/**
* View items of the wurfl object
*
*/
function wurfl_admin_view($args)
{
if (!xarSecurityCheck('ManageWurfl')) {
return;
}
$modulename = 'wurfl';
// Define which object will be shown
if (!xarVarFetch('objectname', 'str', $objectname, null, XARVAR_DONT_SET)) {
return;
}
if (!empty($objectname)) {
xarModUserVars::set($modulename, 'defaultmastertable', $objectname);
}
// Set a return url
xarSession::setVar('ddcontext.' . $modulename, array('return_url' => xarServer::getCurrentURL()));
// Get the available dropdown options
$object = DataObjectMaster::getObjectList(array('objectid' => 1));
$data['objectname'] = xarModUserVars::get($modulename, 'defaultmastertable');
$items = $object->getItems();
$options = array();
foreach ($items as $item) {
if (strpos($item['name'], $modulename) !== false) {
$options[] = array('id' => $item['name'], 'name' => $item['name']);
}
}
$data['options'] = $options;
return $data;
}
function publications_admin_modify_pubtype($args)
{
if (!xarSecurityCheck('AdminPublications')) {
return;
}
extract($args);
// Get parameters
if (!xarVarFetch('itemid', 'isset', $data['itemid'], NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('returnurl', 'str:1', $data['returnurl'], 'view', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('name', 'str:1', $name, '', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('tab', 'str:1', $data['tab'], '', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if (empty($name) && empty($itemid)) {
return xarResponse::NotFound();
}
// Get our object
$data['object'] = DataObjectMaster::getObject(array('name' => 'publications_types'));
if (!empty($data['itemid'])) {
$data['object']->getItem(array('itemid' => $data['itemid']));
} else {
$type_list = DataObjectMaster::getObjectList(array('name' => 'publications_types'));
$where = 'name = ' . $name;
$items = $type_list->getItems(array('where' => $where));
$item = current($items);
$data['object']->getItem(array('itemid' => $item['id']));
}
// Send the publication type and the object properties to the template
$data['properties'] = $data['object']->getProperties();
// Get the settings of the publication type we are using
$data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['itemid']));
if ($data['confirm']) {
// Check for a valid confirmation key
if (!xarSecConfirmAuthKey()) {
return;
}
// Get the data from the form
$isvalid = $data['object']->checkInput();
if (!$isvalid) {
// Bad data: redisplay the form with error messages
return xarTplModule('publications', 'admin', 'modify_pubtype', $data);
} else {
// Good data: create the item
$itemid = $data['object']->updateItem(array('itemid' => $data['itemid']));
// Jump to the next page
xarController::redirect(xarModURL('publications', 'admin', 'view_pubtypes'));
return true;
}
}
return $data;
}
/**
* View the cart
*/
function shop_user_viewcart()
{
// If the user returns to the cart after taking other steps, unset any errors from earlier in the session.
xarSession::delVar('errors');
sys::import('modules.dynamicdata.class.objects.master');
$subtotals = array();
$products = array();
$total = 0;
// May want to display cust info with the cart...
$cust = xarMod::APIFunc('shop', 'user', 'customerinfo');
$data['cust'] = $cust;
$shop = xarSession::getVar('shop');
foreach ($shop as $pid => $val) {
// If this post variable is set, we must need to update the quantity
if (isset($_POST['qty' . $pid])) {
unset($qty_new);
// Have to unset this since we're in a foreach
if (!xarVarFetch('qty' . $pid, 'isset', $qty_new, NULL, XARVAR_DONT_SET)) {
return;
}
if ($qty_new == 0) {
unset($shop[$pid]);
} else {
$shop[$pid]['qty'] = $qty_new;
}
}
// If the quantity hasn't been set to zero, add it to the $products array...
if (isset($shop[$pid])) {
// Commas in the quantity seem to mess up our math
$products[$pid]['qty'] = str_replace(',', '', $shop[$pid]['qty']);
// Get the product info
$object = DataObjectMaster::getObject(array('name' => 'shop_products'));
$some_id = $object->getItem(array('itemid' => $pid));
$values = $object->getFieldValues();
$products[$pid]['title'] = xarVarPrepForDisplay($values['title']);
$products[$pid]['price'] = $values['price'];
$subtotal = $values['price'] * $products[$pid]['qty'];
$subtotals[] = $subtotal;
// so we can use array_sum() to add it all up
if (substr($subtotal, 0, 1) == '.') {
$subtotal = '0' . $subtotal;
}
$products[$pid]['subtotal'] = number_format($subtotal, 2);
}
}
xarSession::setVar('shop', $shop);
$total = array_sum($subtotals);
// Add a zero to the front of the number if it starts with a decimal...
if (substr($total, 0, 1) == '.') {
$total = '0' . $total;
}
$total = number_format($total, 2);
xarSession::setVar('products', $products);
// update the session variable
$data['products'] = $products;
// don't want too much session stuff in the templates
xarSession::setVar('total', $total);
$data['total'] = $total;
return $data;
}
function publications_user_new($args)
{
extract($args);
// Get parameters
if (!xarVarFetch('ptid', 'id', $data['ptid'], xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('catid', 'str', $catid, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemtype', 'id', $itemtype, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
$data['items'] = array();
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$data['properties'] = $data['object']->getProperties();
if (!empty($data['ptid'])) {
$template = $pubtypeobject->properties['template']->value;
} else {
// TODO: allow templates per category ?
$template = null;
}
// Get the settings of the publication type we are using
$data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid']));
return xarTplModule('publications', 'admin', 'new', $data, $template);
}
function wurfl_admin_delete()
{
if (!xarSecurityCheck('ManageWurfl')) {
return;
}
if (!xarVarFetch('name', 'str:1', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemid', 'int', $data['itemid'], '', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('confirm', 'str:1', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
$data['object'] = DataObjectMaster::getObject(array('name' => $name));
$data['object']->getItem(array('itemid' => $data['itemid']));
$data['tplmodule'] = 'wurfl';
$data['authid'] = xarSecGenAuthKey('wurfl');
if ($data['confirm']) {
// Check for a valid confirmation key
if (!xarSecConfirmAuthKey()) {
return;
}
// Delete the item
$item = $data['object']->deleteItem();
// Jump to the next page
xarController::redirect(xarModURL('wurfl', 'admin', 'view'));
return true;
}
return $data;
}
/**
* Get products
*/
function shop_userapi_getproducts($args)
{
$startnum = 1;
extract($args);
if (!xarSecurityCheck('ViewShop')) {
return;
}
if (!isset($items_per_page)) {
$items_per_page = xarModVars::get('shop', 'items_per_page');
}
$data['items_per_page'] = $items_per_page;
// Load the DD master object class. This line will likely disappear in future versions
sys::import('modules.dynamicdata.class.objects.master');
sys::import('modules.dynamicdata.class.properties.master');
// Get the object we'll be working with. Note this is a so called object list
$mylist = DataObjectMaster::getObjectList(array('name' => 'shop_products'));
$data['sort'] = xarMod::ApiFunc('shop', 'admin', 'sort', array('sortfield_fallback' => 'id', 'ascdesc_fallback' => 'ASC'));
// We have some filters for the items
$filters = array('startnum' => $startnum, 'status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE, 'sort' => $data['sort']);
if (isset($where)) {
$filters['where'] = $where;
}
// Get the items
$products = $mylist->getItems($filters);
// return the products
$data['products'] = $products;
// Return the template variables defined in this function
return $data;
}
/**
* Modify a customer
*/
function shop_admin_modifycustomer()
{
if (!xarVarFetch('itemid', 'id', $data['itemid'], NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
$objectname = 'shop_customers';
$data['objectname'] = $objectname;
// Check if we still have no id of the item to modify.
if (empty($data['itemid'])) {
$msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'admin', 'modify', 'shop');
throw new Exception($msg);
}
if (!xarSecurityCheck('AdminShop', 1, 'Item', $data['itemid'])) {
return;
}
sys::import('modules.dynamicdata.class.objects.master');
$object = DataObjectMaster::getObject(array('name' => $objectname));
$data['object'] = $object;
$data['label'] = $object->label;
$object->getItem(array('itemid' => $data['itemid']));
$values = $object->getFieldValues();
foreach ($values as $name => $value) {
$data[$name] = xarVarPrepForDisplay($value);
}
$rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users'));
$rolesobject->getItem(array('itemid' => $data['itemid']));
if ($data['confirm']) {
// Check for a valid confirmation key
if (!xarSecConfirmAuthKey()) {
return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author'));
}
// Get the data from the form
$isvalid = $object->checkInput();
if (!$isvalid) {
// Bad data: redisplay the form with the data we picked up and with error messages
return xarTplModule('shop', 'admin', 'modifycustomer', $data);
} elseif (isset($data['preview'])) {
// Show a preview, same thing as the above essentially
return xarTplModule('shop', 'admin', 'modifycustomer', $data);
} else {
$first_name = $object->properties['first_name']->getValue();
$last_name = $object->properties['last_name']->getValue();
$rolesobject->properties['name']->setValue($first_name . ' ' . $last_name);
$rolesobject->updateItem();
$object->updateItem();
// Jump to the next page
xarResponse::redirect(xarModURL('shop', 'admin', 'modifycustomer', array('itemid' => $data['itemid'])));
return $data;
}
} else {
// Get that specific item of the object
$object->getItem(array('itemid' => $data['itemid']));
}
// Return the template variables defined in this function
return $data;
}
/**
* Create a new customer
*/
function shop_user_newcustomer()
{
if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('returnurl', 'str', $returnurl, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
sys::import('modules.dynamicdata.class.objects.master');
$rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users'));
$data['properties'] = $rolesobject->properties;
// Check if we are in 'preview' mode from the input here - the rest is handled by checkInput()
// Here we are testing for a button clicked, so we test for a string
if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) {
return;
}
// Check if we are submitting the form
// Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false)
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if ($data['confirm']) {
// Check for a valid confirmation key. The value is automatically gotten from the template
if (!xarSecConfirmAuthKey()) {
return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author'));
}
// Get the data from the form and see if it is all valid
// Either way the values are now stored in the object
$isvalid = $rolesobject->properties['email']->checkInput();
$isvalid2 = $rolesobject->properties['password']->checkInput();
if (!$isvalid || !$isvalid2) {
// Bad data: redisplay the form with the data we picked up and with error messages
return xarTplModule('shop', 'user', 'newcustomer', $data);
} else {
$email = $rolesobject->properties['email']->getValue();
$password = $rolesobject->properties['password']->getValue();
$rolesobject->properties['name']->setValue($email);
$rolesobject->properties['email']->setValue($email);
$rolesobject->properties['uname']->setValue($email);
$rolesobject->properties['password']->setValue($password);
$rolesobject->properties['state']->setValue(3);
$authmodule = (int) xarMod::getID('shop');
$rolesobject->properties['authmodule']->setValue($authmodule);
$uid = $rolesobject->createItem();
$custobject = DataObjectMaster::getObject(array('name' => 'shop_customers'));
$custobject->createItem(array('id' => $uid));
if (isset($returnurl)) {
xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $password));
xarResponse::redirect($returnurl);
} else {
xarResponse::redirect(xarModURL('shop'));
}
// Always add the next line even if processing never reaches it
return true;
}
}
// Return the template variables defined in this function
return $data;
}
function publications_admin_templates_page($args)
{
if (!xarSecurityCheck('AdminPublications')) {
return;
}
extract($args);
if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('ptid', 'id', $data['ptid'], 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemid', 'id', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('file', 'str', $data['file'], 'summary', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('source_data', 'str', $data['source_data'], '', XARVAR_NOT_REQUIRED)) {
return;
}
if (empty($data['itemid']) || empty($data['ptid'])) {
return xarResponse::NotFound();
}
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$pubtype = explode('_', $pubtypeobject->properties['name']->value);
$pubtype = isset($pubtype[1]) ? $pubtype[1] : $pubtype[0];
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$basepath = sys::code() . "modules/publications/xartemplates/objects/" . $pubtype;
$sourcefile = $basepath . "/" . $data['file'] . "_" . $data['itemid'] . ".xt";
$overridepath = "themes/" . xarModVars::get('themes', 'default_theme') . "/modules/publications/objects/" . $pubtype;
$overridefile = $overridepath . "/" . $data['file'] . "-" . $data['itemid'] . ".xt";
// If we are saving, write the file now
if ($confirm && !empty($data['source_data'])) {
xarMod::apiFunc('publications', 'admin', 'write_file', array('file' => $overridefile, 'data' => $data['source_data']));
}
// Let the template know what kind of file this is
if (file_exists($overridefile)) {
$data['filetype'] = 'theme';
$filepath = $overridefile;
$data['writable'] = is_writable($overridefile);
} else {
$data['filetype'] = 'module';
$filepath = $sourcefile;
$data['writable'] = is_writeable_dir($overridepath);
}
$data['source_data'] = trim(xarMod::apiFunc('publications', 'admin', 'read_file', array('file' => $filepath)));
// Initialize the template
if (empty($data['source_data'])) {
$data['source_data'] = '<xar:template xmlns:xar="http://xaraya.com/2004/blocklayout">';
$data['source_data'] .= "\n";
$data['source_data'] .= "\n" . '</xar:template>';
}
$data['files'] = array(array('id' => 'summary', 'name' => 'summary display'), array('id' => 'detail', 'name' => 'detail display'));
return $data;
}
/**
* List the product attributes
*/
function shop_admin_attributes()
{
if (!xarVarFetch('startnum', 'isset', $data['startnum'], NULL, XARVAR_DONT_SET)) {
return;
}
if (!xarVarFetch('user_id', 'isset', $user_id, NULL, XARVAR_DONT_SET)) {
return;
}
$objectname = 'shop_attributes';
$data['objectname'] = $objectname;
// Security check - important to do this as early as possible to avoid
// potential security holes or just too much wasted processing
if (!xarSecurityCheck('AdminShop')) {
return;
}
$data['items_per_page'] = xarModVars::get('shop', 'items_per_page');
// Load the DD master object class. This line will likely disappear in future versions
sys::import('modules.dynamicdata.class.objects.master');
// Get the object label for the template
$object = DataObjectMaster::getObject(array('name' => $objectname));
$data['label'] = $object->label;
// Get the fields to display in the admin interface
$config = $object->configuration;
if (!empty($config['adminfields'])) {
$data['adminfields'] = $config['adminfields'];
} else {
$data['adminfields'] = array_keys($object->getProperties());
}
// Get the object we'll be working with. Note this is a so called object list
$mylist = DataObjectMaster::getObjectList(array('name' => $objectname));
// Load the DD master property class. This line will likely disappear in future versions
sys::import('modules.dynamicdata.class.properties.master');
$data['sort'] = xarMod::ApiFunc('shop', 'admin', 'sort', array('sortfield_fallback' => 'ID', 'ascdesc_fallback' => 'ASC'));
// We have some filters for the items
$filters = array('startnum' => $data['startnum'], 'status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE, 'sort' => $data['sort']);
if (isset($user_id)) {
$filters['where'] = 'user_id eq ' . $user_id;
}
// Get the items
$items = $mylist->getItems($filters);
if (isset($user_id)) {
// Get the object we'll be working with. Note this is a so called object list
$mylist2 = DataObjectMaster::getObjectList(array('name' => 'shop_customers'));
$filters = array();
if (isset($user_id)) {
$filters['where'] = 'ID eq ' . $user_id;
}
$items2 = $mylist2->getItems($filters);
$data['fname'] = $items2[$user_id]['FirstName'];
$data['lname'] = $items2[$user_id]['LastName'];
}
$data['mylist'] = $mylist;
// Return the template variables defined in this function
return $data;
}
function calendar_adminapi_hookcreate($data)
{
if (!isset($data['extrainfo']) || !is_array($data['extrainfo'])) {
$data['extrainfo'] = array();
}
// When called via hooks, modname will be empty, but we get it from the
// extrainfo or the current module
if (empty($data['module'])) {
if (!empty($data['extrainfo']['module'])) {
$data['module'] = $data['extrainfo']['module'];
} else {
$data['module'] = xarMod::getName();
}
}
$data['module_id'] = xarMod::getID($data['module']);
if (empty($data['module_id'])) {
throw new IDNotFoundException("module id for " . $data['modname']);
}
if (!isset($data['itemtype']) || !is_numeric($data['itemtype'])) {
if (isset($data['extrainfo']['itemtype']) && is_numeric($data['extrainfo']['itemtype'])) {
$data['itemtype'] = $data['extrainfo']['itemtype'];
} else {
$data['itemtype'] = 0;
}
}
if (!isset($data['itemid']) || !is_numeric($data['itemid'])) {
if (isset($data['extrainfo']['item_id']) && is_numeric($data['extrainfo']['item_id'])) {
$data['itemid'] = $data['extrainfo']['item_id'];
} else {
$data['itemid'] = 0;
}
}
$data['extrainfo']['module_id'] = $data['module_id'];
$data['extrainfo']['itemtype'] = $data['itemtype'];
$data['extrainfo']['item_id'] = $data['itemid'];
$data['extrainfo']['name'] = isset($data['extrainfo']['name']) ? $data['extrainfo']['name'] : xarML('Unknown Event');
$data['extrainfo']['start_time'] = isset($data['extrainfo']['start_time']) ? $data['extrainfo']['start_time'] : time();
$data['extrainfo']['duration'] = isset($data['extrainfo']['duration']) ? $data['extrainfo']['duration'] : 60;
$data['extrainfo']['end_time'] = isset($data['extrainfo']['end_time']) ? $data['extrainfo']['end_time'] : $data['extrainfo']['start_time'] + $data['extrainfo']['duration'];
$data['extrainfo']['recurring_code'] = isset($data['extrainfo']['recurring_code']) ? $data['extrainfo']['recurring_code'] : 0;
$data['extrainfo']['recurring_span'] = isset($data['extrainfo']['recurring_span']) ? $data['extrainfo']['recurring_span'] : 0;
$data['extrainfo']['start_location'] = isset($data['extrainfo']['start_location']) ? $data['extrainfo']['start_location'] : null;
$data['extrainfo']['end_location'] = isset($data['extrainfo']['end_location']) ? $data['extrainfo']['end_location'] : null;
$data['extrainfo']['object_id'] = isset($data['extrainfo']['object_id']) ? $data['extrainfo']['object_id'] : 0;
$data['extrainfo']['role_id'] = isset($data['extrainfo']['role_id']) ? $data['extrainfo']['role_id'] : xarSession::getVar('role_id');
$data['extrainfo']['return_link'] = isset($data['extrainfo']['return_link']) ? $data['extrainfo']['return_link'] : '';
$data['extrainfo']['state'] = isset($data['extrainfo']['state']) ? $data['extrainfo']['state'] : 3;
$data['extrainfo']['timestamp'] = isset($data['extrainfo']['timestamp']) ? $data['extrainfo']['timestamp'] : time();
$data['extrainfo']['itemid'] = 0;
$object = DataObjectMaster::getObject(array('name' => 'calendar_event'));
$item = $object->createItem($data['extrainfo']);
return $data['extrainfo'];
}
function publications_admin_stylesheet_type($args)
{
if (!xarSecurityCheck('AdminPublications')) {
return;
}
extract($args);
if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('ptid', 'id', $data['ptid'], xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('file', 'str', $data['file'], '', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('source_data', 'str', $data['source_data'], '', XARVAR_NOT_REQUIRED)) {
return;
}
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$pubtype = explode('_', $pubtypeobject->properties['name']->value);
$pubtype = isset($pubtype[1]) ? $pubtype[1] : $pubtype[0];
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$basepath = sys::code() . "modules/publications/xarstyles";
$sourcefile = $basepath . "/" . $data['file'] . ".css";
$overridepath = "themes/" . xarModVars::get('themes', 'default_theme') . "/modules/publications/style";
$overridefile = $overridepath . "/" . $data['file'] . ".css";
// If we are saving, write the file now
if ($confirm && !empty($data['file']) && !empty($data['source_data'])) {
xarMod::apiFunc('publications', 'admin', 'write_file', array('file' => $overridefile, 'data' => $data['source_data']));
}
// Let the template know what kind of file this is
if (empty($data['file'])) {
$data['filetype'] = 'empty';
$filepath = '';
$data['writable'] = 0;
} elseif (file_exists($overridefile)) {
$data['filetype'] = 'theme';
$filepath = $overridefile;
$data['writable'] = is_writable($overridefile);
} elseif (file_exists($sourcefile)) {
$data['filetype'] = 'module';
$filepath = $sourcefile;
$data['writable'] = is_writeable_dir($overridepath);
} else {
$data['filetype'] = 'unknown';
$filepath = $overridefile;
$data['writable'] = is_writeable_dir($overridepath);
}
$data['source_data'] = trim(xarMod::apiFunc('publications', 'admin', 'read_file', array('file' => $filepath)));
return $data;
}
/**
* Show some predefined form field in a template
*
* @param $args array containing the definition of the field (object, itemid, property, value, ...)
* @return string containing the HTML (or other) text to output in the BL template
*/
function publications_userapi_fieldoutput($args)
{
extract($args);
if (!isset($object) || !isset($itemid) || !isset($field)) {
return '';
}
sys::import('modules.dynamicdata.class.objects.master');
$object = DataObjectMaster::getObject(array('name' => $object));
$itemid = xarMod::apiFunc('publications', 'user', 'gettranslationid', array('id' => $itemid));
$object->getItem(array('itemid' => $itemid));
$field = $object->properties[$field]->getValue();
return $field;
}
/**
* Create a new product
*/
function shop_admin_newproduct()
{
// See if the current user has the privilege to add an item. We cannot pass any extra arguments here
if (!xarSecurityCheck('Addshop')) {
return;
}
if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) {
return;
}
$objectname = 'shop_products';
$data['objectname'] = $objectname;
// Load the DD master object class. This line will likely disappear in future versions
sys::import('modules.dynamicdata.class.objects.master');
$object = DataObjectMaster::getObject(array('name' => $objectname));
$data['label'] = $object->label;
$data['object'] = $object;
// Check if we are in 'preview' mode from the input here - the rest is handled by checkInput()
// Here we are testing for a button clicked, so we test for a string
if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) {
return;
}
// Check if we are submitting the form
// Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false)
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
if ($data['confirm']) {
// Check for a valid confirmation key. The value is automatically gotten from the template
if (!xarSecConfirmAuthKey()) {
return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author'));
}
// Get the data from the form and see if it is all valid
// Either way the values are now stored in the object
$isvalid = $data['object']->checkInput();
if (!$isvalid) {
// Bad data: redisplay the form with the data we picked up and with error messages
return xarTplModule('shop', 'admin', 'newproduct', $data);
} elseif (isset($data['preview'])) {
// Show a preview, same thing as the above essentially
return xarTplModule('shop', 'admin', 'newproduct', $data);
} else {
$itemid = $data['object']->createItem();
// Jump to the next page
xarResponse::redirect(xarModURL('shop', 'admin', 'products'));
return true;
}
}
// Return the template variables defined in this function
return $data;
}
function publications_admin_create()
{
if (!xarVarFetch('ptid', 'id', $data['ptid'])) {
return;
}
if (!xarVarFetch('new_cids', 'array', $cids, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('save', 'str', $save, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
// Confirm authorisation code
// This has been disabled for now
// if (!xarSecConfirmAuthKey()) return;
$data['items'] = array();
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$isvalid = $data['object']->checkInput();
$data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid']));
if ($data['preview'] || !$isvalid) {
// Show debug info if called for
if (!$isvalid && xarModVars::get('publications', 'debugmode') && in_array(xarUserGetVar('uname'), xarConfigVars::get(null, 'Site.User.DebugAdmins'))) {
var_dump($data['object']->getInvalids());
}
// Preview or bad data: redisplay the form
$data['properties'] = $data['object']->getProperties();
if ($data['preview']) {
$data['tab'] = 'preview';
}
return xarTplModule('publications', 'admin', 'new', $data);
}
// Create the object
$id = $data['object']->createItem();
// if we can edit publications, go to admin view, otherwise go to user view
if (xarSecurityCheck('EditPublications', 0, 'Publication', $data['ptid'] . ':All:All:All')) {
// Redirect if we came from somewhere else
$cuurent_listview = xarSession::getVar('publications_current_listview');
if (!empty($cuurent_listview)) {
xarController::redirect($cuurent_listview);
}
xarController::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $data['ptid'])));
} else {
xarController::redirect(xarModURL('publications', 'user', 'view', array('ptid' => $data['ptid'])));
}
return true;
}
public function display()
{
$data = $this->getContent();
// Setup featured item
if ($data['fillerid'] > 0) {
$fillerid = xarMod::apiFunc('publications', 'user', 'gettranslationid', array('id' => $data['fillerid']));
$ptid = xarMod::apiFunc('publications', 'user', 'getitempubtype', array('itemid' => $data['fillerid']));
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $ptid));
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$data['object']->getItem(array('itemid' => $data['fillerid']));
return $data;
}
return;
}
function publications_adminapi_getpubtypeaccess($args)
{
if (!isset($args['ptid'])) {
throw new Exception(xarML('Missing ptid param in publications_adminapi_getpubtypeaccess'));
}
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
if (null == $pubtypeobject) {
return false;
}
$pubtypeobject->getItem(array('itemid' => $args['ptid']));
if (empty($pubtypeobject->properties['access']->value)) {
return "a:0:{}";
}
return $pubtypeobject->properties['access']->value;
}
function mailer_user_view_mailer()
{
if (!xarSecurityCheck('ReadMailer')) {
return;
}
if (!xarVarFetch('name', 'str', $name, 'mailer_mails', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) {
return;
}
$data['object'] = DataObjectMaster::getObject(array('name' => $name));
$data['object']->getItem(array('itemid' => $data['itemid']));
$data['tplmodule'] = 'mailer';
return $data;
}
/**
* Get all product attributes
*/
function shop_adminapi_getattributes()
{
$objectname = 'shop_attributes';
sys::import('modules.dynamicdata.class.objects.master');
// Get the object we'll be working with. Note this is a so called object list
$mylist = DataObjectMaster::getObjectList(array('name' => $objectname));
// We have some filters for the items
$filters = array('status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE);
// Get the items
$items = $mylist->getItems($filters);
foreach ($items as $item) {
$id = $item['id'];
$array[$id] = $item['name'] . ' (ID: ' . $item['id'] . ')';
}
return $array;
}
/**
* Start the checkout process -- user can create account or log into existing account
*/
function shop_user_start()
{
// Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be
if (xarUserIsLoggedIn()) {
xarResponse::redirect(xarModURL('shop', 'user', 'viewcart'));
return true;
}
$shop = xarSession::getVar('shop');
if (empty($shop)) {
xarResponse::redirect(xarModURL('shop', 'user', 'main'));
return true;
}
sys::import('modules.dynamicdata.class.objects.master');
sys::import('modules.dynamicdata.class.properties.master');
$rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users'));
$properties = $rolesobject->properties;
$data['properties'] = $properties;
$isvalid = $rolesobject->properties['email']->checkInput();
$isvalid2 = $rolesobject->properties['password']->checkInput();
if ($isvalid && $isvalid2) {
if (!xarSecConfirmAuthKey()) {
// right time to do this??
return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author'));
}
// Create the role and the customer object and then log in
$email = $rolesobject->properties['email']->getValue();
$password = $rolesobject->properties['password']->getValue();
$values['name'] = $email;
$values['email'] = $email;
$values['uname'] = $email;
$values['password'] = $password;
$values['state'] = 3;
$rolesobject->setFieldValues($values, 1);
$uid = $rolesobject->createItem();
$custobject = DataObjectMaster::getObject(array('name' => 'shop_customers'));
$custobject->createItem(array('id' => $uid));
$name = 'dd_' . $properties['password']->id;
$vals = $properties['password']->fetchValue($name);
$pass = $vals[1][0];
$res = xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $pass));
xarResponse::redirect(xarModURL('shop', 'user', 'shippingaddress'));
return true;
} else {
// We don't yet have a valid email or password for registration...
return xarTplModule('shop', 'user', 'start', $data);
}
}
/**
* Get just one set of attributes
*/
function shop_adminapi_getproductattributes($args)
{
extract($args);
$objectname = 'shop_attributes';
sys::import('modules.dynamicdata.class.objects.master');
// Get the object we'll be working with. Note this is a so called object list
$mylist = DataObjectMaster::getObjectList(array('name' => $objectname));
// We have some filters for the items
$filters = array('status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE);
$filters['where'] = 'id eq ' . $id;
// Get the items
$items = $mylist->getItems($filters);
foreach ($items as $item) {
$attributes = $item['options'];
}
return $attributes;
}
/**
* Display a product
*/
function shop_user_product($args)
{
if (!xarVarFetch('itemid', 'id', $itemid, NULL, XARVAR_DONT_SET)) {
return;
}
extract($args);
if (!empty($objectid)) {
$itemid = $objectid;
}
if (empty($itemid)) {
$msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'user', 'display', 'shop');
throw new Exception($msg);
}
// Make sure user has read privileges for the item
if (!xarSecurityCheck('ReadShop', 1, 'Item', $itemid)) {
return;
}
// Load the DD master object class. This line will likely disappear in future versions
sys::import('modules.dynamicdata.class.objects.master');
// Get the object definition we'll be working with
$object = DataObjectMaster::getObject(array('name' => 'shop_products'));
$data['object'] = $object;
//We don't really have the item until we call getItem()
$some_id = $object->getItem(array('itemid' => $itemid));
//Make sure we got something
if (!isset($some_id) || $some_id != $itemid) {
return;
}
//Get the property names and values for the item with the getFieldValues() method
$values = $object->getFieldValues();
$data['itemid'] = $itemid;
//$values is an associative array of property names and values, so...
foreach ($values as $name => $value) {
$data[$name] = xarVarPrepForDisplay($value);
}
$data['editurl'] = '';
if (xarSecurityCheck('EditShop', 1)) {
$data['editurl'] = xarModURL('shop', 'admin', 'modify', array('itemid' => $itemid, 'name' => 'shop_products'));
}
return xarTplModule('shop', 'user', 'product', $data);
}
/**
* Get the items currently in the cart
*/
function shop_userapi_getcartproducts($args)
{
sys::import('modules.dynamicdata.class.objects.master');
$total = 0;
$shop = xarSession::getVar('shop');
if (empty($shop)) {
return;
}
foreach ($shop as $pid => $val) {
// if this post variable is set, we must need to update the quantity
if (isset($_POST['qty' . $pid])) {
unset($qty_new);
if (!xarVarFetch('qty' . $pid, 'isset', $qty_new, NULL, XARVAR_DONT_SET)) {
return;
}
$shop[$pid]['qty'] = $qty_new;
}
$products[$pid]['qty'] = $shop[$pid]['qty'];
$object = DataObjectMaster::getObject(array('name' => 'shop_products'));
$some_id = $object->getItem(array('itemid' => $pid));
$values = $object->getFieldValues();
$products[$pid]['title'] = xarVarPrepForDisplay($values['title']);
$price = $values['price'];
if (substr($price, 0, 1) == '.') {
$price = '0' . $price;
}
$products[$pid]['price'] = $price;
$subtotal = $values['price'] * $products[$pid]['qty'];
$subtotals[] = $subtotal;
$products[$pid]['subtotal'] = number_format($subtotal, 2);
}
xarSession::setVar('shop', $shop);
$total = array_sum($subtotals);
$total = number_format($total, 2);
if (substr($total, 0, 1) == '.') {
$total = '0' . $total;
}
$productinfo['products'] = $products;
$productinfo['total'] = $total;
return $productinfo;
}
function publications_user_create()
{
if (!xarVarFetch('ptid', 'id', $data['ptid'])) {
return;
}
if (!xarVarFetch('new_cids', 'array', $cids, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('save', 'str', $save, NULL, XARVAR_NOT_REQUIRED)) {
return;
}
// Confirm authorisation code
// This has been disabled for now
// if (!xarSecConfirmAuthKey()) return;
$data['items'] = array();
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value));
$isvalid = $data['object']->checkInput();
$data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid']));
if ($data['preview'] || $isvalid) {
// Preview or bad data: redisplay the form
$data['properties'] = $data['object']->getProperties();
if ($data['preview']) {
$data['tab'] = 'preview';
}
return xarTplModule('publications', 'user', 'new', $data);
}
// Create the object
$id = $data['object']->createItem();
// if we can edit publications, go to admin view, otherwise go to user view
if (xarSecurityCheck('EditPublications', 0, 'Publication', $data['ptid'] . ':All:All:All')) {
xarResponse::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $data['ptid'])));
} else {
xarResponse::redirect(xarModURL('publications', 'user', 'view', array('ptid' => $data['ptid'])));
}
return true;
}
function publications_userapi_getsettings($data)
{
if (empty($data['ptid'])) {
throw new Exception('Missing publication type for caching');
}
// If already cached, then get that
if (xarCore::isCached('publications', 'context' . $data['ptid'])) {
return xarCore::getCached('publications', 'context' . $data['ptid']);
}
$pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types'));
$pubtypeobject->getItem(array('itemid' => $data['ptid']));
$pubtypesettings = @unserialize($pubtypeobject->properties['configuration']->getValue());
$globalsettings = publications_userapi_getglobalsettings();
if (is_array($pubtypesettings)) {
$settings = $pubtypesettings + $globalsettings;
} else {
$settings = $globalsettings;
}
xarCore::setCached('publications', 'context' . $data['ptid'], $settings);
return $settings;
}
/**
* Get customer info
*/
function shop_userapi_customerinfo($args)
{
$values = array();
if (xarUserIsLoggedIn()) {
$id = xarUserGetVar('id');
}
extract($args);
if (isset($id)) {
sys::import('modules.dynamicdata.class.objects.master');
$custobject = DataObjectMaster::getObject(array('name' => 'shop_customers'));
$some_id = $custobject->getItem(array('itemid' => $id));
if (!$some_id) {
//This user must have a role but no customer account. This probably happened because a web admin uninstalled the shop module, deleting all the customer accounts but not deleting the associated roles. Let's re-create the customer record with just the id so we don't get snagged later
$id = $custobject->createItem(array('id' => $id));
$custobject->getItem(array('itemid' => $id));
}
$values = $custobject->getFieldValues();
return $values;
} else {
return;
}
}
function wurfl_admin_modify()
{
if (!xarSecurityCheck('EditWurfl')) {
return;
}
if (!xarVarFetch('name', 'str', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
$data['object'] = DataObjectMaster::getObject(array('name' => $name));
$data['object']->getItem(array('itemid' => $data['itemid']));
$data['tplmodule'] = 'wurfl';
$data['authid'] = xarSecGenAuthKey('wurfl');
if ($data['confirm']) {
// Check for a valid confirmation key
if (!xarSecConfirmAuthKey()) {
return;
}
// Get the data from the form
$isvalid = $data['object']->checkInput();
if (!$isvalid) {
// Bad data: redisplay the form with error messages
return xarTplModule('wurfl', 'admin', 'modify', $data);
} else {
// Good data: create the item
$itemid = $data['object']->updateItem(array('itemid' => $data['itemid']));
// Jump to the next page
xarController::redirect(xarModURL('wurfl', 'admin', 'view'));
return true;
}
}
return $data;
}
function wurfl_admin_new()
{
if (!xarSecurityCheck('AddWurfl')) {
return;
}
if (!xarVarFetch('name', 'str', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) {
return;
}
$data['object'] = DataObjectMaster::getObject(array('name' => $name));
$data['tplmodule'] = 'wurfl';
$data['authid'] = xarSecGenAuthKey('wurfl');
if ($data['confirm']) {
// we only retrieve 'preview' from the input here - the rest is handled by checkInput()
if (!xarVarFetch('preview', 'str', $preview, NULL, XARVAR_DONT_SET)) {
return;
}
// Check for a valid confirmation key
if (!xarSecConfirmAuthKey()) {
return;
}
// Get the data from the form
$isvalid = $data['object']->checkInput();
if (!$isvalid) {
// Bad data: redisplay the form with error messages
return xarTplModule('wurfl', 'admin', 'new', $data);
} else {
// Good data: create the item
$itemid = $data['object']->createItem();
// Jump to the next page
xarController::redirect(xarModURL('wurfl', 'admin', 'view'));
return true;
}
}
return $data;
}
function mailer_admin_view_mailer()
{
if (!xarSecurityCheck('ManageMailer')) {
return;
}
if (!xarVarFetch('name', 'str', $name, 'mailer_mails', XARVAR_NOT_REQUIRED)) {
return;
}
if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) {
return;
}
if (xarModIsAvailable('realms')) {
$userrealmid = xarModAPIfunc('realms', 'admin', 'getrealmid');
$realmid = xarModAPIfunc('realms', 'admin', 'getrealmid', array('itemid' => $data['itemid'], 'tablename' => 'mailer_mails'));
if ($userrealmid != 0 && $userrealmid != $realmid) {
return;
}
}
$data['object'] = DataObjectMaster::getObject(array('name' => $name));
$data['object']->getItem(array('itemid' => $data['itemid']));
$data['tplmodule'] = 'mailer';
return $data;
}
/**
* Display a transaction
*/
function shop_admin_transaction($args)
{
if (!xarVarFetch('itemid', 'id', $itemid, NULL, XARVAR_DONT_SET)) {
return;
}
extract($args);
if (empty($itemid)) {
$msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'user', 'display', 'shop');
throw new Exception($msg);
}
// Make sure user has read privileges for the item
if (!xarSecurityCheck('ReadShop', 1, 'Item', $itemid)) {
return;
}
// Load the DD master object class. This line will likely disappear in future versions
sys::import('modules.dynamicdata.class.objects.master');
// Get the object definition we'll be working with
$object = DataObjectMaster::getObject(array('name' => 'shop_transactions'));
$data['properties'] = $object->getProperties();
$data['object'] = $object;
//We don't really have the item until we call getItem()
$some_id = $object->getItem(array('itemid' => $itemid));
//Make sure we got something
if (!isset($some_id) || $some_id != $itemid) {
return;
}
//Get the property names and values for the item with the getFieldValues() method
$values = $object->getFieldValues();
//We need to do this up here to avoid messing up the serialized array with xarVarPrepForDisplay
$products = unserialize($values['products']);
//$values is an associative array of property names and values, so...
foreach ($values as $name => $value) {
$data[$name] = xarVarPrepForDisplay($value);
}
$data['products'] = $products;
return $data;
}
