function submissionsViewFile() { $lang = JFactory::getLanguage(); $lang->load('com_rsform', JPATH_ADMINISTRATOR); $hash = JRequest::getCmd('hash'); if (strlen($hash) != 32) { return $this->setRedirect('index.php'); } $config = JFactory::getConfig(); $secret = $config->getValue('config.secret'); $this->_db->setQuery("SELECT * FROM #__rsform_submission_values WHERE MD5(CONCAT(SubmissionId,'" . $this->_db->getEscaped($secret) . "',FieldName)) = '" . $hash . "'"); $result = $this->_db->loadObject(); // Not found if (empty($result)) { return $this->setRedirect('index.php'); } // Not an upload field $this->_db->setQuery("SELECT c.ComponentTypeId FROM #__rsform_properties p LEFT JOIN #__rsform_components c ON (p.ComponentId=c.ComponentId) WHERE p.PropertyName='NAME' AND p.PropertyValue='" . $this->_db->getEscaped($result->FieldName) . "'"); $type = $this->_db->loadResult(); if ($type != 9) { return $this->setRedirect('index.php', JText::_('RSFP_VIEW_FILE_NOT_UPLOAD')); } jimport('joomla.filesystem.file'); if (JFile::exists($result->FieldValue)) { RSFormProHelper::readFile($result->FieldValue); } $this->setRedirect('index.php', JText::_('RSFP_VIEW_FILE_NOT_FOUND')); }
public function submissionsViewFile() { $db = JFactory::getDbo(); $secret = JFactory::getConfig()->get('secret'); $hash = JFactory::getApplication()->input->getCmd('hash'); // Load language file JFactory::getLanguage()->load('com_rsform', JPATH_ADMINISTRATOR); if (strlen($hash) != 32) { JError::raiseError(500, JText::_('RSFP_VIEW_FILE_NOT_FOUND')); } $db->setQuery("SELECT * FROM #__rsform_submission_values WHERE MD5(CONCAT(SubmissionId,'" . $db->escape($secret) . "',FieldName)) = '" . $hash . "'"); if ($result = $db->loadObject()) { // Check if it's an upload field $db->setQuery("SELECT c.ComponentTypeId FROM #__rsform_properties p LEFT JOIN #__rsform_components c ON (p.ComponentId=c.ComponentId) WHERE p.PropertyName='NAME' AND p.PropertyValue='" . $db->escape($result->FieldName) . "'"); $type = $db->loadResult(); if ($type != 9) { JError::raiseError(500, JText::_('RSFP_VIEW_FILE_NOT_UPLOAD')); } if (file_exists($result->FieldValue)) { RSFormProHelper::readFile($result->FieldValue); } } else { JError::raiseError(500, JText::_('RSFP_VIEW_FILE_NOT_FOUND')); } }
public function download($clean = true) { $tar = $this->getPath(); $gzip = substr($tar, 0, -3) . 'tgz'; // If there's a .TAR archive, we no longer need it, remove it. if ($clean && file_exists($tar)) { @unlink($tar); } if (!file_exists($gzip)) { throw new Exception(sprintf('File %s does not exist!', $gzip)); } if (!is_readable($gzip)) { throw new Exception(sprintf('File %s is not readable!', $gzip)); } if (!is_null($this->name)) { $name = $this->prepareName($this->name); } else { $name = 'backup'; } RSFormProHelper::readFile($gzip, $name . '.tgz'); }
function viewFile() { $app = JFactory::getApplication(); $id = JRequest::getInt('id'); $this->_db->setQuery("SELECT * FROM #__rsform_submission_values WHERE SubmissionValueId='" . $id . "'"); $result = $this->_db->loadObject(); // Not found if (empty($result)) { $app->redirect('index.php?option=com_rsform&view=submissions'); } // Not an upload field $this->_db->setQuery("SELECT c.ComponentTypeId FROM #__rsform_properties p LEFT JOIN #__rsform_components c ON (p.ComponentId=c.ComponentId) WHERE p.PropertyName='NAME' AND p.PropertyValue='" . $this->_db->escape($result->FieldName) . "'"); $type = $this->_db->loadResult(); if ($type != 9) { $app->redirect('index.php?option=com_rsform&view=submissions', JText::_('RSFP_VIEW_FILE_NOT_UPLOAD')); } jimport('joomla.filesystem.file'); if (JFile::exists($result->FieldValue)) { RSFormProHelper::readFile($result->FieldValue); } $app->redirect('index.php?option=com_rsform&view=submissions', JText::_('RSFP_VIEW_FILE_NOT_FOUND')); }
public function viewFile() { $app = JFactory::getApplication(); $db =& $this->_db; $id = $app->input->getInt('id'); $query = $db->getQuery(true); $query->select('*')->from($db->qn('#__rsform_submission_values'))->where($db->qn('SubmissionValueId') . '=' . $db->q($id)); $result = $db->setQuery($query)->loadObject(); // Not found if (empty($result)) { $app->redirect('index.php?option=com_rsform&view=submissions'); } $query->clear()->select($db->qn('c.ComponentTypeId'))->from($db->qn('#__rsform_properties', 'p'))->leftJoin($db->qn('#__rsform_components', 'c') . ' ON (' . $db->qn('p.ComponentId') . ' = ' . $db->qn('c.ComponentId') . ')')->where($db->qn('p.PropertyName') . ' = ' . $db->q('NAME'))->where($db->qn('p.PropertyValue') . ' = ' . $db->q($result->FieldName))->where($db->qn('c.FormId') . ' = ' . $db->q($result->FormId)); $type = $db->setQuery($query)->loadResult(); // Not an upload field if ($type != 9) { return $this->setRedirect('index.php?option=com_rsform&view=submissions', JText::_('RSFP_VIEW_FILE_NOT_UPLOAD')); } if (file_exists($result->FieldValue)) { RSFormProHelper::readFile($result->FieldValue); } $this->setRedirect('index.php?option=com_rsform&view=submissions', JText::_('RSFP_VIEW_FILE_NOT_FOUND')); }