function faccess_items_editable_where(&$where) { $canEdit = FAccess::checkUserElementsAccess($user->gmid, 'edit'); $canEditOwn = FAccess::checkUserElementsAccess($user->gmid, 'editown'); if (!@$canEdit['content']) { // first exclude the users allowed to edit all items if (@$canEditOwn['content']) { // custom rules for users allowed to edit all their own items $allown = array(); $allown[] = ' i.created_by = ' . $user->id; if (isset($canEdit['category'])) { if (count($canEdit['category'])) { $allown[] = ' i.catid IN (' . implode(',', $canEdit['category']) . ')'; } } if (isset($canEdit['item'])) { if (count($canEdit['item'])) { $allown[] = ' i.id IN (' . implode(',', $canEdit['item']) . ')'; } } if (count($allown) > 0) { $where[] = count($allown) > 1 ? ' (' . implode(' OR', $allown) . ')' : $allown[0]; } } else { if (isset($canEditOwn['category']) && count($canEditOwn['category']) || isset($canEditOwn['item']) && count($canEditOwn['item'])) { // standard rules for the other users $allown = array(); if (isset($canEditOwn['category'])) { if (count($canEditOwn['category'])) { $allown[] = ' (i.catid IN (' . implode(',', $canEditOwn['category']) . ') AND i.created_by = ' . $user->id . ')'; } } if (isset($canEdit['category'])) { if (count($canEdit['category'])) { $allown[] = ' i.catid IN (' . implode(',', $canEdit['category']) . ')'; } } if (isset($canEdit['item'])) { if (count($canEdit['item'])) { $allown[] = ' i.id IN (' . implode(',', $canEdit['item']) . ')'; } } if (count($allown) > 0) { $where[] = count($allown) > 1 ? ' (' . implode(' OR', $allown) . ')' : $allown[0]; } } else { $jAp = JFactory::getApplication(); $jAp->enqueueMessage(JText::_('FLEXI_CANNOT_VIEW_EDIT_ANY_ITEMS'), 'notice'); $where[] = ' 0 '; } } } }
function display($tpl = null) { //initialise variables $app = JFactory::getApplication(); $document = JFactory::getDocument(); $cparams = JComponentHelper::getParams('com_flexicontent'); $user = JFactory::getUser(); //add css to document $document->addStyleSheet(JURI::base() . 'components/com_flexicontent/assets/css/flexicontentbackend.css'); if (FLEXI_J30GE) { $document->addStyleSheet(JURI::base() . 'components/com_flexicontent/assets/css/j3x.css'); } else { if (FLEXI_J16GE) { $document->addStyleSheet(JURI::base() . 'components/com_flexicontent/assets/css/j25.css'); } else { $document->addStyleSheet(JURI::base() . 'components/com_flexicontent/assets/css/j15.css'); } } //add js function to overload the joomla submitform FLEXI_J30GE ? JHtml::_('behavior.framework', true) : JHTML::_('behavior.mootools'); JHTML::_('behavior.tooltip'); flexicontent_html::loadFramework('jQuery'); flexicontent_html::loadFramework('select2'); $document->addScript(JURI::root() . 'components/com_flexicontent/assets/js/admin.js'); $document->addScript(JURI::root() . 'components/com_flexicontent/assets/js/validate.js'); //Load pane behavior jimport('joomla.html.pane'); //Import File system jimport('joomla.filesystem.file'); //Get data from the model $model = $this->getModel(); $row = $this->get('Field'); if (FLEXI_J16GE) { $form = $this->get('Form'); } $types = $this->get('Typeslist'); $typesselected = $this->get('Typesselected'); //create the toolbar if ($row->id) { JToolBarHelper::title(JText::_('FLEXI_EDIT_FIELD'), 'fieldedit'); } else { JToolBarHelper::title(JText::_('FLEXI_ADD_FIELD'), 'fieldadd'); } $ctrl = FLEXI_J16GE ? 'fields.' : ''; JToolBarHelper::apply($ctrl . 'apply'); JToolBarHelper::save($ctrl . 'save'); JToolBarHelper::custom($ctrl . 'saveandnew', 'savenew.png', 'savenew.png', 'FLEXI_SAVE_AND_NEW', false); JToolBarHelper::cancel($ctrl . 'cancel'); // Import Joomla plugin that implements the type of current flexi field JPluginHelper::importPlugin('flexicontent_fields', $row->iscore ? 'core' : $row->field_type); // load plugin's english language file then override with current language file $extension_name = 'plg_flexicontent_fields_' . ($row->iscore ? 'core' : $row->field_type); JFactory::getLanguage()->load($extension_name, JPATH_ADMINISTRATOR, 'en-GB', true); JFactory::getLanguage()->load($extension_name, JPATH_ADMINISTRATOR, null, true); //check which properties are supported by current field $ft_support = FlexicontentFields::getPropertySupport($row->field_type, $row->iscore); $supportsearch = $ft_support->supportsearch; $supportadvsearch = $ft_support->supportadvsearch; $supportfilter = $ft_support->supportfilter; $supportadvfilter = $ft_support->supportadvfilter; $supportuntranslatable = $ft_support->supportuntranslatable; $supportvalueseditable = $ft_support->supportvalueseditable; $supportformhidden = $ft_support->supportformhidden; $supportedithelp = $ft_support->supportedithelp; //build selectlists, (for J1.6+ most of these are defined via XML file and custom form field classes) $lists = array(); //build field_type list if (!$row->field_type) { $row->field_type = 'text'; } if ($row->iscore == 1) { $class = 'disabled="disabled"'; } else { $class = ''; $_field_id = '#' . (FLEXI_J16GE ? 'jform_' : '') . 'field_type'; $_row_id = FLEXI_J16GE ? $form->getValue("id") : $row->id; $_ctrl_task = FLEXI_J16GE ? 'task=fields.getfieldspecificproperties' : 'controller=fields&task=getfieldspecificproperties'; $document->addScriptDeclaration("\n\t\t\t\tjQuery(document).ready(function() {\n\t\t\t\t\tjQuery('" . $_field_id . "').on('change', function() {\n\t\t\t\t\t\tjQuery('#fieldspecificproperties').html('<p class=\"centerimg\"><img src=\"components/com_flexicontent/assets/images/ajax-loader.gif\" align=\"center\"></p>');\n\t\t\t\t\t\tjQuery.ajax({\n\t\t\t\t\t\t\ttype: \"GET\",\n\t\t\t\t\t\t\turl: 'index.php?option=com_flexicontent&" . $_ctrl_task . "&cid=" . $_row_id . "&field_type='+this.value+'&format=raw',\n\t\t\t\t\t\t\tsuccess: function(str) {\n\t\t\t\t\t\t\t\tjQuery('#fieldspecificproperties').html(str);\n\t\t\t\t\t\t\t\tvar JTooltips = new Tips(jQuery('#fieldspecificproperties .hasTip'), { maxTitleChars: 50, fixed: false});\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\tjQuery('#field_typename').html(jQuery('" . $_field_id . "').val());\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t});\n\t\t\t\t\t});\n\t\t\t\t});\n\t\t\t"); } //build field select list $lists['field_type'] = flexicontent_html::buildfieldtypeslist('field_type', $class, $row->field_type, $group = true); //build type select list $attribs = 'class="use_select2_lib" multiple="multiple" size="6"'; $attribs .= $row->iscore ? ' disabled="disabled"' : ''; $types_fieldname = FLEXI_J16GE ? 'jform[tid][]' : 'tid[]'; $lists['tid'] = flexicontent_html::buildtypesselect($types, $types_fieldname, $typesselected, false, $attribs); // ************************************************************************** // Create fields for J1.5 (J2.5+ uses JForm XML file for most of form fields) // ************************************************************************** if (!FLEXI_J16GE) { //build formhidden selector $formhidden[] = JHTML::_('select.option', 0, JText::_('FLEXI_NO')); $formhidden[] = JHTML::_('select.option', 1, JText::_('FLEXI_FRONTEND')); $formhidden[] = JHTML::_('select.option', 2, JText::_('FLEXI_BACKEND')); $formhidden[] = JHTML::_('select.option', 3, JText::_('FLEXI_BOTH')); $formhidden_fieldname = FLEXI_J16GE ? 'jform[formhidden]' : 'formhidden'; $lists['formhidden'] = JHTML::_('select.radiolist', $formhidden, $formhidden_fieldname, '', 'value', 'text', $row->formhidden); if (FLEXI_ACCESS) { $valueseditable[] = JHTML::_('select.option', 0, JText::_('FLEXI_ANY_EDITOR')); $valueseditable[] = JHTML::_('select.option', 1, JText::_('FLEXI_USE_ACL_PERMISSION')); $valueseditable_fieldname = FLEXI_J16GE ? 'jform[valueseditable]' : 'valueseditable'; $lists['valueseditable'] = JHTML::_('select.radiolist', $valueseditable, $valueseditable_fieldname, '', 'value', 'text', $row->valueseditable); } $edithelp[] = JHTML::_('select.option', 0, JText::_('FLEXI_EDIT_HELP_NONE')); $edithelp[] = JHTML::_('select.option', 1, JText::_('FLEXI_EDIT_HELP_LABEL_TOOLTIP')); $edithelp[] = JHTML::_('select.option', 2, JText::_('FLEXI_EDIT_HELP_LABEL_TOOLTIP_WICON')); $edithelp[] = JHTML::_('select.option', 3, JText::_('FLEXI_EDIT_HELP_INLINE')); $edithelp_fieldname = FLEXI_J16GE ? 'jform[edithelp]' : 'edithelp'; $lists['edithelp'] = JHTML::_('select.radiolist', $edithelp, $edithelp_fieldname, '', 'value', 'text', $row->edithelp); // build the html select list for ordering $query = 'SELECT ordering AS value, label AS text' . ' FROM #__flexicontent_fields' . ' WHERE published >= 0' . ' ORDER BY ordering'; $row->ordering = @$row->ordering; $lists['ordering'] = $row->id ? JHTML::_('list.specificordering', $row, $row->id, $query) : JHTML::_('list.specificordering', $row, '', $query); //build access level list if (FLEXI_ACCESS) { $lang = JFactory::getLanguage(); $lang->_strings['FLEXIACCESS_PADD'] = 'Edit-Value'; $lists['access'] = FAccess::TabGmaccess($row, 'field', 1, 1, 0, 1, 0, 1, 0, 1, 1); } else { $lists['access'] = JHTML::_('list.accesslevel', $row); } } if (!FLEXI_J16GE) { // Create the parameter 's form object parsing the file XML $pluginpath = JPATH_PLUGINS . DS . 'flexicontent_fields' . DS . $row->field_type . '.xml'; if (JFile::exists($pluginpath)) { $form = new JParameter('', $pluginpath); } else { $form = new JParameter('', JPATH_PLUGINS . DS . 'flexicontent_fields' . DS . 'core.xml'); } // Special and Core Groups $form->loadINI($row->attribs); } // fail if checked out not by 'me' if ($row->id) { if ($model->isCheckedOut($user->get('id'))) { JError::raiseWarning('SOME_ERROR_CODE', $row->name . ' ' . JText::_('FLEXI_EDITED_BY_ANOTHER_ADMIN')); $app->redirect('index.php?option=com_flexicontent&view=fields'); } } //clean data JFilterOutput::objectHTMLSafe($row, ENT_QUOTES); // assign permissions for J2.5 if (FLEXI_J16GE) { $permission = FlexicontentHelperPerm::getPerm(); $this->assignRef('permission', $permission); } //assign data to template $this->assignRef('document', $document); $this->assignRef('row', $row); $this->assignRef('lists', $lists); $this->assignRef('form', $form); $this->assignRef('typesselected', $typesselected); $this->assignRef('supportsearch', $supportsearch); $this->assignRef('supportadvsearch', $supportadvsearch); $this->assignRef('supportfilter', $supportfilter); $this->assignRef('supportadvfilter', $supportadvfilter); $this->assignRef('supportuntranslatable', $supportuntranslatable); $this->assignRef('supportvalueseditable', $supportvalueseditable); $this->assignRef('supportformhidden', $supportformhidden); $this->assignRef('supportedithelp', $supportedithelp); parent::display($tpl); }
function display($tpl = null) { //initialise variables $app = JFactory::getApplication(); $document = JFactory::getDocument(); $user = JFactory::getUser(); //$authorparams = flexicontent_db::getUserConfig($user->id); //add css to document $document->addStyleSheet(JURI::base() . 'components/com_flexicontent/assets/css/flexicontentbackend.css'); if (FLEXI_J30GE) { $document->addStyleSheet(JURI::base() . 'components/com_flexicontent/assets/css/j3x.css'); } else { if (FLEXI_J16GE) { $document->addStyleSheet(JURI::base() . 'components/com_flexicontent/assets/css/j25.css'); } else { $document->addStyleSheet(JURI::base() . 'components/com_flexicontent/assets/css/j15.css'); } } //create the toolbar JToolBarHelper::title(JText::_('FLEXI_EDIT_FILE'), 'fileedit'); if (FLEXI_J16GE) { JToolBarHelper::apply('filemanager.apply'); JToolBarHelper::save('filemanager.save'); JToolBarHelper::cancel('filemanager.cancel'); } else { JToolBarHelper::apply(); JToolBarHelper::save(); JToolBarHelper::cancel(); } //Get data from the model $model = $this->getModel(); if (FLEXI_J16GE) { $form = $this->get('Form'); } $row = $this->get('File'); // fail if checked out not by 'me' if ($row->id) { if ($model->isCheckedOut($user->get('id'))) { JError::raiseWarning('SOME_ERROR_CODE', $row->name . ' ' . JText::_('FLEXI_EDITED_BY_ANOTHER_ADMIN')); $app->redirect('index.php?option=com_flexicontent&view=filemanager'); } } //build access level list if (FLEXI_J16GE) { $lists['access'] = JHTML::_('access.assetgrouplist', 'access', $row->access); } else { if (FLEXI_ACCESS) { $lists['access'] = FAccess::TabGmaccess($row, 'field', 1, 0, 0, 0, 0, 0, 0, 0, 0); } else { $lists['access'] = JHTML::_('list.accesslevel', $row); } } // Build languages list //$allowed_langs = !$authorparams ? null : $authorparams->get('langs_allowed',null); //$allowed_langs = !$allowed_langs ? null : FLEXIUtilities::paramToArray($allowed_langs); $allowed_langs = null; if (FLEXI_FISH || FLEXI_J16GE) { $lists['language'] = flexicontent_html::buildlanguageslist('language', '', $row->language, 3, $allowed_langs, $published_only = false); } else { $lists['language'] = flexicontent_html::getSiteDefaultLang() . '<input type="hidden" name="language" value="' . flexicontent_html::getSiteDefaultLang() . '" />'; } //clean data JFilterOutput::objectHTMLSafe($row, ENT_QUOTES); //assign data to template if (FLEXI_J16GE) { $this->assignRef('form', $form); } $this->assignRef('row', $row); $this->assignRef('lists', $lists); $this->assignRef('document', $document); parent::display($tpl); }
/** * Method to store the field * * @access public * @return boolean True on success * @since 1.0 */ function store($data) { // Check for request forgeries JRequest::checkToken() or jexit('Invalid Token'); // NOTE: 'data' is post['jform'] for J2.5 (this is done by the controller or other caller) $field = $this->getTable('flexicontent_fields', ''); $types = isset($data['tid']) ? $data['tid'] : array(); // types to which the field is being assigned // Support for 'dirty' field properties if ($data['id']) { $field->load($data['id']); if ($field->issearch == -1 || $field->issearch == 2) { unset($data['issearch']); } else { if (@$data['issearch'] == 0 && $field->issearch == 1) { $data['issearch'] = -1; } else { if (@$data['issearch'] == 1 && $field->issearch == 0) { $data['issearch'] = 2; } } } // Becomes dirty ON if ($field->isadvsearch == -1 || $field->isadvsearch == 2) { unset($data['isadvsearch']); } else { if (@$data['isadvsearch'] == 0 && $field->isadvsearch == 1) { $data['isadvsearch'] = -1; } else { if (@$data['isadvsearch'] == 1 && $field->isadvsearch == 0) { $data['isadvsearch'] = 2; } } } // Becomes dirty ON if ($field->isadvfilter == -1 || $field->isadvfilter == 2) { unset($data['isadvfilter']); } else { if (@$data['isadvfilter'] == 0 && $field->isadvfilter == 1) { $data['isadvfilter'] = -1; } else { if (@$data['isadvfilter'] == 1 && $field->isadvfilter == 0) { $data['isadvfilter'] = 2; } } } // Becomes dirty ON // FORCE dirty OFF, if field is being unpublished -and- is not already normal OFF if (isset($data['published']) && $data['published'] == 0 && $field->published == 1) { if ($field->issearch != 0) { $data['issearch'] = -1; } if ($field->isadvsearch != 0) { $data['isadvsearch'] = -1; } if ($field->isadvfilter != 0) { $data['isadvfilter'] = -1; } } } // bind it to the table if (!$field->bind($data)) { $this->setError($this->_db->getErrorMsg()); return false; } // Get field attibutes, for J1.5 is params for J2.5 is attribs $attibutes = !FLEXI_J16GE ? $data['params'] : $data['attribs']; // Build attibutes INI string if (FLEXI_J16GE) { // JSON encoding allows to use new lines etc // handled by 'flexicontent_types' (extends JTable for flexicontent_types) //$field->attribs = json_encode($attibutes); } else { if (is_array($attibutes)) { $txt = array(); foreach ($attibutes as $k => $v) { if (is_array($v)) { $v = implode('|', $v); } $txt[] = "{$k}={$v}"; } $field->attribs = implode("\n", $txt); } } // Put the new fields in last position if (!$field->id) { $field->ordering = $field->getNextOrder(); } // Make sure the data is valid if (!$field->check()) { $this->setError($field->getError()); return false; } // Store it in the db if (!$field->store()) { $this->setError($this->_db->getErrorMsg()); return false; } if (FLEXI_ACCESS) { FAccess::saveaccess($field, 'field'); } else { if (FLEXI_J16GE) { // saving asset in J2.5 is handled by the fields table class } } $this->_field =& $field; $this->_id = $field->id; // Assign (a) chosen types to custom field or (b) all types if field is core $this->_assignTypesToField($types); return true; }
function display($tpl = null) { //initialise variables $app = JFactory::getApplication(); $option = JRequest::getVar('option'); $document = JFactory::getDocument(); $cparams = JComponentHelper::getParams('com_flexicontent'); $user = JFactory::getUser(); //add css to document $document->addStyleSheetVersion(JURI::base(true) . '/components/com_flexicontent/assets/css/flexicontentbackend.css', FLEXI_VHASH); $document->addStyleSheetVersion(JURI::base(true) . '/components/com_flexicontent/assets/css/j3x.css', FLEXI_VHASH); // Add JS frameworks flexicontent_html::loadFramework('select2'); // Add js function to overload the joomla submitform validation JHTML::_('behavior.formvalidation'); // load default validation JS to make sure it is overriden $document->addScriptVersion(JURI::root(true) . '/components/com_flexicontent/assets/js/admin.js', FLEXI_VHASH); $document->addScriptVersion(JURI::root(true) . '/components/com_flexicontent/assets/js/validate.js', FLEXI_VHASH); //Load pane behavior jimport('joomla.html.pane'); //Import File system jimport('joomla.filesystem.file'); //Get data from the model $model = $this->getModel(); $row = $this->get('Field'); $form = $this->get('Form'); $types = $this->get('Typeslist'); $typesselected = $this->get('Typesselected'); //create the toolbar if ($row->id) { JToolBarHelper::title(JText::_('FLEXI_EDIT_FIELD'), 'fieldedit'); } else { JToolBarHelper::title(JText::_('FLEXI_ADD_FIELD'), 'fieldadd'); } $ctrl = FLEXI_J16GE ? 'fields.' : ''; JToolBarHelper::apply($ctrl . 'apply'); JToolBarHelper::save($ctrl . 'save'); JToolBarHelper::custom($ctrl . 'saveandnew', 'savenew.png', 'savenew.png', 'FLEXI_SAVE_AND_NEW', false); JToolBarHelper::cancel($ctrl . 'cancel'); // Import Joomla plugin that implements the type of current flexi field $extfolder = 'flexicontent_fields'; $extname = $row->iscore ? 'core' : $row->field_type; JPluginHelper::importPlugin('flexicontent_fields', $row->iscore ? 'core' : $row->field_type); // Create class name of the plugin and then create a plugin instance $classname = 'plg' . ucfirst($extfolder) . $extname; // Check max allowed version if (property_exists($classname, 'prior_to_version')) { // Set a system message with warning of failed PHP limits $prior_to_version = $app->getUserStateFromRequest($option . '.flexicontent.prior_to_version_' . $row->field_type, 'prior_to_version_' . $row->field_type, 0, 'int'); $app->setUserState($option . '.flexicontent.prior_to_version_' . $row->field_type, $prior_to_version + 1); if ($prior_to_version < 2) { $close_btn = FLEXI_J30GE ? '<a class="close" data-dismiss="alert">×</a>' : '<a class="fc-close" onclick="this.parentNode.parentNode.removeChild(this.parentNode);">×</a>'; $manifest_path = JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_flexicontent' . DS . 'manifest.xml'; $com_xml = JApplicationHelper::parseXMLInstallFile($manifest_path); $ver_exceeded = version_compare(str_replace(' ', '.', $com_xml['version']), str_replace(' ', '.', $classname::$prior_to_version), '>='); if ($ver_exceeded) { echo ' <span class="fc-note fc-mssg-inline"> ' . $close_btn . ' Warning: installed version of Field: \'<b>' . $extname . '</b>\' was given to be free for FLEXIcontent versions prior to: v' . $classname::$prior_to_version . ' <br/> It may or may not work properly in later versions </span>'; } else { echo ' <span class="fc-info fc-mssg-inline"> ' . $close_btn . ' Note: installed version of Field: \'<b>' . $extname . '</b>\' is given free for FLEXIcontent versions prior to: v' . $classname::$prior_to_version . ', nevertheless it will continue to function after FLEXIcontent is upgraded. </span>'; } } } // load plugin's english language file then override with current language file $extension_name = 'plg_flexicontent_fields_' . ($row->iscore ? 'core' : $row->field_type); JFactory::getLanguage()->load($extension_name, JPATH_ADMINISTRATOR, 'en-GB', true); JFactory::getLanguage()->load($extension_name, JPATH_ADMINISTRATOR, null, true); //check which properties are supported by current field $ft_support = FlexicontentFields::getPropertySupport($row->field_type, $row->iscore); $supportsearch = $ft_support->supportsearch; $supportadvsearch = $ft_support->supportadvsearch; $supportfilter = $ft_support->supportfilter; $supportadvfilter = $ft_support->supportadvfilter; $supportuntranslatable = $ft_support->supportuntranslatable; $supportvalueseditable = $ft_support->supportvalueseditable; $supportformhidden = $ft_support->supportformhidden; $supportedithelp = $ft_support->supportedithelp; //build selectlists, (for J1.6+ most of these are defined via XML file and custom form field classes) $lists = array(); //build field_type list if (!$row->field_type) { $row->field_type = 'text'; } $_attribs = ' class="use_select2_lib fc_skip_highlight" '; if ($row->iscore == 1) { $_attribs .= ' disabled="disabled" '; } else { $_field_id = 'jform_field_type'; $_row_id = $form->getValue("id"); $_ctrl_task = 'task=fields.getfieldspecificproperties'; $document->addScriptDeclaration("\n\t\t\t\tjQuery(document).ready(function() {\n\t\t\t\t\tjQuery('#" . $_field_id . "').on('change', function() {\n\t\t\t\t\t\tjQuery('#fieldspecificproperties').html('<p class=\"centerimg\"><img src=\"components/com_flexicontent/assets/images/ajax-loader.gif\" align=\"center\"></p>');\n\t\t\t\t\t\tjQuery.ajax({\n\t\t\t\t\t\t\ttype: \"GET\",\n\t\t\t\t\t\t\turl: 'index.php?option=com_flexicontent&" . $_ctrl_task . "&cid=" . $_row_id . "&field_type='+this.value+'&format=raw',\n\t\t\t\t\t\t\tsuccess: function(str) {\n\t\t\t\t\t\t\t\tjQuery('#fieldspecificproperties').html(str);\n\t\t\t\t\t\t\t\t" . (FLEXI_J30GE ? "\n\t\t\t\t\t\t\t\t\tjQuery('.hasTooltip').tooltip({'html': true,'container': jQuery('#fieldspecificproperties')});\n\t\t\t\t\t\t\t\t" : "\n\t\t\t\t\t\t\t\tvar tipped_elements = jQuery('#fieldspecificproperties .hasTip');\n\t\t\t\t\t\t\t\ttipped_elements.each(function() {\n\t\t\t\t\t\t\t\t\tvar title = this.get('title');\n\t\t\t\t\t\t\t\t\tif (title) {\n\t\t\t\t\t\t\t\t\t\tvar parts = title.split('::', 2);\n\t\t\t\t\t\t\t\t\t\tthis.store('tip:title', parts[0]);\n\t\t\t\t\t\t\t\t\t\tthis.store('tip:text', parts[1]);\n\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\t\tvar ajax_JTooltips = new Tips(\$('fieldspecificproperties').getElements('.hasTip'), { maxTitleChars: 50, fixed: false});\n\t\t\t\t\t\t\t\t") . "\n\t\t\t\t\t\t\t\ttabberAutomatic(tabberOptions, 'fieldspecificproperties');\n\t\t\t\t\t\t\t\tfc_bindFormDependencies('#fieldspecificproperties', 0, '');\n\t\t\t\t\t\t\t\tjQuery('#field_typename').html(jQuery('#" . $_field_id . "').val());\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t});\n\t\t\t\t\t});\n\t\t\t\t});\n\t\t\t"); } //build field select list $fieldtypes = flexicontent_db::getFieldTypes($_grouped = true, $_usage = false, $_published = true); $fftypes = array(); foreach ($fieldtypes as $field_group => $ft_types) { $fftypes[] = $field_group; foreach ($ft_types as $field_type => $ftdata) { $fftypes[] = array('value' => $ftdata->field_type, 'text' => $ftdata->friendly); } $fftypes[] = ''; } $lists['field_type'] = flexicontent_html::buildfieldtypeslist($fftypes, 'jform[field_type]', $row->field_type, $_grouped ? 1 : 0, $_attribs); //build type select list $attribs = 'class="use_select2_lib" multiple="multiple" size="6"'; $attribs .= $row->iscore ? ' disabled="disabled"' : ''; $types_fieldname = FLEXI_J16GE ? 'jform[tid][]' : 'tid[]'; $lists['tid'] = flexicontent_html::buildtypesselect($types, $types_fieldname, $typesselected, false, $attribs); // ************************************************************************** // Create fields for J1.5 (J2.5+ uses JForm XML file for most of form fields) // ************************************************************************** if (!FLEXI_J16GE) { //build formhidden selector $formhidden[] = JHTML::_('select.option', 0, JText::_('FLEXI_NO')); $formhidden[] = JHTML::_('select.option', 1, JText::_('FLEXI_FRONTEND')); $formhidden[] = JHTML::_('select.option', 2, JText::_('FLEXI_BACKEND')); $formhidden[] = JHTML::_('select.option', 3, JText::_('FLEXI_BOTH')); $formhidden_fieldname = FLEXI_J16GE ? 'jform[formhidden]' : 'formhidden'; $lists['formhidden'] = JHTML::_('select.radiolist', $formhidden, $formhidden_fieldname, '', 'value', 'text', $row->formhidden); if (FLEXI_ACCESS) { $valueseditable[] = JHTML::_('select.option', 0, JText::_('FLEXI_ANY_EDITOR')); $valueseditable[] = JHTML::_('select.option', 1, JText::_('FLEXI_USE_ACL_PERMISSION')); $valueseditable_fieldname = FLEXI_J16GE ? 'jform[valueseditable]' : 'valueseditable'; $lists['valueseditable'] = JHTML::_('select.radiolist', $valueseditable, $valueseditable_fieldname, '', 'value', 'text', $row->valueseditable); } $edithelp[] = JHTML::_('select.option', 0, JText::_('FLEXI_EDIT_HELP_NONE')); $edithelp[] = JHTML::_('select.option', 1, JText::_('FLEXI_EDIT_HELP_LABEL_TOOLTIP')); $edithelp[] = JHTML::_('select.option', 2, JText::_('FLEXI_EDIT_HELP_LABEL_TOOLTIP_WICON')); $edithelp[] = JHTML::_('select.option', 3, JText::_('FLEXI_EDIT_HELP_INLINE')); $edithelp_fieldname = FLEXI_J16GE ? 'jform[edithelp]' : 'edithelp'; $lists['edithelp'] = JHTML::_('select.radiolist', $edithelp, $edithelp_fieldname, '', 'value', 'text', $row->edithelp); // build the html select list for ordering $query = 'SELECT ordering AS value, label AS text' . ' FROM #__flexicontent_fields' . ' WHERE published >= 0' . ' ORDER BY ordering'; $row->ordering = @$row->ordering; $lists['ordering'] = $row->id ? JHTML::_('list.specificordering', $row, $row->id, $query) : JHTML::_('list.specificordering', $row, '', $query); //build access level list if (FLEXI_ACCESS) { $lang = JFactory::getLanguage(); $lang->_strings['FLEXIACCESS_PADD'] = 'Edit-Value'; $lists['access'] = FAccess::TabGmaccess($row, 'field', 1, 1, 0, 1, 0, 1, 0, 1, 1); } else { $lists['access'] = JHTML::_('list.accesslevel', $row); } } if (!FLEXI_J16GE) { // Create the parameter 's form object parsing the file XML $pluginpath = JPATH_PLUGINS . DS . 'flexicontent_fields' . DS . $row->field_type . '.xml'; if (JFile::exists($pluginpath)) { $form = new JParameter('', $pluginpath); } else { $form = new JParameter('', JPATH_PLUGINS . DS . 'flexicontent_fields' . DS . 'core.xml'); } // Special and Core Groups $form->loadINI($row->attribs); } // fail if checked out not by 'me' if ($row->id) { if ($model->isCheckedOut($user->get('id'))) { JError::raiseWarning('SOME_ERROR_CODE', $row->name . ' ' . JText::_('FLEXI_EDITED_BY_ANOTHER_ADMIN')); $app->redirect('index.php?option=com_flexicontent&view=fields'); } } //clean data JFilterOutput::objectHTMLSafe($row, ENT_QUOTES); // assign permissions for J2.5 $permission = FlexicontentHelperPerm::getPerm(); $this->assignRef('permission', $permission); //assign data to template $this->assignRef('document', $document); $this->assignRef('row', $row); $this->assignRef('lists', $lists); $this->assignRef('form', $form); $this->assignRef('typesselected', $typesselected); $this->assignRef('supportsearch', $supportsearch); $this->assignRef('supportadvsearch', $supportadvsearch); $this->assignRef('supportfilter', $supportfilter); $this->assignRef('supportadvfilter', $supportadvfilter); $this->assignRef('supportuntranslatable', $supportuntranslatable); $this->assignRef('supportvalueseditable', $supportvalueseditable); $this->assignRef('supportformhidden', $supportformhidden); $this->assignRef('supportedithelp', $supportedithelp); parent::display($tpl); }
function getItemList(&$field, &$item, &$ids = null, $cid = null, &$cparams = null) { // Global parameters $gparams = JFactory::getApplication()->getParams('com_flexicontent'); $filtercat = $gparams->get('filtercat', 0); // If language filtering is enabled in category view $db = JFactory::getDBO(); $user = JFactory::getUser(); $date = JFactory::getDate(); $nowDate = FLEXI_J16GE ? $date->toSql() : $date->toMySQL(); $nullDate = $db->getNullDate(); if ($ids === null) { $select = 'SELECT a.id'; $join = '' . ' LEFT JOIN #__flexicontent_items_ext AS ie on ie.item_id = a.id' . ' JOIN #__flexicontent_cats_item_relations AS rel ON rel.itemid = a.id '; // Get the site default language in case no language is set in the url $cntLang = substr(JFactory::getLanguage()->getTag(), 0, 2); // Current Content language (Can be natively switched in J2.5) $urlLang = JRequest::getWord('lang', ''); // Language from URL (Can be switched via Joomfish in J1.5) $lang = FLEXI_J16GE || empty($urlLang) ? $cntLang : $urlLang; // parameters shortcuts $types_to_exclude = $field->parameters->get('type_to_exclude', ''); // filter depending on permissions if (FLEXI_J16GE) { $aid_arr = JAccess::getAuthorisedViewLevels($user->id); $aid_list = implode(",", $aid_arr); $andaccess = ' AND a.access IN (' . $aid_list . ')'; } else { $aid = (int) $user->get('aid'); if (FLEXI_ACCESS) { $readperms = FAccess::checkUserElementsAccess($user->gmid, 'read'); if (isset($readperms['item']) && count($readperms['item'])) { $andaccess = ' AND ( ( a.access <= ' . $aid . ' OR a.id IN (' . implode(",", $readperms['item']) . ') OR a.created_by = ' . $user->id . ' OR ( a.modified_by = ' . $user->id . ' AND a.modified_by != 0 ) ) )'; } else { $andaccess = ' AND ( a.access <= ' . $aid . ' OR a.created_by = ' . $user->id . ' OR ( a.modified_by = ' . $user->id . ' AND a.modified_by != 0 ) )'; } } else { $andaccess = ' AND ( a.access <= ' . $aid . ' OR a.created_by = ' . $user->id . ' OR ( a.modified_by = ' . $user->id . ' AND a.modified_by != 0 ) )'; } } // Determine sort order $order = $cparams->get('orderby', ''); // TODO: finish using category ORDERING, now we ignore: commented, rated $orderby = ''; $orderby_join = ''; if ((int) $cparams->get('orderbycustomfieldid', 0) != 0) { if ($cparams->get('orderbycustomfieldint', 0) != 0) { $int = ' + 0'; } else { $int = ''; } $orderby = 'f.value' . $int . ' ' . $cparams->get('orderbycustomfielddir', 'ASC'); $orderby_join = ' LEFT JOIN #__flexicontent_fields_item_relations AS f ON f.item_id = a.id AND f.field_id = ' . (int) $cparams->get('orderbycustomfieldid', 0); } else { switch ($order) { case 'date': $orderby = 'a.created'; break; case 'rdate': $orderby = 'a.created DESC'; break; case 'modified': $orderby = 'a.modified DESC'; break; case 'alpha': $orderby = 'a.title'; break; case 'ralpha': $orderby = 'a.title DESC'; break; case 'author': $orderby = 'u.name'; break; case 'rauthor': $orderby = 'u.name DESC'; break; case 'hits': $orderby = 'a.hits'; break; case 'rhits': $orderby = 'a.hits DESC'; break; case 'order': $orderby = 'rel.ordering'; break; } // Create JOIN for ordering items by a most rated if ($order == 'author' || $order == 'rauthor') { $orderby_join = ' LEFT JOIN #__users AS u ON u.id = a.created_by'; } } $orderby = $orderby ? $orderby . ', a.title' : 'a.title'; $orderby = ' ORDER BY ' . $orderby; $types = is_array($types_to_exclude) ? implode(',', $types_to_exclude) : $types_to_exclude; $where = ' WHERE rel.catid = ' . $cid; $where .= ' AND ( a.state = 1 OR a.state = -5 )' . ' AND ( publish_up = ' . $db->Quote($nullDate) . ' OR publish_up <= ' . $db->Quote($nowDate) . ' )' . ' AND ( publish_down = ' . $db->Quote($nullDate) . ' OR publish_down >= ' . $db->Quote($nowDate) . ' )' . ($types_to_exclude ? ' AND ie.type_id NOT IN (' . $types . ')' : ''); if ((FLEXI_FISH || FLEXI_J16GE) && $filtercat) { $where .= ' AND ( ie.language LIKE ' . $db->Quote($lang . '%') . (FLEXI_J16GE ? ' OR ie.language="*" ' : '') . ' ) '; } } else { $select = 'SELECT a.*, ie.*,' . ' CASE WHEN CHAR_LENGTH(a.alias) THEN CONCAT_WS(":", a.id, a.alias) ELSE a.id END as slug,' . ' CASE WHEN CHAR_LENGTH(cc.alias) THEN CONCAT_WS(":", cc.id, cc.alias) ELSE cc.id END as categoryslug'; $join = ' LEFT JOIN #__flexicontent_items_ext AS ie on ie.item_id = a.id' . ' JOIN #__categories AS cc ON cc.id = ' . $cid; $orderby = ''; $orderby_join = ''; $where = ' WHERE a.id IN (' . implode(',', $ids) . ')'; $andaccess = ''; } // array of articles in same category correctly ordered $query = $select . ' FROM #__content AS a' . $join . $orderby_join . $where . $andaccess . $orderby; $db->setQuery($query); $list = $db->loadObjectList('id'); if ($db->getErrorNum()) { JError::raiseWarning($db->getErrorNum(), $db->getErrorMsg() . "<br />" . $query . "<br />"); } // this check needed if incorrect Itemid is given resulting in an incorrect result if (!is_array($list)) { $list = array(); } return $list; }
/** * Logic to delete categories * * @access public * @return void * @since 1.0 */ function remove() { // Check for request forgeries JRequest::checkToken() or jexit('Invalid Token'); $user = JFactory::getUser(); if (FLEXI_J16GE) { $perms = FlexicontentHelperPerm::getPerm(); $CanCats = $perms->CanCats; } else { if (FLEXI_ACCESS) { $CanCats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'categories', 'users', $user->gmid) : 1; } else { $CanCats = 1; } } $cid = JRequest::getVar('cid', array(0), 'post', 'array'); $msg = ''; if (!is_array($cid) || count($cid) < 1) { // no category selected JError::raiseWarning(500, JText::_('FLEXI_SELECT_ITEM_DELETE')); } else { if (!$CanCats) { // no access rights JError::raiseWarning(500, JText::_('FLEXI_ALERTNOTAUTH_TASK')); } else { // try to delete the category and clean cache $model = $this->getModel('categories'); $msg = $model->delete($cid); if (!$msg) { JError::raiseWarning(500, $model->getError()); $this->setRedirect('index.php?option=com_flexicontent&view=categories', $msg); return; } // clean cache $cache = JFactory::getCache('com_flexicontent'); $cache->clean(); $catscache = JFactory::getCache('com_flexicontent_cats'); $catscache->clean(); } } // redirect to categories management tab $this->setRedirect('index.php?option=com_flexicontent&view=categories', $msg); }
function display($tpl = null) { global $globalcats; $app = JFactory::getApplication(); $user = JFactory::getUser(); $document = JFactory::getDocument(); JFactory::getLanguage()->load('com_categories', JPATH_ADMINISTRATOR, 'en-GB', true); JFactory::getLanguage()->load('com_categories', JPATH_ADMINISTRATOR, null, true); // *********************************************************** // Get category data, and check if item is already checked out // *********************************************************** // Get data from the model $model = $this->getModel(); if (FLEXI_J16GE) { $row = $this->get('Item'); $form = $this->get('Form'); } else { $row = $this->get('Category'); } $catparams = new JRegistry($row->params); $cid = $row->id; $isnew = !$cid; // Check category is checked out by different editor / administrator if (!$isnew && $model->isCheckedOut($user->get('id'))) { JError::raiseWarning('SOME_ERROR_CODE', $row->title . ' ' . JText::_('FLEXI_EDITED_BY_ANOTHER_ADMIN')); $app->redirect('index.php?option=com_flexicontent&view=categories'); } // *************************************************************************** // Currently access checking for category add/edit form , it is done here, for // most other views we force going though the controller and checking it there // *************************************************************************** // ********************************************************************************************* // Global Permssions checking (needed because this view can be called without a controller task) // ********************************************************************************************* // Get global permissions $perms = FlexicontentHelperPerm::getPerm(); // handles super admins correctly // Check no access to categories management (Global permission) if (!$perms->CanCats) { $app->redirect('index.php?option=com_flexicontent', JText::_('FLEXI_NO_ACCESS')); } // Check no privilege to create new categories (Global permission) if ($isnew && !$perms->CanAddCats) { JError::raiseWarning(403, JText::_('FLEXI_NO_ACCESS_CREATE')); $app->redirect('index.php?option=com_flexicontent'); } // ************************************************************************************ // Record Permssions (needed because this view can be called without a controller task) // ************************************************************************************ // Get edit privilege for current category if (!$isnew) { if (FLEXI_J16GE) { $isOwner = $row->get('created_by') == $user->id; $rights = FlexicontentHelperPerm::checkAllItemAccess($user->id, 'category', $cid); $canedit_cat = in_array('edit', $rights) || in_array('edit.own', $rights) && $isOwner; } else { if (FLEXI_ACCESS) { $rights = FAccess::checkAllItemAccess('com_content', 'users', $user->gmid, 0, $row->id); $canedit_cat = $user->gid < 25 ? in_array('edit', $rights) || in_array('editown', $rights) : 1; } else { $canedit_cat = true; } } } // Get if we can create inside at least one (com_content) category if ($user->authorise('core.create', 'com_flexicontent')) { $cancreate_cat = true; } else { $usercats = FlexicontentHelperPerm::getAllowedCats($user, $actions_allowed = array('core.create'), $require_all = true, $check_published = true, $specific_catids = false, $find_first = true); $cancreate_cat = count($usercats) > 0; } // Creating new category: Check if user can create inside any existing category if ($isnew && !$cancreate_cat) { $acc_msg = JText::_('FLEXI_NO_ACCESS_CREATE') . "<br/>" . (FLEXI_J16GE ? JText::_('FLEXI_CANNOT_ADD_CATEGORY_REASON') : ""); JError::raiseWarning(403, $acc_msg); $app->redirect('index.php?option=com_flexicontent&view=categories'); } // Editing existing category: Check if user can edit existing (current) category if (!$isnew && !$canedit_cat) { $acc_msg = JText::_('FLEXI_NO_ACCESS_EDIT') . "<br/>" . JText::_('FLEXI_CANNOT_EDIT_CATEGORY_REASON'); JError::raiseWarning(403, $acc_msg); $app->redirect('index.php?option=com_flexicontent&view=categories'); } // ************************************************** // Include needed files and add needed js / css files // ************************************************** // Add css to document $document->addStyleSheetVersion(JURI::base(true) . '/components/com_flexicontent/assets/css/flexicontentbackend.css', FLEXI_VERSION); $document->addStyleSheetVersion(JURI::base(true) . '/components/com_flexicontent/assets/css/j3x.css', FLEXI_VERSION); // Add JS frameworks flexicontent_html::loadFramework('select2'); // Add js function to overload the joomla submitform validation JHTML::_('behavior.formvalidation'); // load default validation JS to make sure it is overriden $document->addScriptVersion(JURI::root(true) . '/components/com_flexicontent/assets/js/admin.js', FLEXI_VERSION); $document->addScriptVersion(JURI::root(true) . '/components/com_flexicontent/assets/js/validate.js', FLEXI_VERSION); //Load pane behavior jimport('joomla.html.pane'); // ******************** // Initialise variables // ******************** $editor_name = $user->getParam('editor', $app->getCfg('editor')); $editor = JFactory::getEditor($editor_name); $cparams = JComponentHelper::getParams('com_flexicontent'); $categories = $globalcats; $bar = JToolBar::getInstance('toolbar'); $tip_class = FLEXI_J30GE ? ' hasTooltip' : ' hasTip'; // ****************** // Create the toolbar // ****************** // Create Toolbar title and add the preview button if (!$isnew) { JToolBarHelper::title(JText::_('FLEXI_EDIT_CATEGORY'), 'fc_categoryedit'); } else { JToolBarHelper::title(JText::_('FLEXI_NEW_CATEGORY'), 'fc_categoryadd'); } // Add apply and save buttons JToolBarHelper::apply('category.apply', 'FLEXI_APPLY'); /*if ( !$isnew ) flexicontent_html::addToolBarButton( 'FLEXI_FAST_APPLY', $btn_name='apply_ajax', $full_js="Joomla.submitbutton('category.apply_ajax')", $msg_alert='', $msg_confirm='', $btn_task='category.apply_ajax', $extra_js='', $btn_list=false, $btn_menu=true, $btn_confirm=false, $btn_class="", $btn_icon="icon-loop");*/ JToolBarHelper::save('category.save'); // Add a save and new button, if user can create inside at least one (com_content) category if ($cancreate_cat) { JToolBarHelper::save2new('category.save2new'); } // Add a save as copy button, if editing an existing category (J2.5 only) if (!$isnew && $cancreate_cat) { JToolBarHelper::save2copy('category.save2copy'); } // Add a cancel or close button if ($isnew) { JToolBarHelper::cancel('category.cancel'); } else { JToolBarHelper::cancel('category.cancel', 'JTOOLBAR_CLOSE'); } // ****************** // Add preview button // ****************** if (!$isnew) { JToolBarHelper::divider(); $autologin = ''; //$cparams->get('autoflogin', 1) ? '&fcu='.$user->username . '&fcp='.$user->password : ''; $previewlink = JRoute::_(JURI::root() . FlexicontentHelperRoute::getCategoryRoute($categories[$cid]->slug)) . $autologin; // Add a preview button $bar->appendButton('Custom', '<a class="preview btn btn-small btn-info spaced-btn" href="' . $previewlink . '" target="_blank" ><span title="' . JText::_('Preview') . '" class="icon-screen"></span>' . JText::_('Preview') . '</a>', 'preview'); } // ************************ // Add modal layout editing // ************************ if (!$isnew && $perms->CanTemplates) { $inheritcid_comp = $cparams->get('inheritcid', -1); $inheritcid = $catparams->get('inheritcid', ''); $inherit_parent = $inheritcid === '-1' || $inheritcid === '' && $inheritcid_comp; if (!$inherit_parent || $row->parent_id === '1') { $row_clayout = $catparams->get('clayout', $cparams->get('clayout', 'blog')); } else { $row_clayout = $catparams->get('clayout', ''); if (!$row_clayout) { $_ancestors = $this->getModel()->getParentParams($row->id); // This is ordered by level ASC $row_clayout = $cparams->get('clayout', 'blog'); $cats_params = array(); foreach ($_ancestors as $_cid => $_cat) { $cats_params = new JRegistry($_cat->params); $row_clayout = $cats_params->get('clayout', '') ? $cats_params->get('clayout', '') : $row_clayout; } } } flexicontent_html::addToolBarButton('FLEXI_EDIT_LAYOUT', $btn_name = 'apply_ajax', $full_js = "var url = jQuery(this).attr('data-href'); fc_showDialog(url, 'fc_modal_popup_container'); return false;", $msg_alert = '', $msg_confirm = '', $btn_task = 'items.apply_ajax', $extra_js = '', $btn_list = false, $btn_menu = true, $btn_confirm = false, $btn_class = "btn-info" . $tip_class, $btn_icon = "icon-pencil", 'data-placement="bottom" data-href="index.php?option=com_flexicontent&view=template&type=category&tmpl=component&ismodal=1&folder=' . $row_clayout . '" title="Edit the display layout of this category. <br/><br/>Note: this layout maybe assigned to other categories, thus changing it will effect them too"'); } // ******************************************* // Prepare data to pass to the form's template // ******************************************* if (!FLEXI_J16GE) { //clean data JFilterOutput::objectHTMLSafe($row, ENT_QUOTES, 'description'); // Create the form $form = new JParameter($row->params, JPATH_COMPONENT . DS . 'models' . DS . 'category.xml'); //$form->loadINI($row->attribs); //echo "<pre>"; print_r($form->_xml['templates']->_children[0]); echo "<pre>"; print_r($form->_xml['templates']->param[0]); exit; foreach ($form->_xml['templates']->_children as $i => $child) { if (isset($child->_attributes['enableparam']) && !$cparams->get($child->_attributes['enableparam'])) { unset($form->_xml['templates']->_children[$i]); unset($form->_xml['templates']->param[$i]); } } foreach ($form->_xml['special']->_children as $i => $child) { if (isset($child->_attributes['enableparam']) && !$cparams->get($child->_attributes['enableparam'])) { unset($form->_xml['special']->_children[$i]); unset($form->_xml['special']->param[$i]); } } } // ********************************************************************************** // Get Templates and apply Template Parameters values into the form fields structures // ********************************************************************************** $themes = flexicontent_tmpl::getTemplates(); $tmpls = $themes->category; foreach ($tmpls as $tmpl) { $jform = new JForm('com_flexicontent.template.category', array('control' => 'jform', 'load_data' => true)); $jform->load($tmpl->params); $tmpl->params = $jform; // ... values applied at the template form file } //build selectlists $Lists = array(); if (!FLEXI_J16GE) { $javascript = "onchange=\"javascript:if (document.forms[0].image.options[selectedIndex].value!='') {document.imagelib.src='../images/stories/' + document.forms[0].image.options[selectedIndex].value} else {document.imagelib.src='../images/blank.png'}\""; $Lists['imagelist'] = JHTML::_('list.images', 'image', $row->image, $javascript, '/images/stories/'); $Lists['access'] = JHTML::_('list.accesslevel', $row); // build granular access list if (FLEXI_ACCESS) { $Lists['access'] = FAccess::TabGmaccess($row, 'category', 1, 1, 1, 1, 1, 1, 1, 1, 1); } } $check_published = false; $check_perms = true; $actions_allowed = array('core.create'); $fieldname = FLEXI_J16GE ? 'jform[parent_id]' : 'parent_id'; $Lists['parent_id'] = flexicontent_cats::buildcatselect($categories, $fieldname, $row->parent_id, $top = 1, 'class="use_select2_lib"', $check_published, $check_perms, $actions_allowed, $require_all = true, $skip_subtrees = array(), $disable_subtrees = array($row->id)); $check_published = false; $check_perms = true; $actions_allowed = array('core.edit', 'core.edit.own'); $fieldname = FLEXI_J16GE ? 'jform[copycid]' : 'copycid'; $Lists['copycid'] = flexicontent_cats::buildcatselect($categories, $fieldname, '', $top = 2, 'class="use_select2_lib"', $check_published, $check_perms, $actions_allowed, $require_all = false); $custom_options[''] = 'FLEXI_USE_GLOBAL'; $custom_options['0'] = 'FLEXI_COMPONENT_ONLY'; $custom_options['-1'] = 'FLEXI_PARENT_CAT_MULTI_LEVEL'; $check_published = false; $check_perms = true; $actions_allowed = array('core.edit', 'core.edit.own'); $fieldname = FLEXI_J16GE ? 'jform[special][inheritcid]' : 'params[inheritcid]'; $Lists['inheritcid'] = flexicontent_cats::buildcatselect($categories, $fieldname, $catparams->get('inheritcid', ''), $top = false, 'class="use_select2_lib"', $check_published, $check_perms, $actions_allowed, $require_all = false, $skip_subtrees = array(), $disable_subtrees = array(), $custom_options); // ************************ // Assign variables to view // ************************ $this->assignRef('document', $document); $this->assignRef('Lists', $Lists); $this->assignRef('row', $row); $this->assignRef('form', $form); $this->assignRef('perms', $perms); $this->assignRef('editor', $editor); $this->assignRef('tmpls', $tmpls); $this->assignRef('cparams', $cparams); parent::display($tpl); }
/** * Check in a record * * @since 1.5 */ static function checkin($tbl, $redirect_url, & $controller) { $cid = JRequest::getVar( 'cid', array(0), 'post', 'array' ); $pk = (int)$cid[0]; $user = JFactory::getUser(); $controller->setRedirect( $redirect_url, '' ); static $canCheckinRecords = null; if ($canCheckinRecords === null) { if (FLEXI_J16GE) { $canCheckinRecords = $user->authorise('core.admin', 'checkin'); } else if (FLEXI_ACCESS) { $canCheckinRecords = ($user->gid < 25) ? FAccess::checkComponentAccess('com_checkin', 'manage', 'users', $user->gmid) : 1; } else { // Only admin or super admin can check-in $canCheckinRecords = $user->gid >= 24; } } // Only attempt to check the row in if it exists. if ($pk) { // Get an instance of the row to checkin. $table = JTable::getInstance($tbl, ''); if (!$table->load($pk)) { $controller->setError($table->getError()); return;// false; } // Record check-in is allowed if either (a) current user has Global Checkin privilege OR (b) record checked out by current user if ($table->checked_out) { if ( !$canCheckinRecords && $table->checked_out != $user->id) { $controller->setError(JText::_( 'FLEXI_RECORD_CHECKED_OUT_DIFF_USER')); return;// false; } } // Attempt to check the row in. if (!$table->checkin($pk)) { $controller->setError($table->getError()); return;// false; } } $controller->setRedirect( $redirect_url, JText::sprintf('FLEXI_RECORD_CHECKED_IN_SUCCESSFULLY', 1) ); return;// true; }
echo JText::_('FLEXI_AUTHOR'); ?> </td> </tr> <?php $k = 0; $n = count($this->draft); for ($i = 0, $n; $i < $n; $i++) { $row = $this->draft[$i]; if (FLEXI_J16GE) { $rights = FlexicontentHelperPerm::checkAllItemAccess($user->id, 'item', $row->id); $canEdit = in_array('edit', $rights); $canEditOwn = in_array('edit.own', $rights) && $row->created_by == $user->id; } else { if (FLEXI_ACCESS) { $rights = FAccess::checkAllItemAccess('com_content', 'users', $user->gmid, $row->id, $row->catid); $canEdit = in_array('edit', $rights) || $user->gid > 24; $canEditOwn = in_array('editown', $rights) && $row->created_by == $user->id || $user->gid > 24; } else { $canEdit = 1; $canEditOwn = 1; } } $link = 'index.php?option=com_flexicontent&' . $items_task . 'edit&cid[]=' . $row->id; ?> <tr> <td> <?php if (!$canEdit && !$canEditOwn) { echo htmlspecialchars($row->title, ENT_QUOTES, 'UTF-8'); } else {
/** * Method to store the category * * @access public * @return boolean True on success * @since 1.0 */ function store($data) { $copyparams = JRequest::getVar('copycid', null, 'post', 'int'); if ($copyparams) { unset($data['params']); } $category = JTable::getInstance('flexicontent_categories', ''); // Bind the data. if (!$category->bind($data)) { $this->setError($this->_db->getErrorMsg()); return false; } if (!$category->id) { $category->ordering = $category->getNextOrder(); } // Either set parameters via copying from a given category if ($copyparams) { $category->params = $this->getParams($copyparams); } else { // Build parameter INI string if (is_array($data['params'])) { // Get layout parameters $clayout = $data['params']['clayout']; $tmpl_params = $data['layouts'][$clayout]; // Clear parameters of all layouts unset($data['layouts']); // Merge the parameters of currently selected layout $params = array_merge($data['params'], $tmpl_params); $txt = array(); foreach ($params as $k => $v) { if (is_array($v)) { $v = implode('|', $v); } $txt[] = "{$k}={$v}"; } $category->params = implode("\n", $txt); } } // Make sure the data is valid if (!$category->check()) { $this->setError($category->getError()); return false; } // Store it in the db if (!$category->store()) { $this->setError($this->_db->getErrorMsg()); return false; } if (FLEXI_ACCESS) { FAccess::saveaccess($category, 'category'); } $this->_category = $category; return true; }
<tr> <td colspan="10"> <?php echo $pagination_footer; ?> </td> </tr> </tfoot> <tbody> <?php if (FLEXI_J16GE) { $canCheckinRecords = $user->authorise('core.admin', 'checkin'); } else { if (FLEXI_ACCESS) { $canCheckinRecords = $user->gid < 25 ? FAccess::checkComponentAccess('com_checkin', 'manage', 'users', $user->gmid) : 1; } else { $canCheckinRecords = $user->gid >= 24; } } $k = 0; for ($i = 0, $n = count($this->rows); $i < $n; $i++) { $row =& $this->rows[$i]; if (FLEXI_J16GE) { $link = 'index.php?option=com_flexicontent&task=types.edit&cid[]=' . $row->id; $published = JHTML::_('jgrid.published', $row->published, $i, 'types.'); $access = flexicontent_html::userlevel('access[' . $row->id . ']', $row->access, 'onchange="return listItemTask(\'cb' . $i . '\',\'types.access\')"'); } else { $link = 'index.php?option=com_flexicontent&controller=types&task=edit&cid[]=' . $row->id; $published = JHTML::_('grid.published', $row, $i); $access = JHTML::_('grid.access', $row, $i);
/** * Method to CHECK item's -VIEWING- ACCESS, this could be moved to the controller, * if we do this, then we must check the view variable, because DISPLAY() CONTROLLER TASK * is shared among all views ... or create a separate FRONTEND controller for the ITEM VIEW * * @access private * @return array * @since 1.5 */ function _check_viewing_access() { global $globalcats; $app = JFactory::getApplication(); $user = JFactory::getUser(); $session = JFactory::getSession(); $aid = (int) $user->get('aid'); $gid = (int) $user->get('gid'); $cid = $this->_cid; $params = $this->_item->parameters; $cparams = $this->_cparams; $fcreturn = serialize( array('id'=>@$this->_item->id, 'cid'=>$cid) ); // a special url parameter, used by some SEF code $referer = @$_SERVER['HTTP_REFERER']; // the previously viewed page (refer) // a basic item title string $title_str = "<br />". JText::_('FLEXI_TITLE').": ".$this->_item->title.'[id: '.$this->_item->id.']'; // Since we will check access for VIEW (=read) only, we skip checks if TASK Variable is set, // the edit() or add() or other controller task, will be responsible for checking permissions. if ( @$this->_item->id // not new item && !JRequest::getVar('task', false) // skip various task checked at the controller && JRequest::getVar('view')==FLEXI_ITEMVIEW // must be in item(s) view ) { //************************************************************* // STEP A: Calculate ownership, edit permission and read access // (a) isOwner, (b) canedititem, (c) canviewitem //************************************************************* // (a) Calculate if owned by current user $isOwner = $this->_item->created_by== $user->get('id'); // (b) Calculate edit access ... // NOTE: we will allow view access if current user can edit the item (but set a warning message about it, see bellow) if (FLEXI_J16GE) { $canedititem = $params->get('access-edit'); $caneditstate = $params->get('access-edit-state'); } else if ($user->gid >= 25) { $canedititem = true; $caneditstate = true; } else if (FLEXI_ACCESS) { $rights = FAccess::checkAllItemAccess('com_content', 'users', $user->gmid, $this->_item->id, $this->_item->catid ); $canedititem = in_array('edit', $rights) || (in_array('editown', $rights) && $isOwner); $caneditstate = in_array('publish', $rights) || (in_array('publish', $rights) && $isOwner); } else { $canedititem = $user->authorize('com_content', 'edit', 'content', 'all') || ($user->authorize('com_content', 'edit', 'content', 'own') && $isOwner); $caneditstate = $user->authorize('com_content', 'publish', 'content', 'all'); } if (!$caneditstate) { // Item not editable, check if item is editable till logoff if ( $session->has('rendered_uneditable', 'flexicontent') ) { $rendered_uneditable = $session->get('rendered_uneditable', array(),'flexicontent'); $canedititem = isset($rendered_uneditable[$model->get('id')]); } } // (c) Calculate read access ... if (FLEXI_J16GE) { $canviewitem = $params->get('access-view'); } else if ($user->gid >= 25) { $canviewitem = true; } else { //$has_item_access = FLEXI_ACCESS ? FAccess::checkAllItemReadAccess('com_content', 'read', 'users', $user->gmid, 'item', $this->_item->id) : $this->_item->access <= $aid; //$has_mcat_access = FLEXI_ACCESS ? FAccess::checkAllItemReadAccess('com_content', 'read', 'users', $user->gmid, 'category', $this->_item->catid) : $this->_item->category_access <= $aid; //$has_type_access = ... must do SQL query, because No FLEXIaccess support via checkAllItemReadAccess() function //$canviewitem = $has_item_access && $has_type_access && $has_mcat_access; $canviewitem = $this->_item->has_item_access && (!$this->_item->catid || $this->_item->has_mcat_access) && (!$this->_item->type_id || $this->_item->has_type_access); } // ********************************************************************************* // STEP B: Calculate SOME ITEM PUBLICATION STATE FLAGS, used to decide if current item is active // FLAGS: item_is_published, item_is_scheduled, item_is_expired, cats_are_published // ********************************************************************************* $item_is_published = $this->_item->state == 1 || $this->_item->state == -5 || $this->_item->state == (FLEXI_J16GE ? 2:-1); $item_is_scheduled = $this->_item->publication_scheduled; $item_is_expired = $this->_item->publication_expired; if ( $cid ) { // cid is set, check state of current item category only // NOTE: J1.6+ all ancestor categories from current one to the root, for J1.5 only the current one ($cid) if ( FLEXI_J16GE && !isset($this->_item->ancestor_cats_published) ) { $ancestor_cats_published = true; foreach($globalcats[$cid]->ancestorsarray as $pcid) $ancestor_cats_published = $ancestor_cats_published && ($globalcats[$pcid]->published==1); $this->_item->ancestor_cats_published = $ancestor_cats_published; } $cats_are_published = FLEXI_J16GE ? $this->_item->ancestor_cats_published : $this->_item->catpublished; $cats_np_err_mssg = JText::sprintf('FLEXI_CONTENT_UNAVAILABLE_ITEM_CURRCAT_UNPUBLISHED', $cid); } else { // cid is not set, we have no current category, the item is visible if it belongs to at one published category $itemcats = $this->_item->categories; $cats_are_published = true; foreach ($itemcats as $catid) { $cats_are_published |= $globalcats[$catid]->published; if (FLEXI_J16GE) { // For J1.6+ check all ancestor categories from current one to the root foreach($globalcats[$catid]->ancestorsarray as $pcid) $cats_are_published = $cats_are_published && ($globalcats[$pcid]->published==1); } } $cats_np_err_mssg = JText::_('FLEXI_CONTENT_UNAVAILABLE_ITEM_ALLCATS_UNPUBLISHED'); } // Calculate if item is active ... and viewable is also it's (current or All) categories are published $preview = JRequest::getVar('preview', 0, 'request', 'int' ); // Get if trying to preview the item $version = JRequest::getVar('version', 0, 'request', 'int' ); // Get item version to load $item_active = $item_is_published && !$item_is_scheduled && !$item_is_expired; $item_n_cat_active = $item_active && $cats_are_published; $previewing_and_unlogged = (($preview || $version) && $user->guest); // this is a flag indicates to redirect to login instead of 404 error $ignore_publication = $canedititem || $caneditstate || $isOwner || $previewing_and_unlogged; $inactive_notice_set = false; $item_state_pending = $this->_item->state == -3; $item_state_draft = $this->_item->state == -4; //*********************************************************************************************************************** // STEP C: CHECK item state, if publication state is not ignored terminate with 404 NOT found, otherwise add a notice // NOTE: Asking all users to login when item is not active maybe wrong approach, so instead we raise 404 error, but we // will ask them to login only if previewing a latest or specific version (so ignore publication FLAG includes this case) // (a) Check that item is PUBLISHED (1,-5) or ARCHIVED (-1) // (b) Check that item has expired publication date // (c) Check that item has scheduled publication date // (d) Check that current item category or all items categories are published //*********************************************************************************************************************** // (a) Check that item is PUBLISHED (1,-5) or ARCHIVED (-1) if ( !$caneditstate && ($item_state_pending || $item_state_draft) && $isOwner ) { // SPECIAL workflow case, regardless of (view/edit privilege), allow users to view unpublished owned content, (a) if waiting for approval, or (b) if can request approval $inactive_notice_set = true; } else if ( !$item_is_published && !$ignore_publication ) { // Raise error that the item is unpublished $msg = JText::_('FLEXI_CONTENT_UNAVAILABLE_ITEM_UNPUBLISHED') . $title_str; if (FLEXI_J16GE) throw new Exception($msg, 404); else JError::raiseError(404, $msg); } else if ( !$item_is_published && !$inactive_notice_set ) { // Item edittable, set warning that ... JError::raiseNotice( 404, JText::_('FLEXI_CONTENT_UNAVAILABLE_ITEM_UNPUBLISHED') ); $inactive_notice_set = true; } // NOTE: First, we check for expired publication, since if item expired, scheduled publication is meaningless // (b) Check that item has expired publication date if ( $item_is_expired && !$ignore_publication ) { // Raise error that the item is scheduled for publication $msg = JText::_('FLEXI_CONTENT_UNAVAILABLE_ITEM_EXPIRED') . $title_str; if (FLEXI_J16GE) throw new Exception($msg, 404); else JError::raiseError(404, $msg); } else if ( $item_is_expired && !$inactive_notice_set ) { // Item edittable, set warning that ... JError::raiseNotice( 404, JText::_('FLEXI_CONTENT_UNAVAILABLE_ITEM_EXPIRED') ); $inactive_notice_set = true; } // (c) Check that item has scheduled publication date if ( $item_is_scheduled && !$ignore_publication ) { // Raise error that the item is scheduled for publication $msg = JText::_('FLEXI_CONTENT_UNAVAILABLE_ITEM_SCHEDULED') . $title_str; if (FLEXI_J16GE) throw new Exception($msg, 404); else JError::raiseError(404, $msg); } else if ( $item_is_scheduled && !$inactive_notice_set ) { // Item edittable, set warning that ... JError::raiseNotice( 404, JText::_('FLEXI_CONTENT_UNAVAILABLE_ITEM_SCHEDULED') ); $inactive_notice_set = true; } // (d) Check that current item category or all items categories are published if ( !$cats_are_published && !$ignore_publication ) { // Terminate execution with a HTTP not-found Server Error $msg = $cats_np_err_mssg . $title_str; if (FLEXI_J16GE) throw new Exception($msg, 404); else JError::raiseError(404, $msg); } else if( !$cats_are_published && !$inactive_notice_set ) { // Item edittable, set warning that item's (ancestor) category is unpublished JError::raiseNotice( 404, $cats_np_err_mssg ); $inactive_notice_set = true; } //******************************************************************************************* // STEP D: CHECK viewing access in relation to if user being logged and being owner / editor // (a) redirect user previewing a non-current item version, to either current item version or to refer if has no edit permission // (b) redirect item owner to previous page if user has no access (read/edit) to the item // (c) redirect unlogged user to login, so that user can possible login to privileged account // (d) redirect unauthorized logged user to the unauthorized page (if this is set) // (e) finally raise a 403 forbidden Server Error if user is unauthorized to access item //******************************************************************************************* // SPECIAL case when previewing an non-current version of an item, this is allowed only if user can edit the item $current_version = FLEXIUtilities::getCurrentVersions($this->_id, true); // Get current item version if ( $version && $version!=$current_version && !$canedititem && !$previewing_and_unlogged ) { // (a) redirect user previewing a non-current item version, to either current item version or to refer if has no edit permission JError::raiseNotice(403, JText::_('FLEXI_ALERTNOTAUTH_PREVIEW_UNEDITABLE')."<br />". JText::_('FLEXI_ALERTNOTAUTH_TASK') ); if ( $item_n_cat_active && $canviewitem ) { $app->redirect(JRoute::_(FlexicontentHelperRoute::getItemRoute($this->_item->slug, $this->_item->categoryslug, 0, $this->_item))); } else { $app->redirect($referer); // Item not viewable OR no view access, redirect to refer page } } // SPECIAL cases for inactive item else if ( !$item_n_cat_active && !$previewing_and_unlogged ) { if ( !$caneditstate && ($item_state_pending || $item_state_draft) && $isOwner ) { // no redirect, SET message to owners, to wait for approval or to request approval of their content $app->enqueueMessage(JText::_( $item_state_pending ? 'FLEXI_ALERT_VIEW_OWN_PENDING_STATE' : 'FLEXI_ALERT_VIEW_OWN_DRAFT_STATE' ), 'notice'); } else if ( !$canedititem && !$caneditstate && $isOwner ) { // (b) redirect item owner to previous page if user cannot access (read/edit) the item JError::raiseNotice(403, JText::_( $item_state_pending ? 'FLEXI_ALERTNOTAUTH_VIEW_OWN_PENDING' : 'FLEXI_ALERTNOTAUTH_VIEW_OWN_UNPUBLISHED' ) ); $app->redirect($referer); } else if ( $canedititem || $caneditstate ) { // no redirect, SET notice to the editors, that they are viewing unreadable content because they can edit the item $app->enqueueMessage(JText::_('FLEXI_CONTENT_ACCESS_ALLOWED_BECAUSE_EDITABLE_PUBLISHABLE'), 'notice'); } else { $app->enqueueMessage( 'INTERNAL ERROR: item inactive but checks were ignored despite current user not begin item owner or item assigned editor', 'notice'); $app->redirect($referer); } } // Cases for non-viewable and non-editable item else if ( !$canviewitem && !$canedititem ) { if($user->guest) { // (c) redirect unlogged user to login, so that user can possible login to privileged account $uri = JFactory::getURI(); $return = $uri->toString(); $com_users = FLEXI_J16GE ? 'com_users' : 'com_user'; $url = $cparams->get('login_page', 'index.php?option='.$com_users.'&view=login'); $return = strtr(base64_encode($return), '+/=', '-_,'); $url .= '&return='.$return; //$url .= '&return='.base64_encode($return); $url .= '&fcreturn='.base64_encode($fcreturn); JError::raiseWarning( 403, JText::sprintf("FLEXI_LOGIN_TO_ACCESS", $url)); $app->redirect( $url ); } else { $msg = JText::_( 'FLEXI_ALERTNOTAUTH_VIEW'); $msg .= $item->type_id && !$item->has_type_access ? "<br/>".JText::_("FLEXI_ALERTNOTAUTH_VIEW_TYPE") : ''; $msg .= $item->catid && !$item->has_mcat_access ? "<br/>".JText::_("FLEXI_ALERTNOTAUTH_VIEW_MCAT") : ''; if ($cparams->get('unauthorized_page', '')) { // (d) redirect unauthorized logged user to the unauthorized page (if this is set) JError::raiseNotice( 403, $msg); $app->redirect($cparams->get('unauthorized_page')); } else { // (e) finally raise a 403 forbidden Server Error if user is unauthorized to access item if (FLEXI_J16GE) throw new Exception($msg, 403); else JError::raiseError(403, $msg); } } } // User can read item and item is active, no further actions else { } } // End of Existing item (not new) }
function display($tpl = null) { echo '<div id="flexicontent">'; echo '<link rel="stylesheet" href="' . JURI::base() . 'components/com_flexicontent/assets/css/flexicontentbackend.css" />'; if (FLEXI_J30GE) { $fc_css = JURI::base() . 'components/com_flexicontent/assets/css/j3x.css'; } else { if (FLEXI_J16GE) { $fc_css = JURI::base() . 'components/com_flexicontent/assets/css/j25.css'; } else { $fc_css = JURI::base() . 'components/com_flexicontent/assets/css/j15.css'; } } echo '<link rel="stylesheet" href="' . $fc_css . '" />'; $user = JFactory::getUser(); $db = JFactory::getDBO(); $query = 'SELECT id, name, itemscreatable' . ' FROM #__flexicontent_types' . ' WHERE published = 1' . ' ORDER BY name ASC'; $db->setQuery($query); $types = $db->loadObjectList(); $types = is_array($types) ? $types : array(); echo '<label class="flexi_label">' . JText::_('FLEXI_SELECT_TYPE') . ':</label><br/><br/>'; $ctrl_task = FLEXI_J16GE ? 'items.add' : 'add'; $icon = "components/com_flexicontent/assets/images/layout_add.png"; foreach ($types as $type) { if (FLEXI_J16GE) { $allowed = !$type->itemscreatable || $user->authorise('core.create', 'com_flexicontent.type.' . $type->id); } else { if (FLEXI_ACCESS && $user->gid < 25) { $allowed = !$type->itemscreatable || FAccess::checkAllContentAccess('com_content', 'submit', 'users', $user->gmid, 'type', $type->id); } else { $allowed = 1; } } if (!$allowed && $type->itemscreatable == 1) { continue; } $link = "index.php?option=com_flexicontent&controller=items&task=" . $ctrl_task . "&typeid=" . $type->id . "&" . (FLEXI_J30GE ? JSession::getFormToken() : JUtility::getToken()) . "=1"; if (!$allowed && $type->itemscreatable == 2) { ?> <span class="fc_button"> <img style="margin-bottom:-3px;" src="<?php echo $icon; ?> " width="16" height="16" border="0" alt="<?php echo $type->name; ?> " /> <?php echo $type->name; ?> </span> <?php } else { ?> <a class="fc_button" href="<?php echo $link; ?> " target="_parent"> <img style="margin-bottom:-3px;" src="<?php echo $icon; ?> " width="16" height="16" border="0" alt="<?php echo $type->name; ?> " /> <?php echo $type->name; ?> </a> <?php } } $link = "index.php?option=com_flexicontent&controller=items&task=" . $ctrl_task . "&" . (FLEXI_J30GE ? JSession::getFormToken() : JUtility::getToken()) . "=1"; $_name = JText::_("FLEXI_ANY") . ' ... ' . JText::_("FLEXI_TYPE"); ?> <div class="fcclear"></div> <br/> <a class="fc_button fcsimple" href="<?php echo $link; ?> " target="_parent"> <img style="margin-bottom:-3px;" src="<?php echo $icon; ?> " width="16" height="16" border="0" alt="<?php echo $_name; ?> " /> <?php echo $_name; ?> </a> </div> <?php }
static function getTags(&$params, &$module) { $mainframe = JFactory::getApplication(); // Initialize $db = JFactory::getDBO(); $user = JFactory::getUser(); $nullDate = $db->getNullDate(); $now = FLEXI_J16GE ? JFactory::getDate()->toSql() : JFactory::getDate()->toMySQL(); $fparams = $mainframe->getParams('com_flexicontent'); $show_noauth = $fparams->get('show_noauth', 0); // Get parameters $minsize = (int) $params->get('min_size', '1'); $maxsize = (int) $params->get('max_size', '10'); $limit = (int) $params->get('count', '25'); $method = (int) $params->get('method', '1'); $scope = $params->get('categories'); $scope = is_array($scope) ? implode(',', $scope) : $scope; $tagitemid = (int) $params->get('force_itemid', 0); $where = !FLEXI_J16GE ? ' WHERE i.sectionid = ' . FLEXI_SECTION : ' WHERE 1 '; $where .= ' AND i.state IN ( 1, -5 )'; $where .= ' AND ( i.publish_up = ' . $db->Quote($nullDate) . ' OR i.publish_up <= ' . $db->Quote($now) . ' )'; $where .= ' AND ( i.publish_down = ' . $db->Quote($nullDate) . ' OR i.publish_down >= ' . $db->Quote($now) . ' )'; $where .= ' AND c.published = 1'; $where .= ' AND tag.published = 1'; // filter by permissions if (!$show_noauth) { if (FLEXI_J16GE) { $aid_arr = JAccess::getAuthorisedViewLevels($user->id); $aid_list = implode(",", $aid_arr); $where .= ' AND i.access IN (' . $aid_list . ')'; } else { $aid = (int) $user->get('aid'); if (FLEXI_ACCESS) { $readperms = FAccess::checkUserElementsAccess($user->gmid, 'read'); } if (!empty($readperms['item'])) { $where .= ' AND ( i.access <= ' . $aid . ' OR i.id IN (' . implode(",", $readperms['item']) . ') )'; } else { $where .= ' AND i.access <= ' . $aid; } } } // category scope if ($method == 2) { // include method $where .= ' AND c.id NOT IN (' . $scope . ')'; } else { if ($method == 3) { // exclude method $where .= ' AND c.id IN (' . $scope . ')'; } } // count Tags $result = array(); $query = 'SELECT COUNT( t.tid ) AS no' . ' FROM #__flexicontent_tags_item_relations AS t' . ' LEFT JOIN #__content AS i ON i.id = t.itemid' . ' LEFT JOIN #__categories AS c ON c.id = i.catid' . ' LEFT JOIN #__flexicontent_tags as tag ON tag.id = t.tid' . $where . ' GROUP BY t.tid' . ' ORDER BY no DESC'; $db->setQuery($query, 0, $limit); $result = FLEXI_J30GE ? $db->loadColumn() : $db->loadResultArray(); //Do we have any tags? if (!$result) { return $result; } $max = (int) $result[0]; $min = (int) $result[sizeof($result) - 1]; $query = 'SELECT tag.id, tag.name, count( rel.tid ) AS no,' . ' CASE WHEN CHAR_LENGTH(tag.alias) THEN CONCAT_WS(\':\', tag.id, tag.alias) ELSE tag.id END as slug' . ' FROM #__flexicontent_tags AS tag' . ' LEFT JOIN #__flexicontent_tags_item_relations AS rel ON rel.tid = tag.id' . ' LEFT JOIN #__content AS i ON i.id = rel.itemid' . ' LEFT JOIN #__categories AS c ON c.id = i.catid' . $where . ' GROUP BY tag.id' . ' HAVING no >= ' . $min . ' ORDER BY tag.name'; $db->setQuery($query, 0, $limit); $rows = $db->loadObjectList(); $i = 0; $lists = array(); foreach ($rows as $row) { $lists[$i] = new stdClass(); $lists[$i]->size = modFlexiTagCloudHelper::sizer($min, $max, $row->no, $minsize, $maxsize); $lists[$i]->name = $row->name; $lists[$i]->screenreader = JText::sprintf('FLEXI_NR_ITEMS_TAGGED', $row->no); if ($tagitemid) { $lists[$i]->link = FlexicontentHelperRoute::getTagRoute($row->slug, $tagitemid); } else { $lists[$i]->link = FlexicontentHelperRoute::getTagRoute($row->slug); } $lists[$i]->link = JRoute::_($lists[$i]->link . '&module=' . $module->id); $i++; } return $lists; }
$isadvfilter = $row->isadvfilter && $supportadvfilter ? "tick.png" : "publish_x" . (!$supportadvfilter ? '_f2' : '') . ".png"; $isadvfilter_tip = $row->isadvfilter && $supportadvfilter ? $flexi_yes : ($supportadvfilter ? $flexi_no : $flexi_nosupport); } else { $advfilter_dirty = 1; $isadvfilter = $row->isadvfilter == -1 ? "disconnect.png" : "connect.png"; $isadvfilter_tip = ($row->isadvfilter == 2 ? $flexi_yes : $flexi_no) . ", " . $flexi_rebuild; } if (FLEXI_J16GE) { if ($canPublish) { $access = flexicontent_html::userlevel('access[' . $row->id . ']', $row->access, 'onchange="return listItemTask(\'cb' . $i . '\',\'' . $ctrl . 'access\')"'); } else { $access = $this->escape($row->access_level); } } else { if (FLEXI_ACCESS) { $access = FAccess::accessswitch('field', $row, $i); } else { $access = JHTML::_('grid.access', $row, $i); } } $checked = @JHTML::_('grid.checkedout', $row, $i); $warning = '<span class="hasTip" title="' . JText::_('FLEXI_WARNING') . '::' . JText::_('FLEXI_NO_TYPES_ASSIGNED') . '">' . JHTML::image('administrator/components/com_flexicontent/assets/images/warning.png', JText::_('FLEXI_NO_TYPES_ASSIGNED')) . '</span>'; ?> <tr class="<?php echo "row{$k}"; ?> " style="<?php echo $row_css; ?> "> <td><?php
/** * Logic to copy the fields * * @access public * @return void * @since 1.5 */ function copy() { // Check for request forgeries JRequest::checkToken() or jexit('Invalid Token'); // Get model, user, ids of copied fields $model = $this->getModel('fields'); $user = JFactory::getUser(); $cid = JRequest::getVar('cid', array(0), 'default', 'array'); $task = JRequest::getVar('task', 'copy'); // calculate access if (FLEXI_J16GE) { $is_authorised = $user->authorise('flexicontent.copyfields', 'com_flexicontent'); } else { // With / Without FLEXI_ACCESS there is no global privilege, so we will check publish (edit state) privilege bellow (for backend users it will be always true) $is_authorised = true; } // check access if (!$is_authorised) { JError::raiseWarning(403, JText::_('FLEXI_ALERTNOTAUTH')); $this->setRedirect('index.php?option=com_flexicontent&view=fields'); return; } // Remove core fields $core_cid = array(); $non_core_cid = array(); // Copying of core fields is not allowed foreach ($cid as $id) { if ($id < 15) { $core_cid[] = $id; } else { $non_core_cid[] = $id; } } // Remove uneditable fields $auth_cid = array(); $non_auth_cid = array(); // Cannot copy fields you cannot edit foreach ($non_core_cid as $id) { $asset = 'com_flexicontent.field.' . $id; if (FLEXI_J16GE) { $is_authorised = $user->authorise('flexicontent.editfield', $asset); } else { if (FLEXI_ACCESS && $user->gid < 25) { $is_authorised = FAccess::checkAllContentAccess('com_content', 'edit', 'users', $user->gmid, 'field', $id); } else { // Only admin or super admin can copy fields $is_authorised = $user->gid >= 24; } } if ($is_authorised) { $auth_cid[] = $id; } else { $non_auth_cid[] = $id; } } // Try to copy fields $ids_map = $model->copy($auth_cid, $task == 'copy_wvalues'); if (!$ids_map) { $msg = JText::_('FLEXI_FIELDS_COPY_FAILED'); JError::raiseWarning(500, $model->getError()); } else { $msg = ''; if (count($ids_map)) { $msg .= JText::sprintf('FLEXI_FIELDS_COPY_SUCCESS', count($ids_map)) . ' '; } if (count($auth_cid) - count($ids_map)) { //$msg .= JText::sprintf('FLEXI_FIELDS_SKIPPED_DURING_COPY', count($auth_cid)-count($ids_map)) . ' '; } if (count($core_cid)) { $msg .= JText::sprintf('FLEXI_FIELDS_CORE_FIELDS_NOT_COPIED', count($core_cid)) . ' '; } if (count($non_auth_cid)) { $msg .= JText::sprintf('FLEXI_FIELDS_UNEDITABLE_FIELDS_NOT_COPIED', count($non_auth_cid)) . ' '; } $cache = JFactory::getCache('com_flexicontent'); $cache->clean(); } $mainframe = JFactory::getApplication(); $option = JRequest::getVar('option'); $filter_type = $mainframe->getUserStateFromRequest($option . '.fields.filter_type', 'filter_type', '', 'int'); if ($filter_type) { $mainframe->setUserState($option . '.fields.filter_type', ''); $msg .= ' ' . JText::_('FLEXI_TYPE_FILTER_CLEARED_TO_VIEW_NEW_FIELDS'); } $this->setRedirect('index.php?option=com_flexicontent&view=fields', $msg); }
/** * Build the where clause * * @access private * @return string */ function _buildContentWhere() { $app = JFactory::getApplication(); $user = JFactory::getUser(); $option = JRequest::getVar('option'); $langparent_item = $app->getUserStateFromRequest($option . '.itemelement.langparent_item', 'langparent_item', 0, 'int'); $type_id = $app->getUserStateFromRequest($option . '.itemelement.type_id', 'type_id', 0, 'int'); $created_by = $app->getUserStateFromRequest($option . '.itemelement.created_by', 'created_by', 0, 'int'); if ($langparent_item) { $user_fullname = JFactory::getUser($created_by)->name; $this->_db->setQuery('SELECT name FROM #__flexicontent_types WHERE id = ' . $type_id); $type_name = $this->_db->loadResult(); $msg = sprintf("Selecting ORIGINAL Content item for a translating item of Content Type: \"%s\" and User: \"%s\"", $type_name, $user_fullname); $jAp = JFactory::getApplication(); $jAp->enqueueMessage($msg, 'message'); } $filter_state = $app->getUserStateFromRequest($option . '.itemelement.filter_state', 'filter_state', '', 'word'); $filter_cats = $app->getUserStateFromRequest($option . '.itemelement.filter_cats', 'filter_cats', '', 'int'); $filter_type = $app->getUserStateFromRequest($option . '.itemelement.filter_type', 'filter_type', '', 'int'); if (FLEXI_FISH || FLEXI_J16GE) { if ($langparent_item) { $filter_lang = flexicontent_html::getSiteDefaultLang(); } else { $filter_lang = $app->getUserStateFromRequest($option . '.itemelement.filter_lang', 'filter_lang', '', 'cmd'); } } $search = $app->getUserStateFromRequest($option . '.itemelement.search', 'search', '', 'string'); $search = trim(JString::strtolower($search)); $where = array(); $where[] = ' i.state != -2'; // Exclude trashed if (!FLEXI_J16GE) { $where[] = ' sectionid = ' . FLEXI_SECTION; } if ($filter_state) { if ($filter_state == 'P') { $where[] = 'i.state = 1'; } else { if ($filter_state == 'U') { $where[] = 'i.state = 0'; } else { if ($filter_state == 'PE') { $where[] = 'i.state = -3'; } else { if ($filter_state == 'OQ') { $where[] = 'i.state = -4'; } else { if ($filter_state == 'IP') { $where[] = 'i.state = -5'; } else { if ($filter_state == 'A') { $where[] = 'i.state = ' . (FLEXI_J16GE ? 2 : -1); } } } } } } } if ($filter_cats) { $where[] = 'rel.catid = ' . $filter_cats; } if ($langparent_item && $type_id) { $where[] = 'ie.type_id = ' . $type_id; } else { if ($filter_type) { $where[] = 'ie.type_id = ' . $filter_type; } } if (FLEXI_FISH || FLEXI_J16GE) { if ($filter_lang) { $where[] = 'ie.language = ' . $this->_db->Quote($filter_lang); } } if ($search) { $search_escaped = FLEXI_J16GE ? $this->_db->escape($search, true) : $this->_db->getEscaped($search, true); $where[] = ' LOWER(i.title) LIKE ' . $this->_db->Quote('%' . $search_escaped . '%', false); } /*if (FLEXI_J16GE) { $isAdmin = JAccess::check($user->id, 'core.admin', 'root.1'); } else { $isAdmin = $user->gid >= 24; }*/ if (FLEXI_J16GE) { $assocanytrans = $user->authorise('flexicontent.assocanytrans', 'com_flexicontent'); } else { if (FLEXI_ACCESS) { $assocanytrans = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'assocanytrans', 'users', $user->gmid) : 1; } else { $assocanytrans = $user->gid >= 24; } } // is at least admin if (!$assocanytrans) { if ($langparent_item && $created_by) { $where[] = ' i.created_by=' . $created_by; } } $where = count($where) ? ' WHERE ' . implode(' AND ', $where) : ''; return $where; }
/** * Method to store the type * * @access public * @return boolean True on success * @since 1.0 */ function store($data) { // Check for request forgeries JRequest::checkToken() or jexit('Invalid Token'); // NOTE: 'data' is post['jform'] for J2.5 (this is done by the controller or other caller) $type = $this->getTable('flexicontent_types', ''); // Load existing data and set new record flag $isnew = !(bool) $data['id']; if ($data['id']) { $type->load($data['id']); } // Build attibutes INI string if (FLEXI_J16GE) { // Retrieve form data these are subject to basic filtering $jform = JRequest::getVar('jform', array(), 'post', 'array'); $ilayout = $data['attribs']['ilayout']; if (!empty($jform['layouts'][$ilayout])) { $data['attribs'] = array_merge($data['attribs'], $jform['layouts'][$ilayout]); } // JSON encoding allows to use new lines etc, handled by 'flexicontent_types' (extends JTable for flexicontent_types) //$data['attribs'] = json_encode($data['attribs']); // bind it to the table if (!$type->bind($data)) { $this->setError($this->_db->getErrorMsg()); return false; } } else { // bind it to the table if (!$type->bind($data)) { $this->setError($this->_db->getErrorMsg()); return false; } if (is_array($data['params'])) { // Get layout parameters $ilayout = $data['params']['ilayout']; $tmpl_params = $data['layouts'][$ilayout]; // Clear parameters of all layouts unset($data['layouts']); // Merge the parameters of currently selected layout $data['params'] = array_merge($data['params'], $tmpl_params); $txt = array(); foreach ($data['params'] as $k => $v) { if (is_array($v)) { $v = implode('|', $v); } $txt[] = "{$k}={$v}"; } $type->attribs = implode("\n", $txt); } } // Put the new types in last position, currently this column is missing /*if (!$type->id) { $type->ordering = $type->getNextOrder(); }*/ // Make sure the data is valid if (!$type->check()) { $this->setError($type->getError()); return false; } // Store it in the db if (!$type->store()) { $this->setError($this->_db->getErrorMsg()); return false; } if (FLEXI_ACCESS) { FAccess::saveaccess($type, 'type'); } else { if (FLEXI_J16GE) { // saving asset in J2.5 is handled by the types table class } } $this->_type =& $type; $this->_id = $type->id; // Only insert default relations if the type is new if ($isnew) { $this->_addCoreFieldRelations(); } return true; }
$publish_up->setOffset($tz_offset); $publish_down->setOffset($tz_offset); } $link = 'index.php?option=com_flexicontent&' . $items_task . 'edit&cid[]=' . $row->id; if (FLEXI_J16GE) { if (($canEdit || $canEditOwn) && $this->CanAccLvl) { $access = flexicontent_html::userlevel('access[' . $row->id . ']', $row->access, 'onchange="return listItemTask(\'cb' . $i . '\',\'items.access\')"'); } else { $access = $this->escape($row->access_level); } } else { if (FLEXI_ACCESS) { if (($canEdit || $canEditOwn) && $this->CanAccLvl) { $access = FAccess::accessswitch('item', $row, $i); } else { $access = FAccess::accessswitch('item', $row, $i, 'content', 1); } } else { $access = JHTML::_('grid.access', $row, $i); } } $cid_checkbox = @JHTML::_('grid.checkedout', $row, $i); // Check publication START/FINISH dates (publication Scheduled / Expired) $is_published = in_array($row->state, array(1, -5, FLEXI_J16GE ? 2 : -1)); $extra_img = $extra_alt = ''; if ($row->publication_scheduled && $is_published) { $extra_img = 'pushished_scheduled.png'; $extra_alt = JText::_('FLEXI_SCHEDULED_FOR_PUBLICATION', true); } if ($row->publication_expired && $is_published) { $extra_img = 'pushished_expired.png';
$link = 'index.php?option=com_flexicontent&task=category.edit&cid[]=' . $row->id; } else { $link = 'index.php?option=com_flexicontent&controller=categories&task=edit&cid[]=' . $row->id; } if (FLEXI_J16GE) { if (($canEdit || $canEditOwn) && $this->perms->CanAccLvl) { $access = flexicontent_html::userlevel('access[' . $row->id . ']', $row->access, 'onchange="return listItemTask(\'cb' . $i . '\',\'categories.access\')"'); } else { $access = $this->escape($row->access_level); } } else { if (FLEXI_ACCESS) { if (($canEdit || $canEditOwn) && $this->perms->CanAccLvl) { $access = FAccess::accessswitch('category', $row, $i); } else { $access = FAccess::accessswitch('category', $row, $i, 'content', 1); } } else { $access = JHTML::_('grid.access', $row, $i); } } $checked = @JHTML::_('grid.checkedout', $row, $i); $items = 'index.php?option=com_flexicontent&view=items&filter_cats=' . $row->id; ?> <tr class="<?php echo "row{$k}"; ?> "> <td><?php echo $this->pagination->getRowOffset($i); ?>
function &getNotificationsConf(&$params) { static $nConf = null; if ($nConf !== null) { return $nConf; } // (a) Check if notifications are not enabled if (!$params->get('enable_notifications', 0)) { $nConf = false; return $nConf; } $db = JFactory::getDBO(); $nConf = new stdClass(); // (b) Get Content Type specific notifications (that override global) $nConf->userlist_notify_new = FLEXIUtilities::paramToArray($params->get('userlist_notify_new'), $regex = "/[\\s]*,[\\s]*/", $filterfunc = "intval"); $nConf->usergrps_notify_new = FLEXIUtilities::paramToArray($params->get('usergrps_notify_new', array())); $nConf->usergrps_notify_new_fa = FLEXIUtilities::paramToArray($params->get('usergrps_notify_new_fa', array())); $nConf->userlist_notify_new_pending = FLEXIUtilities::paramToArray($params->get('userlist_notify_new_pending'), $regex = "/[\\s]*,[\\s]*/", $filterfunc = "intval"); $nConf->usergrps_notify_new_pending = FLEXIUtilities::paramToArray($params->get('usergrps_notify_new_pending', array())); $nConf->usergrps_notify_new_pending_fa = FLEXIUtilities::paramToArray($params->get('usergrps_notify_new_pending_fa', array())); $nConf->userlist_notify_existing = FLEXIUtilities::paramToArray($params->get('userlist_notify_existing'), $regex = "/[\\s]*,[\\s]*/", $filterfunc = "intval"); $nConf->usergrps_notify_existing = FLEXIUtilities::paramToArray($params->get('usergrps_notify_existing', array())); $nConf->usergrps_notify_existing_fa = FLEXIUtilities::paramToArray($params->get('usergrps_notify_existing_fa', array())); $nConf->userlist_notify_existing_reviewal = FLEXIUtilities::paramToArray($params->get('userlist_notify_existing_reviewal'), $regex = "/[\\s]*,[\\s]*/", $filterfunc = "intval"); $nConf->usergrps_notify_existing_reviewal = FLEXIUtilities::paramToArray($params->get('usergrps_notify_existing_reviewal', array())); $nConf->usergrps_notify_existing_reviewal_fa = FLEXIUtilities::paramToArray($params->get('usergrps_notify_existing_reviewal_fa', array())); // (c) Get category specific notifications if ($params->get('nf_allow_cat_specific')) { $cats = $this->get('categories'); $query = "SELECT params FROM #__categories WHERE id IN (" . implode(',', $cats) . ")"; $db->setQuery($query); $mcats_params = FLEXI_J16GE ? $db->loadColumn() : $db->loadResultArray(); foreach ($mcats_params as $cat_params) { $cat_params = FLEXI_J16GE ? new JRegistry($cat_params) : new JParameter($cat_params); if (!$cat_params->get('cats_enable_notifications', 0)) { continue; } // Skip this category if category-specific notifications are not enabled for this category $cats_userlist_notify_new = FLEXIUtilities::paramToArray($cat_params->get('cats_userlist_notify_new'), $regex = "/[\\s]*,[\\s]*/", $filterfunc = "intval"); $cats_usergrps_notify_new = FLEXIUtilities::paramToArray($cat_params->get('cats_usergrps_notify_new', array())); $cats_usergrps_notify_new_fa = FLEXIUtilities::paramToArray($cat_params->get('cats_usergrps_notify_new_fa', array())); $cats_userlist_notify_new_pending = FLEXIUtilities::paramToArray($cat_params->get('cats_userlist_notify_new_pending'), $regex = "/[\\s]*,[\\s]*/", $filterfunc = "intval"); $cats_usergrps_notify_new_pending = FLEXIUtilities::paramToArray($cat_params->get('cats_usergrps_notify_new_pending', array())); $cats_usergrps_notify_new_pending_fa = FLEXIUtilities::paramToArray($cat_params->get('cats_usergrps_notify_new_pending_fa', array())); $cats_userlist_notify_existing = FLEXIUtilities::paramToArray($cat_params->get('cats_userlist_notify_existing'), $regex = "/[\\s]*,[\\s]*/", $filterfunc = "intval"); $cats_usergrps_notify_existing = FLEXIUtilities::paramToArray($cat_params->get('cats_usergrps_notify_existing', array())); $cats_usergrps_notify_existing_fa = FLEXIUtilities::paramToArray($cat_params->get('cats_usergrps_notify_existing_fa', array())); $cats_userlist_notify_existing_reviewal = FLEXIUtilities::paramToArray($cat_params->get('cats_userlist_notify_existing_reviewal'), $regex = "/[\\s]*,[\\s]*/", $filterfunc = "intval"); $cats_usergrps_notify_existing_reviewal = FLEXIUtilities::paramToArray($cat_params->get('cats_usergrps_notify_existing_reviewal', array())); $cats_usergrps_notify_existing_reviewal_fa = FLEXIUtilities::paramToArray($cat_params->get('cats_usergrps_notify_existing_reviewal_fa', array())); $nConf->userlist_notify_new = array_unique(array_merge($nConf->userlist_notify_new, $cats_userlist_notify_new)); $nConf->usergrps_notify_new = array_unique(array_merge($nConf->usergrps_notify_new, $cats_usergrps_notify_new)); $nConf->usergrps_notify_new_fa = array_unique(array_merge($nConf->usergrps_notify_new_fa, $cats_usergrps_notify_new_fa)); $nConf->userlist_notify_new_pending = array_unique(array_merge($nConf->userlist_notify_new_pending, $cats_userlist_notify_new_pending)); $nConf->usergrps_notify_new_pending = array_unique(array_merge($nConf->usergrps_notify_new_pending, $cats_usergrps_notify_new_pending)); $nConf->usergrps_notify_new_pending_fa = array_unique(array_merge($nConf->usergrps_notify_new_pending_fa, $cats_usergrps_notify_new_pending_fa)); $nConf->userlist_notify_existing = array_unique(array_merge($nConf->userlist_notify_existing, $cats_userlist_notify_existing)); $nConf->usergrps_notify_existing = array_unique(array_merge($nConf->usergrps_notify_existing, $cats_usergrps_notify_existing)); $nConf->usergrps_notify_existing_fa = array_unique(array_merge($nConf->usergrps_notify_existing_fa, $cats_usergrps_notify_existing_fa)); $nConf->userlist_notify_existing_reviewal = array_unique(array_merge($nConf->userlist_notify_existing_reviewal, $cats_userlist_notify_existing_reviewal)); $nConf->usergrps_notify_existing_reviewal = array_unique(array_merge($nConf->usergrps_notify_existing_reviewal, $cats_usergrps_notify_existing_reviewal)); $nConf->usergrps_notify_existing_reviewal_fa = array_unique(array_merge($nConf->usergrps_notify_existing_reviewal_fa, $cats_usergrps_notify_existing_reviewal_fa)); } } //echo "<pre>"; print_r($nConf); exit; // Construct configuation parameter names $nConf_emails = new stdClass(); $notify_types = array('notify_new', 'notify_new_pending', 'notify_existing', 'notify_existing_reviewal'); foreach ($notify_types as $ntype) { $ugrps_fa[$ntype] = 'usergrps_' . $ntype . '_fa'; $ugrps[$ntype] = 'usergrps_' . $ntype; $ulist[$ntype] = 'userlist_' . $ntype; } // (e) Get emails, but first convert user groups to user ids foreach ($notify_types as $ntype) { $user_emails = array(); // emails for user ids $user_emails_ulist = array(); $_user_ids = array(); $_user_names = array(); foreach ($nConf->{$ulist[$ntype]} as $user_id_name) { if (is_numeric($user_id_name)) { $_user_ids[] = (int) $user_id_name; } else { $_user_names[] = $db->Quote($user_id_name); } } if (count($_user_ids) || count($_user_names)) { $query = "SELECT DISTINCT email FROM #__users"; $where_clauses = array(); if (count($_user_ids)) { $where_clauses[] = " id IN (" . implode(",", $_user_ids) . ") "; } if (count($_user_names)) { $_user_names_quoted = array(); foreach ($_user_names as $_user_name) { $_user_names_quoted[] = $db->Quote($_user_name); } $where_clauses[] = " username IN (" . implode(",", $_user_names_quoted) . ") "; } $query .= " WHERE " . implode(' OR ', $where_clauses); $db->setQuery($query); $user_emails_ulist = FLEXI_J16GE ? $db->loadColumn() : $db->loadResultArray(); if ($db->getErrorNum()) { echo $db->getErrorMsg(); } // if ($ntype=='notify_new_pending') { echo "<pre>"; print_r($user_emails_ulist); exit; } } $user_emails_ugrps = array(); if (count($nConf->{$ugrps[$ntype]})) { // emails for user groups if (!FLEXI_J16GE) { $query = "SELECT DISTINCT email FROM #__users WHERE gid IN (" . implode(",", $nConf->{$ugrps[$ntype]}) . ")"; } else { $query = "SELECT DISTINCT email FROM #__users as u" . " JOIN #__user_usergroup_map ugm ON u.id=ugm.user_id AND ugm.group_id IN (" . implode(",", $nConf->{$ugrps[$ntype]}) . ")"; } $db->setQuery($query); $user_emails_ugrps = FLEXI_J16GE ? $db->loadColumn() : $db->loadResultArray(); if ($db->getErrorNum()) { echo $db->getErrorMsg(); } // if ($ntype=='notify_new_pending') { print_r($user_emails_ugrps); exit; } } $user_emails_ugrps_fa = array(); if (FLEXI_ACCESS && count($nConf->{$ugrps_fa[$ntype]})) { $final_groups = array(); foreach ($nConf->{$ugrps_fa[$ntype]} as $fagrpid) { $curr_groups = FAccess::mgenfant($fagrpid); $final_groups = array_unique(array_merge($final_groups, $curr_groups)); } //print_r($final_groups); exit; // emails for flexiaccess user groups $query = "SELECT DISTINCT email FROM #__users as u" . " JOIN #__flexiaccess_groups ugm ON u.username=ugm.name AND ugm.type=2 AND ugm.id IN (" . implode(",", $final_groups) . ")"; $db->setQuery($query); $user_emails_ugrps_fa_individual = FLEXI_J16GE ? $db->loadColumn() : $db->loadResultArray(); if ($db->getErrorNum()) { echo $db->getErrorMsg(); } // emails for flexiaccess user groups $query = "SELECT DISTINCT email FROM #__users as u" . " JOIN #__flexiaccess_members ugm ON u.id=ugm.member_id AND ugm.group_id IN (" . implode(",", $final_groups) . ")"; $db->setQuery($query); $user_emails_ugrps_fa_collective = FLEXI_J16GE ? $db->loadColumn() : $db->loadResultArray(); if ($db->getErrorNum()) { echo $db->getErrorMsg(); } $user_emails_ugrps_fa = array_unique(array_merge($user_emails_ugrps_fa_individual, $user_emails_ugrps_fa_collective)); // if ($ntype=='notify_new_pending') { print_r($user_emails_ugrps_fa); exit; } } // merge them $user_emails = array_unique(array_merge($user_emails_ulist, $user_emails_ugrps, $user_emails_ugrps_fa)); $nConf_emails->{$ntype} = $user_emails; } $nConf->emails = $nConf_emails; //echo "<pre>"; print_r($nConf); exit; return $nConf; }
/** * Method to load the Category * * @access public * @return array */ function getCategory($pk = null, $raiseErrors = true, $checkAccess = true) { //initialize some vars $app = JFactory::getApplication(); $user = JFactory::getUser(); $cparams = $this->_params; if ($pk) { $this->_id = $pk; } // Set a specific id $cat_usable = !$this->_layout || $this->_layout != 'mcats'; if ($this->_id && $cat_usable) { // ************************************************************************************************************ // Retrieve category data, but ONLY if current layout can use it, ('mcats' does not since it uses multiple ids) // ************************************************************************************************************ $query = 'SELECT c.*,' . ' CASE WHEN CHAR_LENGTH(c.alias) THEN CONCAT_WS(\':\', c.id, c.alias) ELSE c.id END as slug' . ' FROM #__categories AS c' . ' WHERE c.id = ' . $this->_id . ' AND c.published = 1 ' . (FLEXI_J16GE ? ' AND c.extension=' . $this->_db->Quote(FLEXI_CAT_EXTENSION) : ''); $this->_db->setQuery($query); $_category = $this->_db->loadObject(); if ($this->_db->getErrorNum()) { JFactory::getApplication()->enqueueMessage(__FUNCTION__ . '(): SQL QUERY ERROR:<br/>' . nl2br($this->_db->getErrorMsg()), 'error'); } } else { $_category = false; } // ******************************************************************************* // Check category was found / is published, and throw an error. Note that an empty // layout means single category view, so raise an error if category id is missing // ******************************************************************************* if (($this->_id || $this->_layout == '') && $cat_usable && !$_category) { $err_mssg = $err_type = false; if (!$_category) { $err_mssg = JText::sprintf('FLEXI_CONTENT_CATEGORY_NOT_FOUND_OR_NOT_PUBLISHED', $this->_id); $err_type = 404; } // Throw error -OR- return if errors suppresed if ($err_mssg) { if (!$raiseErrors) { return false; } if (FLEXI_J16GE) { throw new Exception($err_mssg, $err_type); } else { JError::raiseError($err_type, $err_mssg); } } } // ********************************************************************* // Some layouts optionally limit to a specific category, for these // create an empty category data object (if one was not created already) // ********************************************************************* if ($this->_layout) { if ($this->_layout != 'mcats' && !empty($_category)) { $this->_category = $_category; } else { $this->_category = new stdClass(); $this->_category->published = 1; $this->_category->id = $this->_id; // can be zero for layouts: author/myitems/favs/tags, etc $this->_category->title = ''; $this->_category->description = ''; $this->_category->slug = ''; $this->_category->ids = $this->_ids; // mcats layout but it can be empty, to allow all categories } } else { $this->_category = $_category; } // ***************************************************** // Check for proper layout configuration and throw error // ***************************************************** if ($this->_layout) { $err_mssg = $err_type = false; if (!in_array($this->_layout, array('favs', 'tags', 'mcats', 'myitems', 'author'))) { $err_mssg = JText::sprintf('FLEXI_CONTENT_LIST_LAYOUT_IS_NOT_SUPPORTED', $this->_layout); $err_type = 404; } else { if ($this->_layout == 'author' && !$this->_authorid) { $err_mssg = JText::_('FLEXI_CANNOT_LIST_CONTENT_AUTHORID_NOT_SET'); $err_type = 404; } else { if ($this->_layout == 'tags' && !$this->_tagid) { $err_mssg = JText::_('FLEXI_CANNOT_LIST_CONTENT_TAGID_NOT_SET'); $err_type = 404; } else { if ($this->_layout == 'myitems' && !$this->_authorid) { $err_mssg = JText::_('FLEXI_LOGIN_TO_DISPLAY_YOUR_CONTENT'); $err_type = 403; $login_redirect = true; } else { if ($this->_layout == 'favs' && !$this->_authorid) { $err_mssg = JText::_('FLEXI_LOGIN_TO_DISPLAY_YOUR_CONTENT'); $err_type = 403; $login_redirect = true; } } } } } // Raise a notice and redirect if ($err_mssg) { if (!$raiseErrors) { return false; } if (!empty($login_redirect)) { // redirect unlogged user to login $uri = JFactory::getURI(); $return = $uri->toString(); $com_users = FLEXI_J16GE ? 'com_users' : 'com_user'; $url = $cparams->get('login_page', 'index.php?option=' . $com_users . '&view=login'); $return = strtr(base64_encode($return), '+/=', '-_,'); $url .= '&return=' . $return; // '&return='.base64_encode($return); $url .= '&isfcurl=1'; JError::raiseWarning($err_type, $err_mssg); $app->redirect($url); } else { if (FLEXI_J16GE) { throw new Exception($err_mssg, $err_type); } else { JError::raiseError($err_type, $err_mssg); } } } } // ******************************************************* // Set category parameters, these have already been loaded // ******************************************************* $this->_category->parameters = $this->_params; // ****************************************************************** // Check whether category access level allows access and throw errors // but skip checking Access if so requested via function parameter // ****************************************************************** if (!$checkAccess) { return $this->_category; } $canread = true; if ($this->_id) { if (FLEXI_J16GE) { $aid_arr = JAccess::getAuthorisedViewLevels($user->id); $canread = in_array($this->_category->access, $aid_arr); } else { $aid = (int) $user->get('aid'); $canread = FLEXI_ACCESS ? FAccess::checkAllItemReadAccess('com_content', 'read', 'users', $user->gmid, 'category', $this->_category->id) : $this->_category->access <= $aid; } } if (!$canread && $this->_id != 0) { if ($user->guest) { // Redirect to login $uri = JFactory::getURI(); $return = $uri->toString(); $com_users = FLEXI_J16GE ? 'com_users' : 'com_user'; $url = $cparams->get('login_page', 'index.php?option=' . $com_users . '&view=login'); $return = strtr(base64_encode($return), '+/=', '-_,'); $url .= '&return=' . $return; // '&return='.base64_encode($return); $url .= '&isfcurl=1'; JError::raiseWarning(403, JText::sprintf("FLEXI_LOGIN_TO_ACCESS", $url)); $app->redirect($url); } else { if ($cparams->get('unauthorized_page', '')) { $app->redirect($cparams->get('unauthorized_page')); } else { JError::raiseWarning(403, JText::_("FLEXI_ALERTNOTAUTH_VIEW")); $app->redirect('index.php'); } } } return $this->_category; }
<td align="center"> <?php $is_authorised = $this->CanFiles && ($this->CanViewAllFiles || $user->id == $row->uploaded_by); if (FLEXI_J16GE) { if ($is_authorised) { $access = flexicontent_html::userlevel('access[' . $row->id . ']', $row->access, 'onchange="return listItemTask(\'cb' . $i . '\',\'filemanager.access\')"'); } else { $access = strlen($row->access_level) ? $this->escape($row->access_level) : '-'; } } else { if (FLEXI_ACCESS) { if ($is_authorised) { $access = FAccess::accessswitch('file', $row, $i); } else { $access = FAccess::accessswitch('file', $row, $i, 'content', 1); } } else { $access = JHTML::_('grid.access', $row, $i); } } echo $access; ?> </td> <?php if (!$this->folder_mode) { ?> <?php // Set a row language, even if empty to avoid errors $row->language = @$row->language ? $row->language : '*';
/** * Method to build the WHERE clause * * @access private * @return string */ function _buildItemWhere() { $user = JFactory::getUser(); $db = JFactory::getDBO(); // Get the view's parameters $cparams = $this->_params; // Date-Times are stored as UTC, we should use current UTC time to compare and not user time (requestTime), // thus the items are published globally at the time the author specified in his/her local clock //$app = JFactory::getApplication(); //$now = FLEXI_J16GE ? $app->requestTime : $app->get('requestTime'); // NOT correct behavior it should be UTC (below) //$date = JFactory::getDate(); //$now = FLEXI_J16GE ? $date->toSql() : $date->toMySQL(); // NOT good if string passed to function that will be cached, because string continuesly different $_nowDate = 'UTC_TIMESTAMP()'; //$db->Quote($now); $nullDate = $db->getNullDate(); // First thing we need to do is to select only the requested FAVOURED items $where = ' WHERE fav.userid = ' . (int) $user->get('id'); // Get privilege to view non viewable items (upublished, archived, trashed, expired, scheduled). // NOTE: ACL view level is checked at a different place if (FLEXI_J16GE) { $ignoreState = $user->authorise('flexicontent.ignoreviewstate', 'com_flexicontent'); } else { if (FLEXI_ACCESS) { $ignoreState = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'ignoreviewstate', 'users', $user->gmid) : 1; } else { $ignoreState = $user->gid > 19; } } // author has 19 and editor has 20 if (!$ignoreState) { // Limit by publication state. Exception: when displaying personal user items or items modified by the user $where .= ' AND ( i.state IN (1, -5) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )'; //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )'; // Limit by publish up/down dates. Exception: when displaying personal user items or items modified by the user $where .= ' AND ( ( i.publish_up = ' . $this->_db->Quote($nullDate) . ' OR i.publish_up <= ' . $_nowDate . ' ) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )'; //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )'; $where .= ' AND ( ( i.publish_down = ' . $this->_db->Quote($nullDate) . ' OR i.publish_down >= ' . $_nowDate . ' ) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )'; //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )'; } $where .= !FLEXI_J16GE ? ' AND i.sectionid = ' . FLEXI_SECTION : ''; /* * If we have a filter, and this is enabled... lets tack the AND clause * for the filter onto the WHERE clause of the item query. */ // **************************************** // Create WHERE clause part for Text Search // **************************************** $text = JRequest::getString('filter', JRequest::getString('q', ''), 'default'); // Check for LIKE %word% search, for languages without spaces $filter_word_like_any = $cparams->get('filter_word_like_any', 0); $phrase = $filter_word_like_any ? JRequest::getWord('searchphrase', JRequest::getWord('p', 'any'), 'default') : JRequest::getWord('searchphrase', JRequest::getWord('p', 'exact'), 'default'); $si_tbl = 'flexicontent_items_ext'; $search_prefix = $cparams->get('add_search_prefix') ? 'vvv' : ''; // SEARCH WORD Prefix $text = !$search_prefix ? trim($text) : preg_replace('/(\\b[^\\s,\\.]+\\b)/u', $search_prefix . '$0', trim($text)); $words = preg_split('/\\s\\s*/u', $text); if (strlen($text)) { $ts = 'ie'; $escaped_text = FLEXI_J16GE ? $db->escape($text, true) : $db->getEscaped($text, true); $quoted_text = $db->Quote($escaped_text, false); switch ($phrase) { case 'natural': $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ') '; break; case 'natural_expanded': $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' WITH QUERY EXPANSION) '; break; case 'exact': $stopwords = array(); $shortwords = array(); if (!$search_prefix) { $words = flexicontent_db::removeInvalidWords($words, $stopwords, $shortwords, $si_tbl, 'search_index', $isprefix = 0); } if (empty($words)) { // All words are stop-words or too short, we could try to execute a query that only contains a LIKE %...% , but it would be too slow JRequest::setVar('ignoredwords', implode(' ', $stopwords)); JRequest::setVar('shortwords', implode(' ', $shortwords)); $_text_match = ' 0=1 '; } else { // speed optimization ... 2-level searching: first require ALL words, then require exact text $newtext = '+' . implode(' +', $words); $quoted_text = FLEXI_J16GE ? $db->escape($newtext, true) : $db->getEscaped($newtext, true); $quoted_text = $db->Quote($quoted_text, false); $exact_text = $db->Quote('%' . $escaped_text . '%', false); $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' IN BOOLEAN MODE) AND ' . $ts . '.search_index LIKE ' . $exact_text; } break; case 'all': $stopwords = array(); $shortwords = array(); if (!$search_prefix) { $words = flexicontent_db::removeInvalidWords($words, $stopwords, $shortwords, $si_tbl, 'search_index', $isprefix = 1); } JRequest::setVar('ignoredwords', implode(' ', $stopwords)); JRequest::setVar('shortwords', implode(' ', $shortwords)); $newtext = '+' . implode('* +', $words) . '*'; $quoted_text = FLEXI_J16GE ? $db->escape($newtext, true) : $db->getEscaped($newtext, true); $quoted_text = $db->Quote($quoted_text, false); $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' IN BOOLEAN MODE) '; break; case 'any': default: $stopwords = array(); $shortwords = array(); if (!$search_prefix) { $words = flexicontent_db::removeInvalidWords($words, $stopwords, $shortwords, $si_tbl, 'search_index', $isprefix = 1); } JRequest::setVar('ignoredwords', implode(' ', $stopwords)); JRequest::setVar('shortwords', implode(' ', $shortwords)); $newtext = implode('* ', $words) . '*'; $quoted_text = FLEXI_J16GE ? $db->escape($newtext, true) : $db->getEscaped($newtext, true); $quoted_text = $db->Quote($quoted_text, false); $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' IN BOOLEAN MODE) '; break; } $where .= ' AND ' . $_text_match; } return $where; }
function display($tpl = null) { //initialise variables $app = JFactory::getApplication(); $document = JFactory::getDocument(); $cparams = JComponentHelper::getParams('com_flexicontent'); $user = JFactory::getUser(); //add css to document $document->addStyleSheetVersion(JURI::base(true) . '/components/com_flexicontent/assets/css/flexicontentbackend.css', FLEXI_VHASH); $document->addStyleSheetVersion(JURI::base(true) . '/components/com_flexicontent/assets/css/j3x.css', FLEXI_VHASH); // Add JS frameworks flexicontent_html::loadFramework('select2'); // Add js function to overload the joomla submitform validation JHTML::_('behavior.formvalidation'); // load default validation JS to make sure it is overriden $document->addScriptVersion(JURI::root(true) . '/components/com_flexicontent/assets/js/admin.js', FLEXI_VHASH); $document->addScriptVersion(JURI::root(true) . '/components/com_flexicontent/assets/js/validate.js', FLEXI_VHASH); //Load pane behavior jimport('joomla.html.pane'); //Get data from the model $model = $this->getModel(); $row = $this->get(FLEXI_J16GE ? 'Item' : 'Type'); $form = $this->get('Form'); $themes = flexicontent_tmpl::getTemplates(); $tmpls = $themes->items; //create the toolbar if ($row->id) { JToolBarHelper::title(JText::_('FLEXI_EDIT_TYPE'), 'typeedit'); } else { JToolBarHelper::title(JText::_('FLEXI_ADD_TYPE'), 'typeadd'); } $ctrl = FLEXI_J16GE ? 'types.' : ''; JToolBarHelper::apply($ctrl . 'apply'); JToolBarHelper::save($ctrl . 'save'); JToolBarHelper::custom($ctrl . 'saveandnew', 'savenew.png', 'savenew.png', 'FLEXI_SAVE_AND_NEW', false); JToolBarHelper::cancel($ctrl . 'cancel'); // fail if checked out not by 'me' if ($row->id) { if ($model->isCheckedOut($user->get('id'))) { JError::raiseWarning('SOME_ERROR_CODE', $row->name . ' ' . JText::_('FLEXI_EDITED_BY_ANOTHER_ADMIN')); $app->redirect('index.php?option=com_flexicontent&view=types'); } } if (FLEXI_ACCESS) { $itemscreatable[] = JHTML::_('select.option', 0, JText::_('FLEXI_ANY_AUTHOR')); $itemscreatable[] = JHTML::_('select.option', 1, JText::_('FLEXI_USE_ACL_TO_HIDE')); $itemscreatable[] = JHTML::_('select.option', 2, JText::_('FLEXI_USE_ACL_TO_DISABLE')); $itemscreatable_fieldname = FLEXI_J16GE ? 'jform[itemscreatable]' : 'itemscreatable'; $lists['itemscreatable'] = JHTML::_('select.genericlist', $itemscreatable, $itemscreatable_fieldname, '', 'value', 'text', $row->itemscreatable); } //build access level list if (!FLEXI_J16GE) { if (FLEXI_ACCESS) { $lang = JFactory::getLanguage(); $lang->_strings['FLEXIACCESS_PADD'] = 'Create Items'; $lists['access'] = FAccess::TabGmaccess($row, 'type', 1, 1, 0, 0, 0, 0, 0, 0, 0); } else { $lists['access'] = JHTML::_('list.accesslevel', $row); } } if (!FLEXI_J16GE) { //clean data JFilterOutput::objectHTMLSafe($row, ENT_QUOTES); //create the parameter form $form = new JParameter($row->attribs, JPATH_COMPONENT . DS . 'models' . DS . 'type.xml'); //$form->loadINI($row->attribs); //echo "<pre>"; print_r($form->_xml['themes']->_children[0]); echo "<pre>"; print_r($form->_xml['themes']->param[0]); exit; foreach ($form->_xml['themes']->_children as $i => $child) { if (isset($child->_attributes['enableparam']) && !$cparams->get($child->_attributes['enableparam'])) { unset($form->_xml['themes']->_children[$i]); unset($form->_xml['themes']->param[$i]); } } } // Apply Template Parameters values into the form fields structures foreach ($tmpls as $tmpl) { if (FLEXI_J16GE) { $jform = new JForm('com_flexicontent.template.item', array('control' => 'jform', 'load_data' => true)); $jform->load($tmpl->params); $tmpl->params = $jform; // ... values applied at the template form file } else { $tmpl->params->loadINI($row->attribs); } } //assign data to template // assign permissions for J2.5 if (FLEXI_J16GE) { $permission = FlexicontentHelperPerm::getPerm(); $this->assignRef('permission', $permission); } $this->assignRef('document', $document); $this->assignRef('row', $row); $this->assignRef('form', $form); $this->assignRef('tmpls', $tmpls); if (!FLEXI_J16GE) { $pane = JPane::getInstance('sliders'); $this->assignRef('pane', $pane); $this->assignRef('lists', $lists); } parent::display($tpl); }
function display($tpl = null) { global $globalcats; $app = JFactory::getApplication(); $user = JFactory::getUser(); $document = JFactory::getDocument(); if (FLEXI_J16GE) { JFactory::getLanguage()->load('com_categories', JPATH_ADMINISTRATOR, 'en-GB', true); JFactory::getLanguage()->load('com_categories', JPATH_ADMINISTRATOR, null, true); } // *********************************************************** // Get category data, and check if item is already checked out // *********************************************************** // Get data from the model $model = $this->getModel(); if (FLEXI_J16GE) { $row = $this->get('Item'); $form = $this->get('Form'); } else { $row = $this->get('Category'); } $catparams = FLEXI_J16GE ? new JRegistry($row->params) : new JParameter($row->params); $cid = $row->id; $isnew = !$cid; // Check category is checked out by different editor / administrator if (!$isnew && $model->isCheckedOut($user->get('id'))) { JError::raiseWarning('SOME_ERROR_CODE', $row->title . ' ' . JText::_('FLEXI_EDITED_BY_ANOTHER_ADMIN')); $app->redirect('index.php?option=com_flexicontent&view=categories'); } // *************************************************************************** // Currently access checking for category add/edit form , it is done here, for // most other views we force going though the controller and checking it there // *************************************************************************** // ********************************************************************************************* // Global Permssions checking (needed because this view can be called without a controller task) // ********************************************************************************************* // Get global permissions $perms = FlexicontentHelperPerm::getPerm(); // handles super admins correctly // Check no access to categories management (Global permission) if (!$perms->CanCats) { $app->redirect('index.php?option=com_flexicontent', JText::_('FLEXI_NO_ACCESS')); } // Check no privilege to create new categories (Global permission) if ($isnew && !$perms->CanAddCats) { JError::raiseWarning(403, JText::_('FLEXI_NO_ACCESS_CREATE')); $app->redirect('index.php?option=com_flexicontent'); } // ************************************************************************************ // Record Permssions (needed because this view can be called without a controller task) // ************************************************************************************ // Get edit privilege for current category if (!$isnew) { if (FLEXI_J16GE) { $isOwner = $row->get('created_by') == $user->id; $rights = FlexicontentHelperPerm::checkAllItemAccess($user->id, 'category', $cid); $canedit_cat = in_array('edit', $rights) || in_array('edit.own', $rights) && $isOwner; } else { if (FLEXI_ACCESS) { $rights = FAccess::checkAllItemAccess('com_content', 'users', $user->gmid, 0, $row->id); $canedit_cat = $user->gid < 25 ? in_array('edit', $rights) || in_array('editown', $rights) : 1; } else { $canedit_cat = true; } } } // Get if we can create inside at least one (com_content) category if (!FLEXI_J16GE || $user->authorise('core.create', 'com_flexicontent')) { $cancreate_cat = true; } else { $usercats = FlexicontentHelperPerm::getAllowedCats($user, $actions_allowed = array('core.create'), $require_all = true, $check_published = true, $specific_catids = false, $find_first = true); $cancreate_cat = count($usercats) > 0; } // Creating new category: Check if user can create inside any existing category if ($isnew && !$cancreate_cat) { $acc_msg = JText::_('FLEXI_NO_ACCESS_CREATE') . "<br/>" . (FLEXI_J16GE ? JText::_('FLEXI_CANNOT_ADD_CATEGORY_REASON') : ""); JError::raiseWarning(403, $acc_msg); $app->redirect('index.php?option=com_flexicontent&view=categories'); } // Editing existing category: Check if user can edit existing (current) category if (!$isnew && !$canedit_cat) { $acc_msg = JText::_('FLEXI_NO_ACCESS_EDIT') . "<br/>" . JText::_('FLEXI_CANNOT_EDIT_CATEGORY_REASON'); JError::raiseWarning(403, $acc_msg); $app->redirect('index.php?option=com_flexicontent&view=categories'); } // ************************************************** // Include needed files and add needed js / css files // ************************************************** FLEXI_J30GE ? JHtml::_('behavior.framework', true) : JHTML::_('behavior.mootools'); flexicontent_html::loadFramework('jQuery'); flexicontent_html::loadFramework('select2'); // Load pane behavior jimport('joomla.html.pane'); // Load tooltips JHTML::_('behavior.tooltip'); // Add css to document $document->addStyleSheet(JURI::base() . 'components/com_flexicontent/assets/css/flexicontentbackend.css'); if (FLEXI_J30GE) { $document->addStyleSheet(JURI::base() . 'components/com_flexicontent/assets/css/j3x.css'); } else { if (FLEXI_J16GE) { $document->addStyleSheet(JURI::base() . 'components/com_flexicontent/assets/css/j25.css'); } else { $document->addStyleSheet(JURI::base() . 'components/com_flexicontent/assets/css/j15.css'); } } // Add js function to overload the joomla submitform $document->addScript(JURI::root() . 'components/com_flexicontent/assets/js/admin.js'); $document->addScript(JURI::root() . 'components/com_flexicontent/assets/js/validate.js'); // ******************** // Initialise variables // ******************** $editor_name = $user->getParam('editor', $app->getCfg('editor')); $editor = JFactory::getEditor($editor_name); $cparams = JComponentHelper::getParams('com_flexicontent'); $bar = JToolBar::getInstance('toolbar'); if (!FLEXI_J16GE) { $pane = JPane::getInstance('sliders'); $tpane = JPane::getInstance('tabs', array('startOffset' => 0, 'allowAllClose' => true, 'opacityTransition' => true, 'duration' => 600)); } $categories = $globalcats; // ****************** // Create the toolbar // ****************** // Create Toolbar title and add the preview button if (!$isnew) { JToolBarHelper::title(JText::_('FLEXI_EDIT_CATEGORY'), 'fc_categoryedit'); $autologin = $cparams->get('autoflogin', 1) ? '&fcu=' . $user->username . '&fcp=' . $user->password : ''; $previewlink = JRoute::_(JURI::root() . FlexicontentHelperRoute::getCategoryRoute($categories[$cid]->slug)) . $autologin; // Add a preview button $bar->appendButton('Custom', '<a class="preview btn btn-small" href="' . $previewlink . '" target="_blank"><span title="' . JText::_('Preview') . '" class="icon-32-preview"></span>' . JText::_('Preview') . '</a>', 'preview'); } else { JToolBarHelper::title(JText::_('FLEXI_NEW_CATEGORY'), 'fc_categoryadd'); } // Add apply and save buttons if (FLEXI_J16GE) { JToolBarHelper::apply('category.apply'); JToolBarHelper::save('category.save'); } else { JToolBarHelper::apply(); JToolBarHelper::save(); } // Add a save and new button, if user can create inside at least one (com_content) category if ($cancreate_cat) { if (FLEXI_J16GE) { JToolBarHelper::save2new('category.save2new'); } else { JToolBarHelper::custom('saveandnew', 'savenew.png', 'savenew.png', 'FLEXI_SAVE_AND_NEW', false); } } // Add a save as copy button, if editing an existing category (J2.5 only) if (FLEXI_J16GE && !$isnew && $cancreate_cat) { JToolBarHelper::save2copy('category.save2copy'); } // Add a cancel or close button if ($isnew) { if (FLEXI_J16GE) { JToolBarHelper::cancel('category.cancel'); } else { JToolBarHelper::cancel(); } } else { if (FLEXI_J16GE) { JToolBarHelper::cancel('category.cancel', 'JTOOLBAR_CLOSE'); } else { JToolBarHelper::custom('cancel', 'cancel.png', 'cancel.png', 'CLOSE', false); } } // ******************************************* // Prepare data to pass to the form's template // ******************************************* if (!FLEXI_J16GE) { //clean data JFilterOutput::objectHTMLSafe($row, ENT_QUOTES, 'description'); // Create the form $form = new JParameter($row->params, JPATH_COMPONENT . DS . 'models' . DS . 'category.xml'); //$form->loadINI($row->attribs); //echo "<pre>"; print_r($form->_xml['templates']->_children[0]); echo "<pre>"; print_r($form->_xml['templates']->param[0]); exit; foreach ($form->_xml['templates']->_children as $i => $child) { if (isset($child->_attributes['enableparam']) && !$cparams->get($child->_attributes['enableparam'])) { unset($form->_xml['templates']->_children[$i]); unset($form->_xml['templates']->param[$i]); } } foreach ($form->_xml['special']->_children as $i => $child) { if (isset($child->_attributes['enableparam']) && !$cparams->get($child->_attributes['enableparam'])) { unset($form->_xml['special']->_children[$i]); unset($form->_xml['special']->param[$i]); } } } // ********************************************************************************** // Get Templates and apply Template Parameters values into the form fields structures // ********************************************************************************** $themes = flexicontent_tmpl::getTemplates(); $tmpls = $themes->category; foreach ($tmpls as $tmpl) { if (FLEXI_J16GE) { $jform = new JForm('com_flexicontent.template.category', array('control' => 'jform', 'load_data' => true)); $jform->load($tmpl->params); $tmpl->params = $jform; // ... values applied at the template form file } else { $tmpl->params->loadINI($row->params); } } //build selectlists $Lists = array(); if (!FLEXI_J16GE) { $javascript = "onchange=\"javascript:if (document.forms[0].image.options[selectedIndex].value!='') {document.imagelib.src='../images/stories/' + document.forms[0].image.options[selectedIndex].value} else {document.imagelib.src='../images/blank.png'}\""; $Lists['imagelist'] = JHTML::_('list.images', 'image', $row->image, $javascript, '/images/stories/'); $Lists['access'] = JHTML::_('list.accesslevel', $row); // build granular access list if (FLEXI_ACCESS) { $Lists['access'] = FAccess::TabGmaccess($row, 'category', 1, 1, 1, 1, 1, 1, 1, 1, 1); } } $check_published = false; $check_perms = true; $actions_allowed = array('core.create'); $fieldname = FLEXI_J16GE ? 'jform[parent_id]' : 'parent_id'; $Lists['parent_id'] = flexicontent_cats::buildcatselect($categories, $fieldname, $row->parent_id, $top = 1, 'class="use_select2_lib"', $check_published, $check_perms, $actions_allowed, $require_all = true, $skip_subtrees = array(), $disable_subtrees = array($row->id)); $check_published = false; $check_perms = true; $actions_allowed = array('core.edit', 'core.edit.own'); $fieldname = FLEXI_J16GE ? 'jform[copycid]' : 'copycid'; $Lists['copycid'] = flexicontent_cats::buildcatselect($categories, $fieldname, '', $top = 2, 'class="use_select2_lib"', $check_published, $check_perms, $actions_allowed, $require_all = false); $custom_options[''] = 'FLEXI_USE_GLOBAL'; $custom_options['0'] = 'FLEXI_COMPONENT_ONLY'; $custom_options['-1'] = 'FLEXI_PARENT_CAT_MULTI_LEVEL'; $check_published = false; $check_perms = true; $actions_allowed = array('core.edit', 'core.edit.own'); $fieldname = FLEXI_J16GE ? 'jform[special][inheritcid]' : 'params[inheritcid]'; $Lists['inheritcid'] = flexicontent_cats::buildcatselect($categories, $fieldname, $catparams->get('inheritcid', ''), $top = false, 'class="use_select2_lib"', $check_published, $check_perms, $actions_allowed, $require_all = false, $skip_subtrees = array(), $disable_subtrees = array(), $custom_options); // ************************ // Assign variables to view // ************************ $this->assignRef('document', $document); $this->assignRef('Lists', $Lists); $this->assignRef('row', $row); $this->assignRef('form', $form); $this->assignRef('perms', $perms); $this->assignRef('editor', $editor); $this->assignRef('tmpls', $tmpls); $this->assignRef('cparams', $cparams); if (!FLEXI_J16GE) { $this->assignRef('pane', $pane); $this->assignRef('tpane', $tpane); } parent::display($tpl); }
/** * Method to fetch the tags form * * @since 1.5 */ function gettags() { $id = JRequest::getInt('id', 0); $model = $this->getModel('item'); $tags = $model->gettags(); $user = JFactory::getUser(); $used = null; if ($id) { $used = $model->getUsedtagsIds($id); } if (!is_array($used)) { $used = array(); } if (FLEXI_J16GE) { $permission = FlexicontentHelperPerm::getPerm(); $CanNewTags = $permission->CanNewTags; $CanUseTags = $permission->CanUseTags; } if (FLEXI_ACCESS) { $CanNewTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'newtags', 'users', $user->gmid) : 1; $CanUseTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'usetags', 'users', $user->gmid) : 1; } else { // no FLEXIAccess everybody can create / use tags $CanNewTags = 1; $CanUseTags = 1; } $CanUseTags = $CanUseTags ? '' : ' disabled="disabled"'; $n = count($tags); $rsp = ''; if ($n > 0) { $rsp .= '<div class="qf_tagbox">'; $rsp .= '<ul>'; for ($i = 0, $n; $i < $n; $i++) { $tag = $tags[$i]; $rsp .= '<li><div><span class="qf_tagidbox"><input type="checkbox" name="tag[]" value="' . $tag->id . '"' . (in_array($tag->id, $used) ? 'checked="checked"' : '') . $CanUseTags . ' /></span>' . $tag->name . '</div></li>'; if ($CanUseTags && in_array($tag->id, $used)) { $rsp .= '<input type="hidden" name="tag[]" value="' . $tag->id . '" />'; } } $rsp .= '</ul>'; $rsp .= '</div>'; $rsp .= '<div class="clear"></div>'; } if ($CanNewTags) { $rsp .= '<div class="qf_addtag">'; $rsp .= '<label for="addtags">' . JText::_('FLEXI_ADD_TAG') . '</label>'; $rsp .= '<input type="text" id="tagname" class="inputbox" size="30" />'; $rsp .= '<input type="button" class="fc_button" value="' . JText::_('FLEXI_ADD') . '" onclick="addtag()" />'; $rsp .= '</div>'; } echo $rsp; }
/** * Method to get data of filters * * @access public * @return object * @since 1.5 */ static function &getFilters($filt_param = 'filters', $usage_param = 'use_filters', &$params = null, $check_access = true) { // Parameter that controls using these filters $filters = array(); if ($usage_param != '__ALL_FILTERS__' && $params && !$params->get($usage_param, 0)) { return $filters; } // Get Filter IDs, false means do retrieve any filter $filter_ids = $params ? $params->get($filt_param, array()) : array(); if ($filter_ids === false) { return $filters; } // Check if array or comma separated list if (!is_array($filter_ids)) { $filter_ids = preg_split("/\\s*,\\s*/u", $filter_ids); if (empty($filter_ids[0])) { unset($filter_ids[0]); } } // Sanitize the given filter_ids ... just in case $filter_ids = array_filter($filter_ids, 'is_numeric'); // array_flip to get unique filter ids as KEYS (due to flipping) ... and then array_keys to get filter_ids in 0,1,2, ... array $filter_ids = array_keys(array_flip($filter_ids)); $user = JFactory::getUser(); $db = JFactory::getDBO(); // None selected filters means ALL $and_scope = $usage_param != '__ALL_FILTERS__' && count($filter_ids) ? ' AND fi.id IN (' . implode(',', $filter_ids) . ')' : ''; // Use ACCESS Level, usually this is only for shown filters $and_access = ''; if ($check_access) { if (FLEXI_J16GE) { $aid_arr = JAccess::getAuthorisedViewLevels($user->id); $aid_list = implode(",", $aid_arr); $and_access = ' AND fi.access IN (0,' . $aid_list . ') '; } else { $aid = (int) $user->get('aid'); if (FLEXI_ACCESS) { $readperms = FAccess::checkUserElementsAccess($user->gmid, 'read'); if (isset($readperms['field']) && count($readperms['field'])) { $and_access = ' AND ( fi.access <= ' . $aid . ' OR fi.id IN (' . implode(",", $readperms['field']) . ') )'; } else { $and_access = ' AND fi.access <= ' . $aid; } } else { $and_access = ' AND fi.access <= ' . $aid; } } } // Create and execute SQL query for retrieving filters $query = 'SELECT fi.*' . ' FROM #__flexicontent_fields AS fi' . ' WHERE fi.published = 1' . ' AND fi.isfilter = 1' . $and_access . $and_scope . ' ORDER BY fi.ordering, fi.name'; $db->setQuery($query); $filters = $db->loadObjectList('id'); if (!$filters) { $filters = array(); // need to do this because we return reference, but false here will also mean an error return $filters; } // Order filters according to given order $filters_tmp = array(); if ($params->get('filters_order', 0) && !empty($filter_ids) && $usage_param != '__ALL_FILTERS__') { foreach ($filter_ids as $filter_id) { if (empty($filters[$filter_id])) { continue; } $filter = $filters[$filter_id]; $filters_tmp[$filter->name] = $filter; } } else { foreach ($filters as $filter) { $filters_tmp[$filter->name] = $filter; } } $filters = $filters_tmp; // Create filter parameters, language filter label, etc foreach ($filters as $filter) { $filter->parameters = FLEXI_J16GE ? new JRegistry($filter->attribs) : new JParameter($filter->attribs); $filter->label = JText::_($filter->label); } // Return found filters return $filters; }
/** * Method to select new state for many items * * @since 1.5 */ function selectstate() { $user = JFactory::getUser(); // General permission since we do not have a specific item yet if (FLEXI_J16GE) { $permission = FlexicontentHelperPerm::getPerm(); $auth_publish = $permission->CanPublish || $permission->CanPublishOwn; $auth_delete = $permission->CanDelete || $permission->CanDeleteOwn; $auth_archive = $permission->CanArchives; } else { if (FLEXI_ACCESS) { $auth_publish = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'publish', 'users', $user->gmid) || FAccess::checkComponentAccess('com_content', 'publishown', 'users', $user->gmid) : 1; $auth_delete = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'delete', 'users', $user->gmid) || FAccess::checkComponentAccess('com_content', 'deleteown', 'users', $user->gmid) : 1; $auth_archive = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'archives', 'users', $user->gmid) : 1; } else { $auth_publish = $user->authorize('com_content', 'publish', 'content', 'all'); $auth_delete = $user->gid >= 23; // is at least manager $auth_archive = $user->gid >= 23; // is at least manager } } if ($auth_publish || $auth_archive || $auth_delete) { //header('Content-type: application/json'); @ob_end_clean(); header('Content-type: text/html; charset=utf-8'); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Cache-Control: no-cache"); header("Pragma: no-cache"); if (FLEXI_J30GE) { $fc_css = JURI::base(true) . '/components/com_flexicontent/assets/css/j3x.css'; } else { if (FLEXI_J16GE) { $fc_css = JURI::base(true) . '/components/com_flexicontent/assets/css/j25.css'; } } echo ' <link rel="stylesheet" href="' . JURI::base(true) . '/components/com_flexicontent/assets/css/flexicontentbackend.css" /> <link rel="stylesheet" href="' . $fc_css . '" /> <link rel="stylesheet" href="' . JURI::root(true) . '/media/jui/css/bootstrap.min.css" /> '; ?> <div id="flexicontent" class="flexicontent"> <?php $btn_class = FLEXI_J30GE ? ' btn btn-small' : ' fc_button fcsimple fcsmall'; if ($auth_publish) { $state['P'] = array('name' => 'FLEXI_PUBLISHED', 'desc' => 'FLEXI_PUBLISHED_DESC', 'icon' => 'tick.png', 'btn_class' => 'btn-success'); $state['IP'] = array('name' => 'FLEXI_IN_PROGRESS', 'desc' => 'FLEXI_NOT_FINISHED_YET', 'icon' => 'publish_g.png', 'btn_class' => 'btn-success', 'clear' => true); $state['U'] = array('name' => 'FLEXI_UNPUBLISHED', 'desc' => 'FLEXI_UNPUBLISHED_DESC', 'icon' => 'publish_x.png', 'btn_class' => 'btn-warning'); $state['PE'] = array('name' => 'FLEXI_PENDING', 'desc' => 'FLEXI_NEED_TO_BE_APPROVED', 'icon' => 'publish_r.png', 'btn_class' => 'btn-warning'); $state['OQ'] = array('name' => 'FLEXI_TO_WRITE', 'desc' => 'FLEXI_TO_WRITE_DESC', 'icon' => 'publish_y.png', 'btn_class' => 'btn-warning', 'clear' => true); } if ($auth_archive) { $state['A'] = array('name' => 'FLEXI_ARCHIVED', 'desc' => 'FLEXI_ARCHIVED_STATE', 'icon' => 'archive.png', 'btn_class' => 'btn-info'); } if ($auth_delete) { $state['T'] = array('name' => 'FLEXI_TRASHED', 'desc' => 'FLEXI_TRASHED_TO_BE_DELETED', 'icon' => 'trash.png', 'btn_class' => 'btn-danger'); } echo "<b>" . JText::_('FLEXI_SELECT_STATE') . ":</b><br /><br />"; ?> <?php foreach ($state as $shortname => $statedata) { $css = "width:216px; margin:0px 24px 12px 0px;"; $link = JURI::base(true) . "/index.php?option=com_flexicontent&task=items.changestate&newstate=" . $shortname . "&" . (FLEXI_J30GE ? JSession::getFormToken() : JUtility::getToken()) . "=1"; $icon = "../components/com_flexicontent/assets/images/" . $statedata['icon']; ?> <span class="fc-filter nowrap_box"> <?php /*<img src="<?php echo $icon; ?>" style="margin:4px 0 0 0; border-width:0px; vertical-align:top;" alt="<?php echo JText::_( $statedata['desc'] ); ?>" /> */ ?> <span style="<?php echo $css; ?> " class="<?php echo $btn_class . ' ' . $statedata['btn_class']; ?> " onclick="window.parent.document.adminForm.newstate.value='<?php echo $shortname; ?> '; window.parent.document.adminForm.boxchecked.value==0 ? alert('<?php echo JText::_('FLEXI_NO_ITEMS_SELECTED'); ?> ') : window.parent.Joomla.submitbutton('items.changestate')" > <?php echo JText::_($statedata['name']); ?> </span> </span> <?php if (isset($statedata['clear'])) { echo '<div class="fcclear"></div>'; } } ?> </div> <?php exit; } }