function saveMessage($option)
{
global $mainframe;
// Check for request forgeries
JRequest::checkToken() or jexit('Invalid Token');
require_once dirname(__FILE__) . DS . 'tables' . DS . 'message.php';
$db =& JFactory::getDBO();
$row = new TableMessage($db);
if (!$row->bind(JRequest::get('post'))) {
JError::raiseError(500, $row->getError());
}
if (!$row->check()) {
JError::raiseError(500, $row->getError());
}
if (!$row->send()) {
$mainframe->redirect("index.php?option=com_messages", $row->getError());
}
$mainframe->redirect("index.php?option=com_messages");
}
/**
* Saves the content item an edit form submit
*
* @todo
*/
function save()
{
// Check for request forgeries
JRequest::checkToken() or jexit('Invalid Token');
// Initialize variables
$db =& JFactory::getDBO();
$user =& JFactory::getUser();
$task = JRequest::getVar('task', null, 'default', 'cmd');
// Make sure you are logged in and have the necessary access rights
if ($user->get('gid') < 19) {
JError::raiseError(403, JText::_('ALERTNOTAUTH'));
return;
}
// Create a user access object for the user
$access = new stdClass();
$access->canEdit = $user->authorize('com_content', 'edit', 'content', 'all');
$access->canEditOwn = $user->authorize('com_content', 'edit', 'content', 'own');
$access->canPublish = $user->authorize('com_content', 'publish', 'content', 'all');
if (!($access->canEdit || $access->canEditOwn)) {
JError::raiseError(403, JText::_("ALERTNOTAUTH"));
}
//get data from the request
$model = $this->getModel('article');
//get data from request
$post = JRequest::get('post');
$post['text'] = JRequest::getVar('text', '', 'post', 'string', JREQUEST_ALLOWRAW);
//preform access checks
$isNew = (int) $post['id'] < 1;
if ($model->store($post)) {
$msg = JText::_('Article Saved');
if ($isNew) {
$post['id'] = (int) $model->get('id');
}
} else {
$msg = JText::_('Error Saving Article');
JError::raiseError(500, $model->getError());
}
// manage frontpage items
//TODO : Move this into a frontpage model
require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_frontpage' . DS . 'tables' . DS . 'frontpage.php';
$fp = new TableFrontPage($db);
if (JRequest::getVar('frontpage', false, '', 'boolean')) {
// toggles go to first place
if (!$fp->load($post['id'])) {
// new entry
$query = 'INSERT INTO #__content_frontpage' . ' VALUES ( ' . (int) $post['id'] . ', 1 )';
$db->setQuery($query);
if (!$db->query()) {
JError::raiseError(500, $db->stderr());
}
$fp->ordering = 1;
}
} else {
// no frontpage mask
if (!$fp->delete($post['id'])) {
$msg .= $fp->stderr();
}
$fp->ordering = 0;
}
$fp->reorder();
$model->checkin();
// gets section name of item
$query = 'SELECT s.title' . ' FROM #__sections AS s' . ' WHERE s.scope = "content"' . ' AND s.id = ' . (int) $post['sectionid'];
$db->setQuery($query);
// gets category name of item
$section = $db->loadResult();
$query = 'SELECT c.title' . ' FROM #__categories AS c' . ' WHERE c.id = ' . (int) $post['catid'];
$db->setQuery($query);
$category = $db->loadResult();
if ($isNew) {
// messaging for new items
require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_messages' . DS . 'tables' . DS . 'message.php';
// load language for messaging
$lang =& JFactory::getLanguage();
$lang->load('com_messages');
$query = 'SELECT id' . ' FROM #__users' . ' WHERE sendEmail = 1';
$db->setQuery($query);
$users = $db->loadResultArray();
foreach ($users as $user_id) {
$msg = new TableMessage($db);
$msg->send($user->get('id'), $user_id, JText::_('New Item'), JText::sprintf('ON_NEW_CONTENT', $user->get('username'), $post['title'], $section, $category));
}
} else {
// If the article isn't new, then we need to clean the cache so that our changes appear realtime :)
$cache =& JFactory::getCache('com_content');
$cache->clean();
}
// if ($access->canPublish)
// {
// Publishers, admins, etc just get the stock msg
$msg = JText::_('Item successfully saved.');
// }
// else
// {
// $msg = $isNew ? JText::_('THANK_SUB') : JText::_('Item successfully saved.');
// }
$referer = JRequest::getString('ret', base64_encode(JURI::base()), 'get');
$referer = base64_decode($referer);
if (!JURI::isInternal($referer)) {
$referer = '';
}
$this->setRedirect($referer, $msg);
}
/**
* Saves the item
*
* @access public
* @since 1.0
*/
function save()
{
// Check for request forgeries
JRequest::checkToken() or jexit('Invalid Token');
// Initialize variables
$db =& JFactory::getDBO();
$user =& JFactory::getUser();
//get model
$model = $this->getModel('hotel');
//get data from request
$post = JRequest::get('post');
$post['service'] = JRequest::getVar('service', '', 'POST', 'string', JREQUEST_ALLOWRAW);
$post['roomgeneral'] = JRequest::getVar('roomgeneral', '', 'POST', 'string', JREQUEST_ALLOWRAW);
$post['roomdesc1'] = JRequest::getVar('roomdesc1', '', 'POST', 'string', JREQUEST_ALLOWRAW);
if (isset($_FILES['upload_file'])) {
$imgtype = $_FILES['upload_file']['type'];
if (!empty($imgtype)) {
if ($imgtype == 'image/jpeg') {
$ext = '.jpg';
} else {
$ext = '.' . substr($imgtype, strlen($imgtype) - 3);
}
$mainfilename = 'main_' . $post['id'] . $ext;
$post['mainimage'] = $mainfilename;
}
}
if (isset($_FILES['file_upload'])) {
$typeimg = $_FILES['file_upload']['type'];
if (!empty($typeimg)) {
if ($typeimg == 'image/jpeg') {
$ext = '.jpg';
} else {
$ext = '.' . substr($typeimg, strlen($typeimg) - 3);
}
$filename = 'logo_' . $post['id'] . $ext;
$post['logoimage'] = $filename;
}
}
if (!empty($typeimg)) {
$imagefile = array();
$imagefile = $_FILES['file_upload'];
$folder = 'hotel_' . $post['id'];
$this->uploadFile($imagefile, $folder, $filename, '');
}
if (!empty($imgtype)) {
$imagefile = array();
$imagefile = $_FILES['upload_file'];
$folder = 'hotel_' . $post['id'];
$imagesize = $this->uploadFile($imagefile, $folder, $mainfilename, 'main');
$post['imagewidth'] = $imagesize[0];
$post['imageheight'] = $imagesize[1];
}
//perform access checks
$isNew = (int) $post['id'] < 1;
// Must be logged in
if ($user->get('id') < 1) {
JError::raiseError(403, JText::_('ALERTNOTAUTH'));
return;
}
//access checks
if (!($user->authorize('com_hotelguide', 'edit') || $user->authorize('com_content', 'edit', 'content', 'own') || $user->authorize('com_hotelguide', 'add'))) {
JError::raiseError(403, JText::_("ALERTNOTAUTH"));
}
if ($model->store($post)) {
if ($isNew) {
$post['id'] = (int) $model->get('id');
}
} else {
$msg = JText::_('ERROR STORING ITEM');
JError::raiseError(500, $model->getError());
}
$model->checkin();
if ($isNew) {
//get list of admins who receive system mails
$query = 'SELECT id, email, name' . ' FROM #__users' . ' WHERE sendEmail = 1';
$db->setQuery($query);
if (!$db->query()) {
JError::raiseError(500, $db->stderr(true));
return;
}
$adminRows = $db->loadObjectList();
require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_messages' . DS . 'tables' . DS . 'message.php';
// send email notification to admins
foreach ($adminRows as $adminRow) {
//Not really needed cause in com_message you can set to be notified about new messages by email
//JUtility::sendAdminMail($adminRow->name, $adminRow->email, '', JText::_('NEW FAQ ITEM'), $post['title'], $user->get('username'), JURI::base());
//Send a message to the admins personal message boxes
$message = new TableMessage($db);
$message->send($user->get('id'), $adminRow->id, JText::_('NEW HOTEL ITEM'), JText::sprintf('ON NEW ITEM', $post['title'], $user->get('username'), $catstring));
}
} else {
// If the item isn't new, then we need to clean the cache so that our changes appear realtime
$cache =& JFactory::getCache('com_hotelguide');
$cache->clean();
}
if ($user->authorize('com_hotelguide', 'state')) {
$msg = JText::_('ITEM SAVED');
} else {
$msg = $isNew ? JText::_('THANKS SUBMISSION') : JText::_('ITEM SAVED');
}
$link = JRequest::getString('referer', JURI::base(), 'post');
$this->setRedirect($link, $msg);
}
/**
* Method to notification to the validators for an item
*
* @access public
* @params object the user object
* @params object the item object
* @return boolean true on success
* @since 1.5
*/
function sendNotification($users, $item)
{
$sender = JFactory::getUser();
// messaging for new items
require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_messages' . DS . 'tables' . DS . 'message.php';
// load language for messaging
$lang = JFactory::getLanguage();
$lang->load('com_messages');
$ctrl_task = FLEXI_J16GE ? '&task=items.edit' : '&controller=items&task=edit';
$item->url = JURI::base() . 'index.php?option=com_flexicontent' . $ctrl_task . '&cid[]=' . $item->id;
foreach ($users as $user) {
$msg = new TableMessage($this->_db);
$msg->send($sender->get('id'), $user->member_id, JText::_('FLEXI_APPROVAL_REQUEST'), JText::sprintf('FLEXI_APPROVAL_MESSAGE', $user->name, $sender->get('name'), $sender->get('username'), $item->id, $item->title, $item->cattitle, $item->url));
}
return true;
}
function Joom_CommentPic($id)
{
$config = Joom_getConfig();
$mainframe =& JFactory::getApplication('site');
$database =& JFactory::getDBO();
$user =& JFactory::getUser();
//Check for hacking attempt
$database->setQuery(" SELECT\n COUNT(id)\n FROM \n #__joomgallery AS a\n LEFT JOIN \n #__joomgallery_catg AS c ON c.cid=a.catid\n WHERE \n a.published = '1' \n AND a.approved = '1'\n AND a.id = '" . $id . "' \n AND c.access <= '" . $user->get('aid') . "'\n ");
$result = $database->loadResult();
if ($result != 1 || $config->jg_showcomment == 0 || $config->jg_anoncomment == 0 && $user->get('aid') < 1) {
die('Hacking attempt, aborted!');
}
$codeisright = 1;
if ($config->jg_secimages == 2 || $config->jg_secimages == 1 && $user->get('aid') < 1) {
if (file_exists(JPATH_ROOT . DS . 'components' . DS . 'com_easycaptcha' . DS . 'class.easycaptcha.php')) {
include_once JPATH_ROOT . DS . 'components' . DS . 'com_easycaptcha' . DS . 'class.easycaptcha.php';
$captcha = new easyCaptcha($this->jg_captcha_id);
$codeisright = $captcha->checkEnteredCode($this->jg_code) ? 1 : 0;
}
}
if ($codeisright == 1) {
// Save new values
$cmtip = $_SERVER['REMOTE_ADDR'];
$cmtdate = time();
if ($config->jg_approvecom == 0 || $config->jg_approvecom == 1 && $user->get('aid') > 0) {
$approve = 1;
} elseif ($config->jg_approvecom == 1 && $user->get('aid') < 1 || $config->jg_approvecom == 2) {
$approve = 0;
// message about new comment TODO
$cmtsenderid = $user->get('aid') < 1 ? "62" : $user->get('id');
require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_messages' . DS . 'tables' . DS . 'message.php';
$database->setQuery(" SELECT \n id \n FROM \n #__users \n WHERE \n sendEmail = '1'\n ");
$users = $database->loadResultArray();
foreach ($users as $user_id) {
$msg = new TableMessage($database);
$msg->send($cmtsenderid, $user_id, JText::_('JGS_ALERT_NEW_COMMENT'), JText::_('JGS_ALERT_NEW_COMMENT_MESSAGE_PARTONE') . $this->cmtname . JText::_('JGS_ALERT_NEW_COMMENT_MESSAGE_PARTTWO'));
}
}
//change \r\n or \n to <br />
$this->cmttext = nl2br(stripslashes($this->cmttext));
$database->setQuery(" INSERT INTO \n #__joomgallery_comments\n VALUES(\n '', \n '{$id}', \n '{$cmtip}',\n '{$this->userid}', \n '{$this->cmtname}', \n '{$this->cmttext}', \n '{$cmtdate}', \n '1', \n '{$approve}'\n )\n ");
$database->query();
# Get back to details page
if ($config->jg_approvecom == 0 || $config->jg_approvecom == 1 && $user->get('aid') > 0) {
$mosmsg = JText::_('JGS_ALERT_COMMENT_SAVED');
} else {
$mosmsg = JText::_('JGS_ALERT_COMMENT_SAVED_BUT_NEEDS_ARROVAL');
}
$mainframe->redirect(JRoute::_('index.php?option=com_joomgallery&func=detail&id=' . $id . _JOOM_ITEMID, false), $mosmsg);
} else {
?>
<form id="send_form" name="commentform" action="<?php
echo JRoute::_('index.php?option=com_joomgallery&func=detail&id=' . $id . _JOOM_ITEMID . '#joomcommentform');
?>
" method="post" class="jg_displaynone">
<textarea cols="40" rows="8" name="cmttext" class="inputbox" wrap="virtual">
<?php
echo $this->cmttext;
?>
</textarea>
</form>
<script type="text/javascript">
alert("<?php
echo JText::_('JGS_ALERT_SECURITY_CODE_WRONG', true);
?>
");
document.getElementById('send_form').submit();
</script>
<?php
}
}
