/** * Direct access to field for custom operations, like for Ajax * * WARNING: direct unchecked access, except if $user is set, then check well for the $reason ... * * @param FieldTable $field * @param UserTable $user * @param array $postdata * @param string $reason 'profile' for user profile view, 'edit' for profile edit, 'register' for registration, 'search' for searches * @return string Expected output. */ public function fieldClass(&$field, &$user, &$postdata, $reason) { global $_CB_database, $_PLUGINS; parent::fieldClass($field, $user, $postdata, $reason); // Performs spoof check $userId = (int) $user->get('id'); $fieldName = $field->get('name'); $readOnly = $this->_isReadOnly($field, $user, $reason); $maxRating = (int) $field->params->get('rating_number', 5); $voteCount = (int) $field->params->get('rating_votes', 0); $voteNumerical = (int) $field->params->get('rating_numerical', 0); $forceWhole = (int) $field->params->get('rating_whole', 0); if (cbGetParam($_GET, 'function', null) == 'savevalue' && (!$readOnly && $this->getVoteAccess($field, $user)) && $userId) { $oldUserComplete = new UserTable($field->getDbo()); foreach (array_keys(get_object_vars($user)) as $k) { if (substr($k, 0, 1) != '_') { $oldUserComplete->set($k, $user->get($k)); } } $value = (double) stripslashes(cbGetParam($postdata, 'value')); if ($value > $maxRating) { $value = (double) $maxRating; } elseif ($value < 0) { $value = (double) '0'; } $postdata[$fieldName] = $value; if ($this->validate($field, $user, $fieldName, $value, $postdata, $reason) && (double) $this->getCurrentVote($field, $user) !== (double) $value) { $user->set($fieldName, (double) $this->insertVote($value, $field, $user)); $_PLUGINS->trigger('onBeforeUserUpdate', array(&$user, &$user, &$oldUserComplete, &$oldUserComplete)); $query = 'UPDATE ' . $_CB_database->NameQuote('#__comprofiler') . "\n SET " . $_CB_database->NameQuote($fieldName) . " = " . (double) $user->get($fieldName) . "\n WHERE " . $_CB_database->NameQuote('id') . " = " . $userId; $_CB_database->setQuery($query); if ($_CB_database->query()) { $_PLUGINS->trigger('onAfterUserUpdate', array(&$user, &$user, $oldUserComplete)); } } } $value = (double) $user->get($fieldName); if ($reason == 'list') { $fieldName = $fieldName . $userId; } if ($forceWhole) { $value = (double) round($value); } if ($value > $maxRating) { $value = (double) $maxRating; } elseif ($value < 0) { $value = (double) '0'; } $return = null; if (!in_array($reason, array('edit', 'register')) && $value) { $return .= '<div id="' . $fieldName . 'Total" class="cbRatingFieldTotal">' . '<div class="rateit" data-rateit-value="' . $value . '" data-rateit-ispreset="true" data-rateit-readonly="true" data-rateit-min="0" data-rateit-max="' . $maxRating . '"></div>'; if ($voteNumerical && $value) { $return .= ' <span class="cbRatingFieldNumerical" title="' . htmlspecialchars(CBTxt::T('Rating')) . '"><small>(' . $value . ')</small></span>'; } if ($voteCount) { $count = $this->getVoteCount($field, $user); if ($count) { $return .= ' <span class="cbRatingFieldCount" title="' . htmlspecialchars(CBTxt::T('Number of Votes')) . '"><small>(' . $count . ')</small></span>'; } } $return .= '</div>'; } return $return; }
/** * Direct access to field for custom operations, like for Ajax * * WARNING: direct unchecked access, except if $user is set, then check well for the $reason ... * * @param FieldTable $field * @param UserTable $user * @param array $postdata * @param string $reason 'profile' for user profile view, 'edit' for profile edit, 'register' for registration, 'search' for searches * @return string Expected output. */ public function fieldClass( &$field, &$user, &$postdata, $reason ) { if ( ( ! Application::Cms()->getClientId() ) && ( ! Application::MyUser()->isGlobalModerator() ) && in_array( $reason, array( 'register', 'edit' ) ) ) { parent::fieldClass( $field, $user, $postdata, $reason ); $function = cbGetParam( $_GET, 'function', null ); if ( $function == 'checkvalue' ) { $value = stripslashes( cbGetParam( $postdata, 'value', null ) ); if ( ! cbantispamCaptcha::getInstance( $field->get( 'name' ), $field->params->get( 'cbantispam_captcha_mode', null ) )->validateCaptcha( $value, false ) ) { $valid = false; $message = CBTxt::T( 'Captcha code not valid.' ); } else { $valid = true; $message = CBTxt::T( 'Captcha code is valid.' ); } return json_encode( array( 'valid' => $valid, 'message' => $message ) ); } } return null; }