/** * Process event registration * * @return void */ public function processTask() { // Get some needed info $offset = $this->offset; $year = $this->year; $month = $this->month; $day = $this->day; $option = $this->_option; // Incoming $id = Request::getInt('id', 0, 'post'); // Ensure we have an ID if (!$id) { App::redirect(Route::url('index.php?option=' . $this->_option)); return; } // Load event $event = new Event($this->database); $event->load($id); $this->event = $event; // Ensure we have an event if (!$event->title) { App::redirect(Route::url('index.php?option=' . $this->_option)); return; } $auth = true; if ($this->config->getCfg('adminlevel')) { $auth = $this->_authorize(); } $bits = explode('-', $event->publish_up); $eyear = $bits[0]; $emonth = $bits[1]; $edbits = explode(' ', $bits[2]); $eday = $edbits[0]; $page = new Page($this->database); $page->alias = $this->_task; // Get the pages for this workshop $pages = $page->loadPages($event->id); // Set the page title Document::setTitle(Lang::txt(strtoupper($this->_name)) . ': ' . Lang::txt('EVENTS_REGISTER') . ': ' . stripslashes($event->title)); // Set the pathway if (Pathway::count() <= 0) { Pathway::append(Lang::txt(strtoupper($this->_name)), 'index.php?option=' . $this->_option); } Pathway::append($eyear, 'index.php?option=' . $this->_option . '&year=' . $eyear); Pathway::append($emonth, 'index.php?option=' . $this->_option . '&year=' . $eyear . '&month=' . $emonth); Pathway::append($eday, 'index.php?option=' . $this->_option . '&year=' . $eyear . '&month=' . $emonth . '&day=' . $eday); Pathway::append(stripslashes($event->title), 'index.php?option=' . $this->_option . '&task=details&id=' . $event->id); Pathway::append(Lang::txt('EVENTS_REGISTER'), 'index.php?option=' . $this->_option . '&task=details&id=' . $event->id . '&page=register'); // Incoming $register = Request::getVar('register', NULL, 'post'); $arrival = Request::getVar('arrival', NULL, 'post'); $departure = Request::getVar('departure', NULL, 'post'); $dietary = Request::getVar('dietary', NULL, 'post'); $bos = Request::getVar('bos', NULL, 'post'); $dinner = Request::getVar('dinner', NULL, 'post'); $disability = Request::getVar('disability', NULL, 'post'); $race = Request::getVar('race', NULL, 'post'); if ($register) { $register = array_map('trim', $register); $register = array_map(array('\\Hubzero\\Utility\\Sanitize', 'stripAll'), $register); $validemail = $this->_validEmail($register['email']); } if ($arrival) { $arrival = array_map('trim', $arrival); $arrival = array_map(array('\\Hubzero\\Utility\\Sanitize', 'stripAll'), $arrival); } if ($departure) { $departure = array_map('trim', $departure); $departure = array_map(array('\\Hubzero\\Utility\\Sanitize', 'stripAll'), $departure); } if ($dietary) { $dietary = array_map('trim', $dietary); $dietary = array_map(array('\\Hubzero\\Utility\\Sanitize', 'stripAll'), $dietary); } // check to make sure this is the only time registering if (Respondent::checkUniqueEmailForEvent($register['email'], $event->id) > 0) { $this->setError(Lang::txt('EVENTS_EVENT_REGISTRATION_PREVIOUS')); $validemail = 0; } if ($register['firstname'] && $register['lastname'] && $validemail == 1) { $email = $event->email; $subject = Lang::txt('EVENTS_EVENT_REGISTRATION') . ': ' . $event->title; $hub = array('email' => $register['email'], 'name' => Config::get('sitename') . ' ' . Lang::txt('EVENTS_EVENT_REGISTRATION')); $eview = new \Hubzero\Component\View(array('name' => 'register', 'layout' => 'email')); $eview->option = $this->_option; $eview->sitename = Config::get('sitename'); $eview->register = $register; $eview->race = $race; $eview->dietary = $dietary; $eview->disability = $disability; $eview->arrival = $arrival; $eview->departure = $departure; $eview->dinner = $dinner; $eview->bos = $bos; $message = $eview->loadTemplate(); $message = str_replace("\n", "\r\n", $message); // check to see if event manager email is configured if ($email != "" || $email != NULL || !isset($email)) { // one for the event manager $this->_sendEmail($hub, $email, $subject, $message); } // one for the attendee $this->_sendEmail($hub, $register['email'], $subject, $message); $this->_log($register); $this->view->setLayout('thanks'); } else { $this->view->setLayout('default'); } $this->view->setName('register'); $this->view->state = 'open'; $this->view->option = $this->_option; $this->view->title = Lang::txt(strtoupper($this->_name)) . ': ' . Lang::txt('EVENTS_REGISTER'); $this->view->task = $this->_task; $this->view->year = $year; $this->view->month = $month; $this->view->day = $day; $this->view->offset = $offset; $this->view->event = $event; $this->view->authorized = $auth; $this->view->page = $page; $this->view->pages = $pages; $this->view->register = $register; $this->view->arrival = $arrival; $this->view->departure = $departure; if ($this->getError()) { $this->view->setError($this->getError()); } $this->view->display(); }
/** * Save an event * * @return void */ public function saveTask() { // Check if they are logged in if (User::isGuest()) { $this->loginTask(); return; } // good ol' form validation Request::checkToken(); Request::checkHoneypot() or die('Invalid Field Data Detected. Please try again.'); $offset = $this->offset; // Incoming $start_time = Request::getVar('start_time', '08:00', 'post'); $start_time = $start_time ? $start_time : '08:00'; $start_pm = Request::getInt('start_pm', 0, 'post'); $end_time = Request::getVar('end_time', '17:00', 'post'); $end_time = $end_time ? $end_time : '17:00'; $end_pm = Request::getInt('end_pm', 0, 'post'); $time_zone = Request::getVar('time_zone', -5, 'post'); $tags = Request::getVar('tags', '', 'post'); // Bind the posted data to an event object $row = new Event($this->database); if (!$row->bind($_POST)) { throw new Exception($row->getError(), 500); } // New entry or existing? if ($row->id) { $state = 'edit'; // Existing - update modified info $row->modified = strftime("%Y-%m-%d %H:%M:%S", time() + $offset * 60 * 60); if (User::get('id')) { $row->modified_by = User::get('id'); } } else { $state = 'add'; // New - set created info $row->created = strftime("%Y-%m-%d %H:%M:%S", time() + $offset * 60 * 60); if (User::get('id')) { $row->created_by = User::get('id'); } } // Set some fields and do some cleanup work if ($row->catid) { $row->catid = intval($row->catid); } //$row->title = htmlentities($row->title); $row->content = $_POST['econtent']; $row->content = \Hubzero\Utility\Sanitize::clean($row->content); // Get the custom fields defined in the events configuration if (isset($_POST['fields'])) { $fields = $_POST['fields']; $fields = array_map('trim', $fields); // Wrap up the content of the field and attach it to the event content $fs = $this->config->fields; foreach ($fields as $param => $value) { if (trim($value) != '') { $row->content .= '<ef:' . $param . '>' . $this->_clean($value) . '</ef:' . $param . '>'; } else { foreach ($fs as $f) { if ($f[0] == $param && end($f) == 1) { throw new Exception(Lang::txt('EVENTS_REQUIRED_FIELD_CHECK', $f[1]), 500); } } } } } // Clean adresse $row->adresse_info = $this->_clean($row->adresse_info); // Clean contact $row->contact_info = $this->_clean($row->contact_info); // Clean extra $row->extra_info = $this->_clean($row->extra_info); // Prepend http:// to URLs without it if ($row->extra_info != NULL) { if (substr($row->extra_info, 0, 7) != 'http://' && substr($row->extra_info, 0, 8) != 'https://') { $row->extra_info = 'http://' . $row->extra_info; } } // Reformat the time into 24hr format if necessary if ($this->config->getCfg('calUseStdTime') == 'YES') { list($hrs, $mins) = explode(':', $start_time); $hrs = intval($hrs); $mins = intval($mins); if ($hrs != 12 && $start_pm) { $hrs += 12; } else { if ($hrs == 12 && !$start_pm) { $hrs = 0; } } if ($hrs < 10) { $hrs = '0' . $hrs; } if ($mins < 10) { $mins = '0' . $mins; } $start_time = $hrs . ':' . $mins; list($hrs, $mins) = explode(':', $end_time); $hrs = intval($hrs); $mins = intval($mins); if ($hrs != 12 && $end_pm) { $hrs += 12; } else { if ($hrs == 12 && !$end_pm) { $hrs = 0; } } if ($hrs < 10) { $hrs = '0' . $hrs; } if ($mins < 10) { $mins = '0' . $mins; } $end_time = $hrs . ':' . $mins; } // hack to fix where timezones cant be found by offset int // really need to figure datetimes out switch ($row->time_zone) { case -12: $tz = 'Pacific/Kwajalein'; break; case -9.5: $tz = 'Pacific/Marquesa'; break; case -3.5: $tz = 'Canada/Newfoundland'; break; case -2: $tz = 'America/Noronha'; break; case 3.5: $tz = 'Asia/Tehran'; break; case 4.5: $tz = 'Asia/Kabul'; break; case 6: $tz = 'Asia/Dhaka'; break; case 6.5: $tz = 'Asia/Rangoon'; break; case 8.75: $tz = 'Asia/Shanghai'; break; case 9.5: $tz = 'Australia/Adelaide'; break; case 11: $tz = 'Asia/Vladivostok'; break; case 11.5: $tz = 'Asia/Vladivostok'; break; case 13: $tz = 'Pacific/Tongatapu'; break; case 14: $tz = 'Pacific/Kiritimati'; break; default: $tz = timezone_name_from_abbr('', $row->time_zone * 3600, NULL); } // create publish up date time string $rpup = $row->publish_up; $publishtime = date('Y-m-d 00:00:00'); if ($row->publish_up) { $publishtime = $row->publish_up . ' ' . $start_time . ':00'; $row->publish_up = \Date::of($publishtime)->toSql(); } // create publish down date/time string $publishtime = date('Y-m-d 00:00:00'); if ($row->publish_down) { $publishtime = $row->publish_down . ' ' . $end_time . ':00'; $row->publish_down = \Date::of($publishtime)->toSql(); } // Always unpublish if no Publisher otherwise publish automatically if ($this->config->getCfg('adminlevel')) { $row->state = 0; } else { $row->state = 1; } $row->state = 1; // Verify that the event doesn't start after it ends or ends before it starts. $pubdow = strtotime($row->publish_down); $pubup = strtotime($row->publish_up); if ($pubdow <= $pubup) { // Set the error message $this->setError(Lang::txt('EVENTS_EVENT_MUST_END_AFTER_START')); // Fall through to the edit view $this->editTask($row); return; } //set the scope to be regular events $row->scope = 'event'; if (!$row->check()) { // Set the error message $this->setError($row->getError()); $this->tags = $tags; // Fall through to the edit view $this->editTask($row); return; } if (!$row->store()) { // Set the error message $this->setError($row->getError()); $this->tags = $tags; // Fall through to the edit view $this->editTask($row); return; } $row->checkin(); // Save the tags $rt = new Tags($row->id); $rt->setTags($tags, User::get('id')); // Build the message to be e-mailed if ($state == 'add') { $subject = '[' . Config::get('sitename') . ' ' . Lang::txt('EVENTS_CAL_LANG_CAL_TITLE') . '] - ' . Lang::txt('EVENTS_CAL_LANG_MAIL_ADDED'); $eview = new View(array('name' => 'emails', 'layout' => 'created')); } else { $subject = '[' . Config::get('sitename') . ' ' . Lang::txt('EVENTS_CAL_LANG_CAL_TITLE') . '] - ' . Lang::txt('EVENTS_CAL_LANG_MAIL_ADDED'); $eview = new View(array('name' => 'emails', 'layout' => 'edited')); } $eview->option = $this->_option; $eview->sitename = Config::get('sitename'); $eview->user = User::getInstance(); $eview->row = $row; $message = $eview->loadTemplate(); $message = str_replace("\n", "\r\n", $message); // Send the e-mail $this->_sendMail(Config::get('sitename'), Config::get('mailfrom'), $subject, $message); // Redirect to the details page for the event we just created App::redirect(Route::url('index.php?option=' . $this->_option . '&task=details&id=' . $row->id)); }
/** * Upload a file to the wiki via AJAX * * @return string */ public function ajaxUploadTask() { // Check if they're logged in /*if (User::isGuest()) { echo json_encode(array('error' => Lang::txt('Must be logged in.'))); return; }*/ // Ensure we have an ID to work with $ticket = Request::getInt('ticket', 0); $comment = Request::getInt('comment', 0); if (!$ticket) { echo json_encode(array('error' => Lang::txt('COM_SUPPORT_NO_ID'), 'ticket' => $ticket)); return; } //max upload size $sizeLimit = $this->config->get('maxAllowed', 40000000); // get the file if (isset($_GET['qqfile']) && isset($_SERVER["CONTENT_LENGTH"])) { $stream = true; $file = $_GET['qqfile']; $size = (int) $_SERVER["CONTENT_LENGTH"]; } elseif (isset($_FILES['qqfile']) && isset($_FILES['qqfile']['size'])) { $stream = false; $file = $_FILES['qqfile']['name']; $size = (int) $_FILES['qqfile']['size']; } else { echo json_encode(array('error' => Lang::txt('File not found'))); return; } //define upload directory and make sure its writable $path = PATH_APP . DS . trim($this->config->get('webpath', '/site/tickets'), DS) . DS . $ticket; if (!is_dir($path)) { if (!Filesystem::makeDirectory($path)) { echo json_encode(array('error' => Lang::txt('Error uploading. Unable to create path.'))); return; } } if (!is_writable($path)) { echo json_encode(array('error' => Lang::txt('Server error. Upload directory isn\'t writable.'))); return; } //check to make sure we have a file and its not too big if ($size == 0) { echo json_encode(array('error' => Lang::txt('File is empty'))); return; } if ($size > $sizeLimit) { $max = preg_replace('/<abbr \\w+=\\"\\w+\\">(\\w{1,3})<\\/abbr>/', '$1', Number::formatBytes($sizeLimit)); echo json_encode(array('error' => Lang::txt('File is too large. Max file upload size is %s', $max))); return; } // don't overwrite previous files that were uploaded $pathinfo = pathinfo($file); $filename = $pathinfo['filename']; // Make the filename safe $filename = urldecode($filename); $filename = Filesystem::clean($filename); $filename = str_replace(' ', '_', $filename); $ext = $pathinfo['extension']; while (file_exists($path . DS . $filename . '.' . $ext)) { $filename .= rand(10, 99); } //make sure that file is acceptable type if (!in_array(strtolower($ext), explode(',', $this->config->get('file_ext')))) { echo json_encode(array('error' => Lang::txt('COM_SUPPORT_ERROR_INCORRECT_FILE_TYPE'))); return; } $file = $path . DS . $filename . '.' . $ext; if ($stream) { //read the php input stream to upload file $input = fopen("php://input", "r"); $temp = tmpfile(); $realSize = stream_copy_to_stream($input, $temp); fclose($input); //move from temp location to target location which is user folder $target = fopen($file, "w"); fseek($temp, 0, SEEK_SET); stream_copy_to_stream($temp, $target); fclose($target); } else { move_uploaded_file($_FILES['qqfile']['tmp_name'], $file); } if (!\Filesystem::isSafe($file)) { if (\Filesystem::delete($file)) { echo json_encode(array('success' => false, 'error' => Lang::txt('ATTACHMENT: File rejected because the anti-virus scan failed.'))); return; } } // Create database entry $asset = new Attachment(); $asset->bind(array('id' => 0, 'ticket' => $ticket, 'comment_id' => $comment, 'filename' => $filename . '.' . $ext, 'description' => Request::getVar('description', ''))); if (!$asset->store(true)) { echo json_encode(array('success' => false, 'error' => $asset->getError())); return; } $view = new View(array('name' => 'media', 'layout' => '_asset')); $view->option = $this->_option; $view->controller = $this->_controller; $view->asset = $asset; $view->no_html = 1; //echo result echo json_encode(array('success' => true, 'file' => $filename . '.' . $ext, 'directory' => str_replace(PATH_APP, '', $path), 'ticket' => $ticket, 'comment_id' => $comment, 'html' => str_replace('>', '>', $view->loadTemplate()))); }
/** * Job posting * * @return void */ public function jobTask() { // Incoming $code = Request::getVar('code', ''); $code = !$code && $this->_jobCode ? $this->_jobCode : $code; $obj = new Job($this->database); $job = $obj->get_opening(0, User::get('id'), $this->_masterAdmin, $code); // Push some styles to the template $this->css(); // Push some scripts to the template $this->js(); if (!$job) { $this->setError(Lang::txt('COM_JOBS_ERROR_JOB_INACTIVE')); // Set the pathway if (Pathway::count() <= 0) { Pathway::append(Lang::txt(strtoupper($this->_name)), 'index.php?option=' . $this->_option); } // Output HTML $view = new View(array('name' => 'error')); $view->title = Lang::txt(strtoupper($this->_name)); if ($this->getError()) { $view->setError($this->getError()); } $view->display(); return; } if (User::get('id') == $job->employerid && !$this->_emp && !$this->_masterAdmin) { // check validity of subscription App::redirect(Route::url('index.php?option=com_jobs&task=dashboard'), Lang::txt('COM_JOBS_WARNING_SUBSCRIPTION_INVALID'), 'warning'); return; } // Set the pathway $this->_jobid = $job->id; $this->_jobtitle = $job->title; $this->_buildPathway(); if (User::isGuest() && $job->status != 1) { // Not authorized $error = Lang::txt('COM_JOBS_ERROR_NOT_AUTHORIZED_JOB_VIEW'); $error .= User::isGuest() ? ' ' . Lang::txt('COM_JOBS_WARNING_LOGIN_REQUIRED') : ''; $this->setError($error); // Output HTML $view = new View(array('name' => 'error')); $view->title = Lang::txt(strtoupper($this->_name)); if ($this->getError()) { $view->setError($this->getError()); } $view->display(); return; } if ($job->status != 1 && !$this->_admin && (!$this->_emp && User::get('id') != $job->employerid)) { // Not authorized App::abort(403, Lang::txt('COM_JOBS_ERROR_NOT_AUTHORIZED_JOB_VIEW')); } // Set page title $this->_subtitle = $job->status == 4 ? Lang::txt('COM_JOBS_ACTION_PREVIEW_AD') . ' ' . $job->code : $job->title; $this->_buildTitle(); // Get category & type names $jt = new JobType($this->database); $jc = new JobCategory($this->database); $job->type = $jt->getType($job->type); $job->cat = $jc->getCat($job->cid); // Get applications $ja = new JobApplication($this->database); $job->applications = ($this->_admin or $this->_emp && User::get('id') == $job->employerid) ? $ja->getApplications($job->id) : array(); // Get profile info of applicants $job->withdrawnlist = array(); if (count($job->applications) > 0) { $js = new JobSeeker($this->database); foreach ($job->applications as $ap) { $seeker = $js->getSeeker($ap->uid, $job->employerid); $ap->seeker = (!$seeker or count($seeker) == 0) ? NULL : $seeker[0]; if ($ap->status == 2) { $job->withdrawnlist[] = $ap; } } } // Output HTML $this->view->title = $this->_title; $this->view->config = $this->config; $this->view->emp = $this->_emp; $this->view->job = $job; $this->view->admin = $this->_admin; $this->view->task = $this->_task; $this->view->option = $this->_option; // Set any errors if ($this->getError()) { \Notify::error($this->getError()); } $this->view->setName('job')->setLayout('default')->display(); }
/** * Render a tag cloud * * @param string $rtrn Format to render * @param array $filters Filters to apply * @param boolean $clear Clear cached data? * @return string */ public function render($rtrn = 'html', $filters = array(), $clear = false) { switch (strtolower($rtrn)) { case 'string': if (!isset($this->_cache['tags.string']) || $clear) { $tags = array(); foreach ($this->tags('list', $filters, $clear) as $tag) { $tags[] = $tag->get('raw_tag'); } $this->_cache['tags.string'] = implode(', ', $tags); } return $this->_cache['tags.string']; break; case 'array': $tags = array(); foreach ($this->tags('list', $filters, $clear) as $tag) { $tags[] = $tag->get('tag'); } return $tags; break; case 'cloud': case 'html': default: if (!isset($this->_cache['tags.cloud']) || $clear) { $view = new View(array('base_path' => PATH_CORE . '/components/com_tags/site', 'name' => 'tags', 'layout' => '_cloud')); $view->set('config', $this->_config)->set('tags', $this->tags('list', $filters, $clear)); $this->_cache['tags.cloud'] = $view->loadTemplate(); } return $this->_cache['tags.cloud']; break; } }
/** * Upload a file to the wiki via AJAX * * @return string */ public function ajaxUploadTask() { // Check if they're logged in if (User::isGuest()) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_LOGIN_REQUIRED'))); return; } // Ensure we have an ID to work with $listdir = strtolower(Request::getVar('dir', '')); if (!$listdir) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_NO_ID'))); return; } if (substr($listdir, 0, 3) == 'tmp') { $item = new Item($listdir); if (!$item->exists()) { $item->set('state', 0); $item->set('access', 0); $item->set('title', $listdir); if (!$item->store()) { echo json_encode(array('error' => $item->getError())); return; } } $listdir = $item->get('id'); } //max upload size $sizeLimit = $this->config->get('maxAllowed', 40000000); // get the file if (isset($_GET['qqfile'])) { $stream = true; $file = $_GET['qqfile']; $size = (int) $_SERVER["CONTENT_LENGTH"]; } elseif (isset($_FILES['qqfile'])) { $stream = false; $file = $_FILES['qqfile']['name']; $size = (int) $_FILES['qqfile']['size']; } else { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_FILE_NOT_FOUND'))); return; } $asset = new Asset(); //define upload directory and make sure its writable $path = $asset->filespace() . DS . $listdir; if (!is_dir($path)) { if (!Filesystem::makeDirectory($path)) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_UNABLE_TO_CREATE_UPLOAD_DIR'))); return; } } if (!is_writable($path)) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_UPLOAD_DIR_NOT_WRITABLE'))); return; } //check to make sure we have a file and its not too big if ($size == 0) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_EMPTY_FILE'))); return; } if ($size > $sizeLimit) { $max = preg_replace('/<abbr \\w+=\\"\\w+\\">(\\w{1,3})<\\/abbr>/', '$1', Number::formatBytes($sizeLimit)); echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_FILE_TOO_LARGE', $max))); return; } // don't overwrite previous files that were uploaded $pathinfo = pathinfo($file); $filename = $pathinfo['filename']; // Make the filename safe $filename = urldecode($filename); $filename = Filesystem::clean($filename); $filename = str_replace(' ', '_', $filename); $ext = $pathinfo['extension']; while (file_exists($path . DS . $filename . '.' . $ext)) { $filename .= rand(10, 99); } $file = $path . DS . $filename . '.' . $ext; if ($stream) { //read the php input stream to upload file $input = fopen("php://input", "r"); $temp = tmpfile(); $realSize = stream_copy_to_stream($input, $temp); fclose($input); //move from temp location to target location which is user folder $target = fopen($file, "w"); fseek($temp, 0, SEEK_SET); stream_copy_to_stream($temp, $target); fclose($target); } else { move_uploaded_file($_FILES['qqfile']['tmp_name'], $file); } // Create database entry $asset->set('item_id', intval($listdir)); $asset->set('filename', $filename . '.' . $ext); if ($asset->image()) { $hi = new \Hubzero\Image\Processor($file); if (count($hi->getErrors()) == 0) { $hi->autoRotate(); $hi->save(); } } $asset->set('description', Request::getVar('description', '', 'post')); $asset->set('state', 1); $asset->set('type', 'file'); if (!$asset->store()) { echo json_encode(array('error' => $asset->getError())); return; } $view = new View(array('name' => 'media', 'layout' => '_asset')); $view->i = Request::getInt('i', 0); $view->option = $this->_option; $view->controller = $this->_controller; $view->asset = $asset; $view->no_html = 1; //echo result echo json_encode(array('success' => true, 'file' => $filename . '.' . $ext, 'directory' => str_replace(PATH_APP, '', $path), 'id' => $listdir, 'html' => str_replace('>', '>', $view->loadTemplate()))); }