public static function rulePermissions($access)
{
$view = new Zikula_Request_Http();
$objectType = $view->getGet()->filter('ot', 'category', FILTER_SANITIZE_STRING);
$objectId = $view->getGet()->filter('id', 0, FILTER_SANITIZE_NUMBER_INT);
$permission = SecurityUtil::checkPermission($this->name . '::', '::', $access);
if ($objectType == 'category') {
$permission = SecurityUtil::checkPermission($this->name . ':Category:', $objectId, $access);
}
return $permission;
}
/**
* Retrieve identifier parameters for a given object type.
*
* @param Zikula_Request_Http $request Instance of Zikula_Request_Http.
* @param array $args List of arguments used as fallback if request does not contain a field.
* @param string $objectType Name of treated entity type.
* @param array $idFields List of identifier field names.
*
* @return array List of fetched identifiers.
*/
public static function retrieveIdentifier(Zikula_Request_Http $request, array $args, $objectType = '', array $idFields)
{
foreach ($idFields as $idField) {
$defaultValue = isset($args[$idField]) && is_numeric($args[$idField]) ? $args[$idField] : 0;
$id = $request->getGet()->filter($idField, $defaultValue);
if (!$id && $idField != 'id' && count($idFields) == 1) {
$defaultValue = isset($args['id']) && is_numeric($args['id']) ? $args['id'] : 0;
$id = (int) $request->getGet()->filter('id', $defaultValue, FILTER_VALIDATE_INT);
}
$idValues[$idField] = $id;
}
return $idValues;
}
/**
* Smarty function to wrap MUBoard_Form_View generated form controls with suitable form tags.
*
* @param array $params Parameters passed in the block tag.
* @param string $content Content of the block.
* @param Zikula_Form_View $view Reference to Zikula_Form_View object.
*
* @return string The rendered output.
*/
function smarty_block_muboardform($params, $content, $view)
{
if ($content) {
PageUtil::addVar('stylesheet', 'system/Theme/style/form/style.css');
$encodingHtml = array_key_exists('enctype', $params) ? " enctype=\"{$params['enctype']}\"" : '';
$action = htmlspecialchars(System::getCurrentUri());
$classString = '';
if (isset($params['cssClass'])) {
$classString = "class=\"{$params['cssClass']}\" ";
}
$request = new Zikula_Request_Http();
$id = $request->getGet()->filter('id', 0, FILTER_SANITIZE_NUMBER_INT);
$forumid = $request->getGet()->filter('forum', 0, FILTER_SANITIZE_NUMBER_INT);
// we check if the entrypoint is part of the url
$stripentrypoint = ModUtil::getVar('ZConfig', 'shorturlsstripentrypoint');
// get url name
$tables = DBUtil::getTables();
$modcolumn = $tables['modules_column'];
$module = 'MUBoard';
$where = "{$modcolumn['name']} = '" . DataUtil::formatForStore($module) . "'";
$module = DBUtil::selectObject('modules', $where);
$urlname = $module['url'];
if (ModUtil::getVar('ZConfig', 'shorturls') == 0) {
if (strpos($action, "func=display") !== false) {
$action = 'index.php?module=' . $urlname . '&type=user&func=edit&ot=posting&answer=1';
}
if (strpos($action, "func=edit&ot=posting") !== false && $forumid > 0) {
$action = 'index.php?module=' . $urlname . '&type=user&func=edit&ot=posting&forum' . $forumid;
}
} else {
if (strpos($action, $urlname . "/posting/id.") !== false) {
if ($stripentrypoint == 1) {
$action = $urlname . '/edit/ot/posting/answer/1';
} elseif ($stripentrypoint == 0) {
$action = 'index.php/' . $urlname . '/edit/ot/posting/answer/1';
}
}
if (strpos($action, "edit/ot/posting/forum/") !== false && $forumid > 0) {
if ($stripentrypoint == 1) {
$action = $urlname . '/edit/ot/posting/forum/' . $forumid;
} elseif ($stripentrypoint == 0) {
$action = 'index.php/' . $urlname . '/edit/ot/posting/forum/' . $forumid;
}
}
}
$view->postRender();
$formId = $view->getFormId();
$out = "\n <form id=\"{$formId}\" {$classString}action=\"{$action}\" method=\"post\"{$encodingHtml}>\n {$content}\n <div>\n {$view->getStateHTML()}\n {$view->getStateDataHTML()}\n {$view->getIncludesHTML()}\n {$view->getCsrfTokenHtml()}\n <input type=\"hidden\" name=\"__formid\" id=\"form__id\" value=\"{$formId}\" />\n <input type=\"hidden\" name=\"FormEventTarget\" id=\"FormEventTarget\" value=\"\" />\n <input type=\"hidden\" name=\"FormEventArgument\" id=\"FormEventArgument\" value=\"\" />\n <script type=\"text/javascript\">\n <!--\n function FormDoPostBack(eventTarget, eventArgument)\n {\n var f = document.getElementById('{$formId}');\n if (!f.onsubmit || f.onsubmit())\n {\n f.FormEventTarget.value = eventTarget;\n f.FormEventArgument.value = eventArgument;\n f.submit();\n }\n }\n // -->\n </script>\n </div>\n </form>\n ";
return $out;
}
}
/**
* Build a generic Doctrine query supporting WHERE and ORDER BY
*
* @param string $where The where clause to use when retrieving the collection (optional) (default='').
* @param string $orderBy The order-by clause to use when retrieving the collection (optional) (default='').
* @param boolean $useJoins Whether to include joining related objects (optional) (default=true).
*
* @return Doctrine\ORM\Query query instance to be further processed
*/
protected function _intBaseQuery($where = '', $orderBy = '', $useJoins = true)
{
$view = new Zikula_Request_Http();
$ot = $view->getGet()->filter('ot', 'category', FILTER_SANITIZE_STRING);
$type = $view->getGet()->filter('type', 'user', FILTER_SANITIZE_STRING);
$func = $view->getGet()->filter('func', 'view', FILTER_SANITIZE_STRING);
$selection = 'tbl';
if ($useJoins === true) {
$selection .= $this->addJoinsToSelection();
}
$qb = $this->getEntityManager()->createQueryBuilder();
$qb->select($selection)->from('MUBoard_Entity_Posting', 'tbl');
if ($useJoins === true) {
$this->addJoinsToFrom($qb);
}
if ($func == 'view' && $ot == 'posting') {
if ($where != '') {
$where .= ' AND ';
}
$where .= 'tbl.parent_id IS NULL';
}
if (!empty($where)) {
$qb->where($where);
}
// add order by clause
if (!empty($orderBy)) {
$qb->add('orderBy', 'tbl.' . $orderBy);
}
$query = $qb->getQuery();
// TODO - see https://github.com/zikula/core/issues/118
// use FilterUtil to support generic filtering
//$fu = new FilterUtil('MUBoard', $this);
// you could set explicit filters at this point, something like
// $fu->setFilter('type:eq:' . $args['type'] . ',id:eq:' . $args['id']);
// supported operators: eq, ne, like, lt, le, gt, ge, null, notnull
// process request input filters and add them to the query.
//$fu->enrichQuery($query);
return $query;
}
/**
*
* This method gets the state of the posting abo
*/
public static function getStateOfPostingAbo($postingid)
{
$request = new Zikula_Request_Http();
// get objecttype
$ot = $request->getGet()->filter('ot', 'category', FILTER_SANITIZE_STRING);
$forumid = $request->getGet()->filter('id', 0, FILTER_SANITIZE_NUMBER_INT);
// get repositoy for Categories
$repository = MUBoard_Util_Model::getAboRepository();
if (UserUtil::isLoggedIn() == true) {
// get actual userid
$userid = UserUtil::getVar('uid');
// look for abo
$where = 'tbl.postingid = \'' . DataUtil::formatForStore($postingid) . '\'';
$where .= ' AND ';
$where .= 'tbl.userid = \'' . DataUtil::formatForStore($userid) . '\'';
$abo = $repository->selectWhere($where);
if ($ot == 'posting') {
if (!$abo) {
$url = ModUtil::url('MUBoard', 'admin', 'take', array('ot' => 'abo', 'posting' => $postingid, 'object' => $ot));
$out = "<a id='muboard-user-posting-header-infos-abo' href='{$url}'>\n <img src='/images/icons/extrasmall/mail_post_to.png' />\n </a>";
}
if ($abo) {
$url = ModUtil::url('MUBoard', 'admin', 'quit', array('ot' => 'abo', 'posting' => $postingid, 'object' => $ot));
$out = "<a id='muboard-user-posting-header-infos-abo' href='{$url}'>\n <img src='/images/icons/extrasmall/mail_get.png' />\n </a>";
}
}
if ($ot == 'forum') {
if (!$abo) {
$url = ModUtil::url('MUBoard', 'admin', 'take', array('ot' => 'abo', 'posting' => $postingid, 'object' => $ot, 'forum' => $forumid));
$out = "<a id='muboard-user-posting-header-infos-abo' href='{$url}'>\n <img src='/images/icons/extrasmall/mail_post_to.png' />\n </a>";
}
if ($abo) {
$url = ModUtil::url('MUBoard', 'admin', 'quit', array('ot' => 'abo', 'posting' => $postingid, 'object' => $ot, 'forum' => $forumid));
$out = "<a id='muboard-user-posting-header-infos-abo' href='{$url}'>\n <img src='/images/icons/extrasmall/mail_get.png' />\n </a>";
}
}
} else {
$out = '';
}
return $out;
}
