function checkPermission($function) { $c = jomtube_configs::get_instance(); $user =& JFactory::getUser(); if ($user->gid < $c->{$function} && $c->{$function} != 29) { // Redirect to login $uri = JFactory::getURI(); $return = $uri->toString(); $url = 'index.php?option=com_user&view=login'; $url .= '&return=' . base64_encode($return); $r = new JApplication(); $r->redirect($url, JText::_('You do not have permission to upload videos')); return; } }
/** * @param $row * @param KunenaForumCategory $category * @param KunenaForumTopic $topic * @param $subject * * @return bool|string */ protected function replyTopic($row, KunenaForumCategory $category, KunenaForumTopic $topic, $subject) { $uri = JFactory::getURI(); if (JSession::checkToken() == false) { $this->app->enqueueMessage(JText::_('COM_KUNENA_ERROR_TOKEN'), 'error'); return false; } /*if ($this->hasCaptcha() && !$this->verifyCaptcha()) { return $this->showForm ( $row, $category, $topic, $subject ); }*/ // Create topic if it doesn't exist if (!$topic->exists()) { $topic = $this->createTopic($row, $category, $subject); } $params = array('name' => JRequest::getString('name', $this->user->getName(), 'POST'), 'email' => JRequest::getString('email', null, 'POST'), 'subject' => $subject, 'message' => JRequest::getString('message', null, 'POST')); if ($this->hasCaptcha() && !$this->verifyCaptcha()) { $this->app->redirect($uri->toString(), $result); } $message = $topic->newReply($params); $success = $message->save(); if (!$success) { $this->app->enqueueMessage($message->getError(), 'error'); return false; } $message->sendNotification(); if ($message->hold) { $result = JText::_('PLG_KUNENADISCUSS_PENDING_MODERATOR_APPROVAL'); } else { $result = JText::_('PLG_KUNENADISCUSS_MESSAGE_POSTED'); } // Redirect $app = JFactory::getApplication('site'); $app->redirect($uri->toString(), $result); return ''; }
/** * Register JSN Framework initialization. * * @return void */ public function onAfterInitialise() { // Initialize JSN Framework require_once dirname(__FILE__) . '/libraries/loader.php'; require_once dirname(__FILE__) . '/jsnframework.defines.php'; // Get application object self::$_app = JFactory::getApplication(); // Get requested component, view and task $this->option = self::$_app->input->getCmd('option'); $this->view = self::$_app->input->getCmd('view'); $this->task = self::$_app->input->getCmd('task'); // Redirect to update page if necessary if ($this->option == 'com_installer' and $this->view == 'update' and $this->task == 'update.update' and count($cid = (array) self::$_app->input->getVar('cid', array()))) { // Check if extension to updated is JoomlaShine product $db = JFactory::getDbo(); $q = $db->getQuery(true); $q->select('element'); $q->from('#__updates'); $q->where('update_id = ' . (int) $cid[0]); $db->setQuery($q); $ext = $db->loadResult(); if (in_array($ext, JSNVersion::$products)) { return self::$_app->redirect('index.php?option=' . $ext . '&view=update'); } } // Get active language $lang = JFactory::getLanguage(); // Check if language file exists for active language if (!file_exists(JPATH_ROOT . '/administrator/language/' . $lang->get('tag') . '/' . $lang->get('tag') . '.plg_system_jsnframework.ini')) { // If requested component has the language file, install then load it if (file_exists(JPATH_ROOT . '/administrator/components/' . $this->option . '/language/admin/' . $lang->get('tag') . '/' . $lang->get('tag') . '.plg_system_jsnframework.ini')) { JSNLanguageHelper::install((array) $lang->get('tag'), false, true); $lang->load('plg_system_jsnframework', JPATH_ADMINISTRATOR, null, true); } else { $lang->load('plg_system_jsnframework', JSN_PATH_FRAMEWORK, null, true); } } else { $lang->load('plg_system_jsnframework', JPATH_ADMINISTRATOR, null, true); } // Disable notice and warning by default for our products. // The reason for doing this is if any notice or warning appeared then handling JSON string will fail in our code. if (function_exists('error_reporting') and in_array($this->option, JSNVersion::$products)) { error_reporting(E_ALL & ~E_WARNING & ~E_NOTICE & ~E_STRICT); } // Set event handlers to detect and update dependency installation / removal self::$_app->registerEvent('onExtensionAfterInstall', 'jsnExtFrameworkUpdateDependencyAfterInstallExtension'); self::$_app->registerEvent('onExtensionBeforeUninstall', 'jsnExtFrameworkUpdateDependencyBeforeUninstallExtension'); // Do update checking for Joomla! 3.1 if (self::$_app->isAdmin() and JSNVersion::isJoomlaCompatible('3.1') and in_array($this->option, JSNVersion::$products) and $this->task == 'checkUpdate') { $content = $this->checkUpdate(); // Set header for XML content header('Content-Type: application/xml'); // Send XML content to client echo $content; // Exit immediately to prevent Joomla! to process further exit; } }
/** * Event handler to re-parse request URI. * * @return void */ public function onAfterRoute() { // Get installed Joomla version $JVersion = new JVersion(); $JVersion = $JVersion->getShortVersion(); $option = trim((string) $this->option); if (self::$_app->isAdmin() && version_compare($JVersion, '3.0', '>=') && in_array($option, JSNVersion::$products)) { $manifestFile = JPATH_ADMINISTRATOR . '/components/' . $option . '/' . str_replace('com_', '', $option) . '.xml'; if (file_exists($manifestFile)) { $xml = JSNUtilsXml::load($manifestFile); $attr = $xml->attributes(); if (count($attr)) { if (isset($attr['version']) && (string) $attr['version'] != '') { $version = (string) $attr['version']; if ($option == 'com_imageshow') { $version = str_replace('.x', '.0', $version); } if (version_compare($version, '3.0', '<')) { // Check if all JSN Extensions are compatible with Joomla 3.x, if not, redirect to index.php and show a warning message self::$_app->enqueueMessage(JText::sprintf('You are running a Joomla 2.5 version of %1$s on Joomla 3.x. Please download %1$s for Joomla 3.x and reinstall via Joomla! Installer to fix the problem.', 'JSN ' . ucfirst(str_replace('com_', '', $option))), 'warning'); self::$_app->redirect('index.php'); return false; } } } } } // Make sure our onAfterRender event handler is the last one executed self::$_app->registerEvent('onAfterRender', 'jsnExtFrameworkFinalize'); }
/** * Redirects immedately (no return) * * @param string $url URL to redirect later * @param string $message HTML message to display * @param string $messageType Message type ('message' or 'error') */ function redirect($url = null, $message = null, $messageType = null) { if ($url) { $this->_redirectUrl = $url; } if ($message !== null) { $this->_redirectMessage = $message; } if ($messageType !== null) { $this->_redirectMessageType = $messageType; } $this->enqueueMessage($this->_redirectMessage, $this->_redirectMessageType); $this->_baseFramework->redirect($this->_redirectUrl); }
/** * Redirect to another URL. * * Optionally enqueues a message in the system message queue (which will be displayed * the next time a page is loaded) using the enqueueMessage method. If the headers have * not been sent the redirect will be accomplished using a "301 Moved Permanently" * code in the header pointing to the new location. If the headers have already been * sent this will be accomplished using a JavaScript statement. * * @param string The URL to redirect to. Can only be http/https URL * @param string An optional message to display on redirect. * @param string An optional message type. * @param boolean True if the page is 301 Permanently Moved, otherwise 303 See Other is assumed. * @param boolean True if the enqueued messages are passed to the redirection, false else. * @return none; calls exit(). * @since 1.5 * @see JApplication::enqueueMessage() */ public function redirect($url, $msg = '', $msgType = 'message', $moved = false, $persistMsg = true) { if (!$persistMsg) { $this->_messageQueue = array(); } parent::redirect($url, $msg, $msgType, $moved); }
function display($tpl = null) { global $mainframe; //Load pane behavior jimport('joomla.html.pane'); //initialise variables $editor =& JFactory::getEditor(); $document =& JFactory::getDocument(); $user =& JFactory::getUser(); $pane =& JPane::getInstance('sliders'); $c = jomtube_configs::get_instance(); $this->assignRef('c', $c); //get vars $cid = JRequest::getVar('cid'); //create the toolbar if ($cid) { JToolBarHelper::title(JText::_('EDIT VIDEO'), 'jomtube-videos'); } else { JToolBarHelper::title(JText::_('ADD VIDEO'), 'jomtube-videos'); } JToolBarHelper::apply(); JToolBarHelper::spacer(); JToolBarHelper::save(); JToolBarHelper::spacer(); JToolBarHelper::cancel(); //Get data from the model $model =& $this->getModel(); $row =& $this->get('Data'); if ($row->id != 0 && $row->video_type != 'local' && $row->video_type != null) { $r = new JApplication(); $r->redirect('index.php?option=com_jomtube&controller=videos&task=applylink&cid=' . $row->id); $ispublished = JHTML::_('select.genericlist', $yesno, 'published', '', 'value', 'text', $row->published == '' ? 1 : $row->published); $isdownloadable = JHTML::_('select.genericlist', $yesno, 'downloadable', '', 'value', 'text', $row->downloadable == '' ? 1 : $row->downloadable); $isfeatured = JHTML::_('select.genericlist', $yesno, 'featured', '', 'value', 'text', $row->featured); } $yesno[] = JHTML::_('select.option', 0, 'No'); $yesno[] = JHTML::_('select.option', 1, 'Yes'); //get video list in local directory if (JRequest::getVar('category_id', '') != '') { $row->directory =& $this->get('CatDirectory'); $selectedCat = JRequest::getVar('category_id', ''); } else { $selectedCat = $row->id ? $row->category_id : ''; } $currentdir = JPATH_SITE . (@$row->directory == '' ? '/jomtubefiles' : $row->directory); $dir = @opendir($currentdir); $videos = array(); while ($file = @readdir($dir)) { if ($file != "." and $file != "..") { $vidfile = $file; $thumbdir = "_thumbs"; $displaydir = "_display"; if ($vidfile != $thumbdir || $vidfile != $displaydir) { if (!is_dir($vidfile)) { $ext = JTHelper::getFileExt($vidfile); if (!$c->use_ffmpeg && $ext != 'flv') { continue; } $list_file[] = $vidfile; //JHTML::_('select.option', $vidfile); } } } //if } @closedir($dir); @sort($list_file); if (is_array($list_file)) { foreach ($list_file as $file) { $videos[] = JHTML::_('select.option', $file); } } $videolist = JHTML::_('select.genericlist', $videos, 'video_url', 'id="localvideolist" class="inputbox" style="width:326px;font-size:10px;" size="7" onchange="selectthisvideo()"', 'value', 'text', $row->id ? $row->video_url : ''); $this->assignRef('category_dir', $currentdir); $thumbdir = "_thumbs"; $current_dir = $currentdir . "/" . $thumbdir; $dir = @opendir($current_dir); $thumbs = array(); $thumb_file = array(); while ($file = @readdir($dir)) { if ($file != "." and $file != "..") { $thumbfile = $file; $thumb_file[] = $thumbfile; } } @closedir($dir); if (is_array($thumb_file)) { sort($thumb_file); foreach ($thumb_file as $file) { $thumbs[] = JHTML::_('select.option', $thumbfile, $file); } } //****************************************** $thumblist = JHTML::_('select.genericlist', $thumbs, 'video_thumb', 'id="localthumblist" class="inputbox" style="width:326px; font-size:10px;" size="7" onchange="selectthisthumb()"', 'value', 'text', $row->id ? $row->video_thumb : ''); //get parent option $categories =& $this->get('ParentOption'); $parentOptions[] = JHTML::_('select.option', '', '-Select Parent-'); foreach ($categories as $category) { $category_name = str_repeat(' ', 4 * substr_count($category->family_id, "/")) . "+" . $category->category_name; $parentOptions[] = JHTML::_('select.option', $category->id, $category_name); } $parentSelect = JHTML::_('select.genericlist', $parentOptions, 'category_id', 'id="catid" class="inputbox" size="1" onchange="selectCategory()"', 'value', 'text', $selectedCat); //clean data JFilterOutput::objectHTMLSafe($row, ENT_QUOTES, 'catdescription'); //assign data to template $this->assignRef('row', $row); $this->assignRef('editor', $editor); $this->assignRef('parentSelect', $parentSelect); $this->assignRef('pane', $pane); $this->assignRef('ispublished', $ispublished); $this->assignRef('isdownloadable', $isdownloadable); $this->assignRef('isfeatured', $isfeatured); $this->assignRef('localvideolist', $videolist); $this->assignRef('localthumblist', $thumblist); //assign data to template $this->assignRef('lists', $lists); $this->assignRef('my', $my =& JFactory::getUser()); parent::display($tpl); }
/** * Redirect to another URL. * * We need to make sure that all the redirect URL's are routed. * * @see JApplication::redirect() */ function redirect($url, $msg = '', $msgType = 'message', $moved = false) { parent::redirect(JRoute::_($url, false), $msg, $msgType, $moved); }
function display($tpl = null) { $params =& JComponentHelper::getParams('com_simpledownload'); $base_download_path = $params->get('basedownloadpath', ''); $cipherenabled = $params->get('cipherenabled'); $log_downloads = $params->get('log_downloads') == '1'; $cipherfile = $params->get('cipherfile'); $decipherfunction = $params->get('decipherfunction'); $encryptedPath = JRequest::getVar('fileid'); $decryptedPath = ''; if ($base_download_path == '') { JApplication::redirect(JRoute::_('index.php?option=com_simpledownload&view=error&err=' . 412)); return; } if ($cipherenabled == "1") { // text should be encrypted and needs to be decrypted if (!($cipherfile != "" && file_exists($cipherfile) && $decipherfunction != "")) { JApplication::redirect(JRoute::_('index.php?option=com_simpledownload&view=error&err=' . 412)); return; } else { include_once $cipherfile; $decryptedPath = $decipherfunction($encryptedPath); } } else { // encryption is disabled, so encryptedPath should really already be decrypted. $decryptedPath = $encryptedPath; } $patterns[0] = '/[^[:print:]]+/'; // remove non-printable characters $patterns[1] = '/[ \\t]+$/'; // remove whitespace at end of string $patterns[2] = '/^[ \\t]+/'; // remove whitespace at beginning of string $patterns[4] = '/^[\\\\|\\/]+/'; // remove leading slash if one exists $patterns[5] = '/^[\\.\\.\\/|\\.\\.\\\\]+/'; // remove all ../ and all ..\ if any exist // from the beginning of the string. $cleanedPathOld = ""; $cleanedPath = ""; do { $cleanedPathOld = $cleanedPath; $cleanedPath = preg_replace($patterns, array(), $decryptedPath); } while (strcasecmp($cleanedPathOld, $cleanedPath)); // be sure all permutations of bad items are removed. if (!preg_match('%^' . preg_quote($base_download_path) . '%', $cleanedPath)) { $cleanedPath = $base_download_path . DS . $cleanedPath; // add base path if it doesn't already exist in the file path. } if (!preg_match('%^([\\d\\w\\-.\\\\ /&!]+)$%', $decryptedPath)) { // minimal attempt to prevent // invalid characters in file path JApplication::redirect(JRoute::_('index.php?option=com_simpledownload&view=error&err=' . 404)); } $row =& JTable::getInstance('simpledownloadhits'); if ($log_downloads) { $a_user =& JFactory::getUser(); $row->fileid = JRequest::getVar('fileid'); $row->referrer = JRequest::getVar('HTTP_REFERER', '', 'SERVER'); $row->userid = $a_user->id; $row->name = $a_user->name; $row->username = $a_user->username; $row->filepath = $cleanedPath; $row->ip = JRequest::getVar('REMOTE_ADDR', '0.0.0.0', 'SERVER'); $row->hit_date = date('Y-m-d H:i:s'); $row->downloadstatus = 'ATT'; if (!$row->store()) { return JError::raiseWarning(500, $row->getError()); } } include_once JPATH_COMPONENT . DS . 'helpers' . DS . 'download.php'; $return = download_file($cleanedPath); if ($return != 0) { // an error occurred while downloading switch ($return) { case 404: // file not found if ($log_downloads) { $row->downloadstatus = 'FNF'; if (!$row->store()) { return JError::raiseWarning(500, $row->getError()); } } JApplication::redirect(JRoute::_('index.php?option=com_simpledownload&view=error&err=' . 404)); break; default: if ($log_downloads) { $row->downloadstatus = 'CE'; if (!$row->store()) { return JError::raiseWarning(500, $row->getError()); } } JApplication::redirect(JRoute::_('index.php?option=com_simpledownload&view=error&err=' . 500)); break; } } else { // successful download. This section doesn't get hit after readfile_chunked was introduced. if ($log_downloads) { $row->downloadstatus = 'DL'; if (!$row->store()) { return JError::raiseWarning(500, $row->getError()); } } } }
function setVariables() { $model = $this->getModel(); switch (true) { // in case a record is viewed initialize the fields case $this->_task == 'view': if ($this->_id > 0 && $model->checkAccessToMessage($this->_id)) { $this->setRowData($this->_id); // modify the status of the message accordingly $model->changeStatusToRead($this->_id); } else { $url = 'index.php?option=com_aicontactsafe&sTask=messages'; if ($this->_sef == 1 && $this->_backend == 0) { $url = JRoute::_($url, false); } $url = str_replace('&', '&', $url); // redirect to the window with all the messages $app = JFactory::getApplication(); $app->redirect($url); } $this->profile = $model->getProfileName($this->profile_id); break; // in case a reply is sent // in case a reply is sent case $this->_task == 'reply': if ($this->_id > 0 && $model->checkAccessToMessage($this->_id)) { $this->setRowData($this->_id); $this->reply_email_address = $this->email; $this->reply_subject = JText::_('COM_AICONTACTSAFE_RE') . $this->subject; $this->reply_message = $this->message; $this->reply_message = str_replace('<tr>', '>> ' . '<tr>', $this->reply_message); $this->reply_message = str_replace('</tr>', ' ' . "\n" . '</tr>', $this->reply_message); $this->reply_message = "\n\n\n\n" . strip_tags($this->reply_message); } else { $url = 'index.php?option=com_aicontactsafe&sTask=messages'; if ($this->_sef == 1 && $this->_backend == 0) { $url = JRoute::_($url, false); } $url = str_replace('&', '&', $url); // redirect to the window with all the messages JApplication::redirect($url); } break; // in case the messages are exported // in case the messages are exported case $this->_task == 'export': $this->format = JRequest::getCmd('format', ''); if ($this->format == 'raw') { $this->_config_values['activate_help'] = false; } $this->csv_text = $model->generateCSV(); break; // in case selected records are deleted // in case selected records are deleted case $this->_task == 'delete_selected': // read the ids of the records seleted for deletion $cid = JRequest::getVar('cid', array(), 'post', 'array'); JArrayHelper::toInteger($cid); if (count($cid) > 0) { $cids = implode(',', $cid); } else { $cids = '-1'; } $this->cids = $cids; break; // in case one or more records are deleted // in case one or more records are deleted case $this->_task == 'delete': $this->rows = $model->readDeleteRows(); break; // in case one or more records are deleted // in case one or more records are deleted case $this->_task == 'ban_ip': $this->rows = $model->readSelectedIps(); break; // or else initialize the variables to show a list of records // or else initialize the variables to show a list of records case $this->_task == 'display' && strlen($this->_sTask) > 0: $this->filter_order = $model->filter_order; $this->filter_order_Dir = $model->filter_order_Dir; $this->limit = $model->limit; $this->limitstart = $model->limitstart; $this->filter_condition = $model->filter_condition; $this->filter_string = $model->filter_string; $this->filter_profile = $this->selectProfile($model->filter_profile, 'filter_profile', 2, 0, 'class="inputbox" size="1" onchange="document.adminForm.submit();"'); $this->filter_status = $this->selectStatus($model->filter_status, 'filter_status', 2, 0, 'class="inputbox" size="1" onchange="document.adminForm.submit();"'); $this->filter_email = $model->filter_email; $this->filter_subject = $model->filter_subject; $this->rows = $model->readRows(); $this->pageNav = $model->pageNav; break; default: // - nothing } }