public function update_set_groups()
{
if ($this->token->validate('update_set_groups')) {
$gs = GroupSet::getByID($this->post('gsID'));
if (!is_object($gs)) {
$this->error->add(t('Invalid group set.'));
}
if (!$this->error->has()) {
// go through and add all the attributes that aren't in another set
$gs->clearGroups();
if (is_array($this->post('gID'))) {
foreach ($_POST['gID'] as $gID) {
$g = Group::getByID($gID);
if (is_object($g)) {
$gs->addGroup($g);
}
}
}
$this->redirect('dashboard/users/group_sets', 'set_updated');
}
} else {
$this->error->add($this->token->getErrorMessage());
}
$this->edit($this->post('asID'));
}
public function save($post)
{
// clear all selected permissions
$tps = array();
foreach ($post['tpID'] as $tpID) {
$tp = TaskPermission::getByID($tpID);
$tps[] = $tp;
$tp->clearPermissions();
}
foreach ($post['selectedEntity'] as $e) {
if ($e != '') {
$o1 = explode('_', $e);
if ($o1[0] == 'uID') {
$obj = UserInfo::getByID($o1[1]);
} else {
$obj = Group::getByID($o1[1]);
}
foreach ($tps as $tp) {
if ($post[$e . '_' . $tp->getTaskPermissionID()] == 1) {
$tp->addAccess($obj);
}
}
}
}
}
public function run()
{
$db = Loader::db();
$cnt = $db->GetOne('select count(*) from TaskPermissions where tpHandle = ?', array('delete_user'));
if ($cnt < 1) {
$g3 = Group::getByID(ADMIN_GROUP_ID);
$tip = TaskPermission::addTask('delete_user', t('Delete Users'), false);
if (is_object($g3)) {
$tip->addAccess($g3);
}
}
Loader::model('single_page');
$sp = Page::getByPath('/dashboard/settings/multilingual');
if ($sp->isError()) {
$d1a = SinglePage::add('/dashboard/settings/multilingual');
$d1a->update(array('cName' => t('Multilingual Setup')));
}
$sp = Page::getByPath('/dashboard/composer');
if ($sp->isError()) {
$d2 = SinglePage::add('/dashboard/composer');
$d2->update(array('cName' => t('Composer Beta'), 'cDescription' => t('Write for your site.')));
}
$sp = Page::getByPath('/dashboard/composer/write');
if ($sp->isError()) {
$d3 = SinglePage::add('/dashboard/composer/write');
}
$sp = Page::getByPath('/dashboard/composer/drafts');
if ($sp->isError()) {
$d4 = SinglePage::add('/dashboard/composer/drafts');
}
$sp = Page::getByPath('/dashboard/pages/types/composer');
if ($sp->isError()) {
$d5 = SinglePage::add('/dashboard/pages/types/composer');
}
}
public function delete($delGroupId, $token = ''){
$u=new User();
try {
if(!$u->isSuperUser()) {
throw new Exception(t('You do not have permission to perform this action.'));
}
$group = Group::getByID($delGroupId);
if(!($group instanceof Group)) {
throw new Exception(t('Invalid group ID.'));
}
$valt = Loader::helper('validation/token');
if (!$valt->validate('delete_group_' . $delGroupId, $token)) {
throw new Exception($valt->getErrorMessage());
}
$group->delete();
$resultMsg=t('Group deleted successfully.');
$_REQUEST=array();
$_GET=array();
$_POST=array();
$this->set('message', $resultMsg);
$this->view();
} catch(Exception $e) {
$this->set('error', $e);
}
}
public function getSearchResultFromQuery(Query $query)
{
$result = parent::getSearchResultFromQuery($query);
$u = new \User();
if (!$u->isSuperUser()) {
$gIDs = array(-1);
$gs = new GroupList();
$groups = $gs->getResults();
foreach ($groups as $g) {
$gp = new \Permissions($g);
if ($gp->canSearchUsersInGroup()) {
$gIDs[] = $g->getGroupID();
}
}
$result->getItemListObject()->getQueryObject()->leftJoin("u", "UserGroups", "ugRequired", "ugRequired.uID = u.uID");
$groups = 'ugRequired.gID in (' . implode(',', $gIDs) . ')';
$gg = \Group::getByID(REGISTERED_GROUP_ID);
$ggp = new \Permissions($gg);
if ($ggp->canSearchUsersInGroup()) {
$null = 'ugRequired.gID is null';
}
$result->getItemListObject()->getQueryObject()->select('distinct (u.uID)');
$expr = $result->getItemListObject()->getQueryObject()->expr()->orX($groups, $null);
$result->getItemListObject()->getQueryObject()->andwhere($expr);
}
return $result;
}
public static function addFilesForProduct(array $files, StoreProduct $product)
{
self::removeFilesForProduct($product);
//add new ones.
if (!empty($files['dffID'])) {
foreach ($files['dffID'] as $fileID) {
if (!empty($fileID) && $fileID > 0) {
self::add($product->getProductID(), $fileID);
$fileObj = \File::getByID($fileID);
$fs = \FileSet::getByName("Digital Downloads");
$fs->addFileToSet($fileObj);
$fileObj->resetPermissions(1);
$pk = \Concrete\Core\Permission\Key\FileKey::getByHandle('view_file');
$pk->setPermissionObject($fileObj);
$pao = $pk->getPermissionAssignmentObject();
$groupEntity = \Concrete\Core\Permission\Access\Entity\GroupEntity::getOrCreate(\Group::getByID(GUEST_GROUP_ID));
$pa = $pk->getPermissionAccessObject();
if ($pa) {
$pa->removeListItem($groupEntity);
$pao->assignPermissionAccess($pa);
}
}
}
}
}
/**
* Reindexes the search engine.
*/
public function reindex() {
Loader::library('3rdparty/Zend/Search/Lucene');
Loader::library('3rdparty/StandardAnalyzer/Analyzer/Standard/English');
$index = new Zend_Search_Lucene(DIR_FILES_CACHE_PAGES, true);
//Zend_Search_Lucene_Analysis_Analyzer::setDefault(new Zend_Search_Lucene_Analysis_Analyzer_Common_Utf8Num_CaseInsensitive());
Zend_Search_Lucene_Analysis_Analyzer::setDefault(new StandardAnalyzer_Analyzer_Standard_English());
$db = Loader::db();
$collection_attributes = Loader::model('collection_attributes');
$r = $db->query("select cID from Pages order by cID asc");
$g = Group::getByID(GUEST_GROUP_ID);
$nh = Loader::helper('navigation');
while ($row = $r->fetchRow()) {
$c = Page::getByID($row['cID'], 'ACTIVE');
if($c->getCollectionAttributeValue('exclude_search_index')) continue;
$themeObject = $c->getCollectionThemeObject();
$g->setPermissionsForObject($c);
if ($g->canRead()) {
$pageID = md5($row['cID']);
$doc = new Zend_Search_Lucene_Document();
$doc->addField(Zend_Search_Lucene_Field::Keyword('cIDhash', $pageID));
$doc->addField(Zend_Search_Lucene_Field::Unindexed('cID', $row['cID']));
$doc->addField(Zend_Search_Lucene_Field::Text('cName', $c->getCollectionName(), APP_CHARSET));
$doc->addField(Zend_Search_Lucene_Field::Keyword('ctHandle', $c->getCollectionTypeHandle()));
$doc->addField(Zend_Search_Lucene_Field::Text('cDescription', $c->getCollectionDescription(), APP_CHARSET));
$doc->addField(Zend_Search_Lucene_Field::Text('cBody', $this->getBodyContentFromPage($c), APP_CHARSET));
if (is_object($themeObject)) {
$doc->addField(Zend_Search_Lucene_Field::Text('cTheme', $themeObject->getThemeHandle()));
}
$doc->addField(Zend_Search_Lucene_Field::Text( 'cPath', $c->getCollectionPath()));
if (count($this->cPathSections) > 0) {
foreach($this->cPathSections as $var => $cPath) {
$isInSection = (strstr(strtolower($c->getCollectionPath()), $cPath . '/')) ? 'true' : 'false';
$doc->addField(Zend_Search_Lucene_Field::Keyword($var, $isInSection));
}
}
$attributes=$c->getSetCollectionAttributes();
foreach($attributes as $attribute){
if ($attribute->isCollectionAttributeKeySearchable()) {
$doc->addField(Zend_Search_Lucene_Field::Keyword( $attribute->akHandle, $c->getCollectionAttributeValue($attribute) ));
}
}
$index->addDocument($doc);
}
}
$result = new stdClass;
$result->count = $index->count();
return $result;
}
public function run()
{
$db = Loader::db();
$columns = $db->MetaColumns('Pages');
if (!isset($columns['CISSYSTEMPAGE'])) {
$db->Execute('alter table Pages add column cIsSystemPage tinyint(1) not null default 0');
$db->Execute('alter table Pages add index (cIsSystemPage)');
}
$columns = $db->MetaColumns('Pages');
if (!isset($columns['CISACTIVE'])) {
$db->Execute('alter table Pages add column cIsActive tinyint(1) not null default 1');
$db->Execute('alter table Pages add index (cIsActive)');
$db->Execute('update Pages set cIsActive = 1');
}
$columns = $db->MetaColumns('PageSearchIndex');
if (!isset($columns['CREQUIRESREINDEX'])) {
$db->Execute('alter table PageSearchIndex add column cRequiresReindex tinyint(1) not null default 0');
$db->Execute('alter table PageSearchIndex add index (cRequiresReindex)');
}
// install version job
Loader::model("job");
Job::installByHandle('remove_old_page_versions');
// flag system pages appropriately
Page::rescanSystemPages();
// add a newsflow task permission
$db = Loader::db();
$cnt = $db->GetOne('select count(*) from TaskPermissions where tpHandle = ?', array('view_newsflow'));
if ($cnt < 1) {
$g3 = Group::getByID(ADMIN_GROUP_ID);
$tip = TaskPermission::addTask('view_newsflow', t('View Newsflow'), false);
if (is_object($g3)) {
$tip->addAccess($g3);
}
}
// Install new block types
$this->installBlockTypes();
// install stacks, trash and drafts
$this->installSinglePages();
// move the old dashboard
$newDashPage = Page::getByPath('/dashboard/welcome');
if (!is_object($newDashPage) || $newDashPage->isError()) {
$dashboard = Page::getByPath('/dashboard');
$dashboard->moveToTrash();
// install new dashboard + page types
$this->installDashboard();
$this->migrateOldDashboard();
}
Loader::model('system/captcha/library');
$scl = SystemCaptchaLibrary::getByHandle('securimage');
if (!is_object($scl)) {
$scl = SystemCaptchaLibrary::add('securimage', t('SecurImage (Default)'));
$scl->activate();
}
Config::save('SEEN_INTRODUCTION', 1);
}
public function load() {
$db = Loader::db();
$gID = $db->GetOne('select gID from PermissionAccessEntityGroups where peID = ?', array($this->peID));
if ($gID) {
$g = Group::getByID($gID);
if (is_object($g)) {
$this->group = $g;
$this->label = $g->getGroupName();
} else {
$this->label = t('(Deleted Group)');
}
}
}
public function run()
{
$db = Loader::db();
$cnt = $db->GetOne('select count(*) from TaskPermissions where tpHandle = ?', array('install_packages'));
if ($cnt < 1) {
$g3 = Group::getByID(ADMIN_GROUP_ID);
$tip = TaskPermission::addTask('install_packages', t('Install Packages and Connect to the Marketplace'), false);
if (is_object($g3)) {
$tip->addAccess($g3);
}
}
// ensure we have a proper ocID
$db->Execute("alter table Files modify column ocID int unsigned not null default 0");
}
/** Executes the job.
* @return string Returns a string describing the job result in case of success.
* @throws Exception Throws an exception in case of errors.
*/
public function run()
{
Cache::disableCache();
Cache::disableLocalCache();
try {
$db = Loader::db();
$instances = array('navigation' => Loader::helper('navigation'), 'dashboard' => Loader::helper('concrete/dashboard'), 'view_page' => PermissionKey::getByHandle('view_page'), 'guestGroup' => Group::getByID(GUEST_GROUP_ID), 'now' => new DateTime('now'), 'ak_exclude_sitemapxml' => CollectionAttributeKey::getByHandle('exclude_sitemapxml'), 'ak_sitemap_changefreq' => CollectionAttributeKey::getByHandle('sitemap_changefreq'), 'ak_sitemap_priority' => CollectionAttributeKey::getByHandle('sitemap_priority'));
$instances['guestGroupAE'] = array(GroupPermissionAccessEntity::getOrCreate($instances['guestGroup']));
$xmlDoc = new SimpleXMLElement('<' . '?xml version="1.0" encoding="' . APP_CHARSET . '"?><urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" />');
$rs = Loader::db()->Query('SELECT cID FROM Pages');
while ($row = $rs->FetchRow()) {
self::addPage($xmlDoc, intval($row['cID']), $instances);
}
$rs->Close();
Events::fire('on_sitemap_xml_ready', $xmlDoc);
$dom = dom_import_simplexml($xmlDoc)->ownerDocument;
$dom->formatOutput = true;
$addedPages = count($xmlDoc->url);
$relName = ltrim(SITEMAPXML_FILE, '\\/');
$osName = rtrim(DIR_BASE, '\\/') . '/' . $relName;
$urlName = rtrim(BASE_URL . DIR_REL, '\\/') . '/' . $relName;
if (!file_exists($osName)) {
@touch($osName);
}
if (!is_writable($osName)) {
throw new Exception(t('The file %s is not writable', $osName));
}
if (!($hFile = @fopen($osName, 'w'))) {
throw new Exception(t('Cannot open file %s', $osName));
}
if (!@fwrite($hFile, $dom->saveXML())) {
throw new Exception(t('Error writing to file %s', $osName));
}
@fflush($hFile);
@fclose($hFile);
unset($hFile);
return t('%1$s file saved (%2$d pages).', sprintf('<a href="%s" target="_blank">%s</a>', $urlName, preg_replace('/^https?:\\/\\//i', '', $urlName)), $addedPages);
} catch (Exception $x) {
if (isset($hFile) && $hFile) {
@fflush($hFile);
@ftruncate($hFile, 0);
@fclose($hFile);
$hFile = null;
}
throw $x;
}
}
public function load()
{
$db = Loader::db();
$gIDs = $db->GetCol('select gID from PermissionAccessEntityGroups where peID = ? order by gID asc', array($this->peID));
if ($gIDs && is_array($gIDs)) {
for ($i = 0; $i < count($gIDs); $i++) {
$g = Group::getByID($gIDs[$i]);
if (is_object($g)) {
$this->groups[] = $g;
$this->label .= $g->getGroupName();
if ($i + 1 < count($gIDs)) {
$this->label .= t(' + ');
}
}
}
}
}
/**
* @param FileList $list
* @param $request
*/
public function filterList(ItemList $list)
{
$filterGIDs = array();
if (isset($this->data['gID']) && is_array($this->data['gID'])) {
foreach ($this->data['gID'] as $gID) {
$g = \Group::getByID($gID);
if (is_object($g)) {
$gp = new \Permissions($g);
if ($gp->canSearchUsersInGroup()) {
$filterGIDs[] = $g->getGroupID();
}
}
}
}
foreach ($filterGIDs as $gID) {
$list->filterByGroupID($gID);
}
}
public function canGuestsViewThisBlock()
{
$pk = PermissionKey::getByHandle('view_block');
$pk->setPermissionObject($this->getPermissionObject());
$gg = GroupPermissionAccessEntity::getOrCreate(Group::getByID(GUEST_GROUP_ID));
$accessEntities = array($gg);
$valid = false;
$list = $pk->getAccessListItems(PermissionKey::ACCESS_TYPE_ALL, $accessEntities);
foreach ($list as $l) {
if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_INCLUDE) {
$valid = true;
}
if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_EXCLUDE) {
$valid = false;
}
}
return $valid;
}
public function run()
{
$bt = BlockType::getByHandle('guestbook');
if (is_object($bt)) {
$bt->refresh();
}
// add user export users task permission
$pk = PermissionKey::getByHandle('access_user_search_export');
if (!$pk instanceof PermissionKey) {
$pk = PermissionKey::add('user', 'access_user_search_export', 'Export Site Users', 'Controls whether a user can export site users or not', false, false);
$pa = $pk->getPermissionAccessObject();
if (!is_object($pa)) {
$pa = PermissionAccess::create($pk);
}
$adminGroup = Group::getByID(ADMIN_GROUP_ID);
//Make sure "Adminstrators" group still exists
if ($adminGroup) {
$adminGroupEntity = GroupPermissionAccessEntity::getOrCreate($adminGroup);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
}
if (!Config::get('SECURITY_TOKEN_JOBS')) {
Config::save('SECURITY_TOKEN_JOBS', Loader::helper('validation/identifier')->getString(64));
}
if (!Config::get('SECURITY_TOKEN_ENCRYPTION')) {
Config::save('SECURITY_TOKEN_ENCRYPTION', Loader::helper('validation/identifier')->getString(64));
}
if (!Config::get('SECURITY_TOKEN_VALIDATION')) {
Config::save('SECURITY_TOKEN_VALIDATION', Loader::helper('validation/identifier')->getString(64));
}
$sp = Page::getByPath('/dashboard/system/mail/method/test_settings');
if (!is_object($sp) || $sp->isError()) {
$sp = SinglePage::add('/dashboard/system/mail/method/test_settings');
$sp->update(array('cName' => t('Test Mail Settings')));
$sp->setAttribute('meta_keywords', 'test smtp, test mail');
}
}
<?php
defined('C5_EXECUTE') or die("Access Denied.");
if (Loader::helper('validation/token')->validate('process')) {
$js = Loader::helper('json');
$obj = new stdClass();
if (count($_POST['gID']) > 0) {
$groups = array();
foreach ($_POST['gID'] as $gID) {
$g = Group::getByID($gID);
if (is_object($g)) {
$groups[] = $g;
}
}
$pae = GroupCombinationPermissionAccessEntity::getOrCreate($groups);
$obj->peID = $pae->getAccessEntityID();
$obj->label = $pae->getAccessEntityLabel();
}
print $js->encode($obj);
}
public function setFileSetPermissions($fs, $post) {
$fs->resetPermissions();
foreach($post['selectedEntity'] as $e) {
if ($e != '') {
$id = substr($e, 4);
if (strpos($e, 'uID') === 0) {
$obj = UserInfo::getByID($id);
} else {
$obj = Group::getByID($id);
}
$canSearch = $post['canSearch_' . $e];
$canRead = $post['canRead_' . $e];
$canWrite = $post['canWrite_' . $e];
$canAdmin = $post['canAdmin_' . $e];
$canAdd = $post['canAdd_' . $e];
$extensions = $post['canAddExtension_' . $e];
$fs->setPermissions($obj, $canSearch, $canRead, $canWrite, $canAdmin, $canAdd, $extensions);
}
}
}
/**
* @private
*/
public function assignPermissionSet($px)
{
// this is the legacy function that is called just by xml. We pass these values in as though they were the old ones.
if (isset($px->guests)) {
$pkHandles = self::translatePermissionsXMLToKeys($px->guests);
$this->assignPermissions(Group::getByID(GUEST_GROUP_ID), $pkHandles);
}
if (isset($px->registered)) {
$pkHandles = self::translatePermissionsXMLToKeys($px->registered);
$this->assignPermissions(Group::getByID(REGISTERED_GROUP_ID), $pkHandles);
}
if (isset($px->administrators)) {
$pkHandles = self::translatePermissionsXMLToKeys($px->administrators);
$this->assignPermissions(Group::getByID(ADMIN_GROUP_ID), $pkHandles);
}
if (isset($px->group)) {
foreach ($px->group as $g) {
$pkHandles = self::translatePermissionsXMLToKeys($px->administrators);
$this->assignPermissions(Group::getByID($g['gID']), $pkHandles);
}
}
if (isset($px->user)) {
foreach ($px->user as $u) {
$pkHandles = self::translatePermissionsXMLToKeys($px->administrators);
$this->assignPermissions(Group::getByID($u['uID']), $pkHandles);
}
}
$this->refreshCache();
}
foreach ($users as $ui) {
echo $form->hidden('uID[]', $ui->getUserID());
}
?>
<div class="clearfix">
<?php
echo $form->label('groupIDs', t('Remove the users below from Group(s)'));
?>
<div class="input">
<select multiple name="groupIDs[]" class="select2-select" data-placeholder="<?php
echo t('Select Group(s)');
?>
" >
<?php
foreach ($g1 as $gRow) {
$g = Group::getByID($gRow['gID']);
$gp = new Permissions($g);
if ($gp->canAssignGroup()) {
?>
<option value="<?php
echo $g->getGroupID();
?>
" <?php
if (is_array($_REQUEST['groupIDs']) && in_array($g->getGroupID(), $_REQUEST['groupIDs'])) {
?>
selected="selected" <?php
}
?>
><?php
echo $g->getGroupDisplayName();
?>
public function up(Schema $schema)
{
$ft = FlagType::getByhandle('spam');
if (!is_object($ft)) {
FlagType::add('spam');
}
$bt = BlockType::getByHandle('image_slider');
$bt->refresh();
$types = array(Type::getByHandle('group'), Type::getByHandle('user'), Type::getByHandle('group_set'), Type::getByHandle('group_combination'));
$categories = array(Category::getByHandle('conversation'), Category::getByHandle('conversation_message'));
foreach ($categories as $category) {
foreach ($types as $pe) {
if (is_object($category) && is_object($pe)) {
$category->associateAccessEntityType($pe);
}
}
}
try {
$gat = AuthenticationType::getByHandle('google');
} catch (Exception $e) {
$gat = AuthenticationType::add('google', 'Google');
if (is_object($gat)) {
$gat->disable();
}
}
// fix register page permissions
$g1 = \Group::getByID(GUEST_GROUP_ID);
$register = \Page::getByPath('/register', "RECENT");
$register->assignPermissions($g1, array('view_page'));
// add new permissions, set it to the same value as edit page permissions on all pages.
$epk = PermissionKey::getByHandle('edit_page_permissions');
$msk = PermissionKey::getByHandle('edit_page_multilingual_settings');
$ptk = PermissionKey::getByHandle('edit_page_page_type');
if (!is_object($msk)) {
$msk = PermissionKey::add('page', 'edit_page_multilingual_settings', 'Edit Multilingual Settings', 'Controls whether a user can see the multilingual settings menu, re-map a page or set a page as ignored in multilingual settings.', false, false);
}
if (!is_object($ptk)) {
$ptk = PermissionKey::add('page', 'edit_page_page_type', 'Edit Page Type', 'Change the type of an existing page.', false, false);
}
$db = \Database::get();
$r = $db->Execute('select cID from Pages where cInheritPermissionsFrom = "OVERRIDE" order by cID asc');
while ($row = $r->FetchRow()) {
$c = Page::getByID($row['cID']);
if (is_object($c) && !$c->isError()) {
$epk->setPermissionObject($c);
$msk->setPermissionObject($c);
$ptk->setPermissionObject($c);
$rpa = $epk->getPermissionAccessObject();
if (is_object($rpa)) {
$pt = $msk->getPermissionAssignmentObject();
if (is_object($pt)) {
$pt->clearPermissionAssignment();
$pt->assignPermissionAccess($rpa);
}
$pt = $ptk->getPermissionAssignmentObject();
if (is_object($pt)) {
$pt->clearPermissionAssignment();
$pt->assignPermissionAccess($rpa);
}
}
}
}
// add new page type permissions
$epk = PermissionKey::getByHandle('edit_page_type_permissions');
$msk = PermissionKey::getByHandle('edit_page_type');
$dsk = PermissionKey::getByHandle('delete_page_type');
if (!is_object($msk)) {
$msk = PermissionKey::add('page_type', 'edit_page_type', 'Edit Page Type', '', false, false);
}
if (!is_object($dsk)) {
$dsk = PermissionKey::add('page_type', 'delete_page_type', 'Delete Page Type', '', false, false);
}
$list = \Concrete\Core\Page\Type\Type::getList();
foreach ($list as $pagetype) {
$epk->setPermissionObject($pagetype);
$msk->setPermissionObject($pagetype);
$dsk->setPermissionObject($pagetype);
$rpa = $epk->getPermissionAccessObject();
if (is_object($rpa)) {
$pt = $msk->getPermissionAssignmentObject();
if (is_object($pt)) {
$pt->clearPermissionAssignment();
$pt->assignPermissionAccess($rpa);
}
$pt = $dsk->getPermissionAssignmentObject();
if (is_object($pt)) {
$pt->clearPermissionAssignment();
$pt->assignPermissionAccess($rpa);
}
}
}
// add new multilingual tables.
$sm = $db->getSchemaManager();
$schemaTables = $sm->listTableNames();
if (!in_array('MultilingualPageRelations', $schemaTables)) {
$mpr = $schema->createTable('MultilingualPageRelations');
$mpr->addColumn('mpRelationID', 'integer', array('notnull' => true, 'unsigned' => true, 'default' => 0));
$mpr->addColumn('cID', 'integer', array('notnull' => true, 'unsigned' => true, 'default' => 0));
$mpr->addColumn('mpLanguage', 'string', array('notnull' => true, 'default' => ''));
$mpr->addColumn('mpLocale', 'string', array('notnull' => true));
$mpr->setPrimaryKey(array('mpRelationID', 'cID', 'mpLocale'));
}
if (!in_array('MultilingualSections', $schemaTables)) {
$mus = $schema->createTable('MultilingualSections');
$mus->addColumn('cID', 'integer', array('notnull' => true, 'unsigned' => true, 'default' => 0));
$mus->addColumn('msLanguage', 'string', array('notnull' => true, 'default' => ''));
$mus->addColumn('msCountry', 'string', array('notnull' => true, 'default' => ''));
$mus->setPrimaryKey(array('cID'));
}
if (!in_array('MultilingualTranslations', $schemaTables)) {
$mts = $schema->createTable('MultilingualTranslations');
$mts->addColumn('mtID', 'integer', array('autoincrement' => true, 'unsigned' => true));
$mts->addColumn('mtSectionID', 'integer', array('unsigned' => true, 'notnull' => true, 'default' => 0));
$mts->addColumn('msgid', 'text', array('notnull' => false));
$mts->addColumn('msgstr', 'text', array('notnull' => false));
$mts->addColumn('context', 'text', array('notnull' => false));
$mts->addColumn('comments', 'text', array('notnull' => false));
$mts->addColumn('reference', 'text', array('notnull' => false));
$mts->addColumn('flags', 'text', array('notnull' => false));
$mts->addColumn('updated', 'datetime', array('notnull' => false));
$mts->setPrimaryKey(array('mtID'));
}
// block type
$bt = BlockType::getByHandle('switch_language');
if (!is_object($bt)) {
$bt = BlockType::installBlockType('switch_language');
}
// single pages
$sp = Page::getByPath('/dashboard/system/multilingual');
if (!is_object($sp) || $sp->isError()) {
$sp = SinglePage::add('/dashboard/system/multilingual');
$sp->update(array('cName' => 'Multilingual'));
$sp->setAttribute('meta_keywords', 'multilingual, localization, internationalization, i18n');
}
$sp = Page::getByPath('/dashboard/system/multilingual/setup');
if (!is_object($sp) || $sp->isError()) {
$sp = SinglePage::add('/dashboard/system/multilingual/setup');
$sp->update(array('cName' => 'Multilingual Setup'));
}
$sp = Page::getByPath('/dashboard/system/multilingual/page_report');
if (!is_object($sp) || $sp->isError()) {
$sp = SinglePage::add('/dashboard/system/multilingual/page_report');
$sp->update(array('cName' => 'Page Report'));
}
$sp = Page::getByPath('/dashboard/system/multilingual/translate_interface');
if (!is_object($sp) || $sp->isError()) {
$sp = SinglePage::add('/dashboard/system/multilingual/translate_interface');
$sp->update(array('cName' => 'Translate Interface'));
}
$sp = Page::getByPath('/dashboard/pages/types/attributes');
if (!is_object($sp) || $sp->isError()) {
$sp = SinglePage::add('/dashboard/pages/types/attributes');
$sp->update(array('cName' => 'Page Type Attributes'));
}
}
public function update_permissions()
{
$this->set_permissions();
$home = $this->get('home');
$gru = Group::getByID(REGISTERED_GROUP_ID);
$ggu = Group::getByID(GUEST_GROUP_ID);
$gau = Group::getByID(ADMIN_GROUP_ID);
$args = array();
switch ($_POST['view']) {
case "ANYONE":
$args['collectionRead'][] = 'gID:' . $ggu->getGroupID();
// this API is pretty crappy. TODO: clean this up in a nice object oriented fashion
break;
case "USERS":
$args['collectionRead'][] = 'gID:' . $gru->getGroupID();
// this API is pretty crappy. TODO: clean this up in a nice object oriented fashion
break;
case "PRIVATE":
$args['collectionRead'][] = 'gID:' . $gau->getGroupID();
break;
}
$args['collectionWrite'] = array();
if (is_array($_POST['gID'])) {
foreach ($_POST['gID'] as $gID) {
$args['collectionReadVersions'][] = 'gID:' . $gID;
$args['collectionWrite'][] = 'gID:' . $gID;
$args['collectionAdmin'][] = 'gID:' . $gID;
$args['collectionDelete'][] = 'gID:' . $gID;
}
}
$args['cInheritPermissionsFrom'] = 'OVERRIDE';
$args['cOverrideTemplatePermissions'] = 1;
$home->updatePermissions($args);
$this->redirect('/dashboard/settings/', 'set_permissions', 'permissions_saved');
}
/**
* @return \Concrete\Core\Page\PageList
*/
public function getPageListObject()
{
$pl = new PageList();
$pl->setItemsPerPage($this->itemsPerFeed);
$pl->sortByPublicDateDescending();
if (!$this->checkPagePermissions) {
$pl->ignorePermissions();
} else {
$vp = \Concrete\Core\Permission\Key\Key::getByHandle('view_page');
$guest = \Group::getByID(GUEST_GROUP_ID);
$access = GroupEntity::getOrCreate($guest);
// we set page permissions to be Guest group only, because
// authentication won't work with RSS feeds
$pl->setPermissionsChecker(function ($page) use($vp, $access) {
$vp->setPermissionObject($page);
$pa = $vp->getPermissionAccessObject($page);
if (!is_object($pa)) {
return false;
}
return $pa->validateAccessEntities(array($access));
});
}
if ($this->cParentID) {
if ($this->pfIncludeAllDescendents) {
$parent = \Page::getByID($this->cParentID);
if (is_object($parent) && !$parent->isError()) {
$pl->filterByPath($parent->getCollectionPath());
}
} else {
$pl->filterByParentID($this->cParentID);
}
}
if ($this->pfDisplayAliases) {
$pl->includeAliases();
}
if ($this->ptID) {
$pl->filterByPageTypeID($this->ptID);
}
if ($this->pfDisplayFeaturedOnly) {
$pl->filterByAttribute('is_featured', true);
}
return $pl;
}
public function save($data)
{
$db = Database::get();
if ($data['pID']) {
//if we know the pID, we're updating.
$pID = $data['pID'];
//update product details
$vals = array($data['gID'], $data['pName'], $data['pDesc'], $data['pDetail'], $data['pPrice'], $data['pFeatured'], $data['pQty'], $data['pTaxable'], $data['pfID'], $data['pActive'], $data['pShippable'], $data['pWidth'], $data['pHeight'], $data['pLength'], $data['pWeight'], $data['pID']);
$db->Execute('UPDATE VividStoreProducts SET gID=?,pName=?,pDesc=?,pDetail=?,pPrice=?,pFeatured=?,pQty=?,pTaxable=?,pfID=?,pActive=?,pShippable=?,pWidth=?,pHeight=?,pLength=?,pWeight=? WHERE pID = ?', $vals);
//update additional images
$db->Execute('DELETE FROM VividStoreProductImages WHERE pID = ?', $data['pID']);
$count = count($data['pifID']);
if ($count > 0) {
for ($i = 0; $i < $count; $i++) {
$vals = array($data['pID'], $data['pifID'][$i], $data['piSort'][$i]);
$db->Execute("INSERT INTO VividStoreProductImages (pID,pifID,piSort) VALUES (?,?,?)", $vals);
}
}
//update user groups
$db->Execute('DELETE FROM VividStoreProductUserGroups WHERE pID = ?', $data['pID']);
if (!empty($data['pUserGroups'])) {
foreach ($data['pUserGroups'] as $gID) {
$vals = array($data['pID'], $gID);
$db->Execute("INSERT INTO VividStoreProductUserGroups (pID,gID) VALUES (?,?)", $vals);
}
}
//update product groups
$db->Execute('DELETE FROM VividStoreProductGroups WHERE pID = ?', $data['pID']);
if (!empty($data['pProductGroups'])) {
foreach ($data['pProductGroups'] as $gID) {
$vals = array($pID, $gID);
$db->Execute("INSERT INTO VividStoreProductGroups (pID,gID) VALUES (?,?)", $vals);
}
}
//update option groups
$db->Execute('DELETE FROM VividStoreProductOptionGroups WHERE pID = ?', $data['pID']);
$db->Execute('DELETE FROM VividStoreProductOptionItems WHERE pID = ?', $data['pID']);
$count = count($data['pogSort']);
$ii = 0;
//set counter for items
if ($count > 0) {
for ($i = 0; $i < $count; $i++) {
$vals = array($data['pID'], $data['pogName'][$i], $data['pogSort'][$i]);
$db->Execute("INSERT INTO VividStoreProductOptionGroups (pID,pogName,pogSort) VALUES (?,?,?)", $vals);
//add option items
$pogID = $db->lastInsertId();
$itemsInGroup = count($data['optGroup' . $i]);
if ($itemsInGroup > 0) {
for ($gi = 0; $gi < $itemsInGroup; $gi++, $ii++) {
$vals = array($data['pID'], $pogID, $data['poiName'][$ii], $data['poiSort'][$ii]);
$db->Execute("INSERT INTO VividStoreProductOptionItems (pID,pogID,poiName,poiSort) VALUES (?,?,?,?)", $vals);
}
}
}
}
} else {
//else, we don't know it, so we're adding
$dt = Core::make('helper/date');
$now = $dt->getLocalDateTime();
//add product details
$vals = array($data['gID'], $data['pName'], $data['pDesc'], $data['pDetail'], $data['pPrice'], $data['pFeatured'], $data['pQty'], $data['pTaxable'], $data['pfID'], $data['pActive'], $data['pShippable'], $data['pWidth'], $data['pHeight'], $data['pLength'], $data['pWeight'], $now);
$db->Execute("INSERT INTO VividStoreProducts (gID,pName,pDesc,pDetail,pPrice,pFeatured,pQty,pTaxable,pfID,pActive,pShippable,pWidth,pHeight,pLength,pWeight,pDateAdded) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)", $vals);
//add additional images
$pID = $db->lastInsertId();
$count = count($data['pifID']);
if ($count > 0) {
for ($i = 0; $i < $count; $i++) {
$vals = array($pID, $data['pifID'][$i], $data['piSort'][$i]);
$db->Execute("INSERT INTO VividStoreProductImages (pID,pifID,piSort) VALUES (?,?,?)", $vals);
}
}
//insert user groups
if (!empty($data['pUserGroups'])) {
foreach ($data['pUserGroups'] as $gID) {
$vals = array($pID, $gID);
$db->Execute("INSERT INTO VividStoreProductUserGroups (pID,gID) VALUES (?,?)", $vals);
}
}
//insert product groups
if (!empty($data['pProductGroups'])) {
foreach ($data['pProductGroups'] as $gID) {
$vals = array($pID, $gID);
$db->Execute("INSERT INTO VividStoreProductGroups (pID,gID) VALUES (?,?)", $vals);
}
}
//add option groups
$count = count($data['pogSort']);
$ii = 0;
//set counter for items
if ($count > 0) {
for ($i = 0; $i < $count; $i++) {
$vals = array($pID, $data['pogName'][$i], $data['pogSort'][$i]);
$db->Execute("INSERT INTO VividStoreProductOptionGroups (pID,pogName,pogSort) VALUES (?,?,?)", $vals);
//add option items
$pogID = $db->lastInsertId();
$itemsInGroup = count($data['optGroup' . $i]);
if ($itemsInGroup > 0) {
for ($gi = 0; $gi < $itemsInGroup; $gi++, $ii++) {
$vals = array($pID, $pogID, $data['poiName'][$ii], $data['poiSort'][$ii]);
$db->Execute("INSERT INTO VividStoreProductOptionItems (pID,pogID,poiName,poiSort) VALUES (?,?,?,?)", $vals);
}
}
}
}
$product = Product::getByID($pID);
$product->generatePage($data['selectPageTemplate']);
}
//save files
$db->Execute("DELETE FROM VividStoreDigitalFiles WHERE pID=?", $pID);
$u = User::getByUserID(1);
$ui = \UserInfo::getByID($u->getUserID());
if ($data['dffID']) {
foreach ($data['dffID'] as $dffID) {
if ($dffID) {
$db->Execute("INSERT INTO VividStoreDigitalFiles(dffID,pID) VALUES (?,?)", array($dffID, $pID));
$fileObj = File::getByID($dffID);
$fs = \FileSet::getByName("Digital Downloads");
$fs->addFileToSet($fileObj);
$fileObj->resetPermissions(1);
$pk = \Concrete\Core\Permission\Key\FileKey::getByHandle('view_file');
$pk->setPermissionObject($fileObj);
$pao = $pk->getPermissionAssignmentObject();
$groupEntity = \Concrete\Core\Permission\Access\Entity\GroupEntity::getOrCreate(\Group::getByID(GUEST_GROUP_ID));
$pa = $pk->getPermissionAccessObject();
if ($pa) {
$pa->removeListItem($groupEntity);
$pao->assignPermissionAccess($pa);
}
}
}
}
$db->Execute("DELETE FROM VividStoreProductLocations where pID = ?", array($pID));
foreach ($data['cID'] as $cID) {
if ($cID > 0) {
$db->Execute("REPLACE INTO VividStoreProductLocations(pID,cID) VALUES (?,?)", array($pID, (int) $cID));
}
}
$product = Product::getByID($pID);
return $product;
}
$date = Loader::helper('form/date_time');
switch($_POST['gUserExpirationMethod']) {
case 'SET_TIME':
$g->setGroupExpirationByDateTime($date->translate('gUserExpirationSetDateTime'), $_POST['gUserExpirationAction']);
break;
case 'INTERVAL':
$g->setGroupExpirationByInterval($_POST['gUserExpirationIntervalDays'], $_POST['gUserExpirationIntervalHours'], $_POST['gUserExpirationIntervalMinutes'], $_POST['gUserExpirationAction']);
break;
}
} else {
$g->removeGroupExpiration();
}
}
if ($_REQUEST['task'] == 'edit') {
$g = Group::getByID(intval($_REQUEST['gID']));
if (is_object($g)) {
if ($_POST['update']) {
$gName = $_POST['gName'];
$gDescription = $_POST['gDescription'];
} else {
$gName = $g->getGroupName();
$gDescription = $g->getGroupDescription();
}
$editMode = true;
}
}
Loader::model('search/group');
$gl = new GroupSearch();
$gl->setItemsPerPage(-1);
$g1 = $gl->getPage();
if ($_POST['task'] == 'group_remove') {
if (!$token->validate('bulk_group_remove')) {
echo Loader::helper('json')->encode(array('error' => t("Invalid token.")));
exit;
}
// build the group array
$groupIDs = $_REQUEST['groupIDs'];
$groups = array();
if (is_array($groupIDs) && count($groupIDs)) {
foreach ($groupIDs as $gID) {
$groups[] = Group::getByID($gID);
}
}
foreach ($users as $ui) {
if ($ui instanceof UserInfo) {
$u = $ui->getUserObject();
foreach ($groups as $g) {
if ($gk->validate($g)) {
if ($u->inGroup($g)) {
// avoid messing up group enter times
$u->exitGroup($g);
}
}
}
}
}
<?php
defined('C5_EXECUTE') or die("Access Denied.");
if (Loader::helper('validation/token')->validate('process')) {
$js = Loader::helper('json');
$obj = new stdClass();
$g = Group::getByID($_REQUEST['gID']);
if (is_object($g)) {
$pae = GroupPermissionAccessEntity::getOrCreate($g);
$obj->peID = $pae->getAccessEntityID();
$obj->label = $pae->getAccessEntityLabel();
}
print $js->encode($obj);
}
public function set_site_permissions()
{
Loader::model('file_set');
$fs = FileSet::getGlobal();
$g1 = Group::getByID(GUEST_GROUP_ID);
$g2 = Group::getByID(REGISTERED_GROUP_ID);
$g3 = Group::getByID(ADMIN_GROUP_ID);
$fs->assignPermissions($g1, array('view_file_set_file'));
$fs->assignPermissions($g3, array('view_file_set_file', 'search_file_set', 'edit_file_set_file_properties', 'edit_file_set_file_contents', 'copy_file_set_files', 'edit_file_set_permissions', 'delete_file_set_files', 'delete_file_set', 'add_file'));
if (defined('ACTIVE_LOCALE') && ACTIVE_LOCALE != '' && ACTIVE_LOCALE != 'en_US') {
Config::save('SITE_LOCALE', ACTIVE_LOCALE);
}
Config::save('SITE', SITE);
Config::save('SITE_APP_VERSION', APP_VERSION);
Config::save('SITE_INSTALLED_APP_VERSION', APP_VERSION);
$u = new User();
$u->saveConfig('NEWSFLOW_LAST_VIEWED', 'FIRSTRUN');
$home = Page::getByID(1, "RECENT");
$home->assignPermissions($g1, array('view_page'));
$home->assignPermissions($g3, array('view_page_versions', 'preview_page_as_user', 'edit_page_properties', 'edit_page_contents', 'edit_page_speed_settings', 'edit_page_theme', 'edit_page_type', 'edit_page_permissions', 'delete_page', 'delete_page_versions', 'approve_page_versions', 'add_subpage', 'move_or_copy_page', 'schedule_page_contents_guest_access'));
}
foreach ($assignments as $asi) {
$ae = $asi->getAccessEntityObject();
if ($ae->getAccessEntityTypeHandle() == 'group') {
$group = $ae->getGroupObject();
if (is_object($group)) {
$editAccess[] = $group->getGroupID();
}
}
}
Loader::model('search/group');
$gl = new GroupSearch();
$gl->sortBy('gID', 'asc');
$gIDs = $gl->get();
$gArray = array();
foreach ($gIDs as $g) {
$gArray[] = Group::getByID($g['gID']);
}
$rel = Loader::helper('security')->sanitizeString($_REQUEST['rel']);
?>
<div class="ccm-ui">
<form method="post" id="ccmPermissionsForm" name="ccmPermissionsForm" action="<?php
echo $c->getCollectionAction();
?>
">
<input type="hidden" name="rel" value="<?php
echo h($rel);
?>
" />
<div class="clearfix">
/** Executes the job.
* @return string Returns a string describing the job result in case of success.
* @throws Exception Throws an exception in case of errors.
*/
public function run() {
Cache::disableCache();
Cache::disableLocalCache();
try {
$db = Loader::db();
$instances = array(
'navigation' => Loader::helper('navigation'),
'dashboard' => Loader::helper('concrete/dashboard'),
'view_page' => PermissionKey::getByHandle('view_page'),
'guestGroup' => Group::getByID(GUEST_GROUP_ID),
'now' => new DateTime('now')
);
$instances['guestGroupAE'] = array(GroupPermissionAccessEntity::getOrCreate($instances['guestGroup']));
$rsPages = $db->query('SELECT cID FROM Pages WHERE (cID > 1) ORDER BY cID');
$relName = ltrim(SITEMAPXML_FILE, '\\/');
$osName = rtrim(DIR_BASE, '\\/') . '/' . $relName;
$urlName = rtrim(BASE_URL . DIR_REL, '\\/') . '/' . $relName;
if(!file_exists($osName)) {
@touch($osName);
}
if(!is_writable($osName)) {
throw new Exception(t('The file %s is not writable', $osName));
}
if(!$hFile = fopen($osName, 'w')) {
throw new Exception(t('Cannot open file %s', $osName));
}
if(!@fprintf($hFile, '<'.'?xml version="1.0" encoding="%s"?>' . self::EOL . '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">', APP_CHARSET)) {
throw new Exception(t('Error writing header of %s', $osName));
}
$addedPages = 0;
if(self::AddPage($hFile, 1, $instances)) {
$addedPages++;
}
while($rowPage = $rsPages->FetchRow()) {
if(self::AddPage($hFile, intval($rowPage['cID']), $instances)) {
$addedPages++;
}
}
$rsPages->Close();
unset($rsPages);
if(!@fwrite($hFile, self::EOL . '</urlset>')) {
throw new Exception(t('Error writing footer of %s', $osName));
}
@fflush($hFile);
@fclose($hFile);
unset($hFile);
return t('%1$s file saved (%2$d pages).', $urlName, $addedPages);
}
catch(Exception $x) {
if(isset($rsPages) && $rsPages) {
$rsPages->Close();
$rsPages = null;
}
if(isset($hFile) && $hFile) {
@fflush($hFile);
@ftruncate($hFile, 0);
@fclose($hFile);
$hFile = null;
}
throw $x;
}
}
function add($gName, $gDescription) {
$db = Loader::db();
$v = array($gName, $gDescription);
$r = $db->prepare("insert into Groups (gName, gDescription) values (?, ?)");
$res = $db->Execute($r, $v);
if ($res) {
$ng = Group::getByID($db->Insert_ID());
Events::fire('on_group_add', $ng);
return $ng;
}
}
