function saveTab( $option ) {
global $_CB_database, $_CB_framework, $_POST;
$this->_importNeeded();
$this->_importNeededSave();
if ( isset( $_POST['params'] ) ) {
$_POST['params'] = cbParamsEditorController::getRawParamsMagicgpcEscaped( $_POST['params'] );
} else {
$_POST['params'] = '';
}
if ( ! isset( $_POST['tabid'] ) || ( count( $_POST ) == 0 ) ) {
echo "<script type=\"text/javascript\"> alert('" . addslashes( CBTxt::T('Missing post values') ) . "'); window.history.go(-2); </script>\n";
exit();
}
if ( $_POST['tabid'] ) {
$oldrow = new moscomprofilerTabs( $_CB_database );
if ( $oldrow->load( (int) $_POST['tabid'] )
&& ( ! in_array( $oldrow->useraccessgroupid, getChildGIDS( userGID( $_CB_framework->myId() ) ) ) ) ) {
echo "<script type=\"text/javascript\"> alert('" . addslashes( CBTxt::T('Unauthorized Access') ) . "'); window.history.go(-1);</script>\n";
exit;
}
}
$row = new moscomprofilerTabs( $_CB_database );
if (!$row->bind( $_POST )) {
echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-1); </script>\n";
exit();
}
if ( ! $row->ordering_register ) {
$row->ordering_register = 10;
}
$row->description = cleanEditorsTranslationJunk( trim( $row->description ) );
if (!$row->check()) {
echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-2); </script>\n";
exit();
}
$row->tabid = (int) cbGetParam( $_POST, 'tabid', 0 );
if ( ! $row->store() ) {
echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-2); </script>\n";
exit();
}
$row->checkin();
cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=showTab" ), CBTxt::T('Successfully Saved Tab') . ": ". $row->title );
}
/**
* Loads parameters editor (backend use only!)
*
* @param FieldTable $field
* @return cbParamsEditorController|null NULL if not existant
*/
private function &_loadParamsEditor($field)
{
global $_PLUGINS;
if ($this->_loadXML($field)) {
$plugin = $_PLUGINS->getPluginObject($field->pluginid);
$params = new cbParamsEditorController($field->params, $this->_xml, $this->_xml, $plugin);
$params->setNamespaceRegistry('field', $field);
$pluginParams = new Registry($plugin->params);
$params->setPluginParams($pluginParams);
} else {
$params = null;
}
return $params;
}
/**
* Converts the parameters received as POST array into the |*| and CBparams formats
* @param array $params MODIFIED BY THIS CALL: POST array
*/
function fixMultiSelects( &$params ) {
if ( is_array( $params ) ) {
foreach ( $params as $k => $v ) {
if ( is_array( $v ) ) {
if ( isset( $v[0] ) ) {
$params[$k] = implode( "|*|", $v );
} else {
$params[$k] = cbParamsEditorController::getRawParamsMagicgpcEscaped( $v );
}
}
}
}
}
/**
* Converts returned parameters into raw format of parameters without escaping
*
* @param array $post_Params
* @return string for the param column of the field
*/
function getRawParamsRaw(&$post_Params)
{
return stripslashes(cbParamsEditorController::getRawParamsUnescaped($post_Params, true));
}
/**
* A more extensive bind method for fields ( //TBD: should got to the moscomprofilerFields class).
*
* @param moscomprofilerFields $row
* @param int $fid
* @return boolean
*/
function _prov_bind_CB_field(&$row, $fid)
{
global $_PLUGINS, $_POST;
if (isset($_POST['cb_default'])) {
$_POST['default'] = $_POST['cb_default'];
// go around WysywigPro3 bug
unset($_POST['cb_default']);
}
$bindSuccess = $row->bind($_POST);
if ($bindSuccess) {
// auto-fix description translation in case the editor adds <p> around it:
$row->description = cleanEditorsTranslationJunk(trim($row->description));
$pluginid = $_PLUGINS->getUserFieldPluginId($row->type);
if ($pluginid != 1) {
$row->pluginid = $pluginid;
// not core plugin for now as we don't allow changing field types
}
if (!isset($_POST['params'])) {
$_POST['params'] = null;
}
if ($fid && $row->pluginid) {
// handles field-specific parameters:
$fieldHandler = new cbFieldHandler();
$row->params = $fieldHandler->getRawParamsRaw($row, $_POST['params']);
} else {
// if not a plugin-specific field, handle parameters in standard way:
$row->params = stripslashes(cbParamsEditorController::getRawParamsUnescaped($_POST['params'], true));
}
}
return $bindSuccess;
}
function edittab(&$row, $option, &$lists, $tabid, &$paramsEditorHtml)
{
global $_CB_framework, $task, $_CB_database, $_PLUGINS;
_CBsecureAboveForm('edittab');
outputCbTemplate(2);
outputCbJs(2);
initToolTip(2);
$_CB_framework->outputCbJQuery('');
global $_CB_Backend_Title;
$_CB_Backend_Title = array(0 => array('cbicon-48-tabs', CBTxt::T('Community Builder Tab') . ": <small>" . ($row->tabid ? CBTxt::T('Edit') . ' [ ' . htmlspecialchars(getLangDefinition($row->title)) . ' ]' : CBTxt::T('New')) . '</small>'));
if ($row->tabid && !$row->enabled) {
echo '<div class="cbWarning">' . CBTxt::T('Tab is not published') . '</div>' . "\n";
}
$editorSave_description = $_CB_framework->saveCmsEditorJS('description');
ob_start();
?>
function submitbutton(pressbutton) {
var form = document.adminForm;
if (pressbutton == 'showTab') {
<?php
echo $editorSave_description;
?>
cbsubmitform( pressbutton );
return;
}
var r = new RegExp("[^0-9A-Za-z]", "i");
// do field validation
if (jQuery.trim(form.title.value) == "") {
alert('<?php
echo addslashes(CBTxt::T('You must provide a title.'));
?>
');
} else {
<?php
echo $editorSave_description;
?>
cbsubmitform( pressbutton );
}
}
<?php
$js = ob_get_contents();
ob_end_clean();
$_CB_framework->document->addHeadScriptDeclaration($js);
?>
<div id="overDiv" style="position:absolute; visibility:hidden; z-index:10000;"></div>
<form action="<?php
echo $_CB_framework->backendUrl('index.php?option=com_comprofiler&task=saveTab');
?>
" method="POST" name="adminForm">
<table cellspacing="0" cellpadding="0" width="100%">
<tr valign="top">
<td width="60%" valign="top">
<table class="adminform">
<tr>
<th colspan="3">
<?php
echo CBTxt::T('Tab Details');
?>
</th>
</tr>
<tr>
<td width="20%"><?php
echo CBTxt::T('Title');
?>
:</td>
<td width="35%"><input type="text" name="title" class="inputbox" size="40" value="<?php
echo htmlspecialchars($row->title);
?>
" /></td>
<td width="45%"><?php
echo CBTxt::T('Title as will appear on tab.');
?>
</td>
</tr>
<tr>
<td colspan="3"><?php
echo CBTxt::T('Description: This description appears only on user edit, not on profile (For profile text, use delimiter fields)');
?>
:</td>
</tr>
<tr>
<td colspan="3" align="left"><?php
echo $_CB_framework->displayCmsEditor('description', $row->description, 600, 200, 50, 10);
// <textarea name="description" class="inputbox" cols="40" rows="10">< ?php echo htmlspecialchars( $row->description ); ? ></textarea>
?>
</td>
</tr>
<tr>
<td><?php
echo CBTxt::T('Publish');
?>
:</td>
<td><?php
echo $lists['enabled'];
?>
</td>
<td> </td>
</tr>
<tr>
<td><?php
echo CBTxt::T('Profile ordering');
?>
:</td>
<td><?php
echo $lists['ordering'];
?>
</td>
<td><?php
echo CBTxt::T('Tabs and fields on profile are ordered as follows:');
?>
<ol>
<li><?php
echo CBTxt::T('position of tab on user profile (top-down, left-right)');
?>
</li>
<li><?php
echo CBTxt::T('This ordering of tab on position of user profile');
?>
</li>
<li><?php
echo CBTxt::T('ordering of field within tab position of user profile.');
?>
</li></ol>
</td>
</tr>
<tr>
<td><?php
echo CBTxt::T('Registration ordering');
?>
<br /><?php
echo CBTxt::T('(default value: 10)');
?>
:</td>
<td><?php
echo $lists['ordering_register'];
?>
</td>
<td><?php
echo CBTxt::T('Tabs and fields on registration are ordered as follows:');
?>
<ol>
<li><?php
echo CBTxt::T('This registration ordering of tab');
?>
</li>
<li><?php
echo CBTxt::T('position of tab on user profile (top-down, left-right)');
?>
</li>
<li><?php
echo CBTxt::T('ordering of tab on position of user profile');
?>
</li>
<li><?php
echo CBTxt::T('ordering of field within tab position of user profile.');
?>
</li></ol>
</td>
</tr>
<tr>
<td><?php
echo CBTxt::T('Position');
?>
:</td>
<td><?php
echo $lists['position'];
?>
</td>
<td><?php
echo CBTxt::T('Position on profile and ordering on registration.');
?>
</td>
</tr>
<tr>
<td><?php
echo CBTxt::T('Display type');
?>
:</td>
<td><?php
echo $lists['displaytype'];
?>
</td>
<td><?php
echo CBTxt::T('In which way the content of this tab will be displayed on the profile.');
?>
</td>
</tr>
<tr>
<td><?php
echo CBTxt::Th('View Access Level');
?>
:</td>
<td><?php
echo $lists['viewaccesslevel'];
?>
</td>
<td><?php
echo CBTxt::Th('Only users which are in groups assigned to this View Access Level will see this tab.') . ($lists['useraccessgroup'] ? ' (' . CBTxt::Th('New method working in all Joomla and Mambo versions') . ')' : '');
?>
</td>
</tr>
<?php
if ($lists['useraccessgroup']) {
?>
<tr>
<td><?php
echo CBTxt::Th('User Group to allow access to') . (checkJversion() >= 2 ? '<br /><em>(' . CBTxt::Th("Old deprecated method of Joomla 1.5, do not use here") . '. ' . CBTxt::Th('Keep setting "-- Everybody --" and Use View Access Level above instead') . ')</em>' : '');
?>
:</td>
<td><?php
echo $lists['useraccessgroup'];
?>
</td>
<td><?php
echo CBTxt::Ph('Old Joomla [VERSION] method', array('[VERSION]' => '1.0 and 1.5 and Mambo')) . ': ' . CBTxt::Th('This method is kept for backwards compatibility but will be removed at next major Community Builder version.') . '<br />' . CBTxt::Th('Use View Access Level above instead and set this Group setting to - "Everybody" -.') . ' ' . CBTxt::Th('All groups above that level will also have access to this tab.');
?>
</td>
</tr>
<?php
}
?>
</table>
</td>
<td width="40%">
<table class="adminform">
<tr>
<th colspan="2">
<?php
echo CBTxt::T('Parameters');
?>
</th>
</tr>
<tr>
<td>
<?php
if ($row->tabid && $row->pluginid > 0) {
$plugin = new moscomprofilerPlugin($_CB_database);
$plugin->load((int) $row->pluginid);
// fail if checked out not by 'me'
if ($plugin->checked_out && $plugin->checked_out != $_CB_framework->myId()) {
echo "<script type=\"text/javascript\">alert('" . addslashes(sprintf(CBTxt::T('The plugin %s is currently being edited by another administrator'), $plugin->name)) . "'); document.location.href='" . $_CB_framework->backendUrl("index.php?option={$option}") . "'</script>\n";
exit(0);
}
// get params values
if ($plugin->type !== "language" && $plugin->id) {
$_PLUGINS->loadPluginGroup($plugin->type, array((int) $plugin->id), 0);
}
$element = $_PLUGINS->loadPluginXML('editTab', $row->pluginclass, $plugin->id);
/*
$xmlfile = $_CB_framework->getCfg('absolute_path') . '/components/com_comprofiler/plugin/' .$plugin->type . '/'.$plugin->folder . '/' . $plugin->element .'.xml';
// $params = new cbParameters( $row->params, $xmlfile );
cbimport('cb.xml.simplexml');
$xmlDoc = new CBSimpleXML();
if ( $xmlDoc->loadFile( $xmlfile ) ) {
$element =& $xmlDoc->document;
} else {
$element = null;
}
*/
$pluginParams = new cbParamsBase($plugin->params);
$params = new cbParamsEditorController($row->params, $element, $element, $plugin, $row->tabid);
$params->setPluginParams($pluginParams);
$options = array('option' => $option, 'task' => $task, 'pluginid' => $row->pluginid, 'tabid' => $row->tabid);
$params->setOptions($options);
echo $params->draw('params', 'tabs', 'tab', 'class', $row->pluginclass);
} else {
echo '<em>' . CBTxt::T('No Parameters') . '</em>';
}
if ($paramsEditorHtml) {
foreach ($paramsEditorHtml as $paramsEditorHtmlBlock) {
?>
<table class="adminform" cellspacing="0" cellpadding="0" width="100%">
<tr>
<th colspan="2">
<?php
echo $paramsEditorHtmlBlock['title'];
?>
</th>
</tr>
<tr>
<td>
<?php
echo $paramsEditorHtmlBlock['content'];
?>
</td>
</tr>
</table>
<?php
}
}
?>
</td>
</tr>
</table>
</td>
</tr>
</table>
<input type="hidden" name="tabid" value="<?php
echo $row->tabid;
?>
" />
<input type="hidden" name="option" value="<?php
echo $option;
?>
" />
<input type="hidden" name="task" value="" />
<?php
if (!$lists['useraccessgroup']) {
?>
<input type="hidden" name="useraccessgroupid" value="-2" />
<?php
}
echo cbGetSpoofInputTag('tab');
?>
</form>
<?php
}
function editList($fid = '0', $option = 'com_comprofiler', $task = 'editList')
{
global $_CB_database, $_CB_framework, $ueConfig;
$canEditState = CBuser::getMyInstance()->authoriseAction('core.edit.state');
$row = new moscomprofilerLists($_CB_database);
if ($fid) {
// load the row from the db table
$row->load((int) $fid);
// Check if user is a super user:
if (!$_CB_framework->acl->amIaSuperAdmin()) {
// Check if user belongs to useraccessgroupid:
if (!in_array($row->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
// Check if user belongs to viewaccesslevel:
if (!in_array($row->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
}
} else {
$row->published = 1;
$row->default = 0;
$row->col1enabled = '1';
$row->viewaccesslevel = 1;
$row->useraccessgroupid = -2;
$row->ordering = 999;
}
$lists['published'] = moscomprofilerHTML::yesnoSelectList('published', 'class="inputbox" size="1"' . ($canEditState ? '' : ' disabled="disabled"'), $row->published);
$lists['default'] = moscomprofilerHTML::yesnoSelectList('default', 'class="inputbox" size="1"' . ($canEditState ? '' : ' disabled="disabled"'), $row->default);
$gtree2 = array();
if (!$_CB_framework->acl->amIaSuperAdmin() && in_array((int) $row->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
// This should always be the case:
// ensure user can't add group higher than themselves:
$gtree2 = array_merge($gtree2, $_CB_framework->acl->get_groups_below_me());
// vs $_CB_framework->acl->get_groups_below_me( null, true ) in tab lists
} else {
// Just in case we missed one, and as super-admin we should see everything:
$gtree2 = array_merge($gtree2, $_CB_framework->acl->get_group_children_tree(null, 'USERS', false));
}
if (!$fid) {
$row->usergroupids = implode(', ', $_CB_framework->acl->get_groups_below_me(null, true));
}
$usergids = explode(', ', $row->usergroupids);
$ugids = array();
foreach ($usergids as $usergid) {
$ugids[] = $usergid;
}
// build the html select list for the view level access (filtered by View Access Levels visible by the admin if not super user:
$accessTree = $_CB_framework->acl->get_access_children_tree(true, false, !$_CB_framework->acl->amIaSuperAdmin());
$lists['viewaccesslevel'] = moscomprofilerHTML::selectList($accessTree, 'viewaccesslevel', 'class="inputbox"' . ($canEditState ? '' : ' disabled="disabled"'), 'value', 'text', intval($row->viewaccesslevel), 2);
$lists['usergroups'] = moscomprofilerHTML::selectList($gtree2, 'usergroups', 'size="4" MULTIPLE onblur="loadUGIDs(this);" mosReq=1 mosLabel="' . htmlspecialchars(CBTxt::T('User Groups to Include in List')) . '"' . ($canEditState ? '' : ' disabled="disabled"'), 'value', 'text', $ugids, 1, false);
// We want to use View Access Levels in Joomla 1.6, and hide old method if unused:
if (isStillUsingGroupsForViewAccess($row->_tbl)) {
$gtree3 = array();
$gtree3[] = moscomprofilerHTML::makeOption(-2, '- ' . CBtxt::T('Everybody') . ' -');
$gtree3[] = moscomprofilerHTML::makeOption(-1, '- ' . CBtxt::T('All Registered Users') . ' -');
if (!$_CB_framework->acl->amIaSuperAdmin() && in_array((int) $row->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
// This should always be the case:
// ensure user can't add group higher than themselves:
$gtree3 = array_merge($gtree3, $_CB_framework->acl->get_groups_below_me());
// vs $_CB_framework->acl->get_groups_below_me( null, true ) in tab lists
} else {
// Just in case we missed one, and as super-admin we should see everything:
$gtree3 = array_merge($gtree3, $_CB_framework->acl->get_group_children_tree(null, 'USERS', false));
}
$lists['useraccessgroup'] = moscomprofilerHTML::selectList($gtree3, 'useraccessgroupid', 'size="4" mosReq=1 mosLabel="' . htmlspecialchars(CBTxt::T('User Group to allow access to')) . '"' . ($canEditState ? '' : ' disabled="disabled"'), 'value', 'text', $row->useraccessgroupid, 2, false, false);
} else {
$lists['useraccessgroup'] = null;
}
$_CB_database->setQuery("SELECT f.fieldid, f.title" . "\n FROM #__comprofiler_fields AS f" . "\n INNER JOIN #__comprofiler_plugin AS p ON (f.pluginid = p.id)" . "\n WHERE ( ( f.published = 1" . "\n AND f.profile > 0 ) OR ( f.name = 'username' ) " . (in_array($ueConfig['name_format'], array(1, 2, 4)) ? "OR ( f.name = 'name' ) " : '') . ")" . "\n AND p.published = 1" . "\n ORDER BY f.ordering");
$field = $_CB_database->loadObjectList();
$fields = array();
for ($i = 0, $n = count($field); $i < $n; $i++) {
$fieldvalue =& $field[$i];
$fields[$fieldvalue->fieldid] = $fieldvalue->title;
}
//print_r(array_values($fields));
// params:
$paramsEditorHtml = array();
$options = array('option' => $option, 'task' => $task, 'cid' => $row->listid);
// list-specific own parameters:
cbimport('cb.xml.simplexml');
$listXml = new CBSimpleXMLElement(file_get_contents($_CB_framework->getCfg('absolute_path') . '/administrator/components/com_comprofiler/xmlcb/cb.lists.xml'));
$null = null;
$params = new cbParamsEditorController($row->params, $listXml, $listXml, $null, null, 'cbxml', 'version', '1');
$params->setOptions($options);
$listParamsEditHtml = $params->draw(null, 'views', 'view', 'name', 'editlist');
$paramsEditorHtml[] = array('title' => CBTxt::T('List parameters'), 'content' => $listParamsEditHtml);
/*
// params:
$paramsEditorHtml = array();
$options = array( 'option' => $option, 'task' => $task, 'cid' => $row->fieldid );
// field-specific own parameters:
$fieldHandler = new cbFieldHandler();
$fieldOwnParamsEditHtml = $fieldHandler->drawParamsEditor( $row, $options );
if ( $fieldOwnParamsEditHtml ) {
$paramsEditorHtml[] = array( 'title' => CBTxt::T('Field-specific Parameters'), 'content' => $fieldOwnParamsEditHtml );
}
// additional non-specific other parameters:
$fieldsParamsPlugins = $_PLUGINS->getUserFieldParamsPluginIds();
foreach ($fieldsParamsPlugins as $pluginId => $fieldParamHandlerClassName ) {
$fieldParamHandler = new $fieldParamHandlerClassName( $pluginId, $row ); // cbFieldParamsHandler();
$addParamsHtml = $fieldParamHandler->drawParamsEditor( $options );
if ( $addParamsHtml ) {
$addParamsTitle = $fieldParamHandler->getFieldsParamsLabel();
$paramsEditorHtml[] = array( 'title' => $addParamsTitle, 'content' => $addParamsHtml );
}
}
*/
HTML_comprofiler::editList($row, $lists, $fields, $option, $fid, $paramsEditorHtml);
}
/**
* Loads parameters editor (backend use only!)
*
* @return cbParamsEditorController|null null if not existant
*/
protected function _loadParamsEditor()
{
global $_PLUGINS;
if (!$this->_loadFieldParamsXML()) {
$params = null;
return $params;
}
$plugin = $_PLUGINS->getPluginObject($this->_pluginid);
$params = new cbParamsEditorController($this->_field->params, $this->_xml, $this->_xml, $plugin);
if ($this instanceof cbTabParamsHandler) {
$params->setNamespaceRegistry('tab', $this->_field);
} elseif ($this instanceof cbFieldParamsHandler) {
$params->setNamespaceRegistry('field', $this->_field);
}
$pluginParams = new Registry($plugin->params);
$params->setPluginParams($pluginParams);
return $params;
}
/**
* Compiles information to add or edit a plugin
* @param string The current GET/POST option
* @param integer The unique id of the record to edit
*/
function editPlugin( $option, $task, $uid) {
global $_CB_database, $_CB_framework, $_PLUGINS, $_POST;
$this->_importNeeded();
$action = cbGetParam( $_REQUEST, 'action', null );
if ( ! $uid ) {
$uid = cbGetParam( $_POST, 'id' );
}
$row = new moscomprofilerPlugin($_CB_database);
if ( $uid ) {
// load the row from the db table
$row->load( (int) $uid );
}
// fail if checked out not by 'me'
if ($row->checked_out && $row->checked_out <> $_CB_framework->myId() ) {
echo "<script type=\"text/javascript\">alert('" . addslashes( sprintf(CBTxt::T('The plugin %s is currently being edited by another administrator'), $row->name) ) . "'); document.location.href='" . $_CB_framework->backendUrl( "index.php?option=$option" ) . "'</script>\n";
exit(0);
}
// get params values
if ( $row->type !== "language" && $row->id ) {
$_PLUGINS->loadPluginGroup($row->type,array( (int) $row->id), 0);
}
// xml file for plugin
$element = null;
if ($uid) {
$element =& $_PLUGINS->loadPluginXML( 'action', $action, $row->id );
}
if ( $element && ( $action === null ) ) {
$adminActionsModel =& $element->getChildByNameAttr( 'actions', 'ui', 'admin' );
if ( $adminActionsModel ) {
$defaultAction =& $adminActionsModel->getChildByNameAttr( 'action', 'name', 'default' );
$actionRequest = $defaultAction->attributes( 'request' );
$actionAction = $defaultAction->attributes( 'action' );
if ( ( $actionRequest === '' ) && ( $actionRequest === '' ) ) {
$action = $actionAction;
}
}
}
if ( $element ) {
$description =& $element->getChildByNameAttributes( 'description' );
} else {
$description = null;
}
if ( $description ) {
$row->description = $description->data();
} else {
$row->description = '-';
}
if ( $action === null ) {
$params = new cbParamsEditorController( $row->params, $element, $element, $row );
$options = array( 'option' => $option, 'task' => $task, 'pluginid' => $uid, 'tabid' => null );
$params->setOptions( $options );
$this->editPluginSettingsParams( $row, $option, $task, $uid, $element, $params, $options );
} else {
$params = new cbParamsBase( $row->params );
$this->editPluginView( $row, $option, $task, $uid, $action, $element, 'editPlugin', $params );
}
}
function editList( $fid='0', $option='com_comprofiler', $task = 'editList') {
global $_CB_database, $_CB_framework, $ueConfig;
$row = new moscomprofilerLists( $_CB_database );
if ( $fid ) {
// load the row from the db table
$row->load( (int) $fid );
} else {
$row->col1enabled = '1';
}
$lists['published'] = moscomprofilerHTML::yesnoSelectList( 'published', 'class="inputbox" size="1"', $row->published );
$lists['default'] = moscomprofilerHTML::yesnoSelectList( 'default', 'class="inputbox" size="1"', $row->default );
/*
if ( checkJversion() <= 0 ) {
$my_groups = $_CB_framework->acl->get_object_groups( 'users', $_CB_framework->myId(), 'ARO' );
} else {
$aro_id = $_CB_framework->acl->get_object_id( 'users', $_CB_framework->myId(), 'ARO' );
$my_groups = $_CB_framework->acl->get_object_groups( $aro_id, 'ARO' );
}
*/
$gtree2 = array();
$gtree2 = array_merge( $gtree2, $_CB_framework->acl->get_group_children_tree( null, 'USERS', false ));
$usergids = explode( ', ', $row->usergroupids );
$ugids = array();
foreach($usergids as $usergid) {
$ugids[] = $usergid;
}
$lists['usergroups'] = moscomprofilerHTML::selectList( $gtree2, 'usergroups', 'size="4" MULTIPLE onblur="loadUGIDs(this);" mosReq=1 mosLabel="' . htmlspecialchars( CBTxt::T('User Groups') ) . '"', 'value', 'text', $ugids, 1, false );
$gtree3 = array();
$gtree3[] = moscomprofilerHTML::makeOption( -2 , '- ' . CBtxt::T('Everybody') . ' -' );
$gtree3[] = moscomprofilerHTML::makeOption( -1 , '- ' . CBtxt::T('All Registered Users') . ' -' );
$gtree3 = array_merge( $gtree3, $_CB_framework->acl->get_group_children_tree( null, 'USERS', false ));
$lists['useraccessgroup'] = moscomprofilerHTML::selectList( $gtree3, 'useraccessgroupid', 'size="4"', 'value', 'text', $row->useraccessgroupid, 2, false, false );
$_CB_database->setQuery( "SELECT f.fieldid, f.title"
. "\n FROM #__comprofiler_fields AS f"
. "\n INNER JOIN #__comprofiler_plugin AS p ON (f.pluginid = p.id)"
. "\n WHERE ( ( f.published = 1"
. "\n AND f.profile > 0 ) OR ( f.name = 'username' ) " . ( in_array( $ueConfig['name_format'], array( 1, 2, 4 ) ) ? "OR ( f.name = 'name' ) " : '' ) . ")"
. "\n AND p.published = 1"
. "\n ORDER BY f.ordering"
);
$field = $_CB_database->loadObjectList();
$fields = array();
for ( $i = 0, $n = count( $field ) ; $i < $n ; $i++ ) {
$fieldvalue =& $field[$i];
$fields[$fieldvalue->title] = $fieldvalue->fieldid;
}
//print_r(array_values($fields));
// params:
$paramsEditorHtml = array();
$options = array( 'option' => $option, 'task' => $task, 'cid' => $row->listid );
// list-specific own parameters:
cbimport( 'cb.xml.simplexml' );
$listXml = new CBSimpleXMLElement( file_get_contents( $_CB_framework->getCfg( 'absolute_path' ) . '/administrator/components/com_comprofiler/xmlcb/cb.lists.xml' ) );
$null = null;
$params = new cbParamsEditorController( $row->params, $listXml, $listXml, $null, null, 'cbxml', 'version', '1' );
$params->setOptions( $options );
$listParamsEditHtml = $params->draw( null, 'views', 'view', 'name', 'editlist' );
$paramsEditorHtml[] = array( 'title' => CBTxt::T('List parameters'), 'content' => $listParamsEditHtml );
/*
// params:
$paramsEditorHtml = array();
$options = array( 'option' => $option, 'task' => $task, 'cid' => $row->fieldid );
// field-specific own parameters:
$fieldHandler = new cbFieldHandler();
$fieldOwnParamsEditHtml = $fieldHandler->drawParamsEditor( $row, $options );
if ( $fieldOwnParamsEditHtml ) {
$paramsEditorHtml[] = array( 'title' => CBTxt::T('Field-specific Parameters'), 'content' => $fieldOwnParamsEditHtml );
}
// additional non-specific other parameters:
$fieldsParamsPlugins = $_PLUGINS->getUserFieldParamsPluginIds();
foreach ($fieldsParamsPlugins as $pluginId => $fieldParamHandlerClassName ) {
$fieldParamHandler = new $fieldParamHandlerClassName( $pluginId, $row ); // cbFieldParamsHandler();
$addParamsHtml = $fieldParamHandler->drawParamsEditor( $options );
if ( $addParamsHtml ) {
$addParamsTitle = $fieldParamHandler->getFieldsParamsLabel();
$paramsEditorHtml[] = array( 'title' => $addParamsTitle, 'content' => $addParamsHtml );
}
}
*/
HTML_comprofiler::editList( $row, $lists,$fields, $option, $fid, $paramsEditorHtml );
}
function saveTab($option)
{
global $_CB_database, $_CB_framework, $_POST;
$this->_importNeeded();
$this->_importNeededSave();
if (isset($_POST['params'])) {
$_POST['params'] = cbParamsEditorController::getRawParamsMagicgpcEscaped($_POST['params']);
} else {
$_POST['params'] = '';
}
if (!isset($_POST['tabid']) || count($_POST) == 0) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Missing post values')) . "'); window.history.go(-2); </script>\n";
exit;
}
$oldrow = new moscomprofilerTabs($_CB_database);
if (isset($_POST['tabid']) && $_POST['tabid']) {
$oldrow->load((int) $_POST['tabid']);
// Check if user is a super user:
if (!$_CB_framework->acl->amIaSuperAdmin()) {
// Check if user belongs to useraccessgroupid:
if (!in_array($oldrow->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
// Check if user belongs to viewaccesslevel:
if (!in_array($oldrow->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
}
}
$row = new moscomprofilerTabs($_CB_database);
if (!$row->bind($_POST)) {
echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
// Set defaults if nothing is found
// Also check if oldrow value to use its current value or default otherwise
// This prevents a tab from storing to database with null values when some inputs are set disabled:
if ($row->useraccessgroupid == '') {
$row->useraccessgroupid = $oldrow->useraccessgroupid != '' ? $oldrow->useraccessgroupid : -2;
}
if ($row->viewaccesslevel == '') {
$row->viewaccesslevel = $oldrow->viewaccesslevel != '' ? $oldrow->viewaccesslevel : 1;
}
if ($row->ordering == '') {
$row->ordering = $oldrow->ordering != '' ? $oldrow->ordering : 999;
}
if ($row->ordering_register == '') {
$row->ordering_register = $oldrow->ordering_register != '' ? $oldrow->ordering_register : 10;
}
if ($row->enabled == '') {
$row->enabled = $oldrow->enabled != '' ? $oldrow->enabled : 1;
}
$row->description = cleanEditorsTranslationJunk(trim($row->description));
if (!$row->check()) {
echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
exit;
}
$row->tabid = (int) cbGetParam($_POST, 'tabid', 0);
// Check if user is a super user:
if (!$_CB_framework->acl->amIaSuperAdmin()) {
$canEditState = CBuser::getMyInstance()->authoriseAction('core.edit.state');
// Check if user belongs to useraccessgroupid
if ($row->useraccessgroupid != '' && !in_array($row->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
// Check if user belongs to viewaccesslevel
if ($row->viewaccesslevel != '' && !in_array($row->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
// Check if user can edit status (and if not, that status are as expected):
if (!$canEditState) {
$failed = false;
// Check if row exists and if useraccessgroupid is different from existing row
// Check if row doesn't exist and if useraccessgroupid is different from default
if ($oldrow->tabid && ($row->useraccessgroupid != '' && $oldrow->useraccessgroupid != $row->useraccessgroupid) || !$oldrow->tabid && ($row->useraccessgroupid != '' && $row->useraccessgroupid != -2)) {
$failed = true;
}
// Check if row exists and if viewaccesslevel is different from existing row
// Check if row doesn't exist and if viewaccesslevel is different from default
// Check if user can edit status:
if ($oldrow->tabid && ($row->viewaccesslevel != '' && $oldrow->viewaccesslevel != $row->viewaccesslevel) || !$oldrow->tabid && ($row->viewaccesslevel != '' && $row->viewaccesslevel != 1)) {
$failed = true;
}
// Check if row exists and if ordering is different from existing row
// Check if row doesn't exist and if ordering is different from default
// Check if user can edit status:
if ($oldrow->tabid && ($row->ordering != '' && $oldrow->ordering != $row->ordering) || !$oldrow->tabid && ($row->ordering != '' && $row->ordering != 999)) {
$failed = true;
}
// Check if row exists and if ordering_register is different from existing row
// Check if row doesn't exist and if ordering_register is different from default
// Check if user can edit status:
if ($oldrow->tabid && ($row->ordering_register != '' && $oldrow->ordering_register != $row->ordering_register) || !$oldrow->tabid && ($row->ordering_register != '' && $row->ordering_register != 10)) {
$failed = true;
}
// Check if row exists and if publish is different from existing row
// Check if row doesn't exist and if publish is different from default
// Check if user can edit status:
if ($oldrow->tabid && ($row->enabled != '' && $oldrow->enabled != $row->enabled) || !$oldrow->tabid && ($row->enabled != '' && $row->enabled != 1)) {
$failed = true;
}
if ($failed) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
}
}
if (!$row->store()) {
echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
exit;
}
$row->checkin();
cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=showTab"), CBTxt::T('Successfully Saved Tab') . ": " . $row->title);
}
