/** * @Request({"permissions": "array"}, csrf=true) * @Response("json") */ public function saveAction($permissions = []) { foreach ($this->roles->findAll() as $role) { $role->setPermissions(isset($permissions[$role->getId()]) ? $permissions[$role->getId()] : []); $this->roles->save($role); } return $this['request']->isXmlHttpRequest() ? ['message' => __('Permissions saved!')] : $this->redirect('@system/permission'); }
/** * @Request({"order": "array"}, csrf=true) * @Response("json") */ public function priorityAction($order) { foreach ($order as $id => $priority) { $role = $this->roles->find($id); if ($role) { $this->roles->save($role, compact('priority')); } } return $order; }
/** * @Request({"id": "int", "name"}, csrf=true) */ public function saveAction($id, $name) { try { if (!$name) { throw new Exception(__('Invalid menu name.')); } if (!($menu = $this->menus->find($id))) { $menu = new Menu(); } if ($this->menus->where(['name = ?', 'id <> ?'], [$name, $id])->first()) { throw new Exception(__('Invalid menu name. "%name%" is already in use.', ['%name%' => $name])); } $this->menus->save($menu, compact('name')); } catch (Exception $e) { $this['message']->error($e->getMessage()); } return $this->redirect('@system/menu', ['id' => isset($menu) ? $menu->getId() : 0]); }
/** * @Request({"position", "order": "array"}, csrf=true) * @Response("json") */ public function reorderAction($position, $order = []) { $widgets = $this->widgets->findAll(); foreach ($order as $priority => $data) { $id = $data['id']; if (isset($widgets[$id])) { $this->widgets->save($widgets[$id], compact('position', 'priority')); } } return ['message' => __('Widgets updated.')]; }
/** * @Request({"status": "int", "ids": "int[]"}, csrf=true) * @Response("json") */ public function statusAction($status, $ids = []) { foreach ($ids as $id) { if ($comment = $this->comments->find($id) and $comment->getStatus() != $status) { $previous = $comment->getStatus(); $comment->setStatus($status); $this->comments->save($comment); $this['events']->dispatch('system.comment.spam_mark', new MarkSpamEvent($comment, $previous)); } } return ['message' => _c('{0} No comment status updated.|{1} Comment status updated.|]1,Inf[ Comment statuses updated.', count($ids))]; }
/** * @Route("/comment") * @Request({"post_id": "int", "comment": "array"}, csrf=true) */ public function commentAction($id, $data) { try { $user = $this['user']; if (!$user->hasAccess('blog: post comments')) { throw new Exception(__('Insufficient User Rights.')); } // check minimum idle time in between user comments if (!$user->hasAccess('blog: skip comment min idle') and $minidle = $this->extension->getParams('comments.minidle') and $comment = $this->comments->query()->where($user->isAuthenticated() ? ['user_id' => $user->getId()] : ['ip' => $this['request']->getClientIp()])->orderBy('created', 'DESC')->first()) { $diff = $comment->getCreated()->diff(new \DateTime("- {$minidle} sec")); if ($diff->invert) { throw new Exception(__('Please wait another %seconds% seconds before commenting again.', ['%seconds%' => $diff->s + $diff->i * 60 + $diff->h * 3600])); } } if (!($post = $this->posts->query()->where(['id' => $id, 'status' => Post::STATUS_PUBLISHED])->first())) { throw new Exception(__('Insufficient User Rights.')); } if (!$post->isCommentable()) { throw new Exception(__('Comments have been disabled for this post.')); } // retrieve user data if ($user->isAuthenticated()) { $data['author'] = $user->getName(); $data['email'] = $user->getEmail(); $data['url'] = $user->getUrl(); } elseif ($this->extension->getParams('comments.require_name_and_email') && (!$data['author'] || !$data['email'])) { throw new Exception(__('Please provide valid name and email.')); } $comment = new Comment(); $comment->setUserId((int) $user->getId()); $comment->setIp($this['request']->getClientIp()); $comment->setCreated(new \DateTime()); $comment->setPost($post); $approved_once = (bool) $this->comments->query()->where(['user_id' => $user->getId(), 'status' => Comment::STATUS_APPROVED])->first(); $comment->setStatus($user->hasAccess('blog: skip comment approval') ? Comment::STATUS_APPROVED : $user->hasAccess('blog: comment approval required once') && $approved_once ? Comment::STATUS_APPROVED : Comment::STATUS_PENDING); // check the max links rule if ($comment->getStatus() == Comment::STATUS_APPROVED && $this->extension->getParams('comments.maxlinks') <= preg_match_all('/<a [^>]*href/i', @$data['content'])) { $comment->setStatus(Comment::STATUS_PENDING); } // check for spam $this['events']->dispatch('system.comment.spam_check', new CommentEvent($comment)); $this->comments->save($comment, $data); $this['message']->info(__('Thanks for commenting!')); return $this->redirect($this['url']->route('@blog/id', ['id' => $post->getId()], true) . '#comment-' . $comment->getId()); } catch (Exception $e) { $this['message']->error($e->getMessage()); return $this->redirect($this['url']->previous()); } catch (\Exception $e) { $this['message']->error(__('Whoops, something went wrong!')); return $this->redirect($this['url']->previous()); } }
/** * @Request({"id": "int", "alias", "source"}, csrf=true) */ public function saveAction($id, $alias, $source) { try { if (!($obj = $this->aliases->find($id))) { $obj = new Alias(); } if (!($alias = trim($alias, '/'))) { throw new Exception(__('Invalid alias.')); } if (!($source = trim($source, '/')) or strpos($source, '@') !== 0) { throw new Exception(__('Invalid source.')); } if ($this->aliases->where(['alias = ?', 'id <> ?'], [$alias, $id])->first()) { throw new Exception(__('The alias "%alias%" is already in use.', ['%alias%' => $alias])); } $this->aliases->save($obj, compact('alias', 'source')); $id = $obj->getId(); $this['message']->success($id ? __('Alias saved.') : __('Alias created.')); } catch (Exception $e) { $this['message']->error($e->getMessage()); } return $this->redirect($id ? '@system/alias/edit' : '@system/alias/add', compact('id')); }
/** * @Request({"status": "int", "ids": "int[]"}, csrf=true) * @Response("json") */ public function statusAction($status, $ids = []) { foreach ($ids as $id) { if ($page = $this->pages->find($id) and $page->getStatus() != $status) { $page->setStatus($status); $this->pages->save($page); } } if ($status == Page::STATUS_PUBLISHED) { $message = _c('{0} No page published.|{1} Page published.|]1,Inf[ Pages published.', count($ids)); } else { $message = _c('{0} No page unpublished.|{1} Page unpublished.|]1,Inf[ Pages unpublished.', count($ids)); } return compact('message'); }