/**
* Store changes to this database entry
*
* @param boolean $check Perform data validation check?
* @return boolean False if error, True on success
*/
public function store($check = true)
{
$this->set('open', $this->status('open'));
if ($this->get('open')) {
$this->set('resolved', '');
}
$result = parent::store($check);
if ($result && !$this->_tbl->id) {
$this->_tbl->getId();
}
return $result;
}
/**
* Delete the record and all associated data
*
* @param boolean $check Validate data?
* @return boolean False if error, True on success
*/
public function store($check = true)
{
$this->set('changelog', $this->changelog()->__toString());
return parent::store($check);
}
/**
* Overload Store method so we can run some purifying before save
*
* @param boolean $check Run the Table Check Method
* @param boolean $trustedContent Is content trusted
* @return void
*/
public function store($check = true, $trustedContent = false)
{
if (!$this->get('page_trusted', 0)) {
//get content
$content = $this->get('content');
// if content is not trusted, strip php and scripts
if (!$trustedContent) {
$content = preg_replace('#<script(.*?)>(.*?)</script>#is', '', $content);
$content = preg_replace('/<\\?[\\s\\S]*?\\?>/', '', $content);
}
// purify content
$content = $this->purify($content, $trustedContent);
// set the purified content
$this->set('content', $content);
}
// call parent store
if (!parent::store($check)) {
return false;
}
return true;
}
/**
* Store changes to this database entry
*
* @param boolean $check Perform data validation check?
* @return boolean False if error, True on success
*/
public function store($check = true)
{
$result = parent::store($check);
if ($result) {
// Check file attachment
$fieldName = 'comment_file';
if (!empty($_FILES[$fieldName]) && !empty($_FILES[$fieldName]['name'])) {
if ($_FILES[$fieldName]['error']) {
$this->setError(\Lang::txt('PLG_HUBZERO_COMMENTS_ERROR_UPLOADING_FILE'));
}
$file = new Attachment();
$file->set('comment_id', $this->get('id'));
$fileName = $_FILES[$fieldName]['name'];
// the name of the file in PHP's temp directory that we are going to move to our folder
$fileTemp = $_FILES[$fieldName]['tmp_name'];
// lose any special characters in the filename
$fileName = preg_replace("/[^A-Za-z0-9.]/i", '-', $fileName);
// always use constants when making file paths, to avoid the possibilty of remote file inclusion
$uploadDir = $file->link('base');
if (!is_dir($uploadDir)) {
if (!\Filesystem::makeDirectory($uploadDir)) {
$this->setError(\Lang::txt('PLG_HUBZERO_COMMENTS_UNABLE_TO_CREATE_UPLOAD_PATH'));
}
}
if (!$this->getError()) {
// check if file exists -- rename if needed
$ext = strrchr($fileName, '.');
$prefix = substr($fileName, 0, -strlen($ext));
// rename file if exists
$i = 1;
while (is_file($uploadDir . DS . $fileName)) {
$fileName = $prefix . ++$i . $ext;
}
$uploadPath = $uploadDir . DS . $fileName;
if (!\Filesystem::upload($fileTemp, $uploadPath)) {
$this->setError(\Lang::txt('PLG_HUBZERO_COMMENTS_ERROR_MOVING_FILE'));
} else {
$file->set('filename', $fileName);
$file->store();
}
}
}
}
return $result;
}