function index($params) { /* if($this->_user->id === 0) { $this->cacheAction = Configure::read('Cache.expires'); }*/ $this->action = 'directory'; // Set view file # Read module params $dir_id = isset($this->params['module']) ? cleanIntegerCommaList(Sanitize::getString($this->params['module'], 'dir_ids')) : ''; $conditions = array(); $order = array(); $cat_id = ''; $section_id = ''; if ($this->cmsVersion == CMS_JOOMLA15) { $directories = $this->Directory->getTree($dir_id, true); } else { $directories = $this->Category->findTree(array('level' => $this->Config->dir_category_levels, 'menu_id' => true, 'dir_id' => $dir_id, 'pad_char' => '')); } if ($menu_id = Sanitize::getInt($this->params, 'Itemid')) { $menuParams = $this->Menu->getMenuParams($menu_id); } # Category auto detect $ids = CommonController::_discoverIDs($this); extract($ids); if ($this->cmsVersion == CMS_JOOMLA15 && ($cat_id != '' && $section_id == '')) { $cat_id = cleanIntegerCommaList($cat_id); $sql = "SELECT section FROM #__categories WHERE id IN (" . $cat_id . ")"; $this->_db->setQuery($sql); $section_id = $this->_db->loadResult(); } $this->set(array('directories' => $directories, 'dir_id' => $dir_id, 'cat_id' => is_numeric($cat_id) && $cat_id > 0 ? $cat_id : false, 'section_id' => $section_id)); return $this->render('modules', 'directories'); }
function index($params) { $this->action = 'directory'; // Set view file # Read module params $dir_id = cleanIntegerCommaList(Sanitize::getString($this->params['module'], 'dir_ids')); $conditions = array(); $order = array(); $cat_id = ''; $section_id = ''; $directories = $this->Directory->getTree($dir_id, true); if ($menu_id = Sanitize::getInt($this->params, 'Itemid')) { $menuParams = $this->Menu->getMenuParams($menu_id); } # Category auto detect $ids = CommonController::_discoverIDs($this); extract($ids); if ($cat_id != '' && $section_id == '') { $cat_id = cleanIntegerCommaList($cat_id); $sql = "SELECT section FROM #__categories WHERE id IN (" . $cat_id . ")"; $this->_db->setQuery($sql); $section_id = $this->_db->loadResult(); } $this->set(array('directories' => $directories, 'cat_id' => is_numeric($cat_id) && $cat_id > 0 ? $cat_id : false, 'section_id' => $section_id)); return $this->render('modules', 'directories'); }
/** * Used for related listings field * */ function _relatedListings() { $id = Sanitize::getInt($this->data, 'id'); $listing_type = cleanIntegerCommaList(Sanitize::getString($this->data, 'listingtype')); $valueq = Sanitize::getString($this->data, 'value'); $fname = Sanitize::getString($this->data, 'fname'); $conditions = $joins = array(); if ($valueq != '' || $id > 0) { $field = $this->Field->findRow(array('conditions' => array("Field.name = " . $this->quote($fname)))); $owner_filter = Sanitize::getBool($field['Field']['_params'], 'listing_type_owner', false); # Check owner filter and apply only if user is member and not in editor group or above if (!$this->Access->isEditor() && $owner_filter && $this->_user->id > 0) { $conditions[] = "Listing.created_by = " . $this->_user->id; } elseif ($owner_filter && $this->_user->id == 0) { return json_encode(array()); } $valueq != '' and $conditions[] = "Listing.title LIKE " . $this->quoteLike($valueq); $id > 0 and $conditions[] = "Listing.id = " . $id; if ($listing_type != '') { $conditions[] = "JreviewsCategory.criteriaid IN (" . $listing_type . ")"; $joins[] = "LEFT JOIN #__jreviews_categories AS JreviewsCategory ON Listing.catid = JreviewsCategory.id"; } $query = "\r\n SELECT \r\n Listing.id as value, Listing.title AS label\r\n FROM \r\n #__content AS Listing " . (!empty($joins) ? implode(" ", $joins) : '') . "\r\n WHERE \r\n " . implode(' AND ', $conditions) . "\r\n ORDER BY Listing.title\r\n LIMIT 15 \r\n "; $this->_db->setQuery($query); $rows = $this->_db->loadObjectList(); return json_encode($rows); } }
/** * Used in both Admin and Frontend controllers for listing create/edit list */ function getList($cat_ids = '', $section_id = '', $dir_id = '') { $cat_ids = cleanIntegerCommaList($cat_ids); $section_id = cleanIntegerCommaList($section_id); $dir_id = cleanIntegerCommaList($dir_id); // Get section list $query = "SELECT Section.id AS value, Section.title AS text" . "\n FROM #__sections AS Section" . "\n LEFT JOIN #__categories AS Category ON Section.id = Category.section" . "\n INNER JOIN #__jreviews_categories AS JreviewsCategory ON Category.id = JreviewsCategory.id AND JreviewsCategory.option = 'com_content'" . " WHERE (1 = 1" . (!defined('MVC_FRAMEWORK_ADMIN') ? ' AND Section.published = 1 AND Category.published = 1' : '') . (!empty($dir_id) ? "\n AND JreviewsCategory.dirid IN ({$dir_id})" : '') . (!empty($section_id) ? "\n AND Section.id IN ({$section_id})" : '') . (!empty($cat_ids) ? "\n AND Category.id IN ({$cat_ids})" : '') . ")" . "\n GROUP BY Section.id" . "\n ORDER BY Section.title"; $this->_db->setQuery($query); $sections = $this->_db->loadObjectList(); return $sections; }
function listings() { // Initialize variables $id = Sanitize::getInt($this->params, 'id'); $option = Sanitize::getString($this->params, 'option'); $view = Sanitize::getString($this->params, 'view'); $menu_id = Sanitize::getString($this->params, 'Itemid'); // Read params $cat_id = ''; $criteria_ids = ''; $in_detail_view = false; $detail_view = 1; $dir_id = Sanitize::getString($this->params, 'dir'); $section_id = Sanitize::getString($this->params, 'section'); $cat_id = Sanitize::getString($this->params, 'cat'); $extension = 'com_content'; $custom_where = null; $custom_fields = array(); $click2search_auto = false; $cache = 0; $radius = 0; $mode = 0; if (isset($this->params['module'])) { // Read module parameters $click2search_auto = Sanitize::getBool($this->params['module'], 'click2search_auto', false); $custom_where = Sanitize::getString($this->params['module'], 'custom_where'); $filter = Sanitize::getString($this->params['module'], 'filter'); $detail_view = Sanitize::getString($this->params['module'], 'detail_view', 1); $dir_id = Sanitize::getString($this->params['module'], 'dir'); $section_id = Sanitize::getString($this->params['module'], 'section'); $cat_id = Sanitize::getString($this->params['module'], 'category'); $listing_id = Sanitize::getString($this->params['module'], 'listing'); $criteria_ids = Sanitize::getString($this->params['module'], 'criteria'); $limit_results = Sanitize::getInt($this->params['module'], 'limit_results'); $mode = Sanitize::getInt($this->params['module'], 'mode', 0); $custom_fields = str_replace(" ", "", Sanitize::getString($this->Config, 'geomaps.infowindow_fields')); $custom_fields = $custom_fields != '' ? explode(",", $custom_fields) : array(); /** * 0 - Normal * 1 - GeoTargeting * 2 - Custom center and zoom */ $radius = Sanitize::getInt($this->params['module'], 'radius'); $cache = $mode == 1 ? 0 : Sanitize::getInt($this->params['module'], 'cache_map'); $custom_lat = Sanitize::getFloat($this->params['module'], 'custom_lat'); $custom_lon = Sanitize::getFloat($this->params['module'], 'custom_lon'); if ($mode == 2 && ($custom_lat == 0 || $custom_lon == 0)) { echo __t("You selected the Custom Center mode, but did not specify the coordinates."); return; } } # Prevent sql injection $token = Sanitize::getString($this->params, 'token'); $tokenMatch = 0 === strcmp($token, cmsFramework::formIntegrityToken($this->params, array('module', 'module_id', 'form', 'data'), false)); $filters = $listing_id != '' || $dir_id != '' || $section_id != '' || $cat_id != ''; if (!$filters && $id > 0 && 'article' == $view && 'com_content' == $option) { $sql = "SELECT catid FROM #__content WHERE id = " . $id; $this->_db->setQuery($sql); $cat_id_host_page = $this->_db->loadResult(); if (!empty($cat_id_host_page) && $this->Category->isJreviewsCategory($cat_id_host_page)) { $in_detail_view = true; $cat_id = $cat_id_host_page; } } $detail_view = $this->params['module']['detail_view'] = (int) ($detail_view && $in_detail_view); # Custom WHERE $tokenMatch and $custom_where and $conditions[] = $custom_where; if ($click2search_auto && isset($this->params['tag'])) { $field = 'jr_' . Sanitize::getString($this->params['tag'], 'field'); $value = Sanitize::getString($this->params['tag'], 'value'); $query = "SELECT Field.type FROM #__jreviews_fields AS Field WHERE Field.name = " . $this->quote($field); $this->_db->setQuery($query); $type = $this->_db->loadResult(); if (in_array($type, array('select', 'selectmultiple', 'checkboxes', 'radiobuttons'))) { $conditions[] = "Field.{$field} LIKE " . $this->quoteLike('*' . $value . '*'); } else { $conditions[] = "Field.{$field} = " . $this->quote($value); } } # Category auto detect if (isset($this->params['module']) && Sanitize::getInt($this->params['module'], 'cat_auto') && $extension == 'com_content') { $ids = CommonController::_discoverIDs($this); extract($ids); } $autodetect = compact('dir_id', 'section_id', 'cat_id'); // Check for cached version if cache enabled if ($cache) { $params = array(); foreach ($this->params as $key => $value) { if ((!is_array($value) || $key == 'module') && !in_array($key, array('page', 'limit', 'order', 'Itemid'))) { $params[$key] = $value; } } $cache_key = array_merge($params, $autodetect, Sanitize::getVar($this->params, 'tag', array())); $json_filename = 'geomaps_' . md5(serialize($cache_key)) . '.json'; $json_data = S2Cache::read($json_filename); if ($json_data && $json_data != '') { $this->set('json_data', $json_data); S2Cache::write($json_filename, $json_data); return $this->render('modules', 'geomaps'); } } $this->Listing->fields = array('Listing.id AS `Listing.listing_id`', 'Listing.title AS `Listing.title`', 'Listing.images AS `Listing.images`', 'CASE WHEN CHAR_LENGTH(Listing.alias) THEN Listing.alias ELSE "" END AS `Listing.slug`', 'Category.id AS `Listing.cat_id`', 'CASE WHEN CHAR_LENGTH(Category.alias) THEN Category.alias ELSE Category.title END AS `Category.slug`', 'Listing.sectionid AS `Listing.section_id`', 'JreviewsCategory.criteriaid AS `Criteria.criteria_id`', 'JreviewsCategory.dirid AS `Directory.dir_id`', 'JreviewsCategory.marker_icon AS `Geomaps.icon`', 'Field.featured AS `Listing.featured`', 'Totals.user_rating AS `Review.user_rating`', 'Totals.user_rating_count AS `Review.user_rating_count`', 'Totals.editor_rating AS `Review.editor_rating`', 'Totals.editor_rating_count AS `Review.editor_rating_count`', "Field.{$this->jr_lat} `Geomaps.lat`", "Field.{$this->jr_lon} `Geomaps.lon`", 'ListingType.state AS `Criteria.state`', 'ListingType.config AS `ListingType.config`'); if ($custom_lon != '' and $custom_lat != '') { $this->set('CustomCenter', array('lon' => $custom_lon, 'lat' => $custom_lat)); } // Geo Targeting OR Custom Center modes if ($mode == 1 || $mode == 2) { if ($mode == 1) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'http://www.geoplugin.net/php.gp?ip=' . s2GetIpAddress()); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); $geoData = unserialize(curl_exec($ch)); curl_close($ch); if (!empty($geoData) && isset($geoData['geoplugin_latitude']) && $geoData['geoplugin_latitude'] != '' && $geoData['geoplugin_longitude'] != '') { $center = array('lon' => $geoData['geoplugin_longitude'], 'lat' => $geoData['geoplugin_latitude']); } $this->set('geoLocation', $geoData); } if ($mode == 2) { $center = array('lon' => $custom_lon, 'lat' => $custom_lat); } if (!empty($center) && $radius > 0) { $distanceIn = Sanitize::getString($this->Config, 'geomaps.radius_metric', 'mi'); $degreeDistance = $distanceIn == 'mi' ? 69.172 : 40076 / 360; // Send center coordinates to theme $this->set('GeomapsCenter', $center); $lat_range = $radius / $degreeDistance; $lon_range = $radius / abs(cos($center['lat'] * pi() / 180) * $degreeDistance); $min_lat = $center['lat'] - $lat_range; $max_lat = $center['lat'] + $lat_range; $min_lon = $center['lon'] - $lon_range; $max_lon = $center['lon'] + $lon_range; $squareArea = "`Field`.{$this->jr_lat} BETWEEN {$min_lat} AND {$max_lat} AND `Field`.{$this->jr_lon} BETWEEN {$min_lon} AND {$max_lon}"; $conditions[] = $squareArea; } } // Create marker_icons array $marker_icons = array(); $icon_fields = array(); $field_images = array(); $query = "SELECT DISTINCT marker_icon FROM #__jreviews_categories WHERE marker_icon != ''"; $this->_db->setQuery($query); $icon_rows = $this->_db->loadAssocList(); foreach ($icon_rows as $icons) { $icon = (array) json_decode($icons['marker_icon']); if ($icon['field'] != '') { $icon_fields[$icon['field']] = "'" . $icon['field'] . "'"; } } if (!empty($icon_fields)) { foreach ($icon_fields as $field_key => $field) { if (substr($field_key, 0, 3) == 'jr_') { $this->Listing->fields[] = "Field.{$field_key} AS `Field.{$field_key}`"; } } } if (!empty($custom_fields)) { foreach ($custom_fields as $field) { $this->Listing->fields[] = "Field.{$field} AS `Field.{$field}`"; } } $this->Listing->joins = array("LEFT JOIN #__categories AS Category ON Listing.catid = Category.id", 'ParentCategory' => "LEFT JOIN #__categories AS ParentCategory ON Category.lft BETWEEN ParentCategory.lft AND ParentCategory.rgt", "LEFT JOIN #__jreviews_listing_totals AS Totals ON Totals.listing_id = Listing.id AND Totals.extension = 'com_content'", "LEFT JOIN #__jreviews_content AS `Field` ON Field.contentid = Listing.id", "INNER JOIN #__jreviews_categories AS JreviewsCategory ON Listing.catid = JreviewsCategory.id AND JreviewsCategory.`option` = 'com_content'", "LEFT JOIN #__jreviews_criteria AS ListingType ON JreviewsCategory.criteriaid = ListingType.id", "LEFT JOIN #__jreviews_directories AS Directory ON JreviewsCategory.dirid = Directory.id"); // Don't regroup the results by model name keys to save time $this->Listing->primaryKey = false; # Set conditionals based on configuration parameters if ($detail_view) { $conditions[] = 'Listing.id = ' . $id; } if (!empty($cat_id)) { $conditions[] = $this->cmsVersion == CMS_JOOMLA15 ? 'Listing.catid IN (' . cleanIntegerCommaList($cat_id) . ')' : 'ParentCategory.id IN (' . cleanIntegerCommaList($cat_id) . ')'; } if ($this->cmsVersion == CMS_JOOMLA15) { unset($this->Listing->joins['ParentCategory']); } empty($cat_id) and !empty($section_id) and $conditions[] = 'Listing.sectionid IN (' . cleanIntegerCommaList($section_id) . ')'; empty($cat_id) and !empty($dir_id) and $conditions[] = 'JreviewsCategory.dirid IN (' . cleanIntegerCommaList($dir_id) . ')'; empty($cat_id) and !empty($criteria_id) and $conditions[] = 'JreviewsCategory.criteriaid IN (' . cleanIntegerCommaList($criteria_id) . ')'; if ($listing_id) { $conditions[] = 'Listing.id IN (' . $listing_id . ')'; } if ($filter == 'featured' && !$detail_view) { $conditions[] = 'Field.featured = 1'; } $conditions[] = "Field.{$this->jr_lat} <> ''"; $conditions[] = "Field.{$this->jr_lon} <> ''"; $conditions = array_merge($conditions, array('Listing.state = 1', '( Listing.publish_up = "' . NULL_DATE . '" OR DATE(Listing.publish_up) <= DATE("' . _CURRENT_SERVER_TIME . '") )', '( Listing.publish_down = "' . NULL_DATE . '" OR DATE(Listing.publish_down) >= DATE("' . _CURRENT_SERVER_TIME . '") )')); if ($this->cmsVersion == CMS_JOOMLA15) { // $conditions[] = 'Section.access <= ' . $this->Access->getAccessId(); $conditions[] = 'Category.access <= ' . $this->Access->getAccessId(); $conditions[] = 'Listing.access <= ' . $this->Access->getAccessId(); } else { $conditions[] = 'Category.access IN (' . $this->Access->getAccessLevels() . ')'; $conditions[] = 'Listing.access IN (' . $this->Access->getAccessLevels() . ')'; } // Paid Listings - add plan cat id isset($this->PaidListings) and $this->PaidListings->applyBeforeFindListingChanges($this->Listing); $listings = $this->Listing->findAll(array('conditions' => $conditions, 'limit' => $limit_results), array()); $custom_fields = array_filter(array_merge($custom_fields, array_keys($icon_fields))); $fieldOptionValues = array(); // Extract custom field values to avoid loading all options for each fields // It's a trade-off between that and doing a foreach on all listings foreach ($listings as $key => $row) { $listings[$key]['Criteria']['state'] = $row['Criteria.state']; $listings[$key]['ListingType']['config'] = json_decode($row['ListingType.config'], true); unset($listings[$key]['Criteria.state'], $listings[$key]['ListingType.config']); foreach ($custom_fields as $field) { $optionValue = Sanitize::getVar($row, 'Field.' . $field); if ($optionValue != '' && $optionValue != '**') { $fieldOptionValues = array_merge($fieldOptionValues, array_filter(explode('*', $optionValue))); } } } $fields = $this->Field->getFields($custom_fields, 'listing', $fieldOptionValues); $json_data = $this->Geomaps->makeJsonObject($listings, $fields, $this->params['module']); $this->set('json_data', $json_data); if ($cache) { S2Cache::write($json_filename, $json_data); } return $this->render('modules', 'geomaps'); }
function index() { /* if($this->_user->id === 0) { $this->cacheAction = Configure::read('Cache.expires'); }*/ // Required for ajax pagination to remember module settings $ids = $conditions = $joins = $order = $having = array(); $module_id = Sanitize::getInt($this->params, 'module_id', Sanitize::getInt($this->data, 'module_id')); if (!isset($this->params['module'])) { $this->params['module'] = array(); } // For direct calls to the controller # Find the correct set of params to use if ($this->ajaxRequest && Sanitize::getInt($this->params, 'listing_id')) { $this->params['module'] = array_merge($this->params['module'], $this->__processListingTypeWidgets($conditions)); } elseif ($this->ajaxRequest && empty($this->params['module']) && $module_id) { $query = "SELECT params FROM #__modules WHERE id = " . $module_id; $this->_db->setQuery($query); $this->params['module'] = stringToArray($this->_db->loadResult()); } if ($this->abort) { return $this->ajaxResponse('', false); } # Read module parameters $dir_id = Sanitize::getString($this->params['module'], 'dir'); $section_id = Sanitize::getString($this->params['module'], 'section'); $cat_id = Sanitize::getString($this->params['module'], 'category'); $listing_id = Sanitize::getString($this->params['module'], 'listing'); $created_by = Sanitize::getString($this->params['module'], 'owner'); $criteria_id = Sanitize::getString($this->params['module'], 'criteria'); $limit = Sanitize::getInt($this->params['module'], 'module_limit', 5); $total = min(50, Sanitize::getInt($this->params['module'], 'module_total', 10)); $extension = Sanitize::getString($this->params['module'], 'extension'); $extension = $extension != '' ? $extension : 'com_content'; $sort = Sanitize::getString($this->params['module'], 'listing_order'); if (in_array($sort, array('random', 'featuredrandom'))) { srand((double) microtime() * 1000000); $this->params['rand'] = rand(); } # Prevent sql injection $token = Sanitize::getString($this->params, 'token'); $tokenMatch = 0 === strcmp($token, cmsFramework::formIntegrityToken($this->params, array('module', 'module_id', 'form', 'data'), false)); isset($this->params['module']) and $this->viewSuffix = Sanitize::getString($this->params['module'], 'tmpl_suffix'); if (isset($this->Listing)) { $this->Listing->_user = $this->_user; // This parameter determines the module mode $custom_order = Sanitize::getString($this->params['module'], 'custom_order'); $custom_where = Sanitize::getString($this->params['module'], 'custom_where'); if ($extension != 'com_content' && in_array($sort, array('topratededitor', 'featuredrandom', 'rhits'))) { echo "You have selected the {$sort} mode which is not supported for components other than com_content. Please read the tooltips in the module parameters for more info on allowed settings."; return; } # Category auto detect if (Sanitize::getInt($this->params['module'], 'cat_auto') && $extension == 'com_content') { $ids = CommonController::_discoverIDs($this); extract($ids); } # Set conditionals based on configuration parameters if ($extension == 'com_content') { // Perform tag replacement for listing_id to allow for related listing queries if (Sanitize::getString($this->params, 'view') == 'article' && $custom_where != '') { $curr_listing_id = Sanitize::getInt($this->params, 'id'); $custom_where = str_replace('{listing_id}', $curr_listing_id, $custom_where); } // Only works for core articles $conditions = array_merge($conditions, array('Listing.state = 1', '( Listing.publish_up = "' . NULL_DATE . '" OR DATE(Listing.publish_up) <= DATE("' . _CURRENT_SERVER_TIME . '") )', '( Listing.publish_down = "' . NULL_DATE . '" OR DATE(Listing.publish_down) >= DATE("' . _CURRENT_SERVER_TIME . '") )')); if ($this->cmsVersion == CMS_JOOMLA15) { // $conditions[] = 'Section.access <= ' . $this->Access->getAccessId(); $conditions[] = 'Category.access <= ' . $this->Access->getAccessId(); $conditions[] = 'Listing.access <= ' . $this->Access->getAccessId(); } else { $conditions[] = 'Category.access IN (' . $this->Access->getAccessLevels() . ')'; $conditions[] = 'Listing.access IN (' . $this->Access->getAccessLevels() . ')'; } // Remove unnecessary fields from model query $this->Listing->modelUnbind(array('Listing.fulltext AS `Listing.description`', 'Listing.metakey AS `Listing.metakey`', 'Listing.metadesc AS `Listing.metadesc`', 'User.email AS `User.email`')); if (!empty($cat_id)) { $conditions[] = $this->cmsVersion == CMS_JOOMLA15 ? 'Listing.catid IN (' . cleanIntegerCommaList($cat_id) . ')' : 'ParentCategory.id IN (' . cleanIntegerCommaList($cat_id) . ')'; } else { unset($this->Listing->joins['ParentCategory']); } empty($cat_id) and !empty($section_id) and $conditions[] = 'Listing.sectionid IN (' . cleanIntegerCommaList($section_id) . ')'; empty($cat_id) and !empty($dir_id) and $conditions[] = 'JreviewsCategory.dirid IN (' . cleanIntegerCommaList($dir_id) . ')'; empty($cat_id) and !empty($criteria_id) and $conditions[] = 'JreviewsCategory.criteriaid IN (' . cleanIntegerCommaList($criteria_id) . ')'; } else { if (Sanitize::getInt($this->params['module'], 'cat_auto') && method_exists($this->Listing, 'catUrlParam')) { if ($cat_id = Sanitize::getInt($this->passedArgs, $this->Listing->catUrlParam())) { $conditions[] = 'JreviewsCategory.id IN (' . cleanIntegerCommaList($cat_id) . ')'; } } elseif ($cat_id) { $conditions[] = 'JreviewsCategory.id IN (' . cleanIntegerCommaList($cat_id) . ')'; } } $listing_id and $conditions[] = "Listing.{$this->Listing->realKey} IN (" . cleanIntegerCommaList($listing_id) . ")"; switch ($sort) { case 'random': $order[] = 'RAND(' . $this->params['rand'] . ')'; break; case 'featured': $conditions[] = 'Field.featured = 1'; break; case 'featuredrandom': $conditions[] = 'Field.featured = 1'; $order[] = 'RAND(' . $this->params['rand'] . ')'; break; case 'topratededitor': // $conditions[] = 'Totals.editor_rating > 0'; $sort = 'editor_rating'; break; // Editor rating sorting options dealt with in the Listing->processSorting method } # Custom WHERE $tokenMatch and $custom_where and $conditions[] = $custom_where; # Filtering options $having = array(); // Listings submitted in the past x days $entry_period = Sanitize::getInt($this->params['module'], 'filter_listing_period'); if ($entry_period > 0 && $this->Listing->dateKey) { $conditions[] = "Listing.{$this->Listing->dateKey} >= DATE_SUB('" . _CURRENT_SERVER_TIME . "', INTERVAL {$entry_period} DAY)"; } // Listings with reviews submitted in past x days $review_period = Sanitize::getInt($this->params['module'], 'filter_review_period'); if ($review_period > 0) { $conditions[] = "Review.created >= DATE_SUB(CURDATE(), INTERVAL {$review_period} DAY)"; $joins[] = 'LEFT JOIN #__jreviews_comments AS Review ON Listing.' . $this->Listing->realKey . ' = Review.pid'; } // Listings with review count higher than $filter_review_count = Sanitize::getInt($this->params['module'], 'filter_review_count'); $filter_review_count > 0 and $conditions[] = "Totals.user_rating_count >= " . $filter_review_count; // Listings with avg rating higher than $filter_avg_rating = Sanitize::getFloat($this->params['module'], 'filter_avg_rating'); $filter_avg_rating > 0 and $conditions[] = 'Totals.user_rating >= ' . $filter_avg_rating; $this->Listing->group = array(); // Exlude listings without ratings from the results $join_direction = in_array($sort, array('rating', 'rrating', 'topratededitor', 'reviews')) ? 'INNER' : 'LEFT'; $this->Listing->joins['Total'] = "{$join_direction} JOIN #__jreviews_listing_totals AS Totals ON Totals.listing_id = Listing.{$this->Listing->realKey} AND Totals.extension = " . $this->quote($extension); # Modify query for correct ordering. Change FIELDS, ORDER BY and HAVING BY directly in Listing Model variables if ($tokenMatch and $custom_order) { $this->Listing->order[] = $custom_order; } elseif (empty($order) && $extension == 'com_content') { $this->Listing->processSorting('module', $sort); // Modifies Listing model order var directly } elseif (empty($order) && ($order = $this->__processSorting($sort))) { $order = array($order); } $fields = array('Totals.user_rating AS `Review.user_rating`', 'Totals.user_rating_count AS `Review.user_rating_count`', 'Totals.user_comment_count AS `Review.review_count`', 'Totals.editor_rating AS `Review.editor_rating`', 'Totals.editor_rating_count AS `Review.editor_rating_count`', 'Totals.editor_comment_count AS `Review.editor_review_count`'); $queryData = array('fields' => !isset($this->Listing->fields['editor_rating']) ? $fields : array(), 'joins' => $joins, 'conditions' => $conditions, 'limit' => $total, 'having' => $having); isset($order) and !empty($order) and $queryData['order'] = $order; // Trigger addFields for $listing results. Checked in Everywhere model $this->Listing->addFields = true; $listings = $this->Listing->findAll($queryData); $count = count($listings); } else { $listings = array(); $count = 0; } unset($this->Listing); # Send variables to view template $this->set(array('autodetect_ids' => $ids, 'subclass' => 'listing', 'listings' => $listings, 'total' => $count, 'limit' => $limit)); $this->_completeModuleParamsArray(); $page = $this->ajaxRequest && empty($listings) ? '' : $this->render('modules', 'listings'); /* if($this->_user->id === 0 && $this->ajaxRequest) { $path = $this->here; $this->here == '/' and $path = 'home'; $cache_fname = Inflector::slug($path) . '.php'; $now = time(); $cacheTime = is_numeric($this->cacheAction) ? $now + $this->cacheAction : strtotime($this->cacheAction, $now); $fileHeader = '<!--cachetime:' . $cacheTime . '-->'; cache('views' . DS . $cache_fname, $fileHeader . $this->ajaxResponse($page,false), $this->cacheAction); }*/ return $this->ajaxRequest ? $this->ajaxResponse($page, false) : $page; }
/** * Generate Section-Category tree array * Used in advanced search module */ function categoryTree($gid, $settings) { # Check for cached version $cache_prefix = 'category_model_categorytree'; $cache_key = func_get_args(); if ($cache = S2cacheRead($cache_prefix, $cache_key)) { return $cache; } # Get module parameters $module_id = Sanitize::getInt($settings, 'module_id'); $criteria_id = cleanIntegerCommaList(Sanitize::getString($settings['module'], 'criteria_id')); $dir_id = cleanIntegerCommaList(Sanitize::getString($settings['module'], 'dir_id')); $section_id = cleanIntegerCommaList(Sanitize::getString($settings['module'], 'section_id')); $category_id = cleanIntegerCommaList(Sanitize::getString($settings['module'], 'cat_id')); $cat_order_alpha = Sanitize::getInt($settings['module'], 'cat_order_alpha', 1); $section_title = Sanitize::getString($settings['module'], 'section_title', 1); $section_bg = Sanitize::getString($settings['module'], 'section_bg', '#CCCCCC'); $category_bg = Sanitize::getString($settings['module'], 'category_bg', '#FFFFFF'); $section_color = Sanitize::getString($settings['module'], 'section_color', '#000000'); $category_color = Sanitize::getString($settings['module'], 'category_color', '#000000'); $option_length = Sanitize::getInt($settings['module'], 'option_length', ''); $cat_auto = Sanitize::getInt($settings['module'], 'cat_auto'); # Selected categories and sections $selOption = explode('_', Sanitize::getString($settings, 'cat')); $cat_auto and is_numeric($category_id) and $selOption = array($category_id); $selSection = Sanitize::getString($settings, 'section'); $cat_auto and is_numeric($section_id) and $selSection = $section_id; $order = array(); $conditions = array(); $order[] = $cat_order_alpha ? "Section.title ASC" : "Section.ordering ASC"; $order[] = $cat_order_alpha ? "Category.title ASC" : "Category.ordering ASC"; if (!$section_id && $dir_id) { $conditions[] = "JreviewCategory.dirid IN ({$dir_id})"; } if (!$section_id && $criteria_id) { $conditions[] = "JreviewCategory.criteriaid IN ({$criteria_id})"; } if ($section_id) { $conditions[] = "Category.section IN ({$section_id})"; } elseif ($category_id) { $conditions[] = "Category.section IN (SELECT section FROM #__categories WHERE id IN ({$category_id}))"; } $conditions[] = "Category.published = 1"; $conditions[] = "Category.access <= '" . $gid . "'"; $conditions[] = "JreviewCategory.option = 'com_content'"; if ($cat_auto && $section_id == '' && $category_id == '' && $criteria_id == '' && $dir_id == '') { array_pop($order); $query = "SELECT DISTINCT Category.section AS sectionid," . ($option_length > 0 ? "\n CONCAT(SUBSTR(Section.title,1," . $option_length . "),'...') AS section" : "\n Section.title AS section") . "\n FROM #__jreviews_categories AS JreviewCategory" . "\n LEFT JOIN #__categories AS Category ON Category.id = JreviewCategory.id" . "\n LEFT JOIN #__sections AS Section ON Category.section = Section.id" . "\n WHERE " . implode(" AND \n", $conditions) . "\n ORDER BY " . implode(",", $order); } else { $query = "SELECT Category.id AS catid, Category.section AS sectionid," . ($option_length > 0 ? "\n CONCAT(SUBSTR(Category.title,1," . $option_length . "),'...') AS category," : "\n Category.title AS category,") . ($option_length > 0 ? "\n CONCAT(SUBSTR(Section.title,1," . $option_length . "),'...') AS section" : "\n Section.title AS section") . "\n FROM #__jreviews_categories AS JreviewCategory" . "\n LEFT JOIN #__categories AS Category ON Category.id = JreviewCategory.id" . "\n LEFT JOIN #__sections AS Section ON Category.section = Section.id" . "\n WHERE " . implode(" AND \n", $conditions) . "\n ORDER BY " . implode(",", $order); } $this->_db->setQuery($query); $options = $this->_db->loadObjectList(); $selSection > 0 and array_push($selOption, 's' . $selSection); // Start building section/category select list $categoryList = array(); $categoryList[] = '<select name="data[categories]" id="jr_advSearchCategories' . $module_id . '">'; $categoryList[] = '<option value="">' . __t("Select Category", true) . '</option>'; isset($options[0]) and $prevSection = $options[0]->sectionid; if ($options) { foreach ($options as $key => $option) { $selected = ''; if ($option->sectionid == $prevSection && $key > 0 || !$section_title) { // Add categories if (in_array($option->catid, $selOption)) { $selected = 'selected="selected"'; } isset($option->catid) and $categoryList[] = '<option value="' . $option->catid . '" style="color:' . $category_color . ';background-color:' . $category_bg . '" ' . $selected . '> ' . stripslashes($option->category) . '</option>'; } else { // Add section in_array('s' . $option->sectionid, $selOption) and $selected = 'selected="selected"'; $categoryList[] = '<option value="s' . $option->sectionid . '" style="font-weight:bold;color:' . $section_color . ';background-color:' . $section_bg . ';" ' . $selected . '>' . stripslashes($option->section) . '</option>'; $selected = ''; if (isset($option->catid)) { in_array($option->catid, $selOption) and $selected = 'selected="selected"'; $categoryList[] = '<option value="' . $option->catid . '" style="color:' . $category_color . ';background-color:' . $category_bg . '" ' . $selected . '> ' . stripslashes($option->category) . '</option>'; } } $prevSection = $option->sectionid; } } $categoryList[] = '</select>'; $categorySelect = implode("\n", $categoryList); # Send to cache S2cacheWrite($cache_prefix, $cache_key, $categorySelect); return $categorySelect; }
/** * Used in modules * * @param mixed $param * @return string */ function makeModParamsUsable($param) { if (empty($param)) { return null; } $urlSeparator = "_"; return cleanIntegerCommaList(str_replace($urlSeparator, ",", urldecode($param))); }
function index() { /* if($this->_user->id === 0) { $this->cacheAction = Configure::read('Cache.expires'); } */ $this->EverywhereAfterFind = true; // Triggers the afterFind in the Observer Model if (!isset($this->params['module'])) { $this->params['module'] = array(); } // For direct calls to the controller $module_id = Sanitize::getInt($this->params, 'module_id', Sanitize::getInt($this->data, 'module_id')); if (empty($this->params)) { $query = "SELECT params FROM #__modules WHERE id = " . $module_id; $this->_db->setQuery($query); $this->params['module'] = stringToArray($this->_db->loadResult()); } $ids = $conditions = $joins = $order = array(); # Read module parameters $extension = Sanitize::getString($this->params['module'], 'extension'); $reviews_type = Sanitize::getString($this->params['module'], 'reviews_type'); $custom_where = Sanitize::getString($this->params['module'], 'custom_where'); $cat_id = Sanitize::getString($this->params['module'], 'category'); $listing_id = Sanitize::getString($this->params['module'], 'listing'); $limit = Sanitize::getInt($this->params['module'], 'module_limit', 5); $total = min(50, Sanitize::getInt($this->params['module'], 'module_total', 10)); if ($extension == 'com_content') { $dir_id = Sanitize::getString($this->params['module'], 'dir'); $section_id = Sanitize::getString($this->params['module'], 'section'); $criteria_id = Sanitize::getString($this->params['module'], 'criteria'); } else { $dir_id = null; $section_id = null; $criteria_id = null; } # Prevent sql injection $token = Sanitize::getString($this->params, 'token'); $tokenMatch = 0 === strcmp($token, cmsFramework::formIntegrityToken($this->params, array('module', 'module_id', 'form', 'data'), false)); isset($this->params['module']) and $this->viewSuffix = Sanitize::getString($this->params['module'], 'tmpl_suffix'); // This parameter determines the module mode $sort = Sanitize::getString($this->params['module'], 'reviews_order'); if (in_array($sort, array('random'))) { srand((double) microtime() * 1000000); $this->params['rand'] = rand(); } # Category auto detect if (Sanitize::getInt($this->params['module'], 'cat_auto') && $extension == 'com_content') { $ids = CommonController::_discoverIDs($this); extract($ids); } $extension != '' and $conditions[] = "Review.mode = " . $this->quote($extension); # Set conditionals based on configuration parameters if ($extension == 'com_content') { $conditions = array_merge($conditions, array('Listing.state = 1', '( Listing.publish_up = "' . NULL_DATE . '" OR DATE(Listing.publish_up) <= DATE("' . _CURRENT_SERVER_TIME . '") )', '( Listing.publish_down = "' . NULL_DATE . '" OR DATE(Listing.publish_down) >= DATE("' . _CURRENT_SERVER_TIME . '") )')); if ($this->cmsVersion == CMS_JOOMLA15) { // $conditions[] = 'Section.access <= ' . $this->Access->getAccessId(); $conditions[] = 'Category.access <= ' . $this->Access->getAccessId(); $conditions[] = 'Listing.access <= ' . $this->Access->getAccessId(); } else { $conditions[] = 'Category.access IN (' . $this->Access->getAccessLevels() . ')'; $conditions[] = 'Listing.access IN ( ' . $this->Access->getAccessLevels() . ')'; } if (!empty($cat_id)) { if ($this->cmsVersion == CMS_JOOMLA15) { $conditions[] = 'Listing.catid IN (' . cleanIntegerCommaList($cat_id) . ')'; } else { $this->Review->joins['ParentCategory'] = "LEFT JOIN #__categories AS ParentCategory ON Category.lft BETWEEN ParentCategory.lft AND ParentCategory.rgt"; $conditions[] = 'ParentCategory.id IN (' . cleanIntegerCommaList($cat_id) . ')'; } } empty($cat_id) and !empty($section_id) and $conditions[] = 'Listing.sectionid IN (' . cleanIntegerCommaList($section_id) . ')'; empty($cat_id) and !empty($dir_id) and $conditions[] = 'JreviewsCategory.dirid IN (' . cleanIntegerCommaList($dir_id) . ')'; empty($cat_id) and !empty($criteria_id) and $conditions[] = 'JreviewsCategory.criteriaid IN (' . cleanIntegerCommaList($criteria_id) . ')'; } else { if (Sanitize::getInt($this->params['module'], 'cat_auto') && isset($this->Listing) && method_exists($this->Listing, 'catUrlParam')) { if ($cat_id = Sanitize::getInt($this->passedArgs, $this->Listing->catUrlParam())) { $conditions[] = 'JreviewsCategory.id IN (' . $cat_id . ')'; } } elseif ($cat_id) { $conditions[] = 'JreviewsCategory.id IN (' . cleanIntegerCommaList($cat_id) . ')'; } } $listing_id and $conditions[] = "Review.pid IN ( " . cleanIntegerCommaList($listing_id) . ")"; $conditions[] = 'Review.published > 0'; switch ($sort) { case 'latest': $order[] = $this->Review->processSorting('rdate'); break; case 'helpful': $order[] = $this->Review->processSorting('helpful'); break; case 'random': $order[] = 'RAND(' . $this->params['rand'] . ')'; break; default: $order[] = $this->Review->processSorting('rdate'); break; } switch ($reviews_type) { case 'all': break; case 'user': $conditions[] = 'Review.author = 0'; break; case 'editor': $conditions[] = 'Review.author = 1'; break; } # Custom WHERE $tokenMatch and $custom_where and $conditions[] = $custom_where; $queryData = array('joins' => $joins, 'conditions' => $conditions, 'order' => $order, 'limit' => $total); # Don't run it here because it's run in the Everywhere Observer Component $this->Review->runProcessRatings = false; // Excludes listing owner info in Everywhere component $this->Review->controller = 'module_reviews'; $reviews = $this->Review->findAll($queryData); $count = count($reviews); # Send variables to view template $this->set(array('autodetect_ids' => $ids, 'reviews' => $reviews, 'total' => $count, 'limit' => $limit)); $this->_completeModuleParamsArray(); $page = $this->ajaxRequest && empty($reviews) ? '' : $this->render('modules', 'reviews'); /* if($this->_user->id === 0 && $this->ajaxRequest) { $path = $this->here; $this->here == '/' and $path = 'home'; $cache_fname = Inflector::slug($path) . '.php'; $now = time(); $cacheTime = is_numeric($this->cacheAction) ? $now + $this->cacheAction : strtotime($this->cacheAction, $now); $fileHeader = '<!--cachetime:' . $cacheTime . '-->'; cache('views' . DS . $cache_fname, $fileHeader . $this->ajaxResponse($page,false), $this->cacheAction); }*/ return $this->ajaxRequest ? $this->ajaxResponse($page, false) : $page; }
function index() { $this->EverywhereAfterFind = true; // Triggers the afterFind in the Observer Model if (!isset($this->params['module'])) { $this->params['module'] = array(); } // For direct calls to the controller // Required for ajax pagination to remember module settings $Session = RegisterClass::getInstance('MvcSession'); $module_id = Sanitize::getInt($this->params, 'module_id', Sanitize::getInt($this->data, 'module_id')); if ($this->ajaxRequest) { $this->params = $Session->get('module_params' . $module_id, null, S2Paths::get('jreviews', 'S2_CMSCOMP')); } else { srand((double) microtime() * 1000000); $this->params['rand'] = rand(); $Session->set('module_rand' . $module_id, $this->params['rand'], S2Paths::get('jreviews', 'S2_CMSCOMP')); $Session->set('module_params' . $module_id, $this->params, S2Paths::get('jreviews', 'S2_CMSCOMP')); } # Prevent sql injection $token = Sanitize::getString($this->params, 'token'); $tokenMatch = 0 === strcmp($token, cmsFramework::formIntegrityToken($this->params, array('module', 'module_id', 'form', 'data'), false)); $this->viewSuffix = Sanitize::getString($this->params['module'], 'tmpl_suffix'); $conditions = array(); $joins = array(); $order = array(); # Read module parameters $extension = Sanitize::getString($this->params['module'], 'extension'); $reviews_type = Sanitize::getString($this->params['module'], 'reviews_type'); $custom_where = Sanitize::getString($this->params['module'], 'custom_where'); $cat_id = Sanitize::getString($this->params['module'], 'category'); $listing_id = Sanitize::getString($this->params['module'], 'listing'); if ($extension == 'com_content') { $dir_id = Sanitize::getString($this->params['module'], 'dir'); $section_id = Sanitize::getString($this->params['module'], 'section'); $criteria_id = Sanitize::getString($this->params['module'], 'criteria'); } else { $dir_id = null; $section_id = null; $criteria_id = null; } // This parameter determines the module mode $sort = Sanitize::getString($this->params['module'], 'reviews_order'); # Category auto detect if (Sanitize::getInt($this->params['module'], 'cat_auto') && $extension == 'com_content') { $ids = CommonController::_discoverIDs($this); extract($ids); } $extension != '' and $conditions[] = "Review.mode = " . $this->quote($extension); # Set conditionals based on configuration parameters if ($extension == 'com_content') { $conditions = array_merge($conditions, array('Listing.state = 1', '( Listing.publish_up = "' . NULL_DATE . '" OR DATE(Listing.publish_up) <= DATE("' . _CURRENT_SERVER_TIME . '") )', '( Listing.publish_down = "' . NULL_DATE . '" OR DATE(Listing.publish_down) >= DATE("' . _CURRENT_SERVER_TIME . '") )', 'Listing.access <= ' . $this->_user->gid)); $cat_id != '' and $conditions[] = 'Listing.catid IN (' . cleanIntegerCommaList($cat_id) . ')'; $cat_id == '' and $section_id != '' and $conditions[] = 'Listing.sectionid IN (' . cleanIntegerCommaList($section_id) . ')'; $cat_id == '' and $dir_id != '' and $conditions[] = 'JreviewsCategory.dirid IN (' . cleanIntegerCommaList($dir_id) . ')'; $cat_id == '' and $criteria_id != '' and $conditions[] = 'JreviewsCategory.criteriaid IN (' . cleanIntegerCommaList($criteria_id) . ')'; } else { if (Sanitize::getInt($this->params['module'], 'cat_auto') && isset($this->Listing) && method_exists($this->Listing, 'catUrlParam')) { if ($cat_id = Sanitize::getInt($this->passedArgs, $this->Listing->catUrlParam())) { $conditions[] = 'JreviewsCategory.id IN (' . $cat_id . ')'; } } elseif ($cat_id) { $conditions[] = 'JreviewsCategory.id IN (' . cleanIntegerCommaList($cat_id) . ')'; } } $listing_id and $conditions[] = "Review.pid IN ( " . cleanIntegerCommaList($listing_id) . ")"; $conditions[] = 'Review.published > 0'; switch ($sort) { case 'latest': $order[] = $this->Review->processSorting('rdate'); break; case 'helpful': $order[] = $this->Review->processSorting('helpful'); break; case 'random': $order[] = 'RAND(' . $this->params['rand'] . ')'; break; default: $order[] = $this->Review->processSorting('rdate'); break; } switch ($reviews_type) { case 'all': break; case 'user': $conditions[] = 'Review.author = 0'; break; case 'editor': $conditions[] = 'Review.author = 1'; break; } # Custom WHERE $tokenMatch and $custom_where and $conditions[] = $custom_where; $queryData = array('joins' => $joins, 'conditions' => $conditions, 'order' => $order, 'limit' => $this->module_limit, 'offset' => $this->module_offset); # Don't run it here because it's run in the Everywhere Observer Component $this->Review->runProcessRatings = false; // Excludes listing owner info in Everywhere component $this->Review->controller = 'module_reviews'; $reviews = $this->Review->findAll($queryData); if (Sanitize::getInt($this->params['module'], 'ajax_nav', 1)) { unset($queryData['order']); $count = $this->Review->findCount($queryData, 'DISTINCT Review.id'); } else { $count = $this->module_limit; } # Send variables to view template $this->set(array('Access' => $this->Access, 'User' => $this->_user, 'reviews' => $reviews, 'total' => $count)); $page = $this->render('modules', 'reviews'); if ($this->ajaxRequest) { return $this->ajaxResponse($page, false); } else { return $page; } }
function listings() { if (Sanitize::getString($this->params, 'action') == 'xml') { $access = $this->cmsVersion == CMS_JOOMLA15 ? $this->Access->getAccessId() : $this->Access->getAccessLevels(); $feed_filename = PATH_ROOT . 'cache' . DS . 'jreviewsfeed_' . md5($access . $this->here) . '.xml'; $this->Feeds->useCached($feed_filename, 'listings'); } $this->name = 'categories'; // Required for assets helper if ($this->_user->id === 0 && ($this->action != 'search' || $this->action == 'search' && Sanitize::getVar($this->params, 'tag') != '')) { $this->cacheAction = Configure::read('Cache.expires'); } $this->autoRender = false; $action = Sanitize::paranoid($this->action); $dir_id = str_replace(array('_', ' '), array(',', ''), Sanitize::getString($this->params, 'dir')); $section_id = Sanitize::getString($this->params, 'section'); $cat_id = Sanitize::getString($this->params, 'cat'); $criteria_id = Sanitize::getString($this->params, 'criteria'); $user_id = Sanitize::getInt($this->params, 'user', $this->_user->id); $index = Sanitize::getString($this->params, 'index'); $sort = Sanitize::getString($this->params, 'order'); if ($sort == '' && in_array($this->action, array('category', 'section', 'alphaindex', 'search', 'custom'))) { $sort = Sanitize::getString($this->Config, 'list_order_field'); } $sort == '' and $sort = Sanitize::getString($this->Config, 'list_order_default'); $menu_id = Sanitize::getInt($this->params, 'menu', Sanitize::getString($this->params, 'Itemid')); // Avoid running the listing query if in section page and listings disabled $query_listings = $this->action != 'section' || $this->action == 'section' && $this->Config->list_show_sectionlist; $total_special = Sanitize::getInt($this->data, 'total_special'); if (!in_array($this->action, array('section', 'category')) && $total_special > 0) { $total_special <= $this->limit and $this->limit = $total_special; } $listings = array(); $parent_categories = array(); $count = 0; $conditions = array(); $joins = array(); if ($action == 'category') { // Find directory and section id if ($this->cmsVersion == CMS_JOOMLA15 && ($category = $this->Category->findRow(array('conditions' => array('Category.id = ' . $cat_id))))) { $dir_id = $this->params['dir'] = $category['Category']['dir_id']; $section_id = $this->params['section'] = $category['Category']['section_id']; } elseif ($parent_categories = $this->Category->findParents($cat_id)) { $category = end($parent_categories); // This is the current category if (!$category['Category']['published'] || !$this->Access->isAuthorized($category['Category']['access'])) { echo $this->render('elements', 'login'); return; } $dir_id = $this->params['dir'] = $category['Directory']['dir_id']; $categories = $this->Category->findTree(array('cat_id' => $cat_id)); } # Override global configuration isset($category['ListingType']) and $this->Config->override($category['ListingType']['config']); $sort = Sanitize::getString($this->params, 'order', Sanitize::getString($this->Config, 'list_order_field')); $sort == '' and $sort = Sanitize::getString($this->Config, 'list_order_default'); } # Remove unnecessary fields from model query $this->Listing->modelUnbind('Listing.fulltext AS `Listing.description`'); # Get section and category database information if ($this->cmsVersion == CMS_JOOMLA15 && in_array($action, array('section', 'category'))) { $fields = array(); # Get all categories for page if ($this->Config->dir_cat_num_entries || $this->Config->dir_category_hide_empty) { $fields = array(' (SELECT count(*) FROM #__content AS Listing INNER JOIN #__jreviews_categories AS JreviewsCategory ON JreviewsCategory.id = Listing.catid AND JreviewsCategory.`option` = "com_content" WHERE Listing.sectionid = ' . $section_id . ' AND Listing.catid = Category.id AND Listing.state = 1 AND Listing.access <= ' . $this->Access->getAccessId() . ' AND ( Listing.publish_up = "' . NULL_DATE . '" OR Listing.publish_up <= "' . _CURRENT_SERVER_TIME . '" ) AND ( Listing.publish_down = "' . NULL_DATE . '" OR Listing.publish_down >= "' . _CURRENT_SERVER_TIME . '" ) ) AS `Category.listing_count` '); } $categories = $this->Category->findAll(array('fields' => $fields, 'conditions' => array('Category.section = ' . (int) $section_id, 'Category.published = 1'), 'order' => $this->Config->dir_category_order ? 'Category.title ASC' : 'Category.ordering ASC')); $category_tmp = current($categories); $dir_id = $category_tmp['Category']['dir_id']; $section = $this->Section->findRow(array('fields' => array((int) $dir_id . ' AS `Section.dir_id`'), 'conditions' => array('Section.id = ' . (int) $section_id))); # Fake the parent_categories array based on section and category isset($section) and $parent_categories[]['Category'] = $section['Section']; isset($category) and $parent_categories[]['Category'] = $category['Category']; } # Set the theme layout and suffix $this->Theming->setSuffix(array('categories' => $parent_categories)); $this->Theming->setLayout(array('categories' => $parent_categories)); if (isset($section) && !empty($section) && (!$this->Access->isAuthorized($section['Section']['access']) || !$section['Section']['published']) || $this->action == 'category' && isset($category) && !empty($category) && (!$this->Access->isAuthorized($category['Category']['access']) || !$category['Category']['published'])) { echo $this->render('elements', 'login'); return; } # Get listings # Modify and perform database query based on lisPage type if ($action == 'section' && $this->Config->list_show_sectionlist || $action != 'section') { // Build where statement switch ($action) { case 'alphaindex': // $index = isset($index{0}) ? $index{0} : ''; $conditions[] = $index == '0' ? 'Listing.title REGEXP "^[0-9]"' : 'Listing.title LIKE ' . $this->quote($index . '%'); break; } $section_id = cleanIntegerCommaList($section_id); $cat_id = cleanIntegerCommaList($cat_id); $dir_id = cleanIntegerCommaList($dir_id); $criteria_id = cleanIntegerCommaList($criteria_id); if (!empty($cat_id)) { if ($this->cmsVersion == CMS_JOOMLA15 || $this->cmsVersion != CMS_JOOMLA15 && !$this->Config->list_show_child_listings) { if ($this->cmsVersion != CMS_JOOMLA15) { $conditions[] = 'ParentCategory.id IN (' . $cat_id . ')'; } $conditions[] = 'Category.id IN (' . $cat_id . ')'; // Exclude listings from child categories } else { $conditions[] = 'ParentCategory.id IN (' . $cat_id . ')'; } } else { unset($this->Listing->joins['ParentCategory']); } empty($cat_id) and !empty($section_id) and $conditions[] = 'Listing.sectionid IN (' . $section_id . ')'; empty($cat_id) and !empty($dir_id) and $conditions[] = 'JreviewsCategory.dirid IN (' . $dir_id . ')'; empty($cat_id) and !empty($criteria_id) and $conditions[] = 'JreviewsCategory.criteriaid IN (' . $criteria_id . ')'; if ($this->action == 'mylistings' && $user_id == $this->_user->id || $this->Access->isPublisher()) { $conditions[] = 'Listing.state >= 0'; } else { $conditions[] = 'Listing.state = 1'; $conditions[] = '( Listing.publish_up = "' . NULL_DATE . '" OR Listing.publish_up <= "' . _CURRENT_SERVER_TIME . '" )'; $conditions[] = '( Listing.publish_down = "' . NULL_DATE . '" OR Listing.publish_down >= "' . _CURRENT_SERVER_TIME . '" )'; } # Shows only links users can access if ($this->cmsVersion == CMS_JOOMLA15) { // $conditions[] = 'Section.access <= ' . $this->Access->getAccessId(); $conditions[] = 'Category.access <= ' . $this->Access->getAccessId(); $conditions[] = 'Listing.access <= ' . $this->Access->getAccessId(); } else { $conditions[] = 'Category.access IN ( ' . $this->Access->getAccessLevels() . ')'; $conditions[] = 'Listing.access IN ( ' . $this->Access->getAccessLevels() . ')'; } $queryData = array('joins' => $joins, 'conditions' => $conditions, 'limit' => $this->limit, 'offset' => $this->offset); # Modify query for correct ordering. Change FIELDS, ORDER BY and HAVING BY directly in Listing Model variables if ($this->action != 'custom' || $this->action == 'custom' && empty($this->Listing->order)) { $this->Listing->processSorting($action, $sort); } // This is used in Listings model to know whether this is a list page to remove the plugin tags $this->Listing->controller = 'categories'; // Check if review scope checked in advancd search $scope = explode('_', Sanitize::getString($this->params, 'scope')); if ($this->action == 'search' && in_array('reviews', $scope)) { $queryData['joins'][] = "LEFT JOIN #__jreviews_comments AS Review ON Listing.id = Review.pid AND Review.published = 1 AND Review.mode = 'com_content'"; $queryData['group'][] = "Listing.id"; // Group By required due to one to many relationship between listings => reviews table } $query_listings and $listings = $this->Listing->findAll($queryData); # If only one result then redirect to it if ($this->Config->search_one_result && count($listings) == 1 && $this->action == 'search' && $this->page == 1) { $listing = array_shift($listings); $url = cmsFramework::makeAbsUrl($listing['Listing']['url'], array('sef' => true)); cmsFramework::redirect($url); } # Get the listing count if (in_array($action, array('section', 'category'))) { unset($queryData['joins']); $this->Listing->joins = array("INNER JOIN #__jreviews_categories AS JreviewsCategory ON Listing.catid = JreviewsCategory.id AND JreviewsCategory.`option` = 'com_content'", 'Category' => "LEFT JOIN #__categories AS Category ON JreviewsCategory.id = Category.id", 'ParentCategory' => "LEFT JOIN #__categories AS ParentCategory ON Category.lft BETWEEN ParentCategory.lft AND ParentCategory.rgt", "LEFT JOIN #__jreviews_listing_totals AS Totals ON Totals.listing_id = Listing.id AND Totals.extension = 'com_content'", "LEFT JOIN #__jreviews_content AS Field ON Field.contentid = Listing.id", "LEFT JOIN #__jreviews_directories AS Directory ON JreviewsCategory.dirid = Directory.id"); } elseif ($action != 'favorites') { unset($queryData['joins']); $this->Listing->joins = array("INNER JOIN #__jreviews_categories AS JreviewsCategory ON Listing.catid = JreviewsCategory.id AND JreviewsCategory.`option` = 'com_content'", 'Category' => "LEFT JOIN #__categories AS Category ON JreviewsCategory.id = Category.id", 'ParentCategory' => "LEFT JOIN #__categories AS ParentCategory ON Category.lft BETWEEN ParentCategory.lft AND ParentCategory.rgt", "LEFT JOIN #__jreviews_listing_totals AS Totals ON Totals.listing_id = Listing.id AND Totals.extension = 'com_content'", "LEFT JOIN #__jreviews_content AS Field ON Field.contentid = Listing.id", "LEFT JOIN #__jreviews_directories AS Directory ON JreviewsCategory.dirid = Directory.id"); if ($this->action == 'search' && in_array('reviews', $scope)) { $queryData['joins'][] = "LEFT JOIN #__jreviews_comments AS Review ON Listing.id = Review.pid AND Review.published = 1 AND Review.mode = 'com_content'"; } } if ($this->cmsVersion == CMS_JOOMLA15 || empty($cat_id)) { unset($this->Listing->joins['ParentCategory']); // Exclude listings from child categories } // Need to add user table join for author searches if (isset($this->params['author'])) { $queryData['joins'][] = "LEFT JOIN #__users AS User ON User.id = Listing.created_by"; } if ($query_listings && !isset($this->Listing->count)) { $count = $this->Listing->findCount($queryData, $this->action == 'search' && in_array('reviews', $scope) ? 'DISTINCT Listing.id' : '*'); } else { $count = $this->Listing->count; } if ($total_special > 0 && $total_special < $count) { $count = Sanitize::getInt($this->data, 'total_special'); } } # Get directory info for breadcrumb if dir id is a url parameter $directory = array(); if (is_numeric($dir_id)) { $directory = $this->Directory->findRow(array('fields' => array('Directory.id AS `Directory.dir_id`', 'Directory.title AS `Directory.slug`', 'Directory.desc AS `Directory.title`'), 'conditions' => array('Directory.id = ' . $dir_id))); } /****************************************************************** * Process page title and description *******************************************************************/ $name_choice = $this->Config->name_choice == 'alias' ? 'username' : 'name'; $page['show_title'] = 1; $page['show_description'] = 1; switch ($action) { case 'section': $menuParams = $this->Menu->getMenuParams($menu_id); $page = $section['Section']; $page['title'] = trim(Sanitize::getString($menuParams, 'title')) != '' ? Sanitize::getString($menuParams, 'title') : $section['Section']['title']; $page['show_title'] = Sanitize::getInt($this->data, 'dirtitle', 1); $page['show_description'] = 1; break; case 'category': $menuParams = $this->Menu->getMenuParams($menu_id); $page = $category['Category']; $page['title'] = trim(Sanitize::getString($menuParams, 'title')) != '' ? Sanitize::getString($menuParams, 'title') : $category['Category']['title']; $page['show_title'] = Sanitize::getInt($this->data, 'dirtitle', 1); $page['show_description'] = 1; Sanitize::getString($category['Category'], 'metadesc') == '' and $page['metadesc'] = Sanitize::htmlClean($category['Category']['description']); # Check if this is a listing submit category or disable listing submissions if (Sanitize::getInt($category['Category'], 'criteria_id') == 0) { $this->Config->list_show_addnew = 0; } break; case 'custom': $menuParams = $this->Menu->getMenuParams($menu_id); $page['top_description'] = Sanitize::getString($menuParams, 'custom_description'); $page['top_description'] = str_replace('\\n', '', $page['top_description']); $page['show_description'] = $page['top_description'] != ''; $page['show_title'] = Sanitize::getInt($menuParams, 'dirtitle'); $page['title'] = Sanitize::getString($menuParams, 'title'); if (!$page['title']) { $page['title'] = $this->Menu->getMenuName($menu_id); } break; case 'alphaindex': $title = isset($directory['Directory']) ? Sanitize::getString($directory['Directory'], 'title', '') : ''; $page['title'] = $title != '' ? $title . ' - ' . ($index == '0' ? '0-9' : $index) : ($index == '0' ? '0-9' : $index); break; case 'mylistings': if ($user_id > 0) { $user_name = $this->User->findOne(array('fields' => array('User.' . $name_choice . ' AS `User.name`'), 'conditions' => array('User.id = ' . $user_id))); } elseif ($this->_user->id > 0) { $user_name = $this->_user->{$name_choice}; } $page['title'] = sprintf(__t("Listings by %s", true), $user_name); break; case 'favorites': // Not running from CB Plugin so we change the page title if (!isset($this->Config->in_cb)) { if ($user_id > 0) { $user_name = $this->User->findOne(array('fields' => array('User.' . $name_choice . ' AS `User.name`'), 'conditions' => array('User.id = ' . $user_id))); } elseif ($this->_user->id > 0) { $user_name = $this->_user->{$name_choice}; } $page['title'] = sprintf(__t("Favorites by %s", true), $user_name); } break; case 'list': case 'search': $this->__seo_fields($page); break; case 'featured': case 'latest': case 'mostreviews': case 'popular': case 'toprated': case 'topratededitor': $menuParams = $this->Menu->getMenuParams($menu_id); $page['show_title'] = Sanitize::getInt($menuParams, 'dirtitle'); $page['title'] = Sanitize::getString($menuParams, 'title'); if (!$page['title'] && isset($this->Menu->menues[$menu_id])) { $page['title'] = $this->Menu->menues[$menu_id]->name; } break; default: $page['title'] = $this->Menu->getMenuName($menu_id); break; } // If empty unset the keys so they don't overwrite the ones set via menu if (trim(strip_tags(Sanitize::getString($page, 'description'))) == '') { unset($page['description']); } if (trim(strip_tags(Sanitize::getString($page, 'keywords'))) == '') { unset($page['keywords']); } /****************************************************************** * Generate SEO titles for re-ordered pages (most reviews, top user rated, etc.) *******************************************************************/ # Category ids to be used for ordering list $cat_ids = array(); if (in_array($action, array('search', 'category'))) { $cat_ids = $cat_id; } elseif (!empty($categories)) { $cat_ids = implode(',', array_keys($categories)); } $field_order_array = $this->Field->getOrderList($cat_ids, 'listing', $this->action, array('section', 'category', 'search', 'alphaindex')); isset($page['title']) and $page['title_seo'] = $page['title']; if (($this->action != 'search' || Sanitize::getVar($this->params, 'tag')) && isset($this->params['order']) && $sort != '') { App::import('helper', 'jreviews', 'jreviews'); $ordering_options = JreviewsHelper::orderingOptions(); $tmp_order = str_replace('rjr', 'jr', $sort); if (isset($ordering_options[$sort])) { $page['title_seo'] .= ' ' . sprintf(__t("ordered by %s", true), mb_strtolower($ordering_options[$sort], 'UTF-8')); } elseif (isset($field_order_array[$tmp_order])) { if ($sort[0] == 'r') { $page['title_seo'] .= ' ' . sprintf(__t("ordered by %s desc", true), mb_strtolower($field_order_array[$tmp_order]['text'], 'UTF-8')); } else { $page['title_seo'] .= ' ' . sprintf(__t("ordered by %s", true), mb_strtolower($field_order_array[$sort]['text'], 'UTF-8')); } } } $this->params['order'] = $sort; // This is the param read in the views so we need to update it /****************************************************************** * Set view (theme) vars *******************************************************************/ $this->set(array('Config' => $this->Config, 'Access' => $this->Access, 'User' => $this->_user, 'subclass' => 'listing', 'page' => $page, 'directory' => $directory, 'section' => isset($section) ? $section : array(), 'category' => isset($category) ? $category : array(), 'categories' => isset($categories) ? $categories : array(), 'parent_categories' => $parent_categories, 'listings' => $listings, 'pagination' => array('total' => $count))); $query_listings and $this->set('order_list', $field_order_array); /****************************************************************** * RSS Feed: caches and displays feed when xml action param is present *******************************************************************/ if (Sanitize::getString($this->params, 'action') == 'xml') { $this->Feeds->saveFeed($feed_filename, 'listings'); } echo $this->render('listings', 'listings_' . $this->tmpl_list); }
function getAccessId() { return cleanIntegerCommaList($this->_user->aid); }
function index() { // Required for ajax pagination to remember module settings $Session = RegisterClass::getInstance('MvcSession'); $module_id = Sanitize::getInt($this->params, 'module_id', Sanitize::getInt($this->data, 'module_id')); if (!isset($this->params['module'])) { $this->params['module'] = array(); } // For direct calls to the controller if ($this->ajaxRequest) { $this->params = $Session->get('module_params' . $module_id, null, S2Paths::get('jreviews', 'S2_CMSCOMP')); } else { srand((double) microtime() * 1000000); $this->params['rand'] = rand(); $Session->set('module_rand' . $module_id, $this->params['rand'], S2Paths::get('jreviews', 'S2_CMSCOMP')); $Session->set('module_params' . $module_id, $this->params, S2Paths::get('jreviews', 'S2_CMSCOMP')); } # Prevent sql injection $token = Sanitize::getString($this->params, 'token'); $tokenMatch = 0 === strcmp($token, cmsFramework::formIntegrityToken($this->params, array('module', 'module_id', 'form', 'data'), false)); $this->viewSuffix = Sanitize::getString($this->params['module'], 'tmpl_suffix'); $conditions = array(); $joins = array(); $order = array(); $having = array(); # Read module parameters $dir_id = Sanitize::getString($this->params['module'], 'dir'); $section_id = Sanitize::getString($this->params['module'], 'section'); $cat_id = Sanitize::getString($this->params['module'], 'category'); $listing_id = Sanitize::getString($this->params['module'], 'listing'); $criteria_id = Sanitize::getString($this->params['module'], 'criteria'); $limit = Sanitize::getString($this->params['module'], 'module_limit', 5); $extension = Sanitize::getString($this->params['module'], 'extension'); $extension = $extension != '' ? $extension : 'com_content'; if (isset($this->Listing)) { $this->Listing->_user = $this->_user; // This parameter determines the module mode $sort = Sanitize::getString($this->params['module'], 'listing_order'); $custom_order = Sanitize::getString($this->params['module'], 'custom_order'); $custom_where = Sanitize::getString($this->params['module'], 'custom_where'); if ($extension != 'com_content' && in_array($sort, array('topratededitor', 'featuredrandom', 'rhits'))) { echo "You have selected the {$sort} mode which is not supported for components other than com_content. Please read the tooltips in the module parameters for more info on allowed settings."; return; } # Category auto detect if (Sanitize::getInt($this->params['module'], 'cat_auto') && $extension == 'com_content') { $ids = CommonController::_discoverIDs($this); extract($ids); } # Set conditionals based on configuration parameters if ($extension == 'com_content') { // Only works for core articles $conditions = array_merge($conditions, array('Listing.state = 1', '( Listing.publish_up = "' . NULL_DATE . '" OR DATE(Listing.publish_up) <= DATE("' . _CURRENT_SERVER_TIME . '") )', '( Listing.publish_down = "' . NULL_DATE . '" OR DATE(Listing.publish_down) >= DATE("' . _CURRENT_SERVER_TIME . '") )', 'Listing.access <= ' . $this->_user->gid)); // Remove unnecessary fields from model query $this->Listing->modelUnbind(array('Listing.fulltext AS `Listing.description`', 'Listing.metakey AS `Listing.metakey`', 'Listing.metadesc AS `Listing.metadesc`', 'User.email AS `User.email`')); $cat_id != '' and $conditions[] = 'Listing.catid IN (' . cleanIntegerCommaList($cat_id) . ')'; $cat_id == '' and $section_id != '' and $conditions[] = 'Listing.sectionid IN (' . cleanIntegerCommaList($section_id) . ')'; $cat_id == '' and $dir_id != '' and $conditions[] = 'JreviewsCategory.dirid IN (' . cleanIntegerCommaList($dir_id) . ')'; $cat_id == '' and $criteria_id != '' and $conditions[] = 'JreviewsCategory.criteriaid IN (' . cleanIntegerCommaList($criteria_id) . ')'; } else { if (Sanitize::getInt($this->params['module'], 'cat_auto') && method_exists($this->Listing, 'catUrlParam')) { if ($cat_id = Sanitize::getInt($this->passedArgs, $this->Listing->catUrlParam())) { $conditions[] = 'JreviewsCategory.id IN (' . cleanIntegerCommaList($cat_id) . ')'; } } elseif ($cat_id) { $conditions[] = 'JreviewsCategory.id IN (' . cleanIntegerCommaList($cat_id) . ')'; } } $listing_id and $conditions[] = "Listing.{$this->Listing->realKey} IN (" . cleanIntegerCommaList($listing_id) . ")"; switch ($sort) { case 'random': $order[] = 'RAND(' . $this->params['rand'] . ')'; break; case 'featuredrandom': $conditions[] = 'featured > 0'; $order[] = 'RAND(' . $this->params['rand'] . ')'; break; case 'topratededitor': $conditions[] = 'Totals.editor_rating > 0'; break; // Editor rating sorting options dealt with in the Listing->processSorting method } # Custom WHERE $tokenMatch and $custom_where and $conditions[] = $custom_where; # Filtering options $having = array(); // Listings submitted in the past x days $entry_period = Sanitize::getInt($this->params['module'], 'filter_listing_period'); if ($entry_period > 0 && $this->Listing->dateKey) { $conditions[] = "Listing.{$this->Listing->dateKey} >= DATE_SUB('" . _CURRENT_SERVER_TIME . "', INTERVAL {$entry_period} DAY)"; } // Listings with reviews submitted in past x days $review_period = Sanitize::getInt($this->params['module'], 'filter_review_period'); if ($review_period > 0) { $conditions[] = "Review.created >= DATE_SUB(CURDATE(), INTERVAL {$review_period} DAY)"; $joins[] = 'LEFT JOIN #__jreviews_comments AS Review ON Listing.' . $this->Listing->realKey . ' = Review.pid'; } // Listings with review count higher than $filter_review_count = Sanitize::getInt($this->params['module'], 'filter_review_count'); $filter_review_count > 0 and $conditions[] = "Totals.user_rating_count >= " . $filter_review_count; // Listings with avg rating higher than $filter_avg_rating = Sanitize::getFloat($this->params['module'], 'filter_avg_rating'); $filter_avg_rating > 0 and $conditions[] = 'Totals.user_rating >= ' . $filter_avg_rating; $this->Listing->group = array(); // Exlude listings without ratings from the results $join_direction = in_array($sort, array('rating', 'rrating', 'topratededitor', 'reviews')) ? 'INNER' : 'LEFT'; $this->Listing->joins['Total'] = "{$join_direction} JOIN #__jreviews_listing_totals AS Totals ON Totals.listing_id = Listing.{$this->Listing->realKey} AND Totals.extension = " . $this->quote($extension); # Modify query for correct ordering. Change FIELDS, ORDER BY and HAVING BY directly in Listing Model variables if ($tokenMatch and $custom_order) { $this->Listing->order[] = $custom_order; } elseif (empty($order) && $extension == 'com_content') { $this->Listing->processSorting($sort, ''); } elseif (empty($order) && ($order = $this->_processSorting($sort))) { $order = array($order); } $queryData = array('fields' => array('Totals.user_rating AS `Review.user_rating`', 'Totals.user_rating_count AS `Review.user_rating_count`', 'Totals.user_comment_count AS `Review.review_count`', 'Totals.editor_rating AS `Review.editor_rating`', 'Totals.editor_rating_count AS `Review.editor_rating_count`', 'Totals.editor_comment_count AS `Review.editor_review_count`'), 'joins' => $joins, 'conditions' => $conditions, 'limit' => $this->module_limit, 'offset' => $this->module_offset, 'having' => $having); isset($order) and !empty($order) and $queryData['order'] = $order; // Trigger addFields for $listing results. Checked in Everywhere model $this->Listing->addFields = true; $listings = $this->Listing->findAll($queryData); if (Sanitize::getInt($this->params['module'], 'ajax_nav', 1)) { unset($queryData['joins']['Section'], $queryData['joins']['Category'], $queryData['joins']['Directory'], $queryData['joins']['Criteria'], $queryData['joins']['User'], $queryData['order']); $count = $this->Listing->findCount($queryData, 'DISTINCT Listing.' . $this->Listing->realKey); } else { $count = $this->module_limit; } } else { $listings = array(); $count = 0; } unset($this->Listing); # Send variables to view template $this->set(array('Access' => $this->Access, 'User' => $this->_user, 'subclass' => 'listing', 'listings' => $listings, 'total' => $count)); $page = $this->render('modules', 'listings'); if ($this->ajaxRequest) { return $this->ajaxResponse($page, false); } else { return $page; } }
/** * Returns array of cat id/title value pairs given a listing type used for creating a tree list * Used in search and listing controllers * */ function getCategoryList($options = array()) { $Access = Configure::read('JreviewsSystem.Access'); if ($this->cmsVersion == CMS_JOOMLA15) { $query = "\n SELECT \n Category.id as value, CONCAT(Section.title,' - ', Category.title) AS text\n FROM \n #__categories AS Category\n INNER JOIN \n #__jreviews_categories AS JreviewsCategory ON Category.id = JreviewsCategory.id AND JreviewsCategory.option = 'com_content'\n LEFT JOIN \n #__sections AS Section on Category.section = Section.id" . (isset($options['type_id']) ? " WHERE \n Category.published = 1\n AND Category.access <= " . $Access->getAccessId() . " \n AND JreviewsCategory.criteriaid = " . $options['type_id'] : '') . " \n \n ORDER BY \n Section.title, Category.title\n "; $this->_db->setQuery($query); return $this->_db->loadObjectList('value'); } $options = array_merge(array('indent' => true, 'disabled' => true), $options); $fields = array('Category.id AS value', 'Category.level AS level', 'Category.parent_id AS parent_id', 'JreviewCategory.criteriaid'); Sanitize::getBool($options, 'disabled') and $fields[] = 'IF(JreviewCategory.criteriaid = 0,1,0) AS disabled'; $fields[] = Sanitize::getBool($options, 'indent') ? "CONCAT(REPEAT('- ', Category.level - 1), Category.title) AS text" : "Category.title AS text"; # Category conditions $cat_condition = array(); isset($options['cat_id']) and !empty($options['cat_id']) and $cat_condition[] = "Category.id IN ({$options['cat_id']})"; isset($options['parent_id']) and !empty($options['parent_id']) and $cat_condition[] = "Category.parent_id IN ({$options['parent_id']})"; $query = "\n SELECT \n " . implode(',', $fields) . "\n FROM \n #__categories AS Category\n LEFT JOIN \n #__categories AS ParentCategory ON Category.lft <= ParentCategory.lft AND Category.rgt >= ParentCategory.rgt\n INNER JOIN \n #__jreviews_categories AS JreviewCategory ON JreviewCategory.id = Category.id AND JreviewCategory.`option` = 'com_content'\n WHERE \n Category.extension = 'com_content' \n AND Category.published = 1\n AND ParentCategory.access IN ( {$Access->getAccessLevels()} ) \n " . (isset($options['level']) && !empty($options['level']) ? " AND Category.level = {$options['level']} " : '') . (!empty($cat_condition) ? " AND (" . implode(" OR ", $cat_condition) . ')' : '') . (isset($options['type_id']) && !empty($options['type_id']) ? " AND JreviewCategory.criteriaid IN (" . (is_array($options['type_id']) ? implode(',', $options['type_id']) : $options['type_id']) . ")" : '') . (isset($options['dir_id']) && !empty($options['dir_id']) ? " AND JreviewCategory.dirid IN (" . cleanIntegerCommaList($options['dir_id']) . ")" : '') . (isset($options['conditions']) ? " AND (" . implode(" AND ", $options['conditions']) . ")" : '') . "\n GROUP BY \n Category.id\n ORDER \n BY Category.lft \n "; $this->_db->setQuery($query); $rows = $this->_db->loadObjectList('value'); if (isset($options['jstree']) && $options['jstree']) { $nodes = array(); $first = current($rows); CategoryModel::makeParentChildRelations($rows, $nodes); return json_encode($nodes); } return $rows; }
function latest() { if ($this->_user->id === 0) { $this->cacheAction = Configure::read('Cache.expires'); } $page = array(); $menu_id = Sanitize::getInt($this->params, 'Itemid'); $this->params['default_order'] = 'rdate'; $sort = Sanitize::getString($this->params, 'order', $this->params['default_order']); // Set layout $this->layout = 'reviews'; $this->autoRender = false; // Triggers the afterFind in the Observer Model $this->EverywhereAfterFind = true; $conditions = array('Review.published = 1'); $extension = Sanitize::getString($this->params['data'], 'extension'); $extension and $conditions[] = "Review.mode = " . $this->quote($extension); $cat_ids = cleanIntegerCommaList(Sanitize::getString($this->params['data'], 'catid')); $section_id = Sanitize::getString($this->params['data'], 'sectionid'); if (!empty($cat_ids)) { if ($extension == 'com_content') { if ($this->cmsVersion == CMS_JOOMLA15) { $conditions[] = 'Listing.catid IN (' . $cat_ids . ')'; } else { $this->Review->joins['ParentCategory'] = "LEFT JOIN #__categories AS ParentCategory ON Category.lft BETWEEN ParentCategory.lft AND ParentCategory.rgt"; $conditions[] = 'ParentCategory.id IN (' . $cat_ids . ')'; } } elseif ($extension != '') { $conditions[] = 'JreviewsCategory.id IN (' . $cat_ids . ')'; } } if ($extension == 'com_content') { $dir_id = Sanitize::getString($this->params['data'], 'dirid'); $section_id = Sanitize::getString($this->params['data'], 'sectionid'); $criteria_id = Sanitize::getString($this->params['data'], 'criteriaid'); empty($cat_id) and !empty($section_id) and $conditions[] = 'Listing.sectionid IN (' . cleanIntegerCommaList($section_id) . ')'; empty($cat_id) and !empty($dir_id) and $conditions[] = 'JreviewsCategory.dirid IN (' . cleanIntegerCommaList($dir_id) . ')'; empty($cat_id) and !empty($criteria_id) and $conditions[] = 'JreviewsCategory.criteriaid IN (' . cleanIntegerCommaList($criteria_id) . ')'; } $queryData = array('conditions' => $conditions, 'fields' => array('Review.mode AS `Review.extension`'), 'offset' => $this->offset, 'limit' => $this->limit, 'order' => $this->Review->processSorting($sort)); if ($sort == 'rating' || $sort == 'rrating') { $queryData['conditions'][] = 'Rating.ratings_sum > 0'; } switch (Sanitize::getString($this->params, 'type')) { case 'user': $queryData['conditions'][] = 'Review.author = 0'; $title = __t("Latest user reviews", true); break; case 'editor': $queryData['conditions'][] = 'Review.author = 1'; $title = __t("Latest editor reviews", true); break; default: $title = __t("Latest reviews", true); break; } # Don't run it here because it's run in the Everywhere Observer Component $this->Review->runProcessRatings = false; $reviews = $this->Review->findAll($queryData); if (empty($reviews)) { return __t("No reviews were found.", true); } $count = $this->Review->findCount($queryData); $menuParams = $this->Menu->getMenuParams($menu_id); $page['show_title'] = Sanitize::getInt($menuParams, 'dirtitle'); $page['title'] = $page['title_seo'] = trim(Sanitize::getString($menuParams, 'title')) != '' ? Sanitize::getString($menuParams, 'title') : $this->Menu->getMenuName($menu_id); if (!$page['show_title']) { $page['title'] = $title; } $this->action = 'latest'; $this->set(array('Access' => $this->Access, 'User' => $this->_user, 'reviews' => $reviews, 'pagination' => array('total' => $count, 'offset' => ($this->page - 1) * $this->limit), 'page' => $page)); return $this->render('reviews', 'reviews'); }