarModVars::get('shop', 'items_per_page'); // Load the DD master object class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.objects.master'); // Get the object label for the template $object = DataObjectMaster::getObject(array('name' => $objectname)); $data['label'] = $object->label; // Get the fields to display in the admin interface $config = $object->configuration; if (!empty($config['adminfields'])) { $data['adminfields'] = $config['adminfields']; } else { $data['adminfields'] = array_keys($object->getProperties()); } // Get the object we'll be working with. Note this is a so called object list $mylist = DataObjectMaster::getObjectList(array('name' => $objectname)); // Load the DD master property class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.properties.master'); $data['sort'] = xarMod::ApiFunc('shop', 'admin', 'sort', array('sortfield_fallback' => 'ID', 'ascdesc_fallback' => 'ASC')); // We have some filters for the items $filters = array('startnum' => $data['startnum'], 'status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE, 'sort' => $data['sort']); if (isset($user_id)) { $filters['where'] = 'user_id eq ' . $user_id; } // Get the items $items = $mylist->getItems($filters); if (isset($user_id)) { // Get the object we'll be working with. Note this is a so called object list $mylist2 = DataObjectMaster::getObjectList(array('name' => 'shop_customers')); $filters = array(); if (isset($user_id)) { $filters['where'] = 'ID eq ' . $user_id; } $items2 = $mylist2->getItems($filters); $data['fname'] = $items2[$user_id]['FirstName']; $data['lname'] = $items2[$user_id]['LastName']; } $data['mylist'] = $mylist; // Return the template variables defined in this function return $data; }
function calendar_adminapi_hookcreate($data) { if (!isset($data['extrainfo']) || !is_array($data['extrainfo'])) { $data['extrainfo'] = array(); } // When called via hooks, modname will be empty, but we get it from the // extrainfo or the current module if (empty($data['module'])) { if (!empty($data['extrainfo']['module'])) { $data['module'] = $data['extrainfo']['module']; } else { $data['module'] = xarMod::getName(); } } $data['module_id'] = xarMod::getID($data['module']); if (empty($data['module_id'])) { throw new IDNotFoundException("module id for " . $data['modname']); } if (!isset($data['itemtype']) || !is_numeric($data['itemtype'])) { if (isset($data['extrainfo']['itemtype']) && is_numeric($data['extrainfo']['itemtype'])) { $data['itemtype'] = $data['extrainfo']['itemtype']; } else { $data['itemtype'] = 0; } } if (!isset($data['itemid']) || !is_numeric($data['itemid'])) { if (isset($data['extrainfo']['item_id']) && is_numeric($data['extrainfo']['item_id'])) { $data['itemid'] = $data['extrainfo']['item_id']; } else { $data['itemid'] = 0; } } $data['extrainfo']['module_id'] = $data['module_id']; $data['extrainfo']['itemtype'] = $data['itemtype']; $data['extrainfo']['item_id'] = $data['itemid']; $data['extrainfo']['name'] = isset($data['extrainfo']['name']) ? $data['extrainfo']['name'] : xarML('Unknown Event'); $data['extrainfo']['start_time'] = isset($data['extrainfo']['start_time']) ? $data['extrainfo']['start_time'] : time(); $data['extrainfo']['duration'] = isset($data['extrainfo']['duration']) ? $data['extrainfo']['duration'] : 60; $data['extrainfo']['end_time'] = isset($data['extrainfo']['end_time']) ? $data['extrainfo']['end_time'] : $data['extrainfo']['start_time'] + $data['extrainfo']['duration']; $data['extrainfo']['recurring_code'] = isset($data['extrainfo']['recurring_code']) ? $data['extrainfo']['recurring_code'] : 0; $data['extrainfo']['recurring_span'] = isset($data['extrainfo']['recurring_span']) ? $data['extrainfo']['recurring_span'] : 0; $data['extrainfo']['start_location'] = isset($data['extrainfo']['start_location']) ? $data['extrainfo']['start_location'] : null; $data['extrainfo']['end_location'] = isset($data['extrainfo']['end_location']) ? $data['extrainfo']['end_location'] : null; $data['extrainfo']['object_id'] = isset($data['extrainfo']['object_id']) ? $data['extrainfo']['object_id'] : 0; $data['extrainfo']['role_id'] = isset($data['extrainfo']['role_id']) ? $data['extrainfo']['role_id'] : xarSession::getVar('role_id'); $data['extrainfo']['return_link'] = isset($data['extrainfo']['return_link']) ? $data['extrainfo']['return_link'] : ''; $data['extrainfo']['state'] = isset($data['extrainfo']['state']) ? $data['extrainfo']['state'] : 3; $data['extrainfo']['timestamp'] = isset($data['extrainfo']['timestamp']) ? $data['extrainfo']['timestamp'] : time(); $data['extrainfo']['itemid'] = 0; $object = DataObjectMaster::getObject(array('name' => 'calendar_event')); $item = $object->createItem($data['extrainfo']); return $data['extrainfo']; }
function publications_admin_stylesheet_type($args) { if (!xarSecurityCheck('AdminPublications')) { return; } extract($args); if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('ptid', 'id', $data['ptid'], xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('file', 'str', $data['file'], '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('source_data', 'str', $data['source_data'], '', XARVAR_NOT_REQUIRED)) { return; } $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $pubtype = explode('_', $pubtypeobject->properties['name']->value); $pubtype = isset($pubtype[1]) ? $pubtype[1] : $pubtype[0]; $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $basepath = sys::code() . "modules/publications/xarstyles"; $sourcefile = $basepath . "/" . $data['file'] . ".css"; $overridepath = "themes/" . xarModVars::get('themes', 'default_theme') . "/modules/publications/style"; $overridefile = $overridepath . "/" . $data['file'] . ".css"; // If we are saving, write the file now if ($confirm && !empty($data['file']) && !empty($data['source_data'])) { xarMod::apiFunc('publications', 'admin', 'write_file', array('file' => $overridefile, 'data' => $data['source_data'])); } // Let the template know what kind of file this is if (empty($data['file'])) { $data['filetype'] = 'empty'; $filepath = ''; $data['writable'] = 0; } elseif (file_exists($overridefile)) { $data['filetype'] = 'theme'; $filepath = $overridefile; $data['writable'] = is_writable($overridefile); } elseif (file_exists($sourcefile)) { $data['filetype'] = 'module'; $filepath = $sourcefile; $data['writable'] = is_writeable_dir($overridepath); } else { $data['filetype'] = 'unknown'; $filepath = $overridefile; $data['writable'] = is_writeable_dir($overridepath); } $data['source_data'] = trim(xarMod::apiFunc('publications', 'admin', 'read_file', array('file' => $filepath))); return $data; }
/** * Show some predefined form field in a template * * @param $args array containing the definition of the field (object, itemid, property, value, ...) * @return string containing the HTML (or other) text to output in the BL template */ function publications_userapi_fieldoutput($args) { extract($args); if (!isset($object) || !isset($itemid) || !isset($field)) { return ''; } sys::import('modules.dynamicdata.class.objects.master'); $object = DataObjectMaster::getObject(array('name' => $object)); $itemid = xarMod::apiFunc('publications', 'user', 'gettranslationid', array('id' => $itemid)); $object->getItem(array('itemid' => $itemid)); $field = $object->properties[$field]->getValue(); return $field; }
/** * Create a new product */ function shop_admin_newproduct() { // See if the current user has the privilege to add an item. We cannot pass any extra arguments here if (!xarSecurityCheck('Addshop')) { return; } if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) { return; } $objectname = 'shop_products'; $data['objectname'] = $objectname; // Load the DD master object class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.objects.master'); $object = DataObjectMaster::getObject(array('name' => $objectname)); $data['label'] = $object->label; $data['object'] = $object; // Check if we are in 'preview' mode from the input here - the rest is handled by checkInput() // Here we are testing for a button clicked, so we test for a string if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) { return; } // Check if we are submitting the form // Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false) if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } if ($data['confirm']) { // Check for a valid confirmation key. The value is automatically gotten from the template if (!xarSecConfirmAuthKey()) { return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Get the data from the form and see if it is all valid // Either way the values are now stored in the object $isvalid = $data['object']->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with the data we picked up and with error messages return xarTplModule('shop', 'admin', 'newproduct', $data); } elseif (isset($data['preview'])) { // Show a preview, same thing as the above essentially return xarTplModule('shop', 'admin', 'newproduct', $data); } else { $itemid = $data['object']->createItem(); // Jump to the next page xarResponse::redirect(xarModURL('shop', 'admin', 'products')); return true; } } // Return the template variables defined in this function return $data; }
function publications_admin_create() { if (!xarVarFetch('ptid', 'id', $data['ptid'])) { return; } if (!xarVarFetch('new_cids', 'array', $cids, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('save', 'str', $save, NULL, XARVAR_NOT_REQUIRED)) { return; } // Confirm authorisation code // This has been disabled for now // if (!xarSecConfirmAuthKey()) return; $data['items'] = array(); $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $isvalid = $data['object']->checkInput(); $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid'])); if ($data['preview'] || !$isvalid) { // Show debug info if called for if (!$isvalid && xarModVars::get('publications', 'debugmode') && in_array(xarUserGetVar('uname'), xarConfigVars::get(null, 'Site.User.DebugAdmins'))) { var_dump($data['object']->getInvalids()); } // Preview or bad data: redisplay the form $data['properties'] = $data['object']->getProperties(); if ($data['preview']) { $data['tab'] = 'preview'; } return xarTplModule('publications', 'admin', 'new', $data); } // Create the object $id = $data['object']->createItem(); // if we can edit publications, go to admin view, otherwise go to user view if (xarSecurityCheck('EditPublications', 0, 'Publication', $data['ptid'] . ':All:All:All')) { // Redirect if we came from somewhere else $cuurent_listview = xarSession::getVar('publications_current_listview'); if (!empty($cuurent_listview)) { xarController::redirect($cuurent_listview); } xarController::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $data['ptid']))); } else { xarController::redirect(xarModURL('publications', 'user', 'view', array('ptid' => $data['ptid']))); } return true; }
public function display() { $data = $this->getContent(); // Setup featured item if ($data['fillerid'] > 0) { $fillerid = xarMod::apiFunc('publications', 'user', 'gettranslationid', array('id' => $data['fillerid'])); $ptid = xarMod::apiFunc('publications', 'user', 'getitempubtype', array('itemid' => $data['fillerid'])); $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $ptid)); $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $data['object']->getItem(array('itemid' => $data['fillerid'])); return $data; } return; }
function publications_adminapi_getpubtypeaccess($args) { if (!isset($args['ptid'])) { throw new Exception(xarML('Missing ptid param in publications_adminapi_getpubtypeaccess')); } $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); if (null == $pubtypeobject) { return false; } $pubtypeobject->getItem(array('itemid' => $args['ptid'])); if (empty($pubtypeobject->properties['access']->value)) { return "a:0:{}"; } return $pubtypeobject->properties['access']->value; }
function mailer_user_view_mailer() { if (!xarSecurityCheck('ReadMailer')) { return; } if (!xarVarFetch('name', 'str', $name, 'mailer_mails', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) { return; } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['object']->getItem(array('itemid' => $data['itemid'])); $data['tplmodule'] = 'mailer'; return $data; }
/** * Get all product attributes */ function shop_adminapi_getattributes() { $objectname = 'shop_attributes'; sys::import('modules.dynamicdata.class.objects.master'); // Get the object we'll be working with. Note this is a so called object list $mylist = DataObjectMaster::getObjectList(array('name' => $objectname)); // We have some filters for the items $filters = array('status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE); // Get the items $items = $mylist->getItems($filters); foreach ($items as $item) { $id = $item['id']; $array[$id] = $item['name'] . ' (ID: ' . $item['id'] . ')'; } return $array; }
/** * Start the checkout process -- user can create account or log into existing account */ function shop_user_start() { // Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be if (xarUserIsLoggedIn()) { xarResponse::redirect(xarModURL('shop', 'user', 'viewcart')); return true; } $shop = xarSession::getVar('shop'); if (empty($shop)) { xarResponse::redirect(xarModURL('shop', 'user', 'main')); return true; } sys::import('modules.dynamicdata.class.objects.master'); sys::import('modules.dynamicdata.class.properties.master'); $rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users')); $properties = $rolesobject->properties; $data['properties'] = $properties; $isvalid = $rolesobject->properties['email']->checkInput(); $isvalid2 = $rolesobject->properties['password']->checkInput(); if ($isvalid && $isvalid2) { if (!xarSecConfirmAuthKey()) { // right time to do this?? return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Create the role and the customer object and then log in $email = $rolesobject->properties['email']->getValue(); $password = $rolesobject->properties['password']->getValue(); $values['name'] = $email; $values['email'] = $email; $values['uname'] = $email; $values['password'] = $password; $values['state'] = 3; $rolesobject->setFieldValues($values, 1); $uid = $rolesobject->createItem(); $custobject = DataObjectMaster::getObject(array('name' => 'shop_customers')); $custobject->createItem(array('id' => $uid)); $name = 'dd_' . $properties['password']->id; $vals = $properties['password']->fetchValue($name); $pass = $vals[1][0]; $res = xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $pass)); xarResponse::redirect(xarModURL('shop', 'user', 'shippingaddress')); return true; } else { // We don't yet have a valid email or password for registration... return xarTplModule('shop', 'user', 'start', $data); } }
/** * Get just one set of attributes */ function shop_adminapi_getproductattributes($args) { extract($args); $objectname = 'shop_attributes'; sys::import('modules.dynamicdata.class.objects.master'); // Get the object we'll be working with. Note this is a so called object list $mylist = DataObjectMaster::getObjectList(array('name' => $objectname)); // We have some filters for the items $filters = array('status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE); $filters['where'] = 'id eq ' . $id; // Get the items $items = $mylist->getItems($filters); foreach ($items as $item) { $attributes = $item['options']; } return $attributes; }
/** * Display a product */ function shop_user_product($args) { if (!xarVarFetch('itemid', 'id', $itemid, NULL, XARVAR_DONT_SET)) { return; } extract($args); if (!empty($objectid)) { $itemid = $objectid; } if (empty($itemid)) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'user', 'display', 'shop'); throw new Exception($msg); } // Make sure user has read privileges for the item if (!xarSecurityCheck('ReadShop', 1, 'Item', $itemid)) { return; } // Load the DD master object class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.objects.master'); // Get the object definition we'll be working with $object = DataObjectMaster::getObject(array('name' => 'shop_products')); $data['object'] = $object; //We don't really have the item until we call getItem() $some_id = $object->getItem(array('itemid' => $itemid)); //Make sure we got something if (!isset($some_id) || $some_id != $itemid) { return; } //Get the property names and values for the item with the getFieldValues() method $values = $object->getFieldValues(); $data['itemid'] = $itemid; //$values is an associative array of property names and values, so... foreach ($values as $name => $value) { $data[$name] = xarVarPrepForDisplay($value); } $data['editurl'] = ''; if (xarSecurityCheck('EditShop', 1)) { $data['editurl'] = xarModURL('shop', 'admin', 'modify', array('itemid' => $itemid, 'name' => 'shop_products')); } return xarTplModule('shop', 'user', 'product', $data); }
/** * Get the items currently in the cart */ function shop_userapi_getcartproducts($args) { sys::import('modules.dynamicdata.class.objects.master'); $total = 0; $shop = xarSession::getVar('shop'); if (empty($shop)) { return; } foreach ($shop as $pid => $val) { // if this post variable is set, we must need to update the quantity if (isset($_POST['qty' . $pid])) { unset($qty_new); if (!xarVarFetch('qty' . $pid, 'isset', $qty_new, NULL, XARVAR_DONT_SET)) { return; } $shop[$pid]['qty'] = $qty_new; } $products[$pid]['qty'] = $shop[$pid]['qty']; $object = DataObjectMaster::getObject(array('name' => 'shop_products')); $some_id = $object->getItem(array('itemid' => $pid)); $values = $object->getFieldValues(); $products[$pid]['title'] = xarVarPrepForDisplay($values['title']); $price = $values['price']; if (substr($price, 0, 1) == '.') { $price = '0' . $price; } $products[$pid]['price'] = $price; $subtotal = $values['price'] * $products[$pid]['qty']; $subtotals[] = $subtotal; $products[$pid]['subtotal'] = number_format($subtotal, 2); } xarSession::setVar('shop', $shop); $total = array_sum($subtotals); $total = number_format($total, 2); if (substr($total, 0, 1) == '.') { $total = '0' . $total; } $productinfo['products'] = $products; $productinfo['total'] = $total; return $productinfo; }
function publications_user_create() { if (!xarVarFetch('ptid', 'id', $data['ptid'])) { return; } if (!xarVarFetch('new_cids', 'array', $cids, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('save', 'str', $save, NULL, XARVAR_NOT_REQUIRED)) { return; } // Confirm authorisation code // This has been disabled for now // if (!xarSecConfirmAuthKey()) return; $data['items'] = array(); $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $isvalid = $data['object']->checkInput(); $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid'])); if ($data['preview'] || $isvalid) { // Preview or bad data: redisplay the form $data['properties'] = $data['object']->getProperties(); if ($data['preview']) { $data['tab'] = 'preview'; } return xarTplModule('publications', 'user', 'new', $data); } // Create the object $id = $data['object']->createItem(); // if we can edit publications, go to admin view, otherwise go to user view if (xarSecurityCheck('EditPublications', 0, 'Publication', $data['ptid'] . ':All:All:All')) { xarResponse::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $data['ptid']))); } else { xarResponse::redirect(xarModURL('publications', 'user', 'view', array('ptid' => $data['ptid']))); } return true; }
function publications_userapi_getsettings($data) { if (empty($data['ptid'])) { throw new Exception('Missing publication type for caching'); } // If already cached, then get that if (xarCore::isCached('publications', 'context' . $data['ptid'])) { return xarCore::getCached('publications', 'context' . $data['ptid']); } $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $pubtypesettings = @unserialize($pubtypeobject->properties['configuration']->getValue()); $globalsettings = publications_userapi_getglobalsettings(); if (is_array($pubtypesettings)) { $settings = $pubtypesettings + $globalsettings; } else { $settings = $globalsettings; } xarCore::setCached('publications', 'context' . $data['ptid'], $settings); return $settings; }
/** * Get customer info */ function shop_userapi_customerinfo($args) { $values = array(); if (xarUserIsLoggedIn()) { $id = xarUserGetVar('id'); } extract($args); if (isset($id)) { sys::import('modules.dynamicdata.class.objects.master'); $custobject = DataObjectMaster::getObject(array('name' => 'shop_customers')); $some_id = $custobject->getItem(array('itemid' => $id)); if (!$some_id) { //This user must have a role but no customer account. This probably happened because a web admin uninstalled the shop module, deleting all the customer accounts but not deleting the associated roles. Let's re-create the customer record with just the id so we don't get snagged later $id = $custobject->createItem(array('id' => $id)); $custobject->getItem(array('itemid' => $id)); } $values = $custobject->getFieldValues(); return $values; } else { return; } }
function wurfl_admin_modify() { if (!xarSecurityCheck('EditWurfl')) { return; } if (!xarVarFetch('name', 'str', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['object']->getItem(array('itemid' => $data['itemid'])); $data['tplmodule'] = 'wurfl'; $data['authid'] = xarSecGenAuthKey('wurfl'); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return; } // Get the data from the form $isvalid = $data['object']->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with error messages return xarTplModule('wurfl', 'admin', 'modify', $data); } else { // Good data: create the item $itemid = $data['object']->updateItem(array('itemid' => $data['itemid'])); // Jump to the next page xarController::redirect(xarModURL('wurfl', 'admin', 'view')); return true; } } return $data; }
function wurfl_admin_new() { if (!xarSecurityCheck('AddWurfl')) { return; } if (!xarVarFetch('name', 'str', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['tplmodule'] = 'wurfl'; $data['authid'] = xarSecGenAuthKey('wurfl'); if ($data['confirm']) { // we only retrieve 'preview' from the input here - the rest is handled by checkInput() if (!xarVarFetch('preview', 'str', $preview, NULL, XARVAR_DONT_SET)) { return; } // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return; } // Get the data from the form $isvalid = $data['object']->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with error messages return xarTplModule('wurfl', 'admin', 'new', $data); } else { // Good data: create the item $itemid = $data['object']->createItem(); // Jump to the next page xarController::redirect(xarModURL('wurfl', 'admin', 'view')); return true; } } return $data; }
function mailer_admin_view_mailer() { if (!xarSecurityCheck('ManageMailer')) { return; } if (!xarVarFetch('name', 'str', $name, 'mailer_mails', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) { return; } if (xarModIsAvailable('realms')) { $userrealmid = xarModAPIfunc('realms', 'admin', 'getrealmid'); $realmid = xarModAPIfunc('realms', 'admin', 'getrealmid', array('itemid' => $data['itemid'], 'tablename' => 'mailer_mails')); if ($userrealmid != 0 && $userrealmid != $realmid) { return; } } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['object']->getItem(array('itemid' => $data['itemid'])); $data['tplmodule'] = 'mailer'; return $data; }
/** * Display a transaction */ function shop_admin_transaction($args) { if (!xarVarFetch('itemid', 'id', $itemid, NULL, XARVAR_DONT_SET)) { return; } extract($args); if (empty($itemid)) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'user', 'display', 'shop'); throw new Exception($msg); } // Make sure user has read privileges for the item if (!xarSecurityCheck('ReadShop', 1, 'Item', $itemid)) { return; } // Load the DD master object class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.objects.master'); // Get the object definition we'll be working with $object = DataObjectMaster::getObject(array('name' => 'shop_transactions')); $data['properties'] = $object->getProperties(); $data['object'] = $object; //We don't really have the item until we call getItem() $some_id = $object->getItem(array('itemid' => $itemid)); //Make sure we got something if (!isset($some_id) || $some_id != $itemid) { return; } //Get the property names and values for the item with the getFieldValues() method $values = $object->getFieldValues(); //We need to do this up here to avoid messing up the serialized array with xarVarPrepForDisplay $products = unserialize($values['products']); //$values is an associative array of property names and values, so... foreach ($values as $name => $value) { $data[$name] = xarVarPrepForDisplay($value); } $data['products'] = $products; return $data; }