public function g_isMax($author_id, $parent_id, $config = array()) { $app = JFactory::getApplication(); $user = JFactory::getUser(); $typeId = JCckDatabase::loadResult('SELECT id FROM #__cck_core_types WHERE name ="' . $config['type'] . '"'); jimport('cck.joomla.access.access'); $max_parent_author = (int) CCKAccess::check($user->id, 'core.create.max.parent.author', 'com_cck.form.' . $typeId); $max_parent = (int) CCKAccess::check($user->id, 'core.create.max.parent', 'com_cck.form.' . $typeId); $max_author = (int) CCKAccess::check($user->id, 'core.create.max.author', 'com_cck.form.' . $typeId); if ($max_parent_author > 0) { $count = JCckDatabase::loadResult('SELECT COUNT(id) FROM #__cck_core WHERE cck="' . $config['type'] . '" AND parent_id = ' . $parent_id . ' AND author_id = ' . $author_id); if ($count >= $max_parent_author) { JCckDatabase::execute('DELETE FROM #__cck_core WHERE id = ' . (int) $config['id']); $app->enqueueMessage(JText::_('COM_CCK_ERROR_MAX_PARENT_AUTHOR'), 'error'); $config['error'] = true; return 1; } } if ($max_parent > 0) { $count = JCckDatabase::loadResult('SELECT COUNT(id) FROM #__cck_core WHERE cck="' . $config['type'] . '" AND parent_id = ' . $parent_id); if ($count >= $max_parent) { JCckDatabase::execute('DELETE FROM #__cck_core WHERE id = ' . (int) $config['id']); $app->enqueueMessage(JText::_('COM_CCK_ERROR_MAX_PARENT'), 'error'); $config['error'] = true; return 1; } } if ($max_author > 0) { $count = JCckDatabase::loadResult('SELECT COUNT(id) FROM #__cck_core WHERE cck="' . $config['type'] . '" AND author_id = ' . $author_id); if ($count >= $max_author) { JCckDatabase::execute('DELETE FROM #__cck_core WHERE id = ' . (int) $config['id']); $app->enqueueMessage(JText::_('COM_CCK_ERROR_MAX_AUTHOR'), 'error'); $config['error'] = true; return 1; } } return 0; }
protected static function _link($link, &$field, &$config) { $app = JFactory::getApplication(); $custom = $link->get('custom', ''); $form = $link->get('form', ''); $edit = $link->get('form_edition', 1); $edit = !$form && $edit ? '&id=' . $config['pk'] : ''; $form = $form ? $form : $config['type']; $itemId = $link->get('itemid', $app->input->getInt('Itemid', 0)); $redirection = $link->get('redirection', ''); $uri = (string) JFactory::getUri(); if (strpos($uri, 'format=raw&infinite=1') !== false) { $return = $app->input->get('return'); } else { $return = base64_encode($uri); } if (!$form) { return; } // Check if ($edit != '') { static $cache = array(); $stage = $link->get('form_edition_stage', ''); if ($stage != '') { $edit .= '&stage=' . (int) $stage; } $user = JCck::getUser(); $canEdit = $user->authorise('core.edit', 'com_cck.form.' . $config['type_id']); // if ( $user->id && !$user->guest ) { $canEditOwn = $user->authorise('core.edit.own', 'com_cck.form.' . $config['type_id']); // } else { // $canEditOwn = false; // todo: guest // } $canEditOwnContent = ''; // canEditOwnContent jimport('cck.joomla.access.access'); $canEditOwnContent = CCKAccess::check($user->id, 'core.edit.own.content', 'com_cck.form.' . $config['type_id']); if ($canEditOwnContent) { $field2 = JCckDatabaseCache::loadObject('SELECT storage, storage_table, storage_field FROM #__cck_core_fields WHERE name = "' . $canEditOwnContent . '"'); $canEditOwnContent = false; if (is_object($field2) && $field2->storage == 'standard') { $pks = isset($config['pks']) ? $config['pks'] : $config['pk']; $query = 'SELECT ' . $field2->storage_field . ' as map, id FROM ' . $field2->storage_table . ' WHERE id IN (' . $pks . ')'; $index = md5($query); if (!isset($cache[$index])) { $cache[$index . '_pks'] = JCckDatabase::loadObjectList($query, 'id'); $values = array(); if (count($cache[$index . '_pks'])) { foreach ($cache[$index . '_pks'] as $p) { $values[] = $p->map; } } $values = count($values) ? implode(',', $values) : '0'; $cache[$index] = JCckDatabase::loadObjectList('SELECT author_id, pk FROM #__cck_core WHERE storage_location = "joomla_article" AND pk IN ( ' . $values . ' )', 'pk'); } if (isset($cache[$index . '_pks'][$config['pk']]) && isset($cache[$index][$cache[$index . '_pks'][$config['pk']]->map]) && $cache[$index][$cache[$index . '_pks'][$config['pk']]->map]->author_id == $user->get('id')) { $canEditOwnContent = true; } } } else { $canEditOwnContent = ''; } // Check Permissions if (!($canEdit && $canEditOwn || $canEdit && !$canEditOwn && $config['author'] != $user->get('id') || $canEditOwn && $config['author'] == $user->get('id') || $canEditOwnContent)) { if (!$link->get('no_access', 0)) { $field->display = 0; } return; } } elseif ($form != '') { $user = JCck::getUser(); $type_id = (int) JCckDatabase::loadResult('SELECT id FROM #__cck_core_types WHERE name = "' . $form . '"'); $canCreate = $type_id ? $user->authorise('core.create', 'com_cck.form.' . $type_id) : false; // Check Permissions if (!$canCreate) { return; } } // Prepare $link_class = $link->get('class', ''); $link_rel = $link->get('rel', ''); $link_target = $link->get('target', ''); $link_title = $link->get('title', ''); $link_title2 = $link->get('title_custom', ''); $tmpl = $link->get('tmpl', ''); $tmpl = $tmpl ? '&tmpl=' . $tmpl : ''; $vars = $tmpl; // + live /* if ( $config['client'] == 'admin' || $config['client'] == 'site' || $config['client'] == 'search' ) { $redirection = '-1'; // todo } */ // Set if (is_array($field->value)) { foreach ($field->value as $f) { $c = $custom; $c = parent::g_getCustomSelfVars(self::$type, $f, $c, $config); $c = $c ? '&' . $c : ''; $f->link = 'index.php?option=com_cck&view=form&layout=edit&type=' . $form . $edit . $vars . '&Itemid=' . $itemId . $c; if ($redirection != '-1') { $f->link .= '&return=' . $return; } $f->link = JRoute::_($f->link); $f->link_class = $link_class ? $link_class : (isset($f->link_class) ? $f->link_class : ''); $f->link_rel = $link_rel ? $link_rel : (isset($f->link_rel) ? $f->link_rel : ''); $f->link_state = $link->get('state', 1); $f->link_target = $link_target ? $link_target : (isset($f->link_target) ? $f->link_target : ''); $f->link_title = $link_title ? $link_title == '2' ? $link_title2 : (isset($f->link_title) ? $f->link_title : '') : ''; } $field->link = '#'; //todo } else { $custom = parent::g_getCustomVars(self::$type, $field, $custom, $config); $field->link = JRoute::_('index.php?option=com_cck&view=form&layout=edit&type=' . $form . $edit . $vars . '&Itemid=' . $itemId); $separator = strpos($field->link, '?') !== false ? '&' : '?'; if ($custom) { $field->link .= $separator . $custom; $separator = '&'; } if ($redirection != '-1') { $field->link .= $separator . 'return=' . $return; } $field->link_class = $link_class ? $link_class : (isset($field->link_class) ? $field->link_class : ''); $field->link_rel = $link_rel ? $link_rel : (isset($field->link_rel) ? $field->link_rel : ''); $field->link_state = $link->get('state', 1); $field->link_target = $link_target ? $link_target : (isset($field->link_target) ? $field->link_target : ''); $field->link_title = $link_title ? $link_title == '2' ? $link_title2 : (isset($field->link_title) ? $field->link_title : '') : ''; } }
$no_redirect = $options->get('redirection_url_no_access', 'index.php?option=com_users&view=login'); $no_style = $options->get('message_style_no_access', 'error'); $no_action = $options->get('action_no_access'); $stages = $options->get('stages', 1); $stage = -1; if ($id > 0) { $isNew = 0; $canAccess = $user->authorise('core.edit', 'com_cck.form.' . $type->id); //if ( $user->id && !$user->guest ) { $canEditOwn = $user->authorise('core.edit.own', 'com_cck.form.' . $type->id); //} else { // $canEditOwn = false; // todo: guest //} // canEditOwnContent jimport('cck.joomla.access.access'); $canEditOwnContent = CCKAccess::check($user->get('id'), 'core.edit.own.content', 'com_cck.form.' . $type->id); if ($canEditOwnContent) { $remote_field = JCckDatabase::loadObject('SELECT storage, storage_table, storage_field FROM #__cck_core_fields WHERE name = "' . $canEditOwnContent . '"'); $canEditOwnContent = false; if (is_object($remote_field) && $remote_field->storage == 'standard') { $related_content_id = JCckDatabase::loadResult('SELECT ' . $remote_field->storage_field . ' FROM ' . $remote_field->storage_table . ' WHERE id = ' . (int) $id); $related_content = JCckDatabase::loadObject('SELECT author_id, pk FROM #__cck_core WHERE storage_location = "joomla_article" AND pk = ' . $related_content_id); if ($related_content->author_id == $user->get('id')) { $canEditOwnContent = true; } } } } else { $isNew = 1; if ($type->location && ($app->isAdmin() && $type->location != 'admin' || $app->isSite() && $type->location != 'site')) { CCK_Form::redirect($no_action, $no_redirect, $no_message, $no_style, $config);