/** * Save group page * * @return void */ public function saveTask($apply = false) { Request::checkToken(); // Get the page vars being posted $page = Request::getVar('page', array(), 'post'); $version = Request::getVar('pageversion', array(), 'post', 'none', JREQUEST_ALLOWRAW); // are we updating or creating a new page $task = $page['id'] ? 'update' : 'create'; // load page and version objects $this->page = new Page($page['id']); $this->version = new Page\Version(); // bind new page properties if (!$this->page->bind($page)) { $this->setNotification($this->page->getError(), 'error'); $this->editTask(); return; } // bind new page version properties if (!$this->version->bind($version)) { $this->setNotification($this->version->getError(), 'error'); $this->editTask(); return; } // make sure page belongs to group if ($task == 'update' && !$this->page->belongsToGroup($this->group)) { App::abort(403, Lang::txt('COM_GROUPS_PAGES_PAGE_NOT_AUTH')); } // set page vars $this->page->set('gidNumber', $this->group->get('gidNumber')); // only get unique alias if not home page if ($this->page->get('home') == 0) { $this->page->set('alias', $this->page->uniqueAlias()); } // update our depth $parent = $this->page->getParent(); $depth = $parent->get('id') ? $parent->get('depth') + 1 : 0; $this->page->set('depth', $depth); // make sure we can create both the page and version if (!$this->page->check() || !$this->version->check()) { $error = $this->page->getError() ? $this->page->getError() : $this->version->getError(); $this->setNotification($error, 'error'); $this->editTask(); return; } // our start should be our left (order) or the parents right - 1 $start = $this->page->get('left'); if (!$start) { $start = $parent->get('rgt') - 1; } // update current rights $sql = "UPDATE `#__xgroups_pages` SET rgt=rgt+2 WHERE rgt>" . ($start - 1) . " AND gidNumber=1053;"; $this->database->setQuery($sql); $this->database->query(); // update current lefts $sql2 = "UPDATE `#__xgroups_pages` SET lft=lft+2 WHERE lft>" . ($start - 1) . " AND gidNumber=1053;"; $this->database->setQuery($sql2); $this->database->query(); // set this pages left & right $this->page->set('lft', $start); $this->page->set('rgt', $start + 1); // save page settings if (!$this->page->store(true)) { $this->setNotification($this->page->getError(), 'error'); $this->editTask(); return; } if (!is_object($this->group->params)) { $this->group->params = new \Hubzero\Config\Registry($this->group->params); } $this->version->set('page_trusted', $this->group->params->get('page_trusted', 0)); // get currrent version # $currentVersionNumber = $this->page->version() ? $this->page->version()->get('version') : 0; // did the module content change? $contentChanged = false; $oldContent = $this->page->version() ? trim($this->page->version()->get('content')) : ''; $newContent = isset($version['content']) ? trim($version['content']) : ''; if (!$this->version->get('page_trusted', 0)) { $newContent = Page\Version::purify($newContent, $this->group->isSuperGroup()); } // is the new and old content different? if ($oldContent != $newContent) { $contentChanged = true; } // set page version vars $this->version->set('pageid', $this->page->get('id')); $this->version->set('version', $currentVersionNumber + 1); $this->version->set('created', Date::toSql()); $this->version->set('created_by', User::get('id')); $this->version->set('approved', 1); $this->version->set('approved_on', Date::toSql()); $this->version->set('approved_by', User::get('id')); // if we have php or script tags we must get page approved by admin // check the $newContent var since its already been purified // and has has php/script tags removed if not super group if (strpos($newContent, '<?') !== false || strpos($newContent, '<?php') !== false || strpos($newContent, '<script') !== false) { $this->version->set('approved', 0); $this->version->set('approved_on', NULL); $this->version->set('approved_by', NULL); } // only create a new version and send approve notif if content has changed if ($contentChanged) { // check version again (because were not on store() method) if (!$this->version->check()) { $this->setNotification($this->version->getError(), 'error'); $this->editTask(); return; } // save version settings // dont run check on version store, skips onContentBeforeSave in Html format hadler if (!$this->version->store(false, $this->group->isSuperGroup())) { $this->setNotification($this->version->getError(), 'error'); $this->editTask(); return; } // send to approvers if ($this->version->get('approved', 0) == 0) { Helpers\Pages::sendApproveNotification('page', $this->page); } } // check page back in Helpers\Pages::checkin($this->page->get('id')); // redirect to return url if ($return = Request::getVar('return', '', 'post')) { $this->setNotification(Lang::txt('COM_GROUPS_PAGES_PAGE_SAVED', $task), 'passed'); App::redirect(base64_decode($return)); return; } // are we applying or saving? if ($apply) { $notification = Lang::txt('COM_GROUPS_PAGES_PAGE_SAVED_AND_LINK', $task, $this->page->url()); $redirect = Route::url('index.php?option=' . $this->_option . '&cn=' . $this->group->get('cn') . '&controller=pages&task=edit&pageid=' . $this->page->get('id')); } else { $notification = Lang::txt('COM_GROUPS_PAGES_PAGE_SAVED', $task); $redirect = Route::url('index.php?option=com_groups&cn=' . $this->group->get('cn') . '&controller=pages'); } // Push success message and redirect $this->setNotification($notification, 'passed'); App::redirect($redirect); }
/** * Save Module * * @return void */ public function saveTask() { // get request vars $module = Request::getVar('module', array(), 'post', 'none', JREQUEST_ALLOWRAW); $menu = Request::getVar('menu', array(), 'post'); // set gid number $module['gidNumber'] = $this->group->get('gidNumber'); // clean title & position $module['title'] = preg_replace("/[^-_ a-zA-Z0-9]+/", "", $module['title']); $module['position'] = preg_replace("/[^-_a-zA-Z0-9]+/", "", $module['position']); // get the category object $this->module = new Module($module['id']); // ordering change $ordering = null; if (isset($module['ordering']) && $module['ordering'] != $this->module->get('ordering')) { $ordering = $module['ordering']; unset($module['ordering']); } // if this is new module or were changing position, // get next order possible for position if (!isset($module['id']) || $module['id'] == '' || $module['position'] != $this->module->get('position')) { $ordering = null; $module['ordering'] = $this->module->getNextOrder($module['position']); } // did the module content change? $contentChanged = false; $oldContent = trim($this->module->get('content')); $newContent = isset($module['content']) ? trim($module['content']) : ''; if (!is_object($this->group->params)) { $this->group->params = new \Hubzero\Config\Registry($this->group->params); } if (!$this->group->params->get('page_trusted', 0)) { $newContent = Module::purify($newContent, $this->group->isSuperGroup()); } // is the new and old content different? if ($oldContent != $newContent) { $contentChanged = true; } // bind request vars to module model if (!$this->module->bind($module)) { $this->setNotification($this->module->getError(), 'error'); return $this->editTask(); } // module is approved unless contains php or scripts (checked below) $this->module->set('approved', 1); // if we have php or script tags we must get module approved by admin if (strpos($this->module->get('content'), '<?') !== false || strpos($this->module->get('content'), '<?php') !== false || strpos($this->module->get('content'), '<script') !== false) { // only change approve status if content changed if ($contentChanged) { $this->module->set('approved', 0); $this->module->set('approved_on', NULL); $this->module->set('approved_by', NULL); $this->module->set('checked_errors', 0); $this->module->set('scanned', 0); } } // set created if new module if (!$this->module->get('id')) { $this->module->set('created', Date::toSql()); $this->module->set('created_by', User::get('id')); } // set modified $this->module->set('modified', Date::toSql()); $this->module->set('modified_by', User::get('id')); // check module again (because were not on store() method) if (!$this->module->check()) { $this->setNotification($this->module->getError(), 'error'); $this->editTask(); return; } // save version settings // dont run check on module store, skips onContentBeforeSave in Html format hadler if (!$this->module->store(false, $this->group->isSuperGroup())) { $this->setNotification($this->module->getError(), 'error'); $this->editTask(); return; } // create module menu if (!$this->module->buildMenu($menu)) { $this->setNotification($this->module->getError(), 'error'); $this->editTask(); return; } // do we need to reorder if ($ordering !== null) { $move = (int) $ordering - (int) $this->module->get('ordering'); $this->module->move($move, $this->module->get('position')); } // send to approvers if unapproved if ($this->module->get('approved', 0) == 0) { Helpers\Pages::sendApproveNotification('module', $this->module); } // Push success message and redirect $this->setNotification(Lang::txt('COM_GROUPS_PAGES_MODULE_SAVED'), 'passed'); App::redirect(Route::url('index.php?option=' . $this->_option . '&cn=' . $this->group->get('cn') . '&controller=pages#modules')); if ($return = Request::getVar('return', '', 'post')) { App::redirect(base64_decode($return)); } }