function calendar_userapi_getUserDateTimeInfo() { // dates come in as YYYYMMDD xarVarFetch('cal_date', 'str:4:8', $cal_date, xarLocaleFormatDate('%Y%m%d')); $data = array(); $data['cal_date'] =& $cal_date; if (!preg_match('/([\\d]{4,4})([\\d]{2,2})?([\\d]{2,2})?/', $cal_date, $match)) { $year = xarLocaleFormateDate('Y'); $month = xarLocaleFormateDate('m'); $day = xarLocaleFormateDate('d'); } else { $year = $match[1]; if (isset($match[2])) { $month = $match[2]; } else { $month = '01'; } if (isset($match[3])) { $day = $match[3]; } else { $day = '01'; } } //$data['selected_date'] = (int) $year.$month.$day; $data['cal_day'] = (int) $day; $data['cal_month'] = (int) $month; $data['cal_year'] = (int) $year; //$data['selected_timestamp'] = gmmktime(0,0,0,$month,$day,$year); sys::import('xaraya.structures.datetime'); $today = new XarDateTime(); $usertz = xarModUserVars::get('roles', 'usertimezone', xarSession::getVar('role_id')); $useroffset = $today->getTZOffset($usertz); $data['now'] = getdate(time() + $useroffset); return $data; }
/** * View items of the wurfl object * */ function wurfl_admin_view($args) { if (!xarSecurityCheck('ManageWurfl')) { return; } $modulename = 'wurfl'; // Define which object will be shown if (!xarVarFetch('objectname', 'str', $objectname, null, XARVAR_DONT_SET)) { return; } if (!empty($objectname)) { xarModUserVars::set($modulename, 'defaultmastertable', $objectname); } // Set a return url xarSession::setVar('ddcontext.' . $modulename, array('return_url' => xarServer::getCurrentURL())); // Get the available dropdown options $object = DataObjectMaster::getObjectList(array('objectid' => 1)); $data['objectname'] = xarModUserVars::get($modulename, 'defaultmastertable'); $items = $object->getItems(); $options = array(); foreach ($items as $item) { if (strpos($item['name'], $modulename) !== false) { $options[] = array('id' => $item['name'], 'name' => $item['name']); } } $data['options'] = $options; return $data; }
/** * View the cart */ function shop_user_viewcart() { // If the user returns to the cart after taking other steps, unset any errors from earlier in the session. xarSession::delVar('errors'); sys::import('modules.dynamicdata.class.objects.master'); $subtotals = array(); $products = array(); $total = 0; // May want to display cust info with the cart... $cust = xarMod::APIFunc('shop', 'user', 'customerinfo'); $data['cust'] = $cust; $shop = xarSession::getVar('shop'); foreach ($shop as $pid => $val) { // If this post variable is set, we must need to update the quantity if (isset($_POST['qty' . $pid])) { unset($qty_new); // Have to unset this since we're in a foreach if (!xarVarFetch('qty' . $pid, 'isset', $qty_new, NULL, XARVAR_DONT_SET)) { return; } if ($qty_new == 0) { unset($shop[$pid]); } else { $shop[$pid]['qty'] = $qty_new; } } // If the quantity hasn't been set to zero, add it to the $products array... if (isset($shop[$pid])) { // Commas in the quantity seem to mess up our math $products[$pid]['qty'] = str_replace(',', '', $shop[$pid]['qty']); // Get the product info $object = DataObjectMaster::getObject(array('name' => 'shop_products')); $some_id = $object->getItem(array('itemid' => $pid)); $values = $object->getFieldValues(); $products[$pid]['title'] = xarVarPrepForDisplay($values['title']); $products[$pid]['price'] = $values['price']; $subtotal = $values['price'] * $products[$pid]['qty']; $subtotals[] = $subtotal; // so we can use array_sum() to add it all up if (substr($subtotal, 0, 1) == '.') { $subtotal = '0' . $subtotal; } $products[$pid]['subtotal'] = number_format($subtotal, 2); } } xarSession::setVar('shop', $shop); $total = array_sum($subtotals); // Add a zero to the front of the number if it starts with a decimal... if (substr($total, 0, 1) == '.') { $total = '0' . $total; } $total = number_format($total, 2); xarSession::setVar('products', $products); // update the session variable $data['products'] = $products; // don't want too much session stuff in the templates xarSession::setVar('total', $total); $data['total'] = $total; return $data; }
function __construct(ObjectDescriptor $descriptor) { parent::__construct($descriptor); // Set for runtime $this->tplmodule = 'calendar'; $this->filepath = 'modules/calendar/xarproperties'; $this->owner = xarSession::getVar('role_id'); }
/** * @returns int (calendar id on success, false on failure) */ function calendar_adminapi_create_calendars($args) { extract($args); // argument check if (!isset($calname)) { $msg = xarML('Calendar name not specified', 'admin', 'create', 'calendar'); throw new Exception($msg); } // TODO: should I move these two issets to the admin function // admin/create_calendars.php? --amoro if (!isset($mod_id)) { $module = xarController::$request->getInfo(); $mod_id = xarMod::getRegID($module[0]); } if (!isset($role_id)) { $role_id = xarSession::getVar('role_id'); } // Load up database details. $dbconn = xarDB::getConn(); $xartable = xarDB::getTables(); $caltable = $xartable['calendars']; // Insert instance details. $nextId = $dbconn->GenId($caltable); $query = 'INSERT INTO ' . $caltable . ' ( xar_id, xar_role_id, xar_mod_id, xar_name ) VALUES (?, ?, ?, ?)'; $result =& $dbconn->Execute($query, array($nextId, $role_id, $mod_id, $calname)); if (!$result) { return; } // Get ID of row inserted. $calendid = $dbconn->PO_Insert_ID($caltable, 'xar_id'); // If not database type also add file info // Allow duplicate files here, to make it easier to delete them // WARNING: if somebody changes this you should also change the // delete function to avoid major dataloss!!! --amoro if ($addtype != 'db') { $filestable = $xartable['calfiles']; $cal_filestable = $xartable['calendars_files']; $nextID = $dbconn->GenId($filestable); $query = 'INSERT INTO ' . $filestable . ' ( xar_id, xar_path ) VALUES (?, ?)'; $result =& $dbconn->Execute($query, array($nextID, $fileuri)); // Get ID of row inserted. $fileid = $dbconn->PO_Insert_ID($filestable, 'xar_id'); $query = 'INSERT INTO ' . $cal_filestable . ' ( xar_calendars_id, xar_files_id ) VALUES (?, ?)'; $result =& $dbconn->Execute($query, array($calendid, $fileid)); } return $calendid; }
function calendar_adminapi_hookcreate($data) { if (!isset($data['extrainfo']) || !is_array($data['extrainfo'])) { $data['extrainfo'] = array(); } // When called via hooks, modname will be empty, but we get it from the // extrainfo or the current module if (empty($data['module'])) { if (!empty($data['extrainfo']['module'])) { $data['module'] = $data['extrainfo']['module']; } else { $data['module'] = xarMod::getName(); } } $data['module_id'] = xarMod::getID($data['module']); if (empty($data['module_id'])) { throw new IDNotFoundException("module id for " . $data['modname']); } if (!isset($data['itemtype']) || !is_numeric($data['itemtype'])) { if (isset($data['extrainfo']['itemtype']) && is_numeric($data['extrainfo']['itemtype'])) { $data['itemtype'] = $data['extrainfo']['itemtype']; } else { $data['itemtype'] = 0; } } if (!isset($data['itemid']) || !is_numeric($data['itemid'])) { if (isset($data['extrainfo']['item_id']) && is_numeric($data['extrainfo']['item_id'])) { $data['itemid'] = $data['extrainfo']['item_id']; } else { $data['itemid'] = 0; } } $data['extrainfo']['module_id'] = $data['module_id']; $data['extrainfo']['itemtype'] = $data['itemtype']; $data['extrainfo']['item_id'] = $data['itemid']; $data['extrainfo']['name'] = isset($data['extrainfo']['name']) ? $data['extrainfo']['name'] : xarML('Unknown Event'); $data['extrainfo']['start_time'] = isset($data['extrainfo']['start_time']) ? $data['extrainfo']['start_time'] : time(); $data['extrainfo']['duration'] = isset($data['extrainfo']['duration']) ? $data['extrainfo']['duration'] : 60; $data['extrainfo']['end_time'] = isset($data['extrainfo']['end_time']) ? $data['extrainfo']['end_time'] : $data['extrainfo']['start_time'] + $data['extrainfo']['duration']; $data['extrainfo']['recurring_code'] = isset($data['extrainfo']['recurring_code']) ? $data['extrainfo']['recurring_code'] : 0; $data['extrainfo']['recurring_span'] = isset($data['extrainfo']['recurring_span']) ? $data['extrainfo']['recurring_span'] : 0; $data['extrainfo']['start_location'] = isset($data['extrainfo']['start_location']) ? $data['extrainfo']['start_location'] : null; $data['extrainfo']['end_location'] = isset($data['extrainfo']['end_location']) ? $data['extrainfo']['end_location'] : null; $data['extrainfo']['object_id'] = isset($data['extrainfo']['object_id']) ? $data['extrainfo']['object_id'] : 0; $data['extrainfo']['role_id'] = isset($data['extrainfo']['role_id']) ? $data['extrainfo']['role_id'] : xarSession::getVar('role_id'); $data['extrainfo']['return_link'] = isset($data['extrainfo']['return_link']) ? $data['extrainfo']['return_link'] : ''; $data['extrainfo']['state'] = isset($data['extrainfo']['state']) ? $data['extrainfo']['state'] : 3; $data['extrainfo']['timestamp'] = isset($data['extrainfo']['timestamp']) ? $data['extrainfo']['timestamp'] : time(); $data['extrainfo']['itemid'] = 0; $object = DataObjectMaster::getObject(array('name' => 'calendar_event')); $item = $object->createItem($data['extrainfo']); return $data['extrainfo']; }
function publications_admin_create() { if (!xarVarFetch('ptid', 'id', $data['ptid'])) { return; } if (!xarVarFetch('new_cids', 'array', $cids, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('save', 'str', $save, NULL, XARVAR_NOT_REQUIRED)) { return; } // Confirm authorisation code // This has been disabled for now // if (!xarSecConfirmAuthKey()) return; $data['items'] = array(); $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $isvalid = $data['object']->checkInput(); $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid'])); if ($data['preview'] || !$isvalid) { // Show debug info if called for if (!$isvalid && xarModVars::get('publications', 'debugmode') && in_array(xarUserGetVar('uname'), xarConfigVars::get(null, 'Site.User.DebugAdmins'))) { var_dump($data['object']->getInvalids()); } // Preview or bad data: redisplay the form $data['properties'] = $data['object']->getProperties(); if ($data['preview']) { $data['tab'] = 'preview'; } return xarTplModule('publications', 'admin', 'new', $data); } // Create the object $id = $data['object']->createItem(); // if we can edit publications, go to admin view, otherwise go to user view if (xarSecurityCheck('EditPublications', 0, 'Publication', $data['ptid'] . ':All:All:All')) { // Redirect if we came from somewhere else $cuurent_listview = xarSession::getVar('publications_current_listview'); if (!empty($cuurent_listview)) { xarController::redirect($cuurent_listview); } xarController::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $data['ptid']))); } else { xarController::redirect(xarModURL('publications', 'user', 'view', array('ptid' => $data['ptid']))); } return true; }
function shop_adminapi_handlepgresponse($args) { extract($args); $pg = xarModVars::get('shop', 'payment_gateway'); $trans_id = false; $pg_response = xarSession::getVar('pg_response'); switch ($pg) { case 1: // demo mode $trans_id = rand(1000, 99999999); // fake trans id break; case 2: // authorize.net $response = xarMod::APIFunc('shop', 'admin', 'authorizenet', $transfields); if ($response[1] == 1) { $trans_id = $response[7]; } else { $num = $response[1]; $authorizenet_codes = array(1 => 'Approved', 2 => 'Declined', 3 => 'Error', 4 => 'Held for Review'); $msg = $response[4]; $msg .= ' Response code: ' . $authorizenet_codes[$num]; $pg_response['msg'] = $msg; } break; case 3: // paypal web payments pro $args['transfields'] = $transfields; $args['methodName_'] = 'DoDirectPayment'; $response = xarMod::APIFunc('shop', 'admin', 'paypal', $args); if ($response['ACK'] == 'Success') { $trans_id = $response['TRANSACTIONID']; } else { $msg = $response['ACK']; $msg .= '. Response: ' . urldecode($response['L_LONGMESSAGE0']); $pg_response['msg'] = $msg; } break; case 4: // something else // your code break; } if (isset($pg_response)) { xarSession::setVar('pg_response', $pg_response); } $response['trans_id'] = $trans_id; return $response; }
/** * Remove an item from the cart */ function shop_user_remove($args) { if (!xarVarFetch('id', 'isset', $pid, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('returnurl', 'isset', $returnurl, NULL, XARVAR_DONT_SET)) { return; } $shop = xarSession::getVar('shop'); unset($shop[$pid]); xarSession::setVar('shop', $shop); // Return the template variables defined in this function xarResponse::redirect($returnurl); return true; }
/** * Start the checkout process -- user can create account or log into existing account */ function shop_user_start() { // Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be if (xarUserIsLoggedIn()) { xarResponse::redirect(xarModURL('shop', 'user', 'viewcart')); return true; } $shop = xarSession::getVar('shop'); if (empty($shop)) { xarResponse::redirect(xarModURL('shop', 'user', 'main')); return true; } sys::import('modules.dynamicdata.class.objects.master'); sys::import('modules.dynamicdata.class.properties.master'); $rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users')); $properties = $rolesobject->properties; $data['properties'] = $properties; $isvalid = $rolesobject->properties['email']->checkInput(); $isvalid2 = $rolesobject->properties['password']->checkInput(); if ($isvalid && $isvalid2) { if (!xarSecConfirmAuthKey()) { // right time to do this?? return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Create the role and the customer object and then log in $email = $rolesobject->properties['email']->getValue(); $password = $rolesobject->properties['password']->getValue(); $values['name'] = $email; $values['email'] = $email; $values['uname'] = $email; $values['password'] = $password; $values['state'] = 3; $rolesobject->setFieldValues($values, 1); $uid = $rolesobject->createItem(); $custobject = DataObjectMaster::getObject(array('name' => 'shop_customers')); $custobject->createItem(array('id' => $uid)); $name = 'dd_' . $properties['password']->id; $vals = $properties['password']->fetchValue($name); $pass = $vals[1][0]; $res = xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $pass)); xarResponse::redirect(xarModURL('shop', 'user', 'shippingaddress')); return true; } else { // We don't yet have a valid email or password for registration... return xarTplModule('shop', 'user', 'start', $data); } }
/** * Get the information of the requesting device * */ function wurfl_userapi_get_device($args) { sys::import('modules.wurfl.wurfl_init'); $wurflManager = wurfl_init($args); if (empty($args['ua'])) { $requestingDevice = $wurflManager->getDeviceForHttpRequest($_SERVER); } else { $requestingDevice = $wurflManager->getDeviceForUserAgent($args['ua']); } return $requestingDevice; $capabilities = xarSession::getVar(wurfl_requesting_device); if (empty($capabilities)) { sys::import('modules.wurfl.wurfl_config_standard'); $requestingDevice = $wurflManager->getDeviceForUserAgent($_SERVER); $capabilities = $requestingDevice->getCapability; xarSession::getVar(wurfl_requesting_device, $capabilities); } return $requestingDevice; }
/** * Get the items currently in the cart */ function shop_userapi_getcartproducts($args) { sys::import('modules.dynamicdata.class.objects.master'); $total = 0; $shop = xarSession::getVar('shop'); if (empty($shop)) { return; } foreach ($shop as $pid => $val) { // if this post variable is set, we must need to update the quantity if (isset($_POST['qty' . $pid])) { unset($qty_new); if (!xarVarFetch('qty' . $pid, 'isset', $qty_new, NULL, XARVAR_DONT_SET)) { return; } $shop[$pid]['qty'] = $qty_new; } $products[$pid]['qty'] = $shop[$pid]['qty']; $object = DataObjectMaster::getObject(array('name' => 'shop_products')); $some_id = $object->getItem(array('itemid' => $pid)); $values = $object->getFieldValues(); $products[$pid]['title'] = xarVarPrepForDisplay($values['title']); $price = $values['price']; if (substr($price, 0, 1) == '.') { $price = '0' . $price; } $products[$pid]['price'] = $price; $subtotal = $values['price'] * $products[$pid]['qty']; $subtotals[] = $subtotal; $products[$pid]['subtotal'] = number_format($subtotal, 2); } xarSession::setVar('shop', $shop); $total = array_sum($subtotals); $total = number_format($total, 2); if (substr($total, 0, 1) == '.') { $total = '0' . $total; } $productinfo['products'] = $products; $productinfo['total'] = $total; return $productinfo; }
function calendar_user_week() { $data = xarMod::apiFunc('calendar', 'user', 'getUserDateTimeInfo'); $WeekEvents = new Calendar_Week($data['cal_year'], $data['cal_month'], $data['cal_day'], CALENDAR_FIRST_DAY_OF_WEEK); $start_time = $WeekEvents->thisWeek; $end_time = $WeekEvents->nextWeek; $q = new Query('SELECT'); $a[] = $q->plt('start_time', $start_time); $a[] = $q->pge('start_time + duration', $start_time); $b[] = $q->plt('start_time', $end_time); $b[] = $q->pge('start_time + duration', $end_time); $c[] = $q->pgt('start_time', $start_time); $c[] = $q->ple('start_time + duration', $end_time); $d[] = $q->pqand($a); $d[] = $q->pqand($b); $d[] = $q->pqand($c); $q->qor($d); $q->eq('role_id', xarSession::getVar('role_id')); $data['conditions'] = $q; return $data; }
/** * Add an item to the cart */ function shop_user_add($args) { if (!xarVarFetch('id', 'isset', $pid, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('returnurl', 'isset', $returnurl, NULL, XARVAR_DONT_SET)) { return; } extract($args); // if we've previously added this product, add one more $shop = xarSession::getVar('shop'); if (isset($shop[$pid])) { $qty = $shop[$pid]['qty'] + 1; } else { $qty = 1; } $shop[$pid]['qty'] = $qty; xarSession::setVar('shop', $shop); // Return the template variables defined in this function xarResponse::redirect($returnurl); return true; }
/** * Complete the order. If all goes well, we'll submit the transaction to the payment gateway, save our own transaction record, and update customer info */ function shop_user_complete() { // Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be if (!xarUserIsLoggedIn()) { xarResponse::redirect(xarModURL('shop', 'user', 'viewcart')); return true; } $order = xarSession::getVar('order'); if (empty($order)) { //Probably a page reload... no reason to be here anymore xarResponse::redirect(xarModURL('shop', 'user', 'main')); return true; } $data['order'] = $order['products']; $data['ordertid'] = $order['tid']; $data['orderdate'] = $order['date']; $data['total'] = xarSession::getVar('total'); xarSession::delVar('order'); // For privacy, order will not be redisplayed if the page is visited later xarSession::delVar('total'); return $data; }
function calendar_user_month() { $data = xarMod::apiFunc('calendar', 'user', 'getUserDateTimeInfo'); $MonthEvents = new Calendar_Month_Weekdays($data['cal_year'], $data['cal_month'] + 1, xarModVars::get('calendar', 'cal_sdow')); $end_time = $MonthEvents->getTimestamp(); $MonthEvents = new Calendar_Month_Weekdays($data['cal_year'], $data['cal_month'], xarModVars::get('calendar', 'cal_sdow')); $start_time = $MonthEvents->getTimestamp(); $q = new Query('SELECT'); $a[] = $q->plt('start_time', $start_time); $a[] = $q->pge('start_time + duration', $start_time); $b[] = $q->plt('start_time', $end_time); $b[] = $q->pge('start_time + duration', $end_time); $c[] = $q->pgt('start_time', $start_time); $c[] = $q->ple('start_time + duration', $end_time); $d[] = $q->pqand($a); $d[] = $q->pqand($b); $d[] = $q->pqand($c); $q->qor($d); $q->eq('role_id', xarSession::getVar('role_id')); $data['conditions'] = $q; return $data; }
/** * New account info (ship address) */ function shop_user_shippingaddress() { // Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be $shop = xarSession::getVar('shop'); if (!xarUserIsLoggedIn() || empty($shop)) { xarResponse::redirect(xarModURL('shop', 'user', 'main')); return true; } if (!xarVarFetch('proceed', 'str', $proceed, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('shipto', 'str', $shipto, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('remove', 'str', $remove, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('next', 'str', $data['next'], NULL, XARVAR_NOT_REQUIRED)) { return; } sys::import('modules.dynamicdata.class.objects.master'); $data['shippingobject'] = DataObjectMaster::getObject(array('name' => 'shop_shippingaddresses')); $data['shippingobject']->properties['name']->display_show_salutation = false; $data['shippingobject']->properties['name']->display_show_middlename = false; $data['shippingobject']->properties['address']->display_rows = 1; $data['shippingobject']->properties['address']->display_show_country = false; $data['properties'] = $data['shippingobject']->properties; if ($shipto) { xarSession::setVar('shippingaddress', $shipto); if (isset($data['next']) && !empty($data['next'])) { $func = $data['next']; } else { $func = 'paymentmethod'; } xarResponse::redirect(xarModURL('shop', 'user', $func)); return true; } if ($remove) { if ($remove == xarSession::getVar('shippingaddress')) { xarSession::delVar('shippingaddress'); } $data['shippingobject']->getItem(array('itemid' => $remove)); $data['shippingobject']->deleteItem(); xarResponse::redirect(xarModURL('shop', 'user', 'shippingaddress')); return true; } if ($proceed) { $isvalid = $data['shippingobject']->checkInput(); if (!$isvalid) { return xarTplModule('shop', 'user', 'shippingaddress', $data); } // Save the customer data $custobject = DataObjectMaster::getObject(array('name' => 'shop_customers')); $custobject->getItem(array('itemid' => xarUserGetVar('id'))); $name = $data['shippingobject']->properties['name']->value; $custobject->properties['name']->setValue($name); $custobject->updateItem(); // Save the shipping address $itemid = $data['shippingobject']->createItem(); xarSession::setVar('shippingaddress', $itemid); // update the name field in roles to use first and last name instead of email $rolesobject = xarCurrentRole(); $rolesobject->properties['name']->value = $name; $rolesobject->updateItem(); xarResponse::redirect(xarModURL('shop', 'user', 'paymentmethod')); return true; xarSession::setVar('errors', $errors); } return $data; }
/** * Select existing payment method or create new one to use for this transaction */ function shop_user_paymentmethod() { // Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be $shippingaddress = xarSession::getVar('shippingaddress'); if (empty($shippingaddress)) { xarResponse::redirect(xarModURL('shop', 'user', 'shippingaddress')); return true; } $shop = xarSession::getVar('shop'); if (!xarUserIsLoggedIn() || empty($shop)) { xarResponse::redirect(xarModURL('shop', 'user', 'main')); return true; } if (!xarVarFetch('proceedsaved', 'str', $proceedsaved, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('proceednew', 'str', $proceednew, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('paymentmethod', 'str', $paymentmethod, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('remove', 'str', $remove, NULL, XARVAR_NOT_REQUIRED)) { return; } $cust = xarMod::APIFunc('shop', 'user', 'customerinfo'); $data['cust'] = $cust; sys::import('modules.dynamicdata.class.objects.master'); sys::import('modules.dynamicdata.class.properties.master'); $shippingobject = DataObjectMaster::getObject(array('name' => 'shop_shippingaddresses')); $shippingobject->getItem(array('itemid' => xarSession::getVar('shippingaddress'))); $shippingvals = $shippingobject->getFieldValues(); $data['shippingvals'] = $shippingvals; // Get the saved payment methods, if any exist $mylist = DataObjectMaster::getObjectList(array('name' => 'shop_paymentmethods')); $filters = array('status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE, 'where' => 'customer eq ' . xarUserGetVar('id')); $paymentmethods = $mylist->getItems($filters); $data['paymentmethods'] = $paymentmethods; $data['paymentobject'] = DataObjectMaster::getObject(array('name' => 'shop_paymentmethods')); $data['paymentobject']->properties['name']->display_show_salutation = false; $data['paymentobject']->properties['name']->display_show_middlename = false; $data['paymentobject']->properties['address']->display_rows = 1; $data['paymentobject']->properties['address']->display_show_country = false; $data['properties'] = $data['paymentobject']->getProperties(); if ($remove) { if ($remove == xarSession::getVar('paymentmethod')) { xarSession::delVar('paymentmethod'); } $data['paymentobject']->getItem(array('itemid' => $remove)); $data['paymentobject']->deleteItem(); xarResponse::redirect(xarModURL('shop', 'user', 'paymentmethod')); return true; } $selectedpaymentmethod = xarSession::getVar('paymentmethod'); if (!empty($selectedpaymentmethod)) { $data['paymentmethod'] = $selectedpaymentmethod; } // If we're using a saved payment method... if ($proceedsaved) { xarSession::setVar('paymentmethod', $paymentmethod); xarResponse::redirect(xarModURL('shop', 'user', 'order')); return true; } elseif ($proceednew) { // We're not using a saved payment method... $isvalid = $data['paymentobject']->checkInput(); if (isset($exp_date)) { $exp_month = substr($exp_date, 0, 2); $exp_year = substr($exp_date, 2, 4); $reverse_date = $exp_year . $exp_month; $minimum_date = date('ym', time()); if ($minimum_date > $reverse_date) { $errors['exp_date'] = true; } } if (isset($errors)) { xarSession::setVar('errors', $errors); } if (!$isvalid) { return xarTplModule('shop', 'user', 'paymentmethod', $data); } else { xarSession::setVar('paymentmethod', $data['paymentobject']->createItem()); xarResponse::redirect(xarModURL('shop', 'user', 'order')); return true; } } return $data; }
function publications_user_update() { // Get parameters if (!xarVarFetch('itemid', 'isset', $itemid, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('items', 'str', $items, '', XARVAR_DONT_SET)) { return; } if (!xarVarFetch('ptid', 'isset', $data['ptid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('modify_cids', 'isset', $cids, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('preview', 'isset', $data['preview'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('quit', 'isset', $data['quit'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('tab', 'str:1', $data['tab'], '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('returnurl', 'str:1', $data['returnurl'], 'view', XARVAR_NOT_REQUIRED)) { return; } // Confirm authorisation code // This has been disabled for now // if (!xarSecConfirmAuthKey()) return; $items = explode(',', $items); $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $isvalid = $data['object']->checkInput(); // First we need to check all the data on the template // If checkInput fails, don't bail $itemsdata = array(); $isvalid = true; /*foreach ($items as $prefix) { $data['object']->setFieldPrefix($prefix); $thisvalid = $data['object']->checkInput(); $isvalid = $isvalid && $thisvalid; // Store each item for later processing $itemsdata[$prefix] = $data['object']->getFieldValues(array(),1); }*/ if ($data['preview'] || !$isvalid) { // Preview or bad data: redisplay the form $data['properties'] = $data['object']->getProperties(); if ($data['preview']) { $data['tab'] = 'preview'; } $data['items'] = $itemsdata; // Get the settings of the publication type we are using $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid'])); return xarTplModule('publications', 'user', 'modify', $data); } // call transform input hooks $article['transform'] = array('summary', 'body', 'notes'); $article = xarModCallHooks('item', 'transform-input', $itemid, $article, 'publications', $data['ptid']); // Now talk to the database /*foreach ($itemsdata as $itemid => $itemdata) { $data['object']->setFieldValues($itemdata); if (empty($itemid)) $item = $data['object']->createItem(); else $item = $data['object']->updateItem(); // Clear the itemid property in preparation for the next round unset($data['object']->itemid); }*/ if (empty($itemid)) { $item = $data['object']->createItem(); } else { $item = $data['object']->updateItem(); } // Success xarSession::setVar('statusmsg', xarML('Publication Updated')); // if we can edit publications, go to admin view, otherwise go to user view if (xarSecurityCheck('EditPublications', 0, 'Publication', $data['ptid'] . ':All:All:All')) { if ($data['quit']) { xarController::redirect(xarModURL('publications', 'user', 'view', array('ptid' => $data['ptid']))); return true; } else { xarController::redirect(xarModURL('publications', 'user', 'modify', array('name' => $pubtypeobject->properties['name']->value, 'itemid' => $itemid))); return true; } } return true; }
/** * Review and submit order */ function shop_user_order() { // Redirects at the start of the user functions are just a way to make sure someone isn't where they don't need to be $shippingaddress = xarSession::getVar('shippingaddress'); if (empty($shippingaddress)) { xarResponse::redirect(xarModURL('shop', 'user', 'shippingaddress')); return true; } $paymentmethod = xarSession::getVar('paymentmethod'); if (empty($paymentmethod)) { xarResponse::redirect(xarModURL('shop', 'user', 'paymentmethod')); return true; } $shop = xarSession::getVar('shop'); if (!xarUserIsLoggedIn() || empty($shop)) { xarResponse::redirect(xarModURL('shop', 'user', 'main')); return; } if (!xarVarFetch('placeorder', 'str', $placeorder, NULL, XARVAR_NOT_REQUIRED)) { return; } sys::import('modules.dynamicdata.class.objects.master'); $shippingobject = DataObjectMaster::getObject(array('name' => 'shop_shippingaddresses')); $shippingobject->getItem(array('itemid' => xarSession::getVar('shippingaddress'))); $shippingvals = $shippingobject->getFieldValues(); $data['shippingvals'] = $shippingvals; $data['products'] = xarSession::getVar('products'); $data['total'] = xarSession::getVar('total'); $time = time(); xarSession::setVar('time', $time); $paymentobject = DataObjectMaster::getObject(array('name' => 'shop_paymentmethods')); $paymentmethod = xarSession::getVar('paymentmethod'); $paymentobject->getItem(array('itemid' => $paymentmethod)); $values = $paymentobject->getFieldValues(); $data['payvalues'] = $values; if ($placeorder) { /*if (isset($exp_date)) { $exp_month = substr($exp_date,0,2); $exp_year = substr($exp_date,2,4); $reverse_date = $exp_year . $exp_month; $minimum_date = date('ym',time()); if ($minimum_date > $reverse_date) { $errors = xarSession::getVar('errors'); $errors['exp_date'] = true; xarSession::setVar('errors',$errors); } }*/ // A few more things $values['date'] = $time; $values['products'] = serialize($data['products']); $values['total'] = xarSession::getVar('total'); /*****************************/ /***** PAYMENT PROCESSING ****/ /*****************************/ $response = xarMod::APIFunc('shop', 'admin', 'handlepgresponse', array('transfields' => $values)); if (isset($response['trans_id']) && !empty($response['trans_id'])) { // We have a successful transaction... $data['response'] = $response; $values['pg_transaction_id'] = $response['trans_id']; $transobject = DataObjectMaster::getObject(array('name' => 'shop_transactions')); $tid = $transobject->createItem($values); $order = xarSession::getVar('order'); $order['products'] = xarSession::getVar('products'); $order['tid'] = $tid; $order['date'] = date('F j, Y g:i a', xarSession::getVar('time')); xarSession::setVar('order', $order); xarSession::delVar('pg_response'); // This is set in shop_adminapi_handlepgresponse() //Need to clear all this now that the purchase went through. Doing so ensures we don't re-submit the order xarSession::delVar('errors'); xarSession::delVar('shop'); xarSession::delVar('products'); xarResponse::redirect(xarModURL('shop', 'user', 'complete')); return true; } else { // There must be a problem... $pg_key = xarModVars::get('shop', 'pg_key'); // Assuming we're using the key field for all payment gateways for keys, passwords and the like... if (empty($pg_key)) { $errors = xarSession::getVar('pg_response'); $pg_response['msg'] .= "<p style='color:red'><strong>Looks like you haven't entered a payment gateway key. <a href='" . xarModURL('shop', 'admin', 'overview') . "'>Read me</a>.</strong></p>"; xarSession::setVar('pg_response', $pg_response); } xarResponse::redirect(xarModURL('shop', 'user', 'order')); return true; } } return $data; }
/** * update item from publications_admin_modify */ function publications_admin_updatestate() { // Get parameters if (!xarVarFetch('ids', 'isset', $ids, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('state', 'isset', $state, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('catid', 'isset', $catid, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('ptid', 'isset', $ptid, NULL, XARVAR_DONT_SET)) { return; } // Confirm authorisation code if (!xarSecConfirmAuthKey()) { return; } if (!isset($ids) || count($ids) == 0) { $msg = xarML('No publications selected'); throw new DataNotFoundException(null, $msg); } $states = xarModAPIFunc('publications', 'user', 'getstates'); if (!isset($state) || !is_numeric($state) || $state < -1 || $state != -1 && !isset($states[$state])) { $msg = xarML('Invalid state'); throw new BadParameterException(null, $msg); } $pubtypes = xarModAPIFunc('publications', 'user', 'get_pubtypes'); if (!empty($ptid)) { $descr = $pubtypes[$ptid]['description']; } else { $descr = xarML('Publications'); $ptid = null; } // We need to tell some hooks that we are coming from the update state screen // and not the update the actual article screen. Right now, the keywords vanish // into thin air. Bug 1960 and 3161 xarVarSetCached('Hooks.all', 'noupdate', 1); foreach ($ids as $id => $val) { if ($val != 1) { continue; } // Get original article information $article = xarModAPIFunc('publications', 'user', 'get', array('id' => $id, 'withcids' => 1)); if (!isset($article) || !is_array($article)) { $msg = xarML('Unable to find #(1) item #(2)', $descr, xarVarPrepForDisplay($id)); throw new BadParameterException(null, $msg); } $article['ptid'] = $article['pubtype_id']; // Security check $input = array(); $input['article'] = $article; if ($state < 0) { $input['mask'] = 'ManagePublications'; } else { $input['mask'] = 'EditPublications'; } if (!xarModAPIFunc('publications', 'user', 'checksecurity', $input)) { $msg = xarML('You have no permission to modify #(1) item #(2)', $descr, xarVarPrepForDisplay($id)); throw new ForbiddenOperationException(null, $msg); } if ($state < 0) { // Pass to API if (!xarModAPIFunc('publications', 'admin', 'delete', $article)) { return; // throw back } } else { // Update the state now $article['state'] = $state; // Pass to API if (!xarModAPIFunc('publications', 'admin', 'update', $article)) { return; // throw back } } } unset($article); // Return to the original admin view $lastview = xarSession::getVar('Publications.LastView'); if (isset($lastview)) { $lastviewarray = unserialize($lastview); if (!empty($lastviewarray['ptid']) && $lastviewarray['ptid'] == $ptid) { extract($lastviewarray); xarController::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $ptid, 'catid' => $catid, 'state' => $state, 'startnum' => $startnum))); return true; } } if (empty($catid)) { $catid = null; } xarController::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $ptid, 'catid' => $catid))); return true; }
/** * Publications Module * * @package modules * @subpackage publications module * @category Third Party Xaraya Module * @version 2.0.0 * @copyright (C) 2011 Netspan AG * @license GPL {@link http://www.gnu.org/licenses/gpl.html} * @author Marc Lutolf <*****@*****.**> */ function publications_admin_view_pages($args) { extract($args); if (!xarSecurityCheck('ManagePublications')) { return; } // Accept a parameter to allow selection of a single tree. xarVarFetch('root_id', 'int', $root_id, NULL, XARVAR_NOT_REQUIRED); if (NULL === $root_id) { $root_id = xarSession::getVar('publications_root_id'); if (empty($root_id)) { $root_id = 0; } } xarSession::setVar('publications_root_id', $root_id); $data = xarMod::apiFunc('publications', 'user', 'getpagestree', array('key' => 'index', 'dd_flag' => false, 'tree_contains_id' => $root_id)); if (empty($data['pages'])) { // TODO: pass to template. return $data; //xarML('NO PAGES DEFINED'); } else { $data['pages'] = xarMod::apiFunc('publications', 'tree', 'array_maptree', $data['pages']); } $data['root_id'] = $root_id; // Check modify and delete privileges on each page. // EditPage - allows basic changes, but no moving or renaming (good for sub-editors who manage content) // AddPage - new pages can be added (further checks may limit it to certain page types) // DeletePage - page can be renamed, moved and deleted if (!empty($data['pages'])) { // Bring in the access property for security checks sys::import('modules.dynamicdata.class.properties.master'); $accessproperty = DataPropertyMaster::getProperty(array('name' => 'access')); $accessproperty->module = 'publications'; $accessproperty->component = 'Page'; foreach ($data['pages'] as $key => $page) { $thisinstance = $page['name'] . ':' . $page['ptid']['name']; // Do we have admin access? $args = array('instance' => $thisinstance, 'level' => 800); $adminaccess = $accessproperty->check($args); // Decide whether this page can be modified by the current user /*try { $args = array( 'instance' => $thisinstance, 'group' => $page['access']['modify_access']['group'], 'level' => $page['access']['modify_access']['level'], ); } catch (Exception $e) { $args = array(); }*/ $data['pages'][$key]['edit_allowed'] = $adminaccess || $accessproperty->check($args); /* // Decide whether this page can be deleted by the current user try { $args = array( 'instance' => $thisinstance, 'group' => $page['access']['delete_access']['group'], 'level' => $page['access']['delete_access']['level'], ); } catch (Exception $e) { $args = array(); }*/ $data['pages'][$key]['delete_allowed'] = $adminaccess || $accessproperty->check($args); } } // Flag this as the current list view xarSession::setVar('publications_current_listview', xarServer::getCurrentURL()); return $data; }
function publications_admin_update() { // Get parameters if (!xarVarFetch('itemid', 'isset', $data['itemid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('items', 'str', $items, '', XARVAR_DONT_SET)) { return; } if (!xarVarFetch('ptid', 'isset', $data['ptid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('modify_cids', 'isset', $cids, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('preview', 'isset', $data['preview'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('quit', 'isset', $data['quit'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('front', 'isset', $data['front'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('tab', 'str:1', $data['tab'], '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('returnurl', 'str:1', $data['returnurl'], 'view', XARVAR_NOT_REQUIRED)) { return; } // Confirm authorisation code // This has been disabled for now // if (!xarSecConfirmAuthKey()) return; $items = explode(',', $items); $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); // First we need to check all the data on the template // If checkInput fails, don't bail $itemsdata = array(); $isvalid = true; foreach ($items as $prefix) { $data['object']->setFieldPrefix($prefix); // Disable the celkoposition property according if this is not the base document $fieldname = $prefix . '_dd_' . $data['object']->properties['parent']->id; $data['object']->properties['parent']->checkInput($fieldname); if (empty($data['object']->properties['parent']->value)) { $data['object']->properties['position']->setDisplayStatus(DataPropertyMaster::DD_DISPLAYSTATE_DISPLAYONLY); } else { $data['object']->properties['position']->setDisplayStatus(DataPropertyMaster::DD_DISPLAYSTATE_DISABLED); } // Now get the input from the form $thisvalid = $data['object']->checkInput(); $isvalid = $isvalid && $thisvalid; // Store each item for later processing $itemsdata[$prefix] = $data['object']->getFieldValues(array(), 1); } if ($data['preview'] || !$isvalid) { // Show debug info if called for if (!$isvalid && xarModVars::get('publications', 'debugmode') && in_array(xarUserGetVar('uname'), xarConfigVars::get(null, 'Site.User.DebugAdmins'))) { var_dump($data['object']->getInvalids()); } // Preview or bad data: redisplay the form $data['properties'] = $data['object']->getProperties(); if ($data['preview']) { $data['tab'] = 'preview'; } $data['items'] = $itemsdata; // Get the settings of the publication type we are using $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid'])); return xarTplModule('publications', 'admin', 'modify', $data); } // call transform input hooks $article['transform'] = array('summary', 'body', 'notes'); $article = xarModCallHooks('item', 'transform-input', $data['itemid'], $article, 'publications', $data['ptid']); // Now talk to the database. Loop through all the translation pages foreach ($itemsdata as $id => $itemdata) { // Get the data for this item $data['object']->setFieldValues($itemdata, 1); // Save or create the item (depends whether this translation is new) if (empty($id)) { $item = $data['object']->createItem(); } else { $item = $data['object']->updateItem(); } // Check if we have an alias and set it as an alias of the publications module $alias_flag = $data['object']->properties['alias_flag']->value; if ($alias_flag == 1) { $alias = $data['object']->properties['alias']->value; if (!empty($alias)) { xarModAlias::set($alias, 'publications'); } } elseif ($alias_flag == 2) { $alias = $data['object']->properties['name']->value; if (!empty($alias)) { xarModAlias::set($alias, 'publications'); } } // Clear the itemid property in preparation for the next round unset($data['object']->itemid); } // Success xarSession::setVar('statusmsg', xarML('Publication Updated')); // If quitting, go to admin view; otherwise redisplay the page if (xarSecurityCheck('EditPublications', 0, 'Publication', $data['ptid'] . ':All:All:All')) { if ($data['quit']) { // Redirect if we came from somewhere else $current_listview = xarSession::getVar('publications_current_listview'); if (!empty($current_listview)) { xarController::redirect($current_listview); } xarController::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $data['ptid']))); } elseif ($data['front']) { xarController::redirect(xarModURL('publications', 'user', 'display', array('name' => $pubtypeobject->properties['name']->value, 'itemid' => $data['itemid']))); } else { xarController::redirect(xarModURL('publications', 'admin', 'modify', array('name' => $pubtypeobject->properties['name']->value, 'itemid' => $data['itemid']))); } return true; } }
/** * delete calendar from database */ function calendar_admin_delete_calendar() { // Get parameters if (!xarVarFetch('calid', 'id', $calid)) { return; } if (!xarVarFetch('confirm', 'checkbox', $confirm, false, XARVAR_NOT_REQUIRED)) { return; } // Get calendar information $calendar = xarMod::apiFunc('calendar', 'user', 'get', array('calid' => $calid)); if (!isset($calendar) || $calendar == false) { $msg = xarML('Unable to find #(1) item #(2)', 'Calendar', xarVarPrepForDisplay($calid)); throw new Exception($msg); } // Security check $input = array(); $input['calendar'] = $calendar; $input['mask'] = 'DeleteCalendars'; /* TODO: security if (!xarMod::apiFunc('calendar','user','checksecurity',$input)) { $msg = xarML('You have no permission to delete item #(1)', xarVarPrepForDisplay($calid)); throw new Exception($msg); } */ // Check for confirmation if (!$confirm) { $data = array(); // Specify for which item you want confirmation $data['calid'] = $calid; // Use articles user GUI function (not API) for preview if (!xarMod::load('calendar', 'user')) { return; } $data['preview'] = xarMod::guiFunc('calendar', 'user', 'display', array('calid' => $calid)); // Add some other data you'll want to display in the template $data['confirmtext'] = xarML('Confirm deleting this calendar'); $data['confirmlabel'] = xarML('Confirm'); // Generate a one-time authorisation code for this operation $data['authid'] = xarSecGenAuthKey(); // Return the template variables defined in this function return $data; } // Confirmation present if (!xarSecConfirmAuthKey()) { return; } // Pass to API if (!xarMod::apiFunc('calendar', 'admin', 'delete_calendar', array('calid' => $calid))) { return; } // Success xarSession::setVar('statusmsg', xarML('Calendar Deleted')); // Return to the original admin view $lastview = xarSession::getVar('Calendar.LastView'); if (isset($lastview)) { $lastviewarray = unserialize($lastview); if (!empty($lastviewarray['ptid']) && $lastviewarray['ptid'] == $ptid) { extract($lastviewarray); xarController::redirect(xarModURL('calendar', 'admin', 'view_calendars')); return true; } } xarController::redirect(xarModURL('calendar', 'admin', 'view_calendars')); return true; }
/** * Publications Module * * @package modules * @subpackage publications module * @category Third Party Xaraya Module * @version 2.0.0 * @copyright (C) 2011 Netspan AG * @license GPL {@link http://www.gnu.org/licenses/gpl.html} * @author Marc Lutolf <*****@*****.**> */ function publications_admin_clone() { if (!xarSecurityCheck('ManagePublications')) { return; } if (!xarVarFetch('name', 'isset', $objectname, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('ptid', 'isset', $ptid, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('itemid', 'isset', $data['itemid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_DONT_SET)) { return; } if (empty($data['itemid'])) { return xarResponse::NotFound(); } // If a pubtype ID was passed, get the name of the pub object if (isset($ptid)) { $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $ptid)); $objectname = $pubtypeobject->properties['name']->value; } if (empty($objectname)) { return xarResponse::NotFound(); } sys::import('modules.dynamicdata.class.objects.master'); $data['object'] = DataObjectMaster::getObject(array('name' => $objectname)); if (empty($data['object'])) { return xarResponse::NotFound(); } // Security if (!$data['object']->checkAccess('update')) { return xarResponse::Forbidden(xarML('Clone #(1) is forbidden', $object->label)); } $data['object']->getItem(array('itemid' => $data['itemid'])); $data['authid'] = xarSecGenAuthKey(); $data['name'] = $data['object']->properties['name']->value; $data['label'] = $data['object']->label; xarTplSetPageTitle(xarML('Clone Publication #(1) in #(2)', $data['itemid'], $data['label'])); if ($confirm) { if (!xarSecConfirmAuthKey()) { return; } // Get the name for the clone if (!xarVarFetch('newname', 'str', $newname, "", XARVAR_NOT_REQUIRED)) { return; } if (empty($newname)) { $newname = $data['name'] . "_copy"; } if ($newname == $data['name']) { $newname = $data['name'] . "_copy"; } $newname = strtolower(str_ireplace(" ", "_", $newname)); // Create the clone $data['object']->properties['name']->setValue($newname); $data['object']->properties['id']->setValue(0); $cloneid = $data['object']->createItem(array('itemid' => 0)); // Create the clone's translations if (!xarVarFetch('clone_translations', 'int', $clone_translations, 0, XARVAR_NOT_REQUIRED)) { return; } if ($clone_translations) { // Get the info on all the objects to be cloned sys::import('xaraya.structures.query'); $tables = xarDB::getTables(); $q = new Query(); $q->addtable($tables['publications'], 'p'); $q->addtable($tables['publications_types'], 'pt'); $q->join('p.pubtype_id', 'pt.id'); $q->eq('parent_id', $data['itemid']); $q->addfield('p.id AS id'); $q->addfield('pt.name AS name'); $q->run(); // Clone each one foreach ($q->output() as $item) { $object = DataObjectMaster::getObject(array('name' => $item['name'])); $object->getItem(array('itemid' => $item['id'])); $object->properties['parent']->value = $cloneid; $object->properties['id']->value = 0; $object->createItem(array('itemid' => 0)); } } // Redirect if we came from somewhere else $current_listview = xarSession::getVar('publications_current_listview'); if (!empty($return_url)) { xarController::redirect($return_url); } elseif (!empty($current_listview)) { xarController::redirect($current_listview); } else { xarController::redirect(xarModURL('publications', 'user', 'view')); } return true; } return $data; }