예제 #1
0
 public function close()
 {
     // Check for token
     JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN'));
     // User
     $user = JFactory::getUser();
     if (!$user->authorise('core.edit', 'com_users')) {
         K2Response::throwError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'), 403);
     }
     $this->model->close();
     return $this;
 }
예제 #2
0
 public function deleteOrphans()
 {
     // Check for token
     JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN'));
     // Check permissions
     $user = JFactory::getUser();
     if (!$user->authorise('k2.tags.manage', 'com_k2')) {
         K2Response::throwError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'));
     }
     // Get model
     $model = K2Model::getInstance('Tags');
     $model->deleteOrphans();
     $application = JFactory::getApplication();
     $application->enqueueMessage(JText::_('K2_DELETE_COMPLETED'));
     echo json_encode(K2Response::render());
     return $this;
 }
예제 #3
0
 /**
  * Update function.
  * Updates an existing resource.
  *
  * @return void
  */
 protected function update()
 {
     // Check for token
     JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN'));
     // Permissions
     $user = JFactory::getUser();
     if (!$user->authorise('core.admin', 'com_k2')) {
         K2Response::throwError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'));
     }
     // Get extension
     $component = JComponentHelper::getComponent('com_k2');
     // Prepare data for model
     $id = $component->id;
     $option = 'com_k2';
     $data = $this->input->get('jform', array(), 'array');
     // Use Joomla! model for saving settings
     require_once JPATH_SITE . '/components/com_config/model/cms.php';
     require_once JPATH_SITE . '/components/com_config/model/form.php';
     JModelLegacy::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_config/model');
     $model = JModelLegacy::getInstance('Component', 'ConfigModel');
     // Get form
     JForm::addFormPath(JPATH_ADMINISTRATOR . '/components/com_k2');
     $form = JForm::getInstance('com_k2.settings', 'config', array('control' => 'jform'), false, '/config');
     // Validate the posted data
     $return = $model->validate($form, $data);
     // Check for validation errors
     if ($return === false) {
         // Get the validation errors
         $errors = $model->getErrors();
         $message = $errors[0] instanceof Exception ? $errors[0]->getMessage() : $errors[0];
         K2Response::throwError($message);
     }
     // Attempt to save the configuration.
     $data = array('params' => $return, 'id' => $id, 'option' => $option);
     $return = $model->save($data);
     $options = array('defaultgroup' => '_system', 'cachebase' => JPATH_ADMINISTRATOR . '/cache');
     $cache = JCache::getInstance('callback', $options);
     $cache->clean();
     // Check the return value.
     if ($return === false) {
         // Save failed, go back to the screen and display a notice.
         K2Response::throwError(JText::sprintf('JERROR_SAVE_FAILED', $model->getError()));
     }
 }
예제 #4
0
 public function upload()
 {
     // Check for token
     JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN'));
     // Get user
     $user = JFactory::getUser();
     // Get input
     $type = $this->input->get('type', '', 'cmd');
     $itemId = $this->input->get('itemId', 0, 'int');
     $replace = $this->input->get('temp', '', 'cmd');
     $file = $this->input->files->get('file');
     $path = $this->input->get('path', '', 'string');
     $path = str_replace(JURI::root(true) . '/', '', $path);
     $categoryId = null;
     // Permissions check
     if ($itemId) {
         if ($type == 'item') {
             $item = K2Items::getInstance($itemId);
             $authorised = $item->canEdit;
             $categoryId = $item->catid;
         } else {
             if ($type == 'category') {
                 $authorised = K2Categories::getInstance($itemId)->canEdit;
             } else {
                 if ($type == 'user') {
                     $authorised = $user->authorise('core.edit', 'com_users') || $user->id == $itemId;
                 }
             }
         }
     } else {
         $authorised = $user->authorise('k2.' . $type . '.create', 'com_k2');
     }
     if (!$authorised) {
         K2Response::throwError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'), 403);
     }
     // Generate image using helper depending on type
     $image = K2HelperImages::add($type, $file, $path, $replace, $categoryId);
     // Response
     echo json_encode($image);
     return $this;
 }
예제 #5
0
 public function upload()
 {
     // Check for token
     JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN'));
     // Get user
     $user = JFactory::getUser();
     // Permissions check
     if (!$user->authorise('k2.item.create', 'com_k2') && !$user->authorise('k2.item.edit', 'com_k2') && !$user->authorise('k2.item.edit.own', 'com_k2')) {
         K2Response::throwError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'), 403);
     }
     // Get input
     $input = JFactory::getApplication()->input;
     $upload = $input->get('upload', '', 'cmd');
     $url = $input->get('url', '', 'string');
     $archive = $input->files->get('archive');
     // Create the gallery and delete the previous one if it is set
     $gallery = K2HelperGalleries::add($archive, $url, $upload);
     // Response
     echo json_encode($gallery);
     // Return
     return $this;
 }
예제 #6
0
 public function connector()
 {
     $application = JFactory::getApplication();
     $user = JFactory::getUser();
     if ($user->guest) {
         K2Response::throwError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'), 403);
     }
     $params = JComponentHelper::getParams('com_media');
     $root = $params->get('file_path', 'media');
     $folder = $this->input->get('folder', $root, 'path');
     $type = $this->input->get('type', 'video', 'cmd');
     if (JString::trim($folder) == "") {
         $folder = $root;
     } else {
         // Ensure that we are always below the root directory
         if (strpos($folder, $root) !== 0) {
             $folder = $root;
         }
     }
     // Disable debug
     $this->input->set('debug', false);
     $url = JURI::root(true) . '/' . $folder;
     $path = JPATH_SITE . '/' . JPath::clean($folder);
     JPath::check($path);
     include_once JPATH_SITE . '/media/k2app/vendor/elfinder/php/elFinderConnector.class.php';
     include_once JPATH_SITE . '/media/k2app/vendor/elfinder/php/elFinder.class.php';
     include_once JPATH_SITE . '/media/k2app/vendor/elfinder/php/elFinderVolumeDriver.class.php';
     include_once JPATH_SITE . '/media/k2app/vendor/elfinder/php/elFinderVolumeLocalFileSystem.class.php';
     function access($attr, $path, $data, $volume)
     {
         $application = JFactory::getApplication();
         $ext = strtolower(JFile::getExt(basename($path)));
         if ($ext == 'php') {
             return true;
         }
         // Hide files and folders starting with .
         if (strpos(basename($path), '.') === 0 && $attr == 'hidden') {
             return true;
         }
         // Read only access for front-end. Full access for administration section.
         switch ($attr) {
             case 'read':
                 return true;
                 break;
             case 'write':
                 return $application->isSite() ? false : true;
                 break;
             case 'locked':
                 return $application->isSite() ? true : false;
                 break;
             case 'hidden':
                 return false;
                 break;
         }
     }
     if ($application->isAdmin()) {
         $permissions = array('read' => true, 'write' => true);
     } else {
         $permissions = array('read' => true, 'write' => false);
     }
     $options = array('roots' => array(array('driver' => 'LocalFileSystem', 'path' => $path, 'URL' => $url, 'accessControl' => 'access', 'defaults' => $permissions)));
     $connector = new elFinderConnector(new elFinder($options));
     $connector->run();
     return $this;
 }
예제 #7
0
 /**
  * Default implementation for patch function.
  * Patch requests are routed here by the main Sync function.
  * These requests are usually coming from lists togglers and state buttons.
  * Usually there will be no need to override this function.
  *
  * @return void
  */
 protected function patch()
 {
     // Check for token
     JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN'));
     // Batch update
     $ids = $this->input->get('id', array(), 'array');
     JArrayHelper::toInteger($ids);
     $states = $this->input->get('states', array(), 'array');
     $mode = $this->input->get('mode', 'apply', 'string');
     // Ensure we have ids
     $ids = array_filter($ids);
     if (!count($ids)) {
         K2Response::throwError(JText::_('K2_NO_ROWS_SELECTED'), 401);
     }
     foreach ($ids as $key => $id) {
         $data = array();
         $data['id'] = $id;
         foreach ($states as $state => $values) {
             $value = is_array($values) ? $values[$key] : $values;
             if ($value != '') {
                 $data[$state] = $value;
             }
         }
         if ($mode == 'clone') {
             $sourceData = $this->model->getCopyData($id);
             $data = array_merge($sourceData, $data);
             $data['id'] = null;
             $this->model->setState('patch', false);
         } else {
             $this->model->setState('patch', true);
         }
         $this->model->setState('data', $data);
         $result = $this->model->save();
         if (!$result) {
             K2Response::throwError($this->model->getError());
         }
     }
     // Trigger change state event for items and categories
     if ($mode != 'clone' && isset($states['state']) && in_array($this->resourceType, array('items', 'categories'))) {
         // Get dispatcher
         $dispatcher = JDispatcher::getInstance();
         // Import content plugins
         JPluginHelper::importPlugin('content');
         if ($this->resourceType == 'items') {
             $eventName = 'onContentChangeState';
             $context = 'com_k2.' . $this->resourceType;
         } else {
             if ($this->resourceType == 'categories') {
                 $eventName = 'onCategoryChangeState';
                 $context = 'com_k2';
             }
         }
         $dispatcher->trigger($eventName, array($context, $ids, $states['state']));
     }
     K2Response::setResponse($result);
 }
예제 #8
0
 public function onAfterRoute()
 {
     // Get application
     $application = JFactory::getApplication();
     // Get user
     $user = JFactory::getUser();
     // Get params
     $params = JComponentHelper::getParams('com_k2');
     // Get document
     $document = JFactory::getDocument();
     // Get input
     $option = $application->input->get('option');
     $view = $application->input->get('view');
     $task = $application->input->get('task');
     $format = $application->input->get('format');
     // Detect if we are in edit mode
     if ($application->isAdmin() && $option == 'com_k2' || $application->isSite() && $option == 'com_k2' && ($view == 'admin' || $view == '')) {
         define('K2_EDIT_MODE', true);
     } else {
         define('K2_EDIT_MODE', false);
     }
     // Redirect settings editing from com_config to K2
     if ($application->isAdmin() && $option == 'com_config' && $view == 'component' && $application->input->get('component') == 'com_k2') {
         $application->redirect('index.php?option=com_k2#settings');
     }
     // Throw an error in JSON format when the session has expired to catch the Joomla! invalid redirect to com_login in JSON format
     $isCommentsRequest = $application->isSite() && K2_EDIT_MODE && $task == 'comments.sync';
     if ($user->get('guest') && K2_EDIT_MODE && $format == 'json' && !$isCommentsRequest) {
         K2Response::throwError(JText::_('K2_SESSION_EXPIRED'), 500);
     }
     // Front-end only check
     if ($application->isSite()) {
         // Enforce system template for editing
         if (K2_EDIT_MODE) {
             $application->setTemplate('system');
         }
         // Load head data if document type is HTML
         if ($document->getType() == 'html') {
             // Javascript files
             JHtml::_('jquery.framework');
             $document->addScript(JURI::root(true) . '/media/k2app/assets/js/k2.js?v3.0.0&sitepath=' . JURI::root(true) . '/');
             // CSS files. Check first that K2 CSS is enabled in component settings
             if ($params->get('enable_css')) {
                 // Load k2.css. Check for overrides in template's css directory
                 if (JFile::exists(JPATH_SITE . '/templates/' . $application->getTemplate() . '/css/k2.css')) {
                     $document->addStyleSheet(JURI::root(true) . '/templates/' . $application->getTemplate() . '/css/k2.css?v=3.0.0');
                 } else {
                     $document->addStyleSheet(JURI::root(true) . '/components/com_k2/css/k2.css?v=3.0.0');
                 }
                 // Load k2.print.css if we are in print mode. Check for overrides in template's css directory
                 if ($application->input->get('print', false, 'bool')) {
                     if (JFile::exists(JPATH_SITE . '/templates/' . $application->getTemplate() . '/css/k2.print.css')) {
                         $document->addStyleSheet(JURI::root(true) . '/templates/' . $application->getTemplate() . '/css/k2.print.css?v=3.0.0', 'text/css', 'print');
                     } else {
                         $document->addStyleSheet(JURI::root(true) . '/components/com_k2/css/k2.print.css?v=3.0.0', 'text/css', 'print');
                     }
                 }
             }
         }
     }
 }
예제 #9
0
 private function importCategory($category)
 {
     $categoryData = array();
     $categoryData['id'] = null;
     $categoryData['title'] = $category->title;
     $categoryData['description'] = $category->description;
     if ($category->published < 0) {
         $categoryData['state'] = -1;
     } else {
         if ($category->published > 0) {
             $categoryData['state'] = 1;
         } else {
             $categoryData['state'] = 0;
         }
     }
     $categoryData['parent_id'] = 0;
     $categoryData['access'] = $category->access;
     $categoryData['language'] = $category->language;
     $categoryParams = new JRegistry($category->params);
     $categoryImage = $categoryParams->get('image');
     if ($categoryImage) {
         $image = K2HelperImages::add('category', null, $categoryImage);
         $categoryData['image'] = array('id' => '', 'temp' => $image->temp, 'path' => '', 'remove' => 0, 'caption' => '', 'credits' => '');
     }
     $model = K2Model::getInstance('Categories');
     $model->setState('data', $categoryData);
     if (!$model->save()) {
         K2Response::throwError($model->getError());
     }
     // Get generated category id
     $categoryId = $model->getState('id');
     // Import JForm
     jimport('joomla.form.form');
     // Determine form name and path
     $formName = 'K2CategoriesForm';
     $formPath = JPATH_ADMINISTRATOR . '/components/com_k2/models/categories.xml';
     $form = JForm::getInstance($formName, $formPath);
     $params = new JRegistry('');
     foreach ($form->getFieldset() as $field) {
         $params->def($field->__get('fieldname'), $field->__get('value'));
     }
     // Update date and author information since the model has auto set this data during save
     $db = JFactory::getDbo();
     $query = $db->getQuery(true);
     $query->update($db->quoteName('#__k2_categories'));
     $query->set($db->quoteName('created') . ' = ' . $db->quote($category->created_time));
     $query->set($db->quoteName('modified') . ' = ' . $db->quote($category->modified_time));
     $query->set($db->quoteName('created_by') . ' = ' . $db->quote($category->created_user_id));
     $query->set($db->quoteName('modified_by') . ' = ' . $db->quote($category->modified_user_id));
     $query->set($db->quoteName('params') . ' = ' . $db->quote($params->toString()));
     $query->where($db->quoteName('id') . ' = ' . $categoryId);
     $db->setQuery($query);
     $db->execute();
     return $categoryId;
 }
예제 #10
0
 public function report()
 {
     // Check for token
     JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN'));
     // Get application
     $application = JFactory::getApplication();
     // Get configuration
     $configuration = JFactory::getConfig();
     // Get input
     $id = $application->input->get('id', 0, 'int');
     $reportName = $application->input->get('reportName', '', 'string');
     $reportReason = $application->input->get('reportReason', '', 'string');
     // Get params
     $params = JComponentHelper::getParams('com_k2');
     // Get user
     $user = JFactory::getUser();
     // Check if user can report
     if (!$params->get('comments') || !$params->get('commentsReporting') || $params->get('commentsReporting') == '2' && $user->guest) {
         K2Response::throwError(JText::_('K2_ALERTNOTAUTH'), 403);
     }
     // Get comment
     $comment = K2Comments::getInstance($id);
     // Check comment is published
     if (!$comment->state) {
         K2Response::throwError(JText::_('K2_COMMENT_NOT_FOUND'));
     }
     // Get item
     $item = K2Items::getInstance($comment->itemId);
     // Check access to the item
     $item->checkSiteAccess();
     // Check input
     if (trim($reportName) == '') {
         K2Response::throwError(JText::_('K2_PLEASE_TYPE_YOUR_NAME'));
     }
     if (trim($reportReason) == '') {
         K2Response::throwError(JText::_('K2_PLEASE_TYPE_THE_REPORT_REASON'));
     }
     // Check captcha depending on settings
     require_once JPATH_SITE . '/components/com_k2/helpers/captcha.php';
     $data = $this->getInputData();
     if (!($result = K2HelperCaptcha::check($data, $this))) {
         K2Response::throwError($this->getError());
     }
     $mailer = JFactory::getMailer();
     $senderEmail = $configuration->get('mailfrom');
     $senderName = $configuration->get('fromname');
     $mailer->setSender(array($senderEmail, $senderName));
     $mailer->setSubject(JText::_('K2_COMMENT_REPORT'));
     $mailer->IsHTML(true);
     $body = "\n        <strong>" . JText::_('K2_NAME') . "</strong>: " . $reportName . " <br/>\n        <strong>" . JText::_('K2_REPORT_REASON') . "</strong>: " . $reportReason . " <br/>\n        <strong>" . JText::_('K2_COMMENT') . "</strong>: " . nl2br($comment->text) . " <br/>\n        ";
     $mailer->setBody($body);
     $mailer->ClearAddresses();
     $mailer->AddAddress($params->get('commentsReportRecipient', $configuration->get('mailfrom')));
     $mailer->Send();
     $application->enqueueMessage(JText::_('K2_REPORT_SUBMITTED'));
     echo json_encode(K2Response::render());
     return $this;
 }