function publications_admin_modify_pubtype($args) { if (!xarSecurityCheck('AdminPublications')) { return; } extract($args); // Get parameters if (!xarVarFetch('itemid', 'isset', $data['itemid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('returnurl', 'str:1', $data['returnurl'], 'view', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('name', 'str:1', $name, '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('tab', 'str:1', $data['tab'], '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } if (empty($name) && empty($itemid)) { return xarResponse::NotFound(); } // Get our object $data['object'] = DataObjectMaster::getObject(array('name' => 'publications_types')); if (!empty($data['itemid'])) { $data['object']->getItem(array('itemid' => $data['itemid'])); } else { $type_list = DataObjectMaster::getObjectList(array('name' => 'publications_types')); $where = 'name = ' . $name; $items = $type_list->getItems(array('where' => $where)); $item = current($items); $data['object']->getItem(array('itemid' => $item['id'])); } // Send the publication type and the object properties to the template $data['properties'] = $data['object']->getProperties(); // Get the settings of the publication type we are using $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['itemid'])); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return; } // Get the data from the form $isvalid = $data['object']->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with error messages return xarTplModule('publications', 'admin', 'modify_pubtype', $data); } else { // Good data: create the item $itemid = $data['object']->updateItem(array('itemid' => $data['itemid'])); // Jump to the next page xarController::redirect(xarModURL('publications', 'admin', 'view_pubtypes')); return true; } } return $data; }
function wurfl_admin_delete() { if (!xarSecurityCheck('ManageWurfl')) { return; } if (!xarVarFetch('name', 'str:1', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'int', $data['itemid'], '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('confirm', 'str:1', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['object']->getItem(array('itemid' => $data['itemid'])); $data['tplmodule'] = 'wurfl'; $data['authid'] = xarSecGenAuthKey('wurfl'); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return; } // Delete the item $item = $data['object']->deleteItem(); // Jump to the next page xarController::redirect(xarModURL('wurfl', 'admin', 'view')); return true; } return $data; }
/** * Create a new customer */ function shop_user_newcustomer() { if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('returnurl', 'str', $returnurl, NULL, XARVAR_NOT_REQUIRED)) { return; } sys::import('modules.dynamicdata.class.objects.master'); $rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users')); $data['properties'] = $rolesobject->properties; // Check if we are in 'preview' mode from the input here - the rest is handled by checkInput() // Here we are testing for a button clicked, so we test for a string if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) { return; } // Check if we are submitting the form // Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false) if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } if ($data['confirm']) { // Check for a valid confirmation key. The value is automatically gotten from the template if (!xarSecConfirmAuthKey()) { return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Get the data from the form and see if it is all valid // Either way the values are now stored in the object $isvalid = $rolesobject->properties['email']->checkInput(); $isvalid2 = $rolesobject->properties['password']->checkInput(); if (!$isvalid || !$isvalid2) { // Bad data: redisplay the form with the data we picked up and with error messages return xarTplModule('shop', 'user', 'newcustomer', $data); } else { $email = $rolesobject->properties['email']->getValue(); $password = $rolesobject->properties['password']->getValue(); $rolesobject->properties['name']->setValue($email); $rolesobject->properties['email']->setValue($email); $rolesobject->properties['uname']->setValue($email); $rolesobject->properties['password']->setValue($password); $rolesobject->properties['state']->setValue(3); $authmodule = (int) xarMod::getID('shop'); $rolesobject->properties['authmodule']->setValue($authmodule); $uid = $rolesobject->createItem(); $custobject = DataObjectMaster::getObject(array('name' => 'shop_customers')); $custobject->createItem(array('id' => $uid)); if (isset($returnurl)) { xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $password)); xarResponse::redirect($returnurl); } else { xarResponse::redirect(xarModURL('shop')); } // Always add the next line even if processing never reaches it return true; } } // Return the template variables defined in this function return $data; }
/** * Modify a customer */ function shop_admin_modifycustomer() { if (!xarVarFetch('itemid', 'id', $data['itemid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } $objectname = 'shop_customers'; $data['objectname'] = $objectname; // Check if we still have no id of the item to modify. if (empty($data['itemid'])) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'admin', 'modify', 'shop'); throw new Exception($msg); } if (!xarSecurityCheck('AdminShop', 1, 'Item', $data['itemid'])) { return; } sys::import('modules.dynamicdata.class.objects.master'); $object = DataObjectMaster::getObject(array('name' => $objectname)); $data['object'] = $object; $data['label'] = $object->label; $object->getItem(array('itemid' => $data['itemid'])); $values = $object->getFieldValues(); foreach ($values as $name => $value) { $data[$name] = xarVarPrepForDisplay($value); } $rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users')); $rolesobject->getItem(array('itemid' => $data['itemid'])); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Get the data from the form $isvalid = $object->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with the data we picked up and with error messages return xarTplModule('shop', 'admin', 'modifycustomer', $data); } elseif (isset($data['preview'])) { // Show a preview, same thing as the above essentially return xarTplModule('shop', 'admin', 'modifycustomer', $data); } else { $first_name = $object->properties['first_name']->getValue(); $last_name = $object->properties['last_name']->getValue(); $rolesobject->properties['name']->setValue($first_name . ' ' . $last_name); $rolesobject->updateItem(); $object->updateItem(); // Jump to the next page xarResponse::redirect(xarModURL('shop', 'admin', 'modifycustomer', array('itemid' => $data['itemid']))); return $data; } } else { // Get that specific item of the object $object->getItem(array('itemid' => $data['itemid'])); } // Return the template variables defined in this function return $data; }
function wurfl_admin_modifyconfig() { // Security Check if (!xarSecurityCheck('AdminWurfl')) { return; } if (!xarVarFetch('phase', 'str:1:100', $phase, 'modify', XARVAR_NOT_REQUIRED, XARVAR_PREP_FOR_DISPLAY)) { return; } if (!xarVarFetch('tab', 'str:1:100', $data['tab'], 'general', XARVAR_NOT_REQUIRED)) { return; } $data['module_settings'] = xarMod::apiFunc('base', 'admin', 'getmodulesettings', array('module' => 'wurfl')); $data['module_settings']->setFieldList('items_per_page, use_module_alias, module_alias_name, enable_short_urls'); $data['module_settings']->getItem(); switch (strtolower($phase)) { case 'modify': default: switch ($data['tab']) { case 'general': break; case 'tab2': break; case 'tab3': break; default: break; } break; case 'update': // Confirm authorisation code if (!xarSecConfirmAuthKey()) { return; } switch ($data['tab']) { case 'general': $isvalid = $data['module_settings']->checkInput(); if (!$isvalid) { return xarTplModule('wurfl', 'admin', 'modifyconfig', $data); } else { $itemid = $data['module_settings']->updateItem(); } break; case 'tab2': break; case 'tab3': break; default: break; } xarController::redirect(xarModURL('wurfl', 'admin', 'modifyconfig', array('tab' => $data['tab']))); // Return return true; break; } $data['authid'] = xarSecGenAuthKey(); return $data; }
/** * Import an object definition or an object item from XML */ function publications_admin_importpubtype($args) { if (!xarSecurityCheck('AdminPublications')) { return; } if (!xarVarFetch('import', 'isset', $import, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('xml', 'isset', $xml, NULL, XARVAR_DONT_SET)) { return; } extract($args); $data = array(); $data['menutitle'] = xarML('Dynamic Data Utilities'); $data['warning'] = ''; $data['options'] = array(); $basedir = 'modules/publications'; $filetype = 'xml'; $files = xarModAPIFunc('dynamicdata', 'admin', 'browse', array('basedir' => $basedir, 'filetype' => $filetype)); if (!isset($files) || count($files) < 1) { $files = array(); $data['warning'] = xarML('There are currently no XML files available for import in "#(1)"', $basedir); } if (!empty($import) || !empty($xml)) { if (!xarSecConfirmAuthKey()) { return; } if (!empty($import)) { $found = ''; foreach ($files as $file) { if ($file == $import) { $found = $file; break; } } if (empty($found) || !file_exists($basedir . '/' . $file)) { $msg = xarML('File not found'); throw new BadParameterException(null, $msg); } $ptid = xarModAPIFunc('publications', 'admin', 'importpubtype', array('file' => $basedir . '/' . $file)); } else { $ptid = xarModAPIFunc('publications', 'admin', 'importpubtype', array('xml' => $xml)); } if (empty($ptid)) { return; } $data['warning'] = xarML('Publication type #(1) was successfully imported', $ptid); } natsort($files); array_unshift($files, ''); foreach ($files as $file) { $data['options'][] = array('id' => $file, 'name' => $file); } $data['authid'] = xarSecGenAuthKey(); return $data; }
/** * Create a new product */ function shop_admin_newproduct() { // See if the current user has the privilege to add an item. We cannot pass any extra arguments here if (!xarSecurityCheck('Addshop')) { return; } if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) { return; } $objectname = 'shop_products'; $data['objectname'] = $objectname; // Load the DD master object class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.objects.master'); $object = DataObjectMaster::getObject(array('name' => $objectname)); $data['label'] = $object->label; $data['object'] = $object; // Check if we are in 'preview' mode from the input here - the rest is handled by checkInput() // Here we are testing for a button clicked, so we test for a string if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) { return; } // Check if we are submitting the form // Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false) if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } if ($data['confirm']) { // Check for a valid confirmation key. The value is automatically gotten from the template if (!xarSecConfirmAuthKey()) { return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Get the data from the form and see if it is all valid // Either way the values are now stored in the object $isvalid = $data['object']->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with the data we picked up and with error messages return xarTplModule('shop', 'admin', 'newproduct', $data); } elseif (isset($data['preview'])) { // Show a preview, same thing as the above essentially return xarTplModule('shop', 'admin', 'newproduct', $data); } else { $itemid = $data['object']->createItem(); // Jump to the next page xarResponse::redirect(xarModURL('shop', 'admin', 'products')); return true; } } // Return the template variables defined in this function return $data; }
function calendar_admin_create_calendars() { // Get parameters // TODO HELPNEEDED here: how do I handle this (e.g. missing calname should return a // message if (!xarVarFetch('add_calendar', 'isset', $add_calendar)) { return; } if (!xarVarFetch('calname', 'str:1:', $calname)) { return; } if (!xarVarFetch('addtype', 'str:1:', $addtype)) { return; } if (!xarVarFetch('location', 'str:1:', $location, '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('uri', 'str:1:', $uri, '', XARVAR_NOT_REQUIRED)) { return; } // Confirm Auth Key if (!xarSecConfirmAuthKey()) { return; } // Security Check // TODO // if(!xarSecurityCheck('AddCalendar', 0, 'Calendar')) {return;} // Check if module name has already been used. $checkname = xarMod::apiFunc('calendar', 'user', 'get', array('calname' => $calname)); if (!empty($checkname)) { $msg = xarML('Calendar name "#(1)" already exists. Please go back and enter a different name', $calname); throw new Exception($msg); } if ($addtype == 'db') { $fileuri = 'a'; } elseif ($addtype == 'file') { $fileuri = $location; } elseif ($addtype == 'uri') { $fileuri = $uri; } // Pass to API $calid = xarMod::apiFunc('calendar', 'admin', 'create_calendars', array('calname' => $calname, 'fileuri' => $fileuri, 'addtype' => $addtype)); if (!$calid) { return; } // Go on and edit the new instance xarController::redirect(xarModURL('calendar', 'admin', 'add_calendars', array('calid' => $calid, 'calname' => $calname))); }
/** * Start the checkout process -- user can create account or log into existing account */ function shop_user_start() { // Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be if (xarUserIsLoggedIn()) { xarResponse::redirect(xarModURL('shop', 'user', 'viewcart')); return true; } $shop = xarSession::getVar('shop'); if (empty($shop)) { xarResponse::redirect(xarModURL('shop', 'user', 'main')); return true; } sys::import('modules.dynamicdata.class.objects.master'); sys::import('modules.dynamicdata.class.properties.master'); $rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users')); $properties = $rolesobject->properties; $data['properties'] = $properties; $isvalid = $rolesobject->properties['email']->checkInput(); $isvalid2 = $rolesobject->properties['password']->checkInput(); if ($isvalid && $isvalid2) { if (!xarSecConfirmAuthKey()) { // right time to do this?? return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Create the role and the customer object and then log in $email = $rolesobject->properties['email']->getValue(); $password = $rolesobject->properties['password']->getValue(); $values['name'] = $email; $values['email'] = $email; $values['uname'] = $email; $values['password'] = $password; $values['state'] = 3; $rolesobject->setFieldValues($values, 1); $uid = $rolesobject->createItem(); $custobject = DataObjectMaster::getObject(array('name' => 'shop_customers')); $custobject->createItem(array('id' => $uid)); $name = 'dd_' . $properties['password']->id; $vals = $properties['password']->fetchValue($name); $pass = $vals[1][0]; $res = xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $pass)); xarResponse::redirect(xarModURL('shop', 'user', 'shippingaddress')); return true; } else { // We don't yet have a valid email or password for registration... return xarTplModule('shop', 'user', 'start', $data); } }
function wurfl_admin_modify() { if (!xarSecurityCheck('EditWurfl')) { return; } if (!xarVarFetch('name', 'str', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['object']->getItem(array('itemid' => $data['itemid'])); $data['tplmodule'] = 'wurfl'; $data['authid'] = xarSecGenAuthKey('wurfl'); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return; } // Get the data from the form $isvalid = $data['object']->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with error messages return xarTplModule('wurfl', 'admin', 'modify', $data); } else { // Good data: create the item $itemid = $data['object']->updateItem(array('itemid' => $data['itemid'])); // Jump to the next page xarController::redirect(xarModURL('wurfl', 'admin', 'view')); return true; } } return $data; }
function wurfl_admin_new() { if (!xarSecurityCheck('AddWurfl')) { return; } if (!xarVarFetch('name', 'str', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['tplmodule'] = 'wurfl'; $data['authid'] = xarSecGenAuthKey('wurfl'); if ($data['confirm']) { // we only retrieve 'preview' from the input here - the rest is handled by checkInput() if (!xarVarFetch('preview', 'str', $preview, NULL, XARVAR_DONT_SET)) { return; } // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return; } // Get the data from the form $isvalid = $data['object']->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with error messages return xarTplModule('wurfl', 'admin', 'new', $data); } else { // Good data: create the item $itemid = $data['object']->createItem(); // Jump to the next page xarController::redirect(xarModURL('wurfl', 'admin', 'view')); return true; } } return $data; }
/** * manage publication types (all-in-one function for now) */ function publications_admin_importpages() { if (!xarSecurityCheck('AdminPublications')) { return; } // Get parameters if (!xarVarFetch('basedir', 'isset', $basedir, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('filelist', 'isset', $filelist, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('refresh', 'isset', $refresh, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('ptid', 'isset', $ptid, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('content', 'isset', $content, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('title', 'isset', $title, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('cids', 'isset', $cids, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('filterhead', 'isset', $filterhead, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('filtertail', 'isset', $filtertail, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('findtitle', 'isset', $findtitle, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('numrules', 'isset', $numrules, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('search', 'isset', $search, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('replace', 'isset', $replace, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('test', 'isset', $test, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('import', 'isset', $import, NULL, XARVAR_DONT_SET)) { return; } // Initialise the template variables $data = array(); if (empty($basedir)) { $data['basedir'] = realpath(sys::code() . 'modules/publications'); } else { $data['basedir'] = realpath($basedir); } $data['filelist'] = xarModAPIFunc('publications', 'admin', 'browse', array('basedir' => $data['basedir'], 'filetype' => 'html?')); if (isset($refresh) || isset($test) || isset($import)) { // Confirm authorisation code if (!xarSecConfirmAuthKey()) { return; } } $data['authid'] = xarSecGenAuthKey(); // Get current publication types $pubtypes = xarModAPIFunc('publications', 'user', 'get_pubtypes'); $data['pubtypes'] = $pubtypes; $data['fields'] = array(); $data['cats'] = array(); if (!empty($ptid)) { $data['ptid'] = $ptid; $pubfields = xarModAPIFunc('publications', 'user', 'getpubfields'); $pubfieldtypes = xarModAPIFunc('publications', 'user', 'getpubfieldtypes'); $pubfieldformats = xarModAPIFunc('publications', 'user', 'getpubfieldformats'); foreach ($pubfields as $field => $dummy) { if (($pubfieldtypes[$field] == 'text' || $pubfieldtypes[$field] == 'string') && !empty($pubtypes[$ptid]['config'][$field]['label']) && $pubtypes[$ptid]['config'][$field]['format'] != 'fileupload') { $data['fields'][$field] = $pubtypes[$ptid]['config'][$field]['label'] . ' [' . $pubfieldformats[$pubtypes[$ptid]['config'][$field]['format']] . ']'; } } $catlist = array(); $rootcats = xarModAPIFunc('categories', 'user', 'getallcatbases', array('module' => 'publications', 'itemtype' => $ptid)); foreach ($rootcats as $catid) { $catlist[$catid['category_id']] = 1; } $seencid = array(); if (isset($cids) && is_array($cids)) { foreach ($cids as $catid) { if (!empty($catid)) { $seencid[$catid] = 1; } } } $cids = array_keys($seencid); foreach (array_keys($catlist) as $catid) { $data['cats'][] = xarModAPIFunc('categories', 'visual', 'makeselect', array('cid' => $catid, 'return_itself' => true, 'select_itself' => true, 'values' => &$seencid, 'multiple' => 1)); } } $data['selected'] = array(); if (!isset($refresh) && isset($filelist) && is_array($filelist) && count($filelist) > 0) { foreach ($filelist as $file) { if (!empty($file) && in_array($file, $data['filelist'])) { $data['selected'][$file] = 1; } } } if (isset($title) && isset($data['fields'][$title])) { $data['title'] = $title; } if (isset($content) && isset($data['fields'][$content])) { $data['content'] = $content; } if (!isset($filterhead)) { $data['filterhead'] = '#^.*<body[^>]*>#is'; } else { $data['filterhead'] = $filterhead; } if (!isset($filtertail)) { $data['filtertail'] = '#</body.*$#is'; } else { $data['filtertail'] = $filtertail; } if (!isset($findtitle)) { $data['findtitle'] = '#<title>(.*?)</title>#is'; } else { $data['findtitle'] = $findtitle; } if (!isset($numrules)) { $numrules = 3; } $data['search'] = array(); $data['replace'] = array(); for ($i = 0; $i < $numrules; $i++) { if (isset($search[$i])) { $data['search'][$i] = $search[$i]; if (isset($replace[$i])) { $data['replace'][$i] = $replace[$i]; } else { $data['replace'][$i] = ''; } } else { $data['search'][$i] = ''; $data['replace'][$i] = ''; } } if (isset($data['ptid']) && isset($data['content']) && count($data['selected']) > 0 && (isset($test) || isset($import))) { $mysearch = array(); $myreplace = array(); for ($i = 0; $i < $numrules; $i++) { if (!empty($data['search'][$i])) { $mysearch[] = $data['search'][$i]; if (!empty($data['replace'][$i])) { $myreplace[] = $data['replace'][$i]; } else { $myreplace[] = ''; } } } $data['logfile'] = ''; foreach (array_keys($data['selected']) as $file) { $curfile = realpath($basedir . '/' . $file); if (!file_exists($curfile) || !is_file($curfile)) { continue; } $page = @join('', file($curfile)); if (!empty($data['findtitle']) && preg_match($data['findtitle'], $page, $matches)) { $title = $matches[1]; } else { $title = ''; } if (!empty($data['filterhead'])) { $page = preg_replace($filterhead, '', $page); } if (!empty($data['filtertail'])) { $page = preg_replace($filtertail, '', $page); } if (count($mysearch) > 0) { $page = preg_replace($mysearch, $myreplace, $page); } $article = array('title' => ' ', 'summary' => '', 'body' => '', 'notes' => '', 'pubdate' => filemtime($curfile), 'state' => 2, 'ptid' => $data['ptid'], 'cids' => $cids, 'pubtype_id' => $data['ptid'], 'owner' => xarUserGetVar('id'), 'id' => 0); if (!empty($data['title']) && !empty($title)) { $article[$data['title']] = $title; } $article[$data['content']] = $page; if (isset($test)) { // preview the first file as a test $data['preview'] = xarModFunc('publications', 'user', 'display', array('article' => $article, 'preview' => true)); break; } else { $id = xarModAPIFunc('publications', 'admin', 'create', $article); if (empty($id)) { return; // throw back } else { $data['logfile'] .= xarML('File #(1) was imported as #(2) #(3)', $curfile, $pubtypes[$data['ptid']]['description'], $id); $data['logfile'] .= '<br />'; } } } } $data['filterhead'] = xarVarPrepForDisplay($data['filterhead']); $data['filtertail'] = xarVarPrepForDisplay($data['filtertail']); $data['findtitle'] = xarVarPrepForDisplay($data['findtitle']); for ($i = 0; $i < $numrules; $i++) { if (!empty($data['search'][$i])) { $data['search'][$i] = xarVarPrepForDisplay($data['search'][$i]); } if (!empty($data['replace'][$i])) { $data['replace'][$i] = xarVarPrepForDisplay($data['replace'][$i]); } } // Return the template variables defined in this function return $data; }
/** * update item from publications_admin_modify */ function publications_admin_updatestate() { // Get parameters if (!xarVarFetch('ids', 'isset', $ids, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('state', 'isset', $state, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('catid', 'isset', $catid, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('ptid', 'isset', $ptid, NULL, XARVAR_DONT_SET)) { return; } // Confirm authorisation code if (!xarSecConfirmAuthKey()) { return; } if (!isset($ids) || count($ids) == 0) { $msg = xarML('No publications selected'); throw new DataNotFoundException(null, $msg); } $states = xarModAPIFunc('publications', 'user', 'getstates'); if (!isset($state) || !is_numeric($state) || $state < -1 || $state != -1 && !isset($states[$state])) { $msg = xarML('Invalid state'); throw new BadParameterException(null, $msg); } $pubtypes = xarModAPIFunc('publications', 'user', 'get_pubtypes'); if (!empty($ptid)) { $descr = $pubtypes[$ptid]['description']; } else { $descr = xarML('Publications'); $ptid = null; } // We need to tell some hooks that we are coming from the update state screen // and not the update the actual article screen. Right now, the keywords vanish // into thin air. Bug 1960 and 3161 xarVarSetCached('Hooks.all', 'noupdate', 1); foreach ($ids as $id => $val) { if ($val != 1) { continue; } // Get original article information $article = xarModAPIFunc('publications', 'user', 'get', array('id' => $id, 'withcids' => 1)); if (!isset($article) || !is_array($article)) { $msg = xarML('Unable to find #(1) item #(2)', $descr, xarVarPrepForDisplay($id)); throw new BadParameterException(null, $msg); } $article['ptid'] = $article['pubtype_id']; // Security check $input = array(); $input['article'] = $article; if ($state < 0) { $input['mask'] = 'ManagePublications'; } else { $input['mask'] = 'EditPublications'; } if (!xarModAPIFunc('publications', 'user', 'checksecurity', $input)) { $msg = xarML('You have no permission to modify #(1) item #(2)', $descr, xarVarPrepForDisplay($id)); throw new ForbiddenOperationException(null, $msg); } if ($state < 0) { // Pass to API if (!xarModAPIFunc('publications', 'admin', 'delete', $article)) { return; // throw back } } else { // Update the state now $article['state'] = $state; // Pass to API if (!xarModAPIFunc('publications', 'admin', 'update', $article)) { return; // throw back } } } unset($article); // Return to the original admin view $lastview = xarSession::getVar('Publications.LastView'); if (isset($lastview)) { $lastviewarray = unserialize($lastview); if (!empty($lastviewarray['ptid']) && $lastviewarray['ptid'] == $ptid) { extract($lastviewarray); xarController::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $ptid, 'catid' => $catid, 'state' => $state, 'startnum' => $startnum))); return true; } } if (empty($catid)) { $catid = null; } xarController::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $ptid, 'catid' => $catid))); return true; }
/** * Publications Module * * @package modules * @subpackage publications module * @category Third Party Xaraya Module * @version 2.0.0 * @copyright (C) 2011 Netspan AG * @license GPL {@link http://www.gnu.org/licenses/gpl.html} * @author Marc Lutolf <*****@*****.**> */ function publications_admin_delete_pubtype() { if (!xarSecurityCheck('AdminPublications')) { return; } if (!xarVarFetch('confirmed', 'int', $confirmed, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'str', $itemid, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('idlist', 'str', $idlist, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('returnurl', 'str', $returnurl, NULL, XARVAR_DONT_SET)) { return; } if (!empty($itemid)) { $idlist = $itemid; } $ids = explode(',', trim($idlist, ',')); if (empty($idlist)) { if (isset($returnurl)) { xarController::redirect($returnurl); } else { xarController::redirect(xarModURL('publications', 'admin', 'view')); } } $data['message'] = ''; $data['itemid'] = $itemid; /*------------- Ask for Confirmation. If yes, action ----------------------------*/ sys::import('modules.dynamicdata.class.objects.master'); $pubtype = DataObjectMaster::getObject(array('name' => 'publications_types')); if (!isset($confirmed)) { $data['idlist'] = $idlist; if (count($ids) > 1) { $data['title'] = xarML("Delete Publication Types"); } else { $data['title'] = xarML("Delete Publication Type"); } $data['authid'] = xarSecGenAuthKey(); $items = array(); foreach ($ids as $i) { $pubtype->getItem(array('itemid' => $i)); $item = $pubtype->getFieldValues(); $items[] = $item; } $data['items'] = $items; $data['yes_action'] = xarModURL('publications', 'admin', 'delete_pubtype', array('idlist' => $idlist)); return xarTplModule('publications', 'admin', 'delete_pubtype', $data); } else { if (!xarSecConfirmAuthKey()) { return; } foreach ($ids as $id) { $itemid = $pubtype->deleteItem(array('itemid' => $id)); $data['message'] = "Publication Type deleted [ID {$id}]"; } if (isset($returnurl)) { xarController::redirect($returnurl); } else { xarController::redirect(xarModURL('publications', 'admin', 'view_pubtypes', $data)); } return true; } return true; }
/** * This is a standard function to update the configuration parameters of the * module given the information passed back by the modification form */ function calendar_admin_updateconfig() { // Get parameters from whatever input we need. All arguments to this // function should be obtained from xarVarFetch(), xarVarCleanFromInput // is a degraded function. xarVarFetch allows the checking of the input // variables as well as setting default values if needed. Getting vars // from other places such as the environment is not allowed, as that makes // assumptions that will not hold in future versions of Xaraya if (!xarVarFetch('shorturls', 'checkbox', $shorturls, false, XARVAR_NOT_REQUIRED)) { return; } // Variables from phpIcalendar config.inc.php if (!xarVarFetch('default_view', 'isset', $default_view, 'Week', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('minical_view', 'isset', $minical_view, 'Week', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('default_cal', 'isset', $default_cal, array(), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('cal_sdow', 'int:0:6', $cal_sdow, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('day_start', 'isset', $day_start, '0800', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('day_end', 'isset', $day_end, '2100', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('gridLength', 'int:0', $gridLength, 15, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('num_years', 'int:0', $num_years, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('month_event_lines', 'int:0', $month_event_lines, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('tomorrows_events_lines', 'int:0', $tomorrows_events_lines, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('allday_week_lines', 'int:0', $allday_week_lines, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('week_events_lines', 'int:0', $week_events_lines, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('second_offset', 'int:0', $second_offset, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('bleed_time', 'int:0', $bleed_time, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('display_custom_goto', 'checkbox', $display_custom_goto, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('display_ical_list', 'checkbox', $display_ical_list, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('allow_webcals', 'checkbox', $allow_webcals, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('this_months_events', 'checkbox', $this_months_events, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('use_color_cals', 'checkbox', $use_color_cals, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('daysofweek_dayview', 'checkbox', $daysofweek_dayview, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('enable_rss', 'checkbox', $enable_rss, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('show_search', 'checkbox', $show_search, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('allow_preferences', 'checkbox', $allow_preferences, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('printview_default', 'checkbox', $printview_default, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('show_todos', 'checkbox', $show_todos, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('show_completed', 'checkbox', $show_completed, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('allow_login', 'checkbox', $allow_login, 0, XARVAR_NOT_REQUIRED)) { return; } // Confirm authorisation code. This checks that the form had a valid // authorisation code attached to it. If it did not then the function will // proceed no further as it is possible that this is an attempt at sending // in false data to the system if (!xarSecConfirmAuthKey()) { return; } // Update module variables. Note that the default values are set in // xarVarFetch when recieving the incoming values, so no extra processing // is needed when setting the variables here. xarModVars::set('calendar', 'SupportShortURLs', $shorturls); // Variables from phpIcalendar config.inc.php xarModVars::set('calendar', 'default_view', $default_view); xarModVars::set('calendar', 'minical_view', $minical_view); xarModVars::set('calendar', 'default_cal', serialize($default_cal)); xarModVars::set('calendar', 'cal_sdow', $cal_sdow); xarModVars::set('calendar', 'day_start', $day_start); xarModVars::set('calendar', 'day_end', $day_end); xarModVars::set('calendar', 'gridLength', $gridLength); xarModVars::set('calendar', 'num_years', $num_years); xarModVars::set('calendar', 'month_event_lines', $month_event_lines); xarModVars::set('calendar', 'tomorrows_events_lines', $tomorrows_events_lines); xarModVars::set('calendar', 'allday_week_lines', $allday_week_lines); xarModVars::set('calendar', 'week_events_lines', $week_events_lines); xarModVars::set('calendar', 'second_offset', $second_offset); xarModVars::set('calendar', 'bleed_time', $bleed_time); xarModVars::set('calendar', 'display_custom_goto', $display_custom_goto); xarModVars::set('calendar', 'display_ical_list', $display_ical_list); xarModVars::set('calendar', 'allow_webcals', $allow_webcals); xarModVars::set('calendar', 'this_months_events', $this_months_events); xarModVars::set('calendar', 'use_color_cals', $use_color_cals); xarModVars::set('calendar', 'daysofweek_dayview', $daysofweek_dayview); xarModVars::set('calendar', 'enable_rss', $enable_rss); xarModVars::set('calendar', 'show_search', $show_search); xarModVars::set('calendar', 'allow_preferences', $allow_preferences); xarModVars::set('calendar', 'printview_default', $printview_default); xarModVars::set('calendar', 'show_todos', $show_todos); xarModVars::set('calendar', 'show_completed', $show_completed); xarModVars::set('calendar', 'allow_login', $allow_login); xarModCallHooks('module', 'updateconfig', 'calendar', array('module' => 'calendar')); // This function generated no output, and so now it is complete we redirect // the user to an appropriate page for them to carry on their work xarController::redirect(xarModURL('calendar', 'admin', 'modifyconfig')); // Return return true; }
/** * delete calendar from database */ function calendar_admin_delete_calendar() { // Get parameters if (!xarVarFetch('calid', 'id', $calid)) { return; } if (!xarVarFetch('confirm', 'checkbox', $confirm, false, XARVAR_NOT_REQUIRED)) { return; } // Get calendar information $calendar = xarMod::apiFunc('calendar', 'user', 'get', array('calid' => $calid)); if (!isset($calendar) || $calendar == false) { $msg = xarML('Unable to find #(1) item #(2)', 'Calendar', xarVarPrepForDisplay($calid)); throw new Exception($msg); } // Security check $input = array(); $input['calendar'] = $calendar; $input['mask'] = 'DeleteCalendars'; /* TODO: security if (!xarMod::apiFunc('calendar','user','checksecurity',$input)) { $msg = xarML('You have no permission to delete item #(1)', xarVarPrepForDisplay($calid)); throw new Exception($msg); } */ // Check for confirmation if (!$confirm) { $data = array(); // Specify for which item you want confirmation $data['calid'] = $calid; // Use articles user GUI function (not API) for preview if (!xarMod::load('calendar', 'user')) { return; } $data['preview'] = xarMod::guiFunc('calendar', 'user', 'display', array('calid' => $calid)); // Add some other data you'll want to display in the template $data['confirmtext'] = xarML('Confirm deleting this calendar'); $data['confirmlabel'] = xarML('Confirm'); // Generate a one-time authorisation code for this operation $data['authid'] = xarSecGenAuthKey(); // Return the template variables defined in this function return $data; } // Confirmation present if (!xarSecConfirmAuthKey()) { return; } // Pass to API if (!xarMod::apiFunc('calendar', 'admin', 'delete_calendar', array('calid' => $calid))) { return; } // Success xarSession::setVar('statusmsg', xarML('Calendar Deleted')); // Return to the original admin view $lastview = xarSession::getVar('Calendar.LastView'); if (isset($lastview)) { $lastviewarray = unserialize($lastview); if (!empty($lastviewarray['ptid']) && $lastviewarray['ptid'] == $ptid) { extract($lastviewarray); xarController::redirect(xarModURL('calendar', 'admin', 'view_calendars')); return true; } } xarController::redirect(xarModURL('calendar', 'admin', 'view_calendars')); return true; }
/** * Publications Module * * @package modules * @subpackage publications module * @category Third Party Xaraya Module * @version 2.0.0 * @copyright (C) 2011 Netspan AG * @license GPL {@link http://www.gnu.org/licenses/gpl.html} * @author Marc Lutolf <*****@*****.**> */ function publications_admin_clone() { if (!xarSecurityCheck('ManagePublications')) { return; } if (!xarVarFetch('name', 'isset', $objectname, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('ptid', 'isset', $ptid, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('itemid', 'isset', $data['itemid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_DONT_SET)) { return; } if (empty($data['itemid'])) { return xarResponse::NotFound(); } // If a pubtype ID was passed, get the name of the pub object if (isset($ptid)) { $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $ptid)); $objectname = $pubtypeobject->properties['name']->value; } if (empty($objectname)) { return xarResponse::NotFound(); } sys::import('modules.dynamicdata.class.objects.master'); $data['object'] = DataObjectMaster::getObject(array('name' => $objectname)); if (empty($data['object'])) { return xarResponse::NotFound(); } // Security if (!$data['object']->checkAccess('update')) { return xarResponse::Forbidden(xarML('Clone #(1) is forbidden', $object->label)); } $data['object']->getItem(array('itemid' => $data['itemid'])); $data['authid'] = xarSecGenAuthKey(); $data['name'] = $data['object']->properties['name']->value; $data['label'] = $data['object']->label; xarTplSetPageTitle(xarML('Clone Publication #(1) in #(2)', $data['itemid'], $data['label'])); if ($confirm) { if (!xarSecConfirmAuthKey()) { return; } // Get the name for the clone if (!xarVarFetch('newname', 'str', $newname, "", XARVAR_NOT_REQUIRED)) { return; } if (empty($newname)) { $newname = $data['name'] . "_copy"; } if ($newname == $data['name']) { $newname = $data['name'] . "_copy"; } $newname = strtolower(str_ireplace(" ", "_", $newname)); // Create the clone $data['object']->properties['name']->setValue($newname); $data['object']->properties['id']->setValue(0); $cloneid = $data['object']->createItem(array('itemid' => 0)); // Create the clone's translations if (!xarVarFetch('clone_translations', 'int', $clone_translations, 0, XARVAR_NOT_REQUIRED)) { return; } if ($clone_translations) { // Get the info on all the objects to be cloned sys::import('xaraya.structures.query'); $tables = xarDB::getTables(); $q = new Query(); $q->addtable($tables['publications'], 'p'); $q->addtable($tables['publications_types'], 'pt'); $q->join('p.pubtype_id', 'pt.id'); $q->eq('parent_id', $data['itemid']); $q->addfield('p.id AS id'); $q->addfield('pt.name AS name'); $q->run(); // Clone each one foreach ($q->output() as $item) { $object = DataObjectMaster::getObject(array('name' => $item['name'])); $object->getItem(array('itemid' => $item['id'])); $object->properties['parent']->value = $cloneid; $object->properties['id']->value = 0; $object->createItem(array('itemid' => 0)); } } // Redirect if we came from somewhere else $current_listview = xarSession::getVar('publications_current_listview'); if (!empty($return_url)) { xarController::redirect($return_url); } elseif (!empty($current_listview)) { xarController::redirect($current_listview); } else { xarController::redirect(xarModURL('publications', 'user', 'view')); } return true; } return $data; }
function mailer_admin_modifyconfig() { // Security Check if (!xarSecurityCheck('AdminMailer')) { return; } if (!xarVarFetch('phase', 'str:1:100', $phase, 'modify', XARVAR_NOT_REQUIRED, XARVAR_PREP_FOR_DISPLAY)) { return; } if (!xarVarFetch('tab', 'str:1:100', $data['tab'], 'general', XARVAR_NOT_REQUIRED)) { return; } switch (strtolower($phase)) { case 'modify': default: switch ($data['tab']) { case 'general': break; case 'tab2': break; case 'tab3': break; default: break; } break; case 'update': // Confirm authorisation code if (!xarSecConfirmAuthKey()) { return; } switch ($data['tab']) { case 'general': if (!xarVarFetch('itemsperpage', 'int', $itemsperpage, xarModVars::get('mailer', 'itemsperpage'), XARVAR_NOT_REQUIRED, XARVAR_PREP_FOR_DISPLAY)) { return; } if (!xarVarFetch('shorturls', 'checkbox', $shorturls, false, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('modulealias', 'checkbox', $useModuleAlias, xarModVars::get('mailer', 'useModuleAlias'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('aliasname', 'str', $aliasname, xarModVars::get('mailer', 'aliasname'), XARVAR_NOT_REQUIRED)) { return; } xarModVars::set('mailer', 'itemsperpage', $itemsperpage); xarModVars::set('mailer', 'SupportShortURLs', $shorturls); xarModVars::set('mailer', 'useModuleAlias', $useModuleAlias); xarModVars::set('mailer', 'aliasname', $aliasname); break; case 'tab2': break; case 'tab3': break; default: break; } xarController::redirect(xarModURL('mailer', 'admin', 'modifyconfig', array('tab' => $data['tab']))); // Return return true; break; } $data['authid'] = xarSecGenAuthKey(); return $data; }
function publications_admin_updateconfig() { // Confirm authorisation code if (!xarSecConfirmAuthKey()) { return; } // Get parameters //A lot of these probably are bools, still might there be a need to change the template to return //'true' and 'false' to use those... if (!xarVarFetch('settings', 'array', $settings, array(), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('usetitleforurl', 'int', $usetitleforurl, xarModVars::get('publications', 'usetitleforurl'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultstate', 'isset', $defaultstate, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultsort', 'isset', $defaultsort, 'date', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('usealias', 'int', $usealias, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('ptid', 'isset', $ptid, xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('multilanguage', 'int', $multilanguage, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('tab', 'str:1:10', $data['tab'], 'global', XARVAR_NOT_REQUIRED)) { return; } if (!xarSecurityCheck('AdminPublications', 1, 'Publication', "{$ptid}:All:All:All")) { return; } if ($data['tab'] == 'global') { if (!xarVarFetch('defaultpubtype', 'isset', $defaultpubtype, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('sortpubtypes', 'isset', $sortpubtypes, 'id', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultlanguage', 'str:1:100', $defaultlanguage, xarModVars::get('publications', 'defaultlanguage'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('debugmode', 'checkbox', $debugmode, xarModVars::get('publications', 'debugmode'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultfrontpage', 'str', $defaultfrontpage, xarModVars::get('publications', 'defaultfrontpage'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultbackpage', 'str', $defaultbackpage, xarModVars::get('publications', 'defaultbackpage'), XARVAR_NOT_REQUIRED)) { return; } xarModVars::set('publications', 'defaultpubtype', $defaultpubtype); xarModVars::set('publications', 'sortpubtypes', $sortpubtypes); xarModVars::set('publications', 'defaultlanguage', $defaultlanguage); xarModVars::set('publications', 'debugmode', $debugmode); xarModVars::set('publications', 'usealias', $usealias); xarModVars::set('publications', 'usetitleforurl', $usetitleforurl); xarModVars::set('publications', 'defaultfrontpage', $defaultfrontpage); xarModVars::set('publications', 'defaultbackpage', $defaultbackpage); // Allow multilanguage only if the languages property is present sys::import('modules.dynamicdata.class.properties.registration'); $types = PropertyRegistration::Retrieve(); if (isset($types[30039])) { xarModVars::set('publications', 'multilanguage', $multilanguage); } else { xarModVars::set('publications', 'multilanguage', 0); } // Get the special pages. foreach (array('defaultpage', 'errorpage', 'notfoundpage', 'noprivspage') as $special_name) { unset($special_id); if (!xarVarFetch($special_name, 'id', $special_id, 0, XARVAR_NOT_REQUIRED)) { return; } xarModVars::set('publications', $special_name, $special_id); } if (xarDB::getType() == 'mysql') { if (!xarVarFetch('fulltext', 'isset', $fulltext, '', XARVAR_NOT_REQUIRED)) { return; } $oldval = xarModVars::get('publications', 'fulltextsearch'); $index = 'i_' . xarDB::getPrefix() . '_publications_fulltext'; if (empty($fulltext) && !empty($oldval)) { // Get database setup $dbconn = xarDB::getConn(); $xartable = xarDB::getTables(); $publicationstable = $xartable['publications']; // Drop fulltext index on publications table $query = "ALTER TABLE {$publicationstable} DROP INDEX {$index}"; $result =& $dbconn->Execute($query); if (!$result) { return; } xarModVars::set('publications', 'fulltextsearch', ''); } elseif (!empty($fulltext) && empty($oldval)) { $searchfields = array('title', 'description', 'summary', 'body1', 'notes'); // $searchfields = explode(',',$fulltext); // Get database setup $dbconn = xarDB::getConn(); $xartable = xarDB::getTables(); $publicationstable = $xartable['publications']; // Add fulltext index on publications table $query = "ALTER TABLE {$publicationstable} ADD FULLTEXT {$index} (" . join(', ', $searchfields) . ")"; $result =& $dbconn->Execute($query); if (!$result) { return; } xarModVars::set('publications', 'fulltextsearch', join(',', $searchfields)); } } // Module settings $data['module_settings'] = xarMod::apiFunc('base', 'admin', 'getmodulesettings', array('module' => 'publications')); $data['module_settings']->setFieldList('items_per_page, use_module_alias, module_alias_name, enable_short_urls, user_menu_link', 'use_module_icons'); $isvalid = $data['module_settings']->checkInput(); if (!$isvalid) { return xarTplModule('base', 'admin', 'modifyconfig', $data); } else { $itemid = $data['module_settings']->updateItem(); } // Pull the base category ids from the template and save them $picker = DataPropertyMaster::getProperty(array('name' => 'categorypicker')); $picker->checkInput('basecid'); } elseif ($data['tab'] == 'pubtypes') { // Get the publication type for this display and save the settings to it $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $ptid)); $configsettings = $pubtypeobject->properties['configuration']->getValue(); $checkbox = DataPropertyMaster::getProperty(array('name' => 'checkbox')); $boxes = array('show_hitount', 'show_ratings', 'show_keywords', 'show_comments', 'show_prevnext', 'show_archives', 'show_publinks', 'show_pubcount', 'show_map', 'prevnextart', 'dot_transform', 'title_transform', 'show_categories', 'show_catcount', 'show_prevnext', 'allow_translations'); foreach ($boxes as $box) { $isvalid = $checkbox->checkInput($box); if ($isvalid) { $settings[$box] = $checkbox->value; } } // foreach ($configsettings as $key => $value) // if (!isset($settings[$key])) $settings[$key] = 0; $isvalid = true; // Get the default access rules $access = DataPropertyMaster::getProperty(array('name' => 'access')); $validprop = $access->checkInput("access_add"); $addaccess = $access->value; $isvalid = $isvalid && $validprop; $validprop = $access->checkInput("access_display"); $displayaccess = $access->value; $isvalid = $isvalid && $validprop; $validprop = $access->checkInput("access_modify"); $modifyaccess = $access->value; $isvalid = $isvalid && $validprop; $validprop = $access->checkInput("access_delete"); $deleteaccess = $access->value; $isvalid = $isvalid && $validprop; $allaccess = array('add' => $addaccess, 'display' => $displayaccess, 'modify' => $modifyaccess, 'delete' => $deleteaccess); $pubtypeobject->properties['access']->setValue(serialize($allaccess)); $pubtypeobject->properties['configuration']->setValue(serialize($settings)); $pubtypeobject->updateItem(array('itemid' => $ptid)); $pubtypes = xarModAPIFunc('publications', 'user', 'get_pubtypes'); if ($usealias) { xarModSetAlias($pubtypes[$ptid]['name'], 'publications'); } else { xarModDelAlias($pubtypes[$ptid]['name'], 'publications'); } } elseif ($data['tab'] == 'redirects') { $redirects = DataPropertyMaster::getProperty(array('name' => 'array')); $redirects->display_column_definition['value'] = array(array("From", "To"), array(2, 2), array("", ""), array("", "")); $isvalid = $redirects->checkInput("redirects"); xarModVars::set('publications', 'redirects', $redirects->value); } xarController::redirect(xarModURL('publications', 'admin', 'modifyconfig', array('ptid' => $ptid, 'tab' => $data['tab']))); return true; }
/** * import pictures into publications */ function publications_admin_importpictures() { if (!xarSecurityCheck('AdminPublications')) { return; } // Get parameters if (!xarVarFetch('basedir', 'isset', $basedir, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('baseurl', 'isset', $baseurl, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('thumbnail', 'isset', $thumbnail, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('filelist', 'isset', $filelist, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('refresh', 'isset', $refresh, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('ptid', 'isset', $ptid, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('title', 'isset', $title, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('summary', 'isset', $summary, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('content', 'isset', $content, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('usefilemtime', 'isset', $usefilemtime, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('cids', 'isset', $cids, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('test', 'isset', $test, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('import', 'isset', $import, NULL, XARVAR_DONT_SET)) { return; } // Initialise the template variables $data = array(); if (!isset($baseurl)) { $data['baseurl'] = sys::code() . 'modules/publications/xarimages/'; } else { $data['baseurl'] = $baseurl; } if (!isset($basedir)) { $data['basedir'] = realpath($data['baseurl']); } else { $data['basedir'] = realpath($basedir); } if (!isset($thumbnail)) { $data['thumbnail'] = 'tn_'; } else { $data['thumbnail'] = $thumbnail; } $data['filelist'] = xarModAPIFunc('publications', 'admin', 'browse', array('basedir' => $data['basedir'], 'filetype' => '(gif|jpg|jpeg|png)')); // try to match the thumbnails with the pictures $data['thumblist'] = array(); if (!empty($data['thumbnail'])) { foreach ($data['filelist'] as $file) { // for subdir/myfile.jpg $fileparts = pathinfo($file); // jpg $extension = $fileparts['extension']; // subdir $dirname = $fileparts['dirname']; // myfile $basename = $fileparts['basename']; $basename = preg_replace("/\\.{$extension}/", '', $basename); if (!empty($dirname) && $dirname != '.') { $thumb = $dirname . '/' . $data['thumbnail'] . $basename; } else { $thumb = $data['thumbnail'] . $basename; } // subdir/tn_file.jpg if (in_array($thumb . '.' . $extension, $data['filelist'])) { $data['thumblist'][$file] = $thumb . '.' . $extension; // subdir/tn_file_jpg.jpg } elseif (in_array($thumb . '_' . $extension . '.' . $extension, $data['filelist'])) { $data['thumblist'][$file] = $thumb . '_' . $extension . '.' . $extension; // subdir/tn_file.jpg.jpg } elseif (in_array($thumb . '.' . $extension . '.' . $extension, $data['filelist'])) { $data['thumblist'][$file] = $thumb . '.' . $extension . '.' . $extension; } } if (count($data['thumblist']) > 0) { $deletelist = array_values($data['thumblist']); $data['filelist'] = array_diff($data['filelist'], $deletelist); } } if (isset($refresh) || isset($test) || isset($import)) { // Confirm authorisation code if (!xarSecConfirmAuthKey()) { return; } } $data['authid'] = xarSecGenAuthKey(); // Get current publication types $pubtypes = xarModAPIFunc('publications', 'user', 'get_pubtypes'); // Set default pubtype to Pictures (if it exists) if (!isset($ptid) && isset($pubtypes[5])) { $ptid = 5; $title = 'title'; $summary = 'summary'; $content = 'body'; } $data['pubtypes'] = $pubtypes; $data['fields'] = array(); $data['cats'] = array(); if (!empty($ptid)) { $data['ptid'] = $ptid; $pubfields = xarModAPIFunc('publications', 'user', 'getpubfields'); $pubfieldtypes = xarModAPIFunc('publications', 'user', 'getpubfieldtypes'); $pubfieldformats = xarModAPIFunc('publications', 'user', 'getpubfieldformats'); foreach ($pubfields as $field => $dummy) { if (($pubfieldtypes[$field] == 'text' || $pubfieldtypes[$field] == 'string') && !empty($pubtypes[$ptid]['config'][$field]['label']) && $pubtypes[$ptid]['config'][$field]['format'] != 'fileupload') { $data['fields'][$field] = $pubtypes[$ptid]['config'][$field]['label'] . ' [' . $pubfieldformats[$pubtypes[$ptid]['config'][$field]['format']] . ']'; } } $catlist = array(); $rootcats = xarModAPIFunc('categories', 'user', 'getallcatbases', array('module' => 'publications', 'itemtype' => $ptid)); foreach ($rootcats as $catid) { $catlist[$catid['category_id']] = 1; } $seencid = array(); if (isset($cids) && is_array($cids)) { foreach ($cids as $catid) { if (!empty($catid)) { $seencid[$catid] = 1; } } } $cids = array_keys($seencid); foreach (array_keys($catlist) as $catid) { $data['cats'][] = xarModAPIFunc('categories', 'visual', 'makeselect', array('cid' => $catid, 'return_itself' => true, 'select_itself' => true, 'values' => &$seencid, 'multiple' => 1)); } } $data['selected'] = array(); if (!isset($refresh) && isset($filelist) && is_array($filelist) && count($filelist) > 0) { foreach ($filelist as $file) { if (!empty($file) && in_array($file, $data['filelist'])) { $data['selected'][$file] = 1; } } } if (isset($title) && isset($data['fields'][$title])) { $data['title'] = $title; } if (isset($summary) && isset($data['fields'][$summary])) { $data['summary'] = $summary; } if (isset($content) && isset($data['fields'][$content])) { $data['content'] = $content; } if (empty($usefilemtime)) { $data['usefilemtime'] = 0; } else { $data['usefilemtime'] = 1; } if (isset($data['ptid']) && isset($data['content']) && count($data['selected']) > 0 && (isset($test) || isset($import))) { // TODO: allow changing the order of import + editing the titles etc. before creating the publications $data['logfile'] = ''; foreach (array_keys($data['selected']) as $file) { $curfile = realpath($basedir . '/' . $file); if (!file_exists($curfile) || !is_file($curfile)) { continue; } $filename = $file; if (empty($baseurl)) { $imageurl = $file; } elseif (substr($baseurl, -1) == '/') { $imageurl = $baseurl . $file; } else { $imageurl = $baseurl . '/' . $file; } if (!empty($data['thumblist'][$file])) { if (empty($baseurl)) { $thumburl = $data['thumblist'][$file]; } elseif (substr($baseurl, -1) == '/') { $thumburl = $baseurl . $data['thumblist'][$file]; } else { $thumburl = $baseurl . '/' . $data['thumblist'][$file]; } } else { $thumburl = ''; } $article = array('title' => ' ', 'summary' => '', 'body' => '', 'notes' => '', 'pubdate' => empty($usefilemtime) ? time() : filemtime($curfile), 'state' => 2, 'ptid' => $data['ptid'], 'cids' => $cids, 'pubtype_id' => $data['ptid'], 'owner' => xarUserGetVar('id'), 'id' => 0); if (!empty($data['title']) && !empty($filename)) { $article[$data['title']] = $filename; } if (!empty($data['summary']) && !empty($thumburl)) { $article[$data['summary']] = $thumburl; } if (!empty($data['content']) && !empty($imageurl)) { $article[$data['content']] = $imageurl; } if (isset($test)) { // preview the first file as a test $data['preview'] = xarModFunc('publications', 'user', 'display', array('article' => $article, 'preview' => true)); break; } else { $id = xarModAPIFunc('publications', 'admin', 'create', $article); if (empty($id)) { return; // throw back } else { $data['logfile'] .= xarML('File #(1) was imported as #(2) #(3)', $curfile, $pubtypes[$data['ptid']]['description'], $id); $data['logfile'] .= '<br />'; } } } } // Return the template variables defined in this function return $data; }
function wurfl_admin_modifyconfig_utility() { // Security Check if (!xarSecurityCheck('AdminWurfl')) { return; } if (!xarVarFetch('phase', 'str:1:100', $phase, 'modify', XARVAR_NOT_REQUIRED, XARVAR_PREP_FOR_DISPLAY)) { return; } if (!xarVarFetch('tab', 'str:1:100', $data['tab'], 'wurfl_general', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('tabmodule', 'str:1:100', $tabmodule, 'wurfl', XARVAR_NOT_REQUIRED)) { return; } $hooks = xarModCallHooks('module', 'getconfig', 'wurfl'); if (!empty($hooks) && isset($hooks['tabs'])) { foreach ($hooks['tabs'] as $key => $row) { $configarea[$key] = $row['configarea']; $configtitle[$key] = $row['configtitle']; $configcontent[$key] = $row['configcontent']; } array_multisort($configtitle, SORT_ASC, $hooks['tabs']); } else { $hooks['tabs'] = array(); } $regid = xarMod::getRegID($tabmodule); switch (strtolower($phase)) { case 'modify': default: switch ($data['tab']) { case 'wurfl_general': break; case 'tab2': break; case 'tab3': break; default: break; } break; case 'update': // Confirm authorisation code if (!xarSecConfirmAuthKey()) { return; } if (!xarVarFetch('items_per_page', 'int', $items_per_page, xarModVars::get('wurfl', 'items_per_page'), XARVAR_NOT_REQUIRED, XARVAR_PREP_FOR_DISPLAY)) { return; } if (!xarVarFetch('shorturls', 'checkbox', $shorturls, false, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('modulealias', 'checkbox', $use_module_alias, xarModVars::get('wurfl', 'use_module_alias'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('module_alias_name', 'str', $module_alias_name, xarModVars::get('wurfl', 'module_alias_name'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultmastertable', 'str', $defaultmastertable, xarModVars::get('wurfl', 'defaultmastertable'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('bar', 'str:1', $bar, 'Bar', XARVAR_NOT_REQUIRED)) { return; } $modvars = array('defaultmastertable', 'bar'); if ($data['tab'] == 'wurfl_general') { xarModVars::set('wurfl', 'items_per_page', $items_per_page); xarModVars::set('wurfl', 'supportshorturls', $shorturls); xarModVars::set('wurfl', 'use_module_alias', $use_module_alias); xarModVars::set('wurfl', 'module_alias_name', $module_alias_name); foreach ($modvars as $var) { if (isset(${$var})) { xarModVars::set('wurfl', $var, ${$var}); } } } foreach ($modvars as $var) { if (isset(${$var})) { xarModItemVars::set('wurfl', $var, ${$var}, $regid); } } xarController::redirect(xarModURL('wurfl', 'admin', 'modifyconfig', array('tabmodule' => $tabmodule, 'tab' => $data['tab']))); // Return return true; break; } $data['hooks'] = $hooks; $data['tabmodule'] = $tabmodule; $data['authid'] = xarSecGenAuthKey(); return $data; }