/** * Saves the record on an edit form submit * @param database A database connector object */ function saveWeblink($option) { global $database, $my; if ($my->gid < 1) { mosNotAuth(); return; } // security check to see if link exists in a menu $link = 'index.php?option=com_weblinks&task=new'; $query = "SELECT id" . "\n FROM #__menu" . "\n WHERE link LIKE '%{$link}%'" . "\n AND published = 1"; $database->setQuery($query); $exists = $database->loadResult(); if (!$exists) { mosNotAuth(); return; } // simple spoof check security josSpoofCheck(); $row = new mosWeblink($database); if (!$row->bind($_POST, 'published')) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // sanitise id field // $row->id = (int) $row->id; // until full edit capabilities are given for weblinks - limit saving to new weblinks only $row->id = 0; $isNew = $row->id < 1; $row->date = date('Y-m-d H:i:s'); if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->checkin(); // admin users gid $gid = 25; // list of admins $query = "SELECT email, name" . "\n FROM #__users" . "\n WHERE gid = " . (int) $gid . "\n AND sendEmail = 1"; $database->setQuery($query); if (!$database->query()) { echo $database->stderr(true); return; } $adminRows = $database->loadObjectList(); // send email notification to admins foreach ($adminRows as $adminRow) { mosSendAdminMail($adminRow->name, $adminRow->email, '', 'Weblink', $row->title, $my->username); } $msg = $isNew ? _THANK_SUB : ''; mosRedirect('index.php', $msg); }
/** * Saves the record on an edit form submit * @param database A database connector object */ function saveWeblink($option) { global $database, $my; if ($my->gid < 1) { mosNotAuth(); return; } $row = new mosWeblink($database); if (!$row->bind($_POST, "approved published")) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $isNew = $row->id < 1; $row->date = date("Y-m-d H:i:s"); if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->checkin(); /** Notify admin's */ $query = "SELECT email, name" . "\n FROM #__users" . "\n WHERE usertype = 'superadministrator'" . "\n AND sendemail = '1'"; $database->setQuery($query); if (!$database->query()) { echo $database->stderr(true); return; } $adminRows = $database->loadObjectList(); foreach ($adminRows as $adminRow) { $type = "Weblink"; $title = $linktitle; mosSendAdminMail($adminRow->name, $adminRow->email, "", $type, $row->title, $my->name); } $msg = $isNew ? _THANK_SUB : ''; $Itemid = mosGetParam($_POST, 'Returnid', ''); mosRedirect('index.php?Itemid=' . $Itemid . '&mosmsg=' . $msg); }