/** * Get an array of error messages. * * @param boolean $delete True to delete error messages (optional)(default=true). * @param boolean $reverse True to reverse error messages (optional)(default=true). * * @return array of messages */ public static function getErrorMessages($delete = true, $reverse = true) { $session = ServiceUtil::getManager()->getService('session'); $msgs = $session->getMessages(Zikula_Session::MESSAGE_ERROR); if ($delete) { $session->clearMessages(Zikula_Session::MESSAGE_ERROR); SessionUtil::delVar('_ZErrorMsgType'); } if ($reverse) { $msgs = array_reverse($msgs, true); } return $msgs; }
/** * Create a comment for a specific item * * This is a standard function that is called with the results of the * form supplied by EZComments_user_view to create a new item * * @param $comment the comment (taken from HTTP put) * @param $mod the name of the module the comment is for (taken from HTTP put) * @param $objectid ID of the item the comment is for (taken from HTTP put) * @param $redirect URL to return to (taken from HTTP put) * @param $subject The subject of the comment (if any) (taken from HTTP put) * @param $replyto The ID of the comment for which this an anser to (taken from HTTP put) * @since 0.1 */ public function create($args) { $mod = isset($args['mod']) ? $args['mod'] : FormUtil::getPassedValue('mod', null, 'POST'); $objectid = isset($args['objectid']) ? $args['objectid'] : FormUtil::getPassedValue('objectid', null, 'POST'); $areaid = isset($args['areaid']) ? $args['areaid'] : FormUtil::getPassedValue('areaid', null, 'POST'); $comment = isset($args['comment']) ? $args['comment'] : FormUtil::getPassedValue('comment', null, 'POST'); $subject = isset($args['subject']) ? $args['subject'] : FormUtil::getPassedValue('subject', null, 'POST'); $replyto = isset($args['replyto']) ? $args['replyto'] : FormUtil::getPassedValue('replyto', null, 'POST'); $owneruid = isset($args['owneruid']) ? $args['owneruid'] : FormUtil::getPassedValue('owneruid', null, 'POST'); $redirect = isset($args['redirect']) ? $args['redirect'] : FormUtil::getPassedValue('redirect', null, 'POST'); $useurl = isset($args['useurl']) ? $args['useurl'] : FormUtil::getPassedValue('useurl', null, 'POST'); // check if the user logged in and if we're allowing anon users to // set a name and email address if (!UserUtil::isLoggedIn()) { $anonname = isset($args['anonname']) ? $args['anonname'] : FormUtil::getPassedValue('anonname', null, 'POST'); $anonmail = isset($args['anonmail']) ? $args['anonmail'] : FormUtil::getPassedValue('anonmail', null, 'POST'); $anonwebsite = isset($args['anonwebsite']) ? $args['anonwebsite'] : FormUtil::getPassedValue('anonwebsite', null, 'POST'); } else { $anonname = ''; $anonmail = ''; $anonwebsite = ''; } if (!isset($owneruid) || !($owneruid > 1)) { $owneruid = 0; } $redirect = str_replace('&', '&', base64_decode($redirect)); $redirect = !empty($redirect) ? $redirect : System::serverGetVar('HTTP_REFERER'); $useurl = base64_decode($useurl); // save the submitted data if any error occurs $ezcomment = unserialize(SessionUtil::getVar('ezcomment', 'a:0:{}')); if (isset($ezcomment[$mod][$objectid])) { unset($ezcomment[$mod][$objectid]); } if (!empty($subject)) { $ezcomment[$mod][$objectid]['subject'] = $subject; } if (!empty($comment)) { $ezcomment[$mod][$objectid]['comment'] = $comment; } if (!empty($anonname)) { $ezcomment[$mod][$objectid]['anonname'] = $anonname; } if (!empty($anonmail)) { $ezcomment[$mod][$objectid]['anonmail'] = $anonmail; } if (!empty($anonwebsite)) { $ezcomment[$mod][$objectid]['anonwebsite'] = $anonwebsite; } // Confirm authorisation code // check csrf token SessionUtil::setVar('ezcomment', serialize($ezcomment)); $this->checkCsrfToken(); SessionUtil::delVar('ezcomment'); // and check we've actually got a comment.... if (empty($comment)) { SessionUtil::setVar('ezcomment', serialize($ezcomment)); return LogUtil::registerError($this->__('Error! The comment contains no text.'), null, $redirect . "#commentform_{$mod}_{$objectid}"); } // Check hooked modules for validation $hookvalidators = $this->notifyHooks(new Zikula_ValidationHook('ezcomments.ui_hooks.comments.validate_edit', new Zikula_Hook_ValidationProviders()))->getValidators(); if ($hookvalidators->hasErrors()) { SessionUtil::setVar('ezcomment', serialize($ezcomment)); return LogUtil::registerError($this->__('Error! The hooked content does not validate. Could it possibly be that a captcha code was entered incorrectly?'), null, $redirect . "#commentform_{$mod}_{$objectid}"); } // now parse out the hostname+subfolder from the url for storing in the DB $url = str_replace(System::getBaseUri(), '', $useurl); $id = ModUtil::apiFunc('EZComments', 'user', 'create', array('mod' => $mod, 'objectid' => $objectid, 'areaid' => $areaid, 'url' => $url, 'comment' => $comment, 'subject' => $subject, 'replyto' => $replyto, 'uid' => UserUtil::getVar('uid'), 'owneruid' => $owneruid, 'useurl' => $useurl, 'redirect' => $redirect, 'anonname' => $anonname, 'anonmail' => $anonmail, 'anonwebsite' => $anonwebsite)); if ($id) { // clear respective cache ModUtil::apiFunc('EZComments', 'user', 'clearItemCache', array('id' => $id, 'modname' => $mod, 'objectid' => $objectid, 'url' => $url)); } else { // redirect if it was not successful SessionUtil::setVar('ezcomment', $ezcomment); System::redirect($redirect . "#commentform_{$mod}_{$objectid}"); } // clean/set the session data if (isset($ezcomment[$mod][$objectid])) { unset($ezcomment[$mod][$objectid]); if (empty($ezcomment[$mod])) { unset($ezcomment[$mod]); } } if (empty($ezcomment)) { SessionUtil::delVar('ezcomment'); } else { SessionUtil::setVar('ezcomment', serialize($ezcomment)); } return System::redirect($redirect . '#comment' . $id); }
/** * @Route("/edit/{cid}/{dr}/{mode}", requirements={"cid" = "^[1-9]\d*$", "dr" = "^[1-9]\d*$", "mode" = "edit|new"}) * @Method("GET") * * edit category * * @param Request $request * @param integer $cid * @param integer $dr * @param string $mode new|edit * * @return Response symfony response object * * @throws AccessDeniedException Thrown if the user doesn't have permission to edit or add the category */ public function editAction(Request $request, $cid = 0, $dr = 1, $mode = "new") { $editCat = ''; $languages = ZLanguage::getInstalledLanguages(); // indicates that we're editing if ($mode == 'edit') { if (!SecurityUtil::checkPermission('ZikulaCategoriesModule::category', '::', ACCESS_EDIT)) { throw new AccessDeniedException(); } if (!$cid) { $request->getSession()->getFlashBag()->add('error', $this->__('Error! Cannot determine valid \'cid\' for edit mode in \'ZikulaCategoriesModule_admin_edit\'.')); return new RedirectResponse($this->get('router')->generate('zikulacategoriesmodule_admin_view', array(), RouterInterface::ABSOLUTE_URL)); } $editCat = CategoryUtil::getCategoryByID($cid); if (!$editCat) { $request->getSession()->getFlashBag()->add('error', $this->__('Sorry! No such item found.')); return new RedirectResponse($this->get('router')->generate('zikulacategoriesmodule_admin_view', array(), RouterInterface::ABSOLUTE_URL)); } } else { // new category creation if (!SecurityUtil::checkPermission('ZikulaCategoriesModule::category', '::', ACCESS_ADD)) { throw new AccessDeniedException(); } // since we inherit the domain settings from the parent, we get // the inherited (and merged) object from session if (isset($_SESSION['newCategory']) && $_SESSION['newCategory']) { $editCat = $_SESSION['newCategory']; unset($_SESSION['newCategory']); $category = new CategoryEntity(); // need this for validation info } elseif (FormUtil::getValidationErrors()) { // if we're back from validation get the posted data from session $newCatActionData = \SessionUtil::getVar('newCatActionData'); \SessionUtil::delVar('newCatActionData'); $editCat = new CategoryEntity(); $editCat = $editCat->toArray(); $editCat = array_merge($editCat, $newCatActionData); unset($editCat['path']); unset($editCat['ipath']); $category = new CategoryEntity(); // need this for validation info } else { // someone just pressed 'new' -> populate defaults $category = new CategoryEntity(); $editCat['sort_value'] = '0'; } } $allCats = CategoryUtil::getSubCategories($dr, true, true, true, false, true); // now remove the categories which are below $editCat ... // you should not be able to set these as a parent category as it creates a circular hierarchy (see bug #4992) if (isset($editCat['ipath'])) { $cSlashEdit = StringUtil::countInstances($editCat['ipath'], '/'); foreach ($allCats as $k => $v) { $cSlashCat = StringUtil::countInstances($v['ipath'], '/'); if ($cSlashCat >= $cSlashEdit && strpos($v['ipath'], $editCat['ipath']) !== false) { unset($allCats[$k]); } } } $selector = CategoryUtil::getSelector_Categories($allCats, 'id', isset($editCat['parent_id']) ? $editCat['parent_id'] : 0, 'category[parent_id]', isset($defaultValue) ? $defaultValue : null, null, 0, null, false, false, true, 1, false, 'form-control'); $attributes = isset($editCat['__ATTRIBUTES__']) ? $editCat['__ATTRIBUTES__'] : array(); $this->view->assign('mode', $mode)->assign('category', $editCat)->assign('attributes', $attributes)->assign('languages', $languages)->assign('categorySelector', $selector); if ($mode == 'edit') { $this->view->assign('haveSubcategories', CategoryUtil::haveDirectSubcategories($cid))->assign('haveLeafSubcategories', CategoryUtil::haveDirectSubcategories($cid, false, true)); } return $this->response($this->view->fetch('Admin/edit.tpl')); }
public function view($args) { $statsSaved = unserialize(SessionUtil::getVar('statsSaved')); $registered = (isset($statsSaved['registered'])) ? $statsSaved['registered'] : 0; $moduleId = (isset($statsSaved['moduleId'])) ? $statsSaved['moduleId'] : 0; $ip = (isset($statsSaved['ip'])) ? $statsSaved['ip'] : 0; $startnum = FormUtil::getPassedValue('startnum', isset($args['startnum']) ? $args['startnum'] : 1, 'GETPOST'); $moduleId = FormUtil::getPassedValue('moduleId', isset($args['moduleId']) ? $args['moduleId'] : $moduleId, 'GETPOST'); $uname = FormUtil::getPassedValue('uname', isset($args['uname']) ? $args['uname'] : $statsSaved['uname'], 'GETPOST'); $ip = FormUtil::getPassedValue('ip', isset($args['ip']) ? $args['ip'] : $ip, 'GETPOST'); $registered = FormUtil::getPassedValue('registered', isset($args['registered']) ? $args['registered'] : $registered, 'GETPOST'); $reset = FormUtil::getPassedValue('reset', isset($args['reset']) ? $args['reset'] : 0, 'GET'); $fromDate = FormUtil::getPassedValue('fromDate', isset($args['fromDate']) ? $args['fromDate'] : null, 'GETPOST'); $toDate = FormUtil::getPassedValue('toDate', isset($args['toDate']) ? $args['toDate'] : null, 'GETPOST'); SessionUtil::setVar('statsSaved', serialize(array('moduleId' => $moduleId, 'uname' => $uname, 'ip' => $ip, 'registered' => $registered, ))); if ($reset == 1) { $ip = null; $uname = null; $registered = 0; $moduleId = 0; SessionUtil::delVar('statsSaved'); } if (!SecurityUtil::checkPermission('IWstats::', '::', ACCESS_ADMIN)) { throw new Zikula_Exception_Forbidden(); } $uid = 0; $rpp = 50; $lastDays = 10; if ($uname != null && $uname != '') { // get user id from uname $uid = UserUtil::getIdFromName($uname); if (!$uid) { LogUtil::registerError(__f('User \'%s\' not found', array($uname))); $uname = ''; } } $time = time(); if ($fromDate != null) { $fromDate = mktime(0, 0, 0, substr($fromDate, 3, 2), substr($fromDate, 0, 2), substr($fromDate, 6, 4)); $fromDate = date('Y-m-d 00:00:00', $fromDate); $fromDate = DateUtil::makeTimestamp($fromDate); $fromDate = date('d-m-Y', $fromDate); } else { $fromDate = date('d-m-Y', $time - $lastDays * 24 * 60 * 60); } if ($toDate != null) { $toDate = mktime(0, 0, 0, substr($toDate, 3, 2), substr($toDate, 0, 2), substr($toDate, 6, 4)); $toDate = date('Y-m-d 00:00:00', $toDate); $toDate = DateUtil::makeTimestamp($toDate); $toDate = date('d-m-Y', $toDate); } else { $toDate = date('d-m-Y', $time); } // get last records $records = ModUtil::apiFunc('IWstats', 'user', 'getAllRecords', array('rpp' => $rpp, 'init' => $startnum, 'moduleId' => $moduleId, 'uid' => $uid, 'ip' => $ip, 'registered' => $registered, 'fromDate' => $fromDate, 'toDate' => $toDate, )); // get last records $nRecords = ModUtil::apiFunc('IWstats', 'user', 'getAllRecords', array('onlyNumber' => 1, 'moduleId' => $moduleId, 'uid' => $uid, 'ip' => $ip, 'registered' => $registered, 'fromDate' => $fromDate, 'toDate' => $toDate, )); $usersList = ''; foreach ($records as $record) { if ($record['params'] != '') { $valueArray = array(); $paramsArray = explode('&', $record['params']); foreach ($paramsArray as $param) { $value = explode('=', $param); $valueArray[$value[0]] = $value[1]; } if ($record['moduleid'] > 0) { $records[$record['statsid']]['func'] = (isset($valueArray['func'])) ? $valueArray['func'] : 'main'; $records[$record['statsid']]['type'] = (isset($valueArray['type'])) ? $valueArray['type'] : 'user'; } else { $records[$record['statsid']]['func'] = ''; $records[$record['statsid']]['type'] = ''; } $params = ''; foreach ($valueArray as $key => $v) { if ($key != 'module' && $key != 'func' && $key != 'type') { $params .= $key . '=' . $v . '&'; } } } else { $params = ''; if ($record['moduleid'] > 0) { $records[$record['statsid']]['func'] = 'main'; $records[$record['statsid']]['type'] = 'user'; } else { $records[$record['statsid']]['func'] = ''; $records[$record['statsid']]['type'] = ''; } } $params = str_replace('%3F', '?', $params); $params = str_replace('%3D', '=', $params); $params = str_replace('%2F', '/', $params); $params = str_replace('%26', '&', $params); $params = str_replace('%7E', '~', $params); $records[$record['statsid']]['params'] = substr($params, 0, -1); $usersList .= $record['uid'] . '$$'; } $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); $users = ModUtil::func('IWmain', 'user', 'getAllUsersInfo', array('info' => 'ncc', 'sv' => $sv, 'list' => $usersList)); $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); $usersMails = ModUtil::func('IWmain', 'user', 'getAllUsersInfo', array('info' => 'l', 'sv' => $sv, 'list' => $usersList)); $users[0] = $this->__('Unregistered'); // get all modules $modules = ModUtil::apiFunc('Extensions', 'admin', 'listmodules', array('state' => 0)); $skippedModulesArray = unserialize(ModUtil::getVar('IWstats', 'modulesSkipped')); $modulesNames = array(); $modulesArray = array(); if (!is_array($skippedModulesArray)) $skippedModulesArray = array(); foreach ($modules as $module) { if (!in_array($module['id'], $skippedModulesArray)) { $modulesNames[$module['id']] = $module['name']; $modulesArray[] = array('id' => $module['id'], 'name' => $module['name']); } } // Create output object return $this->view->assign('records', $records) ->assign('users', $users) ->assign('usersMails', $usersMails) ->assign('pager', array('numitems' => $nRecords, 'itemsperpage' => $rpp)) ->assign('modulesNames', $modulesNames) ->assign('modulesArray', $modulesArray) ->assign('moduleId', $moduleId) ->assign('url', System::getBaseUrl()) ->assign('uname', $uname) ->assign('registered', $registered) ->assign('fromDate', $fromDate) ->assign('toDate', $toDate) ->assign('maxDate', date('Ymd', time())) ->fetch('IWstats_admin_view.htm'); }
/** * Log the user out. * * @return bool true if the user successfully logged out, false otherwise */ public static function logout() { if (self::isLoggedIn()) { $userObj = self::getVars(self::getVar('uid')); $authenticationMethod = SessionUtil::delVar('authentication_method', array('modname' => '', 'method' => ''), 'Zikula_Users'); session_destroy(); } return true; }
/** * edit category */ public function editAction() { $cid = $this->request->get('cid', 0); $root_id = $this->request->get('dr', 1); $mode = $this->request->get('mode', 'new'); $allCats = ''; $editCat = ''; $languages = ZLanguage::getInstalledLanguages(); // indicates that we're editing if ($mode == 'edit') { if (!SecurityUtil::checkPermission('Categories::category', "::", ACCESS_ADMIN)) { throw new \Zikula\Framework\Exception\ForbiddenException(); } if (!$cid) { return LogUtil::registerError($this->__('Error! Cannot determine valid \'cid\' for edit mode in \'Categories_admin_edit\'.')); } $editCat = CategoryUtil::getCategoryByID($cid); if (!$editCat) { return LogUtil::registerError($this->__('Sorry! No such item found.'), 404); } } else { // new category creation if (!SecurityUtil::checkPermission('Categories::category', '::', ACCESS_ADD)) { throw new \Zikula\Framework\Exception\ForbiddenException(); } // since we inherit the domain settings from the parent, we get // the inherited (and merged) object from session if (isset($_SESSION['newCategory']) && $_SESSION['newCategory']) { $editCat = $_SESSION['newCategory']; unset($_SESSION['newCategory']); $category = new \Zikula\Core\Doctrine\Entity\Category(); // need this for validation info } elseif (FormUtil::getValidationErrors()) { $newCatActionData = \SessionUtil::getVar('newCatActionData'); \SessionUtil::delVar('newCatActionData'); $editCat = new \Zikula\Core\Doctrine\Entity\Category(); $editCat = $editCat->toArray(); $editCat = array_merge($editCat, $newCatActionData); unset($editCat['path']); unset($editCat['ipath']); $category = new \Zikula\Core\Doctrine\Entity\Category(); // need this for validation info } else { $category = new \Zikula\Core\Doctrine\Entity\Category(); $editCat['sort_value'] = '0'; } } $reloadOnCatChange = $mode != 'edit'; $allCats = CategoryUtil::getSubCategories($root_id, true, true, true, false, true); // now remove the categories which are below $editCat ... // you should not be able to set these as a parent category as it creates a circular hierarchy (see bug #4992) if (isset($editCat['ipath'])) { $cSlashEdit = StringUtil::countInstances($editCat['ipath'], '/'); foreach ($allCats as $k => $v) { $cSlashCat = StringUtil::countInstances($v['ipath'], '/'); if ($cSlashCat >= $cSlashEdit && strpos($v['ipath'], $editCat['ipath']) !== false) { unset($allCats[$k]); } } } $selector = CategoryUtil::getSelector_Categories($allCats, 'id', isset($editCat['parent_id']) ? $editCat['parent_id'] : 0, 'category[parent_id]', isset($defaultValue) ? $defaultValue : null, null, $reloadOnCatChange); $attributes = isset($editCat['__ATTRIBUTES__']) ? $editCat['__ATTRIBUTES__'] : array(); $this->view->assign('mode', $mode)->assign('category', $editCat)->assign('attributes', $attributes)->assign('languages', $languages)->assign('categorySelector', $selector); if ($mode == 'edit') { $this->view->assign('haveSubcategories', CategoryUtil::haveDirectSubcategories($cid))->assign('haveLeafSubcategories', CategoryUtil::haveDirectSubcategories($cid, false, true)); } return $this->response($this->view->fetch('Admin/edit.tpl')); }
/** * update ML settings * * @return mixed true if successful, false if unsuccessful, error string otherwise */ public function updatemultilingual() { $this->checkCsrfToken(); // security check if (!SecurityUtil::checkPermission('Settings::', '::', ACCESS_ADMIN)) { return LogUtil::registerPermissionError(); } $url = ModUtil::url('Settings', 'admin', 'multilingual'); $settings = array('mlsettings_language_i18n' => 'language_i18n', 'mlsettings_timezone_offset' => 'timezone_offset', 'mlsettings_timezone_server' => 'timezone_server', 'mlsettings_multilingual' => 'multilingual', 'mlsettings_language_detect' => 'language_detect', 'mlsettings_languageurl' => 'languageurl'); // we can't detect language if multilingual feature is off so reset this to false if (FormUtil::getPassedValue('mlsettings_multilingual', null, 'POST') == 0) { if (System::getVar('language_detect')) { System::setVar('language_detect', 0); unset($settings['mlsettings_language_detect']); LogUtil::registerStatus($this->__('Notice: Language detection is automatically disabled when multi-lingual features are disabled.')); } $deleteLangUrl = true; } if (isset($deleteLangUrl)) { // reset language settings SessionUtil::delVar('language'); $url = preg_replace('#(.*)(&lang=[a-z-]{2,5})(.*)#i', '$1$3', $url); } // Write the vars $configvars = ModUtil::getVar(ModUtil::CONFIG_MODULE); foreach ($settings as $formname => $varname) { $newvalue = FormUtil::getPassedValue($formname, null, 'POST'); $oldvalue = System::getVar($varname); if ($newvalue != $oldvalue) { System::setVar($varname, $newvalue); } } // clear all cache and compile directories ModUtil::apiFunc('Settings', 'admin', 'clearallcompiledcaches'); // all done successfully LogUtil::registerStatus($this->__('Done! Saved localisation settings.')); $this->redirect($url); }
/** * view items * * @author Mark West * @param $args['prop'] category property * @param $args['cat'] category id * @param $args['page'] starting number for paged view * @param $args['itemsperpage'] the number of items on a page * @param $args['page'] starting number for paged view * @param $args['displayonindex'] show only newsitems marked for display on the index page * @param $args['giventemplate'] Template file to use * @return string HTML string */ public function view($args = array()) { $this->throwForbiddenUnless(SecurityUtil::checkPermission('News::', '::', ACCESS_OVERVIEW), LogUtil::getErrorMsgPermission()); // clean the session preview data SessionUtil::delVar('newsitem'); // get all module vars for later use $modvars = $this->getVars(); // Get parameters from whatever input we need $prop = isset($args['prop']) ? $args['prop'] : (string)FormUtil::getPassedValue('prop', null, 'GET'); $cat = isset($args['cat']) ? $args['cat'] : (string)FormUtil::getPassedValue('cat', null, 'GET'); $page = isset($args['page']) ? $args['page'] : (int)FormUtil::getPassedValue('page', 1, 'GET'); $displayModule = FormUtil::getPassedValue('module', 'X', 'GET'); // storyhome nrofitems is only used when News is the homepage module $defaultItemsPerPage = ($displayModule == 'X') ? $modvars['storyhome'] : $modvars['itemsperpage']; $itemsperpage = isset($args['itemsperpage']) ? $args['itemsperpage'] : (int)FormUtil::getPassedValue('itemsperpage', $defaultItemsPerPage, 'GET'); $displayonindex = isset($args['displayonindex']) ? (int)$args['displayonindex'] : FormUtil::getPassedValue('displayonindex', null, 'GET'); $giventemplate = isset($args['giventemplate']) ? $args['giventemplate'] : 'view.tpl'; // pages start at 1 if ($page < 1) { LogUtil::registerError($this->__('Error! Invalid page passed.')); } // work out page size from page number $startnum = (($page - 1) * $itemsperpage) + 1; $lang = ZLanguage::getLanguageCode(); // check if categorization is enabled if ($modvars['enablecategorization']) { // get the categories registered for News $catregistry = CategoryRegistryUtil::getRegisteredModuleCategories('News', 'news'); $properties = array_keys($catregistry); // validate the property // and build the category filter - mateo if (!empty($prop) && in_array($prop, $properties) && !empty($cat)) { if (!is_numeric($cat)) { $rootCat = CategoryUtil::getCategoryByID($catregistry[$prop]); $cat = CategoryUtil::getCategoryByPath($rootCat['path'] . '/' . $cat); } else { $cat = CategoryUtil::getCategoryByID($cat); } $catname = isset($cat['display_name'][$lang]) ? $cat['display_name'][$lang] : $cat['name']; if (!empty($cat) && isset($cat['path'])) { // include all it's subcategories and build the filter $categories = CategoryUtil::getCategoriesByPath($cat['path'], '', 'path'); $catstofilter = array(); foreach ($categories as $category) { $catstofilter[] = $category['id']; } $catFilter = array($prop => $catstofilter); } else { LogUtil::registerError($this->__('Error! Invalid category passed.')); } } } // get matching news articles $items = ModUtil::apiFunc('News', 'user', 'getall', array('startnum' => $startnum, 'numitems' => $itemsperpage, 'status' => News_Api_User::STATUS_PUBLISHED, 'displayonindex' => $displayonindex, 'filterbydate' => true, 'category' => isset($catFilter) ? $catFilter : null, // get all method doesn't appear to want a category arg 'catregistry' => isset($catregistry) ? $catregistry : null)); if ($items == false) { if ($modvars['enablecategorization'] && isset($catFilter)) { LogUtil::registerStatus($this->__f('No articles currently published under the \'%s\' category.', $catname)); } else { LogUtil::registerStatus($this->__('No articles currently published.')); } } // assign various useful template variables $this->view->assign('startnum', $startnum); $this->view->assign('lang', $lang); // assign the root category $this->view->assign('category', $cat); $this->view->assign('catname', isset($catname) ? $catname : ''); $this->view->assign('catimagepath', $this->getVar('catimagepath')); $accesslevel = ACCESS_READ; if (SecurityUtil::checkPermission('News::', "::", ACCESS_COMMENT)) $accesslevel = ACCESS_COMMENT; if (SecurityUtil::checkPermission('News::', "::", ACCESS_EDIT)) $accesslevel = ACCESS_EDIT; $accesslevel = '|a'.$accesslevel; $newsitems = array(); // Loop through each item and display it foreach ($items as $item) { // display if it's published and the displayonindex match (if set) if (($item['published_status'] == 0) && (!isset($displayonindex) || $item['displayonindex'] == $displayonindex)) { $template = 'user/index.tpl'; if (!$this->view->is_cached($template, $item['sid'])) { // $info is array holding raw information. // Used below and also passed to the theme - jgm $info = ModUtil::apiFunc('News', 'user', 'getArticleInfo', $item); // $links is an array holding pure URLs to // specific functions for this article. // Used below and also passed to the theme - jgm $links = ModUtil::apiFunc('News', 'user', 'getArticleLinks', $info); // $preformat is an array holding chunks of // preformatted text for this article. // Used below and also passed to the theme - jgm $preformat = ModUtil::apiFunc('News', 'user', 'getArticlePreformat', array('info' => $info, 'links' => $links)); $this->view->assign(array( 'info' => $info, 'links' => $links, 'preformat' => $preformat)); } $newsitems[] = $this->view->fetch($template, $item['sid'].$accesslevel); } } // The items that are displayed on this overview page depend on the individual // user permissions. Therefor, we can not cache the whole page. // The single entries are cached, though. $this->view->setCaching(false); // Display the entries $this->view->assign('newsitems', $newsitems); // Assign the values for the smarty plugin to produce a pager $this->view->assign('pager', array('numitems' => ModUtil::apiFunc('News', 'user', 'countitems', array('status' => 0, 'filterbydate' => true, 'displayonindex' => $displayonindex, 'category' => isset($catFilter) ? $catFilter : null)), 'itemsperpage' => $itemsperpage)); // Return the output that has been generated by this function return $this->view->fetch('user/'.$giventemplate); }
/** * Display hook for view. * * Subject is the object being viewed that we're attaching to. * args[id] Is the id of the object. * args[caller] the module who notified of this event. * * @param Zikula_Hook $hook The hook. * * @return void */ public function uiView(Zikula_DisplayHook $hook) { // work out the input from the hook $mod = $hook->getCaller(); $areaId = $hook->getAreaId(); $objectid = $hook->getId(); // first check if the user is allowed to do any comments for this module/objectid if (!SecurityUtil::checkPermission('EZComments::', "{$mod}:{$objectid}:", ACCESS_OVERVIEW)) { return; } $subject = array(); //$hook->getSubject(); $owneruid = isset($subject['cr_uid']) ? (int) $subject['cr_uid'] : 0; $useurl = isset($subject['useurl']) ? $subject['useurl'] : null; $ownerUidSession = SessionUtil::delVar('commentOwner', 0); if ($ownerUidSession > 0) { $owneruid = $ownerUidSession; } // we may have a comment incoming $ezcomment = unserialize(SessionUtil::getVar('ezcomment', 'a:0:{}')); $ezcomment = isset($ezcomment[$mod][$objectid]) ? $ezcomment[$mod][$objectid] : null; // we may get some input in from the navigation bar $order = FormUtil::getPassedValue('order'); $sortorder = $order == 1 ? 'DESC' : 'ASC'; $status = 0; // check if we're using the pager $enablepager = ModUtil::getVar('EZComments', 'enablepager'); if ($enablepager) { $numitems = ModUtil::getVar('EZComments', 'commentsperpage'); $startnum = FormUtil::getPassedValue('comments_startnum'); if (!isset($startnum) && !is_numeric($startnum)) { $startnum = -1; } } else { $startnum = -1; $numitems = -1; } $params = compact('mod', 'areaId', 'objectid', 'sortorder', 'status', 'numitems', 'startnum'); $items = ModUtil::apiFunc('EZComments', 'user', 'getall', $params); if ($items === false) { return LogUtil::registerError($this->__('Internal Error.'), null, 'index.php'); } $items = ModUtil::apiFunc('EZComments', 'user', 'prepareCommentsForDisplay', $items); if ($enablepager) { $commentcount = ModUtil::apiFunc('EZComments', 'user', 'countitems', compact('mod', 'objectid', 'status')); } else { $commentcount = count($items); } // create the output object $view = Zikula_View::getInstance('EZComments', false, null, true); $view->assign('areaid', $areaId)->assign('comments', $items)->assign('commentcount', $commentcount)->assign('ezcomment', $ezcomment)->assign('ezc_info', compact('mod', 'objectid', 'sortorder', 'status'))->assign('modinfo', ModUtil::getInfo(ModUtil::getIdFromName($mod)))->assign('msgmodule', System::getVar('messagemodule', ''))->assign('prfmodule', System::getVar('profilemodule', ''))->assign('allowadd', SecurityUtil::checkPermission('EZComments::', "{$mod}:{$objectid}:", ACCESS_COMMENT))->assign('loggedin', UserUtil::isLoggedIn()); $modUrl = $hook->getUrl(); $redirect = !is_null($modUrl) ? $modUrl->getUrl() : ''; $view->assign('returnurl', $redirect); // encode the url - otherwise we can get some problems out there.... $redirect = base64_encode($redirect); $view->assign('redirect', $redirect); $view->assign('objectid', $objectid); // assign the user is of the content owner $view->assign('owneruid', $owneruid); // assign url that should be stored in db and sent in email if it // differs from the redirect url $view->assign('useurl', $useurl); // flag to recognize the main call static $mainScreen = true; $view->assign('mainscreen', $mainScreen); $mainScreen = false; // assign the values for the pager $view->assign('ezc_pager', array('numitems' => $commentcount, 'itemsperpage' => $numitems)); // find out which template and stylesheet to use $templateset = isset($args['template']) ? $args['template'] : FormUtil::getPassedValue('eztpl'); $css = isset($args['ezccss']) ? $args['ezccss'] : FormUtil::getPassedValue('ezccss'); $defaultcss = ModUtil::getVar('EZComments', 'css', 'style.css'); if (!$view->template_exists(DataUtil::formatForOS($templateset) . '/ezcomments_user_view.tpl')) { $templateset = ModUtil::getVar('EZComments', 'template', 'Standard'); } $view->assign('template', $templateset); // include stylesheet if there is a style sheet $css = $css ? "{$css}.css" : $defaultcss; if ($css = ModUtil::apiFunc('EZComments', 'user', 'getStylesheet', array('path' => "{$templateset}/{$css}"))) { PageUtil::addVar('stylesheet', $css); } $template = DataUtil::formatForOS($templateset) . '/ezcomments_user_view.tpl'; $response = new Zikula_Response_DisplayHook('provider_area.ui_hooks.ezcomments.comments', $view, $template); $hook->setResponse($response); }
/** * */ public static function modifyPostings($userid) { $view = new Zikula_Request_Http(); $postingid = $view->query->filter('id', 0, FILTER_SANITIZE_STRING); $postingids = SessionUtil::getVar('muboardpostingids'); if (count($postingids) > 0 && is_array($postingids)) { if (in_array($postingid, $postingids)) { $pos = array_search($postingid, $postingids); unset($postingids[$pos]); } } if (count($postingids) > 0) { SessionUtil::setVar('muboardpostingids', $postingids); } else { SessionUtil::delVar('muboardpostingids'); } }
/** * Generate complete search form * * Generate the whole search form, including the various plugins options. * It uses the Search API's getallplugins() function to find plugins. * * @return string HTML string templated */ public function form($vars = array()) { // Security check if (!SecurityUtil::checkPermission('Search::', '::', ACCESS_READ)) { return LogUtil::registerPermissionError(); } // get parameter from input $vars['q'] = strip_tags(FormUtil::getPassedValue('q', '', 'REQUEST')); $vars['searchtype'] = FormUtil::getPassedValue('searchtype', SessionUtil::getVar('searchtype'), 'REQUEST'); $vars['searchorder'] = FormUtil::getPassedValue('searchorder', SessionUtil::getVar('searchorder'), 'REQUEST'); $vars['numlimit'] = $this->getVar('itemsperpage', 25); $vars['active'] = FormUtil::getPassedValue('active', SessionUtil::getVar('searchactive'), 'REQUEST'); $vars['modvar'] = FormUtil::getPassedValue('modvar', SessionUtil::getVar('searchmodvar'), 'REQUEST'); // this var allows the headers to not be displayed if (!isset($vars['titles'])) { $vars['titles'] = true; } // set some defaults if (!isset($vars['searchtype']) || empty($vars['searchtype'])) { $vars['searchtype'] = 'AND'; } if (!isset($vars['searchorder']) || empty($vars['searchorder'])) { $vars['searchorder'] = 'newest'; } $setActiveDefaults = false; if (!isset($vars['active']) || !is_array($vars['active'])) { $setActiveDefaults = true; $vars['active'] = array(); } // reset the session vars for a new search SessionUtil::delVar('searchtype'); SessionUtil::delVar('searchorder'); SessionUtil::delVar('searchactive'); SessionUtil::delVar('searchmodvar'); // get all the search plugins $search_modules = ModUtil::apiFunc('Search', 'user', 'getallplugins'); if (count($search_modules) > 0) { $plugin_options = array(); foreach ($search_modules as $mods) { // if active array is empty, we need to set defaults if ($setActiveDefaults) { $vars['active'][$mods['name']] = '1'; } // as every search plugins return a formatted html string // we assign it to a generic holder named 'plugin_options' // maybe in future this will change // we should retrieve from the plugins an array of values // and formatting it here according with the module's template // we have also to provide some trick to assure the 'backward compatibility' if (isset($mods['title'])) { $plugin_options[$mods['title']] = ModUtil::apiFunc($mods['title'], 'search', 'options', $vars); } } // Create output object // add content to template $this->view->assign($vars)->assign('plugin_options', $plugin_options); // Return the output that has been generated by this function return $this->view->fetch('search_user_form.tpl'); } else { // Create output object // Return the output that has been generated by this function return $this->view->fetch('search_user_noplugins.tpl'); } }
/** * Delete a session variable * * @deprecated * @see SessionUtil::delVar() * @param string $name of the session variable to delete * @return bool true */ function pnSessionDelVar($name) { LogUtil::log(__f('Warning! Function %1$s is deprecated. Please use %2$s instead.', array( 'pnSessionDelVar()', 'SessionUtil::delVar()')), E_USER_DEPRECATED); return SessionUtil::delVar($name); }
/** * view items * @param int 'startnum' starting number for paged output * @author Mark West * @return string HTML string */ public function view($args) { $this->throwForbiddenUnless(SecurityUtil::checkPermission('News::', '::', ACCESS_EDIT), LogUtil::getErrorMsgPermission()); // initialize sort array - used to display sort classes and urls $sort = array(); $fields = array('sid', 'weight', 'from'); // possible sort fields foreach ($fields as $field) { $sort['class'][$field] = 'z-order-unsorted'; // default values } $startnum = FormUtil::getPassedValue('startnum', isset($args['startnum']) ? $args['startnum'] : null, 'GETPOST'); $news_status = FormUtil::getPassedValue('news_status', isset($args['news_status']) ? $args['news_status'] : null, 'GETPOST'); $language = FormUtil::getPassedValue('news_language', isset($args['news_language']) ? $args['news_language'] : null, 'GETPOST'); $purge = FormUtil::getPassedValue('purge', false, 'GET'); $order = FormUtil::getPassedValue('order', isset($args['order']) ? $args['order'] : 'from', 'GETPOST'); $original_sdir = FormUtil::getPassedValue('sdir', isset($args['sdir']) ? $args['sdir'] : 1, 'GETPOST'); $this->view->assign('startnum', $startnum); $this->view->assign('order', $order); $this->view->assign('sdir', $original_sdir); $this->view->assign('selected_language', (isset($language)) ? $language : ''); $sdir = $original_sdir ? 0 : 1; //if true change to false, if false change to true // change class for selected 'orderby' field to asc/desc if ($sdir == 0) { $sort['class'][$order] = 'z-order-desc'; $orderdir = 'DESC'; } if ($sdir == 1) { $sort['class'][$order] = 'z-order-asc'; $orderdir = 'ASC'; } $filtercats = FormUtil::getPassedValue('news', null, 'GETPOST'); $filtercats_serialized = FormUtil::getPassedValue('filtercats_serialized', false, 'GET'); $filtercats = $filtercats_serialized ? unserialize($filtercats_serialized) : $filtercats; $catsarray = News_Util::formatCategoryFilter($filtercats); // complete initialization of sort array, adding urls foreach ($fields as $field) { $sort['url'][$field] = ModUtil::url('News', 'admin', 'view', array( 'news_status' => $news_status, 'news_language' => $language, 'filtercats_serialized' => serialize($filtercats), 'order' => $field, 'sdir' => $sdir)); } $this->view->assign('sort', $sort); $this->view->assign('filter_active', (!isset($language) && !isset($news_status) && empty($filtercats)) ? false : true); if ($purge) { if (ModUtil::apiFunc('News', 'admin', 'purgepermalinks')) { LogUtil::registerStatus($this->__('Done! Purged permalinks.')); } else { LogUtil::registerError($this->__('Error! Could not purge permalinks.')); } return $this->redirect(strpos(System::serverGetVar('HTTP_REFERER'), 'purge') ? ModUtil::url('News', 'admin', 'view') : System::serverGetVar('HTTP_REFERER')); } // clean the session preview data SessionUtil::delVar('newsitem'); // get module vars for later use $modvars = $this->getVars(); if ($modvars['enablecategorization']) { $catregistry = CategoryRegistryUtil::getRegisteredModuleCategories('News', 'news'); $this->view->assign('catregistry', $catregistry); } $multilingual = System::getVar('multilingual', false); $now = DateUtil::getDatetime(); $status = null; if (isset($news_status) && $news_status != '') { if ($news_status == 0) { $status = 0; $to = $now; } elseif ($news_status == 5) { // scheduled is actually the published status, but in the future $status = 0; $from = $now; } else { $status = $news_status; } } // Get all news stories $getallargs = array('startnum' => $startnum, 'status' => $status, 'numitems' => $modvars['itemsperadminpage'], 'ignoreml' => true, 'language' => $language, 'order' => isset($order) ? $order : 'from', 'orderdir' => isset($orderdir) ? $orderdir : 'DESC', 'from' => isset($from) ? $from : null, 'to' => isset($to) ? $to : null, 'filterbydate' => false, 'category' => null, 'catfilter' => isset($catsarray) ? $catsarray : null, 'catregistry' => isset($catregistry) ? $catregistry : null); $items = ModUtil::apiFunc('News', 'user', 'getall', $getallargs); $total_articles = ModUtil::apiFunc('News', 'user', 'countitems', $getallargs); // Set the possible status for later use $itemstatus = array( '' => $this->__('All'), News_Api_User::STATUS_PUBLISHED => $this->__('Published'), News_Api_User::STATUS_REJECTED => $this->__('Rejected'), News_Api_User::STATUS_PENDING => $this->__('Pending Review'), News_Api_User::STATUS_ARCHIVED => $this->__('Archived'), News_Api_User::STATUS_DRAFT => $this->__('Draft'), News_Api_User::STATUS_SCHEDULED => $this->__('Scheduled') ); $newsitems = array(); foreach ($items as $item) { $options = array(); if (System::getVar('shorturls', false)) { $options[] = array('url' => ModUtil::url('News', 'user', 'display', array('sid' => $item['sid'], 'from' => $item['from'], 'urltitle' => $item['urltitle'])), 'image' => '14_layer_visible.png', 'title' => $this->__('View')); } else { $options[] = array('url' => ModUtil::url('News', 'user', 'display', array('sid' => $item['sid'])), 'image' => '14_layer_visible.png', 'title' => $this->__('View')); } if (SecurityUtil::checkPermission('News::', "{$item['cr_uid']}::{$item['sid']}", ACCESS_EDIT)) { if ($item['published_status'] == News_Api_User::STATUS_PENDING) { $options[] = array('url' => ModUtil::url('News', 'admin', 'modify', array('sid' => $item['sid'])), 'image' => 'editcut.png', 'title' => $this->__('Review')); } else { $options[] = array('url' => ModUtil::url('News', 'admin', 'modify', array('sid' => $item['sid'])), 'image' => 'xedit.png', 'title' => $this->__('Edit')); } if (($item['published_status'] != News_Api_User::STATUS_PENDING && (SecurityUtil::checkPermission('News::', "{$item['cr_uid']}::{$item['sid']}", ACCESS_DELETE))) || SecurityUtil::checkPermission('News::', "{$item['cr_uid']}::{$item['sid']}", ACCESS_ADMIN)) { $options[] = array('url' => ModUtil::url('News', 'admin', 'delete', array('sid' => $item['sid'])), 'image' => '14_layer_deletelayer.png', 'title' => $this->__('Delete')); } } $item['options'] = $options; if (in_array($item['published_status'], array_keys($itemstatus))) { $item['status'] = $itemstatus[$item['published_status']]; } else { $item['status'] = $this->__('Unknown'); } $item['infuture'] = DateUtil::getDatetimeDiff_AsField($item['from'], DateUtil::getDatetime(), 6) < 0; $newsitems[] = $item; } // Assign the items to the template $this->view->assign('newsitems', $newsitems); $this->view->assign('total_articles', $total_articles); // Assign the current status filter and the possible ones $this->view->assign('news_status', $news_status); $this->view->assign('itemstatus', $itemstatus); $this->view->assign('order', $order); $selectedcategories = array(); if (is_array($filtercats)) { $catsarray = $filtercats['__CATEGORIES__']; foreach ($catsarray as $propname => $propid) { if ($propid > 0) { $selectedcategories[$propname] = $propid; // removes categories set to 'all' } } } $this->view->assign('selectedcategories', $selectedcategories); // Return the output that has been generated by this function return $this->view->fetch('admin/view.tpl'); }
/** * Remove a module * @param int 'id' module id * @return bool true if successful */ public function remove() { // Get parameters from whatever input we need $id = (int) FormUtil::getPassedValue('id', 0); $objectid = (int) FormUtil::getPassedValue('objectid', 0); $confirmation = (bool) FormUtil::getPassedValue('confirmation', false); $dependents = (array) FormUtil::getPassedValue('dependents'); $startnum = (int) FormUtil::getPassedValue('startnum'); $letter = FormUtil::getPassedValue('letter'); $state = FormUtil::getPassedValue('state'); if ($objectid) { $id = $objectid; } $interactive_remove = SessionUtil::getVar('interactive_remove'); $interactive_remove = (empty($interactive_remove)) ? false : true; if ($interactive_remove == false) { SessionUtil::setVar('modules_id', $id); SessionUtil::setVar('modules_startnum', $startnum); SessionUtil::setVar('modules_letter', $letter); SessionUtil::setVar('modules_state', $state); } else { $id = SessionUtil::getVar('modules_id'); $startnum = SessionUtil::getVar('modules_startnum'); $letter = SessionUtil::getVar('modules_letter'); $state = SessionUtil::getVar('modules_state'); $confirmation = 1; } if (empty($id) || !is_numeric($id) || !ModUtil::getInfo($id)) { return LogUtil::registerError($this->__('Error! No module ID provided.'), 404, ModUtil::url('Extensions', 'admin', 'view')); } // Check for confirmation. if (empty($confirmation)) { // No confirmation yet // Add a hidden field for the item ID to the output $this->view->assign('id', $id); // assign any dependencies - filtering out non-active module dependents $dependents = ModUtil::apiFunc('Extensions', 'admin', 'getdependents', array( 'modid' => $id)); foreach ($dependents as $key => $dependent) { $modinfo = ModUtil::getInfo($dependent['modid']); if (!ModUtil::available($modinfo['name'])) { unset($dependents[$key]); } else { $dependents[$key] = array_merge($dependents[$key], $modinfo); } } // check the blocks module for existing blocks $blocks = ModUtil::apiFunc('Blocks', 'user', 'getall', array( 'modid' => $id)); $this->view->assign('hasBlocks', count($blocks)); $this->view->assign('dependents', $dependents) ->assign('startnum', $startnum) ->assign('letter', $letter) ->assign('state', $state); // Return the output that has been generated by this function return $this->view->fetch('extensions_admin_remove.tpl'); } // If we get here it means that the user has confirmed the action $csrftoken = FormUtil::getPassedValue('csrftoken'); $this->checkCsrfToken($csrftoken); // remove dependent modules foreach ($dependents as $dependent) { if (!ModUtil::apiFunc('Extensions', 'admin', 'remove', array( 'id' => $dependent))) { $this->redirect(ModUtil::url('Extensions', 'admin', 'view', array( 'startnum' => $startnum, 'letter' => $letter, 'state' => $state))); } } // remove the module blocks $blocks = ModUtil::apiFunc('Blocks', 'user', 'getall', array( 'modid' => $id)); foreach ($blocks as $block) { if (!ModUtil::apiFunc('Blocks', 'admin', 'delete', array( 'bid' => $block['bid']))) { LogUtil::registerError($this->__f('Error! Deleting the block %s .', $block['title'])); $this->redirect(ModUtil::url('Extensions', 'admin', 'view', array( 'startnum' => $startnum, 'letter' => $letter, 'state' => $state))); } } // Now we've removed dependents and associated blocks remove the main module $res = ModUtil::apiFunc('Extensions', 'admin', 'remove', array( 'id' => $id, 'interactive_remove' => $interactive_remove)); if (is_bool($res) && $res == true) { // Success SessionUtil::delVar('modules_id'); SessionUtil::delVar('modules_startnum'); SessionUtil::delVar('modules_letter'); SessionUtil::delVar('modules_state'); SessionUtil::delVar('interactive_remove'); LogUtil::registerStatus($this->__('Done! Uninstalled module.')); $this->redirect(ModUtil::url('Extensions', 'admin', 'view', array( 'startnum' => $startnum, 'letter' => $letter, 'state' => $state))); } elseif (is_bool($res)) { $this->redirect(ModUtil::url('Extensions', 'admin', 'view', array( 'startnum' => $startnum, 'letter' => $letter, 'state' => $state))); } else { return $res; } }