function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
$use_ingroup = $field->parameters->get('use_ingroup', 0);
if (!is_array($post) && !strlen($post) && !$use_ingroup) {
return;
}
$is_importcsv = JRequest::getVar('task') == 'importcsv';
// Server side validation
$validation = $field->parameters->get('validation', 2);
$use_html = $field->parameters->get('use_html', 0);
$maxlength = (int) $field->parameters->get('maxlength', 0);
$maxlength = $use_html ? 0 : $maxlength;
// Make sure posted data is an array
$post = !is_array($post) ? array($post) : $post;
// Reformat the posted data
$newpost = array();
$new = 0;
foreach ($post as $n => $v) {
// support for basic CSV import / export
if ($is_importcsv && !is_array($v)) {
if (@unserialize($v) !== false || $v === 'b:0;') {
// support for exported serialized data)
$v = unserialize($v);
} else {
$v = array('title' => $v, 'text' => '');
}
}
// **************************************************************
// Validate data, skipping values that are empty after validation
// **************************************************************
$title = flexicontent_html::dataFilter($v['title'], $maxlength, 'HTML', 0);
// Skip empty value, but if in group increment the value position
if (!strlen($title)) {
if ($use_ingroup) {
$newpost[$new++] = null;
}
continue;
}
$newpost[$new] = array();
$newpost[$new]['title'] = $title;
$newpost[$new]['text'] = flexicontent_html::dataFilter($v['text'], $maxlength, $validation, 0);
$new++;
}
$post = $newpost;
// Serialize multi-property data before storing them into the DB,
// null indicates to increment valueorder without adding a value
foreach ($post as $i => $v) {
if ($v !== null) {
$post[$i] = serialize($v);
}
}
/*if ($use_ingroup) {
$app = JFactory::getApplication();
$app->enqueueMessage( print_r($post, true), 'warning');
}*/
}
function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
$use_ingroup = $field->parameters->get('use_ingroup', 0);
if (!is_array($post) && !strlen($post) && !$use_ingroup) {
return;
}
$is_importcsv = JRequest::getVar('task') == 'importcsv';
$label_maxlength = (int) $field->parameters->get('label_maxlength', 0);
// client/server side enforced
$cc_maxlength = (int) $field->parameters->get('cc_maxlength', 0);
// client/server side enforced
$phone_maxlength = (int) $field->parameters->get('phone_maxlength', 0);
// client/server side enforced
// Make sure posted data is an array
$post = !is_array($post) ? array($post) : $post;
// Reformat the posted data
$newpost = array();
$new = 0;
foreach ($post as $n => $v) {
// support for basic CSV import / export
if ($is_importcsv && !is_array($post[$n])) {
if (@unserialize($post[$n]) !== false || $post[$n] === 'b:0;') {
// support for exported serialized data)
$post[$n] = unserialize($post[$n]);
} else {
$post[$n] = array('label' => '', 'cc' => '', 'phone1' => '', 'phone2' => $post[$n], 'phone3' => '');
}
}
// ****************************************************************************
// Validate phone number, skipping phone number that are empty after validation
// ****************************************************************************
$newpost[$new]['phone1'] = flexicontent_html::dataFilter(@$post[$n]['phone1'], $phone_maxlength, 'INT', 0);
$newpost[$new]['phone2'] = flexicontent_html::dataFilter(@$post[$n]['phone2'], $phone_maxlength, 'INT', 0);
$newpost[$new]['phone3'] = flexicontent_html::dataFilter(@$post[$n]['phone3'], $phone_maxlength, 'INT', 0);
if (!strlen($post[$n]['phone1']) && !strlen($post[$n]['phone2']) && !strlen($post[$n]['phone3']) && !$use_ingroup) {
continue;
}
// Skip empty values if not in field group
// Validate other value properties
$newpost[$new]['label'] = flexicontent_html::dataFilter(@$post[$n]['label'], $label_maxlength, 'STRING', 0);
$newpost[$new]['cc'] = flexicontent_html::dataFilter(@$post[$n]['cc'], $cc_maxlength, 'STRING', 0);
$new++;
}
$post = $newpost;
}
function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
$use_ingroup = $field->parameters->get('use_ingroup', 0);
if (!is_array($post) && !strlen($post) && !$use_ingroup) {
return;
}
// Make sure posted data is an array
//echo "<pre>"; print_r($post); exit;
$post = !is_array($post) ? array($post) : $post;
//echo "<pre>"; print_r($post);
// Get configuration
$inputmode = (int) $field->parameters->get('inputmode', 1);
$is_importcsv = JRequest::getVar('task') == 'importcsv';
$import_docs_folder = JRequest::getVar('import_docs_folder');
$iform_allowdel = $field->parameters->get('iform_allowdel', 1);
$iform_title = $inputmode == 1 ? 0 : $field->parameters->get('iform_title', 1);
$iform_desc = $inputmode == 1 ? 0 : $field->parameters->get('iform_desc', 1);
$iform_lang = $inputmode == 1 ? 0 : $field->parameters->get('iform_lang', 0);
$iform_dir = $inputmode == 1 ? 0 : $field->parameters->get('iform_dir', 0);
// Execute once
static $initialized = null;
static $srcpath_original = '';
if (!$initialized) {
$initialized = 1;
jimport('joomla.filesystem.folder');
jimport('joomla.filesystem.path');
$srcpath_original = JPath::clean(JPATH_SITE . DS . $import_docs_folder . DS);
}
$newpost = array();
$new = 0;
foreach ($post as $n => $v) {
if (empty($v)) {
if ($use_ingroup) {
// empty value for group
$newpost[$new] = '';
$new++;
}
continue;
}
// support for basic CSV import / export
if ($is_importcsv) {
if (!is_numeric($v)) {
$filename = basename($v);
$sub_folder = dirname($v);
$sub_folder = $sub_folder && $sub_folder != '.' ? DS . $sub_folder : '';
$fman = new FlexicontentControllerFilemanager();
$Fobj = new stdClass();
$Fobj->return_url = null;
$Fobj->file_dir_path = DS . $import_docs_folder . $sub_folder;
$Fobj->file_filter_re = preg_quote($filename);
$Fobj->secure = 0;
$Fobj->keep = 1;
$file_ids = $fman->addlocal($Fobj);
$v = !empty($file_ids) ? reset($file_ids) : false;
// Get fist element
//$_filetitle = key($file_ids); this is the cleaned up filename, currently not needed
}
} else {
$file_id = isset($v['file-id']) ? (int) $v['file-id'] : $v;
$file_id = is_numeric($file_id) ? (int) $file_id : 0;
// if $v is not an array
$err_code = $_FILES["custom"]["error"][$field->name][$n]['file-data'];
$new_file = $err_code == 0;
if ($err_code && $err_code != UPLOAD_ERR_NO_FILE) {
$err_msg = array(UPLOAD_ERR_INI_SIZE => 'The uploaded file exceeds the upload_max_filesize directive in php.ini', UPLOAD_ERR_INI_SIZE => 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form', UPLOAD_ERR_PARTIAL => 'The uploaded file was only partially uploaded', UPLOAD_ERR_NO_FILE => 'No file was uploaded', UPLOAD_ERR_NO_TMP_DIR => 'Missing a temporary folder', UPLOAD_ERR_CANT_WRITE => 'Failed to write file to disk', UPLOAD_ERR_EXTENSION => 'A PHP extension stopped the file upload');
JFactory::getApplication()->enqueueMessage("FILE FIELD: " . $err_msg[$err_code], 'warning');
continue;
}
// validate data or empty/set default values
$v['file-del'] = !$iform_allowdel ? 0 : (int) @$v['file-del'];
$v['file-title'] = !$iform_title ? '' : flexicontent_html::dataFilter($v['file-title'], 1000, 'STRING', 0);
$v['file-desc'] = !$iform_desc ? '' : flexicontent_html::dataFilter($v['file-desc'], 10000, 'STRING', 0);
$v['file-lang'] = !$iform_lang ? '' : flexicontent_html::dataFilter($v['file-lang'], 9, 'STRING', 0);
$v['secure'] = !$iform_dir ? 0 : ((int) $v['secure'] ? 1 : 0);
// UPDATE existing file
if (!$new_file && $file_id) {
$dbdata = array();
$dbdata['id'] = $file_id;
if ($iform_title) {
$dbdata['altname'] = $v['file-title'];
}
if ($iform_desc) {
$dbdata['description'] = $v['file-desc'];
}
if ($iform_lang) {
$dbdata['language'] = $v['file-lang'];
}
// !! Do not change folder for existing files
//if ($iform_dir) { $dbdata['secure'] = $v['secure'];
// Load file data from DB
$row = JTable::getInstance('flexicontent_files', '');
$row->load($file_id);
$_filename = $row->filename_original ? $row->filename_original : $row->filename;
$dbdata['secure'] = $row->secure ? 1 : 0;
// !! Do not change media/secure -folder- for existing files
// Security concern, check file is assigned to current item
$isAssigned = $this->checkFileAssignment($field, $file_id, $item);
if ($v['file-del']) {
if (!$isAssigned) {
//JFactory::getApplication()->enqueueMessage("FILE FIELD: refusing to delete file: '".$_filename."', that is not assigned to current item", 'warning' );
} else {
//JFactory::getApplication()->enqueueMessage("FILE FIELD: refusing to update file properties of a file: '".$_filename."', that is not assigned to current item", 'warning' );
}
}
// Delete existing file if so requested
if ($v['file-del']) {
$canDelete = $this->canDeleteFile($field, $file_id, $item);
if ($isAssigned && $canDelete) {
$fm = new FlexicontentModelFilemanager();
$fm->delete(array($file_id));
}
continue;
// Skip file since unloading / removal was requested
}
// Set the changed data into the object
foreach ($dbdata as $index => $data) {
$row->{$index} = $data;
}
// Update DB data of the file
if (!$row->check() || !$row->store()) {
JFactory::getApplication()->enqueueMessage("FILE FIELD: " . JFactory::getDBO()->getErrorMsg(), 'warning');
continue;
}
// Set file id as value of the field
$v = $file_id;
} else {
if ($new_file) {
// new file was uploaded, but also handle previous selected file ...
if ($file_id) {
// Security concern, check file is assigned to current item
$isAssigned = $this->checkFileAssignment($field, $file_id, $item);
if (!$isAssigned) {
/*$row = JTable::getInstance('flexicontent_files', '');
$row->load( $file_id );
$_filename = $row->filename_original ? $row->filename_original : $row->filename;
JFactory::getApplication()->enqueueMessage("FILE FIELD: refusing to delete file: '".$_filename."', that is not assigned to current item", 'warning' );*/
} else {
if ($this->canDeleteFile($field, $file_id, $item)) {
$fm = new FlexicontentModelFilemanager();
$fm->delete(array($file_id));
}
}
}
// Skip file if unloading / removal was requested
if ($v['file-del']) {
continue;
}
$fman = new FlexicontentControllerFilemanager();
// Controller will do the data filter too
JRequest::setVar('return-url', null, 'post');
// needed !
JRequest::setVar('secure', $v['secure'], 'post');
JRequest::setVar('file-title', $v['file-title'], 'post');
JRequest::setVar('file-desc', $v['file-desc'], 'post');
JRequest::setVar('file-lang', $v['file-lang'], 'post');
// The dform field name of the <input type="file" ...
JRequest::setVar('file-ffname', 'custom', 'post');
JRequest::setVar('fname_level1', $field->name, 'post');
JRequest::setVar('fname_level2', $n, 'post');
JRequest::setVar('fname_level3', 'file-data', 'post');
$file_id = $fman->upload();
$v = !empty($file_id) ? $file_id : false;
} else {
// no existing file and no new file uploaded
$v = 0;
}
}
}
if (!$use_ingroup) {
// NOT inside field group, add it only if not empty reverse the file array, indexing it by file IDs, to add each file only once
if (!empty($v) && is_numeric($v)) {
$newpost[(int) $v] = $new++;
}
} else {
// Inside fieldgroup, allow same file multiple times
$newpost[$new++] = (int) $v;
}
}
// IF NOT inside field group, the file array was reversed (indexed by file IDs), so that the same file can be added once
$post = !$use_ingroup ? array_flip($newpost) : $newpost;
}
function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
$use_ingroup = $field->parameters->get('use_ingroup', 0);
if (!is_array($post) && !strlen($post) && !$use_ingroup) {
return;
}
$is_importcsv = JRequest::getVar('task') == 'importcsv';
$label_maxlength = (int) $field->parameters->get('label_maxlength', 0);
// client/server side enforced
$cc_maxlength = (int) $field->parameters->get('cc_maxlength', 0);
// client/server side enforced
$phone1_maxlength = (int) $field->parameters->get('phone1_maxlength', 0);
// client/server side enforced
$phone2_maxlength = (int) $field->parameters->get('phone2_maxlength', 0);
// client/server side enforced
$phone3_maxlength = (int) $field->parameters->get('phone3_maxlength', 0);
// client/server side enforced
$allow_letters = (int) $field->parameters->get('allow_letters', 0);
// allow letters during validation
// Make sure posted data is an array
$post = !is_array($post) ? array($post) : $post;
// Reformat the posted data
$newpost = array();
$new = 0;
foreach ($post as $n => $v) {
// support for basic CSV import / export
if ($is_importcsv && !is_array($v)) {
if (@unserialize($v) !== false || $v === 'b:0;') {
// support for exported serialized data)
$v = unserialize($v);
} else {
$v = array('label' => '', 'cc' => '', 'phone1' => '', 'phone2' => $v, 'phone3' => '');
}
}
// ****************************************************************************
// Validate phone number, skipping phone number that are empty after validation
// ****************************************************************************
$regex = $allow_letters ? '/[^0-9A-Z]/' : '/[^0-9]/';
// allow letters?
// force string to uppercase, remove any forbiden characters
$v['phone1'] = preg_replace($regex, '', strtoupper($v['phone1']));
$v['phone2'] = preg_replace($regex, '', strtoupper($v['phone2']));
$v['phone3'] = preg_replace($regex, '', strtoupper($v['phone3']));
// enforce max length
$newpost[$new]['phone1'] = $phone1_maxlength ? $v['phone1'] : substr($v['phone1'], 0, $phone1_maxlength);
$newpost[$new]['phone2'] = $phone2_maxlength ? $v['phone2'] : substr($v['phone2'], 0, $phone2_maxlength);
$newpost[$new]['phone3'] = $phone3_maxlength ? $v['phone3'] : substr($v['phone3'], 0, $phone3_maxlength);
if (!strlen($v['phone1']) && !strlen($v['phone2']) && !strlen($v['phone3']) && !$use_ingroup) {
continue;
}
// Skip empty values if not in field group
// Validate other value properties
$newpost[$new]['label'] = flexicontent_html::dataFilter(@$v['label'], $label_maxlength, 'STRING', 0);
$newpost[$new]['cc'] = flexicontent_html::dataFilter(@$v['cc'], $cc_maxlength, 'STRING', 0);
$new++;
}
$post = $newpost;
}
function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
$use_ingroup = $field->parameters->get('use_ingroup', 0);
if (!is_array($post) && !strlen($post) && !$use_ingroup) {
return;
}
// Server side validation
$validation = $field->parameters->get('validation', 2);
$use_html = $field->field_type == 'maintext' ? !$field->parameters->get('hide_html', 0) : $field->parameters->get('use_html', 0);
$maxlength = (int) $field->parameters->get('maxlength', 0);
$maxlength = $use_html ? 0 : $maxlength;
// Make sure posted data is an array
$post = !is_array($post) ? array($post) : $post;
// Reformat the posted data
$newpost = array();
$new = 0;
foreach ($post as $n => $v) {
// **************************************************************
// Validate data, skipping values that are empty after validation
// **************************************************************
$post[$n] = flexicontent_html::dataFilter($post[$n], $maxlength, $validation, 0);
if (!strlen($post[$n]) && !$use_ingroup) {
continue;
}
// skip empty values
$newpost[$new] = $post[$n];
$new++;
}
$post = $newpost;
// Reconstruct value if it has splitted up e.g. to tabs or if given field is the description field,
// for textarea MULTI-VALUE and TAB-SPLIT not supported simutaneusly
if ($field->parameters->get('editorarea_per_tab', 0) && count($post) > 1) {
$post = array(implode(' ', $post));
}
/*if ($use_ingroup) {
$app = JFactory::getApplication();
$app->enqueueMessage( print_r($post, true), 'warning');
}*/
}
function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
$use_ingroup = $field->parameters->get('use_ingroup', 0);
if (!is_array($post) && !strlen($post) && !$use_ingroup) {
return;
}
// Take into consideration client side validation
$inputmask = $field->parameters->get('inputmask', false);
// Server side validation
$validation = $field->parameters->get('validation', 'HTML');
$maxlength = (int) $field->parameters->get('maxlength', 0);
// Make sure posted data is an array
$post = !is_array($post) ? array($post) : $post;
// Reformat the posted data
$newpost = array();
$new = 0;
foreach ($post as $n => $v) {
// Unmasking is done via JS code, but try to redo it, to avoid value loss is unmasking was not done
if (1) {
//JFactory::getApplication()->enqueueMessage( print_r($post[$n], true), 'warning');
if ($inputmask == "decimal_comma") {
$post[$n] = str_replace('.', '', $post[$n]);
$post[$n] = str_replace(',', '.', $post[$n]);
} else {
if ($inputmask == "decimal_comma") {
$post[$n] = str_replace(',', '', $post[$n]);
} else {
if ($inputmask == "currency" || $inputmask == "currency_euro") {
$post[$n] = str_replace('$', '', $post[$n]);
$post[$n] = str_replace(chr(0xe2) . chr(0x82) . chr(0xac), '', $post[$n]);
$post[$n] = str_replace(',', '', $post[$n]);
}
}
}
//JFactory::getApplication()->enqueueMessage( print_r($post[$n], true), 'warning');
}
// **************************************************************
// Validate data, skipping values that are empty after validation
// **************************************************************
$post[$n] = flexicontent_html::dataFilter($post[$n], $maxlength, $validation, 0);
// Skip empty value, but if in group increment the value position
if (!strlen($post[$n])) {
if ($use_ingroup) {
$newpost[$new++] = null;
}
continue;
}
$newpost[$new] = $post[$n];
$new++;
}
$post = $newpost;
/*if ($use_ingroup) {
$app = JFactory::getApplication();
$app->enqueueMessage( print_r($post, true), 'warning');
}*/
}
function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
$use_ingroup = $field->parameters->get('use_ingroup', 0);
if (!is_array($post) && !strlen($post) && !$use_ingroup) {
return;
}
$is_importcsv = JRequest::getVar('task') == 'importcsv';
// Server side validation
//$validation = $field->parameters->get( 'validation', 'EMAIL' ) ;
$maxlength = (int) $field->parameters->get('maxlength', 0);
// Make sure posted data is an array
$post = !is_array($post) ? array($post) : $post;
// Reformat the posted data
$newpost = array();
$new = 0;
foreach ($post as $n => $v) {
// support for basic CSV import / export
if ($is_importcsv && !is_array($post[$n])) {
if (@unserialize($post[$n]) !== false || $post[$n] === 'b:0;') {
// support for exported serialized data)
$post[$n] = unserialize($post[$n]);
} else {
$post[$n] = array('addr' => $post[$n], 'text' => '');
}
}
// **************************************************************
// Validate data, skipping values that are empty after validation
// **************************************************************
$addr = flexicontent_html::dataFilter($post[$n]['addr'], $maxlength, 'EMAIL', 0);
// Clean bad text/html
if (!strlen($addr) && !$use_ingroup) {
continue;
}
// Skip empty values
$newpost[$new] = array();
$newpost[$new]['addr'] = $addr;
$newpost[$new]['text'] = flexicontent_html::dataFilter(@$post[$n]['text'], 0, 'STRING', 0);
$new++;
}
$post = $newpost;
// Serialize multi-property data before storing them into the DB
foreach ($post as $i => $v) {
$post[$i] = serialize($v);
}
/*if ($use_ingroup) {
$app = JFactory::getApplication();
$app->enqueueMessage( print_r($post, true), 'warning');
}*/
}
function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
$date_source = $field->parameters->get('date_source', 0);
// Timestamp mode (Current time), which will be displayed as user time but saved as 'UTC 0'
if ($date_source == 3) {
// Dates are always stored using 'UTC 0' timezone
$tz = new DateTimeZone('UTC');
$date_now = JFactory::getDate('now');
$date_now->setTimezone($tz);
$date_now_value = $date_now->toSql();
}
$use_ingroup = $field->parameters->get('use_ingroup', 0);
if (!is_array($post) && !strlen($post) && !$use_ingroup) {
return;
}
$config = JFactory::getConfig();
$user = JFactory::getUser();
$date_allowtime = $field->parameters->get('date_allowtime', 1);
$use_editor_tz = $field->parameters->get('use_editor_tz', 0);
$use_editor_tz = $date_allowtime ? $use_editor_tz : 0;
// Timezone IS disabled, if time usage is disabled
if ($use_editor_tz == 0) {
// Raw date input, ignore timezone, NOTE: this is OLD BEHAVIOUR of this field
$timezone = 'UTC';
} else {
// For logged users the date values are in user's time zone, (unlogged users will submit in site default timezone)
$timezone = $user->getParam('timezone', $config->get('offset'));
// this is numeric offset in J1.5 and timezone STRING in J2.5
}
// Make sure posted data is an array
$post = !is_array($post) ? array($post) : $post;
// Reformat the posted data
$newpost = array();
$new = 0;
foreach ($post as $n => $v) {
if ($date_source == 3) {
if (!strlen($v)) {
// New timestamp
$newpost[$new++] = $date_now_value;
} else {
// Existing timestamps
$v = (int) $v;
$newpost[$new++] = isset($item->fieldvalues[$field->id][$v]) ? $item->fieldvalues[$field->id][$v] : $date_now_value;
}
continue;
}
// Do server-side validation and skip empty values
$post[$n] = flexicontent_html::dataFilter($post[$n], 200, 'STRING', 0);
// Skip empty value, but if in group increment the value position
if (!strlen($post[$n])) {
if ($use_ingroup) {
$newpost[$new++] = null;
}
continue;
}
// Check if dates are allowed to have time part
@(list($date, $time) = preg_split('#\\s+#', $post[$n], $limit = 2));
$time = $date_allowtime == 2 && !$time ? '00:00' : $time;
if (!$date_allowtime) {
// Time part not allowed
$post[$n] = $date;
} else {
if ($time) {
// Time part exists
$post[$n] = $date . ' ' . $time;
}
}
if (!$use_editor_tz || !$time) {
// Dates have no timezone information, because either :
// (a) ignoring timezone OR (b) no time given
$newpost[$new] = $post[$n];
} else {
// Dates are in user's timezone, convert to UTC+0
$date = new JDate($post[$n], $timezone);
$newpost[$new] = $date->toSql();
}
$new++;
}
$post = $newpost;
/*if ($use_ingroup) {
$app = JFactory::getApplication();
$app->enqueueMessage( print_r($post, true), 'warning');
}*/
}
function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
$use_ingroup = $field->parameters->get('use_ingroup', 0);
if (!is_array($post) && !strlen($post) && !$use_ingroup) {
return;
}
$config = JFactory::getConfig();
$user = JFactory::getUser();
$date_allowtime = $field->parameters->get('date_allowtime', 1);
$use_editor_tz = $field->parameters->get('use_editor_tz', 0);
$use_editor_tz = $date_allowtime ? $use_editor_tz : 0;
if ($use_editor_tz == 0) {
// Raw date input, ignore timezone, NOTE: this is OLD BEHAVIOUR of this field
$timezone = 'UTC';
} else {
// For logged users the date values are in user's time zone, (unlogged users will submit in site default timezone)
$timezone = $user->getParam('timezone', $config->get('offset'));
// this is numeric offset in J1.5 and timezone STRING in J2.5
}
// Make sure posted data is an array
$post = !is_array($post) ? array($post) : $post;
// Reformat the posted data
$newpost = array();
$new = 0;
foreach ($post as $n => $v) {
// Do server-side validation and skip empty values
$post[$n] = flexicontent_html::dataFilter($post[$n], 200, 'STRING', 0);
if (!strlen($post[$n]) && !$use_ingroup) {
continue;
}
// skip empty values
// Check if dates are allowed to have time part
@(list($date, $time) = preg_split('#\\s+#', $post[$n], $limit = 2));
$time = $date_allowtime == 2 && !$time ? '00:00' : $time;
if (!$date_allowtime) {
// Time part not allowed
$post[$n] = $date;
} else {
if ($time) {
// Time part exists
$post[$n] = $date . ' ' . $time;
}
}
if (!$use_editor_tz || !$time) {
// Dates have no timezone information, because either :
// (a) ignoring timezone OR (b) no time given
$newpost[$new] = $post[$n];
} else {
// Dates are in user's timezone, convert to UTC+0
$date = new JDate($post[$n], $timezone);
$newpost[$new] = $date->toSql();
}
$new++;
}
$post = $newpost;
/*if ($use_ingroup) {
$app = JFactory::getApplication();
$app->enqueueMessage( print_r($post, true), 'warning');
}*/
}
function storereviewform()
{
$content_id = JRequest::getInt('content_id', '');
$review_type = JRequest::getCmd('review_type', 'item');
$user = JFactory::getUser();
$db = JFactory::getDBO();
// Validate email
$email = $user->id ? $user->email : flexicontent_html::dataFilter(JRequest::getVar('email'), $maxlength = 255, 'EMAIL', 0);
// Clean bad text/html
JRequest::setVar('email', $email);
// ******************************
// Get voting field configuration
// ******************************
if (!$content_id) {
$error = "Content_id is zero";
} else {
if (!$email) {
$error = "Email is invalid or empty";
} else {
if ($review_type != 'item') {
$error = "review_type <> item is not yet supported";
} else {
// Check content item exists
$item = JTable::getInstance($type = 'flexicontent_items', $prefix = '', $config = array());
if (!$item->load($content_id)) {
$error = 'ID: ' . $pk . ': ' . $table->getError();
} else {
$db->setQuery('SELECT * FROM #__flexicontent_fields WHERE field_type="voting"');
$field = $db->loadObject();
FlexicontentFields::loadFieldConfig($field, $item);
// This will also load type configuration
$allow_reviews = (int) $field->parameters->get('allow_reviews', 1);
if (!$allow_reviews) {
$error = "Reviews are disabled";
}
}
}
}
}
if (!empty($error)) {
$result = new stdClass();
$error = '
<div class="fc-mssg fc-warning fc-nobgimage">
<button type="button" class="close" data-dismiss="alert">×</button>
' . $error . '
</div>';
$result->html = $error;
echo json_encode($result);
jexit();
}
// Load review of a logged user
$review = false;
if ($user->id) {
$query = "SELECT * " . " FROM #__flexicontent_reviews_ratings AS r" . " WHERE r.content_id=" . $content_id . " AND r.type=" . $db->Quote($review_type) . " AND r.user_id=" . $user->id;
$db->setQuery($query);
$review = $db->loadObject();
}
$result = new stdClass();
$result->html = '<pre>' . print_r($_REQUEST, true) . '</pre>';
echo json_encode($result);
jexit();
}
function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
$use_ingroup = $field->parameters->get('use_ingroup', 0);
if (!is_array($post) && !strlen($post) && !$use_ingroup) {
return;
}
$is_importcsv = JRequest::getVar('task') == 'importcsv';
// Currently post is an array of properties, TODO: make field multi-value
if (empty($post)) {
$post = array();
} else {
if (!isset($post[0])) {
$post = array($post);
}
}
$display_edit_size_form = $field->parameters->get('display_edit_size_form', 1);
// Reformat the posted data
$newpost = array();
$new = 0;
foreach ($post as $n => $v) {
// support for basic CSV import / export
if ($is_importcsv && !is_array($v)) {
if (@unserialize($v) !== false || $v === 'b:0;') {
// support for exported serialized data)
$v = unserialize($v);
} else {
$v = array('url' => $v);
}
}
// **************************************************************
// Validate data, skipping values that are empty after validation
// **************************************************************
$url = flexicontent_html::dataFilter($v['url'], 4000, 'URL', 0);
// Clean bad text/html
// Skip empty value, but if in group increment the value position
if (empty($url)) {
if ($use_ingroup) {
$newpost[$new++] = null;
}
continue;
}
$newpost[$new] = array();
$newpost[$new]['url'] = $url;
// Validate other value properties
$newpost[$new]['api_type'] = flexicontent_html::dataFilter(@$v['api_type'], 0, 'STRING', 100);
$newpost[$new]['media_id'] = flexicontent_html::dataFilter(@$v['media_id'], 0, 'STRING', 1000);
$newpost[$new]['embed_url'] = flexicontent_html::dataFilter(@$v['embed_url'], 0, 'STRING', 1000);
// 'URL' strips needed characters ?
$newpost[$new]['thumb'] = flexicontent_html::dataFilter(@$v['thumb'], 0, 'STRING', 1000);
// 'URL' strips needed characters ?
$newpost[$new]['title'] = flexicontent_html::dataFilter(@$v['title'], 0, 'STRING', 1000);
$newpost[$new]['author'] = flexicontent_html::dataFilter(@$v['author'], 0, 'STRING', 1000);
$newpost[$new]['duration'] = flexicontent_html::dataFilter(@$v['duration'], 0, 'INT', 20);
$newpost[$new]['description'] = flexicontent_html::dataFilter(@$v['description'], 0, 'STRING', 10000);
$newpost[$new]['height'] = $display_edit_size_form == 1 ? flexicontent_html::dataFilter(@$v['height'], 0, 'INT', 0) : '';
$newpost[$new]['width'] = $display_edit_size_form == 1 ? flexicontent_html::dataFilter(@$v['width'], 0, 'INT', 0) : '';
$new++;
}
$post = $newpost;
// Serialize multi-property data before storing them into the DB,
// null indicates to increment valueorder without adding a value
foreach ($post as $i => $v) {
if ($v !== null) {
$post[$i] = serialize($v);
}
}
}
function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
$use_ingroup = $field->parameters->get('use_ingroup', 0);
if (!is_array($post) && !strlen($post) && !$use_ingroup) {
return;
}
$is_importcsv = JRequest::getVar('task') == 'importcsv';
// Currently post is an array of properties, TODO: make field multi-value
if (empty($post)) {
$post = array();
} else {
if (!isset($post[0])) {
$post = array($post);
}
}
// Reformat the posted data
$newpost = array();
$new = 0;
foreach ($post as $n => $v) {
// support for basic CSV import / export
if ($is_importcsv && !is_array($post[$n])) {
if (@unserialize($post[$n]) !== false || $post[$n] === 'b:0;') {
// support for exported serialized data)
$post[$n] = unserialize($post[$n]);
} else {
$post[$n] = array('url' => $post[$n]);
}
}
// ***********************************************************
// Validate URL, skipping URLs that are empty after validation
// ***********************************************************
$url = flexicontent_html::dataFilter($post[$n]['url'], 0, 'URL', 0);
// Clean bad text/html
if (empty($url) && !$use_ingroup) {
continue;
}
// Skip empty values if not in field group
$newpost[$new] = array();
$newpost[$new]['url'] = $url;
// Validate other value properties
$newpost[$new]['videotype'] = flexicontent_html::dataFilter(@$post[$n]['videotype'], 0, 'STRING', 0);
$newpost[$new]['videoid'] = flexicontent_html::dataFilter(@$post[$n]['videoid'], 0, 'STRING', 0);
$newpost[$new]['title'] = flexicontent_html::dataFilter(@$post[$n]['title'], 0, 'STRING', 0);
$newpost[$new]['author'] = flexicontent_html::dataFilter(@$post[$n]['author'], 0, 'STRING', 0);
$newpost[$new]['duration'] = flexicontent_html::dataFilter(@$post[$n]['duration'], 0, 'INT', 0);
$newpost[$new]['description'] = flexicontent_html::dataFilter(@$post[$n]['description'], 0, 'STRING', 0);
$new++;
}
$post = $newpost;
// Serialize multi-property data before storing them into the DB
foreach ($post as $i => $v) {
$post[$i] = serialize($v);
}
}
function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
// Check if item is an existing item, being modified, if so then nothing to do
$isnew = $item->_isnew;
if (!$isnew) {
return;
}
// Check if user is logged, if so then nothing to do
$user = JFactory::getUser();
if ($user->id) {
$post = array();
return;
}
// Check if not inside form
$jinput = JFactory::getApplication()->input;
if ($jinput->get('layout', false) != "form" && $jinput->get('task') != 'add' && $jinput->get('task') != 'edit') {
return;
}
// Server side validation
$maxlength = (int) $field->parameters->get('maxlength', 0);
// Make sure posted data is an array
$post = !is_array($post) ? array($post) : $post;
if (!isset($post[0])) {
JError::raiseWarning(0, 'empty FORM data for field: Account via submit');
return false;
}
// **************************************************************
// Validate data, skipping values that are empty after validation
// **************************************************************
$email = flexicontent_html::dataFilter($post[0]['addr'], $maxlength, 'EMAIL', 0);
// Clean bad text/html
// Cancel item creation, if email is invalid
if (!$email || !JMailHelper::isEmailAddress($email)) {
$error = JText::sprintf('FLEXI_ACCOUNT_V_SUBMIT_INVALID_EMAIL', $post[0]['addr']) . ' ' . JText::_('FLEXI_ACCOUNT_V_SUBMIT_PROVIDE_VALID_EMAIL');
JError::raiseWarning(0, $error);
return false;
}
$full = flexicontent_html::dataFilter(@$post[0]['full'], 0, 'STRING', 0);
$first = flexicontent_html::dataFilter(@$post[0]['first'], 0, 'STRING', 0);
$last = flexicontent_html::dataFilter(@$post[0]['last'], 0, 'STRING', 0);
$password = JUserHelper::genRandomPassword(8);
$gender = flexicontent_html::dataFilter(@$post[0]['gender'], 0, 'STRING', 0);
if (!$gender || !in_array($gender, array('M', 'F'))) {
$gender = 'M';
}
$name = trim($full ? $full : $first . ' ' . $last);
$name = $name ? $name : $email;
// Make sure field is initialized
$this->initialize($field);
// Check email already used
$db = JFactory::getDBO();
$db->setQuery("SELECT id FROM #__users WHERE email='{$email}'");
$existingUserID = $db->loadResult();
// HANDLE existing user
if ($existingUserID) {
// Fail if auto-using existing email not enabled
if ($field->parameters->get('handle_existing_email', 0) == 0) {
$notice = JText::sprintf('FLEXI_ACCOUNT_V_SUBMIT_EMAIL_EXISTS', $email);
JError::raiseWarning(0, $notice);
return false;
}
// Account with given email exists, set as item's author
$item->created_by = $existingUserID;
} else {
if ($field->parameters->get('create_accounts', 0)) {
$username = $email;
// EMAIL used as username
$newUserID = $this->registerUser($name, $username, $email, $password, $gender, $field);
if ($newUserID === false) {
// Cancel item creation, if email creation returns false
$notice = JText::_('FLEXI_ACCOUNT_V_SUBMIT_ACCOUNT_CREATION_FAILED');
JError::raiseWarning(0, $notice);
return false;
}
// Account with given email created, set as item's author
$item->created_by = $newUserID;
} else {
// item will have the 'default' owner ...
}
}
// CREATE EDIT COUPON
$create_coupons = $field->parameters->get('create_coupons', 0);
if ($create_coupons) {
$token = uniqid();
$query = 'INSERT #__flexicontent_edit_coupons ' . 'SET timestamp = ' . time() . ', email = ' . $db->Quote($email) . ', token = ' . $db->Quote($token) . ', id = ' . $item->id;
$db->setQuery($query);
$db->execute();
$res = $this->sendEditCoupon($item, $field, $email, $token);
if (!$res) {
// Delete edit coupon and cancel item creation if email coupon sending failed ??
$query = 'DELETE FROM #__flexicontent_edit_coupons WHERE id = ' . $item->id;
$db->setQuery($query);
$db->execute();
return false;
}
}
}
function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
$use_ingroup = $field->parameters->get('use_ingroup', 0);
if (!is_array($post) && !strlen($post) && !$use_ingroup) {
return;
}
$is_importcsv = JRequest::getVar('task') == 'importcsv';
$host = JURI::getInstance('SERVER')->gethost();
// Make sure posted data is an array
$post = !is_array($post) ? array($post) : $post;
// Reformat the posted data
$newpost = array();
$new = 0;
foreach ($post as $n => $v) {
// support for basic CSV import / export
if ($is_importcsv && !is_array($post[$n])) {
if (@unserialize($post[$n]) !== false || $post[$n] === 'b:0;') {
// support for exported serialized data)
$post[$n] = unserialize($post[$n]);
} else {
$post[$n] = array('link' => $post[$n], 'title' => '', 'id' => '', 'class' => '', 'linktext' => '', 'hits' => 0);
}
}
// ***********************************************************
// Validate URL, skipping URLs that are empty after validation
// ***********************************************************
$link = flexicontent_html::dataFilter($post[$n]['link'], 0, 'URL', 0);
// Clean bad text/html
if (empty($link) && !$use_ingroup) {
continue;
}
// Skip empty values if not in field group
// Sanitize the URL as absolute or relative
// Has protocol nothing to do
if (parse_url($link, PHP_URL_SCHEME)) {
$prefix = '';
} else {
if (strpos($link, $host) === 0) {
$prefix = 'http://';
} else {
if (substr($link, 0, 10) == '/index.php') {
$link = substr($link, 1);
}
$prefix = substr($link, 0, 9) == 'index.php' ? JURI::root() : 'http://';
}
}
$newpost[$new] = array();
$newpost[$new]['link'] = empty($link) ? '' : $prefix . $link;
// Validate other value properties
$newpost[$new]['title'] = flexicontent_html::dataFilter(@$post[$n]['title'], 0, 'STRING', 0);
$newpost[$new]['hits'] = (int) @$post[$n]['hits'];
$new++;
}
$post = $newpost;
// Serialize multi-property data before storing them into the DB
foreach ($post as $i => $v) {
$post[$i] = serialize($v);
}
/*if ($use_ingroup) {
$app = JFactory::getApplication();
$app->enqueueMessage( print_r($post, true), 'warning');
}*/
}
function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
// Check if field has posted data
if (empty($post) || !is_array($post)) {
return;
}
// Make sure posted data is an array
$v = reset($post);
$post = !is_array($v) ? array($post) : $post;
// Enforce configuration so that user does not manipulate form to add disabled data
$use_addr2 = $field->parameters->get('use_addr2', 1);
$use_addr3 = $field->parameters->get('use_addr3', 1);
$use_usstate = $field->parameters->get('use_usstate', 1);
$use_province = $field->parameters->get('use_province', 1);
$use_country = $field->parameters->get('use_country', 1);
$use_zip_suffix = $field->parameters->get('use_zip_suffix', 1);
$single_country = $field->parameters->get('single_country', '');
$new = 0;
$newpost = array();
foreach ($post as $n => $v) {
if (empty($v)) {
continue;
}
// validate data or empty/set default values
$newpost[$new] = array();
$v['country'] = !$use_country ? $single_country : @$v['country'];
// Force single country
$newpost[$new]['autocomplete'] = flexicontent_html::dataFilter($v['autocomplete'], 4000, 'STRING', 0);
$newpost[$new]['addr_display'] = flexicontent_html::dataFilter($v['addr_display'], 4000, 'STRING', 0);
$newpost[$new]['addr_formatted'] = flexicontent_html::dataFilter($v['addr_formatted'], 4000, 'STRING', 0);
$newpost[$new]['addr1'] = flexicontent_html::dataFilter($v['addr1'], 4000, 'STRING', 0);
$newpost[$new]['city'] = flexicontent_html::dataFilter($v['city'], 4000, 'STRING', 0);
$newpost[$new]['zip'] = flexicontent_html::dataFilter($v['zip'], 10, 'STRING', 0);
$newpost[$new]['lat'] = flexicontent_html::dataFilter(str_replace(',', '.', $v['lat']), 100, 'DOUBLE', 0);
$newpost[$new]['lon'] = flexicontent_html::dataFilter(str_replace(',', '.', $v['lon']), 100, 'DOUBLE', 0);
$newpost[$new]['url'] = flexicontent_html::dataFilter($v['url'], 4000, 'URL', 0);
$newpost[$new]['zoom'] = flexicontent_html::dataFilter($v['zoom'], 2, 'INTEGER', 0);
$newpost[$new]['addr2'] = !$use_addr2 || !isset($v['addr2']) ? '' : flexicontent_html::dataFilter($v['addr2'], 4000, 'STRING', 0);
$newpost[$new]['addr3'] = !$use_addr3 || !isset($v['addr3']) ? '' : flexicontent_html::dataFilter($v['addr3'], 4000, 'STRING', 0);
$newpost[$new]['state'] = !$use_usstate || !isset($v['state']) ? '' : flexicontent_html::dataFilter($v['state'], 200, 'STRING', 0);
$newpost[$new]['country'] = !$use_country || !isset($v['country']) ? '' : flexicontent_html::dataFilter($v['country'], 2, 'STRING', 0);
$newpost[$new]['province'] = !$use_province || !isset($v['province']) ? '' : flexicontent_html::dataFilter($v['province'], 200, 'STRING', 0);
$newpost[$new]['zip_suffix'] = !$use_zip_suffix || !isset($v['zip_suffix']) ? '' : flexicontent_html::dataFilter($v['zip_suffix'], 10, 'STRING', 0);
$new++;
}
$post = $newpost;
// Serialize multi-property data before storing them into the DB
foreach ($post as $i => $v) {
$post[$i] = serialize($v);
}
}
function onBeforeSaveField(&$field, &$post, &$file, &$item)
{
if (!in_array($field->field_type, self::$field_types)) {
return;
}
$use_ingroup = $field->parameters->get('use_ingroup', 0);
if (!is_array($post) && !strlen($post) && !$use_ingroup) {
return;
}
// Server side validation
$validation = $field->parameters->get('validation', 'HTML');
$maxlength = (int) $field->parameters->get('maxlength', 0);
// Make sure posted data is an array
$post = !is_array($post) ? array($post) : $post;
// Reformat the posted data
$newpost = array();
$new = 0;
foreach ($post as $n => $v) {
// Do server-side validation and skip empty values
$post[$n] = flexicontent_html::dataFilter($post[$n], $maxlength, $validation, 0);
if (!strlen($post[$n]) && !$use_ingroup) {
continue;
}
// skip empty values
$newpost[$new] = $post[$n];
$new++;
}
$post = $newpost;
/*if ($use_ingroup) {
$app = JFactory::getApplication();
$app->enqueueMessage( print_r($post, true), 'warning');
}*/
}
