/**
* Save a question and redirect to the main listing when done
*
* @return void
*/
private function _save()
{
// Login required
if (User::isGuest()) {
return $this->_browse();
}
// Check for request forgeries
Request::checkToken();
Lang::load('com_answers');
// Incoming
$tags = Request::getVar('tags', '');
$funds = Request::getInt('funds', 0);
$reward = Request::getInt('reward', 0);
// If offering a reward, do some checks
if ($reward) {
// Is it an actual number?
if (!is_numeric($reward)) {
App::abort(500, Lang::txt('COM_ANSWERS_REWARD_MUST_BE_NUMERIC'));
return;
}
// Are they offering more than they can afford?
if ($reward > $funds) {
App::abort(500, Lang::txt('COM_ANSWERS_INSUFFICIENT_FUNDS'));
return;
}
}
// Initiate class and bind posted items to database fields
$fields = Request::getVar('question', array(), 'post', 'none', 2);
$row = new \Components\Answers\Models\Question($fields['id']);
if (!$row->bind($fields)) {
$this->setError($row->getError());
return $this->_new($row);
}
if ($reward && $this->banking) {
$row->set('reward', 1);
}
// Ensure the user added a tag
/*
if (!$tags)
{
$this->setError(Lang::txt('COM_ANSWERS_QUESTION_MUST_HAVE_TAG'));
return $this->_new($row);
}
*/
// Store new content
if (!$row->store(true)) {
$row->set('tags', $tags);
$this->setError($row->getError());
return $this->_new($row);
}
// Hold the reward for this question if we're banking
if ($reward && $this->banking) {
$BTL = new \Hubzero\Bank\Teller($this->database, User::get('id'));
$BTL->hold($reward, Lang::txt('COM_ANSWERS_HOLD_REWARD_FOR_BEST_ANSWER'), 'answers', $row->get('id'));
}
// Add the tags
$row->tag($tags);
// Add the tag to link to the resource
$tag = $this->model->isTool() ? 'tool:' . $this->model->resource->alias : 'resource:' . $this->model->resource->id;
$row->addTag($tag, User::get('id'), $this->model->isTool() ? 0 : 1);
// Get users who need to be notified on every question
$config = Component::params('com_answers');
$apu = $config->get('notify_users', '');
$apu = explode(',', $apu);
$apu = array_map('trim', $apu);
$receivers = array();
// Get tool contributors if question is about a tool
if ($tags) {
$tags = explode(',', $tags);
if (count($tags) > 0) {
require_once PATH_CORE . DS . 'components' . DS . 'com_tools' . DS . 'tables' . DS . 'author.php';
require_once PATH_CORE . DS . 'components' . DS . 'com_tools' . DS . 'tables' . DS . 'version.php';
$TA = new \Components\Tools\Tables\Author($this->database);
$objV = new \Components\Tools\Tables\Version($this->database);
if ($this->model->isTool()) {
$toolname = $this->model->resource->alias;
$rev = $objV->getCurrentVersionProperty($toolname, 'revision');
$authors = $TA->getToolAuthors('', 0, $toolname, $rev);
if (count($authors) > 0) {
foreach ($authors as $author) {
$receivers[] = $author->uidNumber;
}
}
}
}
}
if (!empty($apu)) {
foreach ($apu as $u) {
$user = User::getInstance($u);
if ($user) {
$receivers[] = $user->get('id');
}
}
}
$receivers = array_unique($receivers);
// Send the message
if (!empty($receivers)) {
// Send a message about the new question to authorized users (specified admins or related content authors)
$from = array('email' => Config::get('mailfrom'), 'name' => Config::get('sitename') . ' ' . Lang::txt('COM_ANSWERS_ANSWERS'), 'multipart' => md5(date('U')));
// Build the message subject
$subject = Lang::txt('COM_ANSWERS_ANSWERS') . ', ' . Lang::txt('new question about content you author or manage');
// Build the message
$eview = new \Hubzero\Mail\View(array('base_path' => PATH_CORE . DS . 'components' . DS . 'com_answers' . DS . 'site', 'name' => 'emails', 'layout' => 'question_plaintext'));
$eview->option = 'com_answers';
$eview->sitename = Config::get('sitename');
$eview->question = $row;
$eview->id = $row->get('id', 0);
$eview->boundary = $from['multipart'];
$message['plaintext'] = $eview->loadTemplate(false);
$message['plaintext'] = str_replace("\n", "\r\n", $message['plaintext']);
// HTML message
$eview->setLayout('question_html');
$message['multipart'] = $eview->loadTemplate();
$message['multipart'] = str_replace("\n", "\r\n", $message['multipart']);
if (!Event::trigger('xmessage.onSendMessage', array('new_question_admin', $subject, $message, $from, $receivers, 'com_answers'))) {
$this->setError(Lang::txt('COM_ANSWERS_MESSAGE_FAILED'));
}
}
// Redirect to the question
App::redirect(Route::url('index.php?option=' . $this->option . '&id=' . $this->model->resource->id . '&active=' . $this->_name));
}
/**
* Invoke a tool session
*
* @return void
*/
public function invokeTask()
{
// Check that the user is logged in
if (User::isGuest()) {
$this->loginTask();
return;
}
$params = Request::getString('params', '', 'default', JREQUEST_ALLOWRAW);
if (!empty($params)) {
$params_whitelist = explode(',', $this->config->get('params_whitelist', ''));
$separator = "\r\n";
$line = trim(strtok($params, $separator));
$verified_params = array();
while ($line !== false) {
$re = "/\\s*(directory|file|int)\\s*(?:\\:|\\(\\s*(.*?)\\s*\\)\\s*:)\\s*(.*?)\\s*\$/";
if (preg_match($re, $line, $matches) != false) {
$type = $matches[1];
$key = $matches[2];
$value = $matches[3];
if ($type == 'directory' || $type == 'file') {
// Replace ~/ prefix with user's home directory
if (strncmp($value, "~/", 2) === 0) {
$homeDirectory = rtrim(User::get('homeDirectory'), '/');
if (!isset($homeDirectory[0]) || $homeDirectory[0] !== '/') {
break;
}
$value = substr_replace($value, $homeDirectory, 0, 1);
}
// Fail if $value doesn't start with '/'
if ($value[0] != '/') {
break;
}
// Fail if unable to normalize $value
$value = $this->normalize_path($value, $type == 'file');
if ($value === false) {
break;
}
// Fail if $value contains a control charcater (0x00-0x1F) or an invalid utf-8 string
if (preg_match('/^[^\\x00-\\x1f]*$/u', $value) == 0) {
break;
}
// Fail if whitelist is empty
if (empty($params_whitelist)) {
break;
}
// Fail if $value isn't prefixed with a whitelisted directory
foreach ($params_whitelist as $wl) {
if (empty($wl)) {
continue;
}
$wl = rtrim(trim($wl), '/') . '/';
// make sure we compare against a full path element
if (strncmp($wl, $value, strlen($wl)) === 0) {
$match = $wl;
break;
}
}
if (!isset($match)) {
break;
}
// Add verified parameter to array
if ($key) {
$verified_params[] = $type . '(' . $key . '):' . $value;
} else {
$verified_params[] = $type . ':' . $value;
}
} else {
if ($type == 'int') {
// Fail if $value contains a control charcater (0x00-0x1F) or an invalid utf-8 string
if (preg_match('/^[^\\x00-\\x1f]*$/u', $value) == 0) {
break;
}
// Fail if $value not an integer
if (preg_match('/^[-+]?[0-9]+$/', $value) == 0) {
break;
}
// Add verified parameter to array
if ($key) {
$verified_params[] = $type . '(' . $key . '):' . $value;
} else {
$verified_params[] = $type . ':' . $value;
}
}
}
} else {
if (!empty($line)) {
break;
}
}
$line = strtok($separator);
// Get next line
}
if ($line !== false) {
$this->badparamsTask($params);
return;
}
}
// Incoming
$app = new stdClass();
$app->name = trim(str_replace(':', '-', Request::getVar('app', '')));
//$app->number = 0;
$app->version = Request::getVar('version', 'default');
// Get the user's IP address
$app->ip = Request::ip();
// Make sure we have an app to invoke
if (!$app->name) {
App::redirect(Route::url($this->config->get('stopRedirect', 'index.php?option=com_members&task=myaccount')));
return;
}
// Get the parent toolname (appname without any revision number "_r423")
include_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'version.php';
$tv = new \Components\Tools\Tables\Version($this->database);
switch ($app->version) {
case 1:
case 'current':
case 'default':
$app->name = $tv->getCurrentVersionProperty($app->name, 'instance');
break;
case 'test':
case 'dev':
$app->name .= '_dev';
break;
default:
$app->name .= '_r' . $app->version;
break;
}
$app->toolname = $app->name;
if ($parent = $tv->getToolname($app->name)) {
$app->toolname = $parent;
}
// Check of the toolname has a revision indicator
$r = substr(strrchr($app->name, '_'), 1);
if (substr($r, 0, 1) != 'r' && substr($r, 0, 3) != 'dev') {
$r = '';
}
// No version passed and no revision
if ((!$app->version || $app->version == 'default' || $app->version == 'current') && !$r) {
// Get the latest version
$app->version = $tv->getCurrentVersionProperty($app->toolname, 'revision');
$app->name = $app->toolname . '_r' . $app->version;
}
// Get the caption/session title
$tv->loadFromInstance($app->name);
$app->caption = stripslashes($tv->title);
$app->title = stripslashes($tv->title);
// Check if they have access to run this tool
$hasaccess = $this->_getToolAccess($app->name);
//$status2 = ($hasaccess) ? "PASSED" : "FAILED";
//Log::debug("mw::invoke " . $app->name . " by " . User::get('username') . " from " . $app->ip . " _getToolAccess " . $status2);
if ($this->getError()) {
echo '<!-- ' . $this->getError() . ' -->';
}
if (!$hasaccess) {
//$this->_redirect = Route::url('index.php?option=' . $this->_option . '&task=accessdenied');
$this->app = $app;
$this->accessdeniedTask();
return;
}
$country = \Hubzero\Geocode\Geocode::ipcountry($app->ip);
//die($app->ip . $country);
// Log the launch attempt
$this->_recordUsage($app->toolname, User::get('id'));
// Get the middleware database
$mwdb = \Components\Tools\Helpers\Utils::getMWDBO();
// Find out how many sessions the user is running.
$ms = new \Components\Tools\Tables\Session($mwdb);
$jobs = $ms->getCount(User::get('username'));
// Find out how many sessions the user is ALLOWED to run.
include_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'preferences.php';
$preferences = new \Components\Tools\Tables\Preferences($this->database);
$preferences->loadByUser(User::get('id'));
if (!$preferences || !$preferences->id) {
include_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'sessionclass.php';
$scls = new \Components\Tools\Tables\SessionClass($this->database);
$default = $scls->find('one', array('alias' => 'default'));
$preferences->user_id = User::get('id');
$preferences->class_id = $default->id;
$preferences->jobs = $default->jobs ? $default->jobs : 3;
$preferences->store();
}
$remain = $preferences->jobs - $jobs;
// Have they reached their session quota?
if ($remain <= 0) {
$this->quotaexceededTask();
return;
}
if ($this->config->get('warn_multiples', 0) && !Request::getInt('newinstance', 0)) {
$sessions = $ms->getRecords(User::get('username'), $app->name, false);
if ($sessions && count($sessions) > 0) {
$this->view->setLayout('list');
$this->view->app = $app;
$this->view->config = $this->config;
$this->view->sessions = $sessions;
foreach ($this->getErrors() as $error) {
$view->setError($error);
}
$this->view->display();
return;
}
}
// Get their disk space usage
$this->_getDiskUsage();
$this->_redirect = '';
$app->percent = 0;
if ($this->config->get('show_storage', 1)) {
$app->percent = $this->percent;
}
if ($this->percent >= 100) {
App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=storage'));
return;
}
// Get plugins
Plugin::import('mw', $app->toolname);
// Trigger any events that need to be called before session invoke
Event::trigger('mw.onBeforeSessionInvoke', array($app->toolname, $app->version));
$toolparams = '';
if (!empty($params)) {
$toolparams = " params=" . rawurlencode($params) . " ";
}
// Determine zone
$app->zone_id = 0;
if ($this->config->get('zones')) {
$middleware = new \Components\Tools\Models\Middleware();
$this->database->setQuery("SELECT zone_id FROM `#__tool_version_zone` WHERE tool_version_id=" . $this->database->quote($tv->id));
$middleware->set('allowed', $this->database->loadColumn());
if ($zone = $middleware->zoning($app->ip, $middleware->get('allowed'))) {
if ($zone->exists()) {
$toolparams .= ' zone=' . $zone->get('zone');
$app->zone_id = $zone->get('id');
}
}
}
// We've passed all checks so let's actually start the session
$status = $this->middleware("start user="******" ip=" . $app->ip . " app=" . $app->name . " version=" . $app->version . $toolparams, $output);
if ($this->getError()) {
//App::abort(500, $this->getError());
//return;
App::redirect(Route::url($this->config->get('stopRedirect', 'index.php?option=com_members&task=myaccount')), Lang::txt('COM_TOOLS_ERROR_SESSION_INVOKE_FAILED'), 'error');
return;
}
$app->sess = !empty($output->session) ? $output->session : '';
// Trigger any events that need to be called after session invoke
Event::trigger('mw.onAfterSessionInvoke', array($app->toolname, $app->version));
// Get a count of the number of sessions of this specific tool
$appcount = $ms->getCount(User::get('username'), $app->name);
// Do we have more than one session of this tool?
if ($appcount > 1) {
// We do, so let's append a timestamp
$app->caption .= ' (' . Date::toLocal('g:i a') . ')';
}
// Save the changed caption
$ms->load($app->sess);
$ms->sessname = $app->caption;
$ms->params = $params;
if (!$ms->store()) {
App::abort(500, $ms->getError());
}
$rtrn = Request::getVar('return', '');
$url = 'index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&app=' . $app->toolname . '&task=session&sess=' . $app->sess . '&return=' . $rtrn . (Request::getWord('viewer') ? '&viewer=' . Request::getWord('viewer') : '');
// Log activity
Event::trigger('system.logActivity', ['activity' => ['action' => 'created', 'scope' => 'tool.session', 'scope_id' => $app->sess, 'description' => Lang::txt('COM_TOOLS_ACTIVITY_SESSION_CREATED', $app->sess, '<a href="' . Route::url($url) . '">' . $app->caption . '</a>'), 'details' => array('tool' => $app->name, 'url' => $url)], 'recipients' => array(['user', User::get('id')])]);
App::redirect(Route::url($url, false));
}
/**
* Display a list of authors
*
* @param integer $id Resource ID
* @return void
*/
public function displayTask($id = null)
{
// Incoming
if (!$id) {
$id = Request::getInt('rid', 0);
}
// Ensure we have an ID to work with
if (!$id) {
App::abort(500, Lang::txt('COM_TOOLS_CONTRIBUTE_NO_ID'));
}
$this->view->version = Request::getVar('version', 'dev');
// Get all contributors of this resource
$helper = new \Components\Resources\Helpers\Helper($id, $this->database);
if ($this->view->version == 'dev') {
$helper->getCons();
} else {
$obj = new \Components\Tools\Tables\Tool($this->database);
$toolname = $obj->getToolnameFromResource($id);
$objV = new \Components\Tools\Tables\Version($this->database);
$revision = $objV->getCurrentVersionProperty($toolname, 'revision');
$helper->getToolAuthors($toolname, $revision);
}
// Get a list of all existing contributors
include_once PATH_CORE . DS . 'components' . DS . 'com_resources' . DS . 'tables' . DS . 'contributor' . DS . 'roletype.php';
$resource = new \Components\Resources\Tables\Resource($this->database);
$resource->load($id);
$rt = new \Components\Resources\Tables\Contributor\RoleType($this->database);
// Output HTML
$this->view->config = $this->config;
$this->view->contributors = $helper->_contributors;
$this->view->id = $id;
$this->view->roles = $rt->getRolesForType($resource->type);
$this->view->setErrors($this->getErrors())->setLayout('display')->display();
}
/**
* Display a list of screenshots for this entry
*
* @param integer $rid Resource ID
* @param string $version Tool version
* @return void
*/
public function displayTask($rid = NULL, $version = NULL)
{
$this->view->setLayout('display');
// Incoming
if (!$rid) {
$rid = Request::getInt('rid', 0);
}
if (!$version) {
$version = Request::getVar('version', 'dev');
}
// Ensure we have an ID to work with
if (!$rid) {
App::abort(500, Lang::txt('COM_TOOLS_CONTRIBUTE_NO_ID'));
return;
}
// Get resource information
$resource = new \Components\Resources\Tables\Resource($this->database);
$resource->load($rid);
// Get version id
$objV = new \Components\Tools\Tables\Version($this->database);
$vid = $objV->getVersionIdFromResource($rid, $version);
// Do we have a published tool?
$this->view->published = $objV->getCurrentVersionProperty($resource->alias, 'id');
// Get screenshot information for this resource
$ss = new \Components\Resources\Tables\Screenshot($this->database);
$this->view->shots = $ss->getScreenshots($rid, $vid);
// Build paths
include_once PATH_CORE . DS . 'components' . DS . 'com_resources' . DS . 'helpers' . DS . 'html.php';
$path = \Components\Resources\Helpers\Html::build_path($resource->created, $rid, '');
$this->view->upath = PATH_APP . DS . trim($this->rconfig->get('uploadpath'), DS) . $path;
$this->view->wpath = DS . trim($this->rconfig->get('uploadpath'), DS) . $path;
if ($vid) {
$this->view->upath .= DS . $vid;
$this->view->wpath .= DS . $vid;
}
// Make sure wpath is preceded by app
if (substr($this->view->wpath, 0, 4) != DS . 'app') {
$this->view->wpath = DS . 'app' . $this->view->wpath;
}
// get config
$this->view->cparams = Component::params('com_resources');
$this->view->version = $version;
$this->view->rid = $rid;
foreach ($this->getErrors() as $error) {
$this->view->setError($error);
}
// Output HTML
$this->view->display();
}
/**
* Runs a rappture job.
*
* This is more than just invoking a tool. We're expecting a driver file to pass to the
* tool to be picked up and automatically run by rappture.
*
* @apiMethod POST
* @apiUri /tools/run
* @apiParameter {
* "name": "app",
* "description": "Name of app installed as a tool in the hub",
* "type": "string",
* "required": true,
* }
* @apiParameter {
* "name": "revision",
* "description": "The specific requested revision of the app",
* "type": "string",
* "required": false,
* "default": "default",
* }
* @apiParameter {
* "name": "xml",
* "description": "Content of the driver file that rappture will use to invoke the given app",
* "type": "string",
* "required": true,
* }
* @return void
*/
public function runTask()
{
$this->requiresAuthentication();
// Get the user_id and attempt to load user profile
$userid = App::get('authn')['user_id'];
$profile = User::getInstance($userid);
// Make sure we have a user
if (!$profile->get('id')) {
throw new Exception(Lang::txt('Unable to find user.'), 404);
}
// Grab tool name and version
$tool_name = Request::getVar('app', '');
$tool_version = Request::getVar('revision', 'default');
// Build application object
$app = new stdClass();
$app->name = trim(str_replace(':', '-', $tool_name));
$app->version = $tool_version;
$app->ip = $_SERVER["REMOTE_ADDR"];
// Check to make sure we have an app to invoke
if (!$app->name) {
throw new Exception(Lang::txt('A valid app name must be provided'), 404);
}
// Include needed tool libraries
require_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'version.php';
require_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'session.php';
require_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'viewperm.php';
// Create database object
$database = \App::get('db');
// Load the tool version
$tv = new \Components\Tools\Tables\Version($database);
switch ($app->version) {
case 1:
case 'default':
$app->name = $tv->getCurrentVersionProperty($app->name, 'instance');
break;
case 'test':
case 'dev':
$app->name .= '_dev';
break;
default:
$app->name .= '_r' . $app->version;
break;
}
$app->toolname = $app->name;
if ($parent = $tv->getToolname($app->name)) {
$app->toolname = $parent;
}
// Check of the toolname has a revision indicator
$r = substr(strrchr($app->name, '_'), 1);
if (substr($r, 0, 1) != 'r' && substr($r, 0, 3) != 'dev') {
$r = '';
}
// No version passed and no revision
if ((!$app->version || $app->version == 'default') && !$r) {
// Get the latest version
$app->version = $tv->getCurrentVersionProperty($app->toolname, 'revision');
$app->name = $app->toolname . '_r' . $app->version;
}
// Get the caption/session title
$tv->loadFromInstance($app->name);
$app->caption = stripslashes($tv->title);
$app->title = stripslashes($tv->title);
// Make sure we have a valid tool
if ($app->title == '' || $app->toolname == '') {
throw new Exception(Lang::txt('The tool "%s" does not exist on the HUB.', $tool_name), 404);
}
// Get tool access
$toolAccess = \Components\Tools\Helpers\Utils::getToolAccess($app->name, $profile->get('username'));
// Do we have access
if ($toolAccess->valid != 1) {
throw new Exception($toolAccess->error->message, 500);
}
// Log the launch attempt
\Components\Tools\Helpers\Utils::recordToolUsage($app->toolname, $profile->get('id'));
// Get the middleware database
$mwdb = \Components\Tools\Helpers\Utils::getMWDBO();
// Find out how many sessions the user is running
$ms = new \Components\Tools\Tables\Session($mwdb);
$jobs = $ms->getCount($profile->get('username'));
// Find out how many sessions the user is ALLOWED to run.
include_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'preferences.php';
$preferences = new \Components\Tools\Tables\Preferences($database);
$preferences->loadByUser($profile->get('id'));
if (!$preferences || !$preferences->id) {
$default = $preferences->find('one', array('alias' => 'default'));
$preferences->user_id = $profile->get('id');
$preferences->class_id = $default->id;
$preferences->jobs = $default->jobs;
$preferences->store();
}
$remain = $preferences->jobs - $jobs;
//can we open another session
if ($remain <= 0) {
throw new Exception(Lang::txt('You are using all (%s) your available job slots.', $jobs), 401);
}
// Check for an incoming driver file
if ($driver = Request::getVar('xml', false, 'post', 'none', 2)) {
// Build a path to where the driver file will go through webdav
$base = DS . 'webdav' . DS . 'home';
$user = DS . $profile->get('username');
$data = DS . 'data';
$drvr = DS . '.queued_drivers';
$inst = DS . md5(time()) . '.xml';
// Real home directory
$homeDir = $profile->get('homeDirectory');
// First, make sure webdav is there and that the necessary folders are there
if (!\Filesystem::exists($base)) {
throw new Exception(Lang::txt('Home directories are unavailable'), 500);
}
// Now see if the user has a home directory yet
if (!\Filesystem::exists($homeDir)) {
// Try to create their home directory
require_once dirname(dirname(__DIR__)) . DS . 'helpers' . DS . 'utils.php';
if (!\Components\Tools\Helpers\Utils::createHomeDirectory($profile->get('username'))) {
throw new Exception(Lang::txt('Failed to create user home directory'), 500);
}
}
// Check for, and create if needed a session data directory
if (!\Filesystem::exists($base . $user . $data) && !\Filesystem::makeDirectory($base . $user . $data, 0700)) {
throw new Exception(Lang::txt('Failed to create data directory'), 500);
}
// Check for, and create if needed a queued drivers directory
if (!\Filesystem::exists($base . $user . $data . $drvr) && !\Filesystem::makeDirectory($base . $user . $data . $drvr, 0700)) {
throw new Exception(Lang::txt('Failed to create drivers directory'), 500);
}
// Write the driver file out
if (!\Filesystem::write($base . $user . $data . $drvr . $inst, $driver)) {
throw new Exception(Lang::txt('Failed to create driver file'), 500);
}
} else {
throw new Exception(Lang::txt('No driver file provided'), 404);
}
// Now build params path that will be included with tool execution
// We know from the checks above that this directory already exists
$params = 'file(execute):' . $homeDir . DS . 'data' . DS . '.queued_drivers' . $inst;
$encoded = ' params=' . rawurlencode($params) . ' ';
$command = 'start user='******'username') . " ip={$app->ip} app={$app->name} version={$app->version}" . $encoded;
$status = \Components\Tools\Helpers\Utils::middleware($command, $output);
if (!$status) {
throw new Exception(Lang::txt('Tool invocation failed'), 500);
}
$this->send(array('success' => true, 'session' => $output->session));
}
/**
* Publish a tool
*
* @return void
*/
public function publishTask()
{
// Set the layout (note: all the views for this controller use the same layout)
$this->view->setLayout('display');
// Create a Tool object
$obj = new \Components\Tools\Tables\Tool($this->database);
// Do we have an alias?
if ($alias = Request::getVar('app', '')) {
$this->_toolid = $obj->getToolId($alias);
}
// Do we have a tool ID
if (!$this->_toolid) {
App::abort(403, Lang::txt('COM_TOOLS_ERROR_TOOL_NOT_FOUND'));
return;
}
// Get the tool status
$obj->getToolStatus($this->_toolid, $this->_option, $status, 'dev');
// Check for a status
if (count($status) <= 0) {
App::abort(500, Lang::txt('COM_TOOLS_ERR_CANNOT_RETRIEVE'));
return;
}
$result = true;
Log::debug("publish(): checkpoint 1:{$result}");
// get config
// Create a Tool Version object
$objV = new \Components\Tools\Tables\Version($this->database);
$objV->getToolVersions($this->_toolid, $tools, '', 1);
// make checks
if (!is_numeric($status['revision'])) {
// bad format
$result = false;
$this->setError(Lang::txt('COM_TOOLS_ERR_MISSING_REVISION_OR_BAD_FORMAT'));
} else {
if (count($tools) > 0 && $status['revision']) {
// check for duplicate revision
foreach ($tools as $t) {
if ($t->revision == $status['revision']) {
$result = false;
$this->setError(Lang::txt('COM_TOOLS_ERR_REVISION_EXISTS') . ' ' . $status['revision']);
}
}
// check that revision number is greater than in previous version
$currentrev = $objV->getCurrentVersionProperty($status['toolname'], 'revision');
if ($currentrev && intval($currentrev) > intval($status['revision'])) {
$result = false;
$this->setError(Lang::txt('COM_TOOLS_ERR_REVISION_GREATER'));
}
}
}
// Log checkpoint
Log::debug("publish(): checkpoint 2:{$result}, check revision");
// check if version is valid
if (!\Components\Tools\Models\Tool::validateVersion($status['version'], $error_v, $this->_toolid)) {
$result = false;
$this->setError($error_v);
}
// Log checkpoint
Log::debug("publish(): checkpoint 3:{$result}, running finalize tool");
// Run finalizetool
if (!$this->getError()) {
if ($this->_finalizeTool($out)) {
$this->setMessage(Lang::txt('COM_TOOLS_Version finalized.'));
} else {
$this->setError($out);
$result = false;
}
}
Log::debug("publish(): checkpoint 4:{$result}, running doi stuff");
// Register DOI handle
if ($result && $this->config->get('new_doi', 0)) {
include_once PATH_CORE . DS . 'components' . DS . 'com_resources' . DS . 'tables' . DS . 'doi.php';
// Collect metadata
$url = Request::base() . ltrim(Route::url('index.php?option=com_resources&id=' . $status['resourceid'] . '&rev=' . $status['revision']), DS);
// Check if DOI exists for this revision
$objDOI = new \Components\Resources\Tables\Doi($this->database);
$bingo = $objDOI->getDoi($status['resourceid'], $status['revision'], '', 1);
// DOI already exists for this revision
if ($bingo) {
$this->setError(Lang::txt('COM_TOOLS_ERR_DOI_ALREADY_EXISTS') . ': ' . $bingo);
} else {
// Get latest DOI label
$latestdoi = $objDOI->getLatestDoi($status['resourceid']);
$newlabel = $latestdoi ? intval($latestdoi) + 1 : 1;
// Collect metadata
$metadata = array('targetURL' => $url, 'title' => htmlspecialchars(stripslashes($status['title'])), 'version' => $status['version'], 'abstract' => htmlspecialchars(stripslashes($status['description'])));
// Get authors
$objA = new \Components\Tools\Tables\Author($this->database);
$authors = $objA->getAuthorsDOI($status['resourceid']);
// Register DOI
$doiSuccess = $objDOI->registerDOI($authors, $this->config, $metadata, $doierr);
// Save [new] DOI record
if ($doiSuccess) {
if (!$objDOI->loadDOI($status['resourceid'], $status['revision'])) {
if ($objDOI->saveDOI($status['revision'], $newlabel, $status['resourceid'], $status['toolname'], 0, $doiSuccess)) {
$this->setMessage(Lang::txt('COM_TOOLS_SUCCESS_DOI_CREATED') . ' ' . $doiSuccess);
} else {
$this->setError(Lang::txt('COM_TOOLS_ERR_DOI_STORE_FAILED'));
$result = false;
}
} else {
$this->setError(Lang::txt('COM_TOOLS_DOI already exists: ') . $objDOI->doi);
}
} else {
$this->setError(Lang::txt('COM_TOOLS_ERR_DOI_STORE_FAILED'));
$this->setError($doierr);
$result = false;
}
}
}
if ($result) {
$invokedir = rtrim($this->config->get('invokescript_dir', DS . 'apps'), "\\/");
$hzt = \Components\Tools\Models\Tool::getInstance($this->_toolid);
$hztv_cur = $hzt->getCurrentVersion();
$hztv_dev = $hzt->getDevelopmentVersion();
Log::debug("publish(): checkpoint 6:{$result}, running database stuff");
// create tool instance in the database
$newtool = $status['toolname'] . '_r' . $status['revision'];
// get version id
$currentid = is_object($hztv_cur) ? $hztv_cur->id : null;
$new = $currentid ? 0 : 1;
$devid = $hztv_dev->id;
$exportmap = array('@OPEN' => null, '@GROUP' => null, '@US' => 'us', '@PU' => 'pu', '@D1' => 'd1');
$new_hztv = \Components\Tools\Models\Version::createInstance($status['toolname'], $newtool);
$new_hztv->toolname = $status['toolname'];
$new_hztv->instance = $newtool;
$new_hztv->toolid = $this->_toolid;
$new_hztv->state = 1;
$new_hztv->title = $status['title'];
$new_hztv->version = $status['version'];
$new_hztv->revision = $status['revision'];
$new_hztv->description = $status['description'];
$new_hztv->toolaccess = $status['exec'];
$new_hztv->codeaccess = $status['code'];
$new_hztv->wikiaccess = $status['wiki'];
$new_hztv->vnc_geometry = $status['vncGeometry'];
$new_hztv->vnc_command = $invokedir . DS . $status['toolname'] . DS . 'r' . $status['revision'] . DS . 'middleware' . DS . 'invoke -T r' . $status['revision'];
$new_hztv->mw = $status['mw'];
$new_hztv->released = Date::toSql();
$new_hztv->released_by = User::get('username');
$new_hztv->license = $status['license'];
$new_hztv->fulltxt = $status['fulltxt'];
$new_hztv->exportControl = $exportmap[strtoupper($status['exec'])];
$new_hztv->owner = $hztv_dev->owner;
$new_hztv->member = $hztv_dev->member;
$new_hztv->vnc_timeout = $hztv_dev->vnc_timeout;
$new_hztv->hostreq = $hztv_dev->hostreq;
$new_hztv->params = $status['params'];
if (!$new_hztv->update()) {
$this->setError(Lang::txt('COM_TOOLS_ERROR_UPDATING_INSTANCE'));
$result = false;
} else {
$this->_setTracAccess($new_hztv->toolname, $new_hztv->codeaccess, $new_hztv->wikiaccess);
// update tool entry
$hzt = \Components\Tools\Models\Tool::getInstance($this->_toolid);
$hzt->add('version', $new_hztv->instance);
$hzt->update();
if ($hzt->published != 1) {
$hzt->published = 1;
// save tool info
if (!$hzt->update()) {
$this->setError(Lang::txt('COM_TOOLS_ERROR_UPDATING_INSTANCE'));
} else {
$this->setMessage(Lang::txt('COM_TOOLS_NOTICE_TOOL_MARKED_PUBLISHED'));
}
}
// unpublish previous version
if (!$new) {
if ($hzt->unpublishVersion($hztv_cur->instance)) {
$this->setMessage(Lang::txt('COM_TOOLS_NOTICE_UNPUBLISHED_PREV_VERSION_DB'));
} else {
$this->setError(Lang::txt('COM_TOOLS_ERR_FAILED_TO_UNPUBLISH_PREV_VERSION_DB'));
}
}
// get version id
$currentid = $new_hztv->id;
// save authors for this version
$objA = new \Components\Tools\Tables\Author($this->database);
if ($objA->saveAuthors($status['developers'], $currentid, $status['resourceid'], $status['revision'], $status['toolname'])) {
$this->setMessage(Lang::txt('COM_TOOLS_AUTHORS_SAVED'));
} else {
$this->setError(Lang::txt('COM_TOOLS_ERROR_SAVING_AUTHORS', $currentid));
}
// transfer screenshots
if ($devid && $currentid) {
include_once __DIR__ . DS . 'screenshots.php';
$screenshots = new Screenshots();
if ($screenshots->transfer($devid, $currentid, $status['resourceid'])) {
$this->setMessage(Lang::txt('COM_TOOLS_SCREENSHOTS_TRANSFERRED'));
} else {
$this->setError(Lang::txt('COM_TOOLS_ERROR_TRANSFERRING_SCREENSHOTS'));
}
}
include_once __DIR__ . DS . 'resource.php';
$resource = new Resource();
// update and publish resource page
$resource->updatePage($status['resourceid'], $status, '1', $new);
}
}
Log::debug("publish(): checkpoint 7:{$result}, gather output");
// Set errors to view
foreach ($this->getErrors() as $error) {
$this->view->setError($error);
}
// Set messages to view
$this->view->messages = $this->getMessages();
// Output HTML
if (!($no_html = Request::getInt('no_html', 0))) {
App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=pipeline&task=status&app=' . $alias));
return;
}
$this->view->display();
}
/**
* Save a question
*
* @return void
*/
public function saveqTask()
{
// Check for request forgeries
Request::checkToken();
// Login required
if (User::isGuest()) {
$this->setError(Lang::txt('COM_ANSWERS_PLEASE_LOGIN'));
$this->loginTask();
return;
}
if (!User::authorise('core.edit', $this->_option) && !User::authorise('core.create', $this->_option) && !User::authorise('core.manage', $this->_option)) {
throw new Exception(Lang::txt('JLIB_APPLICATION_ERROR_ACCESS_FORBIDDEN'), 403);
}
// Incoming
$fields = Request::getVar('fields', array(), 'post', 'none', 2);
$tags = Request::getVar('tags', '');
if (!isset($fields['reward'])) {
$fields['reward'] = 0;
}
// If offering a reward, do some checks
if ($fields['reward']) {
// Is it an actual number?
if (!is_numeric($fields['reward'])) {
throw new Exception(Lang::txt('COM_ANSWERS_REWARD_MUST_BE_NUMERIC'), 500);
}
// Are they offering more than they can afford?
if ($fields['reward'] > $fields['funds']) {
throw new Exception(Lang::txt('COM_ANSWERS_INSUFFICIENT_FUNDS'), 500);
}
}
// clean input
array_walk($fields, function (&$field, $key) {
$field = \Hubzero\Utility\Sanitize::clean($field);
});
// Initiate class and bind posted items to database fields
$row = new Question($fields['id']);
if (!$row->bind($fields)) {
throw new Exception($row->getError(), 500);
}
if ($fields['reward'] && $this->config->get('banking')) {
$row->set('reward', 1);
}
// Store new content
if (!Request::checkHoneypot()) {
$this->setError(Lang::txt('JLIB_APPLICATION_ERROR_INVALID_CONTENT'));
$this->newTask($row);
return;
}
// Ensure the user added a tag
if (!$tags) {
$this->setError(Lang::txt('COM_ANSWERS_QUESTION_MUST_HAVE_TAG'));
$this->newTask($row);
return;
}
// We need to temporarily set this so the store() method
// has access to the tags string to be able to run it
// through spam checkers and validation.
$row->set('tags', $tags);
// Store new content
if (!$row->store(true)) {
Request::setVar('tag', $tags);
$this->setError($row->getError());
$this->newTask($row);
return;
}
// Hold the reward for this question if we're banking
if ($fields['reward'] && $this->config->get('banking')) {
$BTL = new Teller($this->database, User::get('id'));
$BTL->hold($fields['reward'], Lang::txt('COM_ANSWERS_HOLD_REWARD_FOR_BEST_ANSWER'), 'answers', $row->get('id'));
}
// Add the tags
$row->tag($tags);
// Get users who need to be notified on every question
$apu = $this->config->get('notify_users', '');
$apu = explode(',', $apu);
$apu = array_map('trim', $apu);
$receivers = array();
// Get tool contributors if question is about a tool
if ($tags) {
$tags = preg_split("/[,;]/", $tags);
if (count($tags) > 0) {
require_once PATH_CORE . DS . 'components' . DS . 'com_tools' . DS . 'tables' . DS . 'author.php';
require_once PATH_CORE . DS . 'components' . DS . 'com_tools' . DS . 'tables' . DS . 'version.php';
$TA = new \Components\Tools\Tables\Author($this->database);
$objV = new \Components\Tools\Tables\Version($this->database);
foreach ($tags as $tag) {
if ($tag == '') {
continue;
}
if (preg_match('/tool:/', $tag)) {
$toolname = preg_replace('/tool:/', '', $tag);
if (trim($toolname)) {
$rev = $objV->getCurrentVersionProperty($toolname, 'revision');
$authors = $TA->getToolAuthors('', 0, $toolname, $rev);
if (count($authors) > 0) {
foreach ($authors as $author) {
$receivers[] = $author->uidNumber;
}
}
}
}
}
}
}
if (!empty($apu)) {
foreach ($apu as $u) {
$user = User::getInstance($u);
if ($user) {
$receivers[] = $user->get('id');
}
}
}
$receivers = array_unique($receivers);
// Send the message
if (!empty($receivers)) {
// Send a message about the new question to authorized users (specified admins or related content authors)
$from = array('email' => Config::get('mailfrom'), 'name' => Config::get('sitename') . ' ' . Lang::txt('COM_ANSWERS_ANSWERS'), 'multipart' => md5(date('U')));
// Build the message subject
$subject = Lang::txt('COM_ANSWERS_ANSWERS') . ', ' . Lang::txt('new question about content you author or manage');
$message = array();
// Plain text message
$eview = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => 'question_plaintext'));
$eview->option = $this->_option;
$eview->sitename = Config::get('sitename');
$eview->question = $row;
$eview->id = $row->get('id', 0);
$eview->boundary = $from['multipart'];
$message['plaintext'] = $eview->loadTemplate(false);
$message['plaintext'] = str_replace("\n", "\r\n", $message['plaintext']);
// HTML message
$eview->setLayout('question_html');
$message['multipart'] = $eview->loadTemplate();
$message['multipart'] = str_replace("\n", "\r\n", $message['multipart']);
if (!Event::trigger('xmessage.onSendMessage', array('new_question_admin', $subject, $message, $from, $receivers, $this->_option))) {
$this->setError(Lang::txt('COM_ANSWERS_MESSAGE_FAILED'));
}
}
// Redirect to the question
App::redirect(Route::url('index.php?option=' . $this->_option . '&task=question&id=' . $row->get('id')), Lang::txt('COM_ANSWERS_NOTICE_QUESTION_POSTED_THANKS'));
}