public function save() { // check for request forgeries YRequest::checkToken() or jexit('Invalid Token'); // init vars $post = YRequest::get('post'); try { // bind post $this->application->bind($post, array('params')); // set params $params = $this->application->getParams()->remove('global.')->set('group', @$post['group'])->set('template', @$post['template'])->set('global.config.', @$post['params']['config'])->set('global.template.', @$post['params']['template']); if (isset($post['addons']) && is_array($post['addons'])) { foreach ($post['addons'] as $addon => $value) { $params->set("global.{$addon}.", $value); } } $this->application->params = $params->toString(); // save application YTable::getInstance('application')->save($this->application); // set redirect $msg = JText::_('Application Saved'); $link = $this->link_base . '&changeapp=' . $this->application->id; } catch (YException $e) { // raise notice on exception JError::raiseNotice(0, JText::_('Error Saving Application') . ' (' . $e . ')'); // set redirect $msg = null; $link = $this->baseurl . '&task=add'; } $this->setRedirect($link, $msg); }
public function save() { // check for request forgeries YRequest::checkToken() or jexit('Invalid Token'); // init vars $post = YRequest::get('post'); $post['description'] = YRequest::getVar('description', '', 'post', 'string', JREQUEST_ALLOWRAW); try { // bind post $this->application->bind($post, array('params')); // set params $this->application->params = $this->application->getParams()->remove('content.')->remove('config.')->remove('template.')->set('content.', @$post['params']['content'])->set('config.', @$post['params']['config'])->set('template.', @$post['params']['template'])->toString(); // save application YTable::getInstance('application')->save($this->application); // set redirect message $msg = JText::_('Frontpage Saved'); } catch (YException $e) { // raise notice on exception JError::raiseNotice(0, JText::_('Error Saving Frontpage') . ' (' . $e . ')'); $msg = null; } $this->setRedirect($this->baseurl, $msg); }
public function doExport() { // check for request forgeries YRequest::checkToken() or jexit('Invalid Token'); $group = $this->application->getGroup(); require_once JPATH_ROOT . '/administrator/includes/pcl/pclzip.lib.php'; $filepath = JPATH_ROOT . '/tmp/' . $group . '.zip'; $read_directory = ZOO_APPLICATION_PATH . '/' . $group . '/'; $zip = new PclZip($filepath); $files = YFile::readDirectoryFiles($read_directory, $read_directory, '', '/^[^\\.]/'); $zip->create($files, PCLZIP_OPT_ADD_PATH, '../', PCLZIP_OPT_REMOVE_PATH, $read_directory); if (is_readable($filepath) && JFile::exists($filepath)) { YFile::output($filepath); if (!JFile::delete($filepath)) { JError::raiseNotice(0, JText::_('Unable to delete file') . ' (' . $filepath . ')'); $this->setRedirect($this->baseurl . '&task=info'); } } else { JError::raiseNotice(0, JText::_('Unable to create file') . ' (' . $filepath . ')'); $this->setRedirect($this->baseurl . '&task=info'); } }
protected function _editTrustedMode($enabled) { // check for request forgeries YRequest::checkToken() or jexit('Invalid Token'); // init vars $cid = YRequest::getArray('cid', array(), 'int'); if (count($cid) < 1) { JError::raiseError(500, JText::_('Select a submission to enable/disable Trusted Mode')); } try { // get item table $table = YTable::getInstance('submission'); // update item state foreach ($cid as $id) { $submission = $table->get($id); $submission->params = $submission->getParams()->set('trusted_mode', $enabled)->toString(); $table->save($submission); } } catch (YException $e) { // raise notice on exception JError::raiseNotice(0, JText::_('Error enabling/disabling Submission Trusted Mode') . ' (' . $e . ')'); } $this->setRedirect($this->baseurl); }
protected function _editState($state) { // check for request forgeries YRequest::checkToken() or jexit('Invalid Token'); // init vars $cid = YRequest::getArray('cid', array(), 'int'); if (count($cid) < 1) { JError::raiseError(500, JText::_('Select a comment to edit state')); } try { // get comment table $table = YTable::getInstance('comment'); // update comment state foreach ($cid as $id) { $comment = $table->get($id); $comment->state = $state; $table->save($comment); } } catch (YException $e) { // raise notice on exception JError::raiseNotice(0, JText::_('Error editing Comment State') . ' (' . $e . ')'); } $this->setRedirect($this->baseurl); }
protected function _editComments($enabled) { // check for request forgeries YRequest::checkToken() or jexit('Invalid Token'); // init vars $cid = YRequest::getArray('cid', array(), 'int'); if (count($cid) < 1) { JError::raiseError(500, JText::_('Select a item to enable/disable comments')); } try { // get item table $table = YTable::getInstance('item'); // update item state foreach ($cid as $id) { $item = $table->get($id); $item->params = $item->getParams()->set('config.enable_comments', $enabled)->toString(); $table->save($item); } } catch (YException $e) { // raise notice on exception JError::raiseNotice(0, JText::_('Error enabling/disabling Item Comments') . ' (' . $e . ')'); } $this->setRedirect($this->baseurl); }
public function save() { // check for request forgeries YRequest::checkToken() or jexit('Invalid Token'); // init vars $post = JRequest::get('post'); $db = YDatabase::getInstance(); $tzoffset = JFactory::getConfig()->getValue('config.offset'); $now = JFactory::getDate(); $now->setOffset($tzoffset); $msg = ''; try { $this->_init(); // is this an item edit? $edit = (int) $this->item->id; // is current user the item owner and does the user have sufficient user rights if ($edit && (!$this->item->canAccess($this->user) || $this->item->created_by != $this->user->id)) { throw new YControllerException('You are not allowed to make changes to this item.'); } // get default category - only in none trusted mode $categories = array(); if (!$this->submission->isInTrustedMode() && ($category = $this->submission->getForm($this->type->id)->get('category'))) { $categories[] = $category; } // get element data from post if (isset($post['elements'])) { // filter element data if (!$this->submission->isInTrustedMode() && !UserHelper::isJoomlaAdmin($this->user)) { JRequest::setVar('elements', SubmissionHelper::filterData($post['elements'])); $post = JRequest::get('post'); } // merge elements into post $post = array_merge($post, $post['elements']); } // fix publishing dates in trusted mode if ($this->submission->isInTrustedMode()) { // set publish up date if (isset($post['publish_up'])) { if (empty($post['publish_up'])) { $post['publish_up'] = $now->toMySQL(true); } } // set publish down date if (isset($post['publish_down'])) { if (trim($post['publish_down']) == JText::_('Never') || trim($post['publish_down']) == '') { $post['publish_down'] = $db->getNullDate(); } } } // sanatize tags if (!isset($post['tags'])) { $post['tags'] = array(); } // build new item form and bind it with post data $form = new ItemForm(array('submission' => $this->submission, 'item' => $this->item, 'elements_config' => $this->elements_config)); $form->bind($post); // save item if form is valid if ($form->isValid()) { // set name $this->item->name = $form->getValue('name'); // bind elements foreach ($this->elements_config as $data) { if (($element = $this->item->getElement($data->element)) && ($field = $form->getFormField($data->element))) { if ($field_data = $field->hasError() ? $field->getTaintedValue() : $field->getValue()) { $element->bindData($field_data); } else { $element->bindData(); } // perform submission uploads if ($element instanceof iSubmissionUpload) { $element->doUpload(); } } } // set alias $this->item->alias = ItemHelper::getUniqueAlias($this->item->id, YString::sluggify($this->item->name)); // set modified $this->item->modified = $now->toMySQL(); $this->item->modified_by = $this->user->get('id'); // creating new item if (!$edit) { // set state $this->item->state = 0; // set created date $this->item->created = $now->toMySQL(); $this->item->created_by = $this->user->get('id'); $this->item->created_by_alias = ''; // set publish up - publish down $this->item->publish_up = $now->toMySQL(); $this->item->publish_down = $db->getNullDate(); // set access $this->item->access = 0; // set searchable $this->item->searchable = 1; } if ($this->submission->isInTrustedMode()) { // set state $this->item->state = $form->getValue('state'); // set publish up if (($publish_up = $form->getValue('publish_up')) && !empty($publish_up)) { $date = JFactory::getDate($publish_up, $tzoffset); $publish_up = $date->toMySQL(); } $this->item->publish_up = $publish_up; // set publish down if (($publish_down = $form->getValue('publish_down')) && !empty($publish_down) && !($publish_down == $db->getNullDate())) { $date = JFactory::getDate($publish_down, $tzoffset); $publish_down = $date->toMySQL(); } $this->item->publish_down = $publish_down; // set searchable $this->item->searchable = $form->getValue('searchable'); // set comments enabled $this->item->params = $this->item->getParams()->set('config.enable_comments', $form->getValue('enable_comments'))->toString(); // set frontpage if ($form->getValue('frontpage')) { $categories[] = 0; } // set categories $tmp_categories = $form->getValue('categories'); if (!empty($tmp_categories)) { foreach ($form->getValue('categories') as $category) { $categories[] = $category; } } // set tags $tags = $form->hasError('tags') ? $form->getTaintedValue('tags') : $form->getValue('tags'); $this->item->setTags($tags); } else { // spam protection - user may only submit items every SubmissionController::TIME_BETWEEN_PUBLIC_SUBMISSIONS seconds if (!$edit) { $timestamp = $this->session->get('ZOO_LAST_SUBMISSION_TIMESTAMP'); $now = time(); if ($now < $timestamp + SubmissionController::TIME_BETWEEN_PUBLIC_SUBMISSIONS) { throw new SubmissionControllerException('You are submitting to fast, please try again in a few moments.'); } $this->session->set('ZOO_LAST_SUBMISSION_TIMESTAMP', $now); } } // save item YTable::getInstance('item')->save($this->item); // save category relations - only if editing in trusted mode if (!$edit || $this->submission->isInTrustedMode()) { CategoryHelper::saveCategoryItemRelations($this->item->id, $categories); } // set redirect message $msg = $this->submission->isInTrustedMode() ? JText::_('Thanks for your submission.') : JText::_('Thanks for your submission. It will be reviewed before being posted on the site.'); // add form to session if form is not valid } else { $this->addFormToSession($form); } } catch (SubmissionControllerException $e) { // raise warning on exception JError::raiseWarning(0, (string) $e); } catch (YException $e) { // raise warning on exception JError::raiseWarning(0, JText::_('There was an error saving your submission, please try again later.')); // add exception details, for super administrators only if ($this->user->superadmin) { JError::raiseWarning(0, (string) $e); } } // redirect to mysubmissions if ($this->redirect == 'mysubmissions' && $form && $form->isValid()) { $link = RouteHelper::getMySubmissionsRoute($this->submission); // redirect to edit form } else { $link = RouteHelper::getSubmissionRoute($this->submission, $this->type->id, $this->hash, $this->item_id, $this->redirect); } $link = JRoute::_($link, false); $this->setRedirect($link, $msg); }
public function _editPublished($published, $msg) { // check for request forgeries YRequest::checkToken() or jexit('Invalid Token'); // init vars $cid = YRequest::getArray('cid', array(), 'int'); if (count($cid) < 1) { JError::raiseError(500, $msg); } try { // get category table $table = YTable::getInstance('category'); // update published state foreach ($cid as $id) { $category = $table->get($id); $category->setPublished($published); $table->save($category); } } catch (YException $e) { // raise notice on exception JError::raiseNotice(0, JText::_('Error editing Item Published State') . ' (' . $e . ')'); $msg = null; } $this->setRedirect($this->baseurl); }
public function save() { // check for request forgeries YRequest::checkToken() or jexit('Invalid Token'); // set currently active author $this->author = CommentHelper::activeAuthor(); // init vars $redirect = YRequest::getString('redirect'); $login = YRequest::getString(CommentHelper::COOKIE_PREFIX . 'login', '', 'cookie'); if ($this->author->getUserType() == $login) { if ($this->params->get('enable_comments', false)) { // init vars $content = YRequest::getVar('content', null, '', 'string', JREQUEST_ALLOWRAW); $item_id = YRequest::getInt('item_id', 0); $parent_id = YRequest::getInt('parent_id', 0); // filter content $content = CommentHelper::filterContentInput($content); // set content in session $this->session->set('com_zoo.comment.content', $content); // set author name, email and url, if author is guest if ($this->author->isGuest()) { $this->author->name = YRequest::getString('author'); $this->author->email = YRequest::getString('email'); $this->author->url = YRequest::getString('url'); // save cookies CommentHelper::saveCookies($this->author->name, $this->author->email, $this->author->url); } try { // get comment table $table = YTable::getInstance('comment'); // get parent $parent = $table->get($parent_id); $parent_id = $parent && $parent->item_id == $item_id ? $parent->id : 0; // create comment $comment = new Comment(); $comment->parent_id = $parent_id; $comment->item_id = $item_id; $comment->ip = CommentHelper::getClientIP(); $comment->created = JFactory::getDate()->toMySQL(); $comment->content = $content; $comment->state = Comment::STATE_UNAPPROVED; // auto approve comment $approved = $this->params->get('approved', 0); if ($this->author->isJoomlaAdmin()) { $comment->state = Comment::STATE_APPROVED; } else { if ($approved == 1) { $comment->state = Comment::STATE_APPROVED; } else { if ($approved == 2 && $table->getApprovedCommentCount($this->author)) { $comment->state = Comment::STATE_APPROVED; } } } // bind Author $comment->bindAuthor($this->author); // validate comment, if not an administrator if (!$this->author->isJoomlaAdmin()) { $this->_validate($comment); } // save comment $table->save($comment); // remove content from session, if comment was saved $this->session->set('com_zoo.comment.content', ''); } catch (CommentControllerException $e) { // raise warning on exception JError::raiseWarning(0, (string) $e); } catch (YException $e) { // raise warning on exception JError::raiseWarning(0, JText::_('ERROR_SAVING_COMMENT')); // add exception details, for super administrators only if ($this->user->superadmin) { JError::raiseWarning(0, (string) $e); } } // add anchor to redirect, if comment was saved if ($comment->id) { $redirect .= '#comment-' . $comment->id; } } else { // raise warning on comments not enabled JError::raiseWarning(0, JText::_('Comments are not enabled.')); } } else { // raise warning on exception JError::raiseWarning(0, JText::_('ERROR_SAVING_COMMENT')); // add exception details, for super administrators only if ($this->user->superadmin) { JError::raiseWarning(0, JText::_('User types didn\'t match.')); } } $this->setRedirect($redirect); }