function checkPermission($function)
{
$c = jomtube_configs::get_instance();
$user =& JFactory::getUser();
if ($user->gid < $c->{$function} && $c->{$function} != 29) {
// Redirect to login
$uri = JFactory::getURI();
$return = $uri->toString();
$url = 'index.php?option=com_user&view=login';
$url .= '&return=' . base64_encode($return);
$r = new JApplication();
$r->redirect($url, JText::_('You do not have permission to upload videos'));
return;
}
}
/**
* @param $row
* @param KunenaForumCategory $category
* @param KunenaForumTopic $topic
* @param $subject
*
* @return bool|string
*/
protected function replyTopic($row, KunenaForumCategory $category, KunenaForumTopic $topic, $subject)
{
$uri = JFactory::getURI();
if (JSession::checkToken() == false) {
$this->app->enqueueMessage(JText::_('COM_KUNENA_ERROR_TOKEN'), 'error');
return false;
}
/*if ($this->hasCaptcha() && !$this->verifyCaptcha()) {
return $this->showForm ( $row, $category, $topic, $subject );
}*/
// Create topic if it doesn't exist
if (!$topic->exists()) {
$topic = $this->createTopic($row, $category, $subject);
}
$params = array('name' => JRequest::getString('name', $this->user->getName(), 'POST'), 'email' => JRequest::getString('email', null, 'POST'), 'subject' => $subject, 'message' => JRequest::getString('message', null, 'POST'));
if ($this->hasCaptcha() && !$this->verifyCaptcha()) {
$this->app->redirect($uri->toString(), $result);
}
$message = $topic->newReply($params);
$success = $message->save();
if (!$success) {
$this->app->enqueueMessage($message->getError(), 'error');
return false;
}
$message->sendNotification();
if ($message->hold) {
$result = JText::_('PLG_KUNENADISCUSS_PENDING_MODERATOR_APPROVAL');
} else {
$result = JText::_('PLG_KUNENADISCUSS_MESSAGE_POSTED');
}
// Redirect
$app = JFactory::getApplication('site');
$app->redirect($uri->toString(), $result);
return '';
}
/**
* Register JSN Framework initialization.
*
* @return void
*/
public function onAfterInitialise()
{
// Initialize JSN Framework
require_once dirname(__FILE__) . '/libraries/loader.php';
require_once dirname(__FILE__) . '/jsnframework.defines.php';
// Get application object
self::$_app = JFactory::getApplication();
// Get requested component, view and task
$this->option = self::$_app->input->getCmd('option');
$this->view = self::$_app->input->getCmd('view');
$this->task = self::$_app->input->getCmd('task');
// Redirect to update page if necessary
if ($this->option == 'com_installer' and $this->view == 'update' and $this->task == 'update.update' and count($cid = (array) self::$_app->input->getVar('cid', array()))) {
// Check if extension to updated is JoomlaShine product
$db = JFactory::getDbo();
$q = $db->getQuery(true);
$q->select('element');
$q->from('#__updates');
$q->where('update_id = ' . (int) $cid[0]);
$db->setQuery($q);
$ext = $db->loadResult();
if (in_array($ext, JSNVersion::$products)) {
return self::$_app->redirect('index.php?option=' . $ext . '&view=update');
}
}
// Get active language
$lang = JFactory::getLanguage();
// Check if language file exists for active language
if (!file_exists(JPATH_ROOT . '/administrator/language/' . $lang->get('tag') . '/' . $lang->get('tag') . '.plg_system_jsnframework.ini')) {
// If requested component has the language file, install then load it
if (file_exists(JPATH_ROOT . '/administrator/components/' . $this->option . '/language/admin/' . $lang->get('tag') . '/' . $lang->get('tag') . '.plg_system_jsnframework.ini')) {
JSNLanguageHelper::install((array) $lang->get('tag'), false, true);
$lang->load('plg_system_jsnframework', JPATH_ADMINISTRATOR, null, true);
} else {
$lang->load('plg_system_jsnframework', JSN_PATH_FRAMEWORK, null, true);
}
} else {
$lang->load('plg_system_jsnframework', JPATH_ADMINISTRATOR, null, true);
}
// Disable notice and warning by default for our products.
// The reason for doing this is if any notice or warning appeared then handling JSON string will fail in our code.
if (function_exists('error_reporting') and in_array($this->option, JSNVersion::$products)) {
error_reporting(E_ALL & ~E_WARNING & ~E_NOTICE & ~E_STRICT);
}
// Set event handlers to detect and update dependency installation / removal
self::$_app->registerEvent('onExtensionAfterInstall', 'jsnExtFrameworkUpdateDependencyAfterInstallExtension');
self::$_app->registerEvent('onExtensionBeforeUninstall', 'jsnExtFrameworkUpdateDependencyBeforeUninstallExtension');
// Do update checking for Joomla! 3.1
if (self::$_app->isAdmin() and JSNVersion::isJoomlaCompatible('3.1') and in_array($this->option, JSNVersion::$products) and $this->task == 'checkUpdate') {
$content = $this->checkUpdate();
// Set header for XML content
header('Content-Type: application/xml');
// Send XML content to client
echo $content;
// Exit immediately to prevent Joomla! to process further
exit;
}
}
/**
* Event handler to re-parse request URI.
*
* @return void
*/
public function onAfterRoute()
{
// Get installed Joomla version
$JVersion = new JVersion();
$JVersion = $JVersion->getShortVersion();
$option = trim((string) $this->option);
if (self::$_app->isAdmin() && version_compare($JVersion, '3.0', '>=') && in_array($option, JSNVersion::$products)) {
$manifestFile = JPATH_ADMINISTRATOR . '/components/' . $option . '/' . str_replace('com_', '', $option) . '.xml';
if (file_exists($manifestFile)) {
$xml = JSNUtilsXml::load($manifestFile);
$attr = $xml->attributes();
if (count($attr)) {
if (isset($attr['version']) && (string) $attr['version'] != '') {
$version = (string) $attr['version'];
if ($option == 'com_imageshow') {
$version = str_replace('.x', '.0', $version);
}
if (version_compare($version, '3.0', '<')) {
// Check if all JSN Extensions are compatible with Joomla 3.x, if not, redirect to index.php and show a warning message
self::$_app->enqueueMessage(JText::sprintf('You are running a Joomla 2.5 version of %1$s on Joomla 3.x. Please download %1$s for Joomla 3.x and reinstall via Joomla! Installer to fix the problem.', 'JSN ' . ucfirst(str_replace('com_', '', $option))), 'warning');
self::$_app->redirect('index.php');
return false;
}
}
}
}
}
// Make sure our onAfterRender event handler is the last one executed
self::$_app->registerEvent('onAfterRender', 'jsnExtFrameworkFinalize');
}
/**
* Redirects immedately (no return)
*
* @param string $url URL to redirect later
* @param string $message HTML message to display
* @param string $messageType Message type ('message' or 'error')
*/
function redirect($url = null, $message = null, $messageType = null)
{
if ($url) {
$this->_redirectUrl = $url;
}
if ($message !== null) {
$this->_redirectMessage = $message;
}
if ($messageType !== null) {
$this->_redirectMessageType = $messageType;
}
$this->enqueueMessage($this->_redirectMessage, $this->_redirectMessageType);
$this->_baseFramework->redirect($this->_redirectUrl);
}
/**
* Redirect to another URL.
*
* Optionally enqueues a message in the system message queue (which will be displayed
* the next time a page is loaded) using the enqueueMessage method. If the headers have
* not been sent the redirect will be accomplished using a "301 Moved Permanently"
* code in the header pointing to the new location. If the headers have already been
* sent this will be accomplished using a JavaScript statement.
*
* @param string The URL to redirect to. Can only be http/https URL
* @param string An optional message to display on redirect.
* @param string An optional message type.
* @param boolean True if the page is 301 Permanently Moved, otherwise 303 See Other is assumed.
* @param boolean True if the enqueued messages are passed to the redirection, false else.
* @return none; calls exit().
* @since 1.5
* @see JApplication::enqueueMessage()
*/
public function redirect($url, $msg = '', $msgType = 'message', $moved = false, $persistMsg = true)
{
if (!$persistMsg) {
$this->_messageQueue = array();
}
parent::redirect($url, $msg, $msgType, $moved);
}
function display($tpl = null)
{
global $mainframe;
//Load pane behavior
jimport('joomla.html.pane');
//initialise variables
$editor =& JFactory::getEditor();
$document =& JFactory::getDocument();
$user =& JFactory::getUser();
$pane =& JPane::getInstance('sliders');
$c = jomtube_configs::get_instance();
$this->assignRef('c', $c);
//get vars
$cid = JRequest::getVar('cid');
//create the toolbar
if ($cid) {
JToolBarHelper::title(JText::_('EDIT VIDEO'), 'jomtube-videos');
} else {
JToolBarHelper::title(JText::_('ADD VIDEO'), 'jomtube-videos');
}
JToolBarHelper::apply();
JToolBarHelper::spacer();
JToolBarHelper::save();
JToolBarHelper::spacer();
JToolBarHelper::cancel();
//Get data from the model
$model =& $this->getModel();
$row =& $this->get('Data');
if ($row->id != 0 && $row->video_type != 'local' && $row->video_type != null) {
$r = new JApplication();
$r->redirect('index.php?option=com_jomtube&controller=videos&task=applylink&cid=' . $row->id);
$ispublished = JHTML::_('select.genericlist', $yesno, 'published', '', 'value', 'text', $row->published == '' ? 1 : $row->published);
$isdownloadable = JHTML::_('select.genericlist', $yesno, 'downloadable', '', 'value', 'text', $row->downloadable == '' ? 1 : $row->downloadable);
$isfeatured = JHTML::_('select.genericlist', $yesno, 'featured', '', 'value', 'text', $row->featured);
}
$yesno[] = JHTML::_('select.option', 0, 'No');
$yesno[] = JHTML::_('select.option', 1, 'Yes');
//get video list in local directory
if (JRequest::getVar('category_id', '') != '') {
$row->directory =& $this->get('CatDirectory');
$selectedCat = JRequest::getVar('category_id', '');
} else {
$selectedCat = $row->id ? $row->category_id : '';
}
$currentdir = JPATH_SITE . (@$row->directory == '' ? '/jomtubefiles' : $row->directory);
$dir = @opendir($currentdir);
$videos = array();
while ($file = @readdir($dir)) {
if ($file != "." and $file != "..") {
$vidfile = $file;
$thumbdir = "_thumbs";
$displaydir = "_display";
if ($vidfile != $thumbdir || $vidfile != $displaydir) {
if (!is_dir($vidfile)) {
$ext = JTHelper::getFileExt($vidfile);
if (!$c->use_ffmpeg && $ext != 'flv') {
continue;
}
$list_file[] = $vidfile;
//JHTML::_('select.option', $vidfile);
}
}
}
//if
}
@closedir($dir);
@sort($list_file);
if (is_array($list_file)) {
foreach ($list_file as $file) {
$videos[] = JHTML::_('select.option', $file);
}
}
$videolist = JHTML::_('select.genericlist', $videos, 'video_url', 'id="localvideolist" class="inputbox" style="width:326px;font-size:10px;" size="7" onchange="selectthisvideo()"', 'value', 'text', $row->id ? $row->video_url : '');
$this->assignRef('category_dir', $currentdir);
$thumbdir = "_thumbs";
$current_dir = $currentdir . "/" . $thumbdir;
$dir = @opendir($current_dir);
$thumbs = array();
$thumb_file = array();
while ($file = @readdir($dir)) {
if ($file != "." and $file != "..") {
$thumbfile = $file;
$thumb_file[] = $thumbfile;
}
}
@closedir($dir);
if (is_array($thumb_file)) {
sort($thumb_file);
foreach ($thumb_file as $file) {
$thumbs[] = JHTML::_('select.option', $thumbfile, $file);
}
}
//******************************************
$thumblist = JHTML::_('select.genericlist', $thumbs, 'video_thumb', 'id="localthumblist" class="inputbox" style="width:326px; font-size:10px;" size="7" onchange="selectthisthumb()"', 'value', 'text', $row->id ? $row->video_thumb : '');
//get parent option
$categories =& $this->get('ParentOption');
$parentOptions[] = JHTML::_('select.option', '', '-Select Parent-');
foreach ($categories as $category) {
$category_name = str_repeat(' ', 4 * substr_count($category->family_id, "/")) . "+" . $category->category_name;
$parentOptions[] = JHTML::_('select.option', $category->id, $category_name);
}
$parentSelect = JHTML::_('select.genericlist', $parentOptions, 'category_id', 'id="catid" class="inputbox" size="1" onchange="selectCategory()"', 'value', 'text', $selectedCat);
//clean data
JFilterOutput::objectHTMLSafe($row, ENT_QUOTES, 'catdescription');
//assign data to template
$this->assignRef('row', $row);
$this->assignRef('editor', $editor);
$this->assignRef('parentSelect', $parentSelect);
$this->assignRef('pane', $pane);
$this->assignRef('ispublished', $ispublished);
$this->assignRef('isdownloadable', $isdownloadable);
$this->assignRef('isfeatured', $isfeatured);
$this->assignRef('localvideolist', $videolist);
$this->assignRef('localthumblist', $thumblist);
//assign data to template
$this->assignRef('lists', $lists);
$this->assignRef('my', $my =& JFactory::getUser());
parent::display($tpl);
}
/**
* Redirect to another URL.
*
* We need to make sure that all the redirect URL's are routed.
*
* @see JApplication::redirect()
*/
function redirect($url, $msg = '', $msgType = 'message', $moved = false)
{
parent::redirect(JRoute::_($url, false), $msg, $msgType, $moved);
}
function display($tpl = null)
{
$params =& JComponentHelper::getParams('com_simpledownload');
$base_download_path = $params->get('basedownloadpath', '');
$cipherenabled = $params->get('cipherenabled');
$log_downloads = $params->get('log_downloads') == '1';
$cipherfile = $params->get('cipherfile');
$decipherfunction = $params->get('decipherfunction');
$encryptedPath = JRequest::getVar('fileid');
$decryptedPath = '';
if ($base_download_path == '') {
JApplication::redirect(JRoute::_('index.php?option=com_simpledownload&view=error&err=' . 412));
return;
}
if ($cipherenabled == "1") {
// text should be encrypted and needs to be decrypted
if (!($cipherfile != "" && file_exists($cipherfile) && $decipherfunction != "")) {
JApplication::redirect(JRoute::_('index.php?option=com_simpledownload&view=error&err=' . 412));
return;
} else {
include_once $cipherfile;
$decryptedPath = $decipherfunction($encryptedPath);
}
} else {
// encryption is disabled, so encryptedPath should really already be decrypted.
$decryptedPath = $encryptedPath;
}
$patterns[0] = '/[^[:print:]]+/';
// remove non-printable characters
$patterns[1] = '/[ \\t]+$/';
// remove whitespace at end of string
$patterns[2] = '/^[ \\t]+/';
// remove whitespace at beginning of string
$patterns[4] = '/^[\\\\|\\/]+/';
// remove leading slash if one exists
$patterns[5] = '/^[\\.\\.\\/|\\.\\.\\\\]+/';
// remove all ../ and all ..\ if any exist
// from the beginning of the string.
$cleanedPathOld = "";
$cleanedPath = "";
do {
$cleanedPathOld = $cleanedPath;
$cleanedPath = preg_replace($patterns, array(), $decryptedPath);
} while (strcasecmp($cleanedPathOld, $cleanedPath));
// be sure all permutations of bad items are removed.
if (!preg_match('%^' . preg_quote($base_download_path) . '%', $cleanedPath)) {
$cleanedPath = $base_download_path . DS . $cleanedPath;
// add base path if it doesn't already exist in the file path.
}
if (!preg_match('%^([\\d\\w\\-.\\\\ /&!]+)$%', $decryptedPath)) {
// minimal attempt to prevent
// invalid characters in file path
JApplication::redirect(JRoute::_('index.php?option=com_simpledownload&view=error&err=' . 404));
}
$row =& JTable::getInstance('simpledownloadhits');
if ($log_downloads) {
$a_user =& JFactory::getUser();
$row->fileid = JRequest::getVar('fileid');
$row->referrer = JRequest::getVar('HTTP_REFERER', '', 'SERVER');
$row->userid = $a_user->id;
$row->name = $a_user->name;
$row->username = $a_user->username;
$row->filepath = $cleanedPath;
$row->ip = JRequest::getVar('REMOTE_ADDR', '0.0.0.0', 'SERVER');
$row->hit_date = date('Y-m-d H:i:s');
$row->downloadstatus = 'ATT';
if (!$row->store()) {
return JError::raiseWarning(500, $row->getError());
}
}
include_once JPATH_COMPONENT . DS . 'helpers' . DS . 'download.php';
$return = download_file($cleanedPath);
if ($return != 0) {
// an error occurred while downloading
switch ($return) {
case 404:
// file not found
if ($log_downloads) {
$row->downloadstatus = 'FNF';
if (!$row->store()) {
return JError::raiseWarning(500, $row->getError());
}
}
JApplication::redirect(JRoute::_('index.php?option=com_simpledownload&view=error&err=' . 404));
break;
default:
if ($log_downloads) {
$row->downloadstatus = 'CE';
if (!$row->store()) {
return JError::raiseWarning(500, $row->getError());
}
}
JApplication::redirect(JRoute::_('index.php?option=com_simpledownload&view=error&err=' . 500));
break;
}
} else {
// successful download. This section doesn't get hit after readfile_chunked was introduced.
if ($log_downloads) {
$row->downloadstatus = 'DL';
if (!$row->store()) {
return JError::raiseWarning(500, $row->getError());
}
}
}
}
function setVariables()
{
$model = $this->getModel();
switch (true) {
// in case a record is viewed initialize the fields
case $this->_task == 'view':
if ($this->_id > 0 && $model->checkAccessToMessage($this->_id)) {
$this->setRowData($this->_id);
// modify the status of the message accordingly
$model->changeStatusToRead($this->_id);
} else {
$url = 'index.php?option=com_aicontactsafe&sTask=messages';
if ($this->_sef == 1 && $this->_backend == 0) {
$url = JRoute::_($url, false);
}
$url = str_replace('&', '&', $url);
// redirect to the window with all the messages
$app = JFactory::getApplication();
$app->redirect($url);
}
$this->profile = $model->getProfileName($this->profile_id);
break;
// in case a reply is sent
// in case a reply is sent
case $this->_task == 'reply':
if ($this->_id > 0 && $model->checkAccessToMessage($this->_id)) {
$this->setRowData($this->_id);
$this->reply_email_address = $this->email;
$this->reply_subject = JText::_('COM_AICONTACTSAFE_RE') . $this->subject;
$this->reply_message = $this->message;
$this->reply_message = str_replace('<tr>', '>> ' . '<tr>', $this->reply_message);
$this->reply_message = str_replace('</tr>', ' ' . "\n" . '</tr>', $this->reply_message);
$this->reply_message = "\n\n\n\n" . strip_tags($this->reply_message);
} else {
$url = 'index.php?option=com_aicontactsafe&sTask=messages';
if ($this->_sef == 1 && $this->_backend == 0) {
$url = JRoute::_($url, false);
}
$url = str_replace('&', '&', $url);
// redirect to the window with all the messages
JApplication::redirect($url);
}
break;
// in case the messages are exported
// in case the messages are exported
case $this->_task == 'export':
$this->format = JRequest::getCmd('format', '');
if ($this->format == 'raw') {
$this->_config_values['activate_help'] = false;
}
$this->csv_text = $model->generateCSV();
break;
// in case selected records are deleted
// in case selected records are deleted
case $this->_task == 'delete_selected':
// read the ids of the records seleted for deletion
$cid = JRequest::getVar('cid', array(), 'post', 'array');
JArrayHelper::toInteger($cid);
if (count($cid) > 0) {
$cids = implode(',', $cid);
} else {
$cids = '-1';
}
$this->cids = $cids;
break;
// in case one or more records are deleted
// in case one or more records are deleted
case $this->_task == 'delete':
$this->rows = $model->readDeleteRows();
break;
// in case one or more records are deleted
// in case one or more records are deleted
case $this->_task == 'ban_ip':
$this->rows = $model->readSelectedIps();
break;
// or else initialize the variables to show a list of records
// or else initialize the variables to show a list of records
case $this->_task == 'display' && strlen($this->_sTask) > 0:
$this->filter_order = $model->filter_order;
$this->filter_order_Dir = $model->filter_order_Dir;
$this->limit = $model->limit;
$this->limitstart = $model->limitstart;
$this->filter_condition = $model->filter_condition;
$this->filter_string = $model->filter_string;
$this->filter_profile = $this->selectProfile($model->filter_profile, 'filter_profile', 2, 0, 'class="inputbox" size="1" onchange="document.adminForm.submit();"');
$this->filter_status = $this->selectStatus($model->filter_status, 'filter_status', 2, 0, 'class="inputbox" size="1" onchange="document.adminForm.submit();"');
$this->filter_email = $model->filter_email;
$this->filter_subject = $model->filter_subject;
$this->rows = $model->readRows();
$this->pageNav = $model->pageNav;
break;
default:
// - nothing
}
}
