Ejemplo n.º 1
0
 /**
  * Move an item one down or own up int he ordering
  *
  * @param      string $move Direction to move
  * @return     void
  */
 protected function reorderTask($move = 'down')
 {
     // Check for request forgeries
     Request::checkToken(['get', 'post']);
     // Incoming
     $id = Request::getVar('id', array());
     $id = $id[0];
     $pid = Request::getInt('event', 0);
     // Ensure we have an ID to work with
     if (!$id) {
         App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_EVENTS_PAGE_NO_ID'), 'error');
         return;
     }
     // Ensure we have a parent ID to work with
     if (!$pid) {
         App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_EVENTS_PAGE_NO_EVENT_ID'), 'error');
         return;
     }
     // Get the element moving down - item 1
     $page1 = new Page($this->database);
     $page1->load($id);
     // Get the element directly after it in ordering - item 2
     $page2 = clone $page1;
     $page2->getNeighbor($this->_task);
     switch ($move) {
         case 'up':
             // Switch places: give item 1 the position of item 2, vice versa
             $orderup = $page2->ordering;
             $orderdn = $page1->ordering;
             $page1->ordering = $orderup;
             $page2->ordering = $orderdn;
             break;
         case 'down':
             // Switch places: give item 1 the position of item 2, vice versa
             $orderup = $page1->ordering;
             $orderdn = $page2->ordering;
             $page1->ordering = $orderdn;
             $page2->ordering = $orderup;
             break;
     }
     // Save changes
     $page1->store();
     $page2->store();
     // Redirect
     App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&id[]=' . $pid, false));
 }
Ejemplo n.º 2
0
 /**
  * Save an entry
  *
  * @return    void
  */
 protected function _save()
 {
     // Ensure the user is logged in
     if (User::isGuest()) {
         return $this->_login();
     }
     // Check for request forgeries
     Request::checkToken();
     // Incoming
     $comment = Request::getVar('comment', array(), 'post', 'none', 2);
     // Instantiate a new comment object
     $row = new \Plugins\Hubzero\Comments\Models\Comment($comment['id']);
     // pass data to comment object
     if (!$row->bind($comment)) {
         App::redirect($this->url, $row->getError(), 'error');
         return;
     }
     $row->set('uploadDir', $this->params->get('comments_uploadpath', '/site/comments'));
     $row->set('created', Date::toSql());
     if ($row->exists() && !$this->params->get('access-edit-comment')) {
         App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($this->url)), Lang::txt('PLG_HUBZERO_COMMENTS_NOTAUTH'), 'warning');
         return;
     }
     // Store new content
     if (!$row->store(true)) {
         $key = 'failed_comment';
         $value = $row->content('raw');
         User::setState($key, $value);
         App::redirect($this->url, $row->getError(), 'error');
         return;
     }
     App::redirect($this->url, Lang::txt('PLG_HUBZERO_COMMENTS_SAVED'), 'message');
 }
Ejemplo n.º 3
0
 /**
  * Save
  *
  * @return     void
  */
 public function saveTask()
 {
     // Check for request forgeries
     Request::checkToken();
     // Incoming
     $step = Request::getInt('step', '0');
     // Where do we go next?
     if ($this->_identifier && !$this->model->exists()) {
         throw new Exception(Lang::txt('COM_PROJECTS_PROJECT_CANNOT_LOAD'), 404);
         return;
     }
     // New project?
     $new = $this->model->exists() ? false : true;
     $setup = $new || $this->model->inSetup() ? true : false;
     // Determine setup steps
     $setupSteps = array('describe', 'team', 'finalize');
     if ($this->_setupComplete < 3) {
         array_pop($setupSteps);
     }
     // Next screen requested
     $this->next = $setup && isset($setupSteps[$step]) ? $setupSteps[$step] : $this->section;
     // Are we allowed to save this step?
     $current = array_search($this->section, $setupSteps);
     if ($new && $current > 0) {
         throw new Exception(Lang::txt('ALERTNOTAUTH'), 403);
         return;
     }
     // Cannot save a new project unless in setup
     if ($new && !$setup) {
         throw new Exception(Lang::txt('COM_PROJECTS_PROJECT_CANNOT_LOAD'), 404);
         return;
     }
     // Get group ID
     if ($this->_gid) {
         // Load the group
         $this->group = \Hubzero\User\Group::getInstance($this->_gid);
         // Ensure we found the group info
         if (!is_object($this->group) || !$this->group->get('gidNumber') && !$this->group->get('cn')) {
             throw new Exception(Lang::txt('COM_PROJECTS_NO_GROUP_FOUND'), 404);
             return;
         }
         $this->_gid = $this->group->get('gidNumber');
         $this->model->set('owned_by_group', $this->_gid);
         // Make sure we have up-to-date group membership information
         if ($this->model->exists()) {
             $objO = $this->model->table('Owner');
             $objO->reconcileGroups($this->model->get('id'));
         }
     }
     // Check authorization
     if ($this->model->exists() && !$this->model->access('owner')) {
         throw new Exception(Lang::txt('ALERTNOTAUTH'), 403);
         return;
     } elseif (!$this->model->exists() && $this->_gid) {
         // Check group authorization to create a project
         if (!$this->group->is_member_of('members', User::get('id')) && !$this->group->is_member_of('managers', User::get('id'))) {
             throw new Exception(Lang::txt('COM_PROJECTS_ALERTNOTAUTH_GROUP'), 403);
             return;
         }
     }
     // Get group ID
     if ($this->_gid) {
         // Load the group
         $this->group = \Hubzero\User\Group::getInstance($this->_gid);
         // Ensure we found the group info
         if (!is_object($this->group) || !$this->group->get('gidNumber') && !$this->group->get('cn')) {
             throw new Exception(Lang::txt('COM_PROJECTS_NO_GROUP_FOUND'), 404);
             return;
         }
         $this->_gid = $this->group->get('gidNumber');
         $this->model->set('owned_by_group', $this->_gid);
     }
     if ($this->section == 'finalize') {
         // Complete project setup
         if ($this->_finalize()) {
             $this->_setNotification(Lang::txt('COM_PROJECTS_NEW_PROJECT_CREATED'), 'success');
             // Some follow-up actions
             $this->_onAfterProjectCreate();
             App::redirect(Route::url($this->model->link()));
             return;
         }
     } else {
         // Save
         $this->_process();
     }
     // Record setup stage and move on
     if ($setup && !$this->getError() && $step > $this->model->get('setup_stage')) {
         $this->model->set('setup_stage', $step);
         $this->model->store();
         // Did we actually complete setup?
         if (!$this->model->inSetup()) {
             // Complete project setup
             if ($this->_finalize()) {
                 $this->_setNotification(Lang::txt('COM_PROJECTS_NEW_PROJECT_CREATED'), 'success');
                 // Some follow-up actions
                 $this->_onAfterProjectCreate();
                 App::redirect(Route::url($this->model->link()));
                 return;
             }
         }
     }
     // Don't go next in case of error
     if ($this->getError()) {
         $this->next = $this->section;
         $this->_setNotification($this->getError(), 'error');
     } else {
         $this->_setNotification(Lang::txt('COM_PROJECTS_' . strtoupper($this->section) . '_SAVED'), 'success');
     }
     // Redirect
     $task = $setup ? 'setup' : 'edit';
     $append = $new && $this->model->exists() && $this->next == 'describe' ? '#describearea' : '';
     App::redirect(Route::url('index.php?option=' . $this->_option . '&task=' . $task . '&alias=' . $this->model->get('alias') . '&active=' . $this->next) . $append);
     return;
 }
Ejemplo n.º 4
0
 /**
  * Save an entry
  *
  * @return     string HTML
  */
 private function _save()
 {
     // Check for request forgeries
     Request::checkToken();
     //verify were authorized
     if ($this->authorized != 'manager') {
         $this->setError(Lang::txt('PLG_GROUPS_ANNOUNCEMENTS_ONLY_MANAGERS_CAN_CREATE'));
         return $this->_list();
     }
     // Incoming
     $fields = Request::getVar('fields', array(), 'post', 'none', 2);
     $fields = array_map('trim', $fields);
     // email announcement
     $email = isset($fields['email']) && $fields['email'] == 1 ? true : false;
     //mark as not sent if we want to email again
     if ($email === true) {
         $fields['sent'] = 0;
     }
     // are we creating the announcement?
     if (!isset($fields['id']) || $fields['id'] == 0) {
         $fields['scope'] = 'group';
         $fields['scope_id'] = $this->group->get('gidNumber');
         $fields['created'] = Date::toSql();
         $fields['created_by'] = User::get('id');
     }
     //do we want to mark sticky?
     $fields['sticky'] = isset($fields['sticky']) && $fields['sticky'] == 1 ? 1 : 0;
     //do we want to mark as high priority
     $fields['priority'] = isset($fields['priority']) && $fields['priority'] == 1 ? 1 : 0;
     //format publish up
     if (isset($fields['publish_up']) && $fields['publish_up'] != '' && $fields['publish_up'] != '0000-00-00 00:00:00') {
         $fields['publish_up'] = Date::of(str_replace('@', '', $fields['publish_up']), Config::get('offset'))->toSql();
     }
     //format publish down
     if (isset($fields['publish_down']) && $fields['publish_down'] != '' && $fields['publish_down'] != '0000-00-00 00:00:00') {
         $fields['publish_down'] = Date::of(str_replace('@', '', $fields['publish_down']), Config::get('offset'))->toSql();
     }
     if ($fields['publish_up'] > $fields['publish_down']) {
         $this->setError(Lang::txt('PLG_GROUPS_ANNOUNCEMENTS_INVALID_PUBLISH_DATES'));
         return $this->_edit($fields);
     }
     //announcement model
     $announcement = new \Hubzero\Item\Announcement($this->database);
     //attempt to save
     if (!$announcement->save($fields)) {
         $this->setError($announcement->getError());
         return $this->_edit($fields);
     }
     // does user want to email and should we email yet?
     if ($email === true && $announcement->announcementPublishedForDate()) {
         // email announcement
         $announcement->emailAnnouncement();
         //set that we sent it and resave
         $announcement->sent = 1;
         $announcement->save($announcement);
     }
     //success!
     App::redirect(Route::url('index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=announcements'), Lang::txt('PLG_GROUPS_ANNOUNCEMENTS_SUCCESSFULLY_CREATED'), 'success');
     return;
 }
Ejemplo n.º 5
0
 /**
  * Save blog settings
  *
  * @return     void
  */
 private function _savesettings()
 {
     if (User::isGuest()) {
         $this->setError(Lang::txt('GROUPS_LOGIN_NOTICE'));
         return;
     }
     if ($this->authorized != 'manager' && $this->authorized != 'admin') {
         $this->setError(Lang::txt('PLG_GROUPS_BLOG_NOT_AUTHORIZED'));
         return $this->_browse();
     }
     // Check for request forgeries
     Request::checkToken();
     $settings = Request::getVar('settings', array(), 'post');
     $row = \Hubzero\Plugin\Params::blank()->set($settings);
     // Get parameters
     $p = new \Hubzero\Config\Registry(Request::getVar('params', array(), 'post'));
     $row->set('params', $p->toString());
     // Store new content
     if (!$row->save()) {
         $this->setError($row->getError());
         return $this->_settings();
     }
     // Record the activity
     $recipients = array(['group', $this->group->get('gidNumber')]);
     foreach ($this->group->get('managers') as $recipient) {
         $recipients[] = ['user', $recipient];
     }
     Event::trigger('system.logActivity', ['activity' => ['action' => 'updated', 'scope' => 'blog.settings', 'scope_id' => $row->get('id'), 'description' => Lang::txt('PLG_GROUPS_BLOG_ACTIVITY_SETTINGS_UPDATED')], 'recipients' => $recipients]);
     App::redirect(Route::url('index.php?option=com_groups&cn=' . $this->group->get('cn') . '&active=' . $this->_name . '&action=settings'), Lang::txt('PLG_GROUPS_BLOG_SETTINGS_SAVED'), 'passed');
 }
Ejemplo n.º 6
0
 /**
  * Save an entry
  *
  * @return  string  HTML
  */
 private function _save()
 {
     // Permissions check
     if (!$this->offering->access('manage', 'section')) {
         return $this->_list();
     }
     // Check for request forgeries
     Request::checkToken();
     $no_html = Request::getInt('no_html', 0);
     $response = new stdClass();
     $response->code = 0;
     // Incoming
     $fields = Request::getVar('fields', array(), 'post', 'none', 2);
     $fields = array_map('trim', $fields);
     // Get the model and bind the data
     $model = new \Components\Courses\Models\Announcement(0);
     if (!$model->bind($fields)) {
         $this->setError($model->getError());
         return $this->_edit($model);
     }
     // Incoming dates are in local time. We need to convert to UTC
     if ($model->get('publish_up') && $model->get('publish_up') != '0000-00-00 00:00:00') {
         $model->set('publish_up', Date::of($model->get('publish_up'), Config::get('offset'))->toSql());
     }
     // Incoming dates are in local time. We need to convert to UTC
     if ($model->get('publish_down') && $model->get('publish_down') != '0000-00-00 00:00:00') {
         $model->set('publish_down', Date::of($model->get('publish_down'), Config::get('offset'))->toSql());
     }
     if (!isset($fields['priority']) || !$fields['priority']) {
         $model->set('priority', 0);
     }
     // Store content
     if (!$model->store(true)) {
         $this->setError($model->getError());
         if (!$no_html) {
             return $this->_edit($model);
         }
     }
     if ($no_html) {
         if ($this->getError()) {
             $response->code = 1;
             $response->errors = $this->getErrors();
             $response->data = $fields;
         }
         ob_clean();
         header('Content-type: text/plain');
         echo json_encode($response);
         exit;
     }
     // Display listing
     return $this->_list();
 }
Ejemplo n.º 7
0
 /**
  * Save Group Calendar
  *
  * @return     string
  */
 private function saveCalendar()
 {
     Request::checkToken();
     //get request vars
     $calendarInput = Request::getVar('calendar', array());
     // get the calendar
     $calendar = \Components\Events\Models\Calendar::getInstance($calendarInput['id']);
     //add scope and scope id to calendar array
     $calendarInput['scope'] = 'group';
     $calendarInput['scope_id'] = $this->group->get('gidNumber');
     $calendarInput['url'] = trim($calendarInput['url']);
     $colors = array('red', 'orange', 'yellow', 'green', 'blue', 'purple', 'brown');
     if (!in_array($calendarInput['color'], $colors)) {
         $calendarInput['color'] = '';
     }
     //is this a remote calendar url
     if ($calendarInput['url'] != '' && filter_var($calendarInput['url'], FILTER_VALIDATE_URL)) {
         $calendarInput['readonly'] = 1;
         $needsRefresh = true;
     } else {
         $calendarInput['url'] = '';
         $calendarInput['readonly'] = 0;
         $needsRefresh = false;
     }
     // bind input
     if (!$calendar->bind($calendarInput)) {
         $this->setError($calendar->getError());
         return $this->editCalendar();
     }
     // attempt to save
     if (!$calendar->store(true)) {
         $this->setError($calendar->getError());
         return $this->editCalendar();
     }
     // should we refresh?
     if ($needsRefresh) {
         $calendar->refresh();
     }
     //inform and redirect
     App::redirect(Route::url('index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=calendar&action=calendars'), Lang::txt('You have successfully added a new calendar.'), 'passed');
 }
Ejemplo n.º 8
0
 /**
  * Save blog settings
  *
  * @return  void
  */
 private function _savesettings()
 {
     // Login check
     if (User::isGuest()) {
         return $this->_login();
     }
     if ($this->authorized != 'manager' && $this->authorized != 'admin') {
         $this->setError(Lang::txt('PLG_GROUPS_COLLECTIONS_NOT_AUTH'));
         return $this->_collections();
     }
     // Check for request forgeries
     Request::checkToken();
     $settings = Request::getVar('settings', array(), 'post');
     $row = \Hubzero\Plugin\Params::oneByPlugin($this->group->get('gidNumber'), $this->_type, $this->_name);
     $row->set('object_id', $this->group->get('gidNumber'));
     $row->set('folder', $this->_type);
     $row->set('element', $this->_name);
     // Get parameters
     $prms = Request::getVar('params', array(), 'post');
     $params = new \Hubzero\Config\Registry($prms);
     $row->set('params', $params->toString());
     // Store new content
     if (!$row->save()) {
         $this->setError($row->getError());
         return $this->_settings();
     }
     // Record the activity
     $recipients = array(['group', $this->group->get('gidNumber')]);
     foreach ($this->group->get('managers') as $recipient) {
         $recipients[] = ['user', $recipient];
     }
     Event::trigger('system.logActivity', ['activity' => ['action' => 'updated', 'scope' => 'collections.settings', 'scope_id' => $row->get('id'), 'description' => Lang::txt('PLG_GROUPS_COLLECTIONS_ACTIVITY_SETTINGS_UPDATED')], 'recipients' => $recipients]);
     App::redirect(Route::url('index.php?option=com_groups&cn=' . $this->group->get('cn') . '&active=' . $this->_name), Lang::txt('PLG_GROUPS_COLLECTIONS_SETTINGS_SAVED'), 'passed');
 }
Ejemplo n.º 9
0
 /**
  * Upload a file to the wiki
  *
  * @return  void
  */
 public function _fileUpload()
 {
     // Check if they're logged in
     if (User::isGuest()) {
         return $this->_files();
     }
     if (Request::getVar('no_html', 0)) {
         return $this->_ajaxUpload();
     }
     // Check for request forgeries
     Request::checkToken();
     // Ensure we have an ID to work with
     $listdir = Request::getInt('listdir', 0, 'post');
     if (!$listdir) {
         $this->setError(Lang::txt('PLG_COURSES_PAGES_ERROR_NO_ID_PROVIDED'));
         return $this->_files();
     }
     // Incoming file
     $file = Request::getVar('upload', '', 'files', 'array');
     if (!$file['name']) {
         $this->setError(Lang::txt('PLG_COURSES_PAGES_ERROR_NO_FILE_PROVIDED'));
         return $this->_files();
     }
     // Build the upload path if it doesn't exist
     $path = $this->_path();
     if (!is_dir($path)) {
         if (!Filesystem::makeDirectory($path)) {
             $this->setError(Lang::txt('PLG_COURSES_PAGES_ERROR_UNABLE_TO_MAKE_PATH'));
             return $this->_files();
         }
     }
     // Make the filename safe
     $file['name'] = urldecode($file['name']);
     $file['name'] = Filesystem::clean($file['name']);
     $file['name'] = str_replace(' ', '_', $file['name']);
     // Upload new files
     if (!Filesystem::upload($file['tmp_name'], $path . DS . $file['name'])) {
         $this->setError(Lang::txt('PLG_COURSES_PAGES_ERROR_UNABLE_TO_UPLOAD'));
     }
     if (!Filesystem::isSafe($path . DS . $file['name'])) {
         Filesystem::delete($path . DS . $file['name']);
         $this->setError(Lang::txt('PLG_COURSES_PAGES_ERROR_UNSAFE_FILE'));
     }
     // Push through to the media view
     return $this->_files();
 }
Ejemplo n.º 10
0
 /**
  * Save an entry
  *
  * @return   mixed  An html view on error, redirects on success
  */
 private function _save()
 {
     // Check for request forgeries
     Request::checkToken();
     //verify were authorized
     if ($this->authorized != 'manager') {
         $this->setError(Lang::txt('PLG_GROUPS_ANNOUNCEMENTS_ONLY_MANAGERS_CAN_CREATE'));
         return $this->_list();
     }
     // Incoming
     $fields = Request::getVar('fields', array(), 'post', 'none', 2);
     $fields = array_map('trim', $fields);
     // email announcement
     $email = isset($fields['email']) && $fields['email'] == 1 ? true : false;
     //mark as not sent if we want to email again
     if ($email === true) {
         $fields['sent'] = 0;
     }
     // are we creating the announcement?
     if (!isset($fields['id']) || $fields['id'] == 0) {
         $fields['id'] = 0;
         $fields['scope'] = 'group';
         $fields['scope_id'] = $this->group->get('gidNumber');
         $fields['created'] = Date::toSql();
         $fields['created_by'] = User::get('id');
     }
     //do we want to mark sticky?
     $fields['sticky'] = isset($fields['sticky']) && $fields['sticky'] == 1 ? 1 : 0;
     //do we want to mark as high priority
     $fields['priority'] = isset($fields['priority']) && $fields['priority'] == 1 ? 1 : 0;
     //format publish up
     if (isset($fields['publish_up']) && $fields['publish_up'] != '' && $fields['publish_up'] != '0000-00-00 00:00:00') {
         $fields['publish_up'] = Date::of(str_replace('@', '', $fields['publish_up']), Config::get('offset'))->toSql();
     }
     //format publish down
     if (isset($fields['publish_down']) && $fields['publish_down'] != '' && $fields['publish_down'] != '0000-00-00 00:00:00') {
         $fields['publish_down'] = Date::of(str_replace('@', '', $fields['publish_down']), Config::get('offset'))->toSql();
     }
     // Bind data
     $model = \Hubzero\Item\Announcement::oneOrNew($fields['id'])->set($fields);
     if ($model->get('publish_down') != '0000-00-00 00:00:00' && $model->get('publish_up') > $model->get('publish_down')) {
         $this->setError(Lang::txt('PLG_GROUPS_ANNOUNCEMENTS_INVALID_PUBLISH_DATES'));
         return $this->_edit($model);
     }
     if (!$model->save()) {
         $this->setError($model->setError());
         return $this->_edit($model);
     }
     // Does user want to email and should we email yet?
     if ($email === true && $model->inPublishWindow()) {
         // Email announcement
         self::send($model, $this->group);
         // Set that we sent it and resave
         $model->set('sent', 1);
         $model->save();
     }
     $url = 'index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=' . $this->_name;
     // Record the activity
     $recipients = array(['group', $this->group->get('gidNumber')]);
     foreach ($this->group->get('managers') as $recipient) {
         $recipients[] = ['user', $recipient];
     }
     Event::trigger('system.logActivity', ['activity' => ['action' => $fields['id'] ? 'updated' : 'created', 'scope' => 'announcement', 'scope_id' => $model->get('id'), 'description' => Lang::txt('PLG_GROUPS_ANNOUNCEMENTS_ACTIVITY_' . ($fields['id'] ? 'UPDATED' : 'CREATED'), '<a href="' . Route::url($url) . '">' . \Hubzero\Utility\String::truncate(strip_tags($model->get('content')), 70) . '</a>'), 'details' => array('url' => Route::url($url), 'id' => $this->group->get('gidNumber'), 'alias' => $this->group->get('cn'), 'title' => $this->group->get('description'))], 'recipients' => $recipients]);
     // Redirect to the main listing
     App::redirect(Route::url($url), Lang::txt('PLG_GROUPS_ANNOUNCEMENTS_SUCCESSFULLY_SAVED'), 'success');
 }
Ejemplo n.º 11
0
 /**
  * Set the state of a course
  *
  * @return  void
  */
 public function stateTask()
 {
     // Check for request forgeries
     Request::checkToken(['get', 'post']);
     $state = $this->_task == 'publish' ? 1 : 0;
     // Incoming
     $ids = Request::getVar('id', array());
     $ids = !is_array($ids) ? array($ids) : $ids;
     // Do we have any IDs?
     $num = 0;
     if (!empty($ids)) {
         //foreach course id passed in
         foreach ($ids as $id) {
             // Load the course page
             $model = \Components\Courses\Models\Offering::getInstance($id);
             // Ensure we found the course info
             if (!$model->exists()) {
                 continue;
             }
             //set the course to be published and update
             $model->set('state', $state);
             if (!$model->store()) {
                 $this->setError(Lang::txt('COM_COURSES_ERROR_UNABLE_TO_SET_STATE', $id));
                 continue;
             }
             // Log the course approval
             $model->log($model->get('id'), 'offering', $state ? 'published' : 'unpublished');
             $num++;
         }
     }
     if ($this->getErrors()) {
         App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&course=' . Request::getInt('course', 0), false), implode('<br />', $this->getErrors()), 'error');
     } else {
         // Output messsage and redirect
         App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&course=' . Request::getInt('course', 0), false), $state ? Lang::txt('COM_COURSES_ITEMS_PUBLISHED', $num) : Lang::txt('COM_COURSES_ITEMS_UNPUBLISHED', $num));
     }
 }
Ejemplo n.º 12
0
 /**
  * Remove one or more types
  *
  * @return     void Redirects back to main listing
  */
 public function removeTask()
 {
     // Check for request forgeries
     Request::checkToken();
     // Incoming (expecting an array)
     $ids = Request::getVar('id', array());
     $ids = !is_array($ids) ? array($ids) : $ids;
     // Ensure we have an ID to work with
     if (empty($ids)) {
         // Redirect with error message
         App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_PUBLICATIONS_NO_ITEM_SELECTED'), 'error');
         return;
     }
     $rt = new \Components\Publications\Tables\MasterType($this->database);
     foreach ($ids as $id) {
         // Check if the type is being used
         $total = $rt->checkUsage($id);
         if ($total > 0) {
             // Redirect with error message
             App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_PUBLICATIONS_TYPE_BEING_USED', $id), 'error');
             return;
         }
         // Delete the type
         $rt->delete($id);
     }
     // Redirect
     App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_PUBLICATIONS_ITEMS_REMOVED', count($ids)));
 }
Ejemplo n.º 13
0
 /**
  * Send a message
  *
  * @return     mixed
  */
 public function send($database, $option, $member)
 {
     // Ensure the user is logged in
     if (User::isGuest()) {
         return false;
     }
     // Check for request forgeries
     Request::checkToken();
     // Incoming array of users to message
     $mbrs = array_map("trim", explode(',', Request::getVar('mbrs', array(), 'post')));
     //array to hold members
     $email_users = array();
     //
     foreach ($mbrs as $mbr) {
         if (is_numeric($mbr)) {
             $email_users[] = $mbr;
         } else {
             preg_match("/\\((\\d+)\\)/", $mbr, $matches);
             $email_users[] = $matches[1];
         }
     }
     // Incoming message and subject
     $subject = Request::getVar('subject', Lang::txt('PLG_MEMBERS_MESSAGES_SUBJECT_MESSAGE'));
     $message = Request::getVar('message', '');
     $no_html = Request::getInt('no_html', 0);
     if (!$subject || !$message) {
         if (!$no_html) {
             $this->addPluginMessage(Lang::txt('You must select a message recipient and enter a message.'), 'error');
             return $this->redirect(Route::url($member->getLink() . '&active=messages&action=new'));
         }
         return App::abort(500, Lang::txt('You must select a message recipient and enter a message.'));
     }
     // Build the "from" data for the e-mail
     $from = array();
     $from['name'] = $member->get('name');
     $from['email'] = $member->get('email');
     // Send the message
     if (!Event::trigger('xmessage.onSendMessage', array('member_message', $subject, $message, $from, $email_users, $option))) {
         $this->setError(Lang::txt('PLG_MEMBERS_MESSAGES_ERROR_MSG_USER_FAILED'));
     }
     // Determine if we're returning HTML or not
     // (if no - this is an AJAX call)
     if (!$no_html) {
         $this->addPluginMessage(Lang::txt('You have successfully sent a message.'), 'passed');
         return App::redirect(Route::url($member->getLink() . '&active=messages&task=inbox'));
     }
 }
Ejemplo n.º 14
0
 /**
  * Sets the state of one or more entries
  *
  * @param   integer  The state to set entries to
  * @return  void
  */
 public function stateTask($state = 0)
 {
     // Check for request forgeries
     Request::checkToken(['get', 'post']);
     // Incoming
     $ids = Request::getVar('id', array());
     // Check for an ID
     if (count($ids) < 1) {
         $action = $state == 1 ? Lang::txt('PLG_RESOURCES_SPONSORS_UNPUBLISH') : Lang::txt('PLG_RESOURCES_SPONSORS_PUBLISH');
         App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=manage&plugin=sponsors', false), Lang::txt('PLG_RESOURCES_SPONSORS_SELECT_ITEM_TO', $action), 'error');
         return;
     }
     foreach ($ids as $id) {
         // Update record(s)
         $row = \Plugins\Resources\Sponsors\Models\Sponsor::oneOrFail((int) $id);
         $row->set('state', $state);
         if (!$row->save()) {
             $this->setError($row->getError());
             return $this->defaultTask();
         }
     }
     // set message
     if ($state == 1) {
         $message = Lang::txt('PLG_RESOURCES_SPONSORS_ITEMS_PUBLISHED', count($ids));
     } else {
         $message = Lang::txt('PLG_RESOURCES_SPONSORS_ITEMS_UNPUBLISHED', count($ids));
     }
     App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=manage&plugin=sponsors', false), $message);
 }
Ejemplo n.º 15
0
 /**
  * Process import selections
  *
  * @return  void
  */
 private function processAction()
 {
     // Check if they're logged in
     if (User::isGuest()) {
         return $this->loginAction();
     }
     if (!$this->params->get('access-manage')) {
         throw new Exception(Lang::txt('PLG_MEMBERS_CITATIONS_NOT_AUTHORIZED'), 403);
     }
     Request::checkToken();
     $cites_require_attention = $this->importer->readRequiresAttention();
     $cites_require_no_attention = $this->importer->readRequiresNoAttention();
     // action for citations needing attention
     $citations_action_attention = Request::getVar('citation_action_attention', array());
     // action for citations needing no attention
     $citations_action_no_attention = Request::getVar('citation_action_no_attention', array());
     // check to make sure we have citations
     if (!$cites_require_attention && !$cites_require_no_attention) {
         App::redirect(Route::url($this->member->getLink() . '&active=' . $this->_name . '&action=import'), Lang::txt('PLG_MEMBERS_CITATIONS_IMPORT_MISSING_FILE_CONTINUE'), 'error');
         return;
     }
     // vars
     $allow_tags = "yes";
     $allow_badges = "yes";
     $this->importer->set('user', User::get('id'));
     $this->importer->setTags($allow_tags == 'yes');
     $this->importer->setBadges($allow_badges == 'yes');
     $this->importer->set('scope_id', $this->member->get('uidNumber'));
     $this->importer->set('scope', 'member');
     // Process
     $results = $this->importer->process($citations_action_attention, $citations_action_no_attention);
     // success message a redirect
     Notify::success(Lang::txt('PLG_MEMBERS_CITATIONS_IMPORT_RESULTS_SAVED', count($results['saved'])), 'plg_citations');
     // if we have citations not getting saved
     if (count($results['not_saved']) > 0) {
         Notify::warning(Lang::txt('PLG_MEMBERS_CITATIONS_IMPORT_RESULTS_NOT_SAVED', count($results['not_saved'])), 'plg_citations');
     }
     if (count($results['error']) > 0) {
         Notify::error(Lang::txt('PLG_MEMBERS_CITATIONS_IMPORT_RESULTS_SAVE_ERROR', count($results['error'])), 'plg_citations');
     }
     //get the session object
     $session = App::get('session');
     //ids of sessions saved and not saved
     $session->set('citations_saved', $results['saved']);
     $session->set('citations_not_saved', $results['not_saved']);
     $session->set('citations_error', $results['error']);
     //delete the temp files that hold citation data
     $this->importer->cleanup(true);
     //redirect
     App::redirect(Route::url($this->member->getLink() . '&active=' . $this->_name . '&action=saved'));
 }
Ejemplo n.º 16
0
 /**
  * Save comment
  *
  * @return	   void, redirect
  */
 protected function _saveComment()
 {
     // Check for request forgeries
     Request::checkToken();
     // Check permission
     if (!$this->model->access('content')) {
         throw new Exception(Lang::txt('ALERTNOTAUTH'), 403);
         return;
     }
     // Incoming
     $itemid = Request::getInt('itemid', 0, 'post');
     $comment = trim(Request::getVar('comment', '', 'post'));
     $parent_activity = Request::getInt('parent_activity', 0, 'post');
     // Clean-up
     $comment = \Hubzero\Utility\Sanitize::stripScripts($comment);
     $comment = \Hubzero\Utility\Sanitize::stripImages($comment);
     $comment = \Hubzero\Utility\String::truncate($comment, 800);
     // Instantiate comment
     $objC = new \Components\Projects\Tables\Comment($this->_database);
     if ($comment) {
         $objC->itemid = $itemid;
         $objC->tbl = 'todo';
         $objC->parent_activity = $parent_activity;
         $objC->comment = $comment;
         $objC->created = Date::toSql();
         $objC->created_by = $this->_uid;
         if (!$objC->store()) {
             $this->setError($objC->getError());
         } else {
             $this->_msg = Lang::txt('PLG_PROJECTS_TODO_COMMENT_POSTED');
         }
         // Get new entry ID
         if (!$objC->id) {
             $objC->checkin();
         }
         // Record activity
         if ($objC->id) {
             $what = Lang::txt('COM_PROJECTS_TODO_ITEM');
             $url = Route::url($this->model->link('todo') . '&action=view&todoid=' . $itemid);
             $aid = $this->model->recordActivity(Lang::txt('COM_PROJECTS_COMMENTED') . ' ' . Lang::txt('COM_PROJECTS_ON') . ' ' . $what, $objC->id, $what, $url, 'quote', 0);
         }
         // Store activity ID
         if ($aid) {
             $objC->activityid = $aid;
             $objC->store();
         }
     }
     // Pass error or success message
     if ($this->getError()) {
         \Notify::message($this->getError(), 'error', 'projects');
     } elseif (!empty($this->_msg)) {
         \Notify::message($this->_msg, 'success', 'projects');
     }
     // Redirect
     App::redirect(Route::url($this->model->link('todo') . '&action=view&todoid=' . $itemid));
     return;
 }
Ejemplo n.º 17
0
 /**
  * Save an entry
  *
  * @return  void
  */
 protected function _save()
 {
     // Ensure the user is logged in
     if (User::isGuest()) {
         return $this->_login();
     }
     // Check for request forgeries
     Request::checkToken();
     // Incoming
     $comment = Request::getVar('comment', array(), 'post', 'none', 2);
     // Instantiate a new comment object
     $row = \Plugins\Hubzero\Comments\Models\Comment::oneOrNew($comment['id'])->set($comment);
     if ($row->get('id') && !$this->params->get('access-edit-comment')) {
         App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($this->url)), Lang::txt('PLG_HUBZERO_COMMENTS_NOTAUTH'), 'warning');
     }
     // Store new content
     if (!$row->save()) {
         User::setState('failed_comment', $row->get('content'));
         App::redirect($this->url, $row->getError(), 'error');
     }
     $upload = Request::getVar('comment_file', '', 'files', 'array');
     if (!empty($upload) && $upload['name']) {
         if ($upload['error']) {
             $this->setError(\Lang::txt('PLG_HUBZERO_COMMENTS_ERROR_UPLOADING_FILE'));
         }
         $file = new \Plugins\Hubzero\Comments\Models\File();
         $file->set('comment_id', $row->get('id'));
         $file->setUploadDir($this->params->get('comments_uploadpath', '/site/comments'));
         $fileName = $upload['name'];
         $fileTemp = $upload['tmp_name'];
         if (!$file->upload($fileName, $fileTemp)) {
             $this->setError($file->getError());
         } else {
             $file->save();
         }
     }
     App::redirect($this->url, Lang::txt('PLG_HUBZERO_COMMENTS_SAVED'), 'message');
 }
Ejemplo n.º 18
0
 /**
  * Reorder a plugin
  *
  * @param      integer $access Access level to set
  * @return     void
  */
 public function orderTask()
 {
     // Check for request forgeries
     Request::checkToken();
     $id = Request::getVar('id', array(0), 'post', 'array');
     \Hubzero\Utility\Arr::toInteger($id, array(0));
     $uid = $id[0];
     $inc = $this->_task == 'orderup' ? -1 : 1;
     $row = new Tables\Assetgroup($this->database);
     $row->load($uid);
     $row->move($inc, 'unit_id=' . $this->database->Quote($row->unit_id) . ' AND parent=' . $this->database->Quote($row->parent));
     $row->reorder('unit_id=' . $this->database->Quote($row->unit_id) . ' AND parent=' . $this->database->Quote($row->parent));
     //$unit = \Components\Courses\Models\Unit::getInstance(Request::getInt('unit', 0));
     //$ags = $unit->assetgroups(null, array('parent' => $row->parent));
     if ($ags = $row->find(array('w' => array('parent' => $row->parent, 'unit_id' => $row->unit_id)))) {
         foreach ($ags as $ag) {
             $a = new \Components\Courses\Models\Assetgroup($ag);
             $a->store();
         }
     }
     App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&unit=' . Request::getInt('unit', 0), false));
 }
Ejemplo n.º 19
0
 /**
  * Save blog settings
  *
  * @return     void
  */
 private function _savesettings()
 {
     // Login check
     if (User::isGuest()) {
         return $this->_login();
     }
     if ($this->authorized != 'manager' && $this->authorized != 'admin') {
         $this->setError(Lang::txt('PLG_COLLECTIONS_BLOG_NOT_AUTH'));
         return $this->_collections();
     }
     // Check for request forgeries
     Request::checkToken();
     $settings = Request::getVar('settings', array(), 'post');
     $row = new \Hubzero\Plugin\Params($this->database);
     $row->loadPlugin($this->group->get('gidNumber'), $this->_type, $this->_name);
     $row->object_id = $this->group->get('gidNumber');
     $row->folder = $this->_type;
     $row->element = $this->_name;
     // Get parameters
     $prms = Request::getVar('params', array(), 'post');
     $params = new \Hubzero\Config\Registry($prms);
     $row->params = $params->toString();
     // Check content
     if (!$row->check()) {
         $this->setError($row->getError());
         return $this->_settings();
     }
     // Store new content
     if (!$row->store()) {
         $this->setError($row->getError());
         return $this->_settings();
     }
     App::redirect(Route::url('index.php?option=com_groups&cn=' . $this->group->get('cn') . '&active=' . $this->_name), Lang::txt('PLG_GROUPS_COLLECTIONS_SETTINGS_SAVED'), 'passed');
 }
Ejemplo n.º 20
0
 /**
  * Save a question and redirect to the main listing when done
  *
  * @return     void
  */
 private function _save()
 {
     // Login required
     if (User::isGuest()) {
         return $this->_browse();
     }
     // Check for request forgeries
     Request::checkToken();
     Lang::load('com_answers');
     // Incoming
     $tags = Request::getVar('tags', '');
     $funds = Request::getInt('funds', 0);
     $reward = Request::getInt('reward', 0);
     // If offering a reward, do some checks
     if ($reward) {
         // Is it an actual number?
         if (!is_numeric($reward)) {
             App::abort(500, Lang::txt('COM_ANSWERS_REWARD_MUST_BE_NUMERIC'));
             return;
         }
         // Are they offering more than they can afford?
         if ($reward > $funds) {
             App::abort(500, Lang::txt('COM_ANSWERS_INSUFFICIENT_FUNDS'));
             return;
         }
     }
     // Initiate class and bind posted items to database fields
     $fields = Request::getVar('question', array(), 'post', 'none', 2);
     $row = new \Components\Answers\Models\Question($fields['id']);
     if (!$row->bind($fields)) {
         $this->setError($row->getError());
         return $this->_new($row);
     }
     if ($reward && $this->banking) {
         $row->set('reward', 1);
     }
     // Ensure the user added a tag
     /*
     if (!$tags)
     {
     	$this->setError(Lang::txt('COM_ANSWERS_QUESTION_MUST_HAVE_TAG'));
     	return $this->_new($row);
     }
     */
     // Store new content
     if (!$row->store(true)) {
         $row->set('tags', $tags);
         $this->setError($row->getError());
         return $this->_new($row);
     }
     // Hold the reward for this question if we're banking
     if ($reward && $this->banking) {
         $BTL = new \Hubzero\Bank\Teller($this->database, User::get('id'));
         $BTL->hold($reward, Lang::txt('COM_ANSWERS_HOLD_REWARD_FOR_BEST_ANSWER'), 'answers', $row->get('id'));
     }
     // Add the tags
     $row->tag($tags);
     // Add the tag to link to the resource
     $tag = $this->model->isTool() ? 'tool:' . $this->model->resource->alias : 'resource:' . $this->model->resource->id;
     $row->addTag($tag, User::get('id'), $this->model->isTool() ? 0 : 1);
     // Get users who need to be notified on every question
     $config = Component::params('com_answers');
     $apu = $config->get('notify_users', '');
     $apu = explode(',', $apu);
     $apu = array_map('trim', $apu);
     $receivers = array();
     // Get tool contributors if question is about a tool
     if ($tags) {
         $tags = explode(',', $tags);
         if (count($tags) > 0) {
             require_once PATH_CORE . DS . 'components' . DS . 'com_tools' . DS . 'tables' . DS . 'author.php';
             require_once PATH_CORE . DS . 'components' . DS . 'com_tools' . DS . 'tables' . DS . 'version.php';
             $TA = new \Components\Tools\Tables\Author($this->database);
             $objV = new \Components\Tools\Tables\Version($this->database);
             if ($this->model->isTool()) {
                 $toolname = $this->model->resource->alias;
                 $rev = $objV->getCurrentVersionProperty($toolname, 'revision');
                 $authors = $TA->getToolAuthors('', 0, $toolname, $rev);
                 if (count($authors) > 0) {
                     foreach ($authors as $author) {
                         $receivers[] = $author->uidNumber;
                     }
                 }
             }
         }
     }
     if (!empty($apu)) {
         foreach ($apu as $u) {
             $user = User::getInstance($u);
             if ($user) {
                 $receivers[] = $user->get('id');
             }
         }
     }
     $receivers = array_unique($receivers);
     // Send the message
     if (!empty($receivers)) {
         // Send a message about the new question to authorized users (specified admins or related content authors)
         $from = array('email' => Config::get('mailfrom'), 'name' => Config::get('sitename') . ' ' . Lang::txt('COM_ANSWERS_ANSWERS'), 'multipart' => md5(date('U')));
         // Build the message subject
         $subject = Lang::txt('COM_ANSWERS_ANSWERS') . ', ' . Lang::txt('new question about content you author or manage');
         // Build the message
         $eview = new \Hubzero\Mail\View(array('base_path' => PATH_CORE . DS . 'components' . DS . 'com_answers' . DS . 'site', 'name' => 'emails', 'layout' => 'question_plaintext'));
         $eview->option = 'com_answers';
         $eview->sitename = Config::get('sitename');
         $eview->question = $row;
         $eview->id = $row->get('id', 0);
         $eview->boundary = $from['multipart'];
         $message['plaintext'] = $eview->loadTemplate(false);
         $message['plaintext'] = str_replace("\n", "\r\n", $message['plaintext']);
         // HTML message
         $eview->setLayout('question_html');
         $message['multipart'] = $eview->loadTemplate();
         $message['multipart'] = str_replace("\n", "\r\n", $message['multipart']);
         if (!Event::trigger('xmessage.onSendMessage', array('new_question_admin', $subject, $message, $from, $receivers, 'com_answers'))) {
             $this->setError(Lang::txt('COM_ANSWERS_MESSAGE_FAILED'));
         }
     }
     // Redirect to the question
     App::redirect(Route::url('index.php?option=' . $this->option . '&id=' . $this->model->resource->id . '&active=' . $this->_name));
 }
Ejemplo n.º 21
0
 /**
  * Change status
  * Redirects to list
  *
  * @return     void
  */
 public function changestatusTask($dir = 0)
 {
     // Check for request forgeries
     Request::checkToken();
     // Incoming
     $ids = Request::getVar('id', array(0), '', 'array');
     // Initialize
     $row = new \Components\Publications\Tables\Category($this->database);
     foreach ($ids as $id) {
         if (intval($id)) {
             // Load row
             $row->load($id);
             $row->state = $row->state == 1 ? 0 : 1;
             // Save
             if (!$row->store()) {
                 $this->addComponentMessage($row->getError(), 'error');
                 App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false));
                 return;
             }
         }
     }
     // Redirect
     App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_PUBLICATIONS_CATEGORY_ITEM_STATUS_CHNAGED'));
 }
Ejemplo n.º 22
0
 /**
  * Save an entry
  *
  * @return    void
  */
 protected function _save()
 {
     // Ensure the user is logged in
     if (User::isGuest()) {
         return $this->_login();
     }
     // Check for request forgeries
     Request::checkToken();
     // Incoming
     $comment = Request::getVar('comment', array(), 'post', 'none', 2);
     // Instantiate a new comment object and pass it the data
     $row = new \Hubzero\Item\Comment($this->database);
     if (!$row->bind($comment)) {
         App::redirect($this->url, $row->getError(), 'error');
         return;
     }
     $row->setUploadDir($this->params->get('comments_uploadpath', '/site/comments'));
     if ($row->id && !$this->params->get('access-edit-comment')) {
         App::redirect($this->url, Lang::txt('PLG_COURSES_REVIEWS_NOTAUTH'), 'warning');
         return;
     }
     // Check content
     if (!$row->check()) {
         App::redirect($this->url, $row->getError(), 'error');
         return;
     }
     // Store new content
     if (!$row->store()) {
         App::redirect($this->url, $row->getError(), 'error');
         return;
     }
     App::redirect($this->url, Lang::txt('PLG_COURSES_REVIEWS_SAVED'), 'message');
 }
Ejemplo n.º 23
0
 /**
  * Remove one or more users from the course manager list
  *
  * @return  void
  */
 public function updateTask()
 {
     // Check for request forgeries
     Request::checkToken();
     // Incoming member ID
     $id = Request::getInt('offering', 0);
     if (!$id) {
         $this->setError(Lang::txt('COM_COURSES_ERROR_NO_ID'));
         $this->displayTask();
         return;
     }
     $section = Request::getInt('section', 0);
     $model = \Components\Courses\Models\Offering::getInstance($id);
     if ($section) {
         $model->section($section);
     }
     $entries = Request::getVar('entries', array(0), 'post');
     foreach ($entries as $key => $data) {
         // Retrieve user's account info
         $member = \Components\Courses\Models\Member::getInstance($data['id'], null, null, null);
         if ($member->get('role_id') == $data['role_id']) {
             continue;
         }
         $member->set('role_id', $data['role_id']);
         if (!$member->store()) {
             $this->setError($member->getError());
         }
     }
     // Push through to the hosts view
     $this->displayTask($model);
 }
Ejemplo n.º 24
0
 /**
  * Remove an entry
  *
  * @return  void
  */
 public function removeTask()
 {
     // Incoming
     $step = Request::getInt('step', 1);
     $step = !$step ? 1 : $step;
     // What step are we on?
     switch ($step) {
         case 1:
             Request::setVar('hidemainmenu', 1);
             // Incoming
             $id = Request::getVar('id', array(0));
             if (!is_array($id) && !empty($id)) {
                 $id = array($id);
             }
             $this->view->ogId = $id;
             // Set any errors
             if ($this->getError()) {
                 $this->view->setError($this->getError());
             }
             // Output the HTML
             $this->view->display();
             break;
         case 2:
             // Check for request forgeries
             Request::checkToken() or jexit('Invalid Token');
             // Incoming
             $ogIds = Request::getVar('ogId', 0);
             //print_r($ogIds); die;
             // Make sure we have ID(s) to work with
             if (empty($ogIds)) {
                 App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=dispaly', false), Lang::txt('COM_STOREFRONT_NO_ID'), 'error');
                 return;
             }
             $delete = Request::getVar('delete', 0);
             $msg = "Delete canceled";
             $type = 'error';
             if ($delete) {
                 // Do the delete
                 $obj = new Archive();
                 $warnings = array();
                 foreach ($ogIds as $ogId) {
                     // Delete option group
                     try {
                         $optionGroup = new OptionGroup($ogId);
                         $optionGroup->delete();
                         // see if there are any warnings to display
                         if ($optionGroupWarnings = $optionGroup->getMessages()) {
                             foreach ($optionGroupWarnings as $optionGroupWarning) {
                                 if (!in_array($optionGroupWarning, $warnings)) {
                                     $warnings[] = $optionGroupWarning;
                                 }
                             }
                         }
                     } catch (\Exception $e) {
                         App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=dispaly', false), $e->getMessage(), $type);
                         return;
                     }
                 }
                 $msg = "Option group(s) deleted";
                 $type = 'message';
             }
             // Set the redirect
             App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=dispaly', false), $msg, $type);
             if ($warnings) {
                 foreach ($warnings as $warning) {
                     \Notify::warning($warning);
                 }
             }
             break;
     }
 }
Ejemplo n.º 25
0
 /**
  * Upload a resume
  *
  * @param   object  $database  Database
  * @param   string  $option    Component name
  * @param   object  $member    Profile
  * @return  string
  */
 protected function _upload($database, $option, $member)
 {
     $path = $this->build_path($member->get('id'));
     $emp = Request::getInt('emp', 0);
     if (!$path) {
         $this->setError(Lang::txt('PLG_MEMBERS_RESUME_SUPPORT_NO_UPLOAD_DIRECTORY'));
         return $this->_view($database, $option, $member, $emp);
     }
     // Check for request forgeries
     Request::checkToken(['get', 'post']);
     // Incoming file
     $file = Request::getVar('uploadres', '', 'files', 'array');
     if (!$file['name']) {
         $this->setError(Lang::txt('PLG_MEMBERS_RESUME_SUPPORT_NO_FILE'));
         return $this->_view($database, $option, $member, $emp);
     }
     // Incoming
     $title = Request::getVar('title', '');
     $default_title = $member->get('firstname') ? $member->get('firstname') . ' ' . $member->get('lastname') . ' ' . ucfirst(Lang::txt('PLG_MEMBERS_RESUME_RESUME')) : $member->get('name') . ' ' . ucfirst(Lang::txt('PLG_MEMBERS_RESUME_RESUME'));
     $path = PATH_APP . $path;
     // Replace file title with user name
     $file_ext = substr($file['name'], strripos($file['name'], '.'));
     $file['name'] = $member->get('firstname') ? $member->get('firstname') . ' ' . $member->get('lastname') . ' ' . ucfirst(Lang::txt('PLG_MEMBERS_RESUME_RESUME')) : $member->get('name') . ' ' . ucfirst(Lang::txt('PLG_MEMBERS_RESUME_RESUME'));
     $file['name'] .= $file_ext;
     // Make the filename safe
     $file['name'] = Filesystem::clean($file['name']);
     $file['name'] = str_replace(' ', '_', $file['name']);
     $ext = strtolower(Filesystem::extension($file['name']));
     if (!in_array($ext, explode(',', $this->params->get('file_ext', 'jpg,jpeg,jpe,bmp,tif,tiff,png,gif,pdf,txt,rtf,doc,docx,ppt')))) {
         $this->setError(Lang::txt('Disallowed file type.'));
         return $this->_view($database, $option, $member, $emp);
     }
     $row = new \Components\Jobs\Tables\Resume($database);
     if (!$row->loadResume($member->get('id'))) {
         $row = new \Components\Jobs\Tables\Resume($database);
         $row->id = 0;
         $row->uid = $member->get('id');
         $row->main = 1;
     } else {
         if (file_exists($path . DS . $row->filename)) {
             Filesystem::delete($path . DS . $row->filename);
             // Remove stats for prev resume
             $jobstats = new \Components\Jobs\Tables\JobStats($database);
             $jobstats->deleteStats($member->get('id'), 'seeker');
         }
     }
     // Perform the upload
     if (!Filesystem::upload($file['tmp_name'], $path . DS . $file['name'])) {
         $this->setError(Lang::txt('ERROR_UPLOADING'));
     } else {
         $fpath = $path . DS . $file['name'];
         if (!Filesystem::isSafe($fpath)) {
             Filesystem::delete($fpath);
             $this->setError(Lang::txt('File rejected because the anti-virus scan failed.'));
             return $this->_view($database, $option, $member, $emp);
         }
         // File was uploaded, create database entry
         $title = htmlspecialchars($title);
         $row->created = Date::toSql();
         $row->filename = $file['name'];
         $row->title = $title ? $title : $default_title;
         if (!$row->check()) {
             $this->setError($row->getError());
         }
         if (!$row->store()) {
             $this->setError($row->getError());
         }
     }
     return $this->_view($database, $option, $member, $emp);
 }
Ejemplo n.º 26
0
 /**
  * Remove one or more users from the course manager list
  *
  * @return  void
  */
 public function updateTask()
 {
     // Check for request forgeries
     Request::checkToken();
     // Incoming member ID
     $id = Request::getInt('id', 0);
     if (!$id) {
         $this->setError(Lang::txt('COM_COURSES_ERROR_MISSING_COURSE'));
         $this->displayTask();
         return;
     }
     $model = Course::getInstance($id);
     $entries = Request::getVar('entries', array(0), 'post');
     require_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'member.php';
     foreach ($entries as $key => $data) {
         // Retrieve user's account info
         $tbl = new Tables\Member($this->database);
         $tbl->load($data['user_id'], $data['course_id'], $data['offering_id'], $data['section_id'], 0);
         if ($tbl->role_id == $data['role_id']) {
             continue;
         }
         $tbl->role_id = $data['role_id'];
         if (!$tbl->store()) {
             $this->setError($tbl->getError());
         }
     }
     // Push through to the hosts view
     $this->displayTask();
 }
Ejemplo n.º 27
0
 /**
  * Save an entry
  *
  * @return  void
  */
 public function saveTask()
 {
     // Check if they're logged in
     if (User::isGuest()) {
         $this->loginTask();
         return;
     }
     Request::checkToken();
     // get the posted vars
     $id = Request::getInt('id', 0, 'post');
     $c = Request::getVar('fields', array(), 'post');
     $c['id'] = $id;
     // clean vars
     foreach ($c as $key => $val) {
         if (!is_array($val)) {
             $val = html_entity_decode(urldecode($val));
             $val = Sanitize::stripAll($val);
             $c[$key] = Sanitize::clean($val);
         }
     }
     // Bind incoming data to object
     $row = new Citation($this->database);
     if (!$row->bind($c)) {
         $this->setError($row->getError());
         $this->editTask();
         return;
     }
     // New entry so set the created date
     if (!$row->id) {
         $row->created = Date::toSql();
     }
     if (!filter_var($row->url, FILTER_VALIDATE_URL)) {
         $row->url = null;
     }
     // Check content for missing required data
     if (!$row->check()) {
         $this->setError($row->getError());
         $this->editTask();
         return;
     }
     // Store new content
     if (!$row->store()) {
         $this->setError($row->getError());
         $this->editTask();
         return;
     }
     // Incoming associations
     $arr = Request::getVar('assocs', array(), 'post');
     $ignored = array();
     foreach ($arr as $a) {
         $a = array_map('trim', $a);
         // Initiate extended database class
         $assoc = new Association($this->database);
         //check to see if we should delete
         if (isset($a['id']) && $a['tbl'] == '' && $a['oid'] == '') {
             // Delete the row
             if (!$assoc->delete($a['id'])) {
                 $this->setError($assoc->getError());
                 $this->editTask();
                 return;
             }
         } else {
             if ($a['tbl'] != '' || $a['oid'] != '') {
                 $a['cid'] = $row->id;
                 // bind the data
                 if (!$assoc->bind($a)) {
                     $this->setError($assoc->getError());
                     $this->editTask();
                     return;
                 }
                 // Check content
                 if (!$assoc->check()) {
                     $this->setError($assoc->getError());
                     $this->editTask();
                     return;
                 }
                 // Store new content
                 if (!$assoc->store()) {
                     $this->setError($assoc->getError());
                     $this->editTask();
                     return;
                 }
             }
         }
     }
     //check if we are allowing tags
     if ($this->config->get('citation_allow_tags', 'no') == 'yes') {
         $tags = trim(Request::getVar('tags', '', 'post'));
         $ct1 = new Tags($row->id);
         $ct1->setTags($tags, User::get('id'), 0, 1, '');
     }
     //check if we are allowing badges
     if ($this->config->get('citation_allow_badges', 'no') == 'yes') {
         $badges = trim(Request::getVar('badges', '', 'post'));
         $ct2 = new Tags($row->id);
         $ct2->setTags($badges, User::get('id'), 0, 1, 'badge');
     }
     // Redirect
     $task = '&task=browse';
     if ($this->config->get('citation_single_view', 1)) {
         $task = '&task=view&id=' . $row->id;
     }
     App::redirect(Route::url('index.php?option=' . $this->_option . $task), Lang::txt('COM_CITATIONS_CITATION_SAVED'));
 }
Ejemplo n.º 28
0
 /**
  * Save blog settings
  *
  * @return     void
  */
 private function savesettings()
 {
     if (User::isGuest()) {
         $this->setError(Lang::txt('GROUPS_LOGIN_NOTICE'));
         return;
     }
     if ($this->authorized != 'manager' && $this->authorized != 'admin') {
         $this->setError(Lang::txt('PLG_GROUPS_FORUM_NOT_AUTHORIZED'));
         return $this->sections();
     }
     // Check for request forgeries
     Request::checkToken();
     $settings = Request::getVar('settings', array(), 'post');
     $row = new \Hubzero\Plugin\Params($this->database);
     if (!$row->bind($settings)) {
         $this->setError($row->getError());
         return $this->settings();
     }
     // Get parameters
     $p = new \Hubzero\Config\Registry(Request::getVar('params', '', 'post'));
     $row->params = $p->toString();
     // Check content
     if (!$row->check()) {
         $this->setError($row->getError());
         return $this->_settings();
     }
     // Store new content
     if (!$row->store()) {
         $this->setError($row->getError());
         return $this->_settings();
     }
     App::redirect(Route::url('index.php?option=com_groups&cn=' . $this->group->get('cn') . '&active=' . $this->_name . '&action=settings'), Lang::txt('PLG_GROUPS_FORUM_SETTINGS_SAVED'));
 }
Ejemplo n.º 29
0
 /**
  * Save a reply
  *
  * @return  void
  */
 private function savereply()
 {
     // Check for request forgeries
     Request::checkToken();
     // Is the user logged in?
     if (User::isGuest()) {
         $this->setError(Lang::txt('PLG_PUBLICATIONS_REVIEWS_LOGIN_NOTICE'));
         return;
     }
     $publication =& $this->publication;
     // Trim and addslashes all posted items
     $comment = Request::getVar('comment', array(), 'post', 'none', 2);
     if (!$publication->exists()) {
         // Cannot proceed
         $this->setError(Lang::txt('PLG_PUBLICATIONS_REVIEWS_COMMENT_ERROR_NO_REFERENCE_ID'));
         return;
     }
     $database = App::get('db');
     $row = \Hubzero\Item\Comment::blank()->set($comment);
     $message = $row->id ? Lang::txt('PLG_PUBLICATIONS_REVIEWS_EDITS_SAVED') : Lang::txt('PLG_PUBLICATIONS_REVIEWS_COMMENT_POSTED');
     // Perform some text cleaning, etc.
     $row->set('content', \Hubzero\Utility\Sanitize::clean($row->get('content')));
     $row->set('anonymous', $row->get('anonymous') ? $row->get('anonymous') : 0);
     $row->set('state', $row->get('id') ? $row->get('state') : 0);
     // Save the data
     if (!$row->save()) {
         $this->setError($row->getError());
         return;
     }
     // Redirect
     App::redirect(Route::url($publication->link('reviews')), $message);
 }
Ejemplo n.º 30
0
 /**
  * Set local password
  *
  * @return void - redirect to members account page
  */
 private function setlocalpass()
 {
     // Logged in?
     if ($this->user->get('guest')) {
         App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode(Route::url('index.php?option=' . $this->option . '&task=myaccount&active=account&action=setlocalpass'))), Lang::txt('You must be a logged in to access this area.'), 'warning');
         return;
     }
     // Get the token from the user state variable
     $token = User::getState($this->option . 'token');
     // First check to make sure they're not trying to jump to this page without first verifying their token
     if (is_null($token)) {
         // Tsk tsk, no sneaky business
         App::redirect(Route::url('index.php?option=' . $this->option . '&id=' . $this->user->get('id') . '&active=account&task=sendtoken'), Lang::txt('You must first verify your email address by inputting the token.'), 'error');
         return;
     }
     // Get the password input
     $password1 = Request::getVar('password1', null, 'post', 'string', JREQUEST_ALLOWRAW);
     $password2 = Request::getVar('password2', null, 'post', 'string', JREQUEST_ALLOWRAW);
     $change = Request::getVar('change', '', 'post');
     // Create the view
     $view = new \Hubzero\Plugin\View(array('folder' => 'members', 'element' => 'account', 'name' => 'setlocalpassword', 'layout' => 'setlocalpass'));
     // Add a few more variables to the view
     $view->option = $this->option;
     $view->id = $this->user->get('id');
     // Get the password rules
     $password_rules = \Hubzero\Password\Rule::getRules();
     // Get the password rule descriptions
     $view->password_rules = array();
     foreach ($password_rules as $rule) {
         if (!empty($rule['description'])) {
             $view->password_rules[] = $rule['description'];
         }
     }
     // Blank form request (no data submitted)
     if (empty($change)) {
         $view->notifications = $this->getPluginMessage() ? $this->getPluginMessage() : array();
         return $view->loadTemplate();
     }
     // Check for request forgeries
     Request::checkToken();
     // Load some needed libraries
     jimport('joomla.user.helper');
     // Initiate profile classs
     $profile = new \Hubzero\User\Profile();
     $profile->load($this->user->get('id'));
     // Fire the onBeforeStoreUser trigger
     Event::trigger('user.onBeforeStoreUser', array($this->user->getProperties(), false));
     // Validate the password against password rules
     if (!empty($password1)) {
         $msg = \Hubzero\Password\Rule::validate($password1, $password_rules, $profile->get('username'));
     } else {
         $msg = array();
     }
     // Verify password
     $passrules = false;
     if (!$password1 || !$password2) {
         $this->setError(Lang::txt('MEMBERS_PASS_MUST_BE_ENTERED_TWICE'));
     } elseif ($password1 != $password2) {
         $this->setError(Lang::txt('MEMBERS_PASS_NEW_CONFIRMATION_MISMATCH'));
     } elseif (!empty($msg)) {
         $this->setError(Lang::txt('Password does not meet site password requirements. Please choose a password meeting all the requirements listed.'));
         $passrules = true;
     }
     // Were there any errors?
     if ($this->getError()) {
         $change = array();
         $change['_missing']['password'] = $this->getError();
         if (!empty($msg) && $passrules) {
             //$change = $msg;
         }
         if (Request::getInt('no_html', 0)) {
             echo json_encode($change);
             exit;
         } else {
             $view->setError($this->getError());
             return $view->loadTemplate();
         }
     }
     // No errors, so let's move on - encrypt the password and update the profile
     $result = \Hubzero\User\Password::changePassword($profile->get('uidNumber'), $password1);
     // Save the changes
     if (!$result) {
         $view->setError(Lang::txt('MEMBERS_PASS_CHANGE_FAILED'));
         return $view->loadTemplate();
     }
     // Fire the onAfterStoreUser trigger
     Event::trigger('user.onAfterStoreUser', array($this->user->getProperties(), false, null, $this->getError()));
     // Flush the variables from the session
     User::setState($this->option . 'token', null);
     // Redirect
     if (Request::getInt('no_html', 0)) {
         echo json_encode(array("success" => true, "redirect" => Route::url($this->member->getLink() . '&active=account')));
         exit;
     } else {
         // Redirect user to confirm view page
         App::redirect(Route::url($this->member->getLink() . '&active=account'), Lang::txt('Password reset successful'), 'passed');
     }
     return;
 }