/** * Update Ephemeride * @author The Zikula Development Team * @param 'args['eid']' item ID * @return true if success, false otherwise */ public function update($args) { // Argument check if (!isset($args['eid']) || !isset($args['did']) || !isset($args['mid']) || !isset($args['yid']) || !isset($args['content']) || !isset($args['language'])) { return LogUtil::registerArgsError(); } if (!isset($args['status'])) { $args['status'] = 1; } if (!isset($args['type'])) { $args['type'] = 1; } // get the existing args $item = ModUtil::apiFunc('Ephemerides', 'user', 'get', array('eid' => $args['eid'])); if (!$item) { return LogUtil::registerError($this->__('No such Ephemeride found.')); } // security check(s) // check permissions for both the original and modified ephemerides if (!SecurityUtil::checkPermission('Ephemerides::', "::{$args['eid']}", ACCESS_EDIT)) { return LogUtil::registerPermissionError(); } // update the args and check return value for error $res = DBUtil::updateObject($args, 'ephem', '', 'eid'); if (!$res) { return LogUtil::registerError($this->__('Error! Ephemeride update failed.')); } return true; }
/** * Update Quote * @author Greg Allan * @author The Zikula Development Team * @param 'args['qid']' quote ID * @param 'args['qquote']' quote text * @param 'args['qauthor']' quote author * @param 'status' quote status * @return true if success, false otherwise */ public function update($quote) { // the argument associative array represents an object/row argument check if (!isset($quote['qid']) || !isset($quote['quote']) || !isset($quote['author'])) { return LogUtil::registerArgsError(); } if (!isset($quote['status'])) { $quote['status'] = 1; } // get the existing quote $item = ModUtil::apiFunc('Quotes', 'user', 'get', array('qid' => $quote['qid'])); if (!$item) { return LogUtil::registerError($this->__('No such Quote found.')); } // security check(s) // check permissions for both the original and modified quotes if (!SecurityUtil::checkPermission('Quotes::', $item['author'] . "::" . $quote['qid'], ACCESS_EDIT)) { return LogUtil::registerPermissionError(); } if (!SecurityUtil::checkPermission('Quotes::', $item['author'] . "::" . $quote['qid'], ACCESS_EDIT)) { return LogUtil::registerPermissionError(); } // update the quote and check return value for error $res = DBUtil::updateObject($quote, 'quotes', '', 'qid'); if (!$res) { return LogUtil::registerError($this->__('Error! Quote update failed.')); } return true; }
/** * bbsmiles * returns a html snippet with buttons for inserting bbsmiles into a text * * @param $args['textfieldid'] id of the textfield for inserting smilies */ public function bbsmiles($args) { if (!isset($args['textfieldid']) || empty($args['textfieldid'])) { return LogUtil::registerArgsError(); } // if we have more than one textarea we need to distinguish them, so we simply use // a counter stored in a session var until we find a better solution $counter = SessionUtil::getVar('bbsmile_counter', 0); $counter++; SessionUtil::setVar('bbsmile_counter', $counter); $this->view->assign('counter', $counter); $this->view->assign('textfieldid', $args['textfieldid']); PageUtil::addVar('stylesheet', ThemeUtil::getModuleStylesheet('BBSmile')); $templatefile = DataUtil::formatForOS(ModUtil::getName()) . '.tpl'; if ($this->view->template_exists($templatefile)) { return $this->view->fetch($templatefile); } $this->view->add_core_data(); return $this->view->fetch('bbsmile_user_bbsmiles.tpl'); }
/** * Avatar_userapi_setavatar() * * sets the user avatar. * * @param integer $args['uid'] the user id * @param string $args['avatar'] the user avatar * @return boolean success **/ public function setavatar($args) { if (!isset($args['uid']) || !isset($args['avatar'])) { return LogUtil::registerArgsError(); } $avatar_ok = ModUtil::apiFunc('Avatar', 'user', 'checkAvatar', $args); if ($avatar_ok == true) { $uname = UserUtil::getVar('uname', $args['uid']); if ($args['avatar'] == 'blank.gif') { $args['avatar'] = ''; $status = $this->__f('Done! The avatar of the user \'%s\' has been disabled.', $uname); } else { if ($args['avatar'] == 'gravatar.gif') { $status = $this->__f('Done! The avatar of the user \'%s\' has been set to his gravatar.', $uname); } else { $status = $this->__f('Done! The avatar of the user \'%1$s\' has been changed to \'%2$s\'', array($uname, $args['avatar'])); } } UserUtil::setVar('avatar', $args['avatar'], $args['uid']); LogUtil::registerStatus($status); return true; } return LogUtil::registerError($this->__f('Error! The user is not authorized to use this avatar. To change this, update the permission for %s.', $args['avatar'])); }
/** * Delete a block position. * * @param int $args['pid'] ID of the position. * * @return bool true on success, false on failure. */ public function deleteposition($args) { if (!isset($args['pid']) || !is_numeric($args['pid'])) { return LogUtil::registerArgsError(); } $item = ModUtil::apiFunc('Blocks', 'user', 'getposition', array('pid' => $args['pid'])); if ($item == false) { return LogUtil::registerError($this->__('Sorry! No such item found.')); } if (!SecurityUtil::checkPermission('Blocks::position', "{$item['name']}::{$item['pid']}", ACCESS_DELETE)) { return LogUtil::registerPermissionError(); } // Now actually delete the category if (!DBUtil::deleteObjectByID('block_positions', $args['pid'], 'pid')) { return LogUtil::registerError($this->__('Error! Could not perform the deletion.')); } // Let the calling process know that we have finished successfully return true; }
/** * set theme as default for site * */ public function setasdefault($args) { // get our input $themename = FormUtil::getPassedValue('themename', isset($args['themename']) ? $args['themename'] : null, 'REQUEST'); $confirmation = (int)FormUtil::getPassedValue ('confirmation', false, 'REQUEST'); $resetuserselected = FormUtil::getPassedValue('resetuserselected', isset($args['resetuserselected']) ? $args['resetuserselected'] : null, 'POST'); // check our input if (!isset($themename) || empty($themename)) { return LogUtil::registerArgsError(ModUtil::url('Theme', 'admin', 'view')); } // Security check if (!SecurityUtil::checkPermission('Theme::', '::', ACCESS_ADMIN)) { return LogUtil::registerPermissionError(); } // Check for confirmation. if (empty($confirmation)) { // No confirmation yet // Add a hidden field for the item ID to the output $this->view->assign('themename', $themename); // assign the var defining if users can change themes $this->view->assign('theme_change', System::getVar('theme_change')); // Return the output that has been generated by this function return $this->view->fetch('theme_admin_setasdefault.tpl'); } // If we get here it means that the user has confirmed the action $this->checkCsrfToken(); // Set the default theme if (ModUtil::apiFunc('Theme', 'admin', 'setasdefault', array('themename' => $themename, 'resetuserselected' => $resetuserselected))) { // Success LogUtil::registerStatus($this->__('Done! Changed default theme.')); } $this->redirect(ModUtil::url('Theme', 'admin', 'view')); }
/** * Pending action. * * @param int $args['gid'] * @param int $args['userid'] * @param string $args['action'] * * @return boolean */ public function pendingaction($args) { if (!isset($args['gid']) || !isset($args['userid']) || !isset($args['action'])) { return LogUtil::registerArgsError(); } $dbtable = DBUtil::getTables(); $col = $dbtable['group_applications_column']; $where = "WHERE {$col['gid']} = '" . (int) DataUtil::formatForStore($args['gid']) . "'\n AND {$col['uid']} = '" . (int) DataUtil::formatForStore($args['userid']) . "'"; if (!DBUtil::deleteWhere('group_applications', $where)) { return LogUtil::registerError($this->__('Error! Could not perform the deletion.')); } if ($args['action'] == 'accept') { $adduser = ModUtil::apiFunc('Groups', 'admin', 'adduser', array('gid' => $args['gid'], 'uid' => $args['userid'])); } // Send message part switch ($args['sendtag']) { case 1: $send = ModUtil::apiFunc('Messages', 'user', 'create', array('to_userid' => $args['userid'], 'subject' => $args['reasontitle'], 'message' => $args['reason'])); if ($send == false) { LogUtil::registerError($this->__('Error! Could not send the private message to the user.')); } break; case 2: if (ModUtil::available('Mailer')) { $send = ModUtil::apiFunc('Mailer', 'user', 'sendmessage', array('toname' => UserUtil::getVar('uname', $args['userid']), 'toaddress' => UserUtil::getVar('email', $args['userid']), 'subject' => $args['reasontitle'], 'body' => $args['reason'])); } else { $send = System::mail(UserUtil::getVar('email', $args['userid']), $args['reasontitle'], $args['reason'], "From: " . System::getVar('adminmail') . "\nX-Mailer: PHP/" . phpversion(), 0); } break; } return true; }
/** * Decode the custom url string. * * @return bool true if successful, false otherwise. */ public function decodeurl($args) { // check we actually have some vars to work with... if (!isset($args['vars'])) { return LogUtil::registerArgsError(); } System::queryStringSetVar('type', 'user'); // define the available user functions $funcs = array('main', 'form', 'search', 'process', 'recent'); // set the correct function name based on our input if (empty($args['vars'][2])) { // Retain this for BC for older URLs that might be stored System::queryStringSetVar('func', 'main'); } elseif (!in_array($args['vars'][2], $funcs)) { System::queryStringSetVar('func', 'main'); $nextvar = 2; } else { if ($args['vars'][2] == 'process') { $args['vars'][2] = 'search'; } System::queryStringSetVar('func', $args['vars'][2]); $nextvar = 3; } if (FormUtil::getPassedValue('func') == 'recent' && isset($args['vars'][$nextvar])) { System::queryStringSetVar('startnum', $args['vars'][$nextvar]); } // identify the correct parameter to identify the page if (FormUtil::getPassedValue('func') == 'search' && isset($args['vars'][$nextvar]) && !empty($args['vars'][$nextvar])) { System::queryStringSetVar('q', $args['vars'][$nextvar]); $nextvar++; if (isset($args['vars'][$nextvar]) && $args['vars'][$nextvar] == 'page') { System::queryStringSetVar('page', (int)$args['vars'][$nextvar + 1]); } } return true; }
/** * Compare a password-like code to a hashed value, to determine if they match. * * Note that this is not limited only to use for user login passwords, but can be used where ever a human-readable * password-like code is needed. * * @param string $unhashedPassword The password-like code entered by the user. * @param string $hashedPassword The hashed password-like code that the entered password-like code is to be compared to. * * @return bool True if the $unhashedPassword matches the $hashedPassword with the given hashing method; false if they do not * match, or if there was an error (such as an empty password or invalid code). */ public static function passwordsMatch($unhashedPassword, $hashedPassword) { $passwordsMatch = false; if (!isset($unhashedPassword) || !is_string($unhashedPassword) || empty($unhashedPassword)) { return LogUtil::registerArgsError(); } if (!isset($hashedPassword) || !is_string($hashedPassword) || empty($hashedPassword) || strpos($hashedPassword, UsersConstant::SALT_DELIM) === false) { return LogUtil::registerArgsError(); } $passwordsMatch = SecurityUtil::checkSaltedHash($unhashedPassword, $hashedPassword, self::getPasswordHashMethods(true), UsersConstant::SALT_DELIM); return $passwordsMatch; }
/** * Resequence permissions. * * Called when a permission is assigned the same sequence number as an existing permission. * * @param string $args ['newseq'] the desired sequence. * @param string $args ['oldseq'] the original sequence number. * * @return boolean */ public function full_resequence($args) { // Security check if (!SecurityUtil::checkPermission('Permissions::', "::", ACCESS_ADMIN)) { return LogUtil::registerPermissionError(); } // Argument check if (!isset($args['newseq']) || !isset($args['oldseq'])) { return LogUtil::registerArgsError(); } $newseq = $args['newseq']; $oldseq = $args['oldseq']; unset($args); $dbtable = DBUtil::getTables(); $permcolumn = $dbtable['group_perms_column']; //find out the maximum sequence number $maxseq = $this->maxsequence(array('column' => 'sequence')); if ((int) $oldseq > (int) $newseq) { if ($newseq < 1) { $newseq = 1; } // The new sequence is higher in the list // Get the information $where = "WHERE {$permcolumn['sequence']} >= '" . (int) $newseq . "'\n AND {$permcolumn['sequence']} <= '" . (int) $oldseq . "'"; $orderBy = "ORDER BY {$permcolumn['sequence']} DESC"; $objArray = DBUtil::selectObjectArray('group_perms', $where, $orderBy, -1, -1, '', null, array('pid', 'sequence')); $key = 0; while (list($pid, $curseq) = $objArray[$key]) { if ($curseq == $oldseq) { // we are dealing with the old value so make it the new value $curseq = $newseq; } else { $curseq++; } $key++; $where = "WHERE {$permcolumn['pid']} = '" . (int) DataUtil::formatForStore($pid) . "'"; $obj = array('sequence' => (int) $curseq); DBUtil::updateObject($obj, 'group_perms', $where, 'pid'); } } else { // The new sequence is lower in the list //if the new requested sequence is bigger than //the maximum sequence number then set it to //the maximum number. We don't want any spaces //in the sequence. if ($newseq > $maxseq) { $newseq = (int) $maxseq; } $where = "WHERE {$permcolumn['sequence']} >= '" . (int) $oldseq . "'\n AND {$permcolumn['sequence']} <= '" . (int) $newseq . "'"; $orderBy = "ORDER BY {$permcolumn['sequence']} ASC"; $objArray = DBUtil::selectObjectArray('group_perms', $where, $orderBy, -1, -1, '', null, array('pid', 'sequence')); $key = 0; while (list($pid, $curseq) = $objArray[$key]) { if ($curseq == $oldseq) { // we are dealing with the old value so make it the new value $curseq = $newseq; } else { $curseq--; } $key++; $where = "WHERE {$permcolumn['pid']} = '" . (int) DataUtil::formatForStore($pid) . "'"; $obj = array('sequence' => (int) $curseq); DBUtil::updateObject($obj, 'group_perms', $where, 'pid'); } } return true; }
/** * update group applications * */ public function userupdate() { $this->checkCsrfToken(); $action = FormUtil::getPassedValue('action', null, 'POST'); if ($action != 'deny' && $action != 'accept') { return LogUtil::registerArgsError(ModUtil::url('Groups', 'admin', 'view')); } $tag = FormUtil::getPassedValue('tag', null, 'POST'); $sendtag = FormUtil::getPassedValue('sendtag', null, 'POST'); $reason = FormUtil::getPassedValue('reason', null, 'POST'); $gid = (int) FormUtil::getPassedValue('gid', null, 'POST'); $userid = (int) FormUtil::getPassedValue('userid', null, 'POST'); if (empty($tag) || empty($gid) || empty($userid)) { return LogUtil::registerArgsError(ModUtil::url('Groups', 'admin', 'view')); } $group = ModUtil::apiFunc('Groups', 'user', 'get', array('gid' => $gid)); if ($action == 'deny') { $reasontitle = $this->__f('Concerning your %s group membership application', $group['name']); if (empty($reason)) { // Get Default TEXT $reason = $this->__('Sorry! This is a message to inform you with regret that your application for membership of the aforementioned private group has been rejected.'); } } elseif ($action == 'accept') { $reasontitle = $this->__f('Done! The user has been added to the %s group.', $group['name']); if (empty($reason)) { // Get Default TEXT $reason = $this->__('Done! Your application has been accepted. You have been granted all the privileges assigned to the group of which you are now member.'); } } $result = ModUtil::apiFunc('Groups', 'admin', 'pendingaction', array('userid' => $userid, 'gid' => $gid, 'sendtag' => $sendtag, 'reason' => $reason, 'reasontitle' => $reasontitle, 'action' => $action)); if (!$result) { if ($action == 'deny') { LogUtil::registerError($this->__("Error! Could not execute 'Reject' action.")); } else { LogUtil::registerError($this->__("Error! Could not execute 'Accept' action.")); } $this->redirect(ModUtil::url('Groups', 'admin', 'view')); } if ($action == 'accept') { LogUtil::registerStatus($this->__('Done! The user was added to the group.')); } else { LogUtil::registerStatus($this->__("Done! The user's application for group membership has been rejected.")); } $this->redirect(ModUtil::url('Groups', 'admin', 'view')); }
public function getActivitat($id) { // Check permission $this->throwForbiddenUnless(SecurityUtil::checkPermission('Cataleg::', '::', ACCESS_READ)); $item = array(); if ($id && is_numeric($id)) { // Seleccionar la info de l'activitat $activitat = DBUtil::selectObject('cataleg_activitats', 'actId=' . $id); // Obtenir dades relacionades de taula activitatsZona $actZona = DBUtil::selectObjectArray('cataleg_activitatsZona', 'actId=' . $id); // Canviar l'índex de l'array per reonstruir el formulari $az = array(); foreach ($actZona as $a) { $az[$a['lloc']] = $a; } $item['activitatsZona'] = $az; // Obtenir dades de les persones de contacte $contactes = DBUtil::selectObjectArray('cataleg_contactes', 'actId=' . $id, 'ORDER BY pContacte'); // Obtenir dades dels centres que faran l'activitat $cent = DBUtil::selectObjectArray('cataleg_centresActivitat', 'actId =' . $id); // Provisionalment ho farem així -------------------------------------------- $ac = array(); foreach ($cent as $c) { $ac[] = $c['centre']; } //$cent = unserialize($activitat['centres']); if (count($ac)) { $centres = implode(',', $ac); $activitat['centresAct'] = $centres; } else { $activitat['centresAct'] = ""; } // -------------------------------------------------------------------------- // Obtenir informació de catàleg, eix i prioritat $info = ModUtil::apiFunc('Cataleg', 'user', 'getAuxiliarInfo', $id); // Processar els elements serialitzats per convertir-los en arrays. $dest = unserialize($activitat['destinataris']); $activitat['destinataris'] = $dest; $obj = unserialize($activitat['objectius']); $activitat['objectius'] = $obj; $cont = unserialize($activitat['continguts']); $activitat['continguts'] = $cont; $gest = unserialize($activitat['gestio']); $activitat['gestio'] = $gest; // Obtenir noms i cognoms de la persona validadora a partir del seu uid if (!is_null($activitat['validador'])) { $where = "WHERE iw_uid=" . $activitat['validador']; $usrVal = DBUtil::selectObject('IWusers', $where, array('nom', 'cognom1', 'cognom2')); $activitat['validador'] = $usrVal['nom'] . " " . $usrVal['cognom1'] . " " . $usrVal['cognom2']; } else $activitat['validador'] = ""; //Obtenir noms i cognoms de la persona que va crear l'activitat if (!is_null($activitat['cr_uid'])) { $where = "WHERE iw_uid=" . $activitat['cr_uid']; $usrCrea = DBUtil::selectObject('IWusers', $where, array('nom', 'cognom1', 'cognom2')); $activitat['creador'] = $usrCrea['nom'] . " " . $usrCrea['cognom1'] . " " . $usrCrea['cognom2']; } else $activitat['cr_uid'] = ""; //Obtenir noms i cognoms de la darrera persona que va modificar l'activitat if (!is_null($activitat['lu_uid'])) { $where = "WHERE iw_uid=" . $activitat['lu_uid']; $usrMod = DBUtil::selectObject('IWusers', $where, array('nom', 'cognom1', 'cognom2')); $activitat['modificador'] = $usrMod['nom'] . " " . $usrMod['cognom1'] . " " . $usrMod['cognom2']; } else $activitat['lu_uid'] = ""; // Canvi format dates $activitat['lu_date'] = date('d/m/Y H:i:s', strtotime($activitat['lu_date'])); $activitat['cr_date'] = date('d/m/Y H:i:s', strtotime($activitat['cr_date'])); $activitat['dataVal'] = date('d/m/Y H:i:s', strtotime($activitat['dataVal'])); $item = array_merge($item, $info); $item = array_merge($item, $activitat); $item['contactes'] = $contactes; return $item; } else { LogUtil::registerArgsError(); return LogUtil::registerError($this->__('No s\'han pogut carregar les dades de l\'activitat.')); } }
/** * Deactivate a dynamic user data item. * * Parameters passed in the $args array: * ------------------------------------- * int dudid The id of the item to be deactivated. * * @param array $args All parameters passed to this function. * * @return bool true on success, false on failure. * * @todo remove weight; can be got from get API. */ public function deactivate($args) { // Argument check if (!isset($args['dudid']) || !is_numeric($args['dudid'])) { return LogUtil::registerArgsError(); } $item = ModUtil::apiFunc('Profile', 'user', 'get', array('propid' => $args['dudid'])); if ($item == false) { return LogUtil::registerError($this->__('Error! No such personal info item found.'), 404); } // type validation if ($item['prop_dtype'] < 1) { return LogUtil::registerError($this->__('Error! You cannot deactivate this personal info item.'), 404); } // Update the item $obj = array('prop_id' => (int)$args['dudid'], 'prop_weight' => 0); $res = DBUtil::updateObject($obj, 'user_property', '', 'prop_id'); // Check for an error with the database code if (!$res) { return LogUtil::registerError($this->__('Error! Could not deactivate the personal info item.')); } // Get database setup $dbtable = DBUtil::getTables(); $propertytable = $dbtable['user_property']; $propertycolumn = $dbtable['user_property_column']; // Update the other items $sql = "UPDATE $propertytable SET $propertycolumn[prop_weight] = $propertycolumn[prop_weight] - 1 WHERE $propertycolumn[prop_weight] > '" . (int)DataUtil::formatForStore($item['weight']) . "'"; $res = DBUtil::executeSQL($sql); // Check for an error with the database code if (!$res) { return LogUtil::registerError($this->__('Error! Could not deactivate the personal info item.')); } return true; }
public function dragContent($args) { if (!isset($args['pageId']) || !isset($args['contentId']) || !isset($args['contentAreaIndex']) || !isset($args['position'])) { return LogUtil::registerArgsError(); } $pageId = (int) $args['pageId']; $contentId = (int) $args['contentId']; $contentAreaIndex = (int) $args['contentAreaIndex']; $position = (int) $args['position']; // This will remove the content item from the content Area, but no deletion if (!$this->contentRemoveContent($contentId)) { return false; } // Insert the removed content item into the new location if (!$this->contentInsertContent($contentId, $position, $contentAreaIndex, $pageId)) { return false; } $ok = ModUtil::apiFunc('Content', 'History', 'addPageVersion', array('pageId' => $pageId, 'action' => '_CONTENT_HISTORYCONTENTMOVED')); if ($ok === false) { return false; } Content_Util::clearCache(); return true; }
/** * Return repository instance for a certain object type. * * @param string $objectType The desired object type. * * @return mixed Repository class instance or null. */ protected function getRepository($objectType = '') { if (empty($objectType)) { return LogUtil::registerArgsError(); } return $this->entityManager->getRepository('MUBoard_Entity_' . ucfirst($objectType)); }
/** * Create custom url string. * * Parameters passed in the $args array: * ------------------------------------- * string modname The module name for the URL; required. * string type The function type; optional; defaults to 'user'. * string func The function name for the URL; required. * array args An array of arguments for the URL's query string; required; if $args['func'] is 'view' then either $args['args']['uname'] * or $args['args']['uid'] is required. * * @param array $args All parameters passed to this function. * * @return string The custom url string. */ public function encodeurl($args) { // check we have the required input if (!isset($args['modname']) || !isset($args['func']) || !isset($args['args'])) { return LogUtil::registerArgsError(); } if (!isset($args['type'])) { $args['type'] = 'user'; } elseif (!is_string($args['type']) || ($args['type'] != 'user')) { return LogUtil::registerArgsError(); } if (empty($args['func'])) { $args['func'] = 'main'; } // create an empty string ready for population $vars = ''; // let the core handled everything except the view function if ($args['func'] == 'view' && (isset($args['args']['uname']) || isset($args['args']['uid']))) { isset($args['args']['uname']) ? $vars = $args['args']['uname'] : $vars = $args['args']['uid']; } else { return false; } if (isset($args['args']['page'])) { $vars .= "/{$args['args']['page']}"; } // construct the custom url part return $args['modname'] . '/' . $args['func'] . '/' . $vars; }
/** * Form custom url string * * @return string custom url string */ public function encodeurl($args) { // check if we have the required input if (!is_array($args) || !isset($args['modname']) || !isset($args['func'])) { return LogUtil::registerArgsError(); } // set default values if (!isset($args['type'])) { $args['type'] = 'user'; } if (!isset($args['args'])) { $args['args'] = array(); } // return if function url scheme is not being customised $customFuncs = array('view', 'display'); if (!in_array($args['func'], $customFuncs)) { return false; } // reference to current language $lang = ZLanguage::getLanguageCode(); // initialise url routing rules $routerFacade = new MUBoard_RouterFacade(); // get router itself for convenience $router = $routerFacade->getRouter(); // initialise object type $utilArgs = array('controller' => 'user', 'action' => 'encodeurl'); $allowedObjectTypes = MUBoard_Util_Controller::getObjectTypes('api', $utilArgs); $objectType = isset($args['args']['ot']) && in_array($args['args']['ot'], $allowedObjectTypes) ? $args['args']['ot'] : MUBoard_Util_Controller::getDefaultObjectType('api', $utilArgs); // initialise group folder $groupFolder = $routerFacade->getGroupingFolderFromObjectType($objectType, $args['func'], $args['args']); // start pre processing // convert object type to group folder $args['args']['ot'] = $groupFolder; // handle special templates $displayDefaultEnding = ''; $endingPrefix = $args['func'] == 'view' ? '.' : ''; foreach (array('csv', 'rss', 'atom', 'xml', 'pdf', 'json') as $ending) { if (!isset($args['args']['use' . $ending . 'ext'])) { continue; } if ($args['args']['use' . $ending . 'ext'] == '1') { $args['args'][$args['func'] . 'ending'] = $endingPrefix . $ending; } unset($args['args']['use' . $ending . 'ext']); } // fallback to default templates if (!isset($args['args'][$args['func'] . 'ending'])) { if ($args['func'] == 'view') { $args['args'][$args['func'] . 'ending'] = ''; //'/'; } else { if ($args['func'] == 'display') { $args['args'][$args['func'] . 'ending'] = $displayDefaultEnding; } } } if ($args['func'] == 'view') { // TODO filter views (e.g. /orders/customer/mr-smith.csv) /** $filterEntities = array('customer', 'region', 'federalstate', 'country'); foreach ($filterEntities as $filterEntity) { $filterField = $filterEntity . 'id'; if (!isset($args['args'][$filterField]) || !$args['args'][$filterField]) { continue; } $filterId = $args['args'][$filterField]; unset($args['args'][$filterField]); $filterGroupFolder = $routerFacade->getGroupingFolderFromObjectType($filterEntity, 'display', $args['args']); $filterSlug = $routerFacade->getFormattedSlug($filterEntity, 'display', $args['args'], $filterId); $result .= $filterGroupFolder . '/' . $filterSlug .'/'; break; } */ } elseif ($args['func'] == 'display') { // determine given id $id = 0; foreach (array('id', strtolower($objectType) . 'id', 'objectid') as $idFieldName) { if (isset($args['args'][$idFieldName])) { $id = $args['args'][$idFieldName]; unset($args['args'][$idFieldName]); } } $slugTitle = ''; if ($id > 0) { $slugTitle = $routerFacade->getFormattedSlug($objectType, $args['func'], $args['args'], $id); } if (!empty($slugTitle) && $slugTitle != $id) { // add slug expression $args['args']['title'] = $slugTitle; } else { // readd id $args['args']['id'] = $id; } } // add func as first argument $routerArgs = array_merge(array('func' => $args['func']), $args['args']); // now create url based on params $result = $router->generate(null, $routerArgs); // post processing if ($args['func'] == 'view' && !empty($args['args']['viewending']) || $args['func'] == 'display') { // check if url ends with a trailing slash if (substr($result, -1) == '/') { // remove the trailing slash $result = substr($result, 0, strlen($result) - 1); } } // enforce url name of the module, but do only 1 replacement to avoid changing other params $modInfo = ModUtil::getInfoFromName('MUBoard'); $result = preg_replace('/' . $modInfo['name'] . '/', $modInfo['url'], $result, 1); return $result; }
/** * Get comments for a specific item inside a module * * This function provides the main user interface to the comments * module. * * @param $args['id'] ID of the comment * @returns array * @return details, or false on failure */ public function get($args = array()) { if (!isset($args['id']) || empty($args['id'])) { return LogUtil::registerArgsError(); } // init empty comment $comment = array(); $permFilter = array(); $permFilter[] = array('component_left' => 'EZComments', 'component_middle' => '', 'component_right' => '', 'instance_left' => 'modname', 'instance_middle' => 'objectid', 'instance_right' => 'id', 'level' => ACCESS_READ); $comment = DBUtil::selectObjectByID('EZComments', $args['id'], 'id', null, $permFilter); if ($comment != false && is_array($comment)) { // backwards compatibility $comment['mod'] = $comment['modname']; } return $comment; }
/** * view a page * * @param int pid Page ID * @param string name URL name, alternative for pid * @param bool preview Display preview * @param bool editmode Flag for enabling/disabling edit mode * * @return Renderer output */ public function view($args) { $pageId = isset($args['pid']) ? $args['pid'] : FormUtil::getPassedValue('pid'); $versionId = isset($args['vid']) ? $args['vid'] : FormUtil::getPassedValue('vid'); $urlname = isset($args['name']) ? $args['name'] : FormUtil::getPassedValue('name'); $preview = isset($args['preview']) ? $args['preview'] : FormUtil::getPassedValue('preview'); $editmode = isset($args['editmode']) ? $args['editmode'] : FormUtil::getPassedValue('editmode', null, 'GET'); if ($pageId === null && !empty($urlname)) { $pageId = ModUtil::apiFunc('Content', 'Page', 'solveURLPath', compact('urlname')); System::queryStringSetVar('pid', $pageId); } if ((bool) $this->getVar('inheritPermissions', false) === true) { $this->throwForbiddenUnless(ModUtil::apiFunc('Content', 'page', 'checkPermissionForPageInheritance', array('pageId' => $pageId, 'level' => ACCESS_READ)), LogUtil::getErrorMsgPermission()); } else { $this->throwForbiddenUnless(SecurityUtil::checkPermission('Content:page:', $pageId . '::', ACCESS_READ), LogUtil::getErrorMsgPermission()); } $versionHtml = ''; $hasEditAccess = false; if ((bool) $this->getVar('inheritPermissions', false) === true) { $hasEditAccess = ModUtil::apiFunc('Content', 'page', 'checkPermissionForPageInheritance', array('pageId' => $pageId, 'level' => ACCESS_EDIT)); } else { $hasEditAccess = SecurityUtil::checkPermission('Content:page:', $pageId . '::', ACCESS_EDIT); } if ($versionId !== null && $hasEditAccess) { $preview = true; $version = ModUtil::apiFunc('Content', 'History', 'getPageVersion', array('id' => $versionId, 'preview' => $preview, 'includeContent' => true)); $versionData =& $version['data']; $page =& $versionData['page']; $pageId = $page['id']; $action = ModUtil::apiFunc('Content', 'History', 'contentHistoryActionTranslate', $version['action']); $translatable = array('revisionNo' => $version['revisionNo'], 'date' => $version['date'], 'action' => $action, 'userName' => $version['userName'], 'ipno' => $version['ipno']); $iconSrc = 'images/icons/extrasmall/clock.png'; $versionHtml = "<p class=\"content-versionpreview\"><img alt=\"\" src=\"{$iconSrc}\"/> " . $this->__f('Version #%1$s - %2$s - %3$s by %4$s from %5$s', $translatable) . "</p>"; } // now get the page up for display if ($pageId !== null && $versionId === null) { $page = ModUtil::apiFunc('Content', 'Page', 'getPage', array('id' => $pageId, 'preview' => $preview, 'includeContent' => true, 'filter' => array('checkActive' => !($preview && $hasEditAccess)))); } else { if ($versionId === null) { return LogUtil::registerArgsError(); } } if ($page === false) { return false; } if ($editmode !== null) { SessionUtil::setVar('ContentEditMode', $editmode); } else { $editmode = SessionUtil::getVar('ContentEditMode', null); } if ($editmode) { $this->view->setCaching(false); } $this->view->setCacheId("{$pageId}|{$versionId}"); if ($this->view->is_cached('user/page.tpl')) { return $this->view->fetch('user/page.tpl'); } // Register a page variable breadcrumbs with the Content page hierarchy as array of array(url, title) if ((bool) $this->getVar('registerBreadcrumbs', false) === true) { // first include self, then loop over parents until root is reached $breadcrumbs[] = array('url' => ModUtil::url('Content', 'user', 'view', array('pid' => $page['id'])), 'title' => $page['title']); $loopPageid = $page['parentPageId']; while ($loopPageid > 0) { $loopPage = ModUtil::apiFunc('Content', 'Page', 'getPage', array('id' => $loopPageid, 'includeContent' => false, 'includeLayout' => false, 'translate' => $this->translateTitles)); array_unshift($breadcrumbs, array('url' => ModUtil::url('Content', 'user', 'view', array('pid' => $loopPage['id'])), 'title' => $loopPage['title'])); $loopPageid = $loopPage['parentPageId']; } PageUtil::registerVar('breadcrumbs', false, $breadcrumbs); } $multilingual = ModUtil::getVar(ModUtil::CONFIG_MODULE, 'multilingual'); if ($page['language'] == ZLanguage::getLanguageCode()) { $multilingual = false; } // override the PageVar title if configued in the settings if ($this->getVar('overrideTitle')) { $pageTitle = html_entity_decode($page['title']); PageUtil::setVar('title', $preview ? $this->__("Preview") . ' - ' . $pageTitle : $pageTitle); } $this->view->assign('page', $page); $this->view->assign('preview', $preview); $this->view->assign('editmode', $editmode); $this->view->assign('multilingual', $multilingual); $this->view->assign('enableVersioning', $this->getVar('enableVersioning')); // add layout type and column count as page variables to the template // columncount can be used via plugin contentcolumncount, since it holds regular expressions that slow down $this->view->assign('contentLayoutType', $page['layout']); // add access parameters Content_Util::contentAddAccess($this->view, $pageId); // exclude writers from statistics if (!$hasEditAccess && !$preview && !$editmode && $this->getVar('countViews')) { // Check against session to see if user was already counted if (!SessionUtil::getVar("ContentRead" . $pageId)) { SessionUtil::setVar("ContentRead" . $pageId, $pageId); DBUtil::incrementObjectFieldByID('content_page', 'views', $pageId); } } return $versionHtml . $this->view->fetch('user/page.tpl'); }
/** * display the membership of a group * */ public function memberslist() { $gid = (int)FormUtil::getPassedValue('gid', null, 'GET'); $startnum = (int)FormUtil::getPassedValue('startnum', 1, 'GET'); if (!is_numeric($startnum)) { return LogUtil::registerArgsError(); } $itemsperpage = $this->getVar('itemsperpage'); $this->throwForbiddenUnless(SecurityUtil::checkPermission('Groups::memberslist', '::', ACCESS_OVERVIEW)); $group = ModUtil::apiFunc('Groups', 'user', 'get', array('gid' => $gid, 'numitems' => $itemsperpage, 'startnum' => $startnum)); if (!$group) { return DataUtil::formatForDisplay($this->__('Error! Could not load data.')); } $uid = UserUtil::getVar('uid'); $typelabel = array(); $statelabel = array(); $groupsCommon = new Groups_Helper_Common(); $typelabel = $groupsCommon->gtypeLabels(); $statelabel = $groupsCommon->stateLabels(); $group['typelbl'] = $typelabel[$group['gtype']]; $group['statelbl'] = $statelabel[$group['state']]; $this->view->assign('mainpage', false); $this->view->assign('group', $group); if ($group['members']) { $onlines = ModUtil::apiFunc('Groups', 'user', 'whosonline', array()); $members = array(); foreach ($group['members'] as $userid) { $userinfo = UserUtil::getVars($userid['uid']); $isonline = false; if (is_array($onlines)) { foreach ($onlines as $online) { if ($online['uid'] == $userid['uid']) { $isonline = true; } } } if ($isonline) { $userinfo['isonline'] = 'greenled.png'; $userinfo['isonlinelbl'] = $this->__('on-line'); } else { $userinfo['isonline'] = 'redled.png'; $userinfo['isonlinelbl'] = $this->__('off-line'); } $members[] = $userinfo; } // test of sorting data if (!empty($members)) { foreach ($members as $res) { $sortAarr[] = strtolower($res['uname']); } array_multisort($sortAarr, SORT_ASC, $members); } $this->view->assign('members', $members); } else { $this->view->assign('members', false); } if (UserUtil::isLoggedIn()) { $this->view->assign('ismember', ModUtil::apiFunc('Groups', 'user', 'isgroupmember', array('gid' => $gid, 'uid' => $uid))); } else { $this->view->assign('ismember', false); } $this->view->assign('pager', array('numitems' => ModUtil::apiFunc('Groups', 'user', 'countgroupmembers', array('gid' => $gid)), 'itemsperpage' => $itemsperpage)); $profileModule = System::getVar('profilemodule', ''); $this->view->assign('useProfileModule', (!empty($profileModule) && $profileModule == 'Profile' && ModUtil::available($profileModule))); return $this->view->fetch('groups_user_memberslist.tpl'); }
/** * Get all placements of a block * * @param int $args['bid'] block id. * * @return mixed item array, or false on failure. */ public function getallblockspositions($args) { // Argument check if (!isset($args['bid']) || !is_numeric($args['bid'])) { return LogUtil::registerArgsError(); } $entity = $this->name . '_Entity_BlockPlacement'; $items = $this->entityManager->getRepository($entity)->findBy(array('bid' => $args['bid']), array('sortorder' => 'ASC')); return $items; }
/** * Display a form to create a new block position. * * @return string HTML output string. */ public function updateposition() { $this->checkCsrfToken(); // Get parameters $position = FormUtil::getPassedValue('position'); // check our vars if (!isset($position['pid']) || !isset($position['name']) || !isset($position['description'])) { return LogUtil::registerArgsError(ModUtil::url('Blocks', 'admin', 'view')); } // update the position if (ModUtil::apiFunc('Blocks', 'admin', 'updateposition', array('pid' => $position['pid'], 'name' => $position['name'], 'description' => $position['description']))) { // all done LogUtil::registerStatus($this->__('Done! Block position saved.')); } $this->redirect(ModUtil::url('Blocks', 'admin', 'view')); }
/** * delete item * * @param 'pageid' the id of the page * @param 'confirmation' confirmation that this item can be deleted * @return mixed string HTML output if no confirmation otherwise true */ public function delete($args) { $pageid = FormUtil::getPassedValue('pageid', isset($args['pageid']) ? $args['pageid'] : null, 'REQUEST'); $objectid = FormUtil::getPassedValue('objectid', isset($args['objectid']) ? $args['objectid'] : null, 'REQUEST'); $confirmation = FormUtil::getPassedValue('confirmation', null, 'POST'); if (!empty($objectid)) { $pageid = $objectid; } // Validate the essential parameters if (empty($pageid)) { return LogUtil::registerArgsError(); } // Get the existing page $item = ModUtil::apiFunc('Pages', 'user', 'get', array('pageid' => $pageid)); if ($item === false) { return LogUtil::registerError($this->__('No such page found.'), 404); } $this->throwForbiddenUnless(SecurityUtil::checkPermission('Pages::', $item['title'] . '::' . $pageid, ACCESS_DELETE), LogUtil::getErrorMsgPermission()); // Check for confirmation. if (empty($confirmation)) { // No confirmation yet // Add a hidden field for the item ID to the output $this->view->assign('pageid', $pageid); // Return the output that has been generated by this function return $this->view->fetch('admin/delete.tpl'); } // If we get here it means that the user has confirmed the action $this->checkCsrfToken(); // Delete the page if (ModUtil::apiFunc('Pages', 'admin', 'delete', array('pageid' => $pageid))) { // Success LogUtil::registerStatus($this->__('Done! Page deleted.')); $this->notifyHooks(new Zikula_ProcessHook('pages.ui_hooks.pages.process_delete', $pageid)); } return System::redirect(ModUtil::url('Pages', 'admin', 'view')); }
/** * display article as pdf * * @author Erik Spaan * @param 'sid' The article ID * @param 'objectid' generic object id maps to sid if present * @return string HTML string */ public function displaypdf($args) { // Get parameters from whatever input we need $sid = (int)FormUtil::getPassedValue('sid', null, 'REQUEST'); $objectid = (int)FormUtil::getPassedValue('objectid', null, 'REQUEST'); $title = FormUtil::getPassedValue('title', null, 'REQUEST'); $year = FormUtil::getPassedValue('year', null, 'REQUEST'); $monthnum = FormUtil::getPassedValue('monthnum', null, 'REQUEST'); $monthname = FormUtil::getPassedValue('monthname', null, 'REQUEST'); $day = FormUtil::getPassedValue('day', null, 'REQUEST'); // User functions of this type can be called by other modules extract($args); // At this stage we check to see if we have been passed $objectid, the // generic item identifier if ($objectid) { $sid = $objectid; } // Validate the essential parameters if ((empty($sid) || !is_numeric($sid)) && (empty($title))) { return LogUtil::registerArgsError(); } if (!empty($title)) { unset($sid); } // we set TEMPLATE caching to false because we will utilize // FILE caching of pdf files instead $this->view->setCaching(false); // Get the news story if (isset($sid)) { $item = ModUtil::apiFunc('News', 'user', 'get', array('sid' => $sid, 'status' => 0)); } else { $item = ModUtil::apiFunc('News', 'user', 'get', array('title' => $title, 'year' => $year, 'monthname' => $monthname, 'monthnum' => $monthnum, 'day' => $day, 'status' => 0)); $sid = $item['sid']; System::queryStringSetVar('sid', $sid); } if ($item === false) { return LogUtil::registerError($this->__('Error! No such article found.'), 404); } // check for cached pdf file if ($this->getVar('pdflink_enablecache', true)) { $cachedPdf = $this->pdfIsCached($item['urltitle']); if ($cachedPdf) { $this->outputCachedPdf($cachedPdf); return true; } } // $info is array holding raw information. $info = ModUtil::apiFunc('News', 'user', 'getArticleInfo', $item); // $links is an array holding pure URLs to specific functions for this article. $links = ModUtil::apiFunc('News', 'user', 'getArticleLinks', $info); // $preformat is an array holding chunks of preformatted text for this article. $preformat = ModUtil::apiFunc('News', 'user', 'getArticlePreformat', array('info' => $info, 'links' => $links)); // Assign the story info arrays $this->view->assign(array('info' => $info, 'links' => $links, 'preformat' => $preformat)); // Store output in variable $articlehtml = $this->view->fetch('user/articlepdf.tpl'); // Include and configure the TCPDF class define('K_TCPDF_EXTERNAL_CONFIG', true); $classfile = DataUtil::formatForOS('modules/News/lib/vendor/tcpdf/tcpdf.php'); include_once $classfile; $lang = ZLanguage::getInstance(); $langcode = $lang->getLanguageCodeLegacy(); $langfile = DataUtil::formatForOS("modules/News/lib/vendor/tcpdf/config/lang/{$langcode}.php"); if (file_exists($langfile)) { include_once $langfile; } else { // default to english include_once DataUtil::formatForOS('modules/News/lib/vendor/tcpdf/config/lang/eng.php'); } $configfile = DataUtil::formatForOS('modules/News/lib/vendor/tcpdf_news_config.php'); require_once $configfile; // create new PDF document $pdf = new TCPDF(PDF_PAGE_ORIENTATION, PDF_UNIT, PDF_PAGE_FORMAT, true, 'UTF-8', false); // set pdf document information $pdf->SetCreator(System::getVar('sitename')); $pdf->SetAuthor($info['contributor']); $pdf->SetTitle($info['title']); $pdf->SetSubject($info['cattitle']); //$pdf->SetKeywords($info['cattitle']); // set default header data //$pdf->SetHeaderData(PDF_HEADER_LOGO, PDF_HEADER_LOGO_WIDTH, PDF_HEADER_TITLE, PDF_HEADER_STRING); $sitename = System::getVar('sitename'); /* $pdf->SetHeaderData( $modvars['pdflink_headerlogo'], $modvars['pdflink_headerlogo_width'], $this->__f('Article %1$s by %2$s', array($info['title'], $info['contributor'])), $sitename . ' :: ' . $this->__('News publisher')); */ $pdf->SetHeaderData($this->getVar('pdflink_headerlogo'), $this->getVar('pdflink_headerlogo_width'), '', $sitename . ' :: ' . $info['cattitle'] . ' :: ' . $info['topicname']); // set header and footer fonts $pdf->setHeaderFont(Array(PDF_FONT_NAME_MAIN, '', PDF_FONT_SIZE_MAIN)); $pdf->setFooterFont(Array(PDF_FONT_NAME_DATA, '', PDF_FONT_SIZE_DATA)); // set default monospaced font $pdf->SetDefaultMonospacedFont(PDF_FONT_MONOSPACED); //set margins $pdf->SetMargins(PDF_MARGIN_LEFT, PDF_MARGIN_TOP, PDF_MARGIN_RIGHT); $pdf->SetHeaderMargin(PDF_MARGIN_HEADER); $pdf->SetFooterMargin(PDF_MARGIN_FOOTER); //set auto page breaks $pdf->SetAutoPageBreak(TRUE, PDF_MARGIN_BOTTOM); //set image scale factor $pdf->setImageScale(PDF_IMAGE_SCALE_RATIO); //set some language-dependent strings $pdf->setLanguageArray($l); // $l is undefined??? TODO // set font, freeserif is big ! //$pdf->SetFont('freeserif', '', 10); // For Unicode data put dejavusans in tcpdf_config.php $pdf->SetFont(PDF_FONT_NAME_MAIN, '', PDF_FONT_SIZE_MAIN); // add a page $pdf->AddPage(); // output the HTML content $pdf->writeHTML($articlehtml, true, 0, true, 0); // reset pointer to the last page $pdf->lastPage(); if ($this->getVar('pdflink_enablecache', true)) { $pdfMode = "FI"; $dir = CacheUtil::getLocalDir('NewsPDF'); $pdfFileName = $dir . '/' . $info['urltitle'] . '.pdf'; } else { $pdfMode = "I"; $pdfFileName = $info['urltitle'] . '.pdf'; } //Close and output PDF document $pdf->Output($pdfFileName, $pdfMode); // Since the output doesn't need the theme wrapped around it, // let the theme know that the function is already finished return true; }
/** * update a RSS item * @param $args['fid'] the ID of the item * @param $args['feedname'] the new name of the item * @param $args['number'] the new number of the item */ public function update($args) { // Argument check if (!isset($args['fid']) || !isset($args['name']) || !isset($args['url'])) { return LogUtil::registerArgsError(); } // Get the existing feed $item = ModUtil::apiFunc('Feeds', 'user', 'get', array('fid' => $args['fid'])); if (!$item) { return LogUtil::registerError($this->__('No such Feed found.')); } // Security check if (!SecurityUtil::checkPermission('Feeds::Item', "$item[name]::$args[fid]", ACCESS_EDIT)) { return LogUtil::registerPermissionError(); } if (!SecurityUtil::checkPermission('Feeds::Item', "$args[name]::$args[fid]", ACCESS_EDIT)) { return LogUtil::registerPermissionError(); } // check for maximum length to avoid cutting off URLs if (strlen($args['url'] > 200)) { return LogUtil::registerError($this->__('The provided URL is too long (200 chars max.).')); } // Check for a protocol Magpie RSS (more exactly Snoopy) can handle. $url_parts = parse_url($args['url']); if ($url_parts['scheme'] != 'http' && $url_parts['scheme'] != 'https') { return LogUtil::registerError($this->__('Invalid protocol selected. Only http and https are allowed.')); } // define the permalink title if not present if (!isset($args['urltitle']) || empty($args['urltitle'])) { $args['urltitle'] = DataUtil::formatPermalink($args['name']); } if (!DBUtil::updateObject($args, 'feeds', '', 'fid')) { return LogUtil::registerError($this->__('Error! Update attempt failed.')); } // Let the calling process know that we have finished successfully return true; }
/** * Get Quote * @author The Zikula Development Team * @author Greg Allan * @param 'args['qid']' quote id * @return array item array */ public function get($args) { // argument check if (!isset($args['qid']) || !is_numeric($args['qid'])) { return LogUtil::registerArgsError(); } // define the permissions filter to use $permFilter = array(); $permFilter[] = array('realm' => 0, 'component_left' => 'Quotes', 'component_middle' => '', 'component_right' => '', 'instance_left' => 'author', 'instance_middle' => '', 'instance_right' => 'qid', 'level' => ACCESS_READ); // get the quote $quote = DBUtil::selectObjectByID('quotes', $args['qid'], 'qid', null, $permFilter); // return the fetched object or false return $quote ? $quote : false; }
/** * Select object from the database. * * @param mixed $id The id (or array of ids) to use to retrieve the object (optional) (default=null). * @param boolean $useJoins Whether to include joining related objects (optional) (default=true). * * @return array|MUBoard_Entity_Posting retrieved data array or MUBoard_Entity_Posting instance */ public function selectById($id = 0, $useJoins = true) { // check id parameter if ($id == 0) { return LogUtil::registerArgsError(); } $where = ''; if (is_array($id)) { foreach ($id as $fieldName => $fieldValue) { if (!empty($where)) { $where .= ' AND '; } $where .= 'tbl.' . DataUtil::formatForStore($fieldName) . ' = \'' . DataUtil::formatForStore($fieldValue) . '\''; } } else { $where .= 'tbl.id = ' . DataUtil::formatForStore($id); } $query = $this->_intBaseQuery($where, '', $useJoins); return $query->getOneOrNullResult(); }
/** * Delete all comments attached to a module * * @author Mark West * @param modname the name of the module to delete all comments for * @param confirmation confirmation that this item can be deleted * @return bool true on sucess, false on failure */ public function deleteitem($args) { // Get parameters from whatever input we need. $mod = isset($args['mod']) ? $args['mod'] : FormUtil::getPassedValue('mod', null, 'GETPOST'); $objectid = isset($args['objectid']) ? $args['objectid'] : FormUtil::getPassedValue('objectid', null, 'GETPOST'); $confirmation = isset($args['confirmation']) ? $args['confirmation'] : FormUtil::getPassedValue('confirmation', null, 'GETPOST'); // input check if (!isset($mod) || !is_string($mod) || !isset($objectid) || !is_numeric($objectid)) { return LogUtil::registerArgsError(ModUtil::url('EZComments', 'admin', 'main')); } // Security check if (!SecurityUtil::checkPermission('EZComments::', $mod . ':' . $objectid . ':', ACCESS_DELETE)) { return LogUtil::registerPermissionError(); } // get our module info if (!empty($mod)) { $modinfo = ModUtil::getInfo(ModUtil::getIdFromName($mod)); } // Check for confirmation. if (empty($confirmation)) { // No confirmation yet // Add a hidden field for the item ID to the output $this->view->assign('objectid', $objectid)->assign($modinfo); // Return the output that has been generated by this function return $this->view->fetch('ezcomments_admin_deleteitem.tpl'); } // If we get here it means that the user has confirmed the action // check csrf token $this->checkCsrfToken(); // The API function is called. // note: the api call is a little different here since we'll really calling a hook function that will // normally be executed when a module is deleted. The extra nesting of the modname inside an extrainfo // array reflects this $xtra = pnModAPIFunc('EZComments', 'admin', 'deletebyitem', array('mod' => $modinfo['name'], 'objectid' => $objectid)); if ($xtra['EZComments']) { // Success LogUtil::registerStatus($this->__('Done! Comment deleted.')); } return System::redirect(ModUtil::url('EZComments', 'admin', 'main')); }
/** * decode the custom url string * * @param array $args Arguments array. * * @return bool true if successful, false otherwise */ public function decodeurl($args) { // check we actually have some vars to work with... if (!isset($args['vars'])) { return LogUtil::registerArgsError(); } // define the available user functions $funcs = array('main', 'view', 'display'); // set the correct function name based on our input if (empty($args['vars'][2])) { System::queryStringSetVar('func', 'main'); } elseif (!in_array($args['vars'][2], $funcs)) { System::queryStringSetVar('func', 'display'); $nextvar = 2; } else { System::queryStringSetVar('func', $args['vars'][2]); $nextvar = 3; } // add the category info if (FormUtil::getPassedValue('func') == 'view' && isset($args['vars'][$nextvar])) { // get rid of unused vars $args['vars'] = array_slice($args['vars'], $nextvar); System::queryStringSetVar('prop', (string)$args['vars'][0]); if (isset ($args['vars'][1])) { // check if there's a page arg $varscount = count($args['vars']); ($args['vars'][$varscount-2] == 'startnum') ? $pagersize = 2 : $pagersize = 0; System::queryStringSetVar('startnum', $args['vars'][$varscount-1]); // extract the category path $cat = implode('/', array_slice($args['vars'], 1, $varscount - $pagersize - 1)); System::queryStringSetVar('cat', $cat); } } // identify the correct parameter to identify the page if (FormUtil::getPassedValue('func') == 'display') { // get rid of unused vars $args['vars'] = array_slice($args['vars'], $nextvar); $nextvar = 0; // remove any category path down to the leaf category $varscount = count($args['vars']); if (ModUtil::getVar('Pages', 'addcategorytitletopermalink') && !empty($args['vars'][$nextvar+1])) { ($args['vars'][$varscount-2] == 'page') ? $pagersize = 2 : $pagersize = 0; $category = array_slice($args['vars'], 0, $varscount - 1 - $pagersize); System::queryStringSetVar('cat', implode('/',$category)); array_splice($args['vars'], 0, $varscount - 1 - $pagersize); } if (is_numeric($args['vars'][$nextvar])) { System::queryStringSetVar('pageid', $args['vars'][$nextvar]); } else { System::queryStringSetVar('title', $args['vars'][$nextvar]); } $nextvar++; if (isset($args['vars'][$nextvar]) && $args['vars'][$nextvar] == 'page') { System::queryStringSetVar('page', (int)$args['vars'][$nextvar+1]); } } return true; }
public function countModsInCat($args) { if (!isset($args['cid'])) { return LogUtil::registerArgsError(); } $entity = $this->name . '_Entity_AdminModule'; $dql = "SELECT count(m.amid) FROM $entity m WHERE m.cid = {$args['cid']}"; $query = $this->entityManager->createQuery($dql); $count = $query->getSingleScalarResult(); return (int)$count; }