/**
* Displays the "Content Access Denied View
*
* @param UserTable $user
* @param CBplug_cbpaidsubscriptions $baseClass
* @return string
*/
public function display( & $user, /** @noinspection PhpUnusedParameterInspection */ &$baseClass ) {
global $_CB_framework;
if ( ! is_callable( array( 'cbpaidBot', 'getInstance' ) ) ) {
return CBPTXT::T("CBSubs CbpaidSubsBot is not installed, enabled and running or CBSubs Content integration plugin is not up to date. Please ask site administrator to do so.");
}
$cbpaidBot = cbpaidBot::getInstance();
$userId = $_CB_framework->myId();
$accesstype = cbGetParam( $_GET, 'accesstype' );
$accessvalue = cbGetParam( $_GET, 'accessvalue' );
$accessurl = cbGetParam( $_GET, 'accessurl' );
switch ( $accesstype ) {
case 'components':
$option = $accessvalue;
$accessPlans = $cbpaidBot->checkAccess( $userId, $option, 'cpaycontent_components', null, true );
if ( is_array( $accessPlans ) ) {
$result = array( 'can', CBPTXT::T("component") ); // CBPTXT::T("You can access to this component with following plans: "); // . implode( ', ', $accessPlans );
$access = false;
} elseif ( $accessPlans === true ) {
$result = array( 'have', CBPTXT::T("component") ); // CBPTXT::T("You have access now to this component !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("component"), $accessPlans ); // 'Unknown component access result: ' . var_export( $accessPlans, true );
$access = false;
}
break;
case 'menus':
$itemid = (int) $accessvalue;
$accessPlans = $cbpaidBot->checkAccess( $userId, $itemid, 'cpaycontent_menus' , null, true );
if ( is_array( $accessPlans ) ) {
$result = array( 'can', CBPTXT::T("menu") ); // CBPTXT::T("You can access to this menu with following plans: "); // . implode( ', ', $accessPlans );
$access = false;
} elseif ( $accessPlans === true ) {
$result = array( 'have', CBPTXT::T("menu") ); // CBPTXT::T("You have access now to this menu !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("menu"), $accessPlans ); // 'Unknown menu access result: ' . var_export( $accessPlans, true );
$access = false;
}
break;
case 'urls':
$getPostArray = $this->_decodeArrayUrl( $accessurl );
$postsMissingInGetToFindPlans = array();
$accessPlans = $cbpaidBot->checkAccessUrl( $userId, $getPostArray, $getPostArray, $postsMissingInGetToFindPlans, 'cpaycontent_urls', true );
if ( is_array( $accessPlans ) ) {
$result = array( 'can', CBPTXT::T("location") ); // CBPTXT::T("You can access to this location with following plans: "); // . implode( ', ', $accessPlans );
$access = false;
} elseif ( $accessPlans === true ) {
$result = array( 'have', CBPTXT::T("location") ); // CBPTXT::T("You have access now to this location !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("location"), $accessPlans ); // 'Unknown location access result: ' . var_export( $accessPlans, true );
$access = false;
}
break;
case 'sections': // section list:
$sectionId = (int) $accessvalue;
$accessPlans = $cbpaidBot->checkAccess( $userId, $sectionId, 'cpaycontent_sections', 'cpaycontent_sections_list', true );
if ( is_array( $accessPlans ) ) {
$result = array( 'can', CBPTXT::T("content section") ); // CBPTXT::T("You can access to this content section with following plans: "); // . implode( ', ', $accessPlans );
$access = false;
} elseif ( $accessPlans === true ) {
$result = array( 'have', CBPTXT::T("content section") ); // CBPTXT::T("You have access now to this content section !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("content section"), $accessPlans ); // 'Unknown content section access result: ' . var_export( $accessPlans, true );
$access = false;
}
break;
case 'categories':
$categoryId = (int) $accessvalue;
$accessPlans = $cbpaidBot->checkAccess( $userId, $categoryId, 'cpaycontent_categories', 'cpaycontent_categories_list', true );
$sectionId = $cbpaidBot->getSectionOfCategory( $categoryId );
if ( $sectionId ) {
$accessPlansSection = $cbpaidBot->checkAccess( $userId, $sectionId, 'cpaycontent_sections', 'cpaycontent_sections_list', true );
} else {
$accessPlansSection = array();
}
if ( is_array( $accessPlans ) ) {
if ( is_array( $accessPlansSection ) ) {
$result = array( 'can', CBPTXT::T("content category") . ' ' . CBPTXT::T("or"). ' ' . CBPTXT::T("content section in which this content category is located") ); // CBPTXT::T("You can access to this content category with following plans: ") // . implode( ', ', $accessPlans )
//. CBPTXT::T("You can access to the whole content section enclosing this content category with following plans: "); // . implode( ', ', $accessPlansSection );
$access = false;
} elseif ( $accessPlansSection === null ) {
$result = array( 'can', CBPTXT::T("content category") ); // CBPTXT::T("You can access to this content category with following plans: "); // . implode( ', ', $accessPlans );
$access = false;
} elseif ( $accessPlansSection === true ) {
$result = array( 'have', CBPTXT::T("content section in which this content category is located") ); // CBPTXT::T("You have access now to the whole content section in which this content category is located !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("content section"), $accessPlansSection ); // 'Unknown content section access result: ' . var_export( $accessPlans, true );
$access = false;
}
} elseif ( $accessPlans === null ) {
if ( is_array( $accessPlansSection ) ) {
$result = array( 'can', CBPTXT::T("content section in which this content category is located") ); //CBPTXT::T("You can access to the whole content section enclosing this content category with following plans: "); // . implode( ', ', $accessPlansSection );
$access = false;
} elseif ( $accessPlansSection === null ) {
$result = CBPTXT::T("These content categories are not under category or section access control");
$access = true;
} elseif ( $accessPlansSection === true ) {
$result = array( 'have', CBPTXT::T("content section in which this content category is located") ); //CBPTXT::T("You have access now to the whole content section in which this content category is located !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("content section"), $accessPlansSection ); // 'Unknown content section access result: ' . var_export( $accessPlans, true );
$access = false;
}
} elseif ( $accessPlans === true ) {
$result = array( 'have', CBPTXT::T("content category") ); // CBPTXT::T("You have access now to this content categories !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("content category"), $accessPlans ); // 'Unknown content categories access result: ' . var_export( $accessPlans, true );
$access = false;
}
break;
case 'contentdisplay':
$contentId = (int) $accessvalue;
global $_CB_database;
$row = null;
$sql = 'SELECT * FROM #__content WHERE id = ' . (int) $contentId;
$_CB_database->setQuery( $sql );
$contentExists = $_CB_database->loadObject( $row );
if ( $contentExists ) {
/** @var StdClass $row */
$_cbACL =& cbpaidBotAclApi::getInstance();
$accessPlans = $_cbACL->_cb_checkMultiAcl_Ok_or_Plans( $_CB_framework->myId(), $row->id, isset( $row->catid ) ? $row->catid : null, isset( $row->sectionid ) ? $row->sectionid : null, -1 );
if ( is_array( $accessPlans ) ) {
$accessPlansWrite = $_cbACL->_cb_checkMultiAcl( $_CB_framework->myId(), $row->id, isset( $row->catid ) ? $row->catid : null, isset( $row->sectionid ) ? $row->sectionid : null, count( $_cbACL->cbContentAclRights ) -1 );
if ( $accessPlansWrite === true ) {
$result = CBPTXT::T("You have access to this content item");
$access = true;
} elseif ( is_array( $accessPlansWrite ) && ( count( $accessPlansWrite ) > 0 ) ) {
$result = array( 'can', CBPTXT::T("content item") ); // CBPTXT::T("You can access to this article with following plans: ") // . implode( ', ', $accessPlans )
//. CBPTXT::T("You can access with write access to this article with following plans: "); // . implode( ', ', $accessPlansWrite );
$access = false;
} else {
$result = array( 'can', CBPTXT::T("content item") ); // CBPTXT::T("You can access to this article with following plans: "); // . implode( ', ', $accessPlans );
$access = false;
}
} elseif ( $accessPlans === true ) {
$result = array( 'have', CBPTXT::T("content item") ); // CBPTXT::T("You have access now to this article !");
$access = true;
} else {
$result = array( 'unknown', CBPTXT::T("content item"), $accessPlans ); // 'Unknown access result: ' . var_export( $accessPlans, true );
$access = false;
}
} else {
$result = CBPTXT::T("This content item does not exist");
$access = true;
$accessPlans = array();
}
break;
default:
// Hacking or PCI-DSS intrusion trial:
$result = CBPTXT::T("This redirection URL is invalid.");
$access = true;
$accessPlans = array();
break;
}
if ( $access ) {
if ( is_array( $result ) ) {
switch ( $result[0] ) {
case 'have':
$return = sprintf( CBPTXT::Th("You have now access to this %s"), $result[1] );
//TBD later in a safe way (FS#259): or with $_SESSION
// $realUrl = base64_decode( $accessurl );
// $return .= '<a href="' . $_CB_framework->getCfg( 'live_site' ) . '/index.php?' . htmlspecialchars( $realUrl ) . '">Click here to access</a>';
break;
default:
$return = "Unknown access allowed result: " . var_export( $result, true );
break;
}
} else {
$return = $result;
}
} else {
if ( is_array( $result ) ) {
switch ( $result[0] ) {
case 'can':
if ( count( $accessPlans ) > 0 ) {
$params =& cbpaidApp::settingsParams();
$subTxt = CBPTXT::T( $params->get( 'subscription_name', 'subscription' ) );
$result = sprintf( CBPTXT::Th("You can access this %s with following %s plans:"), $result[1], $subTxt );
// CB login return-to after login URL:
if ( $accessurl ) {
global $cbSpecialReturnAfterLogin;
$url = base64_decode( $accessurl );
if ( ! preg_match( '#https?://#i', $url ) ) {
$cbSpecialReturnAfterLogin = '******' . $url;
}
}
// We need to also display child plans of the $accessPlans as some might be needed (mandatory):
$plans = cbpaidSubscriptionsMgr::getInstance()->getUpgradablePlansWithChildrensForPlans( $accessPlans, $user );
$return = cbpaidControllerOffer::displaySpecificPlans( $plans, null, $user, $result );
} else {
$return = sprintf( CBPTXT::Th("You can not access this %s") . '.', $result[1] );
}
break;
case 'unknown':
$return = sprintf( CBPTXT::Th("Unknown %s access result: %s") . '.', $result[1], var_export( $result[2], true ) );
break;
default:
$return = "Unknown access allowed result" . ': ' . var_export( $result, true );
break;
}
} else {
$return = $result;
}
}
return $return;
}
/**
* Checks ACL based on $_REQUEST
*
* @param string $aco_section_value
* @param string $aco_value
* @param string $aro_section_value
* @param string $aro_value
* @param string|null $axo_section_value
* @param string|null $axo_value
* @return int
*/
public function acl_check( $aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value = null, $axo_value = null ) {
global $_CB_framework, $_REQUEST, $_POST;
$parentAcl = parent::acl_check( $aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value, $axo_value );
if ( $parentAcl == 1 ) {
return $parentAcl;
}
if ( cbpaidBot::getInstance()->paidsubsManager === null ) {
return 0;
}
$action = $this->_cb_decodeAclAction( array( $aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value, $axo_value ) );
$contentAclLevel = array_search( $action, $this->cbContentAclRights );
if ( ( $contentAclLevel !== false )
/* if ( ( $aco_section_value == 'action' )
&& ( ( $aco_value == 'edit' ) || ( $aco_value == 'publish' ) )
&& ( $aro_section_value == 'users' )
&& ( $axo_section_value == 'content' )
*/
/* && ( isset( $_REQUEST['task'] ) ) */
)
{
$sectionId = null;
$categoryId = null;
$articleId = null;
switch ( cbGetParam( $_REQUEST, 'task', '' ) ) {
case '':
case 'view':
case 'edit':
//BB1.5??? if ( cbGetParam( $_REQUEST, 'view', '' ) == 'category' ) { //FIXME ???
//BB1.5??? $categoryId = (int) cbGetParam( $_REQUEST, 'id', 0 );
//BB1.5??? } else {
$articleId = (int) cbGetParam( $_REQUEST, 'id', 0 );
//BB1.5??? }
$sectionId = 0;
break;
case 'section':
$sectionId = (int) cbGetParam( $_REQUEST, 'id', 0 );
break;
case 'category':
$categoryId = (int) cbGetParam( $_REQUEST, 'id', 0 );
$sectionId = (int) cbGetParam( $_REQUEST, 'sectionid', 0 );
break;
case 'new':
$sectionId = (int) cbGetParam( $_REQUEST, 'sectionid', 0 );
break;
case 'save':
case 'apply':
case 'apply_new':
$sectionId = (int) cbGetParam( $_POST, 'sectionid', 0 );
$categoryId = (int) cbGetParam( $_POST, 'catid', 0 );
$articleId = (int) cbGetParam( $_POST, 'id', 0 );
break;
case 'cancel':
case 'blogsection':
case 'blogcategorymulti':
case 'blogcategory':
case 'archivesection':
case 'archivecategory':
case 'emailform':
case 'emailsend':
case 'vote':
default:
break;
}
if ( $sectionId !== null ) {
if ( $this->_cb_checkMultiAcl( $_CB_framework->myId(), $articleId, $categoryId, $sectionId, $contentAclLevel ) ) {
return 1;
}
}
}
return 0; // parent::acl_check( $aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value, $axo_value );
}
