/** * Assign a point bonus to a wish * * @return void */ public function addbonusTask() { //$listid = Request::getInt('wishlist', 0); $wishid = Request::getInt('wish', 0); $amount = Request::getInt('amount', 0); // missing wish id /*if (!$wishid or !$listid) { App::abort(404, Lang::txt('COM_WISHLIST_ERROR_WISH_NOT_FOUND')); return; }*/ //$objWishlist = new Wishlist($this->database); //$objWish = new Wish($this->database); $wishlist = new Wishlist(Request::getInt('wishlist', 0)); if (!$wishlist->exists()) { throw new Exception(Lang::txt('COM_WISHLIST_ERROR_WISHLIST_NOT_FOUND'), 404); } $wish = new Wish(Request::getInt('wish', 0)); if (!$wish->exists()) { throw new Exception(Lang::txt('COM_WISHLIST_ERROR_WISH_NOT_FOUND'), 404); } // Login required if (User::isGuest()) { // Set page title if (!$wishlist->isPublic() && !$wishlist->access('manage')) { $this->_list_title = ''; } $this->_buildTitle(); // Set the pathway $this->_buildPathway($wishlist); $this->login(); return; } // check available user funds $BTL = new \Hubzero\Bank\Teller($this->database, User::get('id')); $balance = $BTL->summary(); $credit = $BTL->credit_summary(); $funds = $balance - $credit; $funds = $funds > 0 ? $funds : '0'; // missing amount if ($amount == 0) { throw new Exception(Lang::txt('COM_WISHLIST_ERROR_INVALID_AMOUNT'), 500); } if ($amount < 0) { throw new Exception(Lang::txt('COM_WISHLIST_ERROR_NEGATIVE_BONUS'), 500); } else { if ($amount > $funds) { throw new Exception(Lang::txt('COM_WISHLIST_ERROR_NO_FUNDS'), 500); } } // put the amount on hold $BTL = new Teller($this->database, User::get('id')); $BTL->hold($amount, Lang::txt('COM_WISHLIST_BANKING_HOLD') . ' #' . $wish->get('id') . ' ' . Lang::txt('COM_WISHLIST_FOR') . ' ' . $wishlist->get('title'), 'wish', $wish->get('id')); App::redirect(Route::url($wish->link())); }
/** * Finalize the purchase process * * @return void */ public function finalizeTask() { // Check for request forgeries Request::checkToken(); // Set page title $this->_buildTitle(); // Set the pathway $this->_buildPathway(); // Check authorization if (User::isGuest()) { $this->loginTask(); return; } $now = \Date::toSql(); // Get cart object $item = new Cart($this->database); // Calculate total $cost = $item->getCartItems(User::get('id'), 'cost'); // Check available user funds $BTL = new Teller(User::get('id')); $balance = $BTL->summary(); $credit = $BTL->credit_summary(); $funds = $balance - $credit; $funds = $funds > 0 ? $funds : '0'; // Get cart items $items = $item->getCartItems(User::get('id')); if (!$items or $cost > $funds) { $this->cartTask(); return; } // Get shipping info $shipping = array_map('trim', $_POST); // make sure email address is valid $email = \Hubzero\Utility\Validate::email($shipping['email']) ? $shipping['email'] : User::get('email'); // Format posted info $details = Lang::txt('COM_STORE_SHIP_TO') . ':' . "\r\n"; $details .= $shipping['name'] . "\r\n"; $details .= Sanitize::stripAll($shipping['address']) . "\r\n"; $details .= Lang::txt('COM_STORE_COUNTRY') . ': ' . $shipping['country'] . "\r\n"; $details .= '----------------------------------------------------------' . "\r\n"; $details .= Lang::txt('COM_STORE_CONTACT') . ': ' . "\r\n"; if ($shipping['phone']) { $details .= $shipping['phone'] . "\r\n"; } $details .= $email . "\r\n"; $details .= '----------------------------------------------------------' . "\r\n"; $details .= Lang::txt('COM_STORE_DETAILS') . ': '; $details .= $shipping['comments'] ? "\r\n" . Sanitize::stripAll($shipping['comments']) : 'N/A'; // Register a new order $order = new Order($this->database); $order->uid = User::get('id'); $order->total = $cost; $order->status = '0'; // order placed $order->ordered = $now; $order->email = $email; $order->details = $details; // Store new content if (!$order->store()) { throw new Exception($order->getError(), 500); } // Get order ID $objO = new Order($this->database); $orderid = $objO->getOrderID(User::get('id'), $now); if ($orderid) { // Transfer cart items to order foreach ($items as $itm) { $orderitem = new OrderItem($this->database); $orderitem->uid = User::get('id'); $orderitem->oid = $orderid; $orderitem->itemid = $itm->itemid; $orderitem->price = $itm->price; $orderitem->quantity = $itm->quantity; $orderitem->selections = $itm->selections; // Save order item if (!$orderitem->store()) { throw new Exception($orderitem->getError(), 500); } } // Put the purchase amount on hold $BTL = new Teller(User::get('id')); $BTL->hold($order->total, Lang::txt('COM_STORE_BANKING_HOLD'), 'store', $orderid); $message = new \Hubzero\Mail\Message(); $message->setSubject(Config::get('sitename') . ' ' . Lang::txt('COM_STORE_EMAIL_SUBJECT_NEW_ORDER', $orderid)); $message->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' ' . Lang::txt(strtoupper($this->_option))); // Plain text email $eview = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => 'confirmation_plain')); $eview->option = $this->_option; $eview->controller = $this->_controller; $eview->orderid = $orderid; $eview->cost = $cost; $eview->shipping = $shipping; $eview->details = $details; $eview->items = $items; $plain = $eview->loadTemplate(false); $plain = str_replace("\n", "\r\n", $plain); $message->addPart($plain, 'text/plain'); // HTML email $eview->setLayout('confirmation_html'); $html = $eview->loadTemplate(); $html = str_replace("\n", "\r\n", $html); $message->addPart($html, 'text/html'); // Send e-mail $message->setTo(array(User::get('email'))); $message->send(); } // Empty cart $item->deleteCartItem('', User::get('id'), 'all'); if ($this->getError()) { \Notify::message($this->getError(), 'error'); } else { \Notify::message(Lang::txt('COM_STORE_SUCCESS_MESSAGE', $orderid), 'success'); } App::redirect(Route::url('index.php?option=' . $this->_option)); return; }
/** * Save a question * * @return void */ public function saveqTask() { // Check for request forgeries Request::checkToken(); // Login required if (User::isGuest()) { $this->setError(Lang::txt('COM_ANSWERS_PLEASE_LOGIN')); return $this->loginTask(); } if (!User::authorise('core.edit', $this->_option) && !User::authorise('core.create', $this->_option) && !User::authorise('core.manage', $this->_option)) { App::abort(403, Lang::txt('JLIB_APPLICATION_ERROR_ACCESS_FORBIDDEN')); } // Incoming $fields = Request::getVar('fields', array(), 'post', 'none', 2); $tags = Request::getVar('tags', ''); if (!isset($fields['reward'])) { $fields['reward'] = 0; } // If offering a reward, do some checks if ($fields['reward']) { // Is it an actual number? if (!is_numeric($fields['reward'])) { App::abort(500, Lang::txt('COM_ANSWERS_REWARD_MUST_BE_NUMERIC')); } // Are they offering more than they can afford? if ($fields['reward'] > $fields['funds']) { App::abort(500, Lang::txt('COM_ANSWERS_INSUFFICIENT_FUNDS')); } } unset($fields['funds']); // clean input array_walk($fields, function (&$field, $key) { $field = \Hubzero\Utility\Sanitize::clean($field); }); // Initiate class and bind posted items to database fields $row = Question::oneOrNew($fields['id'])->set($fields); if ($fields['reward'] && $this->config->get('banking')) { $row->set('reward', 1); } // Store new content if (!Request::checkHoneypot()) { $this->setError(Lang::txt('JLIB_APPLICATION_ERROR_INVALID_CONTENT')); return $this->newTask($row); } // Ensure the user added a tag if (!$tags) { $this->setError(Lang::txt('COM_ANSWERS_QUESTION_MUST_HAVE_TAG')); return $this->newTask($row); } // Store new content if (!$row->save()) { Request::setVar('tag', $tags); $this->setError($row->getError()); return $this->newTask($row); } // Hold the reward for this question if we're banking if ($fields['reward'] && $this->config->get('banking')) { $BTL = new Teller(User::get('id')); $BTL->hold($fields['reward'], Lang::txt('COM_ANSWERS_HOLD_REWARD_FOR_BEST_ANSWER'), 'answers', $row->get('id')); } // Add the tags $row->tag($tags); // Log activity $recipients = array($row->get('created_by')); $recipients = $this->recipients($recipients); Event::trigger('system.logActivity', ['activity' => ['action' => $fields['id'] ? 'updated' : 'created', 'scope' => 'question', 'scope_id' => $row->get('id'), 'anonymous' => $row->get('anonymous', 0), 'description' => Lang::txt('COM_ANSWERS_ACTIVITY_QUESTION_' . ($fields['id'] ? 'UPDATED' : 'CREATED'), '<a href="' . Route::url($row->link()) . '">' . $row->get('subject') . '</a>'), 'details' => array('title' => $row->get('title'), 'url' => $row->link())], 'recipients' => $recipients]); // Redirect to the question App::redirect(Route::url('index.php?option=' . $this->_option . '&task=question&id=' . $row->get('id')), Lang::txt('COM_ANSWERS_NOTICE_QUESTION_POSTED_THANKS')); }
/** * Save a question * * @return void */ public function saveqTask() { // Check for request forgeries Request::checkToken(); // Login required if (User::isGuest()) { $this->setError(Lang::txt('COM_ANSWERS_PLEASE_LOGIN')); $this->loginTask(); return; } if (!User::authorise('core.edit', $this->_option) && !User::authorise('core.create', $this->_option) && !User::authorise('core.manage', $this->_option)) { throw new Exception(Lang::txt('JLIB_APPLICATION_ERROR_ACCESS_FORBIDDEN'), 403); } // Incoming $fields = Request::getVar('fields', array(), 'post', 'none', 2); $tags = Request::getVar('tags', ''); if (!isset($fields['reward'])) { $fields['reward'] = 0; } // If offering a reward, do some checks if ($fields['reward']) { // Is it an actual number? if (!is_numeric($fields['reward'])) { throw new Exception(Lang::txt('COM_ANSWERS_REWARD_MUST_BE_NUMERIC'), 500); } // Are they offering more than they can afford? if ($fields['reward'] > $fields['funds']) { throw new Exception(Lang::txt('COM_ANSWERS_INSUFFICIENT_FUNDS'), 500); } } // clean input array_walk($fields, function (&$field, $key) { $field = \Hubzero\Utility\Sanitize::clean($field); }); // Initiate class and bind posted items to database fields $row = new Question($fields['id']); if (!$row->bind($fields)) { throw new Exception($row->getError(), 500); } if ($fields['reward'] && $this->config->get('banking')) { $row->set('reward', 1); } // Store new content if (!Request::checkHoneypot()) { $this->setError(Lang::txt('JLIB_APPLICATION_ERROR_INVALID_CONTENT')); $this->newTask($row); return; } // Ensure the user added a tag if (!$tags) { $this->setError(Lang::txt('COM_ANSWERS_QUESTION_MUST_HAVE_TAG')); $this->newTask($row); return; } // We need to temporarily set this so the store() method // has access to the tags string to be able to run it // through spam checkers and validation. $row->set('tags', $tags); // Store new content if (!$row->store(true)) { Request::setVar('tag', $tags); $this->setError($row->getError()); $this->newTask($row); return; } // Hold the reward for this question if we're banking if ($fields['reward'] && $this->config->get('banking')) { $BTL = new Teller($this->database, User::get('id')); $BTL->hold($fields['reward'], Lang::txt('COM_ANSWERS_HOLD_REWARD_FOR_BEST_ANSWER'), 'answers', $row->get('id')); } // Add the tags $row->tag($tags); // Get users who need to be notified on every question $apu = $this->config->get('notify_users', ''); $apu = explode(',', $apu); $apu = array_map('trim', $apu); $receivers = array(); // Get tool contributors if question is about a tool if ($tags) { $tags = preg_split("/[,;]/", $tags); if (count($tags) > 0) { require_once PATH_CORE . DS . 'components' . DS . 'com_tools' . DS . 'tables' . DS . 'author.php'; require_once PATH_CORE . DS . 'components' . DS . 'com_tools' . DS . 'tables' . DS . 'version.php'; $TA = new \Components\Tools\Tables\Author($this->database); $objV = new \Components\Tools\Tables\Version($this->database); foreach ($tags as $tag) { if ($tag == '') { continue; } if (preg_match('/tool:/', $tag)) { $toolname = preg_replace('/tool:/', '', $tag); if (trim($toolname)) { $rev = $objV->getCurrentVersionProperty($toolname, 'revision'); $authors = $TA->getToolAuthors('', 0, $toolname, $rev); if (count($authors) > 0) { foreach ($authors as $author) { $receivers[] = $author->uidNumber; } } } } } } } if (!empty($apu)) { foreach ($apu as $u) { $user = User::getInstance($u); if ($user) { $receivers[] = $user->get('id'); } } } $receivers = array_unique($receivers); // Send the message if (!empty($receivers)) { // Send a message about the new question to authorized users (specified admins or related content authors) $from = array('email' => Config::get('mailfrom'), 'name' => Config::get('sitename') . ' ' . Lang::txt('COM_ANSWERS_ANSWERS'), 'multipart' => md5(date('U'))); // Build the message subject $subject = Lang::txt('COM_ANSWERS_ANSWERS') . ', ' . Lang::txt('new question about content you author or manage'); $message = array(); // Plain text message $eview = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => 'question_plaintext')); $eview->option = $this->_option; $eview->sitename = Config::get('sitename'); $eview->question = $row; $eview->id = $row->get('id', 0); $eview->boundary = $from['multipart']; $message['plaintext'] = $eview->loadTemplate(false); $message['plaintext'] = str_replace("\n", "\r\n", $message['plaintext']); // HTML message $eview->setLayout('question_html'); $message['multipart'] = $eview->loadTemplate(); $message['multipart'] = str_replace("\n", "\r\n", $message['multipart']); if (!Event::trigger('xmessage.onSendMessage', array('new_question_admin', $subject, $message, $from, $receivers, $this->_option))) { $this->setError(Lang::txt('COM_ANSWERS_MESSAGE_FAILED')); } } // Redirect to the question App::redirect(Route::url('index.php?option=' . $this->_option . '&task=question&id=' . $row->get('id')), Lang::txt('COM_ANSWERS_NOTICE_QUESTION_POSTED_THANKS')); }