/**
* Return a reference depending on this reference name
*
* @param int $args['ref'] Id of the reference that have to be returned
* @return array array of items, or false on failure
*/
public function getref($args) {
if (!isset($args['ref'])) {
return LogUtil::registerError(__('Error! Could not do what you wanted. Please check your input.'));
}
return DBUtil::selectObjectByID('IWwebbox', $args['ref'], 'ref', '', '');
}
/**
* get a specific item
*
* @param $args['pageid'] id of example item to get
*
* @return mixed item array, or false on failure
*/
public function get($args)
{
// Argument check
if ((!isset($args['pageid']) || !is_numeric($args['pageid'])) &&
!isset($args['title'])) {
return LogUtil::registerArgsError();
}
// define the permission filter to apply
$permFilter = array();
$permFilter[] = array('component_left' => 'Pages',
'instance_left' => 'title',
'instance_right' => 'pageid',
'level' => ACCESS_READ);
if (isset($args['pageid']) && is_numeric($args['pageid'])) {
$item = DBUtil::selectObjectByID('pages', $args['pageid'], 'pageid', '', $permFilter);
} else {
$item = DBUtil::selectObjectByID('pages', $args['title'], 'urltitle', '', $permFilter);
}
// need to do this here as the category expansion code can't know the
// root category which we need to build the relative path component
if ($item && isset($args['catregistry']) && $args['catregistry']) {
ObjectUtil::postProcessExpandedObjectCategories($item, $args['catregistry']);
}
if (ModUtil::getVar('Pages', 'enablecategorization') && !empty($item['__CATEGORIES__'])) {
if (!CategoryUtil::hasCategoryAccess($item['__CATEGORIES__'], 'Pages')) {
return false;
}
}
return $item;
}
/**
* get a specific admin messages item
* @author Mark West
* @param int $args['mid'] id of message to get
* @return mixed item array, or false on failure
*/
function Admin_Messages_userapi_get($args)
{
// Argument check
if (!isset($args['mid']) || !is_numeric($args['mid'])) {
return LogUtil::registerArgsError();
}
// define the permission filter to apply
$permFilter = array(array('realm' => 0, 'component_left' => 'Admin_Messages', 'instance_left' => 'title', 'instance_right' => 'mid', 'level' => ACCESS_READ));
return DBUtil::selectObjectByID('message', $args['mid'], 'mid', '', $permFilter);
}
/**
* Get an user files information
* @author: Albert Pérez Monfort
* @param: UserId
* @return: And array with the users
*/
public function get($args)
{
$userId = (isset($args['userId'])) ? $args['userId'] : UserUtil::getVar('uid');
// security check
if (!SecurityUtil::checkPermission( 'Files::', '::', ACCESS_ADD)) {
return LogUtil::registerPermissionError();
}
$item = DBUtil::selectObjectByID('Files', $userId, 'userId');
// error message and return
if ($item === false) {
return LogUtil::registerError ($this->__('Error! Could not load items.'));
}
return $item;
}
public function get($args) {
$mdid = FormUtil::getPassedValue('mdid', isset($args['mdid']) ? $args['mdid'] : null, 'GET');
if (!SecurityUtil::checkPermission('IWtimeframes::', "::", ACCESS_READ)) {
return LogUtil::registerError($this->__('Not authorized to manage timeFrames.'), 403);
}
if (!isset($mdid) || !is_numeric($mdid)) {
return LogUtil::registerError($this->__('Error! Could not do what you wanted. Please check your input.'));
}
$item = DBUtil::selectObjectByID('IWtimeframes_definition', $mdid, 'mdid');
return $item;
}
public function get($args) {
if (!isset($args['gid']) || !is_numeric($args['gid'])) {
return LogUtil::registerError($this->__('Error! Could not do what you wanted. Please check your input.'));
}
$items = DBUtil::selectObjectByID('groups', $args['gid'], 'gid');
// Check for an error with the database code, and if so set an appropriate
// error message and return
if ($items === false) {
return LogUtil::registerError($this->__('Error! Could not load items.'));
}
// Return the items
return $items;
}
/**
* Get a specific group item.
*
* @param int args['gid'] id of group item to get.
* @param int args['startnum'] record number to start get from (group membership).
* @param int args['numitems'] number of items to get (group membership).
*
* @return mixed item array, or false on failure.
*/
public function get($args)
{
// Argument check
if (!isset($args['gid'])) {
return LogUtil::registerArgsError();
}
// Optional arguments.
if (!isset($args['startnum']) || !is_numeric($args['startnum'])) {
$args['startnum'] = 1;
}
if (!isset($args['numitems']) || !is_numeric($args['numitems'])) {
$args['numitems'] = -1;
}
// Get datbase setup
$dbtable = DBUtil::getTables();
$groupmembershipcolumn = $dbtable['group_membership_column'];
// Get item
$result = DBUtil::selectObjectByID('groups', $args['gid'], 'gid');
// Check for an error with the database code
if (!$result) {
return false;
}
// Get group membership
$where = "WHERE {$groupmembershipcolumn['gid']}= '" . (int) DataUtil::formatForStore($args['gid']) . "'";
$uidsArray = DBUtil::selectObjectArray('group_membership', $where, '', $args['startnum'] - 1, $args['numitems'], 'uid');
// Check for an error with the database code
if ($uidsArray === false) {
return false;
}
// Security check
if (!SecurityUtil::checkPermission('Groups::', $result['gid'] . '::', ACCESS_READ)) {
return false;
}
// Create the item array
$result['nbuser'] = count($uidsArray);
$result['members'] = $uidsArray;
$uid = UserUtil::getVar('uid');
if ($uid != 0) {
$result['status'] = ModUtil::apiFunc('Groups', 'user', 'isuserpending', array('gid' => $args['gid'], 'uid' => $uid));
} else {
$result['status'] = false;
}
// Return the item array
return $result;
}
function mediashare_sourcesapi_OnOffsources($args)
{
$dom = ZLanguage::getModuleDomain('mediashare');
if ($args['id'] === false) {
return false;
}
$source = DBUtil::selectObjectByID('mediashare_sources', $args['id']);
if ($args['active'] === flase) {
$source['active'] = 0;
} else {
$source['active'] = $args['active'];
// todo turn off same mimeTypes
}
$result = DBUTil::updateObject($source, 'mediashare_sources');
if ($result === false) {
return LogUtil::registerError(__f('Error in %1$s: %2$s.', array('mediahandlerapi.addHandler', 'Could not change source status.'), $dom));
}
//turn off same mimeTypes
return true;
}
/**
* upgrade the module from an old version
*
* This function must consider all the released versions of the module!
* If the upgrade fails at some point, it returns the last upgraded version.
*
* @param string $oldVersion version number string to upgrade from
* @return mixed true on success, last valid version string or false if fails
*/
public function upgrade($oldversion)
{
// Upgrade dependent on old version number
switch ($oldversion) {
case '2.1':
// change value of defaultgroup from name to gid
$gid = \DBUtil::selectObjectByID('groups', $this->getVar('defaultgroup'), 'name');
$this->setVar('defaultgroup', $gid['gid']);
case '2.2':
case '2.3':
case '2.3.0':
case '2.3.1':
// Set read-only primaryadmingroup so it is accessible by other modules.
$this->setVar('primaryadmingroup', 2);
case '2.3.2':
// future upgrade routines
}
// Update successful
return true;
}
public function restoreVersion($args)
{
$versionId = $args['id'];
$version = DBUtil::selectObjectByID('content_history', $versionId);
if (empty($version)) {
return LogUtil::registerError($this->__f('Error! Unknown version ID [%s]', $versionId));
}
$version['data'] = unserialize($version['data']);
$versionData = $version['data'];
$page = $versionData['page'];
$pageId = $page['id'];
$content = $page['content'];
$pageTranslations = $versionData['pageTranslations'];
$contentTranslations = $versionData['contentTranslations'];
unset($page['layoutData']);
unset($page['isTranslated']);
unset($page['layoutTemplate']);
unset($page['content']);
$currentPage = ModUtil::apiFunc('Content', 'Page', 'getPage', array('id' => $pageId, 'editing' => false, 'filter' => array('checkActive' => false), 'enableEscape' => true, 'translate' => false, 'includeContent' => false, 'includeCategories' => false));
if ($currentPage === false) {
// is a deleted page
$retval = ModUtil::apiFunc('Content', 'Page', 'reinsertPage', array('page' => $page));
if ($retval === false) {
return LogUtil::registerError($this->__('Error! Could not reinsert page'));
}
$pageId = $page['id'] = $retval['id'];
$page['urlname'] = $retval['urlname'];
}
unset($page['parentPageId']);
unset($page['position']);
unset($page['level']);
unset($page['setLeft']);
unset($page['setRight']);
unset($page['cr_date']);
unset($page['cr_uid']);
unset($page['lu_date']);
unset($page['lu_uid']);
unset($page['translatedTitle']);
unset($page['translated']);
unset($page['uname']);
$ok = ModUtil::apiFunc('Content', 'Page', 'updatePage', array('page' => $page, 'pageId' => $pageId, 'revisionText' => '_CONTENT_HISTORYPAGERESTORED' . "|revisionNo={$version['revisionNo']}"));
if ($ok === false) {
return false;
}
$currentContentItems = ModUtil::apiFunc('Content', 'Content', 'getSimplePageContent', array('pageId' => $pageId));
if ($currentContentItems === false) {
return false;
}
$currentContentItemsIdMap = array();
foreach ($currentContentItems as $currentContentItem) {
$currentContentItemsIdMap[$currentContentItem['id']] = $currentContentItem;
}
// Iterate through old content items
// - if not exist today, then create new, otherwise update existing
foreach (array_keys($content) as $i) {
foreach (array_keys($content[$i]) as $j) {
$contentItem = $content[$i][$j];
//echo "($i,$j : {$content[$i][$j]['type']}) ";
if (isset($currentContentItemsIdMap[$contentItem['id']])) {
//echo "Update $contentItem[id]! ";
$ok = ModUtil::apiFunc('Content', 'Content', 'updateContent', array('content' => $contentItem, 'id' => $contentItem['id'], 'addVersion' => false));
if (!$ok) {
return false;
}
unset($currentContentItemsIdMap[$contentItem['id']]);
} else {
//echo "Insert $contentItem[id]! ";
$newContentItem = array();
$aKeys = array_keys($contentItem);
$aVals = array_values($contentItem);
// copy all direct keys/values
for ($x = 0; $x < count($aKeys); $x++) {
$newContentItem[$aKeys[$x]] = $aVals[$x];
}
$id = ModUtil::apiFunc('Content', 'Content', 'newContent', array('content' => $newContentItem, 'pageId' => $pageId, 'contentAreaIndex' => $contentItem['areaIndex'], 'position' => $contentItem['position'], 'addVersion' => false));
if ($id === false) {
return false;
}
if ($id != $contentItem['id']) {
return LogUtil::registerError($this->__("Error! Re-created old content item but did not restore old ID."));
}
unset($currentContentItemsIdMap[$contentItem['id']]);
}
}
}
// Iterate through new items
// - if not exist in old items then delete it
foreach (array_keys($currentContentItemsIdMap) as $id) {
//echo "Delete $id! ";
$ok = ModUtil::apiFunc('Content', 'Content', 'deleteContent', array('contentId' => $id, 'addVersion' => false));
if (!$ok) {
return false;
}
}
// Delete all translations and replace with old translations
$ok = ModUtil::apiFunc('Content', 'Page', 'deleteTranslation', array('pageId' => $pageId, 'addVersion' => false));
if ($ok === false) {
return false;
}
foreach ($pageTranslations as $translation) {
$language = $translation['language'];
$ok = ModUtil::apiFunc('Content', 'Page', 'updateTranslation', array('pageId' => $pageId, 'language' => $language, 'translated' => $translation));
if ($ok === false) {
return false;
}
}
foreach ($contentTranslations as $translation) {
$language = $translation['language'];
$contentId = $translation['contentId'];
$translatedData = unserialize($translation['data']);
$ok = ModUtil::apiFunc('Content', 'Content', 'updateTranslation', array('contentId' => $contentId, 'language' => $language, 'translated' => $translatedData, 'addVersion' => false));
if ($ok === false) {
return false;
}
}
return true;
}
/**
* Return a category object by ID.
*
* @param intiger $cid The category-ID to retrieve.
*
* @return The resulting folder object
*/
public static function getCategoryByID($cid)
{
if (!$cid) {
return false;
}
$permFilter = array();
$permFilter[] = array('realm' => 0, 'component_left' => 'Categories', 'component_middle' => '', 'component_right' => 'Category', 'instance_left' => 'id', 'instance_middle' => 'path', 'instance_right' => 'ipath', 'level' => ACCESS_OVERVIEW);
$result = DBUtil::selectObjectByID('categories_category', (int) $cid, 'id', null, $permFilter);
if ($result) {
$result['display_name'] = DataUtil::formatForDisplayHTML(unserialize($result['display_name']));
$result['display_desc'] = DataUtil::formatForDisplayHTML(unserialize($result['display_desc']));
}
return $result;
}
/**
* Get all user variables, maps new style attributes to old style user data.
*
* @param integer $id The user id of the user (required).
* @param boolean $force True to force loading from database and ignore the cache.
* @param string $idfield Field to use as id (possible values: uid, uname or email).
* @param bool $getRegistration Indicates whether a "regular" user record or a pending registration
* is to be returned. False (default) for a user record and true
* for a registration. If false and the user record is a pending
* registration, then the record is not returned and false is returned
* instead; likewise, if true and the user record is not a registration,
* then false is returned; (Defaults to false).
*
* @return array|bool An associative array with all variables for a user (or pending registration);
* false on error.
*/
public static function getVars($id, $force = false, $idfield = '', $getRegistration = false)
{
if (empty($id)) {
return false;
}
// assign a value for the parameter idfield if it is necessary and prevent from possible typing mistakes
if ($idfield == '' || $idfield != 'uid' && $idfield != 'uname' && $idfield != 'email') {
$idfield = 'uid';
if (!is_numeric($id)) {
$idfield = 'uname';
if (strpos($id, '@')) {
$idfield = 'email';
}
}
}
static $cache = array(), $unames = array(), $emails = array();
// caching
$user = null;
if ($force == false) {
if ($idfield == 'uname' && isset($unames[$id])) {
if ($unames[$id] !== false) {
$user = $cache[$unames[$id]];
} else {
return false;
}
}
if ($idfield == 'email' && isset($emails[$id])) {
if ($emails[$id] !== false) {
$user = $cache[$emails[$id]];
} else {
return false;
}
}
if (isset($cache[$id])) {
$user = $cache[$id];
}
}
if (!isset($user) || $force) {
// load the Users database information
ModUtil::dbInfoLoad('Users', 'Users');
// get user info, don't cache as this information must be up-to-date
// NOTE: Do not use a permission filter, or you will enter an infinite nesting loop where getVars calls checkPermission (from within
// DBUtil), which will call getVars to find out who you are, which will call checkPermission, etc., etc.
// Do your permission check in the API that is using UserUtil.
$user = DBUtil::selectObjectByID('users', $id, $idfield, null, null, null, false);
// If $idfield is email, make sure that we are getting a unique record.
if ($user && $idfield == 'email') {
$emailCount = self::getEmailUsageCount($id);
if ($emailCount > 1 || $emailCount === false) {
$user = false;
}
}
// update cache
// user can be false (error) or empty array (no such user)
if ($user === false || empty($user)) {
switch ($idfield) {
case 'uid':
$cache[$id] = false;
break;
case 'uname':
$unames[$id] = false;
break;
case 'email':
$emails[$id] = false;
break;
}
if ($user === false) {
return LogUtil::registerError(__('Error! Could not load data.'));
}
return false;
} else {
// This check should come at the very end, here, so that if $force is true the vars get
// reloaded into cache no matter what $getRegistration is set to. If not, and this is
// called from setVar(), and setVar() changed the 'activated' value, then we'd have trouble.
if ($getRegistration && $user['activated'] != Users_Constant::ACTIVATED_PENDING_REG || !$getRegistration && $user['activated'] == Users_Constant::ACTIVATED_PENDING_REG) {
return false;
}
$user = self::postProcessGetRegistration($user);
$cache[$user['uid']] = $user;
$unames[$user['uname']] = $user['uid'];
$emails[$user['email']] = $user['uid'];
}
} elseif ($getRegistration && $user['activated'] != Users_Constant::ACTIVATED_PENDING_REG || !$getRegistration && $user['activated'] == Users_Constant::ACTIVATED_PENDING_REG) {
return false;
}
return $user;
}
/**
* Delete a group.
*
* @param gid the group id.
*
* @return Zikula_Response_Ajax
*/
public function deletegroup()
{
$this->checkAjaxToken();
$gid = $this->request->getPost()->get('gid');
$group = DBUtil::selectObjectByID('groups', $gid, 'gid');
$this->throwForbiddenUnless(SecurityUtil::checkPermission('Groups::', $gid . '::', ACCESS_DELETE));
// Check if it is the default group...
$defaultgroup = $this->getVar('defaultgroup');
if ($group['gid'] == $defaultgroup) {
throw new Zikula_Exception_Fatal($this->__('Error! You cannot delete the default user group.'));
}
if (ModUtil::apiFunc('Groups', 'admin', 'delete', array('gid' => $gid)) == true) {
return new Zikula_Response_Ajax(array('gid' => $gid));
}
throw new Zikula_Exception_Fatal($this->__f('Error! Could not delete the \'%s\' group.', $gid));
}
/**
* Get Quote
* @author The Zikula Development Team
* @author Greg Allan
* @param 'args['qid']' quote id
* @return array item array
*/
public function get($args)
{
// argument check
if (!isset($args['qid']) || !is_numeric($args['qid'])) {
return LogUtil::registerArgsError();
}
// define the permissions filter to use
$permFilter = array();
$permFilter[] = array('realm' => 0, 'component_left' => 'Quotes', 'component_middle' => '', 'component_right' => '', 'instance_left' => 'author', 'instance_middle' => '', 'instance_right' => 'qid', 'level' => ACCESS_READ);
// get the quote
$quote = DBUtil::selectObjectByID('quotes', $args['qid'], 'qid', null, $permFilter);
// return the fetched object or false
return $quote ? $quote : false;
}
function edititem()
{
// Confirm the forms authorisation key
$this->checkCsrfToken();
// get passed values
$ot = FormUtil::getPassedValue('ot', 'address', 'POST');
$startnum = FormUtil::getPassedValue('startnum', 1, 'GET');
$letter = FormUtil::getPassedValue('letter', 0);
$sort = FormUtil::getPassedValue('sort', ModUtil::getVar('AddressBook', 'addressbooktype') == 1 ? 'sortname ASC' : 'sortcompany ASC');
$search = FormUtil::getPassedValue('search', 0);
$category = FormUtil::getPassedValue('category', 0);
$private = FormUtil::getPassedValue('private', 0);
$returnid = FormUtil::getPassedValue('returnid', 0, 'POST');
// build standard return url
if (!empty($returnid)) {
$url = ModUtil::url('AddressBook', 'user', 'display', array('id' => $returnid, 'ot' => $ot, 'startnum' => $startnum, 'letter' => $letter, 'sort' => $sort, 'search' => $search, 'category' => $category, 'private' => $private));
} else {
$url = ModUtil::url('AddressBook', 'user', 'view', array('ot' => $ot, 'startnum' => $startnum, 'letter' => $letter, 'sort' => $sort, 'search' => $search, 'category' => $category, 'private' => $private));
}
$object = new AddressBook_DBObject_Address();
//$data =& $object->getDataFromInput();
$data = $object->getDataFromInput();
// permission check
if (UserUtil::isLoggedIn()) {
$user_id = UserUtil::getVar('uid');
} else {
$user_id = 0;
}
if (!(SecurityUtil::checkPermission('AddressBook::', '::', ACCESS_EDIT) || $user_id > 0 && $user_id == $data['user_id'])) {
return LogUtil::registerPermissionError();
}
// validation
if (!$object->validate()) {
return System::redirect(ModUtil::url('AddressBook', 'user', 'edit'));
}
// check for duplication request and return to the form
if (FormUtil::getPassedValue('btn_duplicate', null, 'POST')) {
$url = ModUtil::url('AddressBook', 'user', 'edit', array('ot' => $ot, 'id' => $data['id'], 'duplicate' => 1, 'startnum' => $startnum, 'letter' => $letter, 'sort' => $sort, 'search' => $search, 'category' => $category, 'private' => $private));
return System::redirect($url);
}
// check for company update - part 1: get the old data
if (isset($data['id']) && $data['id']) {
$oldObject = DBUtil::selectObjectByID('addressbook_address', $data['id']);
if ($oldObject['company'] && ($oldObject['company'] != $data['company'] || $oldObject['address1'] != $data['address1'] || $oldObject['address2'] != $data['address2'] || $oldObject['zip'] != $data['zip'] || $oldObject['city'] != $data['city'] || $oldObject['state'] != $data['state'] || $oldObject['country'] != $data['country'])) {
$companyHasChanged = true;
$url = ModUtil::url('AddressBook', 'user', 'change_company', array('ot' => $ot, 'id' => $data['id'], 'oldvalue' => $oldObject['company'], 'startnum' => $startnum, 'letter' => $letter, 'sort' => $sort, 'search' => $search, 'category' => $category, 'private' => $private));
}
}
// save or update the object
$object->save();
// create a status message
LogUtil::registerStatus($this->__('Done! The address was saved.'));
// clear respective cache
ModUtil::apiFunc('AddressBook', 'user', 'clearItemCache', $data);
// clear the the session from FailedObjects
FormUtil::clearValidationFailedObjects('address');
// check for save and duplicate request and return to the form
if (FormUtil::getPassedValue('btn_save_duplicate', null, 'POST')) {
$url = ModUtil::url('AddressBook', 'user', 'edit', array('ot' => $ot, 'id' => $data['id'], 'duplicate' => 1, 'startnum' => $startnum, 'letter' => $letter, 'sort' => $sort, 'search' => $search, 'category' => $category, 'private' => $private));
}
// return to standard return url
return System::redirect($url);
}
/**
* get a specific item
* @param $args['fid'] id of example item to get
* @return mixed item array, or false on failure
*/
public function get($args)
{
// optional arguments
if (isset($args['objectid'])) {
$args['fid'] = $args['objectid'];
}
if ((!isset($args['fid']) || !is_numeric($args['fid'])) &&
!isset($args['title'])) {
return LogUtil::registerArgsError();
}
// define the permission filter to apply
$permFilter = array(array('realm' => 0,
'component_left' => 'Feeds',
'component_right' => 'item',
'instance_left' => 'name',
'instance_right' => 'fid',
'level' => ACCESS_READ));
if (isset($args['fid']) && is_numeric($args['fid'])) {
return DBUtil::selectObjectByID('feeds', $args['fid'], 'fid', '', $permFilter);
} else {
return DBUtil::selectObjectByID('feeds', $args['title'], 'urltitle', '', $permFilter);
}
}
/**
* Gets a menu item
* @author: Albert Pérez Monfort (aperezm@xtec.cat)
* @param: id of the item to get
* @return: An array with the item information
*/
public function get($args) {
// Security check
if (!SecurityUtil::checkPermission('IWmenu::', '::', ACCESS_ADMIN)) {
return LogUtil::registerPermissionError();
}
// Needed arguments.
if (!isset($args['mid'])) {
return LogUtil::registerError($this->__('Error! Could not do what you wanted. Please check your input.'));
}
// get the objects from the db
$items = DBUtil::selectObjectByID('IWmenu', $args['mid'], 'mid');
// Check for an error with the database code, and if so set an appropriate
// error message and return
if ($items === false) {
return LogUtil::registerError($this->__('Error! Could not load items.'));
}
// Return the items
return $items;
}
public function getModuleConfigfromID($args)
{
$this->throwForbiddenUnless(SecurityUtil::checkPermission('Scribite::', '::', ACCESS_ADMIN), LogUtil::getErrorMsgPermission());
// Argument check
if (!isset($args['mid'])) {
return LogUtil::registerError($this->__('Error! Could not do what you wanted. Please check your input.'));
}
$item = DBUtil::selectObjectByID('scribite', $args['mid'], 'mid');
return $item;
}
/**
* Retorna el nom d'un element auxiliar contingut a la taula cataleg_auxiliar
* a partir del seu auxId
*
* @param array $args Array amb els paràmetres de la funció
*
* ### Paràmetres de l'array $args:
* * string **auxId** Identificador de l'element auxiliar
*
* @return string Nom de l'auxiliar
*/
public function getNomAux($auxId) {
if (!SecurityUtil::checkPermission('Cataleg::', "::", ACCESS_READ)) {
return false;
}
//Comprovem que el paràmetre hagi arribat correctament
if (!isset($auxId) || !is_numeric($auxId)) {
return LogUtil::registerError($this->__('No s\'han pogut obtenir les dades sol·licitades (getNomAux)'));
}
$registre = DBUtil::selectObjectByID('cataleg_auxiliar', $auxId, 'auxId');
// Retornem el nom corresponent al auxId sol·licitat
return $registre['nom'];
}
/**
* Save new settings.
*
* @return boolean
*/
public function updateconfig()
{
$this->checkCsrfToken();
// Security check
if (!SecurityUtil::checkPermission('Permissions::', '::', ACCESS_ADMIN)) {
return LogUtil::registerPermissionError();
}
$error = false;
$filter = (bool)FormUtil::getPassedValue('filter', false, 'POST');
$this->setVar('filter', $filter);
$rowview = (int)FormUtil::getPassedValue('rowview', 25, 'POST');
$this->setVar('rowview', $rowview);
$rowedit = (int)FormUtil::getPassedValue('rowedit', 35, 'POST');
$this->setVar('rowedit', $rowedit);
$lockadmin = (bool)FormUtil::getPassedValue('lockadmin', false, 'POST');
$this->setVar('lockadmin', $lockadmin);
$adminid = (int)FormUtil::getPassedValue('adminid', 1, 'POST');
if ($adminid <> 0) {
$perm = DBUtil::selectObjectByID('group_perms', $adminid, 'pid');
if ($perm == false) {
$adminid = 0;
$error = true;
}
}
$this->setVar('adminid', $adminid);
// the module configuration has been updated successfuly
if ($error == true) {
LogUtil::registerStatus($this->__('Error! Could not save configuration: unknown permission rule ID.'));
$this->redirect(ModUtil::url('Permissions', 'admin', 'modifyconfig'));
}
LogUtil::registerStatus($this->__('Done! Saved module configuration.'));
$this->redirect(ModUtil::url('Permissions', 'admin', 'view'));
}
/**
* Update a dynamic user data item.
*
* Parameters passed in the $args array:
* -------------------------------------
* int dudid The id of the item to be updated.
* string label The name of the item to be updated.
*
* @param array $args All parameters passed to this function.
*
* @return bool True on success, false on failure.
*/
public function update($args)
{
// Argument check
if (!isset($args['label']) || stristr($args['label'], '-') ||
!isset($args['dudid']) || !is_numeric($args['dudid'])) {
return LogUtil::registerArgsError();
}
// The user API function is called.
$item = ModUtil::apiFunc('Profile', 'user', 'get', array('propid' => $args['dudid']));
if ($item == false) {
return LogUtil::registerError($this->__('Error! No such personal info item found.'));
}
// Clean the label
$permsep = System::getVar('shorturlsseparator');
// TODO - Original line: $args['label'] = str_replace($permsep, '', DataUtil::formatPermalink($args['label']));
// The above was converting the label to lower case, preventing update
$args['label'] = str_replace($permsep, '', $args['label']);
// Security check
if (!SecurityUtil::checkPermission('Profile::Item', "$item[prop_label]::$args[dudid]", ACCESS_EDIT)) {
return LogUtil::registerPermissionError();
}
if (!SecurityUtil::checkPermission('Profile::Item', "$args[label]::$args[dudid]", ACCESS_EDIT)) {
return LogUtil::registerPermissionError();
}
// If there's a new label, check if it already exists
if ($args['label'] <> $item['prop_label']) {
$vitem = ModUtil::apiFunc('Profile', 'user', 'get', array('proplabel' => $args['label']));
if ($vitem) {
return LogUtil::registerError($this->__("Error! There is already an personal info item with the label '%s'.", DataUtil::formatForDisplay($args['label'])));
}
}
if (isset($args['prop_weight'])) {
if ($args['prop_weight'] == 0) {
unset($args['prop_weight']);
} elseif ($args['prop_weight'] <> $item['prop_weight']) {
$result = DBUtil::selectObjectByID('user_property', $args['prop_weight'], 'prop_weight');
$result['prop_weight'] = $item['prop_weight'];
$dbtable = DBUtil::getTables();
$column = $dbtable['user_property_column'];
$where = "$column[prop_weight] = '$args[prop_weight]'
AND $column[prop_id] <> '$args[dudid]'";
DBUtil::updateObject($result, 'user_property', $where, 'prop_id');
}
}
// create the object to update
$obj = array();
$obj['prop_id'] = $args['dudid'];
$obj['prop_dtype'] = (isset($args['dtype']) ? $args['dtype'] : $item['prop_dtype']);
$obj['prop_weight'] = (isset($args['prop_weight']) ? $args['prop_weight'] : $item['prop_weight']);
// assumes if displaytype is set, all the validation info is
if (isset($args['displaytype'])) {
// a checkbox can't be required
if ($args['displaytype'] == 2 && $args['required']) {
$args['required'] = 0;
}
// Produce the validation array
$args['listoptions'] = str_replace(Chr(10), '', str_replace(Chr(13), '', $args['listoptions']));
$validationinfo = array('required' => $args['required'],
'viewby' => $args['viewby'],
'displaytype' => $args['displaytype'],
'listoptions' => $args['listoptions'],
'note' => $args['note']);
$obj['prop_validation'] = serialize($validationinfo);
}
// let to modify the label for normal fields only
if ($item['prop_dtype'] == 1) {
$obj['prop_label'] = $args['label'];
}
// before update it search for option ID change
// to update the respective user's data
if ($obj['prop_validation'] != $item['prop_validation']) {
ModUtil::apiFunc('Profile', 'dud', 'updatedata', array('item' => $item['prop_validation'],
'newitem' => $obj['prop_validation']));
}
$res = DBUtil::updateObject($obj, 'user_property', '', 'prop_id');
// Check for an error with the database code
if (!$res) {
return LogUtil::registerError($this->__('Error! Could not save your changes.'));
}
// Let the calling process know that we have finished successfully
return true;
}
/**
* Decrement sequence number of a permission.
*
* @param string $args ['type'] the type of the permission to decrement (user or group).
* @param int $args ['pid'] the ID of the permission to decrement.
*
* @return boolean true on success, false on failure.
*/
public function dec($args)
{
// Security check
if (!SecurityUtil::checkPermission('Permissions::', "group::{$args['pid']}", ACCESS_ADMIN)) {
return LogUtil::registerPermissionError();
}
// Argument check
if (!isset($args['pid'])) {
return LogUtil::registerArgsError();
}
// Work out which tables to operate against
$dbtable = DBUtil::getTables();
$permcolumn = $dbtable['group_perms_column'];
if (!is_null($args['permgrp']) && $args['permgrp'] != SecurityUtil::PERMS_ALL) {
$where = " AND ({$permcolumn['gid']}=" . SecurityUtil::PERMS_ALL . " OR {$permcolumn['gid']}='" . (int) DataUtil::formatForStore($args['permgrp']) . "')";
$showpartly = true;
} else {
$where = '';
$showpartly = false;
}
// Get info on current perm
$result = DBUtil::selectObjectByID('group_perms', $args['pid'], 'pid');
if (!$result) {
return LogUtil::registerError($this->__f('Error! Permission rule ID %s does not exist.', $args['pid']));
}
$sequence = $result['sequence'];
$maxsequence = $this->maxsequence(array('column' => 'sequence'));
if ($sequence != $maxsequence) {
$altsequence = $sequence + 1;
// Get info on displaced perm
// Filter-view: added extra check to select-query
$where = "WHERE {$permcolumn['sequence']} = '" . (int) DataUtil::formatForStore($altsequence) . "' {$where}";
$result = DBUtil::selectObject('group_perms', $where);
if (!$result) {
if ($showpartly) {
// Filter-view
// Changing the sequence by moving while in partial view may only be done if there
// are no invisible permissions inbetween that might be affected by the move.
LogUtil::registerError($this->__('Error! Permission rule-swapping in partial view can only be done if both affected permission rules are visible. Please switch to full view.'));
} else {
LogUtil::registerError($this->__('Error! No permission rule directly below that one.'));
}
return false;
}
$altpid = $result['pid'];
// Swap sequence numbers
$where = "WHERE {$permcolumn['pid']} = '" . (int) DataUtil::formatForStore($altpid) . "'";
$obj = array('sequence' => $sequence);
DBUtil::updateObject($obj, 'group_perms', $where, 'pid');
$where = "WHERE {$permcolumn['pid']} = '" . DataUtil::formatForStore($args['pid']) . "'";
$obj = array('sequence' => $altsequence);
DBUtil::updateObject($obj, 'group_perms', $where, 'pid');
}
return true;
}
public function deltema($args) {
//$ftid = FormUtil::getPassedValue('ftid', isset($args['ftid']) ? $args['ftid'] : null, 'POST');
//$fid = FormUtil::getPassedValue('fid', isset($args['fid']) ? $args['fid'] : null, 'POST');
$fid = $this->request->getPost()->get('fid', '');
$ftid = $this->request->getPost()->get('ftid', '');
//$ftid = isset($args['ftid']) ? $args['ftid'] : null;
//$fid = isset($args['fid']) ? $args['fid'] : null;
$force = isset($args['force']) ? $args['force'] : false;
// Security check
if (!SecurityUtil::checkPermission('IWforums::', '::', ACCESS_READ)) {
return LogUtil::registerPermissionError();
}
// Arguments check
if (!isset($ftid) || !isset($fid)) {
return LogUtil::registerError("Function deltema: ".$this->__('Error! Could not do what you wanted. Please check your input.'));
}
//Cridem la funcié get que retorna les dades
$link = ModUtil::apiFunc('IWforums', 'user', 'get_tema', array('ftid' => $ftid,
'fid' => $fid));
//Comprovem que el registre efectivament existeix i, per tant, es podrà esborrar
if ($link == false) {
return LogUtil::registerError($this->__('No messages have been found'));
}
//check if user can access the forum
if (is_null($fid)) {
$topic = DBUtil::selectObjectByID('IWforums_temes', $ftid, 'ftid');
$fid = $topic['fid'];
}
$access = ModUtil::func('IWforums', 'user', 'access', array('fid' => $fid));
if (($access < 4) && (!$force)) {
return LogUtil::registerError($this->__('You can\'t access the forum'));
}
$pntable = DBUtil::getTables();
$t = $pntable['IWforums_temes'];
$c = $pntable['IWforums_temes_column'];
$t2 = $pntable['IWforums_msg'];
$c2 = $pntable['IWforums_msg_column'];
//get messages files
//$files = ModUtil::apiFunc('IWforums', 'user', 'get_adjunts', array('fid' => $fid));
$files = ModUtil::apiFunc('IWforums', 'user', 'get_adjunts', array('ftid' => $ftid, 'mode' => 't'));
//delete messages files
foreach ($files as $file) {
//if (false){
$filePath = ModUtil::getVar('IWmain', 'documentRoot') . '/' . ModUtil::getVar('IWforums', 'urladjunts') . '/' . $file['adjunt'];
if (file_exists($filePath))
unlink($filePath);
//}
}
// Messages deletion
$where = "$c2[ftid]=$ftid";
if (!DBUtil::deleteWhere('IWforums_msg', $where)) {
return LogUtil::registerError($this->__('An error has occurred while deleting the message'));
}
// record deletion
if (!DBUtil::deleteWhere('IWforums_temes', $where)) {
return LogUtil::registerError($this->__('An error has occurred while deleting the message'));
}
//Retornem true ja que el procés ha finalitzat amb éxit
return true;
}
public function checkPermission($args = array())
{
// A guest will have no permission
if (!UserUtil::isLoggedIn()) {
return false;
}
// own comments = ok
$uid = UserUtil::getVar('uid');
$auid = isset($args['uid']) ? $args['uid'] : 0;
if ($uid == $auid) {
return true;
}
// parameter check
if (!isset($args['commentid'])) {
$args['commentid'] = '';
}
if (!isset($args['level'])) {
$args['level'] = ACCESS_COMMENT;
}
if (!isset($args['module']) || !isset($args['objectid'])) {
return false;
}
$inst = "$args[module]:$args[objectid]:$args[commentid]";
// regular securityUtil::checkPermission check. Return true on success
if (SecurityUtil::checkPermission('EZComments::', $inst, $args['level'])) {
return true;
}
if (($args['owneruid'] == $uid) && ($args['owneruid'] > 1)) return true;
if (!empty($args['commentid'])) {
// otherwise: get the comment, check the uid and return the result
$comment = DBUtil::selectObjectByID('EZComments', $args['commentid']);
if (($comment['owneruid'] == $uid) || ($comment['uid'] == $uid)) {
return true;
}
}
// otherwise return false because no security check had a positive result
return false;
}
/**
* Log search query for search statistics.
*/
public function log($args)
{
$searchterms = DataUtil::formatForStore($args['q']);
$obj = DBUtil::selectObjectByID('search_stat', $searchterms, 'search');
$newobj['count'] = isset($obj['count']) ? $obj['count'] + 1 : 1;
$newobj['date'] = date('Y-m-d H:i:s');
$newobj['search'] = $searchterms;
if (!isset($obj) || empty($obj)) {
$res = DBUtil::insertObject($newobj, 'search_stat');
} else {
$res = DBUtil::updateObject($newobj, 'search_stat', '', 'search');
}
if (!$res) {
return false;
}
return true;
}
/**
* get a note
* @author: Albert Pérez Monfort (aperezm@xtec.cat)
* @param: id of the note
* @return: An array with the note information
*/
public function getNote($args) {
$fmid = (isset($args['fmid'])) ? $args['fmid'] : null;
// Security check
if (!SecurityUtil::checkPermission('IWforms::', '::', ACCESS_READ)) {
return LogUtil::registerPermissionError();
}
// Needed argument
if ($fmid == null || !is_numeric($fmid)) {
return LogUtil::registerError($this->__('Error! Could not do what you wanted. Please check your input.'));
}
$items = DBUtil::selectObjectByID('IWforms', $fmid, 'fmid');
// Check for an error with the database code, and if so set an appropriate
// error message and return
if ($items === false) {
return LogUtil::registerError($this->__('Error! Could not load items.'));
}
// Return the items
return $items;
}
/**
* Delete a permission
*
* @param pid the permission id
* @return mixed the id of the permission that has been deleted or Ajax error
*/
public function deletepermission()
{
$this->checkAjaxToken();
$this->throwForbiddenUnless(SecurityUtil::checkPermission('Permissions::', '::', ACCESS_ADMIN));
$pid = (int) $this->request->getPost()->get('pid');
// check if this is the overall admin permssion and return if this shall be deleted
$perm = DBUtil::selectObjectByID('group_perms', $pid, 'pid');
if ($perm['pid'] == 1 && $perm['level'] == ACCESS_ADMIN && $perm['component'] == '.*' && $perm['instance'] == '.*') {
throw new Zikula_Exception_Fatal($this->__('Notice: You cannot delete the main administration permission rule.'));
}
if (ModUtil::apiFunc('Permissions', 'admin', 'delete', array('pid' => $pid)) == true) {
if ($pid == $this->getVar('adminid')) {
$this->setVar('adminid', 0);
$this->setVar('lockadmin', false);
}
return new Zikula_Response_Ajax(array('pid' => $pid));
}
throw new Zikula_Exception_Fatal($this->__f('Error! Could not delete permission rule with ID %s.', $pid));
}
/**
* Profile_Manager function to retrieve the dynamic data to the user object.
*
* Parameters passed in the $args array:
* -------------------------------------
* numeric uid The user id of the user for which the data is to be inserted.
* array dynadata The user data to insert, indexed by prop_attribute_name; required, however can be passed by a GET, POST, REQUEST, COOKIE, or SESSION variable.
*
* @param array $args All parameters passed to this function.
*
* @return array The dynadata array as an array element in the '__ATTRIBUTES__' index of a new array, merged with existing user
* attributes if the uid is supplied and is a valid user, unchanged (not merged) if the uid is not supplied or does
* not refer to an existing user, or an empty array if the dynadata is not supplied or is empty.
*/
public function insertdyndata($args)
{
if (!isset($args['dynadata'])) {
throw new Zikula_Exception_Fatal($this->__f('Missing dynamic data array in call to %1$s', array('checkrequired')));
}
$dynadata = $args['dynadata'];
// Validate if there's no dynadata
// do not touch the __ATTRIBUTES__ field
if (empty($dynadata)) {
return array();
}
// Validate if it's an existing user
if (!isset($args['uid'])) {
return array('__ATTRIBUTES__' => $dynadata);
}
// Needs to merge the existing attributes to not delete any of them
$user = DBUtil::selectObjectByID('users', $args['uid'], 'uid');
if ($user === false || !isset($user['__ATTRIBUTES__'])) {
return array('__ATTRIBUTES__' => $dynadata);
}
// attach the dynadata as attributes to the user object
return array('__ATTRIBUTES__' => array_merge($user['__ATTRIBUTES__'], $dynadata));
}
/**
* Delete a block.
*
* @param int $args ['bid'] the ID of the block to delete.
*
* @return bool true on success, false on failure.
*/
public function delete($args)
{
// Argument check
if (!isset($args['bid']) || !is_numeric($args['bid'])) {
return LogUtil::registerArgsError();
}
$block = DBUtil::selectObjectByID('blocks', $args['bid'], 'bid');
// Security check
if (!SecurityUtil::checkPermission('Blocks::', "{$block['bkey']}:{$block['title']}:{$block['bid']}", ACCESS_DELETE)) {
return LogUtil::registerPermissionError();
}
// delete block placements for this block
$res = DBUtil::deleteObjectByID('block_placements', $args['bid'], 'bid');
if (!$res) {
return LogUtil::registerError($this->__('Error! Could not perform the deletion.'));
}
// delete the block itself
$res = DBUtil::deleteObjectByID('blocks', $args['bid'], 'bid');
if (!$res) {
return LogUtil::registerError($this->__('Error! Could not perform the deletion.'));
}
return true;
}
public function cloneContent($args)
{
$contentId = (int) $args['id'];
$cloneTranslation = isset($newPage['translation']) ? $newPage['translation'] : true;
$addVersion = isset($args['addVersion']) ? $args['addVersion'] : true;
$contentData = DBUtil::selectObjectByID('content_content', $contentId);
if ($contentData === false) {
return false;
}
$contentData['position']++;
unset($contentData['id']);
if (!$this->contentMoveContentDown($contentData['position'], $contentData['areaIndex'], $contentData['pageId'])) {
return false;
}
DBUtil::insertObject($contentData, 'content_content');
$newContentId = $contentData['id'];
$this->cloneContentAdditions($contentId, $newContentId, $cloneTranslation);
if ($addVersion) {
$ok = ModUtil::apiFunc('Content', 'History', 'addPageVersion', array('pageId' => $pageId, 'action' => '_CONTENT_HISTORYCONTENTADDED'));
if ($ok === false) {
return false;
}
}
Content_Util::clearCache();
return $newContentId;
}
