/** * Download a file * * @return void */ public function downloadTask() { $archive = new Archive('site', 0); $entry = Entry::oneByScope(Request::getVar('alias', ''), 'site', 0); if (!$entry->get('id') || !$entry->access('view')) { throw new Exception(Lang::txt('Access denied.'), 403); } if (!($file = Request::getVar('file', ''))) { $filename = array_pop(explode('/', $_SERVER['REQUEST_URI'])); // Get the file name if (substr(strtolower($filename), 0, strlen('image:')) == 'image:') { $file = substr($filename, strlen('image:')); } elseif (substr(strtolower($filename), 0, strlen('file:')) == 'file:') { $file = substr($filename, strlen('file:')); } } // Decode file name $file = urldecode($file); // Build file path $file_path = $archive->filespace() . DS . $file; // Ensure the file exist if (!file_exists($file_path)) { throw new InvalidArgumentException(Lang::txt('The requested file could not be found: %s', $file), 404); } // Serve up the image $server = new Server(); $server->filename($file_path); $server->disposition('inline'); $server->acceptranges(false); // @TODO fix byte range support // Serve up file if (!$server->serve()) { // Should only get here on error throw new RuntimeException(Lang::txt('An error occurred while trying to output the file'), 500); } else { exit; } }
/** * Display an RSS feed of comments * * @return string RSS */ public function commentsTask() { if (!$this->config->get('feeds_enabled')) { throw new Exception(Lang::txt('Feed not found.'), 404); } // Set the mime encoding for the document Document::setType('feed'); // Start a new feed object $doc = Document::instance(); $doc->link = Route::url('index.php?option=' . $this->_option); // Incoming $alias = Request::getVar('alias', ''); if (!$alias) { throw new Exception(Lang::txt('Feed not found.'), 404); } $this->entry = Entry::oneByScope($alias, 'site', 0); if (!$this->entry->isAvailable()) { throw new Exception(Lang::txt('Feed not found.'), 404); } $year = Request::getInt('year', date("Y")); $month = Request::getInt('month', 0); // Build some basic RSS document information $doc->title = Config::get('sitename') . ' - ' . Lang::txt(strtoupper($this->_option)); $doc->title .= $year ? ': ' . $year : ''; $doc->title .= $month ? ': ' . sprintf("%02d", $month) : ''; $doc->title .= stripslashes($this->entry->get('title', '')); $doc->title .= ': ' . Lang::txt('Comments'); $doc->description = Lang::txt('COM_BLOG_COMMENTS_RSS_DESCRIPTION', Config::get('sitename'), stripslashes($this->entry->get('title'))); $doc->copyright = Lang::txt('COM_BLOG_RSS_COPYRIGHT', date("Y"), Config::get('sitename')); $rows = $this->entry->comments()->whereIn('state', array(1, 3))->ordered()->rows(); // Start outputing results if any found if ($rows->count() <= 0) { return; } foreach ($rows as $row) { $this->_comment($doc, $row); } }
/** * Save an entry * * @return void */ private function _save() { if (User::isGuest()) { $blog = Route::url('index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=' . $this->_name, false, true); App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($blog)), Lang::txt('GROUPS_LOGIN_NOTICE'), 'warning'); return; } if (!$this->authorized) { $this->setError(Lang::txt('PLG_GROUPS_BLOG_NOT_AUTHORIZED')); return $this->_browse(); } if (!$this->_getPostingPermissions()) { $this->setError(Lang::txt('PLG_GROUPS_BLOG_ERROR_PERMISSION_DENIED')); return $this->_browse(); } // Check for request forgeries Request::checkToken(); $entry = Request::getVar('entry', array(), 'post', 'none', 2); if (isset($entry['publish_up']) && $entry['publish_up'] != '') { $entry['publish_up'] = Date::of($entry['publish_up'], Config::get('offset'))->toSql(); } if (isset($entry['publish_down']) && $entry['publish_down'] != '') { $entry['publish_down'] = Date::of($entry['publish_down'], Config::get('offset'))->toSql(); } // make sure we dont want to turn off comments $entry['allow_comments'] = isset($entry['allow_comments']) ?: 0; // Instantiate model $row = \Components\Blog\Models\Entry::oneOrNew($entry['id'])->set($entry); if ($row->get('alias') == '') { $alias = $row->automaticAlias($row); } if ($row->isNew()) { $item = \Components\Blog\Models\Entry::oneByScope($alias, $this->model->get('scope'), $this->model->get('scope_id')); if ($item->get('id')) { $this->setError(Lang::txt('PLG_GROUPS_BLOG_ERROR_ALIAS_EXISTS')); return $this->_edit($row); } } // Store new content if (!$row->save()) { $this->setError($row->getError()); return $this->_edit($row); } // Process tags if (!$row->tag(Request::getVar('tags', ''))) { $this->setError($row->getError()); return $this->_edit($row); } // Record the activity $recipients = array(['group', $this->group->get('gidNumber')]); if (!in_array($row->get('created_by'), $this->group->get('managers'))) { $recipients[] = ['user', $row->get('created_by')]; } foreach ($this->group->get('managers') as $recipient) { $recipients[] = ['user', $recipient]; } Event::trigger('system.logActivity', ['activity' => ['action' => $entry['id'] ? 'updated' : 'created', 'scope' => 'blog.entry', 'scope_id' => $row->get('id'), 'description' => Lang::txt('PLG_GROUPS_BLOG_ACTIVITY_ENTRY_' . ($entry['id'] ? 'UPDATED' : 'CREATED'), '<a href="' . Route::url($row->link()) . '">' . $row->get('title') . '</a>'), 'details' => array('title' => $row->get('title'), 'url' => Route::url($row->link()))], 'recipients' => $recipients]); App::redirect(Route::url($row->link())); }
/** * Create an item entry * * @param integer $id Optional ID to use * @return boolean */ public function make($id = null) { if ($this->exists()) { return true; } $id = $id ?: Request::getInt('id', 0); include_once PATH_CORE . DS . 'components' . DS . 'com_blog' . DS . 'models' . DS . 'entry.php'; $post = null; if (!$id) { $alias = Request::getVar('alias', ''); $post = Entry::oneByScope($alias, 'site', 0); $id = $post->get('id'); } $this->_tbl->loadType($id, $this->_type); if ($this->exists()) { return true; } if (!$post) { $post = Entry::oneOrFail($id); } if (!$post->get('id')) { $this->setError(Lang::txt('Blog post not found.')); return false; } $this->set('type', $this->_type)->set('object_id', $post->get('id'))->set('created', $post->get('created'))->set('created_by', $post->get('created_by'))->set('title', $post->get('title'))->set('description', \Hubzero\Utility\String::truncate(strip_tags($post->content()), 200))->set('url', Route::url($post->link())); if (!$this->store()) { return false; } return true; }
/** * Save an entry * * @return void */ private function _save() { if (User::isGuest()) { $blog = Route::url('index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=' . $this->_name, false, true); App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($blog)), Lang::txt('GROUPS_LOGIN_NOTICE'), 'warning'); return; } if (!$this->authorized) { $this->setError(Lang::txt('PLG_GROUPS_BLOG_NOT_AUTHORIZED')); return $this->_browse(); } if (!$this->_getPostingPermissions()) { $this->setError(Lang::txt('PLG_GROUPS_BLOG_ERROR_PERMISSION_DENIED')); return $this->_browse(); } $entry = Request::getVar('entry', array(), 'post', 'none', 2); if (isset($entry['publish_up']) && $entry['publish_up'] != '') { $entry['publish_up'] = Date::of($entry['publish_up'], Config::get('offset'))->toSql(); } if (isset($entry['publish_down']) && $entry['publish_down'] != '') { $entry['publish_down'] = Date::of($entry['publish_down'], Config::get('offset'))->toSql(); } // make sure we dont want to turn off comments $entry['allow_comments'] = isset($entry['allow_comments']) ?: 0; // Instantiate model $row = \Components\Blog\Models\Entry::oneOrNew($entry['id'])->set($entry); if ($row->isNew()) { $item = \Components\Blog\Models\Entry::oneByScope($row->get('alias'), $this->model->get('scope'), $this->model->get('scope_id')); if ($item->get('id')) { $this->setError(Lang::txt('PLG_GROUPS_BLOG_ERROR_ALIAS_EXISTS')); return $this->_edit($row); } } // Store new content if (!$row->save()) { $this->setError($row->getError()); return $this->_edit($row); } // Process tags if (!$row->tag(Request::getVar('tags', ''))) { $this->setError($row->getError()); return $this->_edit($row); } App::redirect(Route::url($row->link())); }
/** * Display a blog entry * * @return string */ private function _entry() { if (isset($this->entry) && is_object($this->entry)) { $row = $this->entry; } else { $path = Request::path(); $alias = ''; if (strstr($path, '/')) { $bits = $this->_parseUrl(); $alias = end($bits); } $row = \Components\Blog\Models\Entry::oneByScope($alias, $this->model->get('scope'), $this->model->get('scope_id')); } if (!$row->get('id') || $row->isDeleted()) { App::abort(404, Lang::txt('PLG_MEMBERS_BLOG_NO_ENTRY_FOUND')); } // Check authorization if ($row->get('access') == 2 && User::isGuest() || $row->get('state') == 0 && User::get('id') != $this->member->get('id')) { App::abort(403, Lang::txt('PLG_MEMBERS_BLOG_NOT_AUTH')); } // Filters for returning results $filters = array('limit' => 10, 'start' => 0, 'scope' => 'member', 'scope_id' => $this->member->get('id'), 'authorized' => false); if (User::get('id') != $this->member->get('id')) { $filters['state'] = 1; $filters['access'] = User::getAuthorisedViewLevels(); } $view = $this->view('default', 'entry')->set('option', $this->option)->set('member', $this->member)->set('task', $this->task)->set('config', $this->params)->set('archive', $this->model)->set('row', $row)->set('filters', $filters)->setErrors($this->getErrors()); return $view->loadTemplate(); }