/**
* View the cart
*/
function shop_user_viewcart()
{
// If the user returns to the cart after taking other steps, unset any errors from earlier in the session.
xarSession::delVar('errors');
sys::import('modules.dynamicdata.class.objects.master');
$subtotals = array();
$products = array();
$total = 0;
// May want to display cust info with the cart...
$cust = xarMod::APIFunc('shop', 'user', 'customerinfo');
$data['cust'] = $cust;
$shop = xarSession::getVar('shop');
foreach ($shop as $pid => $val) {
// If this post variable is set, we must need to update the quantity
if (isset($_POST['qty' . $pid])) {
unset($qty_new);
// Have to unset this since we're in a foreach
if (!xarVarFetch('qty' . $pid, 'isset', $qty_new, NULL, XARVAR_DONT_SET)) {
return;
}
if ($qty_new == 0) {
unset($shop[$pid]);
} else {
$shop[$pid]['qty'] = $qty_new;
}
}
// If the quantity hasn't been set to zero, add it to the $products array...
if (isset($shop[$pid])) {
// Commas in the quantity seem to mess up our math
$products[$pid]['qty'] = str_replace(',', '', $shop[$pid]['qty']);
// Get the product info
$object = DataObjectMaster::getObject(array('name' => 'shop_products'));
$some_id = $object->getItem(array('itemid' => $pid));
$values = $object->getFieldValues();
$products[$pid]['title'] = xarVarPrepForDisplay($values['title']);
$products[$pid]['price'] = $values['price'];
$subtotal = $values['price'] * $products[$pid]['qty'];
$subtotals[] = $subtotal;
// so we can use array_sum() to add it all up
if (substr($subtotal, 0, 1) == '.') {
$subtotal = '0' . $subtotal;
}
$products[$pid]['subtotal'] = number_format($subtotal, 2);
}
}
xarSession::setVar('shop', $shop);
$total = array_sum($subtotals);
// Add a zero to the front of the number if it starts with a decimal...
if (substr($total, 0, 1) == '.') {
$total = '0' . $total;
}
$total = number_format($total, 2);
xarSession::setVar('products', $products);
// update the session variable
$data['products'] = $products;
// don't want too much session stuff in the templates
xarSession::setVar('total', $total);
$data['total'] = $total;
return $data;
}
function wurfl_admin_delete()
{
if (!xarSecurityCheck('ManageWurfl')) {
return;
}
if (!xarVarFetch('name', 'str:1', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemid', 'int', $data['itemid'], '', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('confirm', 'str:1', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
$data['object'] = DataObjectMaster::getObject(array('name' => $name));
$data['object']->getItem(array('itemid' => $data['itemid']));
$data['tplmodule'] = 'wurfl';
$data['authid'] = xarSecGenAuthKey('wurfl');
if ($data['confirm']) {
// Check for a valid confirmation key
if (!xarSecConfirmAuthKey()) {
return;
}
// Delete the item
$item = $data['object']->deleteItem();
// Jump to the next page
xarController::redirect(xarModURL('wurfl', 'admin', 'view'));
return true;
}
return $data;
}
function publications_admin_modify_pubtype($args)
{
if (!xarSecurityCheck('AdminPublications')) {
return;
}
extract($args);
// Get parameters
if (!xarVarFetch('itemid', 'isset', $data['itemid'], NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('returnurl', 'str:1', $data['returnurl'], 'view', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('name', 'str:1', $name, '', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('tab', 'str:1', $data['tab'], '', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if (empty($name) && empty($itemid)) {
return xarResponse::NotFound();
}
// Get our object
$data['object'] = DataObjectMaster::getObject(array('name' => 'publications_types'));
if (!empty($data['itemid'])) {
$data['object']->getItem(array('itemid' => $data['itemid']));
} else {
$type_list = DataObjectMaster::getObjectList(array('name' => 'publications_types'));
$where = 'name = ' . $name;
$items = $type_list->getItems(array('where' => $where));
$item = current($items);
$data['object']->getItem(array('itemid' => $item['id']));
}
// Send the publication type and the object properties to the template
$data['properties'] = $data['object']->getProperties();
// Get the settings of the publication type we are using
$data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['itemid']));
if ($data['confirm']) {
// Check for a valid confirmation key
if (!xarSecConfirmAuthKey()) {
return;
}
// Get the data from the form
$isvalid = $data['object']->checkInput();
if (!$isvalid) {
// Bad data: redisplay the form with error messages
return xarTplModule('publications', 'admin', 'modify_pubtype', $data);
} else {
// Good data: create the item
$itemid = $data['object']->updateItem(array('itemid' => $data['itemid']));
// Jump to the next page
xarController::redirect(xarModURL('publications', 'admin', 'view_pubtypes'));
return true;
}
}
return $data;
}
function publications_user_new($args)
{
extract($args);
// Get parameters
if (!xarVarFetch('ptid', 'id', $data['ptid'], xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('catid', 'str', $catid, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemtype', 'id', $itemtype, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
$data['items'] = array();
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$data['properties'] = $data['object']->getProperties();
if (!empty($data['ptid'])) {
$template = $pubtypeobject->properties['template']->value;
} else {
// TODO: allow templates per category ?
$template = null;
}
// Get the settings of the publication type we are using
$data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid']));
return xarTplModule('publications', 'admin', 'new', $data, $template);
}
/**
* Modify a customer
*/
function shop_admin_modifycustomer()
{
if (!xarVarFetch('itemid', 'id', $data['itemid'], NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
$objectname = 'shop_customers';
$data['objectname'] = $objectname;
// Check if we still have no id of the item to modify.
if (empty($data['itemid'])) {
$msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'admin', 'modify', 'shop');
throw new Exception($msg);
}
if (!xarSecurityCheck('AdminShop', 1, 'Item', $data['itemid'])) {
return;
}
sys::import('modules.dynamicdata.class.objects.master');
$object = DataObjectMaster::getObject(array('name' => $objectname));
$data['object'] = $object;
$data['label'] = $object->label;
$object->getItem(array('itemid' => $data['itemid']));
$values = $object->getFieldValues();
foreach ($values as $name => $value) {
$data[$name] = xarVarPrepForDisplay($value);
}
$rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users'));
$rolesobject->getItem(array('itemid' => $data['itemid']));
if ($data['confirm']) {
// Check for a valid confirmation key
if (!xarSecConfirmAuthKey()) {
return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author'));
}
// Get the data from the form
$isvalid = $object->checkInput();
if (!$isvalid) {
// Bad data: redisplay the form with the data we picked up and with error messages
return xarTplModule('shop', 'admin', 'modifycustomer', $data);
} elseif (isset($data['preview'])) {
// Show a preview, same thing as the above essentially
return xarTplModule('shop', 'admin', 'modifycustomer', $data);
} else {
$first_name = $object->properties['first_name']->getValue();
$last_name = $object->properties['last_name']->getValue();
$rolesobject->properties['name']->setValue($first_name . ' ' . $last_name);
$rolesobject->updateItem();
$object->updateItem();
// Jump to the next page
xarResponse::redirect(xarModURL('shop', 'admin', 'modifycustomer', array('itemid' => $data['itemid'])));
return $data;
}
} else {
// Get that specific item of the object
$object->getItem(array('itemid' => $data['itemid']));
}
// Return the template variables defined in this function
return $data;
}
/**
* Create a new customer
*/
function shop_user_newcustomer()
{
if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('returnurl', 'str', $returnurl, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
sys::import('modules.dynamicdata.class.objects.master');
$rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users'));
$data['properties'] = $rolesobject->properties;
// Check if we are in 'preview' mode from the input here - the rest is handled by checkInput()
// Here we are testing for a button clicked, so we test for a string
if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) {
return;
}
// Check if we are submitting the form
// Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false)
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if ($data['confirm']) {
// Check for a valid confirmation key. The value is automatically gotten from the template
if (!xarSecConfirmAuthKey()) {
return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author'));
}
// Get the data from the form and see if it is all valid
// Either way the values are now stored in the object
$isvalid = $rolesobject->properties['email']->checkInput();
$isvalid2 = $rolesobject->properties['password']->checkInput();
if (!$isvalid || !$isvalid2) {
// Bad data: redisplay the form with the data we picked up and with error messages
return xarTplModule('shop', 'user', 'newcustomer', $data);
} else {
$email = $rolesobject->properties['email']->getValue();
$password = $rolesobject->properties['password']->getValue();
$rolesobject->properties['name']->setValue($email);
$rolesobject->properties['email']->setValue($email);
$rolesobject->properties['uname']->setValue($email);
$rolesobject->properties['password']->setValue($password);
$rolesobject->properties['state']->setValue(3);
$authmodule = (int) xarMod::getID('shop');
$rolesobject->properties['authmodule']->setValue($authmodule);
$uid = $rolesobject->createItem();
$custobject = DataObjectMaster::getObject(array('name' => 'shop_customers'));
$custobject->createItem(array('id' => $uid));
if (isset($returnurl)) {
xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $password));
xarResponse::redirect($returnurl);
} else {
xarResponse::redirect(xarModURL('shop'));
}
// Always add the next line even if processing never reaches it
return true;
}
}
// Return the template variables defined in this function
return $data;
}
function publications_admin_templates_page($args)
{
if (!xarSecurityCheck('AdminPublications')) {
return;
}
extract($args);
if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('ptid', 'id', $data['ptid'], 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemid', 'id', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('file', 'str', $data['file'], 'summary', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('source_data', 'str', $data['source_data'], '', XARVAR_NOT_REQUIRED)) {
return;
}
if (empty($data['itemid']) || empty($data['ptid'])) {
return xarResponse::NotFound();
}
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$pubtype = explode('_', $pubtypeobject->properties['name']->value);
$pubtype = isset($pubtype[1]) ? $pubtype[1] : $pubtype[0];
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$basepath = sys::code() . "modules/publications/xartemplates/objects/" . $pubtype;
$sourcefile = $basepath . "/" . $data['file'] . "_" . $data['itemid'] . ".xt";
$overridepath = "themes/" . xarModVars::get('themes', 'default_theme') . "/modules/publications/objects/" . $pubtype;
$overridefile = $overridepath . "/" . $data['file'] . "-" . $data['itemid'] . ".xt";
// If we are saving, write the file now
if ($confirm && !empty($data['source_data'])) {
xarMod::apiFunc('publications', 'admin', 'write_file', array('file' => $overridefile, 'data' => $data['source_data']));
}
// Let the template know what kind of file this is
if (file_exists($overridefile)) {
$data['filetype'] = 'theme';
$filepath = $overridefile;
$data['writable'] = is_writable($overridefile);
} else {
$data['filetype'] = 'module';
$filepath = $sourcefile;
$data['writable'] = is_writeable_dir($overridepath);
}
$data['source_data'] = trim(xarMod::apiFunc('publications', 'admin', 'read_file', array('file' => $filepath)));
// Initialize the template
if (empty($data['source_data'])) {
$data['source_data'] = '<xar:template xmlns:xar="http://xaraya.com/2004/blocklayout">';
$data['source_data'] .= "\n";
$data['source_data'] .= "\n" . '</xar:template>';
}
$data['files'] = array(array('id' => 'summary', 'name' => 'summary display'), array('id' => 'detail', 'name' => 'detail display'));
return $data;
}
/**
* List the product attributes
*/
function shop_admin_attributes()
{
if (!xarVarFetch('startnum', 'isset', $data['startnum'], NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('user_id', 'isset', $user_id, NULL, XARVAR_DONT_SET)) {
return;
}
$objectname = 'shop_attributes';
$data['objectname'] = $objectname;
// Security check - important to do this as early as possible to avoid
// potential security holes or just too much wasted processing
if (!xarSecurityCheck('AdminShop')) {
return;
}
$data['items_per_page'] = xarModVars::get('shop', 'items_per_page');
// Load the DD master object class. This line will likely disappear in future versions
sys::import('modules.dynamicdata.class.objects.master');
// Get the object label for the template
$object = DataObjectMaster::getObject(array('name' => $objectname));
$data['label'] = $object->label;
// Get the fields to display in the admin interface
$config = $object->configuration;
if (!empty($config['adminfields'])) {
$data['adminfields'] = $config['adminfields'];
} else {
$data['adminfields'] = array_keys($object->getProperties());
}
// Get the object we'll be working with. Note this is a so called object list
$mylist = DataObjectMaster::getObjectList(array('name' => $objectname));
// Load the DD master property class. This line will likely disappear in future versions
sys::import('modules.dynamicdata.class.properties.master');
$data['sort'] = xarMod::ApiFunc('shop', 'admin', 'sort', array('sortfield_fallback' => 'ID', 'ascdesc_fallback' => 'ASC'));
// We have some filters for the items
$filters = array('startnum' => $data['startnum'], 'status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE, 'sort' => $data['sort']);
if (isset($user_id)) {
$filters['where'] = 'user_id eq ' . $user_id;
}
// Get the items
$items = $mylist->getItems($filters);
if (isset($user_id)) {
// Get the object we'll be working with. Note this is a so called object list
$mylist2 = DataObjectMaster::getObjectList(array('name' => 'shop_customers'));
$filters = array();
if (isset($user_id)) {
$filters['where'] = 'ID eq ' . $user_id;
}
$items2 = $mylist2->getItems($filters);
$data['fname'] = $items2[$user_id]['FirstName'];
$data['lname'] = $items2[$user_id]['LastName'];
}
$data['mylist'] = $mylist;
// Return the template variables defined in this function
return $data;
}
function calendar_adminapi_hookcreate($data)
{
if (!isset($data['extrainfo']) || !is_array($data['extrainfo'])) {
$data['extrainfo'] = array();
}
// When called via hooks, modname will be empty, but we get it from the
// extrainfo or the current module
if (empty($data['module'])) {
if (!empty($data['extrainfo']['module'])) {
$data['module'] = $data['extrainfo']['module'];
} else {
$data['module'] = xarMod::getName();
}
}
$data['module_id'] = xarMod::getID($data['module']);
if (empty($data['module_id'])) {
throw new IDNotFoundException("module id for " . $data['modname']);
}
if (!isset($data['itemtype']) || !is_numeric($data['itemtype'])) {
if (isset($data['extrainfo']['itemtype']) && is_numeric($data['extrainfo']['itemtype'])) {
$data['itemtype'] = $data['extrainfo']['itemtype'];
} else {
$data['itemtype'] = 0;
}
}
if (!isset($data['itemid']) || !is_numeric($data['itemid'])) {
if (isset($data['extrainfo']['item_id']) && is_numeric($data['extrainfo']['item_id'])) {
$data['itemid'] = $data['extrainfo']['item_id'];
} else {
$data['itemid'] = 0;
}
}
$data['extrainfo']['module_id'] = $data['module_id'];
$data['extrainfo']['itemtype'] = $data['itemtype'];
$data['extrainfo']['item_id'] = $data['itemid'];
$data['extrainfo']['name'] = isset($data['extrainfo']['name']) ? $data['extrainfo']['name'] : xarML('Unknown Event');
$data['extrainfo']['start_time'] = isset($data['extrainfo']['start_time']) ? $data['extrainfo']['start_time'] : time();
$data['extrainfo']['duration'] = isset($data['extrainfo']['duration']) ? $data['extrainfo']['duration'] : 60;
$data['extrainfo']['end_time'] = isset($data['extrainfo']['end_time']) ? $data['extrainfo']['end_time'] : $data['extrainfo']['start_time'] + $data['extrainfo']['duration'];
$data['extrainfo']['recurring_code'] = isset($data['extrainfo']['recurring_code']) ? $data['extrainfo']['recurring_code'] : 0;
$data['extrainfo']['recurring_span'] = isset($data['extrainfo']['recurring_span']) ? $data['extrainfo']['recurring_span'] : 0;
$data['extrainfo']['start_location'] = isset($data['extrainfo']['start_location']) ? $data['extrainfo']['start_location'] : null;
$data['extrainfo']['end_location'] = isset($data['extrainfo']['end_location']) ? $data['extrainfo']['end_location'] : null;
$data['extrainfo']['object_id'] = isset($data['extrainfo']['object_id']) ? $data['extrainfo']['object_id'] : 0;
$data['extrainfo']['role_id'] = isset($data['extrainfo']['role_id']) ? $data['extrainfo']['role_id'] : xarSession::getVar('role_id');
$data['extrainfo']['return_link'] = isset($data['extrainfo']['return_link']) ? $data['extrainfo']['return_link'] : '';
$data['extrainfo']['state'] = isset($data['extrainfo']['state']) ? $data['extrainfo']['state'] : 3;
$data['extrainfo']['timestamp'] = isset($data['extrainfo']['timestamp']) ? $data['extrainfo']['timestamp'] : time();
$data['extrainfo']['itemid'] = 0;
$object = DataObjectMaster::getObject(array('name' => 'calendar_event'));
$item = $object->createItem($data['extrainfo']);
return $data['extrainfo'];
}
function publications_admin_stylesheet_type($args)
{
if (!xarSecurityCheck('AdminPublications')) {
return;
}
extract($args);
if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('ptid', 'id', $data['ptid'], xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('file', 'str', $data['file'], '', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('source_data', 'str', $data['source_data'], '', XARVAR_NOT_REQUIRED)) {
return;
}
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$pubtype = explode('_', $pubtypeobject->properties['name']->value);
$pubtype = isset($pubtype[1]) ? $pubtype[1] : $pubtype[0];
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$basepath = sys::code() . "modules/publications/xarstyles";
$sourcefile = $basepath . "/" . $data['file'] . ".css";
$overridepath = "themes/" . xarModVars::get('themes', 'default_theme') . "/modules/publications/style";
$overridefile = $overridepath . "/" . $data['file'] . ".css";
// If we are saving, write the file now
if ($confirm && !empty($data['file']) && !empty($data['source_data'])) {
xarMod::apiFunc('publications', 'admin', 'write_file', array('file' => $overridefile, 'data' => $data['source_data']));
}
// Let the template know what kind of file this is
if (empty($data['file'])) {
$data['filetype'] = 'empty';
$filepath = '';
$data['writable'] = 0;
} elseif (file_exists($overridefile)) {
$data['filetype'] = 'theme';
$filepath = $overridefile;
$data['writable'] = is_writable($overridefile);
} elseif (file_exists($sourcefile)) {
$data['filetype'] = 'module';
$filepath = $sourcefile;
$data['writable'] = is_writeable_dir($overridepath);
} else {
$data['filetype'] = 'unknown';
$filepath = $overridefile;
$data['writable'] = is_writeable_dir($overridepath);
}
$data['source_data'] = trim(xarMod::apiFunc('publications', 'admin', 'read_file', array('file' => $filepath)));
return $data;
}
/**
* Show some predefined form field in a template
*
* @param $args array containing the definition of the field (object, itemid, property, value, ...)
* @return string containing the HTML (or other) text to output in the BL template
*/
function publications_userapi_fieldoutput($args)
{
extract($args);
if (!isset($object) || !isset($itemid) || !isset($field)) {
return '';
}
sys::import('modules.dynamicdata.class.objects.master');
$object = DataObjectMaster::getObject(array('name' => $object));
$itemid = xarMod::apiFunc('publications', 'user', 'gettranslationid', array('id' => $itemid));
$object->getItem(array('itemid' => $itemid));
$field = $object->properties[$field]->getValue();
return $field;
}
function publications_admin_create()
{
if (!xarVarFetch('ptid', 'id', $data['ptid'])) {
return;
}
if (!xarVarFetch('new_cids', 'array', $cids, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('save', 'str', $save, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
// Confirm authorisation code
// This has been disabled for now
// if (!xarSecConfirmAuthKey()) return;
$data['items'] = array();
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$isvalid = $data['object']->checkInput();
$data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid']));
if ($data['preview'] || !$isvalid) {
// Show debug info if called for
if (!$isvalid && xarModVars::get('publications', 'debugmode') && in_array(xarUserGetVar('uname'), xarConfigVars::get(null, 'Site.User.DebugAdmins'))) {
var_dump($data['object']->getInvalids());
}
// Preview or bad data: redisplay the form
$data['properties'] = $data['object']->getProperties();
if ($data['preview']) {
$data['tab'] = 'preview';
}
return xarTplModule('publications', 'admin', 'new', $data);
}
// Create the object
$id = $data['object']->createItem();
// if we can edit publications, go to admin view, otherwise go to user view
if (xarSecurityCheck('EditPublications', 0, 'Publication', $data['ptid'] . ':All:All:All')) {
// Redirect if we came from somewhere else
$cuurent_listview = xarSession::getVar('publications_current_listview');
if (!empty($cuurent_listview)) {
xarController::redirect($cuurent_listview);
}
xarController::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $data['ptid'])));
} else {
xarController::redirect(xarModURL('publications', 'user', 'view', array('ptid' => $data['ptid'])));
}
return true;
}
/**
* Create a new product
*/
function shop_admin_newproduct()
{
// See if the current user has the privilege to add an item. We cannot pass any extra arguments here
if (!xarSecurityCheck('Addshop')) {
return;
}
if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) {
return;
}
$objectname = 'shop_products';
$data['objectname'] = $objectname;
// Load the DD master object class. This line will likely disappear in future versions
sys::import('modules.dynamicdata.class.objects.master');
$object = DataObjectMaster::getObject(array('name' => $objectname));
$data['label'] = $object->label;
$data['object'] = $object;
// Check if we are in 'preview' mode from the input here - the rest is handled by checkInput()
// Here we are testing for a button clicked, so we test for a string
if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) {
return;
}
// Check if we are submitting the form
// Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false)
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if ($data['confirm']) {
// Check for a valid confirmation key. The value is automatically gotten from the template
if (!xarSecConfirmAuthKey()) {
return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author'));
}
// Get the data from the form and see if it is all valid
// Either way the values are now stored in the object
$isvalid = $data['object']->checkInput();
if (!$isvalid) {
// Bad data: redisplay the form with the data we picked up and with error messages
return xarTplModule('shop', 'admin', 'newproduct', $data);
} elseif (isset($data['preview'])) {
// Show a preview, same thing as the above essentially
return xarTplModule('shop', 'admin', 'newproduct', $data);
} else {
$itemid = $data['object']->createItem();
// Jump to the next page
xarResponse::redirect(xarModURL('shop', 'admin', 'products'));
return true;
}
}
// Return the template variables defined in this function
return $data;
}
function publications_adminapi_getpubtypeaccess($args)
{
if (!isset($args['ptid'])) {
throw new Exception(xarML('Missing ptid param in publications_adminapi_getpubtypeaccess'));
}
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
if (null == $pubtypeobject) {
return false;
}
$pubtypeobject->getItem(array('itemid' => $args['ptid']));
if (empty($pubtypeobject->properties['access']->value)) {
return "a:0:{}";
}
return $pubtypeobject->properties['access']->value;
}
public function display()
{
$data = $this->getContent();
// Setup featured item
if ($data['fillerid'] > 0) {
$fillerid = xarMod::apiFunc('publications', 'user', 'gettranslationid', array('id' => $data['fillerid']));
$ptid = xarMod::apiFunc('publications', 'user', 'getitempubtype', array('itemid' => $data['fillerid']));
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $ptid));
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$data['object']->getItem(array('itemid' => $data['fillerid']));
return $data;
}
return;
}
function mailer_user_view_mailer()
{
if (!xarSecurityCheck('ReadMailer')) {
return;
}
if (!xarVarFetch('name', 'str', $name, 'mailer_mails', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) {
return;
}
$data['object'] = DataObjectMaster::getObject(array('name' => $name));
$data['object']->getItem(array('itemid' => $data['itemid']));
$data['tplmodule'] = 'mailer';
return $data;
}
/**
* Start the checkout process -- user can create account or log into existing account
*/
function shop_user_start()
{
// Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be
if (xarUserIsLoggedIn()) {
xarResponse::redirect(xarModURL('shop', 'user', 'viewcart'));
return true;
}
$shop = xarSession::getVar('shop');
if (empty($shop)) {
xarResponse::redirect(xarModURL('shop', 'user', 'main'));
return true;
}
sys::import('modules.dynamicdata.class.objects.master');
sys::import('modules.dynamicdata.class.properties.master');
$rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users'));
$properties = $rolesobject->properties;
$data['properties'] = $properties;
$isvalid = $rolesobject->properties['email']->checkInput();
$isvalid2 = $rolesobject->properties['password']->checkInput();
if ($isvalid && $isvalid2) {
if (!xarSecConfirmAuthKey()) {
// right time to do this??
return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author'));
}
// Create the role and the customer object and then log in
$email = $rolesobject->properties['email']->getValue();
$password = $rolesobject->properties['password']->getValue();
$values['name'] = $email;
$values['email'] = $email;
$values['uname'] = $email;
$values['password'] = $password;
$values['state'] = 3;
$rolesobject->setFieldValues($values, 1);
$uid = $rolesobject->createItem();
$custobject = DataObjectMaster::getObject(array('name' => 'shop_customers'));
$custobject->createItem(array('id' => $uid));
$name = 'dd_' . $properties['password']->id;
$vals = $properties['password']->fetchValue($name);
$pass = $vals[1][0];
$res = xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $pass));
xarResponse::redirect(xarModURL('shop', 'user', 'shippingaddress'));
return true;
} else {
// We don't yet have a valid email or password for registration...
return xarTplModule('shop', 'user', 'start', $data);
}
}
/**
* Get the items currently in the cart
*/
function shop_userapi_getcartproducts($args)
{
sys::import('modules.dynamicdata.class.objects.master');
$total = 0;
$shop = xarSession::getVar('shop');
if (empty($shop)) {
return;
}
foreach ($shop as $pid => $val) {
// if this post variable is set, we must need to update the quantity
if (isset($_POST['qty' . $pid])) {
unset($qty_new);
if (!xarVarFetch('qty' . $pid, 'isset', $qty_new, NULL, XARVAR_DONT_SET)) {
return;
}
$shop[$pid]['qty'] = $qty_new;
}
$products[$pid]['qty'] = $shop[$pid]['qty'];
$object = DataObjectMaster::getObject(array('name' => 'shop_products'));
$some_id = $object->getItem(array('itemid' => $pid));
$values = $object->getFieldValues();
$products[$pid]['title'] = xarVarPrepForDisplay($values['title']);
$price = $values['price'];
if (substr($price, 0, 1) == '.') {
$price = '0' . $price;
}
$products[$pid]['price'] = $price;
$subtotal = $values['price'] * $products[$pid]['qty'];
$subtotals[] = $subtotal;
$products[$pid]['subtotal'] = number_format($subtotal, 2);
}
xarSession::setVar('shop', $shop);
$total = array_sum($subtotals);
$total = number_format($total, 2);
if (substr($total, 0, 1) == '.') {
$total = '0' . $total;
}
$productinfo['products'] = $products;
$productinfo['total'] = $total;
return $productinfo;
}
/**
* Display a product
*/
function shop_user_product($args)
{
if (!xarVarFetch('itemid', 'id', $itemid, NULL, XARVAR_DONT_SET)) {
return;
}
extract($args);
if (!empty($objectid)) {
$itemid = $objectid;
}
if (empty($itemid)) {
$msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'user', 'display', 'shop');
throw new Exception($msg);
}
// Make sure user has read privileges for the item
if (!xarSecurityCheck('ReadShop', 1, 'Item', $itemid)) {
return;
}
// Load the DD master object class. This line will likely disappear in future versions
sys::import('modules.dynamicdata.class.objects.master');
// Get the object definition we'll be working with
$object = DataObjectMaster::getObject(array('name' => 'shop_products'));
$data['object'] = $object;
//We don't really have the item until we call getItem()
$some_id = $object->getItem(array('itemid' => $itemid));
//Make sure we got something
if (!isset($some_id) || $some_id != $itemid) {
return;
}
//Get the property names and values for the item with the getFieldValues() method
$values = $object->getFieldValues();
$data['itemid'] = $itemid;
//$values is an associative array of property names and values, so...
foreach ($values as $name => $value) {
$data[$name] = xarVarPrepForDisplay($value);
}
$data['editurl'] = '';
if (xarSecurityCheck('EditShop', 1)) {
$data['editurl'] = xarModURL('shop', 'admin', 'modify', array('itemid' => $itemid, 'name' => 'shop_products'));
}
return xarTplModule('shop', 'user', 'product', $data);
}
function publications_user_create()
{
if (!xarVarFetch('ptid', 'id', $data['ptid'])) {
return;
}
if (!xarVarFetch('new_cids', 'array', $cids, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('save', 'str', $save, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
// Confirm authorisation code
// This has been disabled for now
// if (!xarSecConfirmAuthKey()) return;
$data['items'] = array();
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$isvalid = $data['object']->checkInput();
$data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid']));
if ($data['preview'] || $isvalid) {
// Preview or bad data: redisplay the form
$data['properties'] = $data['object']->getProperties();
if ($data['preview']) {
$data['tab'] = 'preview';
}
return xarTplModule('publications', 'user', 'new', $data);
}
// Create the object
$id = $data['object']->createItem();
// if we can edit publications, go to admin view, otherwise go to user view
if (xarSecurityCheck('EditPublications', 0, 'Publication', $data['ptid'] . ':All:All:All')) {
xarResponse::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $data['ptid'])));
} else {
xarResponse::redirect(xarModURL('publications', 'user', 'view', array('ptid' => $data['ptid'])));
}
return true;
}
function publications_userapi_getsettings($data)
{
if (empty($data['ptid'])) {
throw new Exception('Missing publication type for caching');
}
// If already cached, then get that
if (xarCore::isCached('publications', 'context' . $data['ptid'])) {
return xarCore::getCached('publications', 'context' . $data['ptid']);
}
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$pubtypesettings = @unserialize($pubtypeobject->properties['configuration']->getValue());
$globalsettings = publications_userapi_getglobalsettings();
if (is_array($pubtypesettings)) {
$settings = $pubtypesettings + $globalsettings;
} else {
$settings = $globalsettings;
}
xarCore::setCached('publications', 'context' . $data['ptid'], $settings);
return $settings;
}
/**
* Get customer info
*/
function shop_userapi_customerinfo($args)
{
$values = array();
if (xarUserIsLoggedIn()) {
$id = xarUserGetVar('id');
}
extract($args);
if (isset($id)) {
sys::import('modules.dynamicdata.class.objects.master');
$custobject = DataObjectMaster::getObject(array('name' => 'shop_customers'));
$some_id = $custobject->getItem(array('itemid' => $id));
if (!$some_id) {
//This user must have a role but no customer account. This probably happened because a web admin uninstalled the shop module, deleting all the customer accounts but not deleting the associated roles. Let's re-create the customer record with just the id so we don't get snagged later
$id = $custobject->createItem(array('id' => $id));
$custobject->getItem(array('itemid' => $id));
}
$values = $custobject->getFieldValues();
return $values;
} else {
return;
}
}
function wurfl_admin_modify()
{
if (!xarSecurityCheck('EditWurfl')) {
return;
}
if (!xarVarFetch('name', 'str', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
$data['object'] = DataObjectMaster::getObject(array('name' => $name));
$data['object']->getItem(array('itemid' => $data['itemid']));
$data['tplmodule'] = 'wurfl';
$data['authid'] = xarSecGenAuthKey('wurfl');
if ($data['confirm']) {
// Check for a valid confirmation key
if (!xarSecConfirmAuthKey()) {
return;
}
// Get the data from the form
$isvalid = $data['object']->checkInput();
if (!$isvalid) {
// Bad data: redisplay the form with error messages
return xarTplModule('wurfl', 'admin', 'modify', $data);
} else {
// Good data: create the item
$itemid = $data['object']->updateItem(array('itemid' => $data['itemid']));
// Jump to the next page
xarController::redirect(xarModURL('wurfl', 'admin', 'view'));
return true;
}
}
return $data;
}
function wurfl_admin_new()
{
if (!xarSecurityCheck('AddWurfl')) {
return;
}
if (!xarVarFetch('name', 'str', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
$data['object'] = DataObjectMaster::getObject(array('name' => $name));
$data['tplmodule'] = 'wurfl';
$data['authid'] = xarSecGenAuthKey('wurfl');
if ($data['confirm']) {
// we only retrieve 'preview' from the input here - the rest is handled by checkInput()
if (!xarVarFetch('preview', 'str', $preview, NULL, XARVAR_DONT_SET)) {
return;
}
// Check for a valid confirmation key
if (!xarSecConfirmAuthKey()) {
return;
}
// Get the data from the form
$isvalid = $data['object']->checkInput();
if (!$isvalid) {
// Bad data: redisplay the form with error messages
return xarTplModule('wurfl', 'admin', 'new', $data);
} else {
// Good data: create the item
$itemid = $data['object']->createItem();
// Jump to the next page
xarController::redirect(xarModURL('wurfl', 'admin', 'view'));
return true;
}
}
return $data;
}
function mailer_admin_view_mailer()
{
if (!xarSecurityCheck('ManageMailer')) {
return;
}
if (!xarVarFetch('name', 'str', $name, 'mailer_mails', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (xarModIsAvailable('realms')) {
$userrealmid = xarModAPIfunc('realms', 'admin', 'getrealmid');
$realmid = xarModAPIfunc('realms', 'admin', 'getrealmid', array('itemid' => $data['itemid'], 'tablename' => 'mailer_mails'));
if ($userrealmid != 0 && $userrealmid != $realmid) {
return;
}
}
$data['object'] = DataObjectMaster::getObject(array('name' => $name));
$data['object']->getItem(array('itemid' => $data['itemid']));
$data['tplmodule'] = 'mailer';
return $data;
}
/**
* Display a transaction
*/
function shop_admin_transaction($args)
{
if (!xarVarFetch('itemid', 'id', $itemid, NULL, XARVAR_DONT_SET)) {
return;
}
extract($args);
if (empty($itemid)) {
$msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'user', 'display', 'shop');
throw new Exception($msg);
}
// Make sure user has read privileges for the item
if (!xarSecurityCheck('ReadShop', 1, 'Item', $itemid)) {
return;
}
// Load the DD master object class. This line will likely disappear in future versions
sys::import('modules.dynamicdata.class.objects.master');
// Get the object definition we'll be working with
$object = DataObjectMaster::getObject(array('name' => 'shop_transactions'));
$data['properties'] = $object->getProperties();
$data['object'] = $object;
//We don't really have the item until we call getItem()
$some_id = $object->getItem(array('itemid' => $itemid));
//Make sure we got something
if (!isset($some_id) || $some_id != $itemid) {
return;
}
//Get the property names and values for the item with the getFieldValues() method
$values = $object->getFieldValues();
//We need to do this up here to avoid messing up the serialized array with xarVarPrepForDisplay
$products = unserialize($values['products']);
//$values is an associative array of property names and values, so...
foreach ($values as $name => $value) {
$data[$name] = xarVarPrepForDisplay($value);
}
$data['products'] = $products;
return $data;
}
function publications_admin_updateconfig()
{
// Confirm authorisation code
if (!xarSecConfirmAuthKey()) {
return;
}
// Get parameters
//A lot of these probably are bools, still might there be a need to change the template to return
//'true' and 'false' to use those...
if (!xarVarFetch('settings', 'array', $settings, array(), XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('usetitleforurl', 'int', $usetitleforurl, xarModVars::get('publications', 'usetitleforurl'), XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('defaultstate', 'isset', $defaultstate, 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('defaultsort', 'isset', $defaultsort, 'date', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('usealias', 'int', $usealias, 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('ptid', 'isset', $ptid, xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('multilanguage', 'int', $multilanguage, 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('tab', 'str:1:10', $data['tab'], 'global', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarSecurityCheck('AdminPublications', 1, 'Publication', "{$ptid}:All:All:All")) {
return;
}
if ($data['tab'] == 'global') {
if (!xarVarFetch('defaultpubtype', 'isset', $defaultpubtype, 1, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('sortpubtypes', 'isset', $sortpubtypes, 'id', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('defaultlanguage', 'str:1:100', $defaultlanguage, xarModVars::get('publications', 'defaultlanguage'), XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('debugmode', 'checkbox', $debugmode, xarModVars::get('publications', 'debugmode'), XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('defaultfrontpage', 'str', $defaultfrontpage, xarModVars::get('publications', 'defaultfrontpage'), XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('defaultbackpage', 'str', $defaultbackpage, xarModVars::get('publications', 'defaultbackpage'), XARVAR_NOT_REQUIRED)) {
return;
}
xarModVars::set('publications', 'defaultpubtype', $defaultpubtype);
xarModVars::set('publications', 'sortpubtypes', $sortpubtypes);
xarModVars::set('publications', 'defaultlanguage', $defaultlanguage);
xarModVars::set('publications', 'debugmode', $debugmode);
xarModVars::set('publications', 'usealias', $usealias);
xarModVars::set('publications', 'usetitleforurl', $usetitleforurl);
xarModVars::set('publications', 'defaultfrontpage', $defaultfrontpage);
xarModVars::set('publications', 'defaultbackpage', $defaultbackpage);
// Allow multilanguage only if the languages property is present
sys::import('modules.dynamicdata.class.properties.registration');
$types = PropertyRegistration::Retrieve();
if (isset($types[30039])) {
xarModVars::set('publications', 'multilanguage', $multilanguage);
} else {
xarModVars::set('publications', 'multilanguage', 0);
}
// Get the special pages.
foreach (array('defaultpage', 'errorpage', 'notfoundpage', 'noprivspage') as $special_name) {
unset($special_id);
if (!xarVarFetch($special_name, 'id', $special_id, 0, XARVAR_NOT_REQUIRED)) {
return;
}
xarModVars::set('publications', $special_name, $special_id);
}
if (xarDB::getType() == 'mysql') {
if (!xarVarFetch('fulltext', 'isset', $fulltext, '', XARVAR_NOT_REQUIRED)) {
return;
}
$oldval = xarModVars::get('publications', 'fulltextsearch');
$index = 'i_' . xarDB::getPrefix() . '_publications_fulltext';
if (empty($fulltext) && !empty($oldval)) {
// Get database setup
$dbconn = xarDB::getConn();
$xartable = xarDB::getTables();
$publicationstable = $xartable['publications'];
// Drop fulltext index on publications table
$query = "ALTER TABLE {$publicationstable} DROP INDEX {$index}";
$result =& $dbconn->Execute($query);
if (!$result) {
return;
}
xarModVars::set('publications', 'fulltextsearch', '');
} elseif (!empty($fulltext) && empty($oldval)) {
$searchfields = array('title', 'description', 'summary', 'body1', 'notes');
// $searchfields = explode(',',$fulltext);
// Get database setup
$dbconn = xarDB::getConn();
$xartable = xarDB::getTables();
$publicationstable = $xartable['publications'];
// Add fulltext index on publications table
$query = "ALTER TABLE {$publicationstable} ADD FULLTEXT {$index} (" . join(', ', $searchfields) . ")";
$result =& $dbconn->Execute($query);
if (!$result) {
return;
}
xarModVars::set('publications', 'fulltextsearch', join(',', $searchfields));
}
}
// Module settings
$data['module_settings'] = xarMod::apiFunc('base', 'admin', 'getmodulesettings', array('module' => 'publications'));
$data['module_settings']->setFieldList('items_per_page, use_module_alias, module_alias_name, enable_short_urls, user_menu_link', 'use_module_icons');
$isvalid = $data['module_settings']->checkInput();
if (!$isvalid) {
return xarTplModule('base', 'admin', 'modifyconfig', $data);
} else {
$itemid = $data['module_settings']->updateItem();
}
// Pull the base category ids from the template and save them
$picker = DataPropertyMaster::getProperty(array('name' => 'categorypicker'));
$picker->checkInput('basecid');
} elseif ($data['tab'] == 'pubtypes') {
// Get the publication type for this display and save the settings to it
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $ptid));
$configsettings = $pubtypeobject->properties['configuration']->getValue();
$checkbox = DataPropertyMaster::getProperty(array('name' => 'checkbox'));
$boxes = array('show_hitount', 'show_ratings', 'show_keywords', 'show_comments', 'show_prevnext', 'show_archives', 'show_publinks', 'show_pubcount', 'show_map', 'prevnextart', 'dot_transform', 'title_transform', 'show_categories', 'show_catcount', 'show_prevnext', 'allow_translations');
foreach ($boxes as $box) {
$isvalid = $checkbox->checkInput($box);
if ($isvalid) {
$settings[$box] = $checkbox->value;
}
}
// foreach ($configsettings as $key => $value)
// if (!isset($settings[$key])) $settings[$key] = 0;
$isvalid = true;
// Get the default access rules
$access = DataPropertyMaster::getProperty(array('name' => 'access'));
$validprop = $access->checkInput("access_add");
$addaccess = $access->value;
$isvalid = $isvalid && $validprop;
$validprop = $access->checkInput("access_display");
$displayaccess = $access->value;
$isvalid = $isvalid && $validprop;
$validprop = $access->checkInput("access_modify");
$modifyaccess = $access->value;
$isvalid = $isvalid && $validprop;
$validprop = $access->checkInput("access_delete");
$deleteaccess = $access->value;
$isvalid = $isvalid && $validprop;
$allaccess = array('add' => $addaccess, 'display' => $displayaccess, 'modify' => $modifyaccess, 'delete' => $deleteaccess);
$pubtypeobject->properties['access']->setValue(serialize($allaccess));
$pubtypeobject->properties['configuration']->setValue(serialize($settings));
$pubtypeobject->updateItem(array('itemid' => $ptid));
$pubtypes = xarModAPIFunc('publications', 'user', 'get_pubtypes');
if ($usealias) {
xarModSetAlias($pubtypes[$ptid]['name'], 'publications');
} else {
xarModDelAlias($pubtypes[$ptid]['name'], 'publications');
}
} elseif ($data['tab'] == 'redirects') {
$redirects = DataPropertyMaster::getProperty(array('name' => 'array'));
$redirects->display_column_definition['value'] = array(array("From", "To"), array(2, 2), array("", ""), array("", ""));
$isvalid = $redirects->checkInput("redirects");
xarModVars::set('publications', 'redirects', $redirects->value);
}
xarController::redirect(xarModURL('publications', 'admin', 'modifyconfig', array('ptid' => $ptid, 'tab' => $data['tab'])));
return true;
}
/**
* Publications Module
*
* @package modules
* @subpackage publications module
* @category Third Party Xaraya Module
* @version 2.0.0
* @copyright (C) 2011 Netspan AG
* @license GPL {@link http://www.gnu.org/licenses/gpl.html}
* @author Marc Lutolf <*****@*****.**>
*/
function publications_admin_delete_pubtype()
{
if (!xarSecurityCheck('AdminPublications')) {
return;
}
if (!xarVarFetch('confirmed', 'int', $confirmed, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemid', 'str', $itemid, NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('idlist', 'str', $idlist, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('returnurl', 'str', $returnurl, NULL, XARVAR_DONT_SET)) {
return;
}
if (!empty($itemid)) {
$idlist = $itemid;
}
$ids = explode(',', trim($idlist, ','));
if (empty($idlist)) {
if (isset($returnurl)) {
xarController::redirect($returnurl);
} else {
xarController::redirect(xarModURL('publications', 'admin', 'view'));
}
}
$data['message'] = '';
$data['itemid'] = $itemid;
/*------------- Ask for Confirmation. If yes, action ----------------------------*/
sys::import('modules.dynamicdata.class.objects.master');
$pubtype = DataObjectMaster::getObject(array('name' => 'publications_types'));
if (!isset($confirmed)) {
$data['idlist'] = $idlist;
if (count($ids) > 1) {
$data['title'] = xarML("Delete Publication Types");
} else {
$data['title'] = xarML("Delete Publication Type");
}
$data['authid'] = xarSecGenAuthKey();
$items = array();
foreach ($ids as $i) {
$pubtype->getItem(array('itemid' => $i));
$item = $pubtype->getFieldValues();
$items[] = $item;
}
$data['items'] = $items;
$data['yes_action'] = xarModURL('publications', 'admin', 'delete_pubtype', array('idlist' => $idlist));
return xarTplModule('publications', 'admin', 'delete_pubtype', $data);
} else {
if (!xarSecConfirmAuthKey()) {
return;
}
foreach ($ids as $id) {
$itemid = $pubtype->deleteItem(array('itemid' => $id));
$data['message'] = "Publication Type deleted [ID {$id}]";
}
if (isset($returnurl)) {
xarController::redirect($returnurl);
} else {
xarController::redirect(xarModURL('publications', 'admin', 'view_pubtypes', $data));
}
return true;
}
return true;
}
/**
* view article map
*/
function publications_user_viewmap($args)
{
// Get parameters
if (!xarVarFetch('ptid', 'id', $ptid, xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('by', 'enum:pub:cat:grid', $by, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('go', 'str', $go, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('catid', 'str', $catid, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('cids', 'array', $cids, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
// Override if needed from argument array
extract($args);
$default = xarModVars::get('publications', 'defaultpubtype');
if (empty($by)) {
if (empty($default) && empty($ptid)) {
$by = 'cat';
} else {
$by = 'pub';
}
}
// turn $catid into $cids array (and set $andcids flag)
if (!empty($catid)) {
if (strpos($catid, ' ')) {
$cids = explode(' ', $catid);
$andcids = true;
} elseif (strpos($catid, '+')) {
$cids = explode('+', $catid);
$andcids = true;
} else {
$cids = explode('-', $catid);
$andcids = false;
}
}
$seencid = array();
if (isset($cids) && is_array($cids)) {
foreach ($cids as $cid) {
// make sure cids are numeric
if (!empty($cid) && is_numeric($cid)) {
$seencid[$cid] = 1;
}
}
$cids = array_keys($seencid);
sort($cids, SORT_NUMERIC);
}
// Get publication types
sys::import('modules.dynamicdata.class.objects.master');
$object = DataObjectMaster::getObjectList(array('name' => 'publications_types'));
$data['pubtypes'] = $object->getItems();
// redirect to filtered view
if (!empty($go) && (!empty($ptid) || $by == 'cat')) {
if (is_array($cids) && count($cids) > 0) {
$catid = join('+', $cids);
} else {
$catid = NULL;
}
$url = xarModURL('publications', 'user', 'view', array('ptid' => $ptid, 'catid' => $catid));
xarController::redirect($url);
return;
}
$data['catfilter'] = array();
$data['cattree'] = array();
$data['catgrid'] = array();
$dump = '';
$publinks = array();
if ($by == 'cat') {
$data['maplink'] = xarModURL('publications', 'user', 'viewmap', array('by' => 'cat'));
// TODO: re-evaluate this after user feedback...
// *trick* Use the 'default' categories here, instead of all rootcats
$basecats = xarModAPIFunc('categories', 'user', 'getallcatbases', array('module' => 'publications'));
$catlist = array();
foreach ($basecats as $basecat) {
$catlist[$basecat['category_id']] = 1;
}
$data['basecids'] = array_keys($catlist);
// create the category tree for each root category
// TODO: make sure permissions are taken into account here !
foreach ($catlist as $cid => $val) {
if (empty($val)) {
continue;
}
$data['cattree'][$cid] = xarModAPIFunc('publications', 'user', 'getchildcats', array('state' => array(PUBLICATIONS_STATE_APPROVED, PUBLICATIONS_STATE_FRONTPAGE), 'cid' => $cid, 'ptid' => null, 'showcid' => true));
}
} elseif ($by == 'grid') {
$data['catgrid'][0] = array();
$data['catgrid'][0][0] = '';
// Get the base categories
if (!empty($ptid)) {
$rootcats = xarModAPIFunc('categories', 'user', 'getallcatbases', array('module' => 'publications', 'itemtype' => $ptid));
} else {
$rootcats = xarModAPIFunc('categories', 'user', 'getallcatbases', array('module' => 'publications', 'itemtype' => 0));
$ptid = null;
}
if (count($rootcats) != 2) {
$data['catgrid'][0][0] = xarML('You need 2 base categories in order to use this grid view');
} else {
$catlist = array();
if (!empty($rootcats) && is_array($rootcats)) {
foreach ($rootcats as $cid) {
$catlist[$catid['category_id']] = 1;
}
}
$cattree = array();
// Get the category tree for each base category
foreach ($catlist as $cid => $val) {
if (empty($val)) {
continue;
}
$cattree[$cid] = xarModAPIFunc('publications', 'user', 'getchildcats', array('state' => array(PUBLICATIONS_STATE_FRONTPAGE, PUBLICATIONS_STATE_APPROVED), 'cid' => $cid, 'ptid' => $ptid, 'showcid' => true));
}
// Find out which category tree is the shortest
if (count($cattree[$rootcats[0]]) > count($cattree[$rootcats[1]])) {
$rowcat = $rootcats[0];
$colcat = $rootcats[1];
} else {
$rowcat = $rootcats[1];
$colcat = $rootcats[0];
}
// Fill in the column headers
$row = 0;
$col = 1;
$colcid = array();
foreach ($cattree[$colcat] as $info) {
$data['catgrid'][$row][$col] = '<a href="' . $info['link'] . '">' . $info['name'] . '</a>';
$colcid[$info['id']] = $col;
$col++;
}
$maxcol = $col;
// Fill in the row headers
$row = 1;
$col = 0;
$data['catgrid'][$row] = array();
$rowcid = array();
foreach ($cattree[$rowcat] as $info) {
$data['catgrid'][$row][$col] = '<a href="' . $info['link'] . '">' . $info['name'] . '</a>';
$rowcid[$info['id']] = $row;
$row++;
}
$maxrow = $row;
// Initialise the rest of the array
for ($row = 1; $row < $maxrow; $row++) {
if (!isset($data['catgrid'][$row])) {
$data['catgrid'][$row] = array();
}
for ($col = 1; $col < $maxcol; $col++) {
$data['catgrid'][$row][$col] = '';
}
}
// Get the counts for all groups of (N) categories
$pubcatcount = xarModAPIFunc('publications', 'user', 'getpubcatcount', array('state' => array(PUBLICATIONS_STATE_FRONTPAGE, PUBLICATIONS_STATE_APPROVED), 'ptid' => $ptid, 'groupcids' => 2, 'reverse' => 1));
if (!empty($ptid)) {
$what = $ptid;
} else {
$what = 'total';
}
// Fill in the count values
foreach ($pubcatcount as $cids => $counts) {
list($ca, $cb) = explode('+', $cids);
if (isset($rowcid[$ca]) && isset($colcid[$cb])) {
$link = xarModURL('publications', 'user', 'view', array('ptid' => $ptid, 'catid' => $ca . '+' . $cb));
$data['catgrid'][$rowcid[$ca]][$colcid[$cb]] = '<a href="' . $link . '"> ' . $counts[$what] . ' </a>';
}
if (isset($rowcid[$cb]) && isset($colcid[$ca])) {
$link = xarModURL('publications', 'user', 'view', array('ptid' => $ptid, 'catid' => $cb . '+' . $ca));
$data['catgrid'][$rowcid[$cb]][$colcid[$ca]] = '<a href="' . $link . '"> ' . $counts[$what] . ' </a>';
}
}
}
if (!empty($ptid)) {
$descr = $data['pubtypes'][$ptid]['description'];
}
} else {
$data['maplink'] = xarModURL('publications', 'user', 'viewmap', array('by' => 'pub'));
// get the links and counts for all publication types
$publinks = xarModAPIFunc('publications', 'user', 'getpublinks', array('state' => array(PUBLICATIONS_STATE_FRONTPAGE, PUBLICATIONS_STATE_APPROVED), 'all' => 1));
// build the list of root categories for all publication types
// and save results in publinks as well
$catlist = array();
for ($i = 0; $i < count($publinks); $i++) {
$pubid = $publinks[$i]['pubid'];
$cidstring = xarModVars::get('publications', 'mastercids.' . $pubid);
if (!empty($cidstring)) {
$rootcats = explode(';', $cidstring);
foreach ($rootcats as $cid) {
$catlist[$cid] = 1;
}
$publinks[$i]['rootcats'] = $rootcats;
} else {
$publinks[$i]['rootcats'] = array();
}
}
// for all publication types
for ($i = 0; $i < count($publinks); $i++) {
$publinks[$i]['cats'] = array();
$pubid = $publinks[$i]['pubid'];
// for each root category of this publication type
foreach ($publinks[$i]['rootcats'] as $cid) {
// add the category tree to the list of categories to show
$childcats = xarModAPIFunc('publications', 'user', 'getchildcats', array('state' => array(PUBLICATIONS_STATE_FRONTPAGE, PUBLICATIONS_STATE_APPROVED), 'cid' => $cid, 'ptid' => $pubid, 'showcid' => true));
$publinks[$i]['cats'][] = $childcats;
}
}
$array = array();
if (empty($ptid)) {
$ptid = $default;
}
if (!empty($ptid)) {
for ($i = 0; $i < count($publinks); $i++) {
if ($ptid == $publinks[$i]['pubid']) {
$array = $publinks[$i]['rootcats'];
}
}
}
foreach ($publinks as $pub) {
if ($pub['pubid'] == $ptid) {
$descr = $pub['pubtitle'];
}
}
}
if (empty($descr)) {
$descr = xarML('Publications');
$data['descr'] = '';
} else {
$data['descr'] = $descr;
}
// Save some variables to (temporary) cache for use in blocks etc.
xarVarSetCached('Blocks.publications', 'ptid', $ptid);
//if ($shownavigation) {
xarVarSetCached('Blocks.categories', 'module', 'publications');
xarVarSetCached('Blocks.categories', 'itemtype', $ptid);
if (!empty($descr)) {
xarVarSetCached('Blocks.categories', 'title', $descr);
xarTplSetPageTitle(xarML('Map'), xarVarPrepForDisplay($descr));
}
//}
if (empty($ptid)) {
$ptid = null;
}
$data['publinks'] = $publinks;
$data['ptid'] = $ptid;
$data['viewlabel'] = xarML('Back to') . ' ' . $descr;
$data['viewlink'] = xarModURL('publications', 'user', 'view', array('ptid' => $ptid));
$data['archivelabel'] = xarML('View Archives');
$data['archivelink'] = xarModURL('publications', 'user', 'archive', array('ptid' => $ptid));
$data['dump'] = $dump;
if (count($data['catfilter']) == 2) {
}
if (!empty($ptid)) {
$object = DataObjectMaster::getObject(array('name' => 'publications_types'));
$object->getItem(array('itemid' => $ptid));
$template = $object->properties['template']->value;
} else {
// TODO: allow templates per category ?
$template = null;
}
// Pass the type of map to the template, so we can decide what links to show
$data['by'] = $by;
return xarTplModule('publications', 'user', 'viewmap', $data, $template);
}
/**
* Select existing payment method or create new one to use for this transaction
*/
function shop_user_paymentmethod()
{
// Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be
$shippingaddress = xarSession::getVar('shippingaddress');
if (empty($shippingaddress)) {
xarResponse::redirect(xarModURL('shop', 'user', 'shippingaddress'));
return true;
}
$shop = xarSession::getVar('shop');
if (!xarUserIsLoggedIn() || empty($shop)) {
xarResponse::redirect(xarModURL('shop', 'user', 'main'));
return true;
}
if (!xarVarFetch('proceedsaved', 'str', $proceedsaved, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('proceednew', 'str', $proceednew, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('paymentmethod', 'str', $paymentmethod, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('remove', 'str', $remove, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
$cust = xarMod::APIFunc('shop', 'user', 'customerinfo');
$data['cust'] = $cust;
sys::import('modules.dynamicdata.class.objects.master');
sys::import('modules.dynamicdata.class.properties.master');
$shippingobject = DataObjectMaster::getObject(array('name' => 'shop_shippingaddresses'));
$shippingobject->getItem(array('itemid' => xarSession::getVar('shippingaddress')));
$shippingvals = $shippingobject->getFieldValues();
$data['shippingvals'] = $shippingvals;
// Get the saved payment methods, if any exist
$mylist = DataObjectMaster::getObjectList(array('name' => 'shop_paymentmethods'));
$filters = array('status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE, 'where' => 'customer eq ' . xarUserGetVar('id'));
$paymentmethods = $mylist->getItems($filters);
$data['paymentmethods'] = $paymentmethods;
$data['paymentobject'] = DataObjectMaster::getObject(array('name' => 'shop_paymentmethods'));
$data['paymentobject']->properties['name']->display_show_salutation = false;
$data['paymentobject']->properties['name']->display_show_middlename = false;
$data['paymentobject']->properties['address']->display_rows = 1;
$data['paymentobject']->properties['address']->display_show_country = false;
$data['properties'] = $data['paymentobject']->getProperties();
if ($remove) {
if ($remove == xarSession::getVar('paymentmethod')) {
xarSession::delVar('paymentmethod');
}
$data['paymentobject']->getItem(array('itemid' => $remove));
$data['paymentobject']->deleteItem();
xarResponse::redirect(xarModURL('shop', 'user', 'paymentmethod'));
return true;
}
$selectedpaymentmethod = xarSession::getVar('paymentmethod');
if (!empty($selectedpaymentmethod)) {
$data['paymentmethod'] = $selectedpaymentmethod;
}
// If we're using a saved payment method...
if ($proceedsaved) {
xarSession::setVar('paymentmethod', $paymentmethod);
xarResponse::redirect(xarModURL('shop', 'user', 'order'));
return true;
} elseif ($proceednew) {
// We're not using a saved payment method...
$isvalid = $data['paymentobject']->checkInput();
if (isset($exp_date)) {
$exp_month = substr($exp_date, 0, 2);
$exp_year = substr($exp_date, 2, 4);
$reverse_date = $exp_year . $exp_month;
$minimum_date = date('ym', time());
if ($minimum_date > $reverse_date) {
$errors['exp_date'] = true;
}
}
if (isset($errors)) {
xarSession::setVar('errors', $errors);
}
if (!$isvalid) {
return xarTplModule('shop', 'user', 'paymentmethod', $data);
} else {
xarSession::setVar('paymentmethod', $data['paymentobject']->createItem());
xarResponse::redirect(xarModURL('shop', 'user', 'order'));
return true;
}
}
return $data;
}
