function warnAdmin() { global $adminEmail, $mambelfishWarnedAdmin; $privateWarning = false; if (!$mambelfishWarnedAdmin) { $bt = debug_backtrace(); if (count($bt) >= 2) { $subject = "Deprecated use of Mambelfish Translation"; $content = "Deprecated use of Mambelfish. Request URL : " . $_SERVER['REQUEST_URI'] . "\n\n"; $content .= "Please contact the author of this component/module/mambot with the details in this message.\n\n"; $content .= "In the meantime the following function reference can be commented out and translation should not be affected.\n"; $content .= "File : " . basename(dirname($bt[1]["file"])) . "\\" . basename($bt[1]["file"]) . "\n"; $content .= "Line : " . $bt[1]["line"] . "\n"; $content .= "Function : " . $bt[1]["function"] . "\n\n"; if ($privateWarning) { global $my; $db =& JFactory::getDBO(); require_once mosMainFrame::getBasePath() . '/components/com_messages/messages.class.php'; $query = "SELECT id" . "\n FROM #__users" . "\n WHERE sendEmail = 1"; $db->setQuery($query); $users = $db->loadResultArray(false); foreach ($users as $user_id) { $msg = new mosMessage($db); // send message from admin $msg->send($user_id, $user_id, $subject, $content); } } else { $content = str_replace("\n", "<br/>", $content); echo "{$content}"; } } } $mambelfishWarnedAdmin = true; }
function saveMessage($option) { global $database, $mainframe, $my; $row = new mosMessage($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } if (!$row->send()) { mosRedirect("index2.php?option=com_messages&mosmsg=" . $row->getError()); } mosRedirect("index2.php?option=com_messages"); }
function saveMessage($option) { global $database, $mainframe, $my, $mosConfig_absolute_path; global $mosConfig_mailfrom, $mosConfig_fromname; require_once $mosConfig_absolute_path . "/includes/mambofunc.php"; $row = new mosMessage($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } require_once mamboCore::get('mosConfig_absolute_path') . '/includes/phpInputFilter/class.inputfilter.php'; $iFilter = new InputFilter(null, null, 1, 1); $row->subject = trim($iFilter->process($row->subject)); $row->message = trim($iFilter->process($row->message)); if (!$row->send()) { mosRedirect("index2.php?option=com_messages&mosmsg=" . $row->getError()); } $msg = $row->subject . ' - ' . $row->message; $sql = "SELECT a.id, a.name, a.email" . "\nFROM #__users AS a" . "\nWHERE a.sendEmail = '1'" . "\nAND a.id = '" . $row->user_id_to . "'"; $database->setQuery($sql); $rows = $database->loadObjectList(); if ($rows) { foreach ($rows as $row) { $recipient = $row->email; $subject = "New private message from " . $row->name; mosMail($mosConfig_mailfrom, $mosConfig_fromname, $recipient, $subject, $msg); } } mosRedirect("index2.php?option=com_messages"); }
/** * Saves the content item an edit form submit */ function saveContent(&$access) { global $database, $mainframe, $my; global $mosConfig_absolute_path; $row = new mosContent($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $isNew = $row->id < 1; if ($isNew) { // new record if (!($access->canEdit || $access->canEditOwn)) { mosNotAuth(); return; } $row->created = date('Y-m-d H:i:s'); $row->created_by = $my->id; } else { // existing record if (!($access->canEdit || $access->canEditOwn && $row->created_by == $my->id)) { mosNotAuth(); return; } $row->modified = date('Y-m-d H:i:s'); $row->modified_by = $my->id; } if (trim($row->publish_down) == 'Never') { $row->publish_down = '0000-00-00 00:00:00'; } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->version++; if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // manage frontpage items require_once $mainframe->getPath('class', 'com_frontpage'); $fp = new mosFrontPage($database); if (mosGetParam($_REQUEST, 'frontpage', 0)) { // toggles go to first place if (!$fp->load($row->id)) { // new entry $database->setQuery("INSERT INTO #__content_frontpage VALUES ('{$row->id}','1')"); if (!$database->query()) { echo "<script> alert('" . $database->stderr() . "');</script>\n"; exit; } $fp->ordering = 1; } } else { // no frontpage mask if (!$fp->delete($row->id)) { $msg .= $fp->stderr(); } $fp->ordering = 0; } $fp->updateOrder(); $row->checkin(); $row->updateOrder("catid='{$row->catid}'"); // gets section name of item $database->setQuery("SELECT s.title" . "\n FROM #__sections AS s" . "\n WHERE s.scope = 'content'" . "\n AND s.id = '" . $row->sectionid . "'"); // gets category name of item $section = $database->loadResult(); $database->setQuery("SELECT c.title" . "\n FROM #__categories AS c" . "\n WHERE c.id = '" . $row->catid . "'"); $category = $database->loadResult(); if ($isNew) { // messaging for new items require_once $mosConfig_absolute_path . '/components/com_messages/messages.class.php'; $database->setQuery("SELECT id FROM #__users WHERE sendEmail = '1'"); $users = $database->loadResultArray(); foreach ($users as $user_id) { $msg = new mosMessage($database); $msg->send($my->id, $user_id, "New Item", sprintf(_ON_NEW_CONTENT, $my->username, $row->title, $section, $category)); } } $Itemid = mosGetParam($_POST, 'Returnid', '0'); mosRedirect('index.php?option=com_content&task=view&id=' . $row->id . '&Itemid=' . $Itemid, $isNew ? _THANK_SUB : _E_ITEM_SAVED); }
/** * Saves the content item an edit form submit */ function saveContent(&$access, $task) { global $database, $mainframe, $my; global $mosConfig_absolute_path, $mosConfig_offset, $Itemid; // simple spoof check security josSpoofCheck(); $nullDate = $database->getNullDate(); $row = new mosContent($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // sanitise id field $row->id = (int) $row->id; $isNew = $row->id < 1; if ($isNew) { // new record if (!($access->canEdit || $access->canEditOwn)) { mosNotAuth(); return; } $row->created = date('Y-m-d H:i:s'); $row->created_by = $my->id; } else { // existing record if (!($access->canEdit || $access->canEditOwn && $row->created_by == $my->id)) { mosNotAuth(); return; } $row->modified = date('Y-m-d H:i:s'); $row->modified_by = $my->id; } if (strlen(trim($row->publish_up)) <= 10) { $row->publish_up .= ' 00:00:00'; } $row->publish_up = mosFormatDate($row->publish_up, _CURRENT_SERVER_TIME_FORMAT, -$mosConfig_offset); if (trim($row->publish_down) == 'Never' || trim($row->publish_down) == '') { $row->publish_down = $nullDate; } else { if (strlen(trim($row->publish_down)) <= 10) { $row->publish_down .= ' 00:00:00'; } $row->publish_down = mosFormatDate($row->publish_down, _CURRENT_SERVER_TIME_FORMAT, -$mosConfig_offset); } // code cleaner for xhtml transitional compliance $row->introtext = str_replace('<br>', '<br />', $row->introtext); $row->fulltext = str_replace('<br>', '<br />', $row->fulltext); // remove <br /> take being automatically added to empty fulltext $length = strlen($row->fulltext) < 9; $search = strstr($row->fulltext, '<br />'); if ($length && $search) { $row->fulltext = NULL; } $row->title = ampReplace($row->title); // Publishing state hardening for Authors if (!$access->canPublish) { if ($isNew) { // For new items - author is not allowed to publish - prevent them from doing so $row->state = 0; } else { // For existing items keep existing state - author is not allowed to change status $query = "SELECT state" . "\n FROM #__content" . "\n WHERE id = " . (int) $row->id; $database->setQuery($query); $state = $database->loadResult(); if ($state) { $row->state = 1; } else { $row->state = 0; } } } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->version++; if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // manage frontpage items require_once $mainframe->getPath('class', 'com_frontpage'); $fp = new mosFrontPage($database); if (intval(mosGetParam($_REQUEST, 'frontpage', 0))) { // toggles go to first place if (!$fp->load((int) $row->id)) { // new entry $query = "INSERT INTO #__content_frontpage" . "\n VALUES ( " . (int) $row->id . ", 1 )"; $database->setQuery($query); if (!$database->query()) { echo "<script> alert('" . $database->stderr() . "');</script>\n"; exit; } $fp->ordering = 1; } } else { // no frontpage mask if (!$fp->delete((int) $row->id)) { $msg .= $fp->stderr(); } $fp->ordering = 0; } $fp->updateOrder(); $row->checkin(); $row->updateOrder("catid = " . (int) $row->catid); // gets section name of item $query = "SELECT s.title" . "\n FROM #__sections AS s" . "\n WHERE s.scope = 'content'" . "\n AND s.id = " . (int) $row->sectionid; $database->setQuery($query); // gets category name of item $section = $database->loadResult(); $query = "SELECT c.title" . "\n FROM #__categories AS c" . "\n WHERE c.id = " . (int) $row->catid; $database->setQuery($query); $category = $database->loadResult(); $category = stripslashes($category); if ($isNew) { // messaging for new items require_once $mosConfig_absolute_path . '/components/com_messages/messages.class.php'; $query = "SELECT id" . "\n FROM #__users" . "\n WHERE sendEmail = 1"; $database->setQuery($query); $users = $database->loadResultArray(); foreach ($users as $user_id) { $msg = new mosMessage($database); $msg->send($my->id, $user_id, "New Item", sprintf(_ON_NEW_CONTENT, $my->username, $row->title, $section, $category)); } } $msg = $isNew ? _THANK_SUB : _E_ITEM_SAVED; $msg = $my->usertype == 'Publisher' ? _THANK_SUB_PUB : $msg; switch ($task) { case 'apply': $link = $_SERVER['HTTP_REFERER']; break; case 'apply_new': $Itemid = intval(mosGetParam($_POST, 'Returnid', $Itemid)); $link = 'index.php?option=com_content&task=edit&id=' . $row->id . '&Itemid=' . $Itemid; break; case 'save': default: $Itemid = mosGetParam($_POST, 'Returnid', ''); if ($Itemid) { if ($access->canEdit) { $link = 'index.php?option=com_content&task=view&id=' . $row->id . '&Itemid=' . $Itemid; } else { $link = 'index.php'; } } else { $link = strval(mosGetParam($_POST, 'referer', '')); } break; } mosRedirect($link, $msg); }
/** * Saves the record on an edit form submit * @param database A database connector object */ function saveWeblink($option) { global $database, $my, $mosConfig_absolute_path, $mosConfig_mailfrom; if ($my->gid < 1) { mosNotAuth(); return; } $row = new mosWeblink($database); if (!$row->bind($_POST, "approved published")) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // sanitize $row->id = intval($row->id); $isNew = $row->id < 1; $row->date = date("Y-m-d H:i:s"); $row->title = $database->getEscaped($row->title); $row->catid = $database->getEscaped($row->catid); if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->checkin(); // messaging for new items require_once $mosConfig_absolute_path . '/components/com_messages/messages.class.php'; $query = "SELECT id,email FROM #__users WHERE sendEmail = '1'"; $database->setQuery($query); $rows = $database->loadObjectList(); foreach ($rows as $user) { // admin message $msg = new mosMessage($database); $msg->send($my->id, $user->id, T_("New Item"), sprintf(T_('A new WebLink has been submitted by [ %s ] titled [ %s ] '), $my->username, $row->title)); // email message mosMail($mosConfig_mailfrom, $mosConfig_mailfrom, $user->email, "A new Web Link has been submitted", 'A new WebLink has been submitted by [' . $my->username . '] titled [' . $row->title . ']. Please login to view and approve it.'); } $msg = $isNew ? T_('Thanks for your submission; it will be reviewed before being posted to the site.') : ''; $Itemid = mosGetParam($_POST, 'Returnid', ''); mosRedirect('index.php?Itemid=' . $Itemid, $msg); }
/** * Saves the content item an edit form submit */ function saveContent(&$access) { global $database, $mainframe, $my; global $mosConfig_absolute_path; $row = new mosContent($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // sanitize $row->id = intval($row->id); $row->catid = intval($row->catid); $row->sectionid = intval($row->sectionid); $isNew = $row->id < 1; if ($isNew) { // new record if (!($access->canEdit || $access->canEditOwn)) { mosNotAuth(); return; } $row->created = date('Y-m-d H:i:s'); $row->created_by = $my->id; } else { // existing record if (!($access->canEdit || $access->canEditOwn && $row->created_by == $my->id)) { mosNotAuth(); return; } $row->modified = date('Y-m-d H:i:s'); $row->modified_by = $my->id; } if (trim($row->publish_down) == 'Never') { $row->publish_down = '0000-00-00 00:00:00'; } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->version++; if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // manage frontpage items require_once $mainframe->getPath('class', 'com_frontpage'); $fp = new mosFrontPage($database); if (mosGetParam($_REQUEST, 'frontpage', 0)) { // toggles go to first place if (!$fp->load($row->id)) { // new entry $database->setQuery("INSERT INTO #__content_frontpage VALUES ('{$row->id}','1')"); if (!$database->query()) { echo "<script> alert('" . $database->stderr() . "');</script>\n"; exit; } $fp->ordering = 1; } } else { // no frontpage mask if (!$fp->delete($row->id)) { $msg .= $fp->stderr(); } $fp->ordering = 0; } $fp->updateOrder(); $row->checkin(); $row->updateOrder("catid='{$row->catid}'"); // gets section name of item $database->setQuery("SELECT s.title" . "\n FROM #__sections AS s" . "\n WHERE s.scope = 'content'" . "\n AND s.id = '" . $row->sectionid . "'"); // gets category name of item $section = $database->loadResult(); $database->setQuery("SELECT c.title" . "\n FROM #__categories AS c" . "\n WHERE c.id = '" . $row->catid . "'"); $category = $database->loadResult(); if ($isNew) { // messaging for new items require_once $mosConfig_absolute_path . '/components/com_messages/messages.class.php'; $database->setQuery("SELECT id FROM #__users WHERE sendEmail = '1'"); $users = $database->loadResultArray(); if ($users) { foreach ($users as $user_id) { $msg = new mosMessage($database); $msg->send($my->id, $user_id, T_("New Item"), sprintf(T_('A new content item has been submitted by [ %s ] titled [ %s ] from section [ %s ] and category [ %s ]'), $my->username, $row->title, $section, $category)); } } } $Itemid = mosGetParam($_POST, 'Returnid', '0'); $msg = $isNew ? T_('Thanks for your submission; it will be reviewed before being posted to the site.') : T_('Item saved successfully.'); mosRedirect('index.php', $msg); }