/**
* Updates the Block config from the Blocks Admin
* @param none
* @return bool true on success
*/
public function update()
{
$vars = $this->getContent();
if (xarVarFetch('include_root', 'checkbox', $include_root, 0, XARVAR_NOT_REQUIRED)) {
$vars['include_root'] = $include_root;
}
// The root pages define sections of the page landscape that this block applies to.
if (!isset($vars['root_ids'])) {
$vars['root_ids'] = array();
}
if (xarVarFetch('new_root_pid', 'int:0', $new_root_pid, 0, XARVAR_NOT_REQUIRED) && !empty($new_root_pid)) {
$vars['root_ids'][] = $new_root_pid;
}
if (xarVarFetch('remove_root_pid', 'list:int:1', $remove_root_pid, array(), XARVAR_NOT_REQUIRED) && !empty($remove_root_pid)) {
// Easier to check with the keys and values flipped.
$vars['root_ids'] = array_flip($vars['root_ids']);
foreach ($remove_root_pid as $remove) {
if (isset($vars['root_ids'][$remove])) {
unset($vars['root_ids'][$remove]);
}
}
// Flip keys and values back.
$vars['root_ids'] = array_flip($vars['root_ids']);
// Reorder the keys.
$vars['root_ids'] = array_values($vars['root_ids']);
}
$this->setContent($vars);
return true;
}
function calendar_userapi_getUserDateTimeInfo()
{
// dates come in as YYYYMMDD
xarVarFetch('cal_date', 'str:4:8', $cal_date, xarLocaleFormatDate('%Y%m%d'));
$data = array();
$data['cal_date'] =& $cal_date;
if (!preg_match('/([\\d]{4,4})([\\d]{2,2})?([\\d]{2,2})?/', $cal_date, $match)) {
$year = xarLocaleFormateDate('Y');
$month = xarLocaleFormateDate('m');
$day = xarLocaleFormateDate('d');
} else {
$year = $match[1];
if (isset($match[2])) {
$month = $match[2];
} else {
$month = '01';
}
if (isset($match[3])) {
$day = $match[3];
} else {
$day = '01';
}
}
//$data['selected_date'] = (int) $year.$month.$day;
$data['cal_day'] = (int) $day;
$data['cal_month'] = (int) $month;
$data['cal_year'] = (int) $year;
//$data['selected_timestamp'] = gmmktime(0,0,0,$month,$day,$year);
sys::import('xaraya.structures.datetime');
$today = new XarDateTime();
$usertz = xarModUserVars::get('roles', 'usertimezone', xarSession::getVar('role_id'));
$useroffset = $today->getTZOffset($usertz);
$data['now'] = getdate(time() + $useroffset);
return $data;
}
/**
* View the cart
*/
function shop_user_viewcart()
{
// If the user returns to the cart after taking other steps, unset any errors from earlier in the session.
xarSession::delVar('errors');
sys::import('modules.dynamicdata.class.objects.master');
$subtotals = array();
$products = array();
$total = 0;
// May want to display cust info with the cart...
$cust = xarMod::APIFunc('shop', 'user', 'customerinfo');
$data['cust'] = $cust;
$shop = xarSession::getVar('shop');
foreach ($shop as $pid => $val) {
// If this post variable is set, we must need to update the quantity
if (isset($_POST['qty' . $pid])) {
unset($qty_new);
// Have to unset this since we're in a foreach
if (!xarVarFetch('qty' . $pid, 'isset', $qty_new, NULL, XARVAR_DONT_SET)) {
return;
}
if ($qty_new == 0) {
unset($shop[$pid]);
} else {
$shop[$pid]['qty'] = $qty_new;
}
}
// If the quantity hasn't been set to zero, add it to the $products array...
if (isset($shop[$pid])) {
// Commas in the quantity seem to mess up our math
$products[$pid]['qty'] = str_replace(',', '', $shop[$pid]['qty']);
// Get the product info
$object = DataObjectMaster::getObject(array('name' => 'shop_products'));
$some_id = $object->getItem(array('itemid' => $pid));
$values = $object->getFieldValues();
$products[$pid]['title'] = xarVarPrepForDisplay($values['title']);
$products[$pid]['price'] = $values['price'];
$subtotal = $values['price'] * $products[$pid]['qty'];
$subtotals[] = $subtotal;
// so we can use array_sum() to add it all up
if (substr($subtotal, 0, 1) == '.') {
$subtotal = '0' . $subtotal;
}
$products[$pid]['subtotal'] = number_format($subtotal, 2);
}
}
xarSession::setVar('shop', $shop);
$total = array_sum($subtotals);
// Add a zero to the front of the number if it starts with a decimal...
if (substr($total, 0, 1) == '.') {
$total = '0' . $total;
}
$total = number_format($total, 2);
xarSession::setVar('products', $products);
// update the session variable
$data['products'] = $products;
// don't want too much session stuff in the templates
xarSession::setVar('total', $total);
$data['total'] = $total;
return $data;
}
function wurfl_admin_delete()
{
if (!xarSecurityCheck('ManageWurfl')) {
return;
}
if (!xarVarFetch('name', 'str:1', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemid', 'int', $data['itemid'], '', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('confirm', 'str:1', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
$data['object'] = DataObjectMaster::getObject(array('name' => $name));
$data['object']->getItem(array('itemid' => $data['itemid']));
$data['tplmodule'] = 'wurfl';
$data['authid'] = xarSecGenAuthKey('wurfl');
if ($data['confirm']) {
// Check for a valid confirmation key
if (!xarSecConfirmAuthKey()) {
return;
}
// Delete the item
$item = $data['object']->deleteItem();
// Jump to the next page
xarController::redirect(xarModURL('wurfl', 'admin', 'view'));
return true;
}
return $data;
}
function publications_user_new($args)
{
extract($args);
// Get parameters
if (!xarVarFetch('ptid', 'id', $data['ptid'], xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('catid', 'str', $catid, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemtype', 'id', $itemtype, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
$data['items'] = array();
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$data['properties'] = $data['object']->getProperties();
if (!empty($data['ptid'])) {
$template = $pubtypeobject->properties['template']->value;
} else {
// TODO: allow templates per category ?
$template = null;
}
// Get the settings of the publication type we are using
$data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid']));
return xarTplModule('publications', 'admin', 'new', $data, $template);
}
/**
* view statistics
*/
function publications_admin_stats($args = array())
{
if (!xarSecurityCheck('AdminPublications')) {
return;
}
if (!xarVarFetch('group', 'isset', $group, array(), XARVAR_NOT_REQUIRED)) {
return;
}
extract($args);
if (!empty($group)) {
$newgroup = array();
foreach ($group as $field) {
if (empty($field)) {
continue;
}
$newgroup[] = $field;
}
$group = $newgroup;
}
if (empty($group)) {
$group = array('pubtype_id', 'state', 'owner');
}
$data = array();
$data['group'] = $group;
$data['stats'] = xarModAPIFunc('publications', 'admin', 'getstats', array('group' => $group));
$data['pubtypes'] = xarModAPIFunc('publications', 'user', 'get_pubtypes');
$data['statelist'] = xarModAPIFunc('publications', 'user', 'getstates');
$data['fields'] = array('pubtype_id' => xarML('Publication Type'), 'state' => xarML('Status'), 'owner' => xarML('Author'), 'pubdate_year' => xarML('Publication Year'), 'pubdate_month' => xarML('Publication Month'), 'pubdate_day' => xarML('Publication Day'), 'locale' => xarML('Language'));
return $data;
}
function publications_admin_modify_pubtype($args)
{
if (!xarSecurityCheck('AdminPublications')) {
return;
}
extract($args);
// Get parameters
if (!xarVarFetch('itemid', 'isset', $data['itemid'], NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('returnurl', 'str:1', $data['returnurl'], 'view', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('name', 'str:1', $name, '', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('tab', 'str:1', $data['tab'], '', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if (empty($name) && empty($itemid)) {
return xarResponse::NotFound();
}
// Get our object
$data['object'] = DataObjectMaster::getObject(array('name' => 'publications_types'));
if (!empty($data['itemid'])) {
$data['object']->getItem(array('itemid' => $data['itemid']));
} else {
$type_list = DataObjectMaster::getObjectList(array('name' => 'publications_types'));
$where = 'name = ' . $name;
$items = $type_list->getItems(array('where' => $where));
$item = current($items);
$data['object']->getItem(array('itemid' => $item['id']));
}
// Send the publication type and the object properties to the template
$data['properties'] = $data['object']->getProperties();
// Get the settings of the publication type we are using
$data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['itemid']));
if ($data['confirm']) {
// Check for a valid confirmation key
if (!xarSecConfirmAuthKey()) {
return;
}
// Get the data from the form
$isvalid = $data['object']->checkInput();
if (!$isvalid) {
// Bad data: redisplay the form with error messages
return xarTplModule('publications', 'admin', 'modify_pubtype', $data);
} else {
// Good data: create the item
$itemid = $data['object']->updateItem(array('itemid' => $data['itemid']));
// Jump to the next page
xarController::redirect(xarModURL('publications', 'admin', 'view_pubtypes'));
return true;
}
}
return $data;
}
function calendar_userapi_next($args = array())
{
xarVarFetch('cal_sdow', 'int:0:7', $cal_sdow, 0);
// what function are we in
xarVarFetch('func', 'str::', $func);
extract($args);
unset($args);
if (!isset($cal_interval)) {
$cal_interval = 1;
}
xarVarValidate('int::', $cal_date);
xarVarValidate('int:1:', $cal_interval);
xarVarValidate('str::', $cal_type);
$y = substr($cal_date, 0, 4);
$m = substr($cal_date, 4, 2);
$d = substr($cal_date, 6, 2);
switch (strtolower($cal_type)) {
case 'day':
$d += $cal_interval;
break;
case 'week':
$d += 7 * $cal_interval;
break;
case 'month':
$m += $cal_interval;
break;
case 'year':
$y += $cal_interval;
break;
}
$new_date = gmdate('Ymd', gmmktime(0, 0, 0, $m, $d, $y));
return xarModURL('calendar', 'user', strtolower($func), array('cal_date' => $new_date, 'cal_sdow' => $cal_sdow));
}
/**
* View items of the wurfl object
*
*/
function wurfl_admin_view($args)
{
if (!xarSecurityCheck('ManageWurfl')) {
return;
}
$modulename = 'wurfl';
// Define which object will be shown
if (!xarVarFetch('objectname', 'str', $objectname, null, XARVAR_DONT_SET)) {
return;
}
if (!empty($objectname)) {
xarModUserVars::set($modulename, 'defaultmastertable', $objectname);
}
// Set a return url
xarSession::setVar('ddcontext.' . $modulename, array('return_url' => xarServer::getCurrentURL()));
// Get the available dropdown options
$object = DataObjectMaster::getObjectList(array('objectid' => 1));
$data['objectname'] = xarModUserVars::get($modulename, 'defaultmastertable');
$items = $object->getItems();
$options = array();
foreach ($items as $item) {
if (strpos($item['name'], $modulename) !== false) {
$options[] = array('id' => $item['name'], 'name' => $item['name']);
}
}
$data['options'] = $options;
return $data;
}
/**
* Publications Module
*
* @package modules
* @subpackage publications module
* @category Third Party Xaraya Module
* @version 2.0.0
* @copyright (C) 2011 Netspan AG
* @license GPL {@link http://www.gnu.org/licenses/gpl.html}
* @author Marc Lutolf <*****@*****.**>
*/
function publications_user_view_pages($args)
{
extract($args);
if (!xarSecurityCheck('ManagePublications')) {
return;
}
// Accept a parameter to allow selection of a single tree.
xarVarFetch('contains', 'id', $contains, 0, XARVAR_NOT_REQUIRED);
$data = xarMod::apiFunc('publications', 'user', 'getpagestree', array('key' => 'index', 'dd_flag' => false, 'tree_contains_pid' => $contains));
if (empty($data['pages'])) {
// TODO: pass to template.
return $data;
//xarML('NO PAGES DEFINED');
} else {
$data['pages'] = xarMod::apiFunc('publications', 'tree', 'array_maptree', $data['pages']);
}
$data['contains'] = $contains;
// Check modify and delete privileges on each page.
// EditPage - allows basic changes, but no moving or renaming (good for sub-editors who manage content)
// AddPage - new pages can be added (further checks may limit it to certain page types)
// DeletePage - page can be renamed, moved and deleted
if (!empty($data['pages'])) {
// Bring in the access property for security checks
sys::import('modules.dynamicdata.class.properties.master');
$accessproperty = DataPropertyMaster::getProperty(array('name' => 'access'));
$accessproperty->module = 'publications';
$accessproperty->component = 'Page';
foreach ($data['pages'] as $key => $page) {
$thisinstance = $page['name'] . ':' . $page['ptid']['name'];
// Do we have admin access?
$args = array('instance' => $thisinstance, 'level' => 800);
$adminaccess = $accessproperty->check($args);
// Decide whether this page can be modified by the current user
/*try {
$args = array(
'instance' => $thisinstance,
'group' => $page['access']['modify_access']['group'],
'level' => $page['access']['modify_access']['level'],
);
} catch (Exception $e) {
$args = array();
}*/
$data['pages'][$key]['edit_allowed'] = $adminaccess || $accessproperty->check($args);
/*
// Decide whether this page can be deleted by the current user
try {
$args = array(
'instance' => $thisinstance,
'group' => $page['access']['delete_access']['group'],
'level' => $page['access']['delete_access']['level'],
);
} catch (Exception $e) {
$args = array();
}*/
$data['pages'][$key]['delete_allowed'] = $adminaccess || $accessproperty->check($args);
}
}
return $data;
}
/**
* Modify a customer
*/
function shop_admin_modifycustomer()
{
if (!xarVarFetch('itemid', 'id', $data['itemid'], NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
$objectname = 'shop_customers';
$data['objectname'] = $objectname;
// Check if we still have no id of the item to modify.
if (empty($data['itemid'])) {
$msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'admin', 'modify', 'shop');
throw new Exception($msg);
}
if (!xarSecurityCheck('AdminShop', 1, 'Item', $data['itemid'])) {
return;
}
sys::import('modules.dynamicdata.class.objects.master');
$object = DataObjectMaster::getObject(array('name' => $objectname));
$data['object'] = $object;
$data['label'] = $object->label;
$object->getItem(array('itemid' => $data['itemid']));
$values = $object->getFieldValues();
foreach ($values as $name => $value) {
$data[$name] = xarVarPrepForDisplay($value);
}
$rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users'));
$rolesobject->getItem(array('itemid' => $data['itemid']));
if ($data['confirm']) {
// Check for a valid confirmation key
if (!xarSecConfirmAuthKey()) {
return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author'));
}
// Get the data from the form
$isvalid = $object->checkInput();
if (!$isvalid) {
// Bad data: redisplay the form with the data we picked up and with error messages
return xarTplModule('shop', 'admin', 'modifycustomer', $data);
} elseif (isset($data['preview'])) {
// Show a preview, same thing as the above essentially
return xarTplModule('shop', 'admin', 'modifycustomer', $data);
} else {
$first_name = $object->properties['first_name']->getValue();
$last_name = $object->properties['last_name']->getValue();
$rolesobject->properties['name']->setValue($first_name . ' ' . $last_name);
$rolesobject->updateItem();
$object->updateItem();
// Jump to the next page
xarResponse::redirect(xarModURL('shop', 'admin', 'modifycustomer', array('itemid' => $data['itemid'])));
return $data;
}
} else {
// Get that specific item of the object
$object->getItem(array('itemid' => $data['itemid']));
}
// Return the template variables defined in this function
return $data;
}
/**
* Create a new customer
*/
function shop_user_newcustomer()
{
if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('returnurl', 'str', $returnurl, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
sys::import('modules.dynamicdata.class.objects.master');
$rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users'));
$data['properties'] = $rolesobject->properties;
// Check if we are in 'preview' mode from the input here - the rest is handled by checkInput()
// Here we are testing for a button clicked, so we test for a string
if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) {
return;
}
// Check if we are submitting the form
// Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false)
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if ($data['confirm']) {
// Check for a valid confirmation key. The value is automatically gotten from the template
if (!xarSecConfirmAuthKey()) {
return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author'));
}
// Get the data from the form and see if it is all valid
// Either way the values are now stored in the object
$isvalid = $rolesobject->properties['email']->checkInput();
$isvalid2 = $rolesobject->properties['password']->checkInput();
if (!$isvalid || !$isvalid2) {
// Bad data: redisplay the form with the data we picked up and with error messages
return xarTplModule('shop', 'user', 'newcustomer', $data);
} else {
$email = $rolesobject->properties['email']->getValue();
$password = $rolesobject->properties['password']->getValue();
$rolesobject->properties['name']->setValue($email);
$rolesobject->properties['email']->setValue($email);
$rolesobject->properties['uname']->setValue($email);
$rolesobject->properties['password']->setValue($password);
$rolesobject->properties['state']->setValue(3);
$authmodule = (int) xarMod::getID('shop');
$rolesobject->properties['authmodule']->setValue($authmodule);
$uid = $rolesobject->createItem();
$custobject = DataObjectMaster::getObject(array('name' => 'shop_customers'));
$custobject->createItem(array('id' => $uid));
if (isset($returnurl)) {
xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $password));
xarResponse::redirect($returnurl);
} else {
xarResponse::redirect(xarModURL('shop'));
}
// Always add the next line even if processing never reaches it
return true;
}
}
// Return the template variables defined in this function
return $data;
}
/**
* Allows a user to modify their Calendar specific changes
*/
function calendar_user_updateconfig()
{
xarVarFetch('cal_sdow', 'int:0:6', $cal_sdow, xarModUserVars::get('calendar', 'cal_sdow'));
xarModUserVars::set('calendar', 'cal_sdow', $cal_sdow);
xarVarFetch('default_view', 'str::', $default_view, xarModUserVars::get('calendar', 'default_view'));
xarModUserVars::set('calendar', 'default_view', $default_view);
xarController::redirect(xarModURL('calendar', 'user', 'modifyconfig'));
}
public function update(array $data = array())
{
$args = array();
if (!xarVarFetch('numitems', 'int:1:200', $args['numitems'], $this->numitems, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('pubtype_id', 'id', $args['pubtype_id'], $this->pubtype_id, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('linkpubtype', 'checkbox', $args['linkpubtype'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('nopublimit', 'checkbox', $args['nopublimit'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('catfilter', 'id', $args['catfilter'], $this->catfilter, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('includechildren', 'checkbox', $args['includechildren'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('nocatlimit', 'checkbox', $args['nocatlimit'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('linkcat', 'checkbox', $args['linkcat'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('dynamictitle', 'checkbox', $args['dynamictitle'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('showsummary', 'checkbox', $args['showsummary'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('showdynamic', 'checkbox', $args['showdynamic'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('showvalue', 'checkbox', $args['showvalue'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('pubstate', 'strlist:,:int:1:4', $args['pubstate'], $this->pubstate, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('toptype', 'enum:author:date:hits:rating:title', $args['toptype'], $this->toptype, XARVAR_NOT_REQUIRED)) {
return;
}
if ($args['nopublimit'] == true) {
$args['pubtype_id'] = 0;
}
if ($args['nocatlimit']) {
$args['catfilter'] = 1;
$args['includechildren'] = 0;
}
if ($args['includechildren']) {
$args['linkcat'] = 0;
}
$this->setContent($args);
return true;
}
function wurfl_admin_modifyconfig()
{
// Security Check
if (!xarSecurityCheck('AdminWurfl')) {
return;
}
if (!xarVarFetch('phase', 'str:1:100', $phase, 'modify', XARVAR_NOT_REQUIRED, XARVAR_PREP_FOR_DISPLAY)) {
return;
}
if (!xarVarFetch('tab', 'str:1:100', $data['tab'], 'general', XARVAR_NOT_REQUIRED)) {
return;
}
$data['module_settings'] = xarMod::apiFunc('base', 'admin', 'getmodulesettings', array('module' => 'wurfl'));
$data['module_settings']->setFieldList('items_per_page, use_module_alias, module_alias_name, enable_short_urls');
$data['module_settings']->getItem();
switch (strtolower($phase)) {
case 'modify':
default:
switch ($data['tab']) {
case 'general':
break;
case 'tab2':
break;
case 'tab3':
break;
default:
break;
}
break;
case 'update':
// Confirm authorisation code
if (!xarSecConfirmAuthKey()) {
return;
}
switch ($data['tab']) {
case 'general':
$isvalid = $data['module_settings']->checkInput();
if (!$isvalid) {
return xarTplModule('wurfl', 'admin', 'modifyconfig', $data);
} else {
$itemid = $data['module_settings']->updateItem();
}
break;
case 'tab2':
break;
case 'tab3':
break;
default:
break;
}
xarController::redirect(xarModURL('wurfl', 'admin', 'modifyconfig', array('tab' => $data['tab'])));
// Return
return true;
break;
}
$data['authid'] = xarSecGenAuthKey();
return $data;
}
function publications_admin_templates_page($args)
{
if (!xarSecurityCheck('AdminPublications')) {
return;
}
extract($args);
if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('ptid', 'id', $data['ptid'], 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemid', 'id', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('file', 'str', $data['file'], 'summary', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('source_data', 'str', $data['source_data'], '', XARVAR_NOT_REQUIRED)) {
return;
}
if (empty($data['itemid']) || empty($data['ptid'])) {
return xarResponse::NotFound();
}
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$pubtype = explode('_', $pubtypeobject->properties['name']->value);
$pubtype = isset($pubtype[1]) ? $pubtype[1] : $pubtype[0];
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$basepath = sys::code() . "modules/publications/xartemplates/objects/" . $pubtype;
$sourcefile = $basepath . "/" . $data['file'] . "_" . $data['itemid'] . ".xt";
$overridepath = "themes/" . xarModVars::get('themes', 'default_theme') . "/modules/publications/objects/" . $pubtype;
$overridefile = $overridepath . "/" . $data['file'] . "-" . $data['itemid'] . ".xt";
// If we are saving, write the file now
if ($confirm && !empty($data['source_data'])) {
xarMod::apiFunc('publications', 'admin', 'write_file', array('file' => $overridefile, 'data' => $data['source_data']));
}
// Let the template know what kind of file this is
if (file_exists($overridefile)) {
$data['filetype'] = 'theme';
$filepath = $overridefile;
$data['writable'] = is_writable($overridefile);
} else {
$data['filetype'] = 'module';
$filepath = $sourcefile;
$data['writable'] = is_writeable_dir($overridepath);
}
$data['source_data'] = trim(xarMod::apiFunc('publications', 'admin', 'read_file', array('file' => $filepath)));
// Initialize the template
if (empty($data['source_data'])) {
$data['source_data'] = '<xar:template xmlns:xar="http://xaraya.com/2004/blocklayout">';
$data['source_data'] .= "\n";
$data['source_data'] .= "\n" . '</xar:template>';
}
$data['files'] = array(array('id' => 'summary', 'name' => 'summary display'), array('id' => 'detail', 'name' => 'detail display'));
return $data;
}
/**
* Import an object definition or an object item from XML
*/
function publications_admin_importpubtype($args)
{
if (!xarSecurityCheck('AdminPublications')) {
return;
}
if (!xarVarFetch('import', 'isset', $import, NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('xml', 'isset', $xml, NULL, XARVAR_DONT_SET)) {
return;
}
extract($args);
$data = array();
$data['menutitle'] = xarML('Dynamic Data Utilities');
$data['warning'] = '';
$data['options'] = array();
$basedir = 'modules/publications';
$filetype = 'xml';
$files = xarModAPIFunc('dynamicdata', 'admin', 'browse', array('basedir' => $basedir, 'filetype' => $filetype));
if (!isset($files) || count($files) < 1) {
$files = array();
$data['warning'] = xarML('There are currently no XML files available for import in "#(1)"', $basedir);
}
if (!empty($import) || !empty($xml)) {
if (!xarSecConfirmAuthKey()) {
return;
}
if (!empty($import)) {
$found = '';
foreach ($files as $file) {
if ($file == $import) {
$found = $file;
break;
}
}
if (empty($found) || !file_exists($basedir . '/' . $file)) {
$msg = xarML('File not found');
throw new BadParameterException(null, $msg);
}
$ptid = xarModAPIFunc('publications', 'admin', 'importpubtype', array('file' => $basedir . '/' . $file));
} else {
$ptid = xarModAPIFunc('publications', 'admin', 'importpubtype', array('xml' => $xml));
}
if (empty($ptid)) {
return;
}
$data['warning'] = xarML('Publication type #(1) was successfully imported', $ptid);
}
natsort($files);
array_unshift($files, '');
foreach ($files as $file) {
$data['options'][] = array('id' => $file, 'name' => $file);
}
$data['authid'] = xarSecGenAuthKey();
return $data;
}
/**
* List the product attributes
*/
function shop_admin_attributes()
{
if (!xarVarFetch('startnum', 'isset', $data['startnum'], NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('user_id', 'isset', $user_id, NULL, XARVAR_DONT_SET)) {
return;
}
$objectname = 'shop_attributes';
$data['objectname'] = $objectname;
// Security check - important to do this as early as possible to avoid
// potential security holes or just too much wasted processing
if (!xarSecurityCheck('AdminShop')) {
return;
}
$data['items_per_page'] = xarModVars::get('shop', 'items_per_page');
// Load the DD master object class. This line will likely disappear in future versions
sys::import('modules.dynamicdata.class.objects.master');
// Get the object label for the template
$object = DataObjectMaster::getObject(array('name' => $objectname));
$data['label'] = $object->label;
// Get the fields to display in the admin interface
$config = $object->configuration;
if (!empty($config['adminfields'])) {
$data['adminfields'] = $config['adminfields'];
} else {
$data['adminfields'] = array_keys($object->getProperties());
}
// Get the object we'll be working with. Note this is a so called object list
$mylist = DataObjectMaster::getObjectList(array('name' => $objectname));
// Load the DD master property class. This line will likely disappear in future versions
sys::import('modules.dynamicdata.class.properties.master');
$data['sort'] = xarMod::ApiFunc('shop', 'admin', 'sort', array('sortfield_fallback' => 'ID', 'ascdesc_fallback' => 'ASC'));
// We have some filters for the items
$filters = array('startnum' => $data['startnum'], 'status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE, 'sort' => $data['sort']);
if (isset($user_id)) {
$filters['where'] = 'user_id eq ' . $user_id;
}
// Get the items
$items = $mylist->getItems($filters);
if (isset($user_id)) {
// Get the object we'll be working with. Note this is a so called object list
$mylist2 = DataObjectMaster::getObjectList(array('name' => 'shop_customers'));
$filters = array();
if (isset($user_id)) {
$filters['where'] = 'ID eq ' . $user_id;
}
$items2 = $mylist2->getItems($filters);
$data['fname'] = $items2[$user_id]['FirstName'];
$data['lname'] = $items2[$user_id]['LastName'];
}
$data['mylist'] = $mylist;
// Return the template variables defined in this function
return $data;
}
/**
* Used to get the current view the calendar is in (Day, Week, Month, Year)
*/
function calendar_userapi_currentView()
{
xarVarFetch('func', 'str::', $func, 'main', XARVAR_NOT_REQUIRED);
$valid = array('day', 'week', 'month', 'year');
$func = strtolower($func);
if (!in_array($func, $valid)) {
return xarModVars::get('calendar', 'default_view');
} else {
return $func;
}
}
public function update(array $data = array())
{
$args = array();
xarVarFetch('numitems', 'int', $args['numitems'], $this->numitems, XARVAR_NOT_REQUIRED);
xarVarFetch('showvalue', 'checkbox', $args['showvalue'], 0, XARVAR_NOT_REQUIRED);
xarVarFetch('showpubtype', 'checkbox', $args['showpubtype'], 0, XARVAR_NOT_REQUIRED);
xarVarFetch('showcategory', 'checkbox', $args['showcategory'], 0, XARVAR_NOT_REQUIRED);
xarVarFetch('showauthor', 'checkbox', $args['showauthor'], 0, XARVAR_NOT_REQUIRED);
$this->setContent($args);
return true;
}
function update(array $data = array())
{
$args = array();
xarVarFetch('pubtype_id', 'int', $args['pubtype_id'], $this->pubtype_id, XARVAR_NOT_REQUIRED);
xarVarFetch('pubstate', 'str', $args['pubstate'], $this->pubstate, XARVAR_NOT_REQUIRED);
xarVarFetch('displaytype', 'str', $args['displaytype'], $this->displaytype, XARVAR_NOT_REQUIRED);
xarVarFetch('fillerid', 'id', $args['fillerid'], $this->fillerid, XARVAR_NOT_REQUIRED);
xarVarFetch('alttitle', 'str', $args['alttitle'], $this->alttitle, XARVAR_NOT_REQUIRED);
xarVarFetch('alttext', 'str', $args['alttext'], $this->alttext, XARVAR_NOT_REQUIRED);
$this->setContent($args);
return true;
}
function publications_admin_stylesheet_type($args)
{
if (!xarSecurityCheck('AdminPublications')) {
return;
}
extract($args);
if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('ptid', 'id', $data['ptid'], xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('file', 'str', $data['file'], '', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('source_data', 'str', $data['source_data'], '', XARVAR_NOT_REQUIRED)) {
return;
}
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$pubtype = explode('_', $pubtypeobject->properties['name']->value);
$pubtype = isset($pubtype[1]) ? $pubtype[1] : $pubtype[0];
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$basepath = sys::code() . "modules/publications/xarstyles";
$sourcefile = $basepath . "/" . $data['file'] . ".css";
$overridepath = "themes/" . xarModVars::get('themes', 'default_theme') . "/modules/publications/style";
$overridefile = $overridepath . "/" . $data['file'] . ".css";
// If we are saving, write the file now
if ($confirm && !empty($data['file']) && !empty($data['source_data'])) {
xarMod::apiFunc('publications', 'admin', 'write_file', array('file' => $overridefile, 'data' => $data['source_data']));
}
// Let the template know what kind of file this is
if (empty($data['file'])) {
$data['filetype'] = 'empty';
$filepath = '';
$data['writable'] = 0;
} elseif (file_exists($overridefile)) {
$data['filetype'] = 'theme';
$filepath = $overridefile;
$data['writable'] = is_writable($overridefile);
} elseif (file_exists($sourcefile)) {
$data['filetype'] = 'module';
$filepath = $sourcefile;
$data['writable'] = is_writeable_dir($overridepath);
} else {
$data['filetype'] = 'unknown';
$filepath = $overridefile;
$data['writable'] = is_writeable_dir($overridepath);
}
$data['source_data'] = trim(xarMod::apiFunc('publications', 'admin', 'read_file', array('file' => $filepath)));
return $data;
}
public function update(array $data = array())
{
xarVarFetch('locale', 'str', $data['locale'], '', XARVAR_NOT_REQUIRED);
xarVarFetch('alttitle', 'str', $data['alttitle'], '', XARVAR_NOT_REQUIRED);
xarVarFetch('altsummary', 'str', $data['altsummary'], '', XARVAR_NOT_REQUIRED);
xarVarFetch('showtitle', 'checkbox', $data['showtitle'], false, XARVAR_NOT_REQUIRED);
xarVarFetch('showsummary', 'checkbox', $data['showsummary'], false, XARVAR_NOT_REQUIRED);
xarVarFetch('showpubdate', 'checkbox', $data['showpubdate'], false, XARVAR_NOT_REQUIRED);
xarVarFetch('showauthor', 'checkbox', $data['showauthor'], false, XARVAR_NOT_REQUIRED);
xarVarFetch('showsubmit', 'checkbox', $data['showsubmit'], false, XARVAR_NOT_REQUIRED);
$this->setContent($data);
return true;
}
function publications_admin_create()
{
if (!xarVarFetch('ptid', 'id', $data['ptid'])) {
return;
}
if (!xarVarFetch('new_cids', 'array', $cids, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('save', 'str', $save, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
// Confirm authorisation code
// This has been disabled for now
// if (!xarSecConfirmAuthKey()) return;
$data['items'] = array();
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$isvalid = $data['object']->checkInput();
$data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid']));
if ($data['preview'] || !$isvalid) {
// Show debug info if called for
if (!$isvalid && xarModVars::get('publications', 'debugmode') && in_array(xarUserGetVar('uname'), xarConfigVars::get(null, 'Site.User.DebugAdmins'))) {
var_dump($data['object']->getInvalids());
}
// Preview or bad data: redisplay the form
$data['properties'] = $data['object']->getProperties();
if ($data['preview']) {
$data['tab'] = 'preview';
}
return xarTplModule('publications', 'admin', 'new', $data);
}
// Create the object
$id = $data['object']->createItem();
// if we can edit publications, go to admin view, otherwise go to user view
if (xarSecurityCheck('EditPublications', 0, 'Publication', $data['ptid'] . ':All:All:All')) {
// Redirect if we came from somewhere else
$cuurent_listview = xarSession::getVar('publications_current_listview');
if (!empty($cuurent_listview)) {
xarController::redirect($cuurent_listview);
}
xarController::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $data['ptid'])));
} else {
xarController::redirect(xarModURL('publications', 'user', 'view', array('ptid' => $data['ptid'])));
}
return true;
}
/**
* Create a new product
*/
function shop_admin_newproduct()
{
// See if the current user has the privilege to add an item. We cannot pass any extra arguments here
if (!xarSecurityCheck('Addshop')) {
return;
}
if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) {
return;
}
$objectname = 'shop_products';
$data['objectname'] = $objectname;
// Load the DD master object class. This line will likely disappear in future versions
sys::import('modules.dynamicdata.class.objects.master');
$object = DataObjectMaster::getObject(array('name' => $objectname));
$data['label'] = $object->label;
$data['object'] = $object;
// Check if we are in 'preview' mode from the input here - the rest is handled by checkInput()
// Here we are testing for a button clicked, so we test for a string
if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) {
return;
}
// Check if we are submitting the form
// Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false)
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if ($data['confirm']) {
// Check for a valid confirmation key. The value is automatically gotten from the template
if (!xarSecConfirmAuthKey()) {
return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author'));
}
// Get the data from the form and see if it is all valid
// Either way the values are now stored in the object
$isvalid = $data['object']->checkInput();
if (!$isvalid) {
// Bad data: redisplay the form with the data we picked up and with error messages
return xarTplModule('shop', 'admin', 'newproduct', $data);
} elseif (isset($data['preview'])) {
// Show a preview, same thing as the above essentially
return xarTplModule('shop', 'admin', 'newproduct', $data);
} else {
$itemid = $data['object']->createItem();
// Jump to the next page
xarResponse::redirect(xarModURL('shop', 'admin', 'products'));
return true;
}
}
// Return the template variables defined in this function
return $data;
}
function calendar_admin_create_calendars()
{
// Get parameters
// TODO HELPNEEDED here: how do I handle this (e.g. missing calname should return a
// message
if (!xarVarFetch('add_calendar', 'isset', $add_calendar)) {
return;
}
if (!xarVarFetch('calname', 'str:1:', $calname)) {
return;
}
if (!xarVarFetch('addtype', 'str:1:', $addtype)) {
return;
}
if (!xarVarFetch('location', 'str:1:', $location, '', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('uri', 'str:1:', $uri, '', XARVAR_NOT_REQUIRED)) {
return;
}
// Confirm Auth Key
if (!xarSecConfirmAuthKey()) {
return;
}
// Security Check
// TODO
// if(!xarSecurityCheck('AddCalendar', 0, 'Calendar')) {return;}
// Check if module name has already been used.
$checkname = xarMod::apiFunc('calendar', 'user', 'get', array('calname' => $calname));
if (!empty($checkname)) {
$msg = xarML('Calendar name "#(1)" already exists. Please go back and enter a
different name', $calname);
throw new Exception($msg);
}
if ($addtype == 'db') {
$fileuri = 'a';
} elseif ($addtype == 'file') {
$fileuri = $location;
} elseif ($addtype == 'uri') {
$fileuri = $uri;
}
// Pass to API
$calid = xarMod::apiFunc('calendar', 'admin', 'create_calendars', array('calname' => $calname, 'fileuri' => $fileuri, 'addtype' => $addtype));
if (!$calid) {
return;
}
// Go on and edit the new instance
xarController::redirect(xarModURL('calendar', 'admin', 'add_calendars', array('calid' => $calid, 'calname' => $calname)));
}
/**
* Remove an item from the cart
*/
function shop_user_remove($args)
{
if (!xarVarFetch('id', 'isset', $pid, NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('returnurl', 'isset', $returnurl, NULL, XARVAR_DONT_SET)) {
return;
}
$shop = xarSession::getVar('shop');
unset($shop[$pid]);
xarSession::setVar('shop', $shop);
// Return the template variables defined in this function
xarResponse::redirect($returnurl);
return true;
}
function publications_admin_multiops()
{
// Get parameters
if (!xarVarFetch('idlist', 'isset', $idlist, NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('operation', 'isset', $operation, NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('redirecttarget', 'isset', $redirecttarget, NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('returnurl', 'str', $returnurl, NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('objectname', 'str', $objectname, 'listings_listing', XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('localmodule', 'str', $module, 'listings', XARVAR_DONT_SET)) {
return;
}
// Confirm authorisation code
//if (!xarSecConfirmAuthKey()) return;
// Catch missing params here, rather than below
if (empty($idlist)) {
return xarTplModule('publications', 'user', 'errors', array('layout' => 'no_items'));
}
if ($operation === '') {
return xarTplModule('publications', 'user', 'errors', array('layout' => 'no_operation'));
}
$ids = explode(',', $idlist);
switch ($operation) {
case 0:
foreach ($ids as $id => $val) {
if (empty($val)) {
continue;
}
// Get the item
$item = $object->getItem(array('itemid' => $val));
// Update it
if (!$object->deleteItem(array('state' => $operation))) {
return;
}
}
break;
}
return true;
}
function mailer_user_view_mailer()
{
if (!xarSecurityCheck('ReadMailer')) {
return;
}
if (!xarVarFetch('name', 'str', $name, 'mailer_mails', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) {
return;
}
$data['object'] = DataObjectMaster::getObject(array('name' => $name));
$data['object']->getItem(array('itemid' => $data['itemid']));
$data['tplmodule'] = 'mailer';
return $data;
}
/**
* redirect to a site based on some URL field of the item
*/
function publications_user_redirect($args)
{
// Get parameters from user
if (!xarVarFetch('id', 'id', $id, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
// Override if needed from argument array
extract($args);
if (!isset($id) || !is_numeric($id) || $id < 1) {
return xarML('Invalid publication ID');
}
// Load API
if (!xarModAPILoad('publications', 'user')) {
return;
}
// Get publication
$publication = xarModAPIFunc('publications', 'user', 'get', array('id' => $id));
if (!is_array($publication)) {
$msg = xarML('Failed to retrieve publication in #(3)_#(1)_#(2).php', 'user', 'get', 'publications');
throw new DataNotFoundException(null, $msg);
}
$ptid = $publication['pubtype_id'];
// Get publication types
$pubtypes = xarModAPIFunc('publications', 'user', 'get_pubtypes');
// TODO: improve this e.g. when multiple URL fields are present
// Find an URL field based on the pubtype configuration
foreach ($pubtypes[$ptid]['config'] as $field => $value) {
if (empty($value['label'])) {
continue;
}
if ($value['format'] == 'url' && !empty($publication[$field]) && $publication[$field] != 'http://') {
// TODO: add some verifications here !
$hooks = xarModCallHooks('item', 'display', $id, array('module' => 'publications', 'itemtype' => $ptid), 'publications');
xarController::redirect($article[$field]);
return true;
} elseif ($value['format'] == 'urltitle' && !empty($publication[$field]) && substr($publication[$field], 0, 2) == 'a:') {
$array = unserialize($publication[$field]);
if (!empty($array['link']) && $array['link'] != 'http://') {
$hooks = xarModCallHooks('item', 'display', $id, array('module' => 'publications', 'itemtype' => $ptid), 'publications');
xarController::redirect($array['link']);
return true;
}
}
}
return xarML('Unable to find valid redirect field');
}
