public function generateJsonResponse($action, $do, $data) { $response = ''; if (JDEBUG == 1 && defined('JFIREPHP')) { FB::log("Kunena JSON action: " . $action); } // Sanitize $data variable $data = $this->_db->getEscaped($data); if ($this->_my->id) { // We only entertain json requests for registered and logged in users switch ($action) { case 'autocomplete': $response = $this->_getAutoComplete($do, $data); break; case 'preview': $body = JRequest::getVar('body', '', 'post', 'string', JREQUEST_ALLOWRAW); $response = $this->_getPreview($body); break; case 'pollcatsallowed': // TODO: deprecated $response = $this->_getPollsCatsAllowed(); break; case 'pollvote': $vote = JRequest::getInt('kpollradio', ''); $id = JRequest::getInt('kpoll-id', 0); if (!JRequest::checkToken()) { return false; } $response = $this->_addPollVote($vote, $id, $this->_my->id); break; case 'pollchangevote': $vote = JRequest::getInt('kpollradio', ''); $id = JRequest::getInt('kpoll-id', 0); if (!JRequest::checkToken()) { return false; } $response = $this->_changePollVote($vote, $id, $this->_my->id); break; case 'anynomousallowed': // TODO: deprecated $response = $this->_anynomousAllowed(); break; case 'uploadfile': $response = $this->_uploadFile($do); break; case 'modtopiclist': $response = $this->_modTopicList($data); break; case 'removeattachment': $response = $this->_removeAttachment($data); break; default: break; } } else { $response = array('status' => '-1', 'error' => JText::_('COM_KUNENA_AJAX_PERMISSION_DENIED')); } // Output the JSON data. return json_encode($response); }
/** * Esegue l'escape di una stringa per l'inserimento in una query * FUNZIONE CHIAMATA DAL MODULO DEVE ESSERE SEMPRE IMPLEMENTATA QUI * @param string $text * @return string */ public function escape($text) { if (version_compare(JVERSION, '1.6.0', 'ge')) { return $this->db->escape($text); } else { return $this->db->getEscaped($text); } }
/** * Get a database escaped string. For LIKE statemends: $db->Quote( $db->getEscaped( $text, true ) . '%', false ) * * @param string $text * @param boolean $escapeForLike : escape also % and _ wildcards for LIKE statements with % or _ in search strings (since CB 1.2.3) * @return string */ function getEscaped($text, $escapeForLike = false) { if (checkJversion() >= 2) { $result = $this->_db->escape($text); } else { $result = $this->_db->getEscaped($text); } if ($escapeForLike) { $result = str_replace(array('%', '_'), array("\\%", "\\_"), $result); } return $result; }