/** * View the cart */ function shop_user_viewcart() { // If the user returns to the cart after taking other steps, unset any errors from earlier in the session. xarSession::delVar('errors'); sys::import('modules.dynamicdata.class.objects.master'); $subtotals = array(); $products = array(); $total = 0; // May want to display cust info with the cart... $cust = xarMod::APIFunc('shop', 'user', 'customerinfo'); $data['cust'] = $cust; $shop = xarSession::getVar('shop'); foreach ($shop as $pid => $val) { // If this post variable is set, we must need to update the quantity if (isset($_POST['qty' . $pid])) { unset($qty_new); // Have to unset this since we're in a foreach if (!xarVarFetch('qty' . $pid, 'isset', $qty_new, NULL, XARVAR_DONT_SET)) { return; } if ($qty_new == 0) { unset($shop[$pid]); } else { $shop[$pid]['qty'] = $qty_new; } } // If the quantity hasn't been set to zero, add it to the $products array... if (isset($shop[$pid])) { // Commas in the quantity seem to mess up our math $products[$pid]['qty'] = str_replace(',', '', $shop[$pid]['qty']); // Get the product info $object = DataObjectMaster::getObject(array('name' => 'shop_products')); $some_id = $object->getItem(array('itemid' => $pid)); $values = $object->getFieldValues(); $products[$pid]['title'] = xarVarPrepForDisplay($values['title']); $products[$pid]['price'] = $values['price']; $subtotal = $values['price'] * $products[$pid]['qty']; $subtotals[] = $subtotal; // so we can use array_sum() to add it all up if (substr($subtotal, 0, 1) == '.') { $subtotal = '0' . $subtotal; } $products[$pid]['subtotal'] = number_format($subtotal, 2); } } xarSession::setVar('shop', $shop); $total = array_sum($subtotals); // Add a zero to the front of the number if it starts with a decimal... if (substr($total, 0, 1) == '.') { $total = '0' . $total; } $total = number_format($total, 2); xarSession::setVar('products', $products); // update the session variable $data['products'] = $products; // don't want too much session stuff in the templates xarSession::setVar('total', $total); $data['total'] = $total; return $data; }
function wurfl_admin_delete() { if (!xarSecurityCheck('ManageWurfl')) { return; } if (!xarVarFetch('name', 'str:1', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'int', $data['itemid'], '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('confirm', 'str:1', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['object']->getItem(array('itemid' => $data['itemid'])); $data['tplmodule'] = 'wurfl'; $data['authid'] = xarSecGenAuthKey('wurfl'); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return; } // Delete the item $item = $data['object']->deleteItem(); // Jump to the next page xarController::redirect(xarModURL('wurfl', 'admin', 'view')); return true; } return $data; }
function publications_admin_modify_pubtype($args) { if (!xarSecurityCheck('AdminPublications')) { return; } extract($args); // Get parameters if (!xarVarFetch('itemid', 'isset', $data['itemid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('returnurl', 'str:1', $data['returnurl'], 'view', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('name', 'str:1', $name, '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('tab', 'str:1', $data['tab'], '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } if (empty($name) && empty($itemid)) { return xarResponse::NotFound(); } // Get our object $data['object'] = DataObjectMaster::getObject(array('name' => 'publications_types')); if (!empty($data['itemid'])) { $data['object']->getItem(array('itemid' => $data['itemid'])); } else { $type_list = DataObjectMaster::getObjectList(array('name' => 'publications_types')); $where = 'name = ' . $name; $items = $type_list->getItems(array('where' => $where)); $item = current($items); $data['object']->getItem(array('itemid' => $item['id'])); } // Send the publication type and the object properties to the template $data['properties'] = $data['object']->getProperties(); // Get the settings of the publication type we are using $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['itemid'])); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return; } // Get the data from the form $isvalid = $data['object']->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with error messages return xarTplModule('publications', 'admin', 'modify_pubtype', $data); } else { // Good data: create the item $itemid = $data['object']->updateItem(array('itemid' => $data['itemid'])); // Jump to the next page xarController::redirect(xarModURL('publications', 'admin', 'view_pubtypes')); return true; } } return $data; }
function publications_user_new($args) { extract($args); // Get parameters if (!xarVarFetch('ptid', 'id', $data['ptid'], xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('catid', 'str', $catid, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemtype', 'id', $itemtype, NULL, XARVAR_NOT_REQUIRED)) { return; } $data['items'] = array(); $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $data['properties'] = $data['object']->getProperties(); if (!empty($data['ptid'])) { $template = $pubtypeobject->properties['template']->value; } else { // TODO: allow templates per category ? $template = null; } // Get the settings of the publication type we are using $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid'])); return xarTplModule('publications', 'admin', 'new', $data, $template); }
/** * Modify a customer */ function shop_admin_modifycustomer() { if (!xarVarFetch('itemid', 'id', $data['itemid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } $objectname = 'shop_customers'; $data['objectname'] = $objectname; // Check if we still have no id of the item to modify. if (empty($data['itemid'])) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'admin', 'modify', 'shop'); throw new Exception($msg); } if (!xarSecurityCheck('AdminShop', 1, 'Item', $data['itemid'])) { return; } sys::import('modules.dynamicdata.class.objects.master'); $object = DataObjectMaster::getObject(array('name' => $objectname)); $data['object'] = $object; $data['label'] = $object->label; $object->getItem(array('itemid' => $data['itemid'])); $values = $object->getFieldValues(); foreach ($values as $name => $value) { $data[$name] = xarVarPrepForDisplay($value); } $rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users')); $rolesobject->getItem(array('itemid' => $data['itemid'])); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Get the data from the form $isvalid = $object->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with the data we picked up and with error messages return xarTplModule('shop', 'admin', 'modifycustomer', $data); } elseif (isset($data['preview'])) { // Show a preview, same thing as the above essentially return xarTplModule('shop', 'admin', 'modifycustomer', $data); } else { $first_name = $object->properties['first_name']->getValue(); $last_name = $object->properties['last_name']->getValue(); $rolesobject->properties['name']->setValue($first_name . ' ' . $last_name); $rolesobject->updateItem(); $object->updateItem(); // Jump to the next page xarResponse::redirect(xarModURL('shop', 'admin', 'modifycustomer', array('itemid' => $data['itemid']))); return $data; } } else { // Get that specific item of the object $object->getItem(array('itemid' => $data['itemid'])); } // Return the template variables defined in this function return $data; }
/** * Create a new customer */ function shop_user_newcustomer() { if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('returnurl', 'str', $returnurl, NULL, XARVAR_NOT_REQUIRED)) { return; } sys::import('modules.dynamicdata.class.objects.master'); $rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users')); $data['properties'] = $rolesobject->properties; // Check if we are in 'preview' mode from the input here - the rest is handled by checkInput() // Here we are testing for a button clicked, so we test for a string if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) { return; } // Check if we are submitting the form // Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false) if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } if ($data['confirm']) { // Check for a valid confirmation key. The value is automatically gotten from the template if (!xarSecConfirmAuthKey()) { return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Get the data from the form and see if it is all valid // Either way the values are now stored in the object $isvalid = $rolesobject->properties['email']->checkInput(); $isvalid2 = $rolesobject->properties['password']->checkInput(); if (!$isvalid || !$isvalid2) { // Bad data: redisplay the form with the data we picked up and with error messages return xarTplModule('shop', 'user', 'newcustomer', $data); } else { $email = $rolesobject->properties['email']->getValue(); $password = $rolesobject->properties['password']->getValue(); $rolesobject->properties['name']->setValue($email); $rolesobject->properties['email']->setValue($email); $rolesobject->properties['uname']->setValue($email); $rolesobject->properties['password']->setValue($password); $rolesobject->properties['state']->setValue(3); $authmodule = (int) xarMod::getID('shop'); $rolesobject->properties['authmodule']->setValue($authmodule); $uid = $rolesobject->createItem(); $custobject = DataObjectMaster::getObject(array('name' => 'shop_customers')); $custobject->createItem(array('id' => $uid)); if (isset($returnurl)) { xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $password)); xarResponse::redirect($returnurl); } else { xarResponse::redirect(xarModURL('shop')); } // Always add the next line even if processing never reaches it return true; } } // Return the template variables defined in this function return $data; }
function publications_admin_templates_page($args) { if (!xarSecurityCheck('AdminPublications')) { return; } extract($args); if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('ptid', 'id', $data['ptid'], 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'id', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('file', 'str', $data['file'], 'summary', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('source_data', 'str', $data['source_data'], '', XARVAR_NOT_REQUIRED)) { return; } if (empty($data['itemid']) || empty($data['ptid'])) { return xarResponse::NotFound(); } $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $pubtype = explode('_', $pubtypeobject->properties['name']->value); $pubtype = isset($pubtype[1]) ? $pubtype[1] : $pubtype[0]; $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $basepath = sys::code() . "modules/publications/xartemplates/objects/" . $pubtype; $sourcefile = $basepath . "/" . $data['file'] . "_" . $data['itemid'] . ".xt"; $overridepath = "themes/" . xarModVars::get('themes', 'default_theme') . "/modules/publications/objects/" . $pubtype; $overridefile = $overridepath . "/" . $data['file'] . "-" . $data['itemid'] . ".xt"; // If we are saving, write the file now if ($confirm && !empty($data['source_data'])) { xarMod::apiFunc('publications', 'admin', 'write_file', array('file' => $overridefile, 'data' => $data['source_data'])); } // Let the template know what kind of file this is if (file_exists($overridefile)) { $data['filetype'] = 'theme'; $filepath = $overridefile; $data['writable'] = is_writable($overridefile); } else { $data['filetype'] = 'module'; $filepath = $sourcefile; $data['writable'] = is_writeable_dir($overridepath); } $data['source_data'] = trim(xarMod::apiFunc('publications', 'admin', 'read_file', array('file' => $filepath))); // Initialize the template if (empty($data['source_data'])) { $data['source_data'] = '<xar:template xmlns:xar="http://xaraya.com/2004/blocklayout">'; $data['source_data'] .= "\n"; $data['source_data'] .= "\n" . '</xar:template>'; } $data['files'] = array(array('id' => 'summary', 'name' => 'summary display'), array('id' => 'detail', 'name' => 'detail display')); return $data; }
/** * List the product attributes */ function shop_admin_attributes() { if (!xarVarFetch('startnum', 'isset', $data['startnum'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('user_id', 'isset', $user_id, NULL, XARVAR_DONT_SET)) { return; } $objectname = 'shop_attributes'; $data['objectname'] = $objectname; // Security check - important to do this as early as possible to avoid // potential security holes or just too much wasted processing if (!xarSecurityCheck('AdminShop')) { return; } $data['items_per_page'] = xarModVars::get('shop', 'items_per_page'); // Load the DD master object class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.objects.master'); // Get the object label for the template $object = DataObjectMaster::getObject(array('name' => $objectname)); $data['label'] = $object->label; // Get the fields to display in the admin interface $config = $object->configuration; if (!empty($config['adminfields'])) { $data['adminfields'] = $config['adminfields']; } else { $data['adminfields'] = array_keys($object->getProperties()); } // Get the object we'll be working with. Note this is a so called object list $mylist = DataObjectMaster::getObjectList(array('name' => $objectname)); // Load the DD master property class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.properties.master'); $data['sort'] = xarMod::ApiFunc('shop', 'admin', 'sort', array('sortfield_fallback' => 'ID', 'ascdesc_fallback' => 'ASC')); // We have some filters for the items $filters = array('startnum' => $data['startnum'], 'status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE, 'sort' => $data['sort']); if (isset($user_id)) { $filters['where'] = 'user_id eq ' . $user_id; } // Get the items $items = $mylist->getItems($filters); if (isset($user_id)) { // Get the object we'll be working with. Note this is a so called object list $mylist2 = DataObjectMaster::getObjectList(array('name' => 'shop_customers')); $filters = array(); if (isset($user_id)) { $filters['where'] = 'ID eq ' . $user_id; } $items2 = $mylist2->getItems($filters); $data['fname'] = $items2[$user_id]['FirstName']; $data['lname'] = $items2[$user_id]['LastName']; } $data['mylist'] = $mylist; // Return the template variables defined in this function return $data; }
function calendar_adminapi_hookcreate($data) { if (!isset($data['extrainfo']) || !is_array($data['extrainfo'])) { $data['extrainfo'] = array(); } // When called via hooks, modname will be empty, but we get it from the // extrainfo or the current module if (empty($data['module'])) { if (!empty($data['extrainfo']['module'])) { $data['module'] = $data['extrainfo']['module']; } else { $data['module'] = xarMod::getName(); } } $data['module_id'] = xarMod::getID($data['module']); if (empty($data['module_id'])) { throw new IDNotFoundException("module id for " . $data['modname']); } if (!isset($data['itemtype']) || !is_numeric($data['itemtype'])) { if (isset($data['extrainfo']['itemtype']) && is_numeric($data['extrainfo']['itemtype'])) { $data['itemtype'] = $data['extrainfo']['itemtype']; } else { $data['itemtype'] = 0; } } if (!isset($data['itemid']) || !is_numeric($data['itemid'])) { if (isset($data['extrainfo']['item_id']) && is_numeric($data['extrainfo']['item_id'])) { $data['itemid'] = $data['extrainfo']['item_id']; } else { $data['itemid'] = 0; } } $data['extrainfo']['module_id'] = $data['module_id']; $data['extrainfo']['itemtype'] = $data['itemtype']; $data['extrainfo']['item_id'] = $data['itemid']; $data['extrainfo']['name'] = isset($data['extrainfo']['name']) ? $data['extrainfo']['name'] : xarML('Unknown Event'); $data['extrainfo']['start_time'] = isset($data['extrainfo']['start_time']) ? $data['extrainfo']['start_time'] : time(); $data['extrainfo']['duration'] = isset($data['extrainfo']['duration']) ? $data['extrainfo']['duration'] : 60; $data['extrainfo']['end_time'] = isset($data['extrainfo']['end_time']) ? $data['extrainfo']['end_time'] : $data['extrainfo']['start_time'] + $data['extrainfo']['duration']; $data['extrainfo']['recurring_code'] = isset($data['extrainfo']['recurring_code']) ? $data['extrainfo']['recurring_code'] : 0; $data['extrainfo']['recurring_span'] = isset($data['extrainfo']['recurring_span']) ? $data['extrainfo']['recurring_span'] : 0; $data['extrainfo']['start_location'] = isset($data['extrainfo']['start_location']) ? $data['extrainfo']['start_location'] : null; $data['extrainfo']['end_location'] = isset($data['extrainfo']['end_location']) ? $data['extrainfo']['end_location'] : null; $data['extrainfo']['object_id'] = isset($data['extrainfo']['object_id']) ? $data['extrainfo']['object_id'] : 0; $data['extrainfo']['role_id'] = isset($data['extrainfo']['role_id']) ? $data['extrainfo']['role_id'] : xarSession::getVar('role_id'); $data['extrainfo']['return_link'] = isset($data['extrainfo']['return_link']) ? $data['extrainfo']['return_link'] : ''; $data['extrainfo']['state'] = isset($data['extrainfo']['state']) ? $data['extrainfo']['state'] : 3; $data['extrainfo']['timestamp'] = isset($data['extrainfo']['timestamp']) ? $data['extrainfo']['timestamp'] : time(); $data['extrainfo']['itemid'] = 0; $object = DataObjectMaster::getObject(array('name' => 'calendar_event')); $item = $object->createItem($data['extrainfo']); return $data['extrainfo']; }
function publications_admin_stylesheet_type($args) { if (!xarSecurityCheck('AdminPublications')) { return; } extract($args); if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('ptid', 'id', $data['ptid'], xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('file', 'str', $data['file'], '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('source_data', 'str', $data['source_data'], '', XARVAR_NOT_REQUIRED)) { return; } $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $pubtype = explode('_', $pubtypeobject->properties['name']->value); $pubtype = isset($pubtype[1]) ? $pubtype[1] : $pubtype[0]; $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $basepath = sys::code() . "modules/publications/xarstyles"; $sourcefile = $basepath . "/" . $data['file'] . ".css"; $overridepath = "themes/" . xarModVars::get('themes', 'default_theme') . "/modules/publications/style"; $overridefile = $overridepath . "/" . $data['file'] . ".css"; // If we are saving, write the file now if ($confirm && !empty($data['file']) && !empty($data['source_data'])) { xarMod::apiFunc('publications', 'admin', 'write_file', array('file' => $overridefile, 'data' => $data['source_data'])); } // Let the template know what kind of file this is if (empty($data['file'])) { $data['filetype'] = 'empty'; $filepath = ''; $data['writable'] = 0; } elseif (file_exists($overridefile)) { $data['filetype'] = 'theme'; $filepath = $overridefile; $data['writable'] = is_writable($overridefile); } elseif (file_exists($sourcefile)) { $data['filetype'] = 'module'; $filepath = $sourcefile; $data['writable'] = is_writeable_dir($overridepath); } else { $data['filetype'] = 'unknown'; $filepath = $overridefile; $data['writable'] = is_writeable_dir($overridepath); } $data['source_data'] = trim(xarMod::apiFunc('publications', 'admin', 'read_file', array('file' => $filepath))); return $data; }
/** * Show some predefined form field in a template * * @param $args array containing the definition of the field (object, itemid, property, value, ...) * @return string containing the HTML (or other) text to output in the BL template */ function publications_userapi_fieldoutput($args) { extract($args); if (!isset($object) || !isset($itemid) || !isset($field)) { return ''; } sys::import('modules.dynamicdata.class.objects.master'); $object = DataObjectMaster::getObject(array('name' => $object)); $itemid = xarMod::apiFunc('publications', 'user', 'gettranslationid', array('id' => $itemid)); $object->getItem(array('itemid' => $itemid)); $field = $object->properties[$field]->getValue(); return $field; }
function publications_admin_create() { if (!xarVarFetch('ptid', 'id', $data['ptid'])) { return; } if (!xarVarFetch('new_cids', 'array', $cids, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('save', 'str', $save, NULL, XARVAR_NOT_REQUIRED)) { return; } // Confirm authorisation code // This has been disabled for now // if (!xarSecConfirmAuthKey()) return; $data['items'] = array(); $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $isvalid = $data['object']->checkInput(); $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid'])); if ($data['preview'] || !$isvalid) { // Show debug info if called for if (!$isvalid && xarModVars::get('publications', 'debugmode') && in_array(xarUserGetVar('uname'), xarConfigVars::get(null, 'Site.User.DebugAdmins'))) { var_dump($data['object']->getInvalids()); } // Preview or bad data: redisplay the form $data['properties'] = $data['object']->getProperties(); if ($data['preview']) { $data['tab'] = 'preview'; } return xarTplModule('publications', 'admin', 'new', $data); } // Create the object $id = $data['object']->createItem(); // if we can edit publications, go to admin view, otherwise go to user view if (xarSecurityCheck('EditPublications', 0, 'Publication', $data['ptid'] . ':All:All:All')) { // Redirect if we came from somewhere else $cuurent_listview = xarSession::getVar('publications_current_listview'); if (!empty($cuurent_listview)) { xarController::redirect($cuurent_listview); } xarController::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $data['ptid']))); } else { xarController::redirect(xarModURL('publications', 'user', 'view', array('ptid' => $data['ptid']))); } return true; }
/** * Create a new product */ function shop_admin_newproduct() { // See if the current user has the privilege to add an item. We cannot pass any extra arguments here if (!xarSecurityCheck('Addshop')) { return; } if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) { return; } $objectname = 'shop_products'; $data['objectname'] = $objectname; // Load the DD master object class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.objects.master'); $object = DataObjectMaster::getObject(array('name' => $objectname)); $data['label'] = $object->label; $data['object'] = $object; // Check if we are in 'preview' mode from the input here - the rest is handled by checkInput() // Here we are testing for a button clicked, so we test for a string if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) { return; } // Check if we are submitting the form // Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false) if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } if ($data['confirm']) { // Check for a valid confirmation key. The value is automatically gotten from the template if (!xarSecConfirmAuthKey()) { return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Get the data from the form and see if it is all valid // Either way the values are now stored in the object $isvalid = $data['object']->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with the data we picked up and with error messages return xarTplModule('shop', 'admin', 'newproduct', $data); } elseif (isset($data['preview'])) { // Show a preview, same thing as the above essentially return xarTplModule('shop', 'admin', 'newproduct', $data); } else { $itemid = $data['object']->createItem(); // Jump to the next page xarResponse::redirect(xarModURL('shop', 'admin', 'products')); return true; } } // Return the template variables defined in this function return $data; }
function publications_adminapi_getpubtypeaccess($args) { if (!isset($args['ptid'])) { throw new Exception(xarML('Missing ptid param in publications_adminapi_getpubtypeaccess')); } $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); if (null == $pubtypeobject) { return false; } $pubtypeobject->getItem(array('itemid' => $args['ptid'])); if (empty($pubtypeobject->properties['access']->value)) { return "a:0:{}"; } return $pubtypeobject->properties['access']->value; }
public function display() { $data = $this->getContent(); // Setup featured item if ($data['fillerid'] > 0) { $fillerid = xarMod::apiFunc('publications', 'user', 'gettranslationid', array('id' => $data['fillerid'])); $ptid = xarMod::apiFunc('publications', 'user', 'getitempubtype', array('itemid' => $data['fillerid'])); $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $ptid)); $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $data['object']->getItem(array('itemid' => $data['fillerid'])); return $data; } return; }
function mailer_user_view_mailer() { if (!xarSecurityCheck('ReadMailer')) { return; } if (!xarVarFetch('name', 'str', $name, 'mailer_mails', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) { return; } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['object']->getItem(array('itemid' => $data['itemid'])); $data['tplmodule'] = 'mailer'; return $data; }
/** * Start the checkout process -- user can create account or log into existing account */ function shop_user_start() { // Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be if (xarUserIsLoggedIn()) { xarResponse::redirect(xarModURL('shop', 'user', 'viewcart')); return true; } $shop = xarSession::getVar('shop'); if (empty($shop)) { xarResponse::redirect(xarModURL('shop', 'user', 'main')); return true; } sys::import('modules.dynamicdata.class.objects.master'); sys::import('modules.dynamicdata.class.properties.master'); $rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users')); $properties = $rolesobject->properties; $data['properties'] = $properties; $isvalid = $rolesobject->properties['email']->checkInput(); $isvalid2 = $rolesobject->properties['password']->checkInput(); if ($isvalid && $isvalid2) { if (!xarSecConfirmAuthKey()) { // right time to do this?? return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Create the role and the customer object and then log in $email = $rolesobject->properties['email']->getValue(); $password = $rolesobject->properties['password']->getValue(); $values['name'] = $email; $values['email'] = $email; $values['uname'] = $email; $values['password'] = $password; $values['state'] = 3; $rolesobject->setFieldValues($values, 1); $uid = $rolesobject->createItem(); $custobject = DataObjectMaster::getObject(array('name' => 'shop_customers')); $custobject->createItem(array('id' => $uid)); $name = 'dd_' . $properties['password']->id; $vals = $properties['password']->fetchValue($name); $pass = $vals[1][0]; $res = xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $pass)); xarResponse::redirect(xarModURL('shop', 'user', 'shippingaddress')); return true; } else { // We don't yet have a valid email or password for registration... return xarTplModule('shop', 'user', 'start', $data); } }
/** * Get the items currently in the cart */ function shop_userapi_getcartproducts($args) { sys::import('modules.dynamicdata.class.objects.master'); $total = 0; $shop = xarSession::getVar('shop'); if (empty($shop)) { return; } foreach ($shop as $pid => $val) { // if this post variable is set, we must need to update the quantity if (isset($_POST['qty' . $pid])) { unset($qty_new); if (!xarVarFetch('qty' . $pid, 'isset', $qty_new, NULL, XARVAR_DONT_SET)) { return; } $shop[$pid]['qty'] = $qty_new; } $products[$pid]['qty'] = $shop[$pid]['qty']; $object = DataObjectMaster::getObject(array('name' => 'shop_products')); $some_id = $object->getItem(array('itemid' => $pid)); $values = $object->getFieldValues(); $products[$pid]['title'] = xarVarPrepForDisplay($values['title']); $price = $values['price']; if (substr($price, 0, 1) == '.') { $price = '0' . $price; } $products[$pid]['price'] = $price; $subtotal = $values['price'] * $products[$pid]['qty']; $subtotals[] = $subtotal; $products[$pid]['subtotal'] = number_format($subtotal, 2); } xarSession::setVar('shop', $shop); $total = array_sum($subtotals); $total = number_format($total, 2); if (substr($total, 0, 1) == '.') { $total = '0' . $total; } $productinfo['products'] = $products; $productinfo['total'] = $total; return $productinfo; }
/** * Display a product */ function shop_user_product($args) { if (!xarVarFetch('itemid', 'id', $itemid, NULL, XARVAR_DONT_SET)) { return; } extract($args); if (!empty($objectid)) { $itemid = $objectid; } if (empty($itemid)) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'user', 'display', 'shop'); throw new Exception($msg); } // Make sure user has read privileges for the item if (!xarSecurityCheck('ReadShop', 1, 'Item', $itemid)) { return; } // Load the DD master object class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.objects.master'); // Get the object definition we'll be working with $object = DataObjectMaster::getObject(array('name' => 'shop_products')); $data['object'] = $object; //We don't really have the item until we call getItem() $some_id = $object->getItem(array('itemid' => $itemid)); //Make sure we got something if (!isset($some_id) || $some_id != $itemid) { return; } //Get the property names and values for the item with the getFieldValues() method $values = $object->getFieldValues(); $data['itemid'] = $itemid; //$values is an associative array of property names and values, so... foreach ($values as $name => $value) { $data[$name] = xarVarPrepForDisplay($value); } $data['editurl'] = ''; if (xarSecurityCheck('EditShop', 1)) { $data['editurl'] = xarModURL('shop', 'admin', 'modify', array('itemid' => $itemid, 'name' => 'shop_products')); } return xarTplModule('shop', 'user', 'product', $data); }
function publications_user_create() { if (!xarVarFetch('ptid', 'id', $data['ptid'])) { return; } if (!xarVarFetch('new_cids', 'array', $cids, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('save', 'str', $save, NULL, XARVAR_NOT_REQUIRED)) { return; } // Confirm authorisation code // This has been disabled for now // if (!xarSecConfirmAuthKey()) return; $data['items'] = array(); $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $isvalid = $data['object']->checkInput(); $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid'])); if ($data['preview'] || $isvalid) { // Preview or bad data: redisplay the form $data['properties'] = $data['object']->getProperties(); if ($data['preview']) { $data['tab'] = 'preview'; } return xarTplModule('publications', 'user', 'new', $data); } // Create the object $id = $data['object']->createItem(); // if we can edit publications, go to admin view, otherwise go to user view if (xarSecurityCheck('EditPublications', 0, 'Publication', $data['ptid'] . ':All:All:All')) { xarResponse::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $data['ptid']))); } else { xarResponse::redirect(xarModURL('publications', 'user', 'view', array('ptid' => $data['ptid']))); } return true; }
function publications_userapi_getsettings($data) { if (empty($data['ptid'])) { throw new Exception('Missing publication type for caching'); } // If already cached, then get that if (xarCore::isCached('publications', 'context' . $data['ptid'])) { return xarCore::getCached('publications', 'context' . $data['ptid']); } $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $pubtypesettings = @unserialize($pubtypeobject->properties['configuration']->getValue()); $globalsettings = publications_userapi_getglobalsettings(); if (is_array($pubtypesettings)) { $settings = $pubtypesettings + $globalsettings; } else { $settings = $globalsettings; } xarCore::setCached('publications', 'context' . $data['ptid'], $settings); return $settings; }
/** * Get customer info */ function shop_userapi_customerinfo($args) { $values = array(); if (xarUserIsLoggedIn()) { $id = xarUserGetVar('id'); } extract($args); if (isset($id)) { sys::import('modules.dynamicdata.class.objects.master'); $custobject = DataObjectMaster::getObject(array('name' => 'shop_customers')); $some_id = $custobject->getItem(array('itemid' => $id)); if (!$some_id) { //This user must have a role but no customer account. This probably happened because a web admin uninstalled the shop module, deleting all the customer accounts but not deleting the associated roles. Let's re-create the customer record with just the id so we don't get snagged later $id = $custobject->createItem(array('id' => $id)); $custobject->getItem(array('itemid' => $id)); } $values = $custobject->getFieldValues(); return $values; } else { return; } }
function wurfl_admin_modify() { if (!xarSecurityCheck('EditWurfl')) { return; } if (!xarVarFetch('name', 'str', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['object']->getItem(array('itemid' => $data['itemid'])); $data['tplmodule'] = 'wurfl'; $data['authid'] = xarSecGenAuthKey('wurfl'); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return; } // Get the data from the form $isvalid = $data['object']->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with error messages return xarTplModule('wurfl', 'admin', 'modify', $data); } else { // Good data: create the item $itemid = $data['object']->updateItem(array('itemid' => $data['itemid'])); // Jump to the next page xarController::redirect(xarModURL('wurfl', 'admin', 'view')); return true; } } return $data; }
function wurfl_admin_new() { if (!xarSecurityCheck('AddWurfl')) { return; } if (!xarVarFetch('name', 'str', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['tplmodule'] = 'wurfl'; $data['authid'] = xarSecGenAuthKey('wurfl'); if ($data['confirm']) { // we only retrieve 'preview' from the input here - the rest is handled by checkInput() if (!xarVarFetch('preview', 'str', $preview, NULL, XARVAR_DONT_SET)) { return; } // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return; } // Get the data from the form $isvalid = $data['object']->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with error messages return xarTplModule('wurfl', 'admin', 'new', $data); } else { // Good data: create the item $itemid = $data['object']->createItem(); // Jump to the next page xarController::redirect(xarModURL('wurfl', 'admin', 'view')); return true; } } return $data; }
function mailer_admin_view_mailer() { if (!xarSecurityCheck('ManageMailer')) { return; } if (!xarVarFetch('name', 'str', $name, 'mailer_mails', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) { return; } if (xarModIsAvailable('realms')) { $userrealmid = xarModAPIfunc('realms', 'admin', 'getrealmid'); $realmid = xarModAPIfunc('realms', 'admin', 'getrealmid', array('itemid' => $data['itemid'], 'tablename' => 'mailer_mails')); if ($userrealmid != 0 && $userrealmid != $realmid) { return; } } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['object']->getItem(array('itemid' => $data['itemid'])); $data['tplmodule'] = 'mailer'; return $data; }
/** * Display a transaction */ function shop_admin_transaction($args) { if (!xarVarFetch('itemid', 'id', $itemid, NULL, XARVAR_DONT_SET)) { return; } extract($args); if (empty($itemid)) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'user', 'display', 'shop'); throw new Exception($msg); } // Make sure user has read privileges for the item if (!xarSecurityCheck('ReadShop', 1, 'Item', $itemid)) { return; } // Load the DD master object class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.objects.master'); // Get the object definition we'll be working with $object = DataObjectMaster::getObject(array('name' => 'shop_transactions')); $data['properties'] = $object->getProperties(); $data['object'] = $object; //We don't really have the item until we call getItem() $some_id = $object->getItem(array('itemid' => $itemid)); //Make sure we got something if (!isset($some_id) || $some_id != $itemid) { return; } //Get the property names and values for the item with the getFieldValues() method $values = $object->getFieldValues(); //We need to do this up here to avoid messing up the serialized array with xarVarPrepForDisplay $products = unserialize($values['products']); //$values is an associative array of property names and values, so... foreach ($values as $name => $value) { $data[$name] = xarVarPrepForDisplay($value); } $data['products'] = $products; return $data; }
function publications_admin_updateconfig() { // Confirm authorisation code if (!xarSecConfirmAuthKey()) { return; } // Get parameters //A lot of these probably are bools, still might there be a need to change the template to return //'true' and 'false' to use those... if (!xarVarFetch('settings', 'array', $settings, array(), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('usetitleforurl', 'int', $usetitleforurl, xarModVars::get('publications', 'usetitleforurl'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultstate', 'isset', $defaultstate, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultsort', 'isset', $defaultsort, 'date', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('usealias', 'int', $usealias, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('ptid', 'isset', $ptid, xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('multilanguage', 'int', $multilanguage, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('tab', 'str:1:10', $data['tab'], 'global', XARVAR_NOT_REQUIRED)) { return; } if (!xarSecurityCheck('AdminPublications', 1, 'Publication', "{$ptid}:All:All:All")) { return; } if ($data['tab'] == 'global') { if (!xarVarFetch('defaultpubtype', 'isset', $defaultpubtype, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('sortpubtypes', 'isset', $sortpubtypes, 'id', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultlanguage', 'str:1:100', $defaultlanguage, xarModVars::get('publications', 'defaultlanguage'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('debugmode', 'checkbox', $debugmode, xarModVars::get('publications', 'debugmode'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultfrontpage', 'str', $defaultfrontpage, xarModVars::get('publications', 'defaultfrontpage'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultbackpage', 'str', $defaultbackpage, xarModVars::get('publications', 'defaultbackpage'), XARVAR_NOT_REQUIRED)) { return; } xarModVars::set('publications', 'defaultpubtype', $defaultpubtype); xarModVars::set('publications', 'sortpubtypes', $sortpubtypes); xarModVars::set('publications', 'defaultlanguage', $defaultlanguage); xarModVars::set('publications', 'debugmode', $debugmode); xarModVars::set('publications', 'usealias', $usealias); xarModVars::set('publications', 'usetitleforurl', $usetitleforurl); xarModVars::set('publications', 'defaultfrontpage', $defaultfrontpage); xarModVars::set('publications', 'defaultbackpage', $defaultbackpage); // Allow multilanguage only if the languages property is present sys::import('modules.dynamicdata.class.properties.registration'); $types = PropertyRegistration::Retrieve(); if (isset($types[30039])) { xarModVars::set('publications', 'multilanguage', $multilanguage); } else { xarModVars::set('publications', 'multilanguage', 0); } // Get the special pages. foreach (array('defaultpage', 'errorpage', 'notfoundpage', 'noprivspage') as $special_name) { unset($special_id); if (!xarVarFetch($special_name, 'id', $special_id, 0, XARVAR_NOT_REQUIRED)) { return; } xarModVars::set('publications', $special_name, $special_id); } if (xarDB::getType() == 'mysql') { if (!xarVarFetch('fulltext', 'isset', $fulltext, '', XARVAR_NOT_REQUIRED)) { return; } $oldval = xarModVars::get('publications', 'fulltextsearch'); $index = 'i_' . xarDB::getPrefix() . '_publications_fulltext'; if (empty($fulltext) && !empty($oldval)) { // Get database setup $dbconn = xarDB::getConn(); $xartable = xarDB::getTables(); $publicationstable = $xartable['publications']; // Drop fulltext index on publications table $query = "ALTER TABLE {$publicationstable} DROP INDEX {$index}"; $result =& $dbconn->Execute($query); if (!$result) { return; } xarModVars::set('publications', 'fulltextsearch', ''); } elseif (!empty($fulltext) && empty($oldval)) { $searchfields = array('title', 'description', 'summary', 'body1', 'notes'); // $searchfields = explode(',',$fulltext); // Get database setup $dbconn = xarDB::getConn(); $xartable = xarDB::getTables(); $publicationstable = $xartable['publications']; // Add fulltext index on publications table $query = "ALTER TABLE {$publicationstable} ADD FULLTEXT {$index} (" . join(', ', $searchfields) . ")"; $result =& $dbconn->Execute($query); if (!$result) { return; } xarModVars::set('publications', 'fulltextsearch', join(',', $searchfields)); } } // Module settings $data['module_settings'] = xarMod::apiFunc('base', 'admin', 'getmodulesettings', array('module' => 'publications')); $data['module_settings']->setFieldList('items_per_page, use_module_alias, module_alias_name, enable_short_urls, user_menu_link', 'use_module_icons'); $isvalid = $data['module_settings']->checkInput(); if (!$isvalid) { return xarTplModule('base', 'admin', 'modifyconfig', $data); } else { $itemid = $data['module_settings']->updateItem(); } // Pull the base category ids from the template and save them $picker = DataPropertyMaster::getProperty(array('name' => 'categorypicker')); $picker->checkInput('basecid'); } elseif ($data['tab'] == 'pubtypes') { // Get the publication type for this display and save the settings to it $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $ptid)); $configsettings = $pubtypeobject->properties['configuration']->getValue(); $checkbox = DataPropertyMaster::getProperty(array('name' => 'checkbox')); $boxes = array('show_hitount', 'show_ratings', 'show_keywords', 'show_comments', 'show_prevnext', 'show_archives', 'show_publinks', 'show_pubcount', 'show_map', 'prevnextart', 'dot_transform', 'title_transform', 'show_categories', 'show_catcount', 'show_prevnext', 'allow_translations'); foreach ($boxes as $box) { $isvalid = $checkbox->checkInput($box); if ($isvalid) { $settings[$box] = $checkbox->value; } } // foreach ($configsettings as $key => $value) // if (!isset($settings[$key])) $settings[$key] = 0; $isvalid = true; // Get the default access rules $access = DataPropertyMaster::getProperty(array('name' => 'access')); $validprop = $access->checkInput("access_add"); $addaccess = $access->value; $isvalid = $isvalid && $validprop; $validprop = $access->checkInput("access_display"); $displayaccess = $access->value; $isvalid = $isvalid && $validprop; $validprop = $access->checkInput("access_modify"); $modifyaccess = $access->value; $isvalid = $isvalid && $validprop; $validprop = $access->checkInput("access_delete"); $deleteaccess = $access->value; $isvalid = $isvalid && $validprop; $allaccess = array('add' => $addaccess, 'display' => $displayaccess, 'modify' => $modifyaccess, 'delete' => $deleteaccess); $pubtypeobject->properties['access']->setValue(serialize($allaccess)); $pubtypeobject->properties['configuration']->setValue(serialize($settings)); $pubtypeobject->updateItem(array('itemid' => $ptid)); $pubtypes = xarModAPIFunc('publications', 'user', 'get_pubtypes'); if ($usealias) { xarModSetAlias($pubtypes[$ptid]['name'], 'publications'); } else { xarModDelAlias($pubtypes[$ptid]['name'], 'publications'); } } elseif ($data['tab'] == 'redirects') { $redirects = DataPropertyMaster::getProperty(array('name' => 'array')); $redirects->display_column_definition['value'] = array(array("From", "To"), array(2, 2), array("", ""), array("", "")); $isvalid = $redirects->checkInput("redirects"); xarModVars::set('publications', 'redirects', $redirects->value); } xarController::redirect(xarModURL('publications', 'admin', 'modifyconfig', array('ptid' => $ptid, 'tab' => $data['tab']))); return true; }
/** * Publications Module * * @package modules * @subpackage publications module * @category Third Party Xaraya Module * @version 2.0.0 * @copyright (C) 2011 Netspan AG * @license GPL {@link http://www.gnu.org/licenses/gpl.html} * @author Marc Lutolf <*****@*****.**> */ function publications_admin_delete_pubtype() { if (!xarSecurityCheck('AdminPublications')) { return; } if (!xarVarFetch('confirmed', 'int', $confirmed, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'str', $itemid, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('idlist', 'str', $idlist, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('returnurl', 'str', $returnurl, NULL, XARVAR_DONT_SET)) { return; } if (!empty($itemid)) { $idlist = $itemid; } $ids = explode(',', trim($idlist, ',')); if (empty($idlist)) { if (isset($returnurl)) { xarController::redirect($returnurl); } else { xarController::redirect(xarModURL('publications', 'admin', 'view')); } } $data['message'] = ''; $data['itemid'] = $itemid; /*------------- Ask for Confirmation. If yes, action ----------------------------*/ sys::import('modules.dynamicdata.class.objects.master'); $pubtype = DataObjectMaster::getObject(array('name' => 'publications_types')); if (!isset($confirmed)) { $data['idlist'] = $idlist; if (count($ids) > 1) { $data['title'] = xarML("Delete Publication Types"); } else { $data['title'] = xarML("Delete Publication Type"); } $data['authid'] = xarSecGenAuthKey(); $items = array(); foreach ($ids as $i) { $pubtype->getItem(array('itemid' => $i)); $item = $pubtype->getFieldValues(); $items[] = $item; } $data['items'] = $items; $data['yes_action'] = xarModURL('publications', 'admin', 'delete_pubtype', array('idlist' => $idlist)); return xarTplModule('publications', 'admin', 'delete_pubtype', $data); } else { if (!xarSecConfirmAuthKey()) { return; } foreach ($ids as $id) { $itemid = $pubtype->deleteItem(array('itemid' => $id)); $data['message'] = "Publication Type deleted [ID {$id}]"; } if (isset($returnurl)) { xarController::redirect($returnurl); } else { xarController::redirect(xarModURL('publications', 'admin', 'view_pubtypes', $data)); } return true; } return true; }
/** * view article map */ function publications_user_viewmap($args) { // Get parameters if (!xarVarFetch('ptid', 'id', $ptid, xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('by', 'enum:pub:cat:grid', $by, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('go', 'str', $go, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('catid', 'str', $catid, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('cids', 'array', $cids, NULL, XARVAR_NOT_REQUIRED)) { return; } // Override if needed from argument array extract($args); $default = xarModVars::get('publications', 'defaultpubtype'); if (empty($by)) { if (empty($default) && empty($ptid)) { $by = 'cat'; } else { $by = 'pub'; } } // turn $catid into $cids array (and set $andcids flag) if (!empty($catid)) { if (strpos($catid, ' ')) { $cids = explode(' ', $catid); $andcids = true; } elseif (strpos($catid, '+')) { $cids = explode('+', $catid); $andcids = true; } else { $cids = explode('-', $catid); $andcids = false; } } $seencid = array(); if (isset($cids) && is_array($cids)) { foreach ($cids as $cid) { // make sure cids are numeric if (!empty($cid) && is_numeric($cid)) { $seencid[$cid] = 1; } } $cids = array_keys($seencid); sort($cids, SORT_NUMERIC); } // Get publication types sys::import('modules.dynamicdata.class.objects.master'); $object = DataObjectMaster::getObjectList(array('name' => 'publications_types')); $data['pubtypes'] = $object->getItems(); // redirect to filtered view if (!empty($go) && (!empty($ptid) || $by == 'cat')) { if (is_array($cids) && count($cids) > 0) { $catid = join('+', $cids); } else { $catid = NULL; } $url = xarModURL('publications', 'user', 'view', array('ptid' => $ptid, 'catid' => $catid)); xarController::redirect($url); return; } $data['catfilter'] = array(); $data['cattree'] = array(); $data['catgrid'] = array(); $dump = ''; $publinks = array(); if ($by == 'cat') { $data['maplink'] = xarModURL('publications', 'user', 'viewmap', array('by' => 'cat')); // TODO: re-evaluate this after user feedback... // *trick* Use the 'default' categories here, instead of all rootcats $basecats = xarModAPIFunc('categories', 'user', 'getallcatbases', array('module' => 'publications')); $catlist = array(); foreach ($basecats as $basecat) { $catlist[$basecat['category_id']] = 1; } $data['basecids'] = array_keys($catlist); // create the category tree for each root category // TODO: make sure permissions are taken into account here ! foreach ($catlist as $cid => $val) { if (empty($val)) { continue; } $data['cattree'][$cid] = xarModAPIFunc('publications', 'user', 'getchildcats', array('state' => array(PUBLICATIONS_STATE_APPROVED, PUBLICATIONS_STATE_FRONTPAGE), 'cid' => $cid, 'ptid' => null, 'showcid' => true)); } } elseif ($by == 'grid') { $data['catgrid'][0] = array(); $data['catgrid'][0][0] = ''; // Get the base categories if (!empty($ptid)) { $rootcats = xarModAPIFunc('categories', 'user', 'getallcatbases', array('module' => 'publications', 'itemtype' => $ptid)); } else { $rootcats = xarModAPIFunc('categories', 'user', 'getallcatbases', array('module' => 'publications', 'itemtype' => 0)); $ptid = null; } if (count($rootcats) != 2) { $data['catgrid'][0][0] = xarML('You need 2 base categories in order to use this grid view'); } else { $catlist = array(); if (!empty($rootcats) && is_array($rootcats)) { foreach ($rootcats as $cid) { $catlist[$catid['category_id']] = 1; } } $cattree = array(); // Get the category tree for each base category foreach ($catlist as $cid => $val) { if (empty($val)) { continue; } $cattree[$cid] = xarModAPIFunc('publications', 'user', 'getchildcats', array('state' => array(PUBLICATIONS_STATE_FRONTPAGE, PUBLICATIONS_STATE_APPROVED), 'cid' => $cid, 'ptid' => $ptid, 'showcid' => true)); } // Find out which category tree is the shortest if (count($cattree[$rootcats[0]]) > count($cattree[$rootcats[1]])) { $rowcat = $rootcats[0]; $colcat = $rootcats[1]; } else { $rowcat = $rootcats[1]; $colcat = $rootcats[0]; } // Fill in the column headers $row = 0; $col = 1; $colcid = array(); foreach ($cattree[$colcat] as $info) { $data['catgrid'][$row][$col] = '<a href="' . $info['link'] . '">' . $info['name'] . '</a>'; $colcid[$info['id']] = $col; $col++; } $maxcol = $col; // Fill in the row headers $row = 1; $col = 0; $data['catgrid'][$row] = array(); $rowcid = array(); foreach ($cattree[$rowcat] as $info) { $data['catgrid'][$row][$col] = '<a href="' . $info['link'] . '">' . $info['name'] . '</a>'; $rowcid[$info['id']] = $row; $row++; } $maxrow = $row; // Initialise the rest of the array for ($row = 1; $row < $maxrow; $row++) { if (!isset($data['catgrid'][$row])) { $data['catgrid'][$row] = array(); } for ($col = 1; $col < $maxcol; $col++) { $data['catgrid'][$row][$col] = ''; } } // Get the counts for all groups of (N) categories $pubcatcount = xarModAPIFunc('publications', 'user', 'getpubcatcount', array('state' => array(PUBLICATIONS_STATE_FRONTPAGE, PUBLICATIONS_STATE_APPROVED), 'ptid' => $ptid, 'groupcids' => 2, 'reverse' => 1)); if (!empty($ptid)) { $what = $ptid; } else { $what = 'total'; } // Fill in the count values foreach ($pubcatcount as $cids => $counts) { list($ca, $cb) = explode('+', $cids); if (isset($rowcid[$ca]) && isset($colcid[$cb])) { $link = xarModURL('publications', 'user', 'view', array('ptid' => $ptid, 'catid' => $ca . '+' . $cb)); $data['catgrid'][$rowcid[$ca]][$colcid[$cb]] = '<a href="' . $link . '"> ' . $counts[$what] . ' </a>'; } if (isset($rowcid[$cb]) && isset($colcid[$ca])) { $link = xarModURL('publications', 'user', 'view', array('ptid' => $ptid, 'catid' => $cb . '+' . $ca)); $data['catgrid'][$rowcid[$cb]][$colcid[$ca]] = '<a href="' . $link . '"> ' . $counts[$what] . ' </a>'; } } } if (!empty($ptid)) { $descr = $data['pubtypes'][$ptid]['description']; } } else { $data['maplink'] = xarModURL('publications', 'user', 'viewmap', array('by' => 'pub')); // get the links and counts for all publication types $publinks = xarModAPIFunc('publications', 'user', 'getpublinks', array('state' => array(PUBLICATIONS_STATE_FRONTPAGE, PUBLICATIONS_STATE_APPROVED), 'all' => 1)); // build the list of root categories for all publication types // and save results in publinks as well $catlist = array(); for ($i = 0; $i < count($publinks); $i++) { $pubid = $publinks[$i]['pubid']; $cidstring = xarModVars::get('publications', 'mastercids.' . $pubid); if (!empty($cidstring)) { $rootcats = explode(';', $cidstring); foreach ($rootcats as $cid) { $catlist[$cid] = 1; } $publinks[$i]['rootcats'] = $rootcats; } else { $publinks[$i]['rootcats'] = array(); } } // for all publication types for ($i = 0; $i < count($publinks); $i++) { $publinks[$i]['cats'] = array(); $pubid = $publinks[$i]['pubid']; // for each root category of this publication type foreach ($publinks[$i]['rootcats'] as $cid) { // add the category tree to the list of categories to show $childcats = xarModAPIFunc('publications', 'user', 'getchildcats', array('state' => array(PUBLICATIONS_STATE_FRONTPAGE, PUBLICATIONS_STATE_APPROVED), 'cid' => $cid, 'ptid' => $pubid, 'showcid' => true)); $publinks[$i]['cats'][] = $childcats; } } $array = array(); if (empty($ptid)) { $ptid = $default; } if (!empty($ptid)) { for ($i = 0; $i < count($publinks); $i++) { if ($ptid == $publinks[$i]['pubid']) { $array = $publinks[$i]['rootcats']; } } } foreach ($publinks as $pub) { if ($pub['pubid'] == $ptid) { $descr = $pub['pubtitle']; } } } if (empty($descr)) { $descr = xarML('Publications'); $data['descr'] = ''; } else { $data['descr'] = $descr; } // Save some variables to (temporary) cache for use in blocks etc. xarVarSetCached('Blocks.publications', 'ptid', $ptid); //if ($shownavigation) { xarVarSetCached('Blocks.categories', 'module', 'publications'); xarVarSetCached('Blocks.categories', 'itemtype', $ptid); if (!empty($descr)) { xarVarSetCached('Blocks.categories', 'title', $descr); xarTplSetPageTitle(xarML('Map'), xarVarPrepForDisplay($descr)); } //} if (empty($ptid)) { $ptid = null; } $data['publinks'] = $publinks; $data['ptid'] = $ptid; $data['viewlabel'] = xarML('Back to') . ' ' . $descr; $data['viewlink'] = xarModURL('publications', 'user', 'view', array('ptid' => $ptid)); $data['archivelabel'] = xarML('View Archives'); $data['archivelink'] = xarModURL('publications', 'user', 'archive', array('ptid' => $ptid)); $data['dump'] = $dump; if (count($data['catfilter']) == 2) { } if (!empty($ptid)) { $object = DataObjectMaster::getObject(array('name' => 'publications_types')); $object->getItem(array('itemid' => $ptid)); $template = $object->properties['template']->value; } else { // TODO: allow templates per category ? $template = null; } // Pass the type of map to the template, so we can decide what links to show $data['by'] = $by; return xarTplModule('publications', 'user', 'viewmap', $data, $template); }
/** * Select existing payment method or create new one to use for this transaction */ function shop_user_paymentmethod() { // Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be $shippingaddress = xarSession::getVar('shippingaddress'); if (empty($shippingaddress)) { xarResponse::redirect(xarModURL('shop', 'user', 'shippingaddress')); return true; } $shop = xarSession::getVar('shop'); if (!xarUserIsLoggedIn() || empty($shop)) { xarResponse::redirect(xarModURL('shop', 'user', 'main')); return true; } if (!xarVarFetch('proceedsaved', 'str', $proceedsaved, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('proceednew', 'str', $proceednew, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('paymentmethod', 'str', $paymentmethod, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('remove', 'str', $remove, NULL, XARVAR_NOT_REQUIRED)) { return; } $cust = xarMod::APIFunc('shop', 'user', 'customerinfo'); $data['cust'] = $cust; sys::import('modules.dynamicdata.class.objects.master'); sys::import('modules.dynamicdata.class.properties.master'); $shippingobject = DataObjectMaster::getObject(array('name' => 'shop_shippingaddresses')); $shippingobject->getItem(array('itemid' => xarSession::getVar('shippingaddress'))); $shippingvals = $shippingobject->getFieldValues(); $data['shippingvals'] = $shippingvals; // Get the saved payment methods, if any exist $mylist = DataObjectMaster::getObjectList(array('name' => 'shop_paymentmethods')); $filters = array('status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE, 'where' => 'customer eq ' . xarUserGetVar('id')); $paymentmethods = $mylist->getItems($filters); $data['paymentmethods'] = $paymentmethods; $data['paymentobject'] = DataObjectMaster::getObject(array('name' => 'shop_paymentmethods')); $data['paymentobject']->properties['name']->display_show_salutation = false; $data['paymentobject']->properties['name']->display_show_middlename = false; $data['paymentobject']->properties['address']->display_rows = 1; $data['paymentobject']->properties['address']->display_show_country = false; $data['properties'] = $data['paymentobject']->getProperties(); if ($remove) { if ($remove == xarSession::getVar('paymentmethod')) { xarSession::delVar('paymentmethod'); } $data['paymentobject']->getItem(array('itemid' => $remove)); $data['paymentobject']->deleteItem(); xarResponse::redirect(xarModURL('shop', 'user', 'paymentmethod')); return true; } $selectedpaymentmethod = xarSession::getVar('paymentmethod'); if (!empty($selectedpaymentmethod)) { $data['paymentmethod'] = $selectedpaymentmethod; } // If we're using a saved payment method... if ($proceedsaved) { xarSession::setVar('paymentmethod', $paymentmethod); xarResponse::redirect(xarModURL('shop', 'user', 'order')); return true; } elseif ($proceednew) { // We're not using a saved payment method... $isvalid = $data['paymentobject']->checkInput(); if (isset($exp_date)) { $exp_month = substr($exp_date, 0, 2); $exp_year = substr($exp_date, 2, 4); $reverse_date = $exp_year . $exp_month; $minimum_date = date('ym', time()); if ($minimum_date > $reverse_date) { $errors['exp_date'] = true; } } if (isset($errors)) { xarSession::setVar('errors', $errors); } if (!$isvalid) { return xarTplModule('shop', 'user', 'paymentmethod', $data); } else { xarSession::setVar('paymentmethod', $data['paymentobject']->createItem()); xarResponse::redirect(xarModURL('shop', 'user', 'order')); return true; } } return $data; }