* @copyright The XUUPS Project http://sourceforge.net/projects/xuups/
* @license GNU GPL V2 or later (http://www.gnu.org/licenses/gpl-2.0.html)
* @package Publisher
* @subpackage Utils
* @since 1.0
* @author trabis <*****@*****.**>
* @author The SmartFactory <www.smartfactory.ca>
*/
include_once __DIR__ . '/include/common.php';
$publisher = Publisher::getInstance();
$xoops = Xoops::getInstance();
$xoops->theme()->addStylesheet(PUBLISHER_URL . '/css/publisher.css');
$xoopsTpl = $xoops->tpl();
$xoopsTpl->assign("xoops_module_header", '<link rel="alternate" type="application/rss+xml" title="' . $publisher->getModule()->getVar('name') . '" href="' . $publisher->url('backend.php') . '" />' . @$xoopsTpl->getTemplateVars("xoops_module_header"));
$xoopsTpl->assign("publisher_adminpage", "<a href='" . $publisher->url("admin/index.php") . "'>" . _MD_PUBLISHER_ADMIN_PAGE . "</a>");
$xoopsTpl->assign("isAdmin", PublisherUtils::IsUserAdmin());
$xoopsTpl->assign('publisher_url', $publisher->url());
$xoopsTpl->assign('publisher_images_url', $publisher->url('images'));
$xoopsTpl->assign('displayType', $publisher->getConfig('idxcat_items_display_type'));
// display_category_summary enabled by Freeform Solutions March 21 2006
$xoopsTpl->assign('display_category_summary', $publisher->getConfig('cat_display_summary'));
$xoopsTpl->assign('displayList', $publisher->getConfig('idxcat_items_display_type') == 'list');
$xoopsTpl->assign('displayFull', $publisher->getConfig('idxcat_items_display_type') == 'full');
$xoopsTpl->assign('modulename', $publisher->getModule()->dirname());
$xoopsTpl->assign('displaylastitem', $publisher->getConfig('idxcat_display_last_item'));
$xoopsTpl->assign('displaysubcatdsc', $publisher->getConfig('idxcat_display_subcat_dsc'));
$xoopsTpl->assign('publisher_display_breadcrumb', $publisher->getConfig('display_breadcrumb'));
$xoopsTpl->assign('collapsable_heading', $publisher->getConfig('idxcat_collaps_heading'));
$xoopsTpl->assign('display_comment_link', $publisher->getConfig('item_disp_comment_link'));
$xoopsTpl->assign('display_whowhen_link', $publisher->getConfig('item_disp_whowhen_link'));
$xoopsTpl->assign('displayarticlescount', $publisher->getConfig('idxcat_display_art_count'));
$publisher = Publisher::getInstance();
$publisher->loadLanguage('admin');
$op = Request::getString('op');
$fileid = Request::getInt('fileid');
if ($fileid == 0) {
$xoops->redirect("index.php", 2, _MD_PUBLISHER_NOITEMSELECTED);
}
/* @var $fileObj PublisherFile */
$fileObj = $publisher->getFileHandler()->get($fileid);
// if the selected item was not found, exit
if (!$fileObj) {
$xoops->redirect("index.php", 1, XoopsLocale::E_NO_ACCESS_PERMISSION);
}
$itemObj = $publisher->getItemHandler()->get($fileObj->getVar('itemid'));
// if the user does not have permission to modify this file, exit
if (!(PublisherUtils::IsUserAdmin() || PublisherUtils::IsUserModerator($itemObj) || $xoops->isUser() && $fileObj->getVar('uid') == $xoops->user->getVar('uid'))) {
$xoops->redirect("index.php", 1, XoopsLocale::E_NO_ACCESS_PERMISSION);
}
/* -- Available operations -- */
switch ($op) {
case "default":
case "mod":
$xoops->header();
// FILES UPLOAD FORM
$files_form = $publisher->getForm($fileObj, 'file');
$files_form->display();
break;
case "modify":
$fileid = isset($_POST['fileid']) ? (int) $_POST['fileid'] : 0;
// Creating the file object
if ($fileid != 0) {
$itemObj = $publisher->getItemHandler()->get($itemid);
if (!(PublisherUtils::IsUserAdmin() || PublisherUtils::IsUserAuthor($itemObj) || PublisherUtils::IsUserModerator($itemObj))) {
$xoops->redirect("index.php", 1, XoopsLocale::E_NO_ACCESS_PERMISSION);
}
if (!PublisherUtils::IsUserAdmin() || !PublisherUtils::IsUserModerator($itemObj)) {
if (isset($_GET['op']) && $_GET['op'] == 'del' && !$publisher->getConfig('perm_delete')) {
$xoops->redirect("index.php", 1, XoopsLocale::E_NO_ACCESS_PERMISSION);
} elseif (!$publisher->getConfig('perm_edit')) {
$xoops->redirect("index.php", 1, XoopsLocale::E_NO_ACCESS_PERMISSION);
}
}
$categoryObj = $itemObj->category();
} else {
// we are submitting a new article
// if the user is not admin AND we don't allow user submission, exit
if (!(PublisherUtils::IsUserAdmin() || $publisher->getConfig('perm_submit') == 1 && ($xoops->isUser() || $publisher->getConfig('perm_anon_submit') == 1))) {
$xoops->redirect("index.php", 1, XoopsLocale::E_NO_ACCESS_PERMISSION);
}
$itemObj = $publisher->getItemHandler()->create();
$categoryObj = $publisher->getCategoryHandler()->create();
}
if (isset($_GET['op']) && $_GET['op'] == 'clone') {
$formtitle = _MD_PUBLISHER_SUB_CLONE;
$itemObj->setNew();
$itemObj->setVar('itemid', 0);
} else {
$formtitle = _MD_PUBLISHER_SUB_SMNAME;
}
$op = '';
if (isset($_POST['additem'])) {
$op = 'post';
/**
* Get all subcats and put them in an array indexed by parent id
*
* @param array $categories
*
* @return array
*/
public function &getSubCats($categories)
{
$xoops = Xoops::getInstance();
$criteria = new CriteriaCompo(new Criteria('parentid', "(" . implode(',', array_keys($categories)) . ")", 'IN'));
$ret = array();
if (!PublisherUtils::IsUserAdmin()) {
$categoriesGranted = $this->publisher->getPermissionHandler()->getGrantedItems('category_read');
if (count($categoriesGranted) > 0) {
$criteria->add(new Criteria('categoryid', '(' . implode(',', $categoriesGranted) . ')', 'IN'));
} else {
return $ret;
}
if ($xoops->isUser()) {
$criteria->add(new Criteria('moderator', $xoops->user->getVar('uid')), 'OR');
}
}
$criteria->setSort('weight');
$criteria->setOrder('ASC');
$subcats = $this->getObjects($criteria, true);
/* @var $subcat PublisherCategory */
foreach ($subcats as $subcat) {
$ret[$subcat->getVar('parentid')][$subcat->getVar('categoryid')] = $subcat;
}
return $ret;
}
/**
* @param array $queryarray
* @param string $andor
* @param int $limit
* @param int $offset
* @param int $userid
* @param array $categories
* @param int $sortby
* @param string $searchin
* @param string $extra
*
* @return array
*/
public function getItemsFromSearch($queryarray = array(), $andor = 'AND', $limit = 0, $offset = 0, $userid = 0, $categories = array(), $sortby = 0, $searchin = "", $extra = "")
{
$xoops = Xoops::getInstance();
$ret = array();
$gperm_handler = $xoops->getHandlerGroupPermission();
$groups = $xoops->getUserGroups();
$searchin = empty($searchin) ? array("title", "body", "summary") : (is_array($searchin) ? $searchin : array($searchin));
if (in_array("all", $searchin) || count($searchin) == 0) {
$searchin = array("title", "subtitle", "body", "summary", "meta_keywords");
}
if (is_array($userid) && count($userid) > 0) {
$userid = array_map("intval", $userid);
$criteriaUser = new CriteriaCompo();
$criteriaUser->add(new Criteria('uid', '(' . implode(',', $userid) . ')', 'IN'), 'OR');
} elseif (is_numeric($userid) && $userid > 0) {
$criteriaUser = new CriteriaCompo();
$criteriaUser->add(new Criteria('uid', $userid), 'OR');
}
$count = count($queryarray);
if (is_array($queryarray) && $count > 0) {
$criteriaKeywords = new CriteriaCompo();
for ($i = 0; $i < count($queryarray); ++$i) {
$criteriaKeyword = new CriteriaCompo();
if (in_array('title', $searchin)) {
$criteriaKeyword->add(new Criteria('title', '%' . $queryarray[$i] . '%', 'LIKE'), 'OR');
}
if (in_array('subtitle', $searchin)) {
$criteriaKeyword->add(new Criteria('subtitle', '%' . $queryarray[$i] . '%', 'LIKE'), 'OR');
}
if (in_array('body', $searchin)) {
$criteriaKeyword->add(new Criteria('body', '%' . $queryarray[$i] . '%', 'LIKE'), 'OR');
}
if (in_array('summary', $searchin)) {
$criteriaKeyword->add(new Criteria('summary', '%' . $queryarray[$i] . '%', 'LIKE'), 'OR');
}
if (in_array('meta_keywords', $searchin)) {
$criteriaKeyword->add(new Criteria('meta_keywords', '%' . $queryarray[$i] . '%', 'LIKE'), 'OR');
}
$criteriaKeywords->add($criteriaKeyword, $andor);
unset($criteriaKeyword);
}
}
if (!PublisherUtils::IsUserAdmin() && count($categories) > 0) {
$criteriaPermissions = new CriteriaCompo();
// Categories for which user has access
$categoriesGranted = $gperm_handler->getItemIds('category_read', $groups, $this->publisher->getModule()->getVar('mid'));
if (count($categories) > 0) {
$categoriesGranted = array_intersect($categoriesGranted, $categories);
}
if (count($categoriesGranted) == 0) {
return $ret;
}
$grantedCategories = new Criteria('categoryid', "(" . implode(',', $categoriesGranted) . ")", 'IN');
$criteriaPermissions->add($grantedCategories, 'AND');
} elseif (count($categories) > 0) {
$criteriaPermissions = new CriteriaCompo();
$grantedCategories = new Criteria('categoryid', "(" . implode(',', $categories) . ")", 'IN');
$criteriaPermissions->add($grantedCategories, 'AND');
}
$criteriaItemsStatus = new CriteriaCompo();
$criteriaItemsStatus->add(new Criteria('status', _PUBLISHER_STATUS_PUBLISHED));
$criteria = new CriteriaCompo();
if (!empty($criteriaUser)) {
$criteria->add($criteriaUser, 'AND');
}
if (!empty($criteriaKeywords)) {
$criteria->add($criteriaKeywords, 'AND');
}
if (!empty($criteriaPermissions)) {
$criteria->add($criteriaPermissions);
}
if (!empty($criteriaItemsStatus)) {
$criteria->add($criteriaItemsStatus, 'AND');
}
$criteria->setLimit($limit);
$criteria->setStart($offset);
if (empty($sortby)) {
$sortby = "datesub";
}
$criteria->setSort($sortby);
$order = 'ASC';
if ($sortby === "datesub") {
$order = 'DESC';
}
$criteria->setOrder($order);
$ret = $this->getItemObjects($criteria);
return $ret;
}
$xoopsTpl->assign('show_subtitle', $publisher->getConfig('item_disp_subtitle'));
if ($itemObj->getVar('pagescount') > 0) {
if ($item_page_id == -1) {
$item_page_id = 0;
}
$pagenav = new XoopsPageNav($itemObj->getVar('pagescount'), 1, $item_page_id, 'page', 'itemid=' . $itemObj->getVar('itemid'));
$xoopsTpl->assign('pagenav', $pagenav->renderNav());
}
// Creating the files object associated with this item
$file = array();
$files = array();
$embeded_files = array();
$filesObj = $itemObj->getFiles();
// check if user has permission to modify files
$hasFilePermissions = true;
if (!(PublisherUtils::IsUserAdmin() || PublisherUtils::IsUserModerator($itemObj))) {
$hasFilePermissions = false;
}
/* @var $fileObj PublisherFile */
foreach ($filesObj as $fileObj) {
$file = array();
$file['mod'] = false;
if ($hasFilePermissions || $xoops->isUser() && $fileObj->getVar('uid') == $xoops->user->getVar('uid')) {
$file['mod'] = true;
}
if ($fileObj->getVar('mimetype') == 'application/x-shockwave-flash') {
$file['content'] = $fileObj->displayFlash();
if (strpos($item['maintext'], '[flash-' . $fileObj->getVar('fileid') . ']')) {
$item['maintext'] = str_replace('[flash-' . $fileObj->getVar('fileid') . ']', $file['content'], $item['maintext']);
} else {
$embeded_files[] = $file;
