/**
* Displays the "Content Access Denied View
*
* @param UserTable $user
* @param CBplug_cbpaidsubscriptions $baseClass
* @return string
*/
public function display( & $user, /** @noinspection PhpUnusedParameterInspection */ &$baseClass ) {
global $_CB_framework;
if ( ! is_callable( array( 'cbpaidBot', 'getInstance' ) ) ) {
return CBPTXT::T("CBSubs CbpaidSubsBot is not installed, enabled and running or CBSubs Content integration plugin is not up to date. Please ask site administrator to do so.");
}
$cbpaidBot = cbpaidBot::getInstance();
$userId = $_CB_framework->myId();
$accesstype = cbGetParam( $_GET, 'accesstype' );
$accessvalue = cbGetParam( $_GET, 'accessvalue' );
$accessurl = cbGetParam( $_GET, 'accessurl' );
switch ( $accesstype ) {
case 'components':
$option = $accessvalue;
$accessPlans = $cbpaidBot->checkAccess( $userId, $option, 'cpaycontent_components', null, true );
if ( is_array( $accessPlans ) ) {
$result = array( 'can', CBPTXT::T("component") ); // CBPTXT::T("You can access to this component with following plans: "); // . implode( ', ', $accessPlans );
$access = false;
} elseif ( $accessPlans === true ) {
$result = array( 'have', CBPTXT::T("component") ); // CBPTXT::T("You have access now to this component !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("component"), $accessPlans ); // 'Unknown component access result: ' . var_export( $accessPlans, true );
$access = false;
}
break;
case 'menus':
$itemid = (int) $accessvalue;
$accessPlans = $cbpaidBot->checkAccess( $userId, $itemid, 'cpaycontent_menus' , null, true );
if ( is_array( $accessPlans ) ) {
$result = array( 'can', CBPTXT::T("menu") ); // CBPTXT::T("You can access to this menu with following plans: "); // . implode( ', ', $accessPlans );
$access = false;
} elseif ( $accessPlans === true ) {
$result = array( 'have', CBPTXT::T("menu") ); // CBPTXT::T("You have access now to this menu !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("menu"), $accessPlans ); // 'Unknown menu access result: ' . var_export( $accessPlans, true );
$access = false;
}
break;
case 'urls':
$getPostArray = $this->_decodeArrayUrl( $accessurl );
$postsMissingInGetToFindPlans = array();
$accessPlans = $cbpaidBot->checkAccessUrl( $userId, $getPostArray, $getPostArray, $postsMissingInGetToFindPlans, 'cpaycontent_urls', true );
if ( is_array( $accessPlans ) ) {
$result = array( 'can', CBPTXT::T("location") ); // CBPTXT::T("You can access to this location with following plans: "); // . implode( ', ', $accessPlans );
$access = false;
} elseif ( $accessPlans === true ) {
$result = array( 'have', CBPTXT::T("location") ); // CBPTXT::T("You have access now to this location !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("location"), $accessPlans ); // 'Unknown location access result: ' . var_export( $accessPlans, true );
$access = false;
}
break;
case 'sections': // section list:
$sectionId = (int) $accessvalue;
$accessPlans = $cbpaidBot->checkAccess( $userId, $sectionId, 'cpaycontent_sections', 'cpaycontent_sections_list', true );
if ( is_array( $accessPlans ) ) {
$result = array( 'can', CBPTXT::T("content section") ); // CBPTXT::T("You can access to this content section with following plans: "); // . implode( ', ', $accessPlans );
$access = false;
} elseif ( $accessPlans === true ) {
$result = array( 'have', CBPTXT::T("content section") ); // CBPTXT::T("You have access now to this content section !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("content section"), $accessPlans ); // 'Unknown content section access result: ' . var_export( $accessPlans, true );
$access = false;
}
break;
case 'categories':
$categoryId = (int) $accessvalue;
$accessPlans = $cbpaidBot->checkAccess( $userId, $categoryId, 'cpaycontent_categories', 'cpaycontent_categories_list', true );
$sectionId = $cbpaidBot->getSectionOfCategory( $categoryId );
if ( $sectionId ) {
$accessPlansSection = $cbpaidBot->checkAccess( $userId, $sectionId, 'cpaycontent_sections', 'cpaycontent_sections_list', true );
} else {
$accessPlansSection = array();
}
if ( is_array( $accessPlans ) ) {
if ( is_array( $accessPlansSection ) ) {
$result = array( 'can', CBPTXT::T("content category") . ' ' . CBPTXT::T("or"). ' ' . CBPTXT::T("content section in which this content category is located") ); // CBPTXT::T("You can access to this content category with following plans: ") // . implode( ', ', $accessPlans )
//. CBPTXT::T("You can access to the whole content section enclosing this content category with following plans: "); // . implode( ', ', $accessPlansSection );
$access = false;
} elseif ( $accessPlansSection === null ) {
$result = array( 'can', CBPTXT::T("content category") ); // CBPTXT::T("You can access to this content category with following plans: "); // . implode( ', ', $accessPlans );
$access = false;
} elseif ( $accessPlansSection === true ) {
$result = array( 'have', CBPTXT::T("content section in which this content category is located") ); // CBPTXT::T("You have access now to the whole content section in which this content category is located !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("content section"), $accessPlansSection ); // 'Unknown content section access result: ' . var_export( $accessPlans, true );
$access = false;
}
} elseif ( $accessPlans === null ) {
if ( is_array( $accessPlansSection ) ) {
$result = array( 'can', CBPTXT::T("content section in which this content category is located") ); //CBPTXT::T("You can access to the whole content section enclosing this content category with following plans: "); // . implode( ', ', $accessPlansSection );
$access = false;
} elseif ( $accessPlansSection === null ) {
$result = CBPTXT::T("These content categories are not under category or section access control");
$access = true;
} elseif ( $accessPlansSection === true ) {
$result = array( 'have', CBPTXT::T("content section in which this content category is located") ); //CBPTXT::T("You have access now to the whole content section in which this content category is located !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("content section"), $accessPlansSection ); // 'Unknown content section access result: ' . var_export( $accessPlans, true );
$access = false;
}
} elseif ( $accessPlans === true ) {
$result = array( 'have', CBPTXT::T("content category") ); // CBPTXT::T("You have access now to this content categories !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("content category"), $accessPlans ); // 'Unknown content categories access result: ' . var_export( $accessPlans, true );
$access = false;
}
break;
case 'contentdisplay':
$contentId = (int) $accessvalue;
global $_CB_database;
$row = null;
$sql = 'SELECT * FROM #__content WHERE id = ' . (int) $contentId;
$_CB_database->setQuery( $sql );
$contentExists = $_CB_database->loadObject( $row );
if ( $contentExists ) {
/** @var StdClass $row */
$_cbACL =& cbpaidBotAclApi::getInstance();
$accessPlans = $_cbACL->_cb_checkMultiAcl_Ok_or_Plans( $_CB_framework->myId(), $row->id, isset( $row->catid ) ? $row->catid : null, isset( $row->sectionid ) ? $row->sectionid : null, -1 );
if ( is_array( $accessPlans ) ) {
$accessPlansWrite = $_cbACL->_cb_checkMultiAcl( $_CB_framework->myId(), $row->id, isset( $row->catid ) ? $row->catid : null, isset( $row->sectionid ) ? $row->sectionid : null, count( $_cbACL->cbContentAclRights ) -1 );
if ( $accessPlansWrite === true ) {
$result = CBPTXT::T("You have access to this content item");
$access = true;
} elseif ( is_array( $accessPlansWrite ) && ( count( $accessPlansWrite ) > 0 ) ) {
$result = array( 'can', CBPTXT::T("content item") ); // CBPTXT::T("You can access to this article with following plans: ") // . implode( ', ', $accessPlans )
//. CBPTXT::T("You can access with write access to this article with following plans: "); // . implode( ', ', $accessPlansWrite );
$access = false;
} else {
$result = array( 'can', CBPTXT::T("content item") ); // CBPTXT::T("You can access to this article with following plans: "); // . implode( ', ', $accessPlans );
$access = false;
}
} elseif ( $accessPlans === true ) {
$result = array( 'have', CBPTXT::T("content item") ); // CBPTXT::T("You have access now to this article !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("content item"), $accessPlans ); // 'Unknown access result: ' . var_export( $accessPlans, true );
$access = false;
}
} else {
$result = CBPTXT::T("This content item does not exist");
$access = true;
$accessPlans = array();
}
break;
default:
// Hacking or PCI-DSS intrusion trial:
$result = CBPTXT::T("This redirection URL is invalid.");
$access = true;
$accessPlans = array();
break;
}
if ( $access ) {
if ( is_array( $result ) ) {
switch ( $result[0] ) {
case 'have':
$return = sprintf( CBPTXT::Th("You have now access to this %s"), $result[1] );
//TBD later in a safe way (FS#259): or with $_SESSION
// $realUrl = base64_decode( $accessurl );
// $return .= '<a href="' . $_CB_framework->getCfg( 'live_site' ) . '/index.php?' . htmlspecialchars( $realUrl ) . '">Click here to access</a>';
break;
default:
$return = "Unknown access allowed result: " . var_export( $result, true );
break;
}
} else {
$return = $result;
}
} else {
if ( is_array( $result ) ) {
switch ( $result[0] ) {
case 'can':
if ( count( $accessPlans ) > 0 ) {
$params =& cbpaidApp::settingsParams();
$subTxt = CBPTXT::T( $params->get( 'subscription_name', 'subscription' ) );
$result = sprintf( CBPTXT::Th("You can access this %s with following %s plans:"), $result[1], $subTxt );
// CB login return-to after login URL:
if ( $accessurl ) {
global $cbSpecialReturnAfterLogin;
$url = base64_decode( $accessurl );
if ( ! preg_match( '#https?://#i', $url ) ) {
$cbSpecialReturnAfterLogin = '******' . $url;
}
}
// We need to also display child plans of the $accessPlans as some might be needed (mandatory):
$plans = cbpaidSubscriptionsMgr::getInstance()->getUpgradablePlansWithChildrensForPlans( $accessPlans, $user );
$return = cbpaidControllerOffer::displaySpecificPlans( $plans, null, $user, $result );
} else {
$return = sprintf( CBPTXT::Th("You can not access this %s") . '.', $result[1] );
}
break;
case 'unknown':
$return = sprintf( CBPTXT::Th("Unknown %s access result: %s") . '.', $result[1], var_export( $result[2], true ) );
break;
default:
$return = "Unknown access allowed result" . ': ' . var_export( $result, true );
break;
}
} else {
$return = $result;
}
}
return $return;
}
/**
* Trigger for onBeforeDisplayContent
* @param object $row
* @param JRegistry $articleParams
* @param int $page
* @return void
*/
function cbpaidsubsbot_onBeforeDisplayContent( &$row, &$articleParams, /** @noinspection PhpUnusedParameterInspection */ $page ) {
global $_CB_framework;
$cbpaidBot = cbpaidBot::getInstance();
if ( $cbpaidBot->paidsubsManager === null ) {
return;
}
cbpaidErrorHandler::on();
if ( isset( $row->id ) ) {
$myId = $_CB_framework->myId();
$_cbACL =& cbpaidBotAclApi::getInstance();
$access = $_cbACL->_cb_checkMultiAcl( $myId, $row->id, isset( $row->catid ) ? $row->catid : null, isset( $row->sectionid ) ? $row->sectionid : null, -1 );
if ( $access === false ) {
if ( $_cbACL->_cb_checkMultiAcl( $myId, $row->id, isset( $row->catid ) ? $row->catid : null, isset( $row->sectionid ) ? $row->sectionid : null, count( $_cbACL->cbContentAclRights ) -1 ) !== true ) {
// allow usage of <!-- !CBPAIDaccessCheck --> to NOT control the item
if( ! ( isset( $row->text ) && strstr( $row->text, " !CBPAIDaccessCheck " ) ) ) {
$params =& cbpaidApp::settingsParams();
// allow access to someone who is unrestricted:
if ( ! $cbpaidBot->hasAccessAnyway( $myId ) ) {
// var_dump($row);
// show/hides the intro text
// if ( $params->get( 'introtext' ) ) {
// $row->text = $row->introtext. ( $params->get( 'intro_only' ) ? '' : chr(13) . chr(13) . $row->fulltext);
// } else {
// $row->text = $row->fulltext;
// }
$redirectVars = array( 'accesstype' => 'contentdisplay', 'accessvalue' => (int) $row->id );
$redirectVars['accessurl'] = cbpaidsubsbot_encodeArrayUrl( $_GET );
$redirectUrl = 'index.php?option=com_comprofiler&task=pluginclass&plugin=cbpaidsubscriptions&do=accessdenied' . getCBprofileItemid( false); // &Itemid= ???
foreach ( $redirectVars as $k => $v ) {
$redirectUrl .= '&' . urlencode( $k ) . '=' . urlencode( $v );
}
// translate message:
cbpaidApp::loadLang();
$subTxt = CBPTXT::T( $params->get( 'subscription_name', 'subscription' ) );
$allowAccessToIntro = $params->get( 'integration_cpaycontent_allowIntro', '1' );
// If access to intro is NO (0), or DEPENDS (2) but there is no main full text, then we do not allow to see anything:
$disallowAccessToAnyText = ( $allowAccessToIntro == 0 ) || ( ( $allowAccessToIntro == 2 ) && ! ( isset( $row->readmore ) ? $row->readmore != 0 : trim( strip_tags( $row->fulltext ) ) != '' ) );
if ( $disallowAccessToAnyText ) {
$messageTxt = '<span class="cbpaidContentAccessDenied">' . sprintf( CBPTXT::Th( 'To read this article, a %s is needed: Click here to subscribe' ), $subTxt ) . '</span>';
} else {
$messageTxt = '<span class="cbpaidContentAccessDenied">' . sprintf( CBPTXT::Th( 'To read more, a %s is needed: Click here to subscribe' ), $subTxt ) . '</span>';
}
if ( ( ($cbpaidBot->option == 'com_content' || $cbpaidBot->option == 'content') && ( ( $cbpaidBot->task == 'view' ) || ( $cbpaidBot->task == '' ) ) && ( $cbpaidBot->view != 'frontpage' ) && ( $cbpaidBot->view != 'featured' ) ) ) {
// article view:
if ( $disallowAccessToAnyText ) {
// option=com_content&task=view
cbRedirect( cbSef( $redirectUrl, false ), sprintf( CBPTXT::T("Access to this content is not allowed without %s"), $subTxt ) );
return;
}
// 1.5: needed for title links:
$row->readmore_link = cbSef( $redirectUrl );
if ( ( $cbpaidBot->cbCmsVersion == 1 ) && ( in_array( $cbpaidBot->view, array( 'frontpage', 'section', 'category' ) ) ) ) {
// 1.5: (section and category are for layout=blog (section blog), but as section layout just displays categories, it is ok to not check for that)
$row->readmore_register = false;
$articleParams->set( 'readmore', $messageTxt );
} else {
$row->text = $row->introtext;
if ( trim( strip_tags( $row->fulltext ) ) ) {
$row->text .= '<a href="' . cbSef( $redirectUrl ) . '">' . $messageTxt . '</a>';
}
}
} else {
// $row->text = $row->text . $message;
// 1.0:
$row->link_text = $messageTxt;
$row->link_on = cbSef( $redirectUrl );
$articleParams->set( 'intro_only', 1 );
if ( $cbpaidBot->cbCmsVersion == 1 ) {
$articleParams->set( 'readmore', $messageTxt );
} else {
$articleParams->set( 'readmore', 1 );
}
// 1.5: needed for title links:
$row->readmore_link = cbSef( $redirectUrl );
if ( $disallowAccessToAnyText ) {
$row->introtext = '';
$row->text = '';
$row->readmore = 1;
}
if ( class_exists( 'JDatabaseQuery' ) ) {
// 1.6:
$row->alternative_readmore = '</a>' . '<a class="cbregPayToViewRedirectLink" href="' . cbSef( $redirectUrl ) . '">' . $messageTxt . ' '; // Space is for case of article title in readmore link following. Ideally should be ': ' in that case only.
}
}
}
}
}
}
// run cbsubs plan substitutions after access readmore access checks
if ( isset( $row->title ) ) {
$row->title = preg_replace_callback( '/\{cbsubs:plan:(\d+):(.*?)\}/s', array( $cbpaidBot, 'replacePlanSubstitutions' ), $row->title );
}
if ( isset( $row->introtext ) ) {
$row->introtext = preg_replace_callback( '/\{cbsubs:plan:(\d+):(.*?)\}/s', array( $cbpaidBot, 'replacePlanSubstitutions' ), $row->introtext );
}
if ( isset( $row->fulltext ) ) {
$row->fulltext = preg_replace_callback( '/\{cbsubs:plan:(\d+):(.*?)\}/s', array( $cbpaidBot, 'replacePlanSubstitutions' ), $row->fulltext );
}
if ( isset( $row->text ) ) {
$row->text = preg_replace_callback( '/\{cbsubs:plan:(\d+):(.*?)\}/s', array( $cbpaidBot, 'replacePlanSubstitutions' ), $row->text );
}
}
cbpaidErrorHandler::off();
}
