function users() { $itemID = JRequest::getInt('itemID'); JTable::addIncludePath(JPATH_COMPONENT_ADMINISTRATOR . DS . 'tables'); $item = JTable::getInstance('K2Item', 'Table'); $item->load($itemID); if (!K2HelperPermissions::canAddItem() && !K2HelperPermissions::canEditItem($item->created_by, $item->catid)) { JError::raiseError(403, JText::_('K2_ALERTNOTAUTH')); } $K2Permissions = K2Permissions::getInstance(); if (!$K2Permissions->permissions->get('editAll')) { JError::raiseError(403, JText::_('K2_ALERTNOTAUTH')); } JRequest::setVar('tmpl', 'component'); $mainframe = JFactory::getApplication(); $params = JComponentHelper::getParams('com_k2'); $language = JFactory::getLanguage(); $language->load('com_k2', JPATH_ADMINISTRATOR); $document = JFactory::getDocument(); if (version_compare(JVERSION, '1.6.0', 'ge')) { JHtml::_('behavior.framework'); } else { JHTML::_('behavior.mootools'); } // CSS $document->addStyleSheet(JURI::root(true) . '/media/k2/assets/css/k2.css?v=2.6.8'); // JS K2HelperHTML::loadjQuery(true); $document->addScript(JURI::root(true) . '/media/k2/assets/js/k2.js?v=2.6.8&sitepath=' . JURI::root(true) . '/'); $this->addViewPath(JPATH_COMPONENT_ADMINISTRATOR . DS . 'views'); $this->addModelPath(JPATH_COMPONENT_ADMINISTRATOR . DS . 'models'); $view = $this->getView('users', 'html'); $view->addTemplatePath(JPATH_COMPONENT_ADMINISTRATOR . DS . 'views' . DS . 'users' . DS . 'tmpl'); $view->setLayout('element'); $view->display(); }
public function save($item, $front = false) { jimport('joomla.filesystem.file'); jimport('joomla.filesystem.folder'); jimport('joomla.filesystem.archive'); require_once (JPATH_ADMINISTRATOR.'/components/com_k2/lib/class.upload.php'); $db = JFactory::getDBO(); $user = JFactory::getUser(); $row = JTable::getInstance('K2Item', 'Table'); $params = JComponentHelper::getParams('com_k2'); $nullDate = $db->getNullDate(); if (!$row->bind($item)) { $this->setError($row->getError()); return false; } $row->catid = (int)$row->catid; if ($front && $row->id == NULL) { JLoader::register('K2HelperPermissions', JPATH_SITE.DS.'components'.DS.'com_k2'.DS.'helpers'.DS.'permissions.php'); if (!K2HelperPermissions::canAddItem($row->catid)) { $this->setError(JText::_('K2_YOU_ARE_NOT_ALLOWED_TO_POST_TO_THIS_CATEGORY_SAVE_FAILED')); return false; } } ($row->id) ? $isNew = false : $isNew = true; if ($params->get('xssFiltering')) { $filter = new JFilterInput( array(), array(), 1, 1, 0); $item['articletext'] = $filter->clean($item['articletext']); } $pattern = '#<hr\s+id=("|\')system-readmore("|\')\s*\/*>#i'; $tagPos = preg_match($pattern, $item['articletext']); if ($tagPos == 0) { $row->introtext = $item['articletext']; $row->fulltext = ''; } else { list($row->introtext, $row->fulltext) = preg_split($pattern, $item['articletext'], 2); } if ($row->id) { $datenow = JFactory::getDate(); $row->modified = $datenow->toSql(); $row->modified_by = $user->get('id'); } else { $row->ordering = $row->getNextOrder("catid = {$row->catid} AND trash = 0"); if ($row->featured) $row->featured_ordering = $row->getNextOrder("featured = 1 AND trash = 0", 'featured_ordering'); } $row->created_by = $row->created_by ? $row->created_by : $user->get('id'); if ($front) { $K2Permissions = K2Permissions::getInstance(); if (!$K2Permissions->permissions->get('editAll')) { $row->created_by = $user->get('id'); } } if ($row->created && strlen(trim($row->created)) <= 10) { $row->created .= ' 00:00:00'; } $config = JFactory::getConfig(); $tzoffset = $config->get('config.offset'); $date = JFactory::getDate($row->created, $tzoffset); $row->created = $date->toSql(); if (strlen(trim($row->publish_up)) <= 10) { $row->publish_up .= ' 00:00:00'; } $date = JFactory::getDate($row->publish_up, $tzoffset); $row->publish_up = $date->toSql(); if (trim($row->publish_down) == JText::_('K2_NEVER') || trim($row->publish_down) == '') { $row->publish_down = $nullDate; } else { if (strlen(trim($row->publish_down)) <= 10) { $row->publish_down .= ' 00:00:00'; } $date = JFactory::getDate($row->publish_down, $tzoffset); $row->publish_down = $date->toSql(); } if (!$row->check()) { $this->setError($row->getError()); return false; } $dispatcher = JDispatcher::getInstance(); JPluginHelper::importPlugin('k2'); $result = $dispatcher->trigger('onBeforeK2Save', array(&$row, $isNew)); if (in_array(false, $result, true)) { $this->setError($row->getError()); return false; } //Trigger the finder before save event $dispatcher = JDispatcher::getInstance(); JPluginHelper::importPlugin('finder'); $results = $dispatcher->trigger('onFinderBeforeSave', array('com_k2.item', $row, $isNew)); if (!$row->store()) { $this->setError($row->getError()); return false; } if (!$params->get('disableCompactOrdering')) { $row->reorder("catid = {$row->catid} AND trash = 0"); } if ($row->featured && !$params->get('disableCompactOrdering')) { $row->reorder("featured = 1 AND trash = 0", 'featured_ordering'); } // Image copy $src = md5("Image".$item['ref_id']); $target = md5("Image".$row->id); $sizes = array('XL', 'L', 'M', 'S', 'XS'); $savepath = JPATH_SITE.DS.'media'.DS.'k2'.DS.'items'.DS.'cache'; foreach($sizes as $size) { if(JFile::exists($savepath.DS.$src.'_'.$size.'.jpg') && !JFile::exists($savepath.DS.$target.'_'.$size.'.jpg')) { JFile::copy($savepath.DS.$src.'_'.$size.'.jpg', $savepath.DS.$target.'_'.$size.'.jpg'); } } //Extra fields $objects = array(); $variables = JRequest::get('post', 4); foreach ($variables as $key => $value) { if (( bool )JString::stristr($key, 'K2ExtraField_')) { $object = new JObject; $object->set('id', JString::substr($key, 13)); $object->set('value', $value); unset($object->_errors); $objects[] = $object; } } $csvFiles = JRequest::get('files'); foreach ($csvFiles as $key => $file) { if (( bool )JString::stristr($key, 'K2ExtraField_')) { $object = new JObject; $object->set('id', JString::substr($key, 13)); $csvFile = $file['tmp_name'][0]; if (!empty($csvFile) && JFile::getExt($file['name'][0]) == 'csv') { $handle = @fopen($csvFile, 'r'); $csvData = array(); while (($data = fgetcsv($handle, 1000)) !== FALSE) { $csvData[] = $data; } fclose($handle); $object->set('value', $csvData); } else { require_once (JPATH_ADMINISTRATOR.DS.'components'.DS.'com_k2'.DS.'lib'.DS.'JSON.php'); $json = new Services_JSON; $object->set('value', $json->decode(JRequest::getVar('K2CSV_'.$object->id))); if (JRequest::getBool('K2ResetCSV_'.$object->id)) $object->set('value', null); } unset($object->_errors); $objects[] = $object; } } require_once (JPATH_ADMINISTRATOR.DS.'components'.DS.'com_k2'.DS.'lib'.DS.'JSON.php'); $json = new Services_JSON; $row->extra_fields = $json->encode($objects); $row->extra_fields_search = ''; foreach ($objects as $object) { $row->extra_fields_search .= $this->getSearchValue($object->id, $object->value); $row->extra_fields_search .= ' '; } $query = "DELETE FROM #__k2_tags_xref WHERE itemID={intval($row->id)}"; $db->setQuery($query); $db->query(); $tags = JRequest::getVar('tags', NULL, 'POST', 'array'); if (count($tags)) { $tags = array_unique($tags); foreach ($tags as $tag) { $tag = JString::str_ireplace('-', '', $tag); $query = "SELECT id FROM #__k2_tags WHERE name=".$db->Quote($tag); $db->setQuery($query); $tagID = $db->loadResult(); if ($tagID) { $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval($tagID)}, {intval($row->id)})"; $db->setQuery($query); $db->query(); } else { $K2Tag = JTable::getInstance('K2Tag', 'Table'); $K2Tag->name = $tag; $K2Tag->published = 1; $K2Tag->check(); $K2Tag->store(); $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval($K2Tag->id)}, {intval($row->id)})"; $db->setQuery($query); $db->query(); } } } $files = JRequest::get('files'); //Image if ((int)$params->get('imageMemoryLimit')) { ini_set('memory_limit', (int)$params->get('imageMemoryLimit').'M'); } if ($front) { if (!K2HelperPermissions::canPublishItem($row->catid) && $row->published) { $row->published = 0; $this->setError(JText::_('K2_YOU_DONT_HAVE_THE_PERMISSION_TO_PUBLISH_ITEMS')); } } $query = "UPDATE #__k2_items SET video_caption = ".$db->Quote($row->video_caption).", video_credits = ".$db->Quote($row->video_credits).", "; if (!is_null($row->video)) { $query .= " video = ".$db->Quote($row->video).", "; } if (!is_null($row->gallery)) { $query .= " gallery = ".$db->Quote($row->gallery).", "; } $query .= " extra_fields = ".$db->Quote($row->extra_fields).", extra_fields_search = ".$db->Quote($row->extra_fields_search)." , published = ".$db->Quote($row->published)." WHERE id = ".$row->id; $db->setQuery($query); if (!$db->query()) { $this->setError($db->getErrorMsg()); return false; } $row->checkin(); $cache = JFactory::getCache('com_k2'); $cache->clean(); //$dispatcher->trigger('onAfterK2Save', array(&$row, $isNew)); $dispatcher->trigger('onContentAfterSave', array(&$row, $isNew)); //Trigger the finder after save event $dispatcher = JDispatcher::getInstance(); JPluginHelper::importPlugin('finder'); $results = $dispatcher->trigger('onFinderAfterSave', array('com_k2.item', $row, $isNew)); return $row->id; }
function save($front = false) { $mainframe = JFactory::getApplication(); jimport('joomla.filesystem.file'); jimport('joomla.filesystem.folder'); jimport('joomla.filesystem.archive'); require_once JPATH_COMPONENT_ADMINISTRATOR . DS . 'lib' . DS . 'class.upload.php'; $db = JFactory::getDBO(); $user = JFactory::getUser(); $row = JTable::getInstance('K2Item', 'Table'); $params = JComponentHelper::getParams('com_k2'); $nullDate = $db->getNullDate(); if (!$row->bind(JRequest::get('post'))) { $mainframe->enqueueMessage($row->getError(), 'error'); $mainframe->redirect('index.php?option=com_k2&view=items'); } if ($front && $row->id == NULL) { JLoader::register('K2HelperPermissions', JPATH_SITE . DS . 'components' . DS . 'com_k2' . DS . 'helpers' . DS . 'permissions.php'); if (!K2HelperPermissions::canAddItem($row->catid)) { $mainframe->enqueueMessage(JText::_('K2_YOU_ARE_NOT_ALLOWED_TO_POST_TO_THIS_CATEGORY_SAVE_FAILED'), 'error'); $mainframe->redirect('index.php?option=com_k2&view=item&task=add&tmpl=component'); } } $isNew = $row->id ? false : true; // If we are in front-end and the item is not new we need to get it's current published state. if (!$isNew && $front) { $id = JRequest::getInt('id'); $currentRow = JTable::getInstance('K2Item', 'Table'); $currentRow->load($id); $isAlreadyPublished = $currentRow->published; $currentFeaturedState = $currentRow->featured; } if ($params->get('mergeEditors')) { $text = JRequest::getVar('text', '', 'post', 'string', 2); if ($params->get('xssFiltering')) { $filter = new JFilterInput(array(), array(), 1, 1, 0); $text = $filter->clean($text); } $pattern = '#<hr\\s+id=("|\')system-readmore("|\')\\s*\\/*>#i'; $tagPos = preg_match($pattern, $text); if ($tagPos == 0) { $row->introtext = $text; $row->fulltext = ''; } else { list($row->introtext, $row->fulltext) = preg_split($pattern, $text, 2); } } else { $row->introtext = JRequest::getVar('introtext', '', 'post', 'string', 2); $row->fulltext = JRequest::getVar('fulltext', '', 'post', 'string', 2); if ($params->get('xssFiltering')) { $filter = new JFilterInput(array(), array(), 1, 1, 0); $row->introtext = $filter->clean($row->introtext); $row->fulltext = $filter->clean($row->fulltext); } } if ($row->id) { $datenow = JFactory::getDate(); $row->modified = K2_JVERSION == '15' ? $datenow->toMySQL() : $datenow->toSql(); $row->modified_by = $user->get('id'); } else { $row->ordering = $row->getNextOrder("catid = {$row->catid} AND trash = 0"); if ($row->featured) { $row->featured_ordering = $row->getNextOrder("featured = 1 AND trash = 0", 'featured_ordering'); } } $row->created_by = $row->created_by ? $row->created_by : $user->get('id'); if ($front) { $K2Permissions = K2Permissions::getInstance(); if (!$K2Permissions->permissions->get('editAll')) { $row->created_by = $user->get('id'); } } if ($row->created && strlen(trim($row->created)) <= 10) { $row->created .= ' 00:00:00'; } $config = JFactory::getConfig(); $tzoffset = K2_JVERSION == '30' ? $config->get('offset') : $config->getValue('config.offset'); $date = JFactory::getDate($row->created, $tzoffset); $row->created = K2_JVERSION == '15' ? $date->toMySQL() : $date->toSql(); if (strlen(trim($row->publish_up)) <= 10) { $row->publish_up .= ' 00:00:00'; } $date = JFactory::getDate($row->publish_up, $tzoffset); $row->publish_up = K2_JVERSION == '15' ? $date->toMySQL() : $date->toSql(); if (trim($row->publish_down) == JText::_('K2_NEVER') || trim($row->publish_down) == '') { $row->publish_down = $nullDate; } else { if (strlen(trim($row->publish_down)) <= 10) { $row->publish_down .= ' 00:00:00'; } $date = JFactory::getDate($row->publish_down, $tzoffset); $row->publish_down = K2_JVERSION == '15' ? $date->toMySQL() : $date->toSql(); } $metadata = JRequest::getVar('meta', null, 'post', 'array'); if (is_array($metadata)) { $txt = array(); foreach ($metadata as $k => $v) { if ($k == 'description') { $row->metadesc = $v; } elseif ($k == 'keywords') { $row->metakey = $v; } else { $txt[] = "{$k}={$v}"; } } $row->metadata = implode("\n", $txt); } if (!$row->check()) { $mainframe->enqueueMessage($row->getError(), 'error'); $mainframe->redirect('index.php?option=com_k2&view=item&cid=' . $row->id); } $dispatcher = JDispatcher::getInstance(); JPluginHelper::importPlugin('k2'); $result = $dispatcher->trigger('onBeforeK2Save', array(&$row, $isNew)); if (in_array(false, $result, true)) { JError::raiseError(500, $row->getError()); return false; } //Trigger the finder before save event $dispatcher = JDispatcher::getInstance(); JPluginHelper::importPlugin('finder'); $results = $dispatcher->trigger('onFinderBeforeSave', array('com_k2.item', $row, $isNew)); // Try to save the video if there is no need to wait for item ID if (!JRequest::getBool('del_video')) { if (!isset($files['video'])) { if (JRequest::getVar('remoteVideo')) { $fileurl = JRequest::getVar('remoteVideo'); $filetype = JFile::getExt($fileurl); $row->video = '{' . $filetype . 'remote}' . $fileurl . '{/' . $filetype . 'remote}'; } if (JRequest::getVar('videoID')) { $provider = JRequest::getWord('videoProvider'); $videoID = JRequest::getVar('videoID'); $row->video = '{' . $provider . '}' . $videoID . '{/' . $provider . '}'; } if (JRequest::getVar('embedVideo', '', 'post', 'string', JREQUEST_ALLOWRAW)) { $row->video = JRequest::getVar('embedVideo', '', 'post', 'string', JREQUEST_ALLOWRAW); } } } // JoomFish! Front-end editing compatibility if ($mainframe->isSite() && JFile::exists(JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_joomfish' . DS . 'joomfish.php')) { if (version_compare(phpversion(), '5.0') < 0) { $tmpRow = $row; } else { $tmpRow = clone $row; } } if (!$row->store()) { $mainframe->enqueueMessage($row->getError(), 'error'); $mainframe->redirect('index.php?option=com_k2&view=items'); } // JoomFish! Front-end editing compatibility if ($mainframe->isSite() && JFile::exists(JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_joomfish' . DS . 'joomfish.php')) { $itemID = $row->id; $row = $tmpRow; $row->id = $itemID; } if (!$params->get('disableCompactOrdering')) { $row->reorder("catid = {$row->catid} AND trash = 0"); } if ($row->featured && !$params->get('disableCompactOrdering')) { $row->reorder("featured = 1 AND trash = 0", 'featured_ordering'); } $files = JRequest::get('files'); //Image if ((int) $params->get('imageMemoryLimit')) { ini_set('memory_limit', (int) $params->get('imageMemoryLimit') . 'M'); } $existingImage = JRequest::getVar('existingImage'); if (($files['image']['error'] === 0 || $existingImage) && !JRequest::getBool('del_image')) { if ($files['image']['error'] === 0) { $image = $files['image']; } else { $image = JPATH_SITE . DS . JPath::clean($existingImage); } $handle = new Upload($image); $handle->allowed = array('image/*'); if ($handle->uploaded) { //Image params $category = JTable::getInstance('K2Category', 'Table'); $category->load($row->catid); $cparams = class_exists('JParameter') ? new JParameter($category->params) : new JRegistry($category->params); if ($cparams->get('inheritFrom')) { $masterCategoryID = $cparams->get('inheritFrom'); $query = "SELECT * FROM #__k2_categories WHERE id=" . (int) $masterCategoryID; $db->setQuery($query, 0, 1); $masterCategory = $db->loadObject(); $cparams = class_exists('JParameter') ? new JParameter($masterCategory->params) : new JRegistry($masterCategory->params); } $params->merge($cparams); //Original image $savepath = JPATH_SITE . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src'; $handle->image_convert = 'jpg'; $handle->jpeg_quality = 100; $handle->file_auto_rename = false; $handle->file_overwrite = true; $handle->file_new_name_body = md5("Image" . $row->id); $handle->Process($savepath); $filename = $handle->file_dst_name_body; $savepath = JPATH_SITE . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache'; //XLarge image $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_convert = 'jpg'; $handle->jpeg_quality = $params->get('imagesQuality'); $handle->file_auto_rename = false; $handle->file_overwrite = true; $handle->file_new_name_body = $filename . '_XL'; if (JRequest::getInt('itemImageXL')) { $imageWidth = JRequest::getInt('itemImageXL'); } else { $imageWidth = $params->get('itemImageXL', '800'); } $handle->image_x = $imageWidth; $handle->Process($savepath); //Large image $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_convert = 'jpg'; $handle->jpeg_quality = $params->get('imagesQuality'); $handle->file_auto_rename = false; $handle->file_overwrite = true; $handle->file_new_name_body = $filename . '_L'; if (JRequest::getInt('itemImageL')) { $imageWidth = JRequest::getInt('itemImageL'); } else { $imageWidth = $params->get('itemImageL', '600'); } $handle->image_x = $imageWidth; $handle->Process($savepath); //Medium image $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_convert = 'jpg'; $handle->jpeg_quality = $params->get('imagesQuality'); $handle->file_auto_rename = false; $handle->file_overwrite = true; $handle->file_new_name_body = $filename . '_M'; if (JRequest::getInt('itemImageM')) { $imageWidth = JRequest::getInt('itemImageM'); } else { $imageWidth = $params->get('itemImageM', '400'); } $handle->image_x = $imageWidth; $handle->Process($savepath); //Small image $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_convert = 'jpg'; $handle->jpeg_quality = $params->get('imagesQuality'); $handle->file_auto_rename = false; $handle->file_overwrite = true; $handle->file_new_name_body = $filename . '_S'; if (JRequest::getInt('itemImageS')) { $imageWidth = JRequest::getInt('itemImageS'); } else { $imageWidth = $params->get('itemImageS', '200'); } $handle->image_x = $imageWidth; $handle->Process($savepath); //XSmall image $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_convert = 'jpg'; $handle->jpeg_quality = $params->get('imagesQuality'); $handle->file_auto_rename = false; $handle->file_overwrite = true; $handle->file_new_name_body = $filename . '_XS'; if (JRequest::getInt('itemImageXS')) { $imageWidth = JRequest::getInt('itemImageXS'); } else { $imageWidth = $params->get('itemImageXS', '100'); } $handle->image_x = $imageWidth; $handle->Process($savepath); //Generic image $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_convert = 'jpg'; $handle->jpeg_quality = $params->get('imagesQuality'); $handle->file_auto_rename = false; $handle->file_overwrite = true; $handle->file_new_name_body = $filename . '_Generic'; $imageWidth = $params->get('itemImageGeneric', '300'); $handle->image_x = $imageWidth; $handle->Process($savepath); if ($files['image']['error'] === 0) { $handle->Clean(); } } else { $mainframe->enqueueMessage($handle->error, 'error'); $mainframe->redirect('index.php?option=com_k2&view=items'); } } if (JRequest::getBool('del_image')) { $current = JTable::getInstance('K2Item', 'Table'); $current->load($row->id); $filename = md5("Image" . $current->id); if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src' . DS . $filename . '.jpg')) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src' . DS . $filename . '.jpg'); } if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XS.jpg')) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XS.jpg'); } if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_S.jpg')) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_S.jpg'); } if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_M.jpg')) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_M.jpg'); } if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_L.jpg')) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_L.jpg'); } if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XL.jpg')) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XL.jpg'); } if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_Generic.jpg')) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_Generic.jpg'); } $row->image_caption = ''; $row->image_credits = ''; } //Attachments $attachments = JRequest::getVar('attachment_file', NULL, 'FILES', 'array'); $attachments_names = JRequest::getVar('attachment_name', '', 'POST', 'array'); $attachments_titles = JRequest::getVar('attachment_title', '', 'POST', 'array'); $attachments_title_attributes = JRequest::getVar('attachment_title_attribute', '', 'POST', 'array'); $attachments_existing_files = JRequest::getVar('attachment_existing_file', '', 'POST', 'array'); $attachmentFiles = array(); if (count($attachments)) { foreach ($attachments as $k => $l) { foreach ($l as $i => $v) { if (!array_key_exists($i, $attachmentFiles)) { $attachmentFiles[$i] = array(); } $attachmentFiles[$i][$k] = $v; } } $path = $params->get('attachmentsFolder', NULL); if (is_null($path)) { $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'attachments'; } else { $savepath = $path; } $counter = 0; foreach ($attachmentFiles as $key => $file) { if ($file["tmp_name"] || $attachments_existing_files[$key]) { if ($attachments_existing_files[$key]) { $src = JPATH_SITE . DS . JPath::clean($attachments_existing_files[$key]); $copyName = basename($src); $dest = $savepath . DS . $copyName; if (JFile::exists($dest)) { $existingFileName = JFile::getName($dest); $ext = JFile::getExt($existingFileName); $basename = JFile::stripExt($existingFileName); $newFilename = $basename . '_' . time() . '.' . $ext; $copyName = $newFilename; $dest = $savepath . DS . $newFilename; } JFile::copy($src, $dest); $attachment = JTable::getInstance('K2Attachment', 'Table'); $attachment->itemID = $row->id; $attachment->filename = $copyName; $attachment->title = empty($attachments_titles[$counter]) ? $filename : $attachments_titles[$counter]; $attachment->titleAttribute = empty($attachments_title_attributes[$counter]) ? $filename : $attachments_title_attributes[$counter]; $attachment->store(); } else { $handle = new Upload($file); if ($handle->uploaded) { $handle->file_auto_rename = true; $handle->allowed[] = 'application/x-zip'; $handle->allowed[] = 'application/download'; $handle->Process($savepath); $filename = $handle->file_dst_name; $handle->Clean(); $attachment = JTable::getInstance('K2Attachment', 'Table'); $attachment->itemID = $row->id; $attachment->filename = $filename; $attachment->title = empty($attachments_titles[$counter]) ? $filename : $attachments_titles[$counter]; $attachment->titleAttribute = empty($attachments_title_attributes[$counter]) ? $filename : $attachments_title_attributes[$counter]; $attachment->store(); } else { $mainframe->enqueueMessage($handle->error, 'error'); $mainframe->redirect('index.php?option=com_k2&view=items'); } } } $counter++; } } //Gallery $flickrGallery = JRequest::getVar('flickrGallery'); if ($flickrGallery) { $row->gallery = '{gallery}' . $flickrGallery . '{/gallery}'; } if (isset($files['gallery']) && $files['gallery']['error'] == 0 && !JRequest::getBool('del_gallery')) { $handle = new Upload($files['gallery']); $handle->file_auto_rename = true; $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries'; $handle->allowed = array("application/download", "application/rar", "application/x-rar-compressed", "application/arj", "application/gnutar", "application/x-bzip", "application/x-bzip2", "application/x-compressed", "application/x-gzip", "application/x-zip-compressed", "application/zip", "multipart/x-zip", "multipart/x-gzip", "application/x-unknown", "application/x-zip"); if ($handle->uploaded) { $handle->Process($savepath); $handle->Clean(); if (JFolder::exists($savepath . DS . $row->id)) { JFolder::delete($savepath . DS . $row->id); } if (!JArchive::extract($savepath . DS . $handle->file_dst_name, $savepath . DS . $row->id)) { $mainframe->enqueueMessage(JText::_('K2_GALLERY_UPLOAD_ERROR_CANNOT_EXTRACT_ARCHIVE'), 'error'); $mainframe->redirect('index.php?option=com_k2&view=items'); } else { $row->gallery = '{gallery}' . $row->id . '{/gallery}'; } JFile::delete($savepath . DS . $handle->file_dst_name); $handle->Clean(); } else { $mainframe->enqueueMessage($handle->error, 'error'); $mainframe->redirect('index.php?option=com_k2&view=items'); } } if (JRequest::getBool('del_gallery')) { $current = JTable::getInstance('K2Item', 'Table'); $current->load($row->id); if (JFolder::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries' . DS . $current->id)) { JFolder::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries' . DS . $current->id); } $row->gallery = ''; } //Video if (!JRequest::getBool('del_video')) { if (isset($files['video']) && $files['video']['error'] == 0) { $videoExtensions = array("flv", "mp4", "ogv", "webm", "f4v", "m4v", "3gp", "3g2", "mov", "mpeg", "mpg", "avi", "wmv", "divx"); $audioExtensions = array("mp3", "aac", "m4a", "ogg", "wma"); $validExtensions = array_merge($videoExtensions, $audioExtensions); $filetype = JFile::getExt($files['video']['name']); if (!in_array($filetype, $validExtensions)) { $mainframe->enqueueMessage(JText::_('K2_INVALID_VIDEO_FILE'), 'error'); $mainframe->redirect('index.php?option=com_k2&view=items'); } if (in_array($filetype, $videoExtensions)) { $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos'; } else { $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'audio'; } $filename = JFile::stripExt($files['video']['name']); JFile::upload($files['video']['tmp_name'], $savepath . DS . $row->id . '.' . $filetype); $filetype = JFile::getExt($files['video']['name']); $row->video = '{' . $filetype . '}' . $row->id . '{/' . $filetype . '}'; } } else { $current = JTable::getInstance('K2Item', 'Table'); $current->load($row->id); preg_match_all("#^{(.*?)}(.*?){#", $current->video, $matches, PREG_PATTERN_ORDER); $videotype = $matches[1][0]; $videofile = $matches[2][0]; if (in_array($videotype, $videoExtensions)) { if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos' . DS . $videofile . '.' . $videotype)) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos' . DS . $videofile . '.' . $videotype); } } if (in_array($videotype, $audioExtensions)) { if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'audio' . DS . $videofile . '.' . $videotype)) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'audio' . DS . $videofile . '.' . $videotype); } } $row->video = ''; $row->video_caption = ''; $row->video_credits = ''; } //Extra fields $objects = array(); $variables = JRequest::get('post', 2); foreach ($variables as $key => $value) { if ((bool) JString::stristr($key, 'K2ExtraField_')) { $object = new JObject(); $object->set('id', JString::substr($key, 13)); if (is_string($value)) { $value = trim($value); } $object->set('value', $value); unset($object->_errors); $objects[] = $object; } } $csvFiles = JRequest::get('files'); foreach ($csvFiles as $key => $file) { if ((bool) JString::stristr($key, 'K2ExtraField_')) { $object = new JObject(); $object->set('id', JString::substr($key, 13)); $csvFile = $file['tmp_name'][0]; if (!empty($csvFile) && JFile::getExt($file['name'][0]) == 'csv') { $handle = @fopen($csvFile, 'r'); $csvData = array(); while (($data = fgetcsv($handle, 1000)) !== FALSE) { $csvData[] = $data; } fclose($handle); $object->set('value', $csvData); } else { require_once JPATH_COMPONENT_ADMINISTRATOR . DS . 'lib' . DS . 'JSON.php'; $json = new Services_JSON(); $object->set('value', $json->decode(JRequest::getVar('K2CSV_' . $object->id))); if (JRequest::getBool('K2ResetCSV_' . $object->id)) { $object->set('value', null); } } unset($object->_errors); $objects[] = $object; } } require_once JPATH_COMPONENT_ADMINISTRATOR . DS . 'lib' . DS . 'JSON.php'; $json = new Services_JSON(); $row->extra_fields = $json->encode($objects); require_once JPATH_COMPONENT_ADMINISTRATOR . DS . 'models' . DS . 'extrafield.php'; $extraFieldModel = K2Model::getInstance('ExtraField', 'K2Model'); $row->extra_fields_search = ''; foreach ($objects as $object) { $row->extra_fields_search .= $extraFieldModel->getSearchValue($object->id, $object->value); $row->extra_fields_search .= ' '; } //Tags if ($user->gid < 24 && $params->get('lockTags')) { $params->set('taggingSystem', 0); } $db = JFactory::getDBO(); $query = "DELETE FROM #__k2_tags_xref WHERE itemID={intval({$row->id})}"; $db->setQuery($query); $db->query(); if ($params->get('taggingSystem')) { if ($user->gid < 24 && $params->get('lockTags')) { JError::raiseError(403, JText::_('K2_ALERTNOTAUTH')); } $tags = JRequest::getVar('tags', NULL, 'POST', 'array'); if (count($tags)) { $tags = array_unique($tags); foreach ($tags as $tag) { $tag = JString::trim($tag); if ($tag) { $tagID = false; $K2Tag = JTable::getInstance('K2Tag', 'Table'); $K2Tag->name = $tag; // Tag has been filtred and does not exist if ($K2Tag->check()) { $K2Tag->published = 1; if ($K2Tag->store()) { $tagID = $K2Tag->id; } } else { if ($K2Tag->name) { $query = "SELECT id FROM #__k2_tags WHERE name=" . $db->Quote($K2Tag->name); $db->setQuery($query); $tagID = $db->loadResult(); } } if ($tagID) { $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval({$tagID})}, {intval({$row->id})})"; $db->setQuery($query); $db->query(); } } } } } else { $tags = JRequest::getVar('selectedTags', NULL, 'POST', 'array'); if (count($tags)) { foreach ($tags as $tagID) { $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval({$tagID})}, {intval({$row->id})})"; $db->setQuery($query); $db->query(); } } } // If we are in front-end check publishing permissions properly. if ($front) { // New items require the "Publish items" permission. if ($isNew && $row->published && !K2HelperPermissions::canPublishItem($row->catid)) { $row->published = 0; $mainframe->enqueueMessage(JText::_('K2_YOU_DONT_HAVE_THE_PERMISSION_TO_PUBLISH_ITEMS'), 'notice'); } // Existing items require either the "Publish items" or the "Allow editing of already published items" permission. if (!$isNew && $row->published) { $canEditPublished = $isAlreadyPublished && K2HelperPermissions::canEditPublished($row->catid); if (!K2HelperPermissions::canPublishItem($row->catid) && !$canEditPublished) { $row->published = 0; $mainframe->enqueueMessage(JText::_('K2_YOU_DONT_HAVE_THE_PERMISSION_TO_PUBLISH_ITEMS'), 'notice'); } } // If user has cannot publish the item then also cannot make it featured if (!K2HelperPermissions::canPublishItem($row->catid)) { if ($isNew) { $row->featured = 0; } else { $row->featured = $currentFeaturedState; } } } $query = "UPDATE #__k2_items SET \n video_caption = " . $db->Quote($row->video_caption) . ", \n video_credits = " . $db->Quote($row->video_credits) . ", "; if (!is_null($row->video)) { $query .= " video = " . $db->Quote($row->video) . ", "; } if (!is_null($row->gallery)) { $query .= " gallery = " . $db->Quote($row->gallery) . ", "; } $query .= " extra_fields = " . $db->Quote($row->extra_fields) . ", \n extra_fields_search = " . $db->Quote($row->extra_fields_search) . " ,\n published = " . $db->Quote($row->published) . " \n WHERE id = " . $row->id; $db->setQuery($query); if (!$db->query()) { $mainframe->enqueueMessage($db->getErrorMsg(), 'error'); $mainframe->redirect('index.php?option=com_k2&view=items'); } $row->checkin(); $cache = JFactory::getCache('com_k2'); $cache->clean(); $dispatcher->trigger('onAfterK2Save', array(&$row, $isNew)); JPluginHelper::importPlugin('content'); if (K2_JVERSION != '15') { $dispatcher->trigger('onContentAfterSave', array('com_k2.item', &$row, $isNew)); } else { $dispatcher->trigger('onAfterContentSave', array(&$row, $isNew)); } //Trigger the finder after save event $dispatcher = JDispatcher::getInstance(); JPluginHelper::importPlugin('finder'); $results = $dispatcher->trigger('onFinderAfterSave', array('com_k2.item', $row, $isNew)); switch (JRequest::getCmd('task')) { case 'apply': $msg = JText::_('K2_CHANGES_TO_ITEM_SAVED'); $link = 'index.php?option=com_k2&view=item&cid=' . $row->id; break; case 'saveAndNew': $msg = JText::_('K2_ITEM_SAVED'); $link = 'index.php?option=com_k2&view=item'; break; case 'save': default: $msg = JText::_('K2_ITEM_SAVED'); if ($front) { $link = 'index.php?option=com_k2&view=item&task=edit&cid=' . $row->id . '&tmpl=component&Itemid=' . JRequest::getInt('Itemid'); } else { $link = 'index.php?option=com_k2&view=items'; } break; } $mainframe->enqueueMessage($msg); $mainframe->redirect($link); }
public static function canEditPublished($itemCategory) { $K2Permissions = K2Permissions::getInstance(); return in_array('editPublished.category.all', $K2Permissions->actions) || in_array('editPublished.category.' . $itemCategory, $K2Permissions->actions); }
function display($tpl = null) { $mainframe = JFactory::getApplication(); $db = JFactory::getDBO(); $view = JRequest::getCmd('view'); jimport('joomla.filesystem.file'); jimport('joomla.html.pane'); JHTML::_('behavior.keepalive'); JHTML::_('behavior.modal'); JRequest::setVar('hidemainmenu', 1); $document = JFactory::getDocument(); $document->addScript(JURI::root(true) . '/media/k2/assets/js/nicEdit.js?v=2.6.8'); //var K2SitePath = '".JURI::root(true)."/'; $js = "\n\t\t\t\t\tvar K2BasePath = '" . JURI::base(true) . "/';\n\t\t\t\t\tvar K2Language = [\n\t\t\t\t\t\t'" . JText::_('K2_REMOVE', true) . "',\n\t\t\t\t\t\t'" . JText::_('K2_LINK_TITLE_OPTIONAL', true) . "',\n\t\t\t\t\t\t'" . JText::_('K2_LINK_TITLE_ATTRIBUTE_OPTIONAL', true) . "',\n\t\t\t\t\t\t'" . JText::_('K2_ARE_YOU_SURE', true) . "',\n\t\t\t\t\t\t'" . JText::_('K2_YOU_ARE_NOT_ALLOWED_TO_POST_TO_THIS_CATEGORY', true) . "',\n\t\t\t\t\t\t'" . JText::_('K2_OR_SELECT_A_FILE_ON_THE_SERVER', true) . "'\n\t\t\t\t\t]\n\t\t\t\t"; $document->addScriptDeclaration($js); K2Model::addIncludePath(JPATH_COMPONENT_ADMINISTRATOR . DS . 'models'); $model = K2Model::getInstance('Item', 'K2Model', array('table_path' => JPATH_COMPONENT_ADMINISTRATOR . DS . 'tables')); $item = $model->getData(); JFilterOutput::objectHTMLSafe($item, ENT_QUOTES, array('video', 'params', 'plugins')); $user = JFactory::getUser(); // Permissions check on frontend if ($mainframe->isSite()) { JLoader::register('K2HelperPermissions', JPATH_COMPONENT . DS . 'helpers' . DS . 'permissions.php'); $task = JRequest::getCmd('task'); if ($task == 'edit' && !K2HelperPermissions::canEditItem($item->created_by, $item->catid)) { JError::raiseError(403, JText::_('K2_ALERTNOTAUTH')); } if ($task == 'add' && !K2HelperPermissions::canAddItem()) { JError::raiseError(403, JText::_('K2_ALERTNOTAUTH')); } // Get permissions $K2Permissions = K2Permissions::getInstance(); $this->assignRef('permissions', $K2Permissions->permissions); // Build permissions message $permissionsLabels = array(); if ($this->permissions->get('add')) { $permissionsLabels[] = JText::_('K2_ADD_ITEMS'); } if ($this->permissions->get('editOwn')) { $permissionsLabels[] = JText::_('K2_EDIT_OWN_ITEMS'); } if ($this->permissions->get('editAll')) { $permissionsLabels[] = JText::_('K2_EDIT_ANY_ITEM'); } if ($this->permissions->get('publish')) { $permissionsLabels[] = JText::_('K2_PUBLISH_ITEMS'); } if ($this->permissions->get('editPublished')) { $permissionsLabels[] = JText::_('K2_ALLOW_EDITING_OF_ALREADY_PUBLISHED_ITEMS'); } $permissionsMessage = JText::_('K2_YOU_ARE_ALLOWED_TO') . ' ' . implode(', ', $permissionsLabels); $this->assignRef('permissionsMessage', $permissionsMessage); } if ($item->isCheckedOut($user->get('id'), $item->checked_out)) { $message = JText::_('K2_THE_ITEM') . ': ' . $item->title . ' ' . JText::_('K2_IS_CURRENTLY_BEING_EDITED_BY_ANOTHER_ADMINISTRATOR'); $url = $mainframe->isSite() ? 'index.php?option=com_k2&view=item&id=' . $item->id . '&tmpl=component' : 'index.php?option=com_k2'; $mainframe->enqueueMessage($message); $mainframe->redirect($url); } if ($item->id) { $item->checkout($user->get('id')); } else { $item->published = 1; $item->publish_down = $db->getNullDate(); $item->modified = $db->getNullDate(); $date = JFactory::getDate(); $now = K2_JVERSION == '15' ? $date->toMySQL() : $date->toSql(); $item->created = $now; $item->publish_up = $item->created; } $lists = array(); if (version_compare(JVERSION, '1.6.0', 'ge')) { $dateFormat = 'Y-m-d H:i:s'; } else { $dateFormat = '%Y-%m-%d %H:%M:%S'; } $created = $item->created; $publishUp = $item->publish_up; $publishDown = $item->publish_down; $created = JHTML::_('date', $item->created, $dateFormat); $publishUp = JHTML::_('date', $item->publish_up, $dateFormat); if ((int) $item->publish_down) { $publishDown = JHTML::_('date', $item->publish_down, $dateFormat); } else { $publishDown = ''; } // Set up calendars $lists['createdCalendar'] = JHTML::_('calendar', $created, 'created', 'created'); $lists['publish_up'] = JHTML::_('calendar', $publishUp, 'publish_up', 'publish_up'); $lists['publish_down'] = JHTML::_('calendar', $publishDown, 'publish_down', 'publish_down'); if ($item->id) { $lists['created'] = JHTML::_('date', $item->created, JText::_('DATE_FORMAT_LC2')); } else { $lists['created'] = JText::_('K2_NEW_DOCUMENT'); } if ($item->modified == $db->getNullDate() || !$item->id) { $lists['modified'] = JText::_('K2_NEVER'); } else { $lists['modified'] = JHTML::_('date', $item->modified, JText::_('DATE_FORMAT_LC2')); } $params = JComponentHelper::getParams('com_k2'); $wysiwyg = JFactory::getEditor(); $onSave = ''; if ($params->get("mergeEditors")) { if (JString::strlen($item->fulltext) > 1) { $textValue = $item->introtext . "<hr id=\"system-readmore\" />" . $item->fulltext; } else { $textValue = $item->introtext; } $text = $wysiwyg->display('text', $textValue, '100%', '400px', '', ''); $this->assignRef('text', $text); if (K2_JVERSION == '30') { $onSave = $wysiwyg->save('text'); } } else { $introtext = $wysiwyg->display('introtext', $item->introtext, '100%', '400px', '', '', array('readmore')); $this->assignRef('introtext', $introtext); $fulltext = $wysiwyg->display('fulltext', $item->fulltext, '100%', '400px', '', '', array('readmore')); $this->assignRef('fulltext', $fulltext); if (K2_JVERSION == '30') { $onSave = $wysiwyg->save('introtext'); $onSave .= $wysiwyg->save('fulltext'); } } $document->addScriptDeclaration("function onK2EditorSave(){ " . $onSave . " }"); $lists['published'] = JHTML::_('select.booleanlist', 'published', 'class="inputbox"', $item->published); $lists['featured'] = JHTML::_('select.booleanlist', 'featured', 'class="inputbox"', $item->featured); $lists['access'] = version_compare(JVERSION, '3.0', 'ge') ? JHTML::_('access.level', 'access', $item->access) : JHTML::_('list.accesslevel', $item); $query = "SELECT ordering AS value, title AS text FROM #__k2_items WHERE catid={$item->catid}"; $lists['ordering'] = version_compare(JVERSION, '3.0', 'ge') ? NUll : JHTML::_('list.specificordering', $item, $item->id, $query); if (!$item->id) { $item->catid = $mainframe->getUserStateFromRequest('com_k2itemsfilter_category', 'catid', 0, 'int'); } require_once JPATH_ADMINISTRATOR . '/components/com_k2/models/categories.php'; $categoriesModel = K2Model::getInstance('Categories', 'K2Model'); $categories = $categoriesModel->categoriesTree(); $lists['catid'] = JHTML::_('select.genericlist', $categories, 'catid', 'class="inputbox"', 'value', 'text', $item->catid); if (version_compare(JVERSION, '1.6.0', 'ge')) { $languages = JHTML::_('contentlanguage.existing', true, true); $lists['language'] = JHTML::_('select.genericlist', $languages, 'language', '', 'value', 'text', $item->language); } $lists['checkSIG'] = $model->checkSIG(); $lists['checkAllVideos'] = $model->checkAllVideos(); $remoteVideo = false; $providerVideo = false; $embedVideo = false; if (stristr($item->video, 'remote}') !== false) { $remoteVideo = true; $options['startOffset'] = 1; } $providers = $model->getVideoProviders(); if (count($providers)) { foreach ($providers as $provider) { $providersOptions[] = JHTML::_('select.option', $provider, ucfirst($provider)); if (stristr($item->video, "{{$provider}}") !== false) { $providerVideo = true; $options['startOffset'] = 2; } } } if (JString::substr($item->video, 0, 1) !== '{') { $embedVideo = true; $options['startOffset'] = 3; } $lists['uploadedVideo'] = !$remoteVideo && !$providerVideo && !$embedVideo ? true : false; if ($lists['uploadedVideo'] || $item->video == '') { $options['startOffset'] = 0; } $document->addScriptDeclaration("var K2ActiveVideoTab = " . $options['startOffset']); $lists['remoteVideo'] = $remoteVideo ? preg_replace('%\\{[a-z0-9-_]*\\}(.*)\\{/[a-z0-9-_]*\\}%i', '\\1', $item->video) : ''; $lists['remoteVideoType'] = $remoteVideo ? preg_replace('%\\{([a-z0-9-_]*)\\}.*\\{/[a-z0-9-_]*\\}%i', '\\1', $item->video) : ''; $lists['providerVideo'] = $providerVideo ? preg_replace('%\\{[a-z0-9-_]*\\}(.*)\\{/[a-z0-9-_]*\\}%i', '\\1', $item->video) : ''; $lists['providerVideoType'] = $providerVideo ? preg_replace('%\\{([a-z0-9-_]*)\\}.*\\{/[a-z0-9-_]*\\}%i', '\\1', $item->video) : ''; $lists['embedVideo'] = $embedVideo ? $item->video : ''; if (isset($providersOptions)) { $lists['providers'] = JHTML::_('select.genericlist', $providersOptions, 'videoProvider', '', 'value', 'text', $lists['providerVideoType']); } JPluginHelper::importPlugin('content', 'jw_sigpro'); JPluginHelper::importPlugin('content', 'jw_allvideos'); $dispatcher = JDispatcher::getInstance(); // Detect gallery type if (JString::strpos($item->gallery, 'http://')) { $item->galleryType = 'flickr'; $item->galleryValue = JString::substr($item->gallery, 9); $item->galleryValue = JString::substr($item->galleryValue, 0, -10); } else { $item->galleryType = 'server'; $item->galleryValue = ''; } $params->set('galleries_rootfolder', 'media/k2/galleries'); $item->text = $item->gallery; if (K2_JVERSION == '15') { $dispatcher->trigger('onPrepareContent', array(&$item, &$params, null)); } else { $dispatcher->trigger('onContentPrepare', array('com_k2.' . $view, &$item, &$params, null)); } $item->gallery = $item->text; if (!$embedVideo) { $params->set('vfolder', 'media/k2/videos'); $params->set('afolder', 'media/k2/audio'); if (JString::strpos($item->video, 'remote}')) { preg_match("#}(.*?){/#s", $item->video, $matches); if (JString::substr($matches[1], 0, 7) != 'http://') { $item->video = str_replace($matches[1], JURI::root() . $matches[1], $item->video); } } $item->text = $item->video; if (K2_JVERSION == '15') { $dispatcher->trigger('onPrepareContent', array(&$item, &$params, null)); } else { $dispatcher->trigger('onContentPrepare', array('com_k2.' . $view, &$item, &$params, null)); } $item->video = $item->text; } else { // no nothing } if (isset($item->created_by)) { $author = JUser::getInstance($item->created_by); $item->author = $author->name; } else { $item->author = $user->name; } if (isset($item->modified_by)) { $moderator = JUser::getInstance($item->modified_by); $item->moderator = $moderator->name; } if ($item->id) { $active = $item->created_by; } else { $active = $user->id; } $lists['authors'] = JHTML::_('list.users', 'created_by', $active, false); $categories_option[] = JHTML::_('select.option', 0, JText::_('K2_SELECT_CATEGORY')); $categories = $categoriesModel->categoriesTree(NUll, true, false); if ($mainframe->isSite()) { JLoader::register('K2HelperPermissions', JPATH_SITE . DS . 'components' . DS . 'com_k2' . DS . 'helpers' . DS . 'permissions.php'); if (($task == 'add' || $task == 'edit') && !K2HelperPermissions::canAddToAll()) { for ($i = 0; $i < sizeof($categories); $i++) { if (!K2HelperPermissions::canAddItem($categories[$i]->value) && $task == 'add') { $categories[$i]->disable = true; } if (!K2HelperPermissions::canEditItem($item->created_by, $categories[$i]->value) && $task == 'edit') { $categories[$i]->disable = true; } } } } $categories_options = @array_merge($categories_option, $categories); $lists['categories'] = JHTML::_('select.genericlist', $categories_options, 'catid', '', 'value', 'text', $item->catid); JTable::addIncludePath(JPATH_COMPONENT . DS . 'tables'); $category = JTable::getInstance('K2Category', 'Table'); $category->load($item->catid); $extraFieldModel = K2Model::getInstance('ExtraField', 'K2Model'); if ($category->id) { $extraFields = $extraFieldModel->getExtraFieldsByGroup($category->extraFieldsGroup); } else { $extraFields = NULL; } for ($i = 0; $i < sizeof($extraFields); $i++) { $extraFields[$i]->element = $extraFieldModel->renderExtraField($extraFields[$i], $item->id); } if ($item->id) { $item->attachments = $model->getAttachments($item->id); $rating = $model->getRating(); if (is_null($rating)) { $item->ratingSum = 0; $item->ratingCount = 0; } else { $item->ratingSum = (int) $rating->rating_sum; $item->ratingCount = (int) $rating->rating_count; } } else { $item->attachments = NULL; $item->ratingSum = 0; $item->ratingCount = 0; } if ($user->gid < 24 && $params->get('lockTags')) { $params->set('taggingSystem', 0); } $tags = $model->getAvailableTags($item->id); $lists['tags'] = JHTML::_('select.genericlist', $tags, 'tags', 'multiple="multiple" size="10" ', 'id', 'name'); if (isset($item->id)) { $item->tags = $model->getCurrentTags($item->id); $lists['selectedTags'] = JHTML::_('select.genericlist', $item->tags, 'selectedTags[]', 'multiple="multiple" size="10" ', 'id', 'name'); } else { $lists['selectedTags'] = '<select size="10" multiple="multiple" id="selectedTags" name="selectedTags[]"></select>'; } $lists['metadata'] = class_exists('JParameter') ? new JParameter($item->metadata) : new JRegistry($item->metadata); $date = JFactory::getDate($item->modified); $timestamp = '?t=' . $date->toUnix(); if (JFile::exists(JPATH_SITE . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . md5("Image" . $item->id) . '_L.jpg')) { $item->image = JURI::root() . 'media/k2/items/cache/' . md5("Image" . $item->id) . '_L.jpg' . $timestamp; } if (JFile::exists(JPATH_SITE . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . md5("Image" . $item->id) . '_S.jpg')) { $item->thumb = JURI::root() . 'media/k2/items/cache/' . md5("Image" . $item->id) . '_S.jpg' . $timestamp; } JPluginHelper::importPlugin('k2'); $dispatcher = JDispatcher::getInstance(); $K2PluginsItemContent = $dispatcher->trigger('onRenderAdminForm', array(&$item, 'item', 'content')); $this->assignRef('K2PluginsItemContent', $K2PluginsItemContent); $K2PluginsItemImage = $dispatcher->trigger('onRenderAdminForm', array(&$item, 'item', 'image')); $this->assignRef('K2PluginsItemImage', $K2PluginsItemImage); $K2PluginsItemGallery = $dispatcher->trigger('onRenderAdminForm', array(&$item, 'item', 'gallery')); $this->assignRef('K2PluginsItemGallery', $K2PluginsItemGallery); $K2PluginsItemVideo = $dispatcher->trigger('onRenderAdminForm', array(&$item, 'item', 'video')); $this->assignRef('K2PluginsItemVideo', $K2PluginsItemVideo); $K2PluginsItemExtraFields = $dispatcher->trigger('onRenderAdminForm', array(&$item, 'item', 'extra-fields')); $this->assignRef('K2PluginsItemExtraFields', $K2PluginsItemExtraFields); $K2PluginsItemAttachments = $dispatcher->trigger('onRenderAdminForm', array(&$item, 'item', 'attachments')); $this->assignRef('K2PluginsItemAttachments', $K2PluginsItemAttachments); $K2PluginsItemOther = $dispatcher->trigger('onRenderAdminForm', array(&$item, 'item', 'other')); $this->assignRef('K2PluginsItemOther', $K2PluginsItemOther); if (version_compare(JVERSION, '1.6.0', 'ge')) { jimport('joomla.form.form'); $form = JForm::getInstance('itemForm', JPATH_COMPONENT_ADMINISTRATOR . DS . 'models' . DS . 'item.xml'); $values = array('params' => json_decode($item->params)); $form->bind($values); } else { $form = new JParameter('', JPATH_COMPONENT_ADMINISTRATOR . DS . 'models' . DS . 'item.xml'); $form->loadINI($item->params); } $this->assignRef('form', $form); $nullDate = $db->getNullDate(); $this->assignRef('nullDate', $nullDate); $this->assignRef('extraFields', $extraFields); $this->assignRef('options', $options); $this->assignRef('row', $item); $this->assignRef('lists', $lists); $this->assignRef('params', $params); $this->assignRef('user', $user); JRequest::getInt('cid') ? $title = JText::_('K2_EDIT_ITEM') : ($title = JText::_('K2_ADD_ITEM')); $this->assignRef('title', $title); $this->assignRef('mainframe', $mainframe); if ($mainframe->isAdmin()) { $this->params->set('showImageTab', true); $this->params->set('showImageGalleryTab', true); $this->params->set('showVideoTab', true); $this->params->set('showExtraFieldsTab', true); $this->params->set('showAttachmentsTab', true); $this->params->set('showK2Plugins', true); JToolBarHelper::title($title, 'k2.png'); JToolBarHelper::save(); $saveNewIcon = version_compare(JVERSION, '2.5.0', 'ge') ? 'save-new.png' : 'save.png'; JToolBarHelper::custom('saveAndNew', $saveNewIcon, 'save_f2.png', 'K2_SAVE_AND_NEW', false); JToolBarHelper::apply(); JToolBarHelper::cancel(); } // ACE ACL integration $definedConstants = get_defined_constants(); if (!empty($definedConstants['ACEACL']) && AceaclApi::authorize('permissions', 'com_aceacl')) { $aceAclFlag = true; } else { $aceAclFlag = false; } $this->assignRef('aceAclFlag', $aceAclFlag); // SIG PRO v3 integration if (JPluginHelper::isEnabled('k2', 'jw_sigpro')) { $sigPro = true; $sigProFolder = $this->row->id ? $this->row->id : uniqid(); $this->assignRef('sigProFolder', $sigProFolder); } else { $sigPro = false; } $this->assignRef('sigPro', $sigPro); parent::display($tpl); }
function users() { $itemID = JRequest::getInt('itemID'); JTable::addIncludePath(JPATH_COMPONENT_ADMINISTRATOR . DS . 'tables'); $item =& JTable::getInstance('K2Item', 'Table'); $item->load($itemID); if (!K2HelperPermissions::canAddItem() && !K2HelperPermissions::canEditItem($item->created_by, $item->catid)) { JError::raiseError(403, JText::_('K2_ALERTNOTAUTH')); } $K2Permissions =& K2Permissions::getInstance(); if (!$K2Permissions->permissions->get('editAll')) { JError::raiseError(403, JText::_('K2_ALERTNOTAUTH')); } JRequest::setVar('tmpl', 'component'); $mainframe =& JFactory::getApplication(); $params =& JComponentHelper::getParams('com_k2'); $language =& JFactory::getLanguage(); $language->load('com_k2', JPATH_ADMINISTRATOR); $document =& JFactory::getDocument(); if (version_compare(JVERSION, '1.6.0', 'ge')) { JHtml::_('behavior.framework'); } else { JHTML::_('behavior.mootools'); } // CSS $document->addStyleSheet(JURI::root(true) . '/media/k2/assets/css/k2.css?v=2.5.7'); // JS $jQueryHandling = $params->get('jQueryHandling', '1.7remote'); if ($jQueryHandling && strpos($jQueryHandling, 'remote') == true) { $document->addScript('http://ajax.googleapis.com/ajax/libs/jquery/' . str_replace('remote', '', $jQueryHandling) . '/jquery.min.js'); $document->addScript('http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js'); } elseif ($jQueryHandling && strpos($jQueryHandling, 'remote') == false) { $document->addScript(JURI::root(true) . '/media/k2/assets/js/jquery-' . $jQueryHandling . '.min.js'); $document->addScript(JURI::root(true) . '/media/k2/assets/js/jquery-ui-1.8.16.custom.min.js'); } $document->addScript(JURI::root(true) . '/media/k2/assets/js/k2.js?v=2.5.7'); $this->addViewPath(JPATH_COMPONENT_ADMINISTRATOR . DS . 'views'); $this->addModelPath(JPATH_COMPONENT_ADMINISTRATOR . DS . 'models'); $view =& $this->getView('users', 'html'); $view->addTemplatePath(JPATH_COMPONENT_ADMINISTRATOR . DS . 'views' . DS . 'users' . DS . 'tmpl'); $view->setLayout('element'); $view->display(); }
/** * This method is copied from admin/com_k2/models/item.php * Modifications have been made * Changed all $mainframe redirects * Removed the check for extra fields, we don't want to override them */ function save($front = false) { $mainframe =& JFactory::getApplication(); jimport('joomla.filesystem.file'); jimport('joomla.filesystem.folder'); jimport('joomla.filesystem.archive'); require_once JPATH_ADMINISTRATOR . '/components/com_k2' . DS . 'lib' . DS . 'class.upload.php'; $db =& JFactory::getDBO(); $user =& JFactory::getUser(); $row =& JTable::getInstance('K2Item', 'Table'); $params =& JComponentHelper::getParams('com_k2'); $nullDate = $db->getNullDate(); if (!$row->bind(JRequest::get('post'))) { $this->setError($row->getError()); return false; } if ($front && $row->id == NULL) { JLoader::register('K2HelperPermissions', JPATH_SITE . DS . 'components' . DS . 'com_k2' . DS . 'helpers' . DS . 'permissions.php'); if (!K2HelperPermissions::canAddItem($row->catid)) { $this->setError(JText::_('K2_YOU_ARE_NOT_ALLOWED_TO_POST_TO_THIS_CATEGORY_SAVE_FAILED')); return false; } } $row->id ? $isNew = false : ($isNew = true); if ($params->get('mergeEditors')) { $text = JRequest::getVar('text', '', 'post', 'string', 2); if ($params->get('xssFiltering')) { $filter = new JFilterInput(array(), array(), 1, 1, 0); $text = $filter->clean($text); } $pattern = '#<hr\\s+id=("|\')system-readmore("|\')\\s*\\/*>#i'; $tagPos = preg_match($pattern, $text); if ($tagPos == 0) { $row->introtext = $text; $row->fulltext = ''; } else { list($row->introtext, $row->fulltext) = preg_split($pattern, $text, 2); } } else { $row->introtext = JRequest::getVar('introtext', '', 'post', 'string', 2); $row->fulltext = JRequest::getVar('fulltext', '', 'post', 'string', 2); if ($params->get('xssFiltering')) { $filter = new JFilterInput(array(), array(), 1, 1, 0); $row->introtext = $filter->clean($row->introtext); $row->fulltext = $filter->clean($row->fulltext); } } if ($row->id) { $datenow =& JFactory::getDate(); $row->modified = $datenow->toMySQL(); $row->modified_by = $user->get('id'); } else { $row->ordering = $row->getNextOrder("catid = {$row->catid} AND trash = 0"); if ($row->featured) { $row->featured_ordering = $row->getNextOrder("featured = 1 AND trash = 0", 'featured_ordering'); } } $row->created_by = $row->created_by ? $row->created_by : $user->get('id'); if ($front) { $K2Permissions =& K2Permissions::getInstance(); if (!$K2Permissions->permissions->get('editAll')) { $row->created_by = $user->get('id'); } } if ($row->created && strlen(trim($row->created)) <= 10) { $row->created .= ' 00:00:00'; } $config =& JFactory::getConfig(); $tzoffset = $config->getValue('config.offset'); $date =& JFactory::getDate($row->created, $tzoffset); $row->created = $date->toMySQL(); if (strlen(trim($row->publish_up)) <= 10) { $row->publish_up .= ' 00:00:00'; } $date =& JFactory::getDate($row->publish_up, $tzoffset); $row->publish_up = $date->toMySQL(); if (trim($row->publish_down) == JText::_('K2_NEVER') || trim($row->publish_down) == '') { $row->publish_down = $nullDate; } else { if (strlen(trim($row->publish_down)) <= 10) { $row->publish_down .= ' 00:00:00'; } $date =& JFactory::getDate($row->publish_down, $tzoffset); $row->publish_down = $date->toMySQL(); } $metadata = JRequest::getVar('meta', null, 'post', 'array'); if (is_array($metadata)) { $txt = array(); foreach ($metadata as $k => $v) { if ($k == 'description') { $row->metadesc = $v; } elseif ($k == 'keywords') { $row->metakey = $v; } else { $txt[] = "{$k}={$v}"; } } $row->metadata = implode("\n", $txt); } if (!$row->check()) { $mainframe->redirect('index.php?option=com_k2&view=item&cid=' . $row->id, $row->getError(), 'error'); } $dispatcher =& JDispatcher::getInstance(); JPluginHelper::importPlugin('k2'); $result = $dispatcher->trigger('onBeforeK2Save', array(&$row, $isNew)); if (in_array(false, $result, true)) { $this->setError($row->getError()); return false; } // JoomFish! Front-end editing compatibility if ($mainframe->isSite() && JFolder::exists(JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_joomfish' . DS . 'contentelements')) { if (version_compare(phpversion(), '5.0') < 0) { $tmpRow = $row; } else { $tmpRow = clone $row; } } if (!$row->store()) { $this->setError($row->getError()); return false; } // JoomFish! Front-end editing compatibility if ($mainframe->isSite() && JFolder::exists(JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_joomfish' . DS . 'contentelements')) { $itemID = $row->id; $row = $tmpRow; $row->id = $itemID; } if (!$params->get('disableCompactOrdering')) { $row->reorder("catid = {$row->catid} AND trash = 0"); } if ($row->featured && !$params->get('disableCompactOrdering')) { $row->reorder("featured = 1 AND trash = 0", 'featured_ordering'); } $files = JRequest::get('files'); //Image if ((int) $params->get('imageMemoryLimit')) { ini_set('memory_limit', (int) $params->get('imageMemoryLimit') . 'M'); } $existingImage = JRequest::getVar('existingImage'); if ((@$files['image']['error'] === 0 || $existingImage) && !JRequest::getBool('del_image')) { if ($files['image']['error'] === 0) { $image = $files['image']; } else { $image = JPATH_SITE . DS . JPath::clean($existingImage); } $handle = new Upload($image); $handle->allowed = array('image/*'); if ($handle->uploaded) { //Image params $category =& JTable::getInstance('K2Category', 'Table'); $category->load($row->catid); $cparams = new JParameter($category->params); if ($cparams->get('inheritFrom')) { $masterCategoryID = $cparams->get('inheritFrom'); $query = "SELECT * FROM #__k2_categories WHERE id=" . (int) $masterCategoryID; $db->setQuery($query, 0, 1); $masterCategory = $db->loadObject(); $cparams = new JParameter($masterCategory->params); } $params->merge($cparams); //Original image $savepath = JPATH_SITE . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src'; $handle->image_convert = 'jpg'; $handle->jpeg_quality = 100; $handle->file_auto_rename = false; $handle->file_overwrite = true; $handle->file_new_name_body = md5("Image" . $row->id); $handle->Process($savepath); $filename = $handle->file_dst_name_body; $savepath = JPATH_SITE . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache'; //XLarge image $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_convert = 'jpg'; $handle->jpeg_quality = $params->get('imagesQuality'); $handle->file_auto_rename = false; $handle->file_overwrite = true; $handle->file_new_name_body = $filename . '_XL'; if (JRequest::getInt('itemImageXL')) { $imageWidth = JRequest::getInt('itemImageXL'); } else { $imageWidth = $params->get('itemImageXL', '800'); } $handle->image_x = $imageWidth; $handle->Process($savepath); //Large image $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_convert = 'jpg'; $handle->jpeg_quality = $params->get('imagesQuality'); $handle->file_auto_rename = false; $handle->file_overwrite = true; $handle->file_new_name_body = $filename . '_L'; if (JRequest::getInt('itemImageL')) { $imageWidth = JRequest::getInt('itemImageL'); } else { $imageWidth = $params->get('itemImageL', '600'); } $handle->image_x = $imageWidth; $handle->Process($savepath); //Medium image $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_convert = 'jpg'; $handle->jpeg_quality = $params->get('imagesQuality'); $handle->file_auto_rename = false; $handle->file_overwrite = true; $handle->file_new_name_body = $filename . '_M'; if (JRequest::getInt('itemImageM')) { $imageWidth = JRequest::getInt('itemImageM'); } else { $imageWidth = $params->get('itemImageM', '400'); } $handle->image_x = $imageWidth; $handle->Process($savepath); //Small image $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_convert = 'jpg'; $handle->jpeg_quality = $params->get('imagesQuality'); $handle->file_auto_rename = false; $handle->file_overwrite = true; $handle->file_new_name_body = $filename . '_S'; if (JRequest::getInt('itemImageS')) { $imageWidth = JRequest::getInt('itemImageS'); } else { $imageWidth = $params->get('itemImageS', '200'); } $handle->image_x = $imageWidth; $handle->Process($savepath); //XSmall image $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_convert = 'jpg'; $handle->jpeg_quality = $params->get('imagesQuality'); $handle->file_auto_rename = false; $handle->file_overwrite = true; $handle->file_new_name_body = $filename . '_XS'; if (JRequest::getInt('itemImageXS')) { $imageWidth = JRequest::getInt('itemImageXS'); } else { $imageWidth = $params->get('itemImageXS', '100'); } $handle->image_x = $imageWidth; $handle->Process($savepath); //Generic image $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_convert = 'jpg'; $handle->jpeg_quality = $params->get('imagesQuality'); $handle->file_auto_rename = false; $handle->file_overwrite = true; $handle->file_new_name_body = $filename . '_Generic'; $imageWidth = $params->get('itemImageGeneric', '300'); $handle->image_x = $imageWidth; $handle->Process($savepath); if ($files['image']['error'] === 0) { $handle->Clean(); } } else { $this->setError($handle->error); return false; } } if (JRequest::getBool('del_image')) { $current =& JTable::getInstance('K2Item', 'Table'); $current->load($row->id); $filename = md5("Image" . $current->id); if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src' . DS . $filename . '.jpg')) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'src' . DS . $filename . '.jpg'); } if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XS.jpg')) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XS.jpg'); } if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_S.jpg')) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_S.jpg'); } if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_M.jpg')) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_M.jpg'); } if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_L.jpg')) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_L.jpg'); } if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XL.jpg')) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_XL.jpg'); } if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_Generic.jpg')) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'items' . DS . 'cache' . DS . $filename . '_Generic.jpg'); } $row->image_caption = ''; $row->image_credits = ''; } //Attachments $attachments = JRequest::getVar('attachment_file', NULL, 'FILES', 'array'); $attachments_names = JRequest::getVar('attachment_name', '', 'POST', 'array'); $attachments_titles = JRequest::getVar('attachment_title', '', 'POST', 'array'); $attachments_title_attributes = JRequest::getVar('attachment_title_attribute', '', 'POST', 'array'); $attachments_existing_files = JRequest::getVar('attachment_existing_file', '', 'POST', 'array'); $attachmentFiles = array(); if (count($attachments)) { foreach ($attachments as $k => $l) { foreach ($l as $i => $v) { if (!array_key_exists($i, $attachmentFiles)) { $attachmentFiles[$i] = array(); } $attachmentFiles[$i][$k] = $v; } } $path = $params->get('attachmentsFolder', NULL); if (is_null($path)) { $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'attachments'; } else { $savepath = $path; } $counter = 0; foreach ($attachmentFiles as $key => $file) { if ($file["tmp_name"] || $attachments_existing_files[$key]) { if ($attachments_existing_files[$key]) { $file = JPATH_SITE . DS . JPath::clean($attachments_existing_files[$key]); } $handle = new Upload($file); if ($handle->uploaded) { $handle->file_auto_rename = true; $handle->allowed[] = 'application/x-zip'; $handle->allowed[] = 'application/download'; $handle->Process($savepath); $filename = $handle->file_dst_name; $handle->Clean(); $attachment =& JTable::getInstance('K2Attachment', 'Table'); $attachment->itemID = $row->id; $attachment->filename = $filename; $attachment->title = empty($attachments_titles[$counter]) ? $filename : $attachments_titles[$counter]; $attachment->titleAttribute = empty($attachments_title_attributes[$counter]) ? $filename : $attachments_title_attributes[$counter]; $attachment->store(); } else { $this->setError($handle->error); return false; } } $counter++; } } //Gallery $flickrGallery = JRequest::getVar('flickrGallery'); if ($flickrGallery) { $row->gallery = '{gallery}' . $flickrGallery . '{/gallery}'; } if (isset($files['gallery']) && $files['gallery']['error'] == 0 && !JRequest::getBool('del_gallery')) { $handle = new Upload($files['gallery']); $handle->file_auto_rename = true; $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries'; $handle->allowed = array("application/download", "application/rar", "application/x-rar-compressed", "application/arj", "application/gnutar", "application/x-bzip", "application/x-bzip2", "application/x-compressed", "application/x-gzip", "application/x-zip-compressed", "application/zip", "multipart/x-zip", "multipart/x-gzip", "application/x-unknown", "application/x-zip"); if ($handle->uploaded) { $handle->Process($savepath); $handle->Clean(); if (JFolder::exists($savepath . DS . $row->id)) { JFolder::delete($savepath . DS . $row->id); } if (!JArchive::extract($savepath . DS . $handle->file_dst_name, $savepath . DS . $row->id)) { $this->setError(JText::_('K2_GALLERY_UPLOAD_ERROR_CANNOT_EXTRACT_ARCHIVE')); return false; } else { $row->gallery = '{gallery}' . $row->id . '{/gallery}'; } JFile::delete($savepath . DS . $handle->file_dst_name); $handle->Clean(); } else { $this->setError($handle->error); return false; } } if (JRequest::getBool('del_gallery')) { $current =& JTable::getInstance('K2Item', 'Table'); $current->load($row->id); if (JFolder::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries' . DS . $current->id)) { JFolder::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'galleries' . DS . $current->id); } $row->gallery = ''; } //Video if (!JRequest::getBool('del_video')) { if (isset($files['video']) && $files['video']['error'] == 0) { $videoExtensions = array("flv", "mp4", "ogv", "webm", "f4v", "m4v", "3gp", "3g2", "mov", "mpeg", "mpg", "avi", "wmv", "divx"); $audioExtensions = array("mp3", "aac", "m4a", "ogg", "wma"); $validExtensions = array_merge($videoExtensions, $audioExtensions); $filetype = JFile::getExt($files['video']['name']); if (!in_array($filetype, $validExtensions)) { $this->setError(JText::_('K2_INVALID_VIDEO_FILE')); return false; } if (in_array($filetype, $videoExtensions)) { $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos'; } else { $savepath = JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'audio'; } $filename = JFile::stripExt($files['video']['name']); JFile::upload($files['video']['tmp_name'], $savepath . DS . $row->id . '.' . $filetype); $filetype = JFile::getExt($files['video']['name']); $row->video = '{' . $filetype . '}' . $row->id . '{/' . $filetype . '}'; } else { if (JRequest::getVar('remoteVideo')) { $fileurl = JRequest::getVar('remoteVideo'); $filetype = JFile::getExt($fileurl); $row->video = '{' . $filetype . 'remote}' . $fileurl . '{/' . $filetype . 'remote}'; } if (JRequest::getVar('videoID')) { $provider = JRequest::getWord('videoProvider'); $videoID = JRequest::getVar('videoID'); $row->video = '{' . $provider . '}' . $videoID . '{/' . $provider . '}'; } if (JRequest::getVar('embedVideo', '', 'post', 'string', JREQUEST_ALLOWRAW)) { $row->video = JRequest::getVar('embedVideo', '', 'post', 'string', JREQUEST_ALLOWRAW); } } } else { $current =& JTable::getInstance('K2Item', 'Table'); $current->load($row->id); preg_match_all("#^{(.*?)}(.*?){#", $current->video, $matches, PREG_PATTERN_ORDER); $videotype = $matches[1][0]; $videofile = $matches[2][0]; if (in_array($videotype, $videoExtensions)) { if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos' . DS . $videofile . '.' . $videotype)) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'videos' . DS . $videofile . '.' . $videotype); } } if (in_array($videotype, $audioExtensions)) { if (JFile::exists(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'audio' . DS . $videofile . '.' . $videotype)) { JFile::delete(JPATH_ROOT . DS . 'media' . DS . 'k2' . DS . 'audio' . DS . $videofile . '.' . $videotype); } } $row->video = ''; $row->video_caption = ''; $row->video_credits = ''; } //Tags if (@$user->gid < 24 && $params->get('lockTags')) { $params->set('taggingSystem', 0); } $db =& JFactory::getDBO(); $query = "DELETE FROM #__k2_tags_xref WHERE itemID={intval({$row->id})}"; $db->setQuery($query); $db->query(); if ($params->get('taggingSystem')) { if (@$user->gid < 24 && $params->get('lockTags')) { JError::raiseError(403, JText::_('K2_ALERTNOTAUTH')); } $tags = JRequest::getVar('tags', NULL, 'POST', 'array'); if (count($tags)) { $tags = array_unique($tags); foreach ($tags as $tag) { $tag = str_replace('-', '', $tag); $query = "SELECT id FROM #__k2_tags WHERE name=" . $db->Quote($tag); $db->setQuery($query); $tagID = $db->loadResult(); if ($tagID) { $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval({$tagID})}, {intval({$row->id})})"; $db->setQuery($query); $db->query(); } else { $K2Tag =& JTable::getInstance('K2Tag', 'Table'); $K2Tag->name = $tag; $K2Tag->published = 1; $K2Tag->check(); $K2Tag->store(); $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval({$K2Tag->id})}, {intval({$row->id})})"; $db->setQuery($query); $db->query(); } } } } else { $tags = JRequest::getVar('selectedTags', NULL, 'POST', 'array'); if (count($tags)) { foreach ($tags as $tagID) { $query = "INSERT INTO #__k2_tags_xref (`id`, `tagID`, `itemID`) VALUES (NULL, {intval({$tagID})}, {intval({$row->id})})"; $db->setQuery($query); $db->query(); } } } if ($front) { if (!K2HelperPermissions::canPublishItem($row->catid) && $row->published) { $row->published = 0; $mainframe->enqueueMessage(JText::_('K2_YOU_DONT_HAVE_THE_PERMISSION_TO_PUBLISH_ITEMS'), 'notice'); } } if (!$row->store()) { $this->setError($row->getError()); return false; } $cache =& JFactory::getCache('com_k2'); $cache->clean(); $dispatcher->trigger('onAfterK2Save', array(&$row, $isNew)); return $row; }
public static function canAddComment($itemCategory) { $K2Permissions = K2Permissions::getInstance(); return in_array('comment.category.all', $K2Permissions->actions) || in_array('comment.category.' . $itemCategory, $K2Permissions->actions); }