Example #1
0
 /**
  * Hook for after parsing route
  *
  * @return void
  */
 public function onAfterRoute()
 {
     if (User::isGuest()) {
         $current = Request::getWord('option', '');
         $current .= ($controller = Request::getWord('controller', false)) ? '.' . $controller : '';
         $current .= ($task = Request::getWord('task', false)) ? '.' . $task : '';
         $current .= ($view = Request::getWord('view', false)) ? '.' . $view : '';
         if (App::isSite()) {
             $pages = ['com_users.login'];
             $granted = Session::get('user_consent', false);
             if (in_array($current, $pages) && !$granted) {
                 Request::setVar('option', 'com_users');
                 Request::setVar('view', 'userconsent');
             }
         } else {
             if (App::isAdmin()) {
                 $exceptions = ['com_login.grantconsent'];
                 $granted = Session::get('user_consent', false);
                 if (!in_array($current, $exceptions) && !$granted) {
                     Request::setVar('option', 'com_login');
                     Request::setVar('task', 'consent');
                 }
             }
         }
     }
 }
Example #2
0
 /**
  * Route resource to single controller
  */
 public static function resource()
 {
     $arguments = func_get_args();
     $path = $arguments[0];
     $controller = end($arguments);
     $options = array();
     // check if opstions is passed
     if (count($arguments) == 3) {
         $options = $arguments[1];
         unset($arguments[1]);
     }
     $prefix = App::isAdmin() ? 'admin_' : '';
     $resourceRoutes = array('get' => array('pattern' => "{$path}", 'method' => 'get', 'handler' => "{$controller}:{$prefix}index"), 'get_paginate' => array('pattern' => "{$path}/page/:page", 'method' => 'get', 'handler' => "{$controller}:{$prefix}index"), 'get_create' => array('pattern' => "{$path}/create", 'method' => 'get', 'handler' => "{$controller}:{$prefix}create"), 'get_edit' => array('pattern' => "{$path}/:id/edit", 'method' => 'get', 'handler' => "{$controller}:{$prefix}edit"), 'get_show' => array('pattern' => "{$path}/:id", 'method' => 'get', 'handler' => "{$controller}:{$prefix}show"), 'post' => array('pattern' => "{$path}", 'method' => 'post', 'handler' => "{$controller}:{$prefix}store"), 'put' => array('pattern' => "{$path}/:id", 'method' => 'put', 'handler' => "{$controller}:{$prefix}update"), 'delete' => array('pattern' => "{$path}/:id", 'method' => 'delete', 'handler' => "{$controller}:{$prefix}destroy"));
     foreach ($resourceRoutes as $key => $route) {
         $callable = $arguments;
         //put edited pattern to the top stack
         array_shift($callable);
         array_unshift($callable, $route['pattern']);
         //put edited controller to the bottom stack
         array_pop($callable);
         array_push($callable, $route['handler']);
         if (empty($options['name'])) {
             $name = $prefix . $key . '-' . ltrim($path, "/");
         } else {
             $name = $prefix . $key . '-' . $options['name'];
         }
         call_user_func_array(array(self::$slim, $route['method']), $callable)->name($name);
     }
 }
Example #3
0
 /**
  * Hook for after routing application
  * 
  * @return  void
  */
 public function onAfterRoute()
 {
     if (!App::isAdmin() && !App::isSite()) {
         return;
     }
     $client = 'Site';
     if (App::isAdmin()) {
         $client = 'Admin';
         return;
     }
     // Check if active for this client (Site|Admin)
     if (!$this->params->get('activate' . $client) || Request::getVar('format') == 'pdf') {
         return;
     }
     Html::behavior('framework');
     if ($this->params->get('jqueryui')) {
         Html::behavior('framework', true);
     }
     if ($this->params->get('jqueryfb')) {
         Html::behavior('modal');
     }
     if ($this->params->get('noconflict' . $client)) {
         Document::addScript(Request::root(true) . '/core/assets/js/jquery.noconflict.js');
     }
 }
 function actionIndex()
 {
     if (App::isAdmin()) {
         Controller::redirect('/admin/article');
     } else {
         Controller::redirect('/log-in');
     }
 }
Example #5
0
 /**
  * Get the base path
  *
  * @return  string
  */
 public static function base()
 {
     $base = JPATH_SITE;
     if (\App::isAdmin()) {
         $base = JPATH_ADMINISTRATOR;
     }
     return $base;
 }
Example #6
0
/**
 * Method to create an active pagination link to the item
 *
 * @param   Item    $item  The object with which to make an active link.
 * @return  string  HTML link
 */
function paginator_item_active($item, $prefix)
{
    if (App::isAdmin()) {
        return '<a title="' . $item->text . '" onclick="document.adminForm.' . $prefix . 'limitstart.value=' . ($item->base > 0 ? $item->base : 0) . '; Joomla.submitform();return false;">' . $item->text . '</a>';
    } else {
        return '<a title="' . $item->text . '" href="' . $item->link . '" ' . ($item->rel ? 'rel="' . $item->rel . '" ' : '') . 'class="pagenav">' . $item->text . '</a>';
    }
}
 public function actionDeleteComment()
 {
     if (empty($_POST['id']) || !App::isAdmin()) {
         return $this->redirect('/article');
     }
     $currentArticleUrl = Article::findById(Comment::findById($_POST['id'])->article_id)->url;
     Comment::deleteComment($_POST['id']);
     $this->redirect('/article/show/' . $currentArticleUrl);
 }
Example #8
0
 /**
  * Display module contents
  *
  * @return  void
  */
 public function display()
 {
     if (!\App::isAdmin()) {
         return;
     }
     $buttons = self::getButtons($this->params);
     include_once __DIR__ . DS . 'icons.php';
     require $this->getLayoutPath($this->params->get('layout', 'default'));
 }
Example #9
0
 /**
  * Display module contents
  *
  * @return  void
  */
 public function display()
 {
     if (!\App::isAdmin()) {
         return;
     }
     // Get the toolbar.
     $toolbar = \Toolbar::render('toolbar');
     // Get the view
     require $this->getLayoutPath($this->params->get('layout', 'default'));
 }
Example #10
0
 /**
  * Method to handle an error condition.
  *
  * @param   Exception  &$error  The Exception object to be handled.
  * @return  void
  */
 public static function handleError(&$error)
 {
     $renderer = new \Hubzero\Error\Renderer\Page(App::get('document'), App::get('template')->template, App::get('config')->get('debug'));
     // Make sure the error is a 404 and we are not in the administrator.
     if (!App::isAdmin() and $error->getCode() == 404) {
         // Render the error page.
         $renderer->render($error);
     }
     // Get the full current URI.
     $uri = JURI::getInstance();
     $current = $uri->toString(array('scheme', 'host', 'port', 'path', 'query', 'fragment'));
     // Attempt to ignore idiots.
     if (strpos($current, 'mosConfig_') !== false || strpos($current, '=http://') !== false) {
         // Render the error page.
         $renderer->render($error);
     }
     // See if the current url exists in the database as a redirect.
     $db = App::get('db');
     $db->setQuery('SELECT ' . $db->quoteName('new_url') . ', ' . $db->quoteName('published') . ' FROM ' . $db->quoteName('#__redirect_links') . ' WHERE ' . $db->quoteName('old_url') . ' = ' . $db->quote($current), 0, 1);
     $link = $db->loadObject();
     // If no published redirect was found try with the server-relative URL
     if (!$link or $link->published != 1) {
         $currRel = $uri->toString(array('path', 'query', 'fragment'));
         $db->setQuery('SELECT ' . $db->quoteName('new_url') . ', ' . $db->quoteName('published') . ' FROM ' . $db->quoteName('#__redirect_links') . ' WHERE ' . $db->quoteName('old_url') . ' = ' . $db->quote($currRel), 0, 1);
         $link = $db->loadObject();
     }
     // If a redirect exists and is published, permanently redirect.
     if ($link and $link->published == 1) {
         App::redirect($link->new_url, null, null, true, false);
     } else {
         $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
         $db->setQuery('SELECT id FROM ' . $db->quoteName('#__redirect_links') . '  WHERE old_url= ' . $db->quote($current));
         $res = $db->loadResult();
         if (!$res) {
             // If not, add the new url to the database.
             $query = $db->getQuery(true);
             $query->insert($db->quoteName('#__redirect_links'), false);
             $columns = array($db->quoteName('old_url'), $db->quoteName('new_url'), $db->quoteName('referer'), $db->quoteName('comment'), $db->quoteName('hits'), $db->quoteName('published'), $db->quoteName('created_date'));
             $query->columns($columns);
             $query->values($db->Quote($current) . ', ' . $db->Quote('') . ' ,' . $db->Quote($referer) . ', ' . $db->Quote('') . ',1,0, ' . $db->Quote(Date::toSql()));
             $db->setQuery($query);
             $db->query();
         } else {
             // Existing error url, increase hit counter
             $query = $db->getQuery(true);
             $query->update($db->quoteName('#__redirect_links'));
             $query->set($db->quoteName('hits') . ' = ' . $db->quoteName('hits') . ' + 1');
             $query->where('id = ' . (int) $res);
             $db->setQuery((string) $query);
             $db->query();
         }
         // Render the error page.
         $renderer->render($error);
     }
 }
Example #11
0
 public function onAfterInitialise()
 {
     // No remember me for admin
     if (App::isAdmin()) {
         return;
     }
     if (User::isGuest()) {
         $hash = App::hash('JLOGIN_REMEMBER');
         if ($str = Request::getString($hash, '', 'cookie', 1 | 2)) {
             $credentials = array();
             $goodCookie = true;
             $filter = JFilterInput::getInstance();
             // Create the encryption key, apply extra hardening using the user agent string.
             // Since we're decoding, no UA validity check is required.
             $privateKey = App::hash(@$_SERVER['HTTP_USER_AGENT']);
             $crypt = new \Hubzero\Encryption\Encrypter(new \Hubzero\Encryption\Cipher\Simple(), new \Hubzero\Encryption\Key('simple', $privateKey, $privateKey));
             try {
                 $str = $crypt->decrypt($str);
                 if (!is_string($str)) {
                     throw new Exception('Decoded cookie is not a string.');
                 }
                 $cookieData = json_decode($str);
                 if (null === $cookieData) {
                     throw new Exception('JSON could not be docoded.');
                 }
                 if (!is_object($cookieData)) {
                     throw new Exception('Decoded JSON is not an object.');
                 }
                 // json_decoded cookie could be any object structure, so make sure the
                 // credentials are well structured and only have user and password.
                 if (isset($cookieData->username) && is_string($cookieData->username)) {
                     $credentials['username'] = $filter->clean($cookieData->username, 'username');
                 } else {
                     throw new Exception('Malformed username.');
                 }
                 if (isset($cookieData->password) && is_string($cookieData->password)) {
                     $credentials['password'] = $filter->clean($cookieData->password, 'string');
                 } else {
                     throw new Exception('Malformed password.');
                 }
                 $return = App::get('auth')->login($credentials, array('silent' => true));
                 if (!$return) {
                     throw new Exception('Log-in failed.');
                 }
             } catch (Exception $e) {
                 $cookie_domain = Config::get('cookie_domain', '');
                 $cookie_path = Config::get('cookie_path', '/');
                 // Clear the remember me cookie
                 setcookie(App::hash('JLOGIN_REMEMBER'), false, time() - 86400, $cookie_path, $cookie_domain);
                 Log::warning('A remember me cookie was unset for the following reason: ' . $e->getMessage());
             }
         }
     }
 }
Example #12
0
 /**
  * Get the items of the submenu and display them.
  *
  * @return  void
  */
 public function display()
 {
     if (!\App::isAdmin() || !class_exists('\\Submenu')) {
         return;
     }
     // Initialise variables.
     $list = \Submenu::getItems();
     if (!is_array($list) || !count($list)) {
         return;
     }
     require $this->getLayoutPath($this->params->get('layout', 'default'));
 }
Example #13
0
 /**
  * Return any options this element may have
  *
  * @param   string  $name          Name of the field
  * @param   string  $value         Value to check against
  * @param   object  $element       Data Source Object.
  * @param   string  $control_name  Control name (eg, control[fieldname])
  * @return  string  HTML
  */
 public function fetchElement($name, $value, &$element, $control_name)
 {
     $rows = isset($element->rows) ? $element->rows : 6;
     $cols = isset($element->cols) ? $element->cols : 50;
     $cls = array();
     if (isset($element->class)) {
         $cls[] = $element->class;
     }
     $cls[] = \App::isAdmin() ? 'no-footer' : 'minimal no-footer';
     // convert <br /> tags so they are not visible when editing
     $value = str_replace('<br />', "\n", $value);
     return '<span class="field-wrap">' . \App::get('editor')->display($control_name . '[' . $name . ']', $value, '', '', $cols, $rows, false, $control_name . '-' . $name, null, null, array('class' => implode(' ', $cls))) . '</span>';
 }
Example #14
0
 /**
  * Get array of help pages for component
  *
  * @param   string  $component  Component to get pages for
  * @return  array
  */
 private static function path($component)
 {
     $client = \App::isAdmin() ? 'admin' : 'site';
     return \App::get('component')->path($component) . DS . $client;
     /*if (file_exists(PATH_CORE . DS . 'components' . DS . $component . DS . $client))
     		{
     			return PATH_CORE . DS . 'components' . DS . $component . DS . $client;
     		}
     		else
     		{
     			return PATH_APP . DS . 'components' . DS . $component;
     		}*/
 }
Example #15
0
 public function render($view = 'index', $data = null, $theme = 'user', $layout = 'main')
 {
     if ($this->forAdmin && !App::isAdmin()) {
         return Controller::redirect('/admin');
     }
     if ($this->forAdmin) {
         $theme = 'admin';
         $layout = 'admin';
     }
     $view = VIEWS_PATH . $theme . '/' . $view . PHP_EXT;
     $layout = VIEWS_PATH . 'layout/' . $layout . PHP_EXT;
     include $layout;
 }
Example #16
0
 /**
  * Display module contents
  *
  * @return     void
  */
 public function display()
 {
     if (!\App::isAdmin()) {
         return;
     }
     $database = \App::get('db');
     $queries = array('unpublished' => 0, 'published' => 1, 'draftUser' => 2, 'pending' => 3, 'removed' => 4, 'draftInternal' => 5);
     foreach ($queries as $key => $state) {
         $database->setQuery("SELECT count(*) FROM `#__resources` WHERE published={$state} AND standalone=1");
         $this->{$key} = $database->loadResult();
     }
     // Get the view
     parent::display();
 }
Example #17
0
 /**
  * Display module contents
  *
  * @return  void
  */
 public function display()
 {
     if (!\App::isAdmin()) {
         return;
     }
     \JModelLegacy::addIncludePath(PATH_CORE . '/components/com_content/admin/models', 'ContentModel');
     jimport('joomla.application.categories');
     // [!] Legacy compatibility
     $params = $this->params;
     // Get module data.
     $list = $this->getList($params);
     // Render the module
     require $this->getLayoutPath($params->get('layout', 'default'));
 }
	public function __get($key)
	{
		if(!array_key_exists($this->_module, $this->_options)){
			if(App::isAdmin()){
				$fullpath = APPLICATION_PATH . DIRECTORY_SEPARATOR . 'code' 
	              			. DIRECTORY_SEPARATOR . 'admin' . DIRECTORY_SEPARATOR . strtolower($this->_module)
	              			. DIRECTORY_SEPARATOR . 'etc' . DIRECTORY_SEPARATOR . 'module.ini';
			}else{
	            $fullpath = APPLICATION_PATH . DIRECTORY_SEPARATOR . 'code' 
	              			. DIRECTORY_SEPARATOR . 'front' . DIRECTORY_SEPARATOR . strtolower($this->_module)
	              			. DIRECTORY_SEPARATOR . 'etc' . DIRECTORY_SEPARATOR . 'module.ini';
			} 			
            $config = $this->_loadOptions($fullpath);
            $this->_options[$this->_module] = $config; 			
		}
		return $this->_options[$this->_module]->$key;
	}
Example #19
0
 /**
  * Display module contents
  *
  * @return     void
  */
 public function display()
 {
     if (!\App::isAdmin()) {
         return;
     }
     // include group page archive model
     require_once Component::path('com_groups') . DS . 'models' . DS . 'page' . DS . 'archive.php';
     // include group module archive model
     require_once Component::path('com_groups') . DS . 'models' . DS . 'module' . DS . 'archive.php';
     // get unapproved pages
     $groupModelPageArchive = new Models\Page\Archive();
     $this->unapprovedPages = $groupModelPageArchive->pages('unapproved', array('state' => array(0, 1)), true);
     // get unapproved modules
     $groupModelModuleArchive = new Models\Module\Archive();
     $this->unapprovedModules = $groupModelModuleArchive->modules('unapproved', array('state' => array(0, 1)), true);
     // Get the view
     parent::display();
 }
Example #20
0
 /**
  * Drop a cookie
  *
  * @param  (string) $namespace - make sure the cookie name is unique
  * @param  (time)   $lifetime  - how long the cookie should last
  * @param  (array)  $data      - data to be saved in cookie
  * @return void
  **/
 public static function bake($namespace, $lifetime, $data = array())
 {
     $hash = \App::hash(\App::get('client')->name . ':' . $namespace);
     $key = \App::hash('');
     $crypt = new \Hubzero\Encryption\Encrypter(new \Hubzero\Encryption\Cipher\Simple(), new \Hubzero\Encryption\Key('simple', $key, $key));
     $cookie = $crypt->encrypt(serialize($data));
     // Determine whether cookie should be 'secure' or not
     $secure = false;
     $forceSsl = \Config::get('force_ssl', false);
     if (\App::isAdmin() && $forceSsl >= 1) {
         $secure = true;
     } else {
         if (\App::isSite() && $forceSsl == 2) {
             $secure = true;
         }
     }
     // Set the actual cookie
     setcookie($hash, $cookie, $lifetime, '/', '', $secure, true);
 }
Example #21
0
 /**
  * Utility method to act on a user after it has been saved.
  *
  * This method sends a registration email to new users created in the backend.
  *
  * @param   array    $user     Holds the new user data.
  * @param   boolean  $isnew    True if a new user is stored.
  * @param   boolean  $success  True if user was succesfully stored in the database.
  * @param   string   $msg      Message.
  * @return  void
  */
 public function onUserAfterSave($user, $isnew, $success, $msg)
 {
     // Initialise variables.
     $config = App::get('config');
     $mail_to_user = $this->params->get('mail_to_user', 0);
     // [!] HUBzero - changed default value
     if ($isnew) {
         // TODO: Suck in the frontend registration emails here as well. Job for a rainy day.
         if (App::isAdmin()) {
             if ($mail_to_user) {
                 $lang = App::get('language');
                 $defaultLocale = $lang->getTag();
                 // Look for user language. Priority:
                 //  1. User frontend language
                 //  2. User backend language
                 $userParams = new \Hubzero\Config\Registry($user['params']);
                 $userLocale = $userParams->get('language', $userParams->get('admin_language', $defaultLocale));
                 if ($userLocale != $defaultLocale) {
                     $lang->setLanguage($userLocale);
                 }
                 $lang->load('plg_user_joomla', PATH_APP . DS . 'bootstrap' . DS . 'site') || $lang->load('plg_user_joomla', PATH_APP . DS . 'bootstrap' . DS . 'administrator') || $lang->load('plg_user_joomla', __DIR__);
                 // Compute the mail subject.
                 $emailSubject = Lang::txt('PLG_USER_JOOMLA_NEW_USER_EMAIL_SUBJECT', $user['name'], $config->get('sitename'));
                 // Compute the mail body.
                 $emailBody = Lang::txt('PLG_USER_JOOMLA_NEW_USER_EMAIL_BODY', $user['name'], $config->get('sitename'), Request::root(), $user['username'], $user['password_clear']);
                 // Assemble the email data...the sexy way!
                 $mail = JFactory::getMailer()->setSender(array($config->get('mailfrom'), $config->get('fromname')))->addRecipient($user['email'])->setSubject($emailSubject)->setBody($emailBody);
                 // Set application language back to default if we changed it
                 if ($userLocale != $defaultLocale) {
                     $lang->setLanguage($defaultLocale);
                 }
                 if (!$mail->Send()) {
                     // TODO: Probably should raise a plugin error but this event is not error checked.
                     throw new Exception(Lang::txt('ERROR_SENDING_EMAIL'), 500);
                 }
             }
         }
     } else {
         // Existing user - nothing to do...yet.
     }
 }
Example #22
0
 /**
  * Method to handle an error condition.
  *
  * @param   Exception  &$error  The Exception object to be handled.
  * @return  void
  */
 public static function handleError(&$error)
 {
     include_once PATH_CORE . DS . 'components' . DS . 'com_redirect' . DS . 'models' . DS . 'link.php';
     $renderer = new \Hubzero\Error\Renderer\Page(App::get('document'), App::get('template')->template, App::get('config')->get('debug'));
     // Make sure the error is a 404 and we are not in the administrator.
     if (!App::isAdmin() and $error->getCode() == 404) {
         // Render the error page.
         $renderer->render($error);
     }
     // Get the full current URI.
     $uri = \Hubzero\Utility\Uri::getInstance();
     $current = $uri->toString(array('scheme', 'host', 'port', 'path', 'query', 'fragment'));
     // Attempt to ignore idiots.
     if (strpos($current, 'mosConfig_') !== false || strpos($current, '=http://') !== false) {
         // Render the error page.
         $renderer->render($error);
     }
     // See if the current url exists in the database as a redirect.
     $link = \Components\Redirect\Models\Link::all()->whereEquals('old_url', $current)->row();
     // If no published redirect was found try with the server-relative URL
     if (!$link->id || $link->published != 1) {
         $currRel = $uri->toString(array('path', 'query', 'fragment'));
         $link = \Components\Redirect\Models\Link::all()->whereEquals('old_url', $currRel)->row();
     }
     // If a redirect exists and is published, permanently redirect.
     if ($link->id && $link->published == 1) {
         App::redirect($link->new_url, null, null, true, false);
     } else {
         $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
         $row = \Components\Redirect\Models\Link::all()->whereEquals('old_url', $current)->row();
         if (!$row->get('id')) {
             $row->set(['old_url' => $current, 'new_url' => '', 'referer' => $referer, 'comment' => '', 'hits' => 1, 'published' => 0, 'created_date' => Date::toSql()]);
         } else {
             $row->set('hits', intval($row->get('hits')) + 1);
         }
         $row->save();
         // Render the error page.
         $renderer->render($error);
     }
 }
Example #23
0
 /**
  * Display module contents
  * 
  * @return  void
  */
 public function display()
 {
     if (!\App::isAdmin()) {
         return;
     }
     $database = \App::get('db');
     $where = "";
     if ($start = Request::getVar('start', '')) {
         $where = "WHERE a.created > " . $database->quote($start);
     }
     $query = "SELECT a.* FROM (\n\t\t\t\t\t(SELECT c.id, c.ticket, c.created, (CASE WHEN `comment` != '' THEN 'comment' ELSE 'change' END) AS 'category' FROM `#__support_comments` AS c)\n\t\t\t\t\tUNION\n\t\t\t\t\t(SELECT '0' AS id, t.id AS ticket, t.created, 'ticket' AS 'category' FROM `#__support_tickets` AS t)\n\t\t\t\t) AS a {$where} ORDER BY a.created DESC LIMIT 0, " . $this->params->get('limit', 25);
     $database->setQuery($query);
     $this->results = $database->loadObjectList();
     $this->feed = Request::getInt('feedactivity', 0);
     if ($this->feed == 1) {
         ob_clean();
         foreach ($this->results as $result) {
             require $this->getLayoutPath('default_item');
         }
         exit;
     }
     parent::display();
 }
Example #24
0
 /**
  * Display module contents
  *
  * @return  void
  */
 public function display()
 {
     if (!\App::isAdmin()) {
         return;
     }
     include_once Component::path('com_wishlist') . DS . 'models' . DS . 'wishlist.php';
     $wishlist = intval($this->params->get('wishlist', 0));
     if (!$wishlist) {
         $model = Wishlist::getInstance(1, 'general');
         if (!$model->exists()) {
             return false;
         }
         $wishlist = $model->get('id');
     }
     $this->wishlist = $wishlist;
     $queries = array('granted' => 1, 'pending' => "0 AND accepted=0", 'accepted' => "0 AND accepted=1", 'rejected' => 3, 'withdrawn' => 4, 'removed' => 2);
     $database = \App::get('db');
     foreach ($queries as $key => $state) {
         $database->setQuery("SELECT COUNT(*) FROM `#__wishlist_item` WHERE wishlist=" . $database->quote($wishlist) . " AND status=" . $state);
         $this->{$key} = $database->loadResult();
     }
     // Get the view
     parent::display();
 }
Example #25
0
<?php

define('PUBLIC_ROOT', dirname(dirname(dirname($_SERVER['SCRIPT_FILENAME']))));
define('ROOT', dirname(PUBLIC_ROOT));
define('DS', DIRECTORY_SEPARATOR);
define('BASE_URL', dirname(dirname($_SERVER['SCRIPT_NAME'])));
define('DOMAIN', $_SERVER['HTTP_HOST']);
define('PROTOCOLE', isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' ? 'https' : 'http');
define('SYSTEM', ROOT . DS . 'system');
define('APP', ROOT . DS . 'app');
define('LANG', ROOT . DS . 'ressources' . DS . 'lang');
session_start();
require_once APP . '/model/PDOConnexion.php';
require_once APP . '/model/App.class.php';
require_once APP . '/model/Member.class.php';
require_once APP . '/model/Order.class.php';
header('Content-Type: application/json');
if (isset($_POST['delete']) && isset($_POST['id']) && App::isAdmin()) {
    Order::deleteOrder(htmlentities($_POST['id']));
    die(json_encode(array_merge($_POST, array('status' => 'true'))));
}
echo json_encode(array_merge($_POST, array('status' => 'unknown error')));
die;
Example #26
0
 /**
  * Save cached data
  *
  * @return  void
  */
 public function onAfterRender()
 {
     if (App::isAdmin() || Config::get('debug')) {
         return;
     }
     if (Notify::any()) {
         return;
     }
     if (User::isGuest()) {
         // We need to check again here, because auto-login plugins
         // have not been fired before the first aid check
         App::get('cache')->put($this->getId(), App::get('response')->getContent(), App::get('config')->get('lifetime', 45));
     }
 }
Example #27
0
 /**
  * Display the editor area.
  *
  * @param   string  $name    The control name.
  * @param   string  $html    The contents of the text area.
  * @param   string  $width   The width of the text area (px or %).
  * @param   string  $height  The height of the text area (px or %).
  * @param   int     $col     The number of columns for the textarea.
  * @param   int     $row     The number of rows for the textarea.
  * @param   boolean $buttons True and the editor buttons will be displayed.
  * @param   string  $id      An optional ID for the textarea (note: since 1.6). If not supplied the name is used.
  * @param   string  $asset
  * @param   object  $author
  * @param   array   $params  Associative array of editor parameters.
  * @return  string
  */
 public function onDisplay($name, $content, $width, $height, $col, $row, $buttons = true, $id = null, $asset = null, $author = null, $params = array())
 {
     // make sure we have an id too
     if (empty($id)) {
         $id = $name;
     }
     $col = $col ?: 35;
     $row = $row ?: 10;
     if (!isset($params['class'])) {
         $params['class'] = array();
     }
     if (!is_array($params['class'])) {
         //$params['class'] = array($params['class']);
         $cls = $params['class'];
         $params['class'] = array();
         foreach ($this->_split(' ', $cls) as $piece) {
             $params['class'][] = $piece;
         }
     }
     /*if ($cls = $this->params->get('class'))
     		{
     			foreach ($this->_split(' ', $cls) as $piece)
     			{
     				$params['class'][] = $piece;
     			}
     		}*/
     $params['class'][] = 'ckeditor-content';
     // Set default height to a rough approximation of the height
     // of the textarea (rows * 1.5em of 12px font)
     if (!isset($params['height'])) {
         $params['height'] = 18 * intval($row) . 'px';
     }
     // build config & json encode
     $config = json_encode($this->_buildConfig($params));
     // fix script and php protected source
     //$config = str_replace('"\\/<group:include([^\\/]*)\\/>\\/g"', '/<group:include([^/]*)/>/g', $config);
     $config = str_replace('"\\/<script[^>]*>(.|\\\\n)*<\\\\\\/script>\\/ig"', '/<script[^>]*>(.|\\n)*<\\/script>/ig', $config);
     $config = str_replace('"\\/<\\\\?[\\\\s\\\\S]*?\\\\?>\\/g"', '/<\\?[\\s\\S]*?\\?>/g', $config);
     $config = str_replace('"\\/<group:include([^>]*)\\\\\\/>\\/g"', '/<group:include([^>]*)\\/>/g', $config);
     $config = str_replace('"\\/{xhub:([^}]*)}\\/gi"', '/{xhub:([^}]*)}/gi', $config);
     // script to actually make ckeditor
     $script = '<script type="text/javascript">';
     $script .= 'if (typeof(jQuery) !== "undefined") {';
     $script .= 'jQuery(document).ready(function() { jQuery("#' . $id . '").ckeditor(function() {}, ' . $config . '); });';
     $script .= 'jQuery(document).on("ajaxLoad", function() { jQuery("#' . $id . '").ckeditor(function() {}, ' . $config . '); });';
     $script .= '}';
     $script .= '</script>';
     $params['class'] = implode(' ', $params['class']);
     $atts = array();
     foreach ($params as $key => $value) {
         if (is_array($value)) {
             $value = implode(';', $value);
         }
         $atts[] = $key . '="' . $value . '"';
     }
     // output html and script
     $editor = '<textarea name="' . $name . '" id="' . $id . '" ' . ($row ? 'rows="' . $row . '"' : '') . ' ' . ($col ? 'cols="' . $col . '"' : '') . ' ' . implode(' ', $atts) . '>' . $content . '</textarea>' . $script;
     if (App::isAdmin()) {
         $editor .= $this->_displayButtons($id, $buttons, $asset, $author);
     }
     return $editor;
 }
Example #28
0
 /**
  * Add unobtrusive javascript support for modal links.
  *
  * @param   string  $selector  The selector for which a modal behaviour is to be applied.
  * @param   array   $params    An array of parameters for the modal behaviour.
  *                             Options for the modal behaviour can be:
  *                            - ajaxOptions
  *                            - size
  *                            - shadow
  *                            - overlay
  *                            - onOpen
  *                            - onClose
  *                            - onUpdate
  *                            - onResize
  *                            - onShow
  *                            - onHide
  * @return  void
  */
 public static function modal($selector = 'a.modal', $params = array())
 {
     if (!isset(self::$loaded[__METHOD__])) {
         self::framework();
         Asset::script('assets/jquery.fancybox.js', true, true);
     }
     $sig = md5(serialize(array($selector, $params)));
     if (isset(self::$loaded[__METHOD__][$sig])) {
         return;
     }
     // Setup options object
     /*
     		$opt['ajaxOptions']		= (isset($params['ajaxOptions']) && (is_array($params['ajaxOptions']))) ? $params['ajaxOptions'] : null;
     		$opt['handler']			= (isset($params['handler'])) ? $params['handler'] : null;
     		$opt['fullScreen']		= (isset($params['fullScreen'])) ? (bool) $params['fullScreen'] : null;
     		$opt['parseSecure']		= (isset($params['parseSecure'])) ? (bool) $params['parseSecure'] : null;
     		$opt['closable']		= (isset($params['closable'])) ? (bool) $params['closable'] : null;
     		$opt['closeBtn']		= (isset($params['closeBtn'])) ? (bool) $params['closeBtn'] : null;
     		$opt['iframePreload']	= (isset($params['iframePreload'])) ? (bool) $params['iframePreload'] : null;
     		$opt['iframeOptions']	= (isset($params['iframeOptions']) && (is_array($params['iframeOptions']))) ? $params['iframeOptions'] : null;
     		$opt['size']			= (isset($params['size']) && (is_array($params['size']))) ? $params['size'] : null;
     		$opt['shadow']			= (isset($params['shadow'])) ? $params['shadow'] : null;
     		$opt['overlay']			= (isset($params['overlay'])) ? $params['overlay'] : null;
     		$opt['onOpen']			= (isset($params['onOpen'])) ? $params['onOpen'] : null;
     		$opt['onClose']			= (isset($params['onClose'])) ? $params['onClose'] : null;
     		$opt['onUpdate']		= (isset($params['onUpdate'])) ? $params['onUpdate'] : null;
     		$opt['onResize']		= (isset($params['onResize'])) ? $params['onResize'] : null;
     		$opt['onMove']			= (isset($params['onMove'])) ? $params['onMove'] : null;
     		$opt['onShow']			= (isset($params['onShow'])) ? $params['onShow'] : null;
     		$opt['onHide']			= (isset($params['onHide'])) ? $params['onHide'] : null;
     		);*/
     if (!empty($params) || \App::isAdmin()) {
         $opt = array('arrows' => false);
         $opt['ajax'] = isset($params['ajaxOptions']) && is_array($params['ajaxOptions']) ? $params['ajaxOptions'] : null;
         $opt['type'] = isset($params['handler']) ? $params['handler'] : 'iframe';
         $opt['modal'] = isset($params['closable']) ? (bool) $params['closable'] : null;
         $opt['closeBtn'] = isset($params['closeBtn']) ? (bool) $params['closeBtn'] : null;
         $opt['iframe'] = isset($params['iframeOptions']) && is_array($params['iframeOptions']) ? $params['iframeOptions'] : null;
         if (isset($params['size']) && is_array($params['size'])) {
             if (isset($params['size']['width'])) {
                 $opt['width'] = $params['size']['width'];
             }
             if (isset($params['size']['height'])) {
                 $opt['height'] = $params['size']['height'];
             }
             if (isset($params['size']['minWidth'])) {
                 $opt['minWidth'] = $params['size']['minWidth'];
             }
             if (isset($params['size']['maxWidth'])) {
                 $opt['maxWidth'] = $params['size']['maxWidth'];
             }
             if (isset($params['size']['minHeight'])) {
                 $opt['minHeight'] = $params['size']['minHeight'];
             }
             if (isset($params['size']['maxHeight'])) {
                 $opt['maxHeight'] = $params['size']['maxHeight'];
             }
         }
         $opt['beforeLoad'] = isset($params['onOpen']) ? $params['onOpen'] : '\\function(){ var atts = $(this.element).attr("data-rel"); if (atts) { atts = jQuery.parseJSON(atts); console.log(atts); }}';
         $opt['onCancel'] = isset($params['onClose']) ? $params['onClose'] : null;
         $opt['onUpdate'] = isset($params['onUpdate']) ? $params['onUpdate'] : null;
         $opt['onMove'] = isset($params['onMove']) ? $params['onMove'] : null;
         $opt['afterShow'] = isset($params['onShow']) ? $params['onShow'] : null;
         $opt['afterClose'] = isset($params['onHide']) ? $params['onHide'] : null;
         $opt['tpl'] = isset($params['tpl']) ? $params['tpl'] : null;
         $opt['autoSize'] = isset($params['autoSize']) ? $params['autoSize'] : false;
         $opt['fitToView'] = isset($params['fitToView']) ? $params['fitToView'] : true;
         $options = self::getJSObject($opt);
         App::get('document')->addScriptDeclaration('jQuery(document).ready(function($){
		$("' . $selector . '").fancybox(' . $options . ');
	});');
     }
     self::$loaded[__METHOD__][$sig] = true;
     return;
 }
Example #29
0
<div id="commentsList">
    <?php 
foreach ($data['comments'] as $comment) {
    $this->includeTemplate('commentBlock.php', $comment);
}
?>
</div>


<form id="addComment" role="form" method="post" action="<?php 
echo Url::to('/article/save-comment');
?>
">
    <h3>Написать коментарий</h3>

    <?php 
if (App::isAdmin()) {
    echo '<input type="hidden" value="1" name="author_id" required>';
}
?>

    <label>Текст</label>
    <textarea rows="5" name="text" required></textarea>

    <input type="hidden" name="article_id" value="<?php 
echo $data['article']->id;
?>
">
    <button type="submit" class="btn">Отправить</button>
</form>
Example #30
0
 /**
  * This method should handle any login logic and report back to the subject
  *
  * @param   array    $user     holds the user data
  * @param   array    $options  array holding options (remember, autoregister, group)
  * @return  boolean  True on success
  */
 public function onLoginUser($user, $options = array())
 {
     jimport('joomla.user.helper');
     $xuser = User::getRoot();
     // get user from session (might be tmp_user, can't fetch from db)
     if ($xuser->get('guest')) {
         // joomla user plugin hasn't run or something went very badly
         $plugins = Plugin::byType('user');
         $xuser_order = false;
         $joomla_order = false;
         $i = 0;
         foreach ($plugins as $plugin) {
             if ($plugin->name == 'xusers') {
                 $xuser_order = $i;
             }
             if ($plugin->name == 'joomla') {
                 $joomla_order = $i;
             }
             $i++;
         }
         if ($joomla_order === false) {
             return new Exception(Lang::txt('E_JOOMLA_USER_PLUGIN_MISCONFIGURED'), 500);
         }
         if ($xuser_order <= $joomla_order) {
             return new Exception(Lang::txt('E_HUBZERO_USER_PLUGIN_MISCONFIGURED'), 500);
         }
         return new Exception(Lang::txt('E_JOOMLA_USER_PLUGIN_FAILED'), 500);
     }
     // log login to auth log
     Log::auth($xuser->get('id') . ' [' . $xuser->get('username') . '] ' . $_SERVER['REMOTE_ADDR'] . ' login');
     // correct apache log data
     apache_note('auth', 'login');
     // Log attempt to the database
     Hubzero\User\User::oneOrFail($xuser->get('id'))->logger()->auth()->save(['username' => $xuser->get('username'), 'status' => 'success']);
     // update session tracking with new data
     $session = App::get('session');
     $session->set('tracker.user_id', $xuser->get('id'));
     $session->set('tracker.username', $xuser->get('username'));
     if ($session->get('tracker.sid') == '') {
         $session->set('tracker.sid', $session->getId());
     }
     $session->set('tracker.psid', $session->get('tracker.sid'));
     if ($session->get('tracker.rsid') == '') {
         $session->set('tracker.rsid', $session->getId());
     }
     if ($session->get('tracker.user_id') != $xuser->get('id') || $session->get('tracker.ssid') == '') {
         $session->set('tracker.ssid', $session->getId());
     }
     if (empty($user['type'])) {
         $session->clear('session.authenticator');
     } else {
         $session->set('session.authenticator', $user['type']);
     }
     if (isset($options['silent']) && $options['silent']) {
         $session->set('session.source', 'cookie');
     } else {
         $session->set('session.source', 'user');
     }
     // update tracking data with changes related to login
     jimport('joomla.utilities.utility');
     $hash = App::hash(App::get('client')->name . ':tracker');
     $key = \App::hash('');
     $crypt = new \Hubzero\Encryption\Encrypter(new \Hubzero\Encryption\Cipher\Simple(), new \Hubzero\Encryption\Key('simple', $key, $key));
     $tracker = array();
     $tracker['user_id'] = $session->get('tracker.user_id');
     $tracker['username'] = $session->get('tracker.username');
     $tracker['sid'] = $session->getId();
     $tracker['rsid'] = $session->get('tracker.rsid', $tracker['sid']);
     $tracker['ssid'] = $session->get('tracker.ssid', $tracker['sid']);
     $cookie = $crypt->encrypt(serialize($tracker));
     $lifetime = time() + 365 * 24 * 60 * 60;
     // Determine whether cookie should be 'secure' or not
     $secure = false;
     $forceSsl = \Config::get('force_ssl', false);
     if (\App::isAdmin() && $forceSsl >= 1) {
         $secure = true;
     } else {
         if (\App::isSite() && $forceSsl == 2) {
             $secure = true;
         }
     }
     setcookie($hash, $cookie, $lifetime, '/', '', $secure, true);
     /* Mark registration as incomplete so it gets checked on next page load */
     $username = $xuser->get('username');
     if (isset($user['auth_link']) && is_object($user['auth_link'])) {
         $hzal = $user['auth_link'];
     } else {
         $hzal = null;
     }
     if ($xuser->get('tmp_user')) {
         $email = $xuser->get('email');
         if ($username[0] == '-') {
             $username = trim($username, '-');
             if ($hzal) {
                 $xuser->set('username', 'guest;' . $username);
                 $xuser->set('email', $hzal->email);
             }
         }
     } else {
         if ($username[0] == '-') {
             $username = trim($username, '-');
             if ($hzal) {
                 $hzal->user_id = $xuser->get('id');
                 $hzal->update();
             }
         }
     }
     if ($hzal) {
         $xuser->set('auth_link_id', $hzal->id);
         $session->set('linkaccount', true);
     }
     $session->set('registration.incomplete', true);
     // Check if quota exists for the user
     $params = Component::params('com_members');
     if ($params->get('manage_quotas', false)) {
         require_once PATH_CORE . DS . 'components' . DS . 'com_members' . DS . 'tables' . DS . 'users_quotas.php';
         require_once PATH_CORE . DS . 'components' . DS . 'com_members' . DS . 'tables' . DS . 'quotas_classes.php';
         $quota = new \Components\Members\Tables\UsersQuotas($this->database);
         $quota->load(array('user_id' => $xuser->get('id')));
         if (!$quota->id) {
             $class = new \Components\Members\Tables\QuotasClasses($this->database);
             $class->load(array('alias' => 'default'));
             if ($class->id) {
                 $quota->set('user_id', $xuser->get('id'));
                 $quota->set('class_id', $class->id);
                 $quota->set('soft_blocks', $class->soft_blocks);
                 $quota->set('hard_blocks', $class->hard_blocks);
                 $quota->set('soft_files', $class->soft_files);
                 $quota->set('hard_files', $class->hard_files);
                 $quota->store();
             }
         } else {
             if ($quota->class_id) {
                 // Here, we're checking to make sure their class matches their actual quota values
                 $class = new \Components\Members\Tables\QuotasClasses($this->database);
                 $class->load($quota->class_id);
                 if ($quota->get('soft_blocks') != $class->get('soft_blocks') || $quota->get('hard_blocks') != $class->get('hard_blocks') || $quota->get('soft_files') != $class->get('soft_files') || $quota->get('hard_files') != $class->get('hard_files')) {
                     $quota->set('user_id', $xuser->get('id'));
                     $quota->set('class_id', $class->id);
                     $quota->set('soft_blocks', $class->soft_blocks);
                     $quota->set('hard_blocks', $class->hard_blocks);
                     $quota->set('soft_files', $class->soft_files);
                     $quota->set('hard_files', $class->hard_files);
                     $quota->store();
                 }
             }
         }
     }
     return true;
 }