/** * Returns full label of the type of the field (backend use only!) * * @return string plugin name: label (found in xml file) */ public function getFieldsParamsLabel() { global $_PLUGINS; $plugin = $_PLUGINS->getPluginObject($this->_pluginid); if ($this->_fieldXml) { return $plugin->name . ': ' . $this->_fieldXml->attributes('label'); } return $plugin->name . ': ' . "specific field-parameters"; }
/** * Checks authorization to perform an action: <action permission="core.edit or core.edit.own and core.manage" (and has prio over or) * * @param SimpleXMLElement $action * @return boolean * @throws \InvalidArgumentException */ public static function authorised($action) { $permission = $action->attributes('permission'); if ($permission === null) { return true; } $assetname = $action->attributes('permissionasset'); if (!$assetname) { $parent = $action->xpath('ancestor::*[@permissionasset]'); if ($parent) { $assetname = $parent[0]->attributes('permissionasset'); } } if (!$assetname) { trigger_error(CBTxt::T('TAG_NAME_MISSING_ASSET_NAME', '[tag] [name] missing asset name', array('[tag]' => $action->getName(), '[name]' => $action->attributes('name')))); $assetName = 'com_cbsubs'; // CBSubs GPL 3.0.0 is the only ones that will ever need that ! } /// $me = CBuser::getMyInstance(); $ors = explode(' or ', $permission); foreach ($ors as $or) { $ands = explode(' and ', $or); $stillOk = true; foreach ($ands as $perm) { /// if ( ! $me->authoriseAction( trim( $perm ), $assetname ) ) { if (!static::authoriseAction(trim($perm), $assetname)) { $stillOk = false; break; } } if ($stillOk) { return true; } } return false; }
/** * @param string $cbUri The CB-URI (cbo;,,,) * @param SimpleXMLElement $sourceElem The XML element from which the URL is computed * @param TableInterface $data The data of the object for dynamic URL request values * @param int $id The id of the current row * @param bool $htmlspecialchars If htmlspecialchars should be made for this * @param bool $inPage URL target: true: html (full page), false: raw (only center component content) * @return string The URL */ function drawUrl($cbUri, SimpleXMLElement $sourceElem, $data, $id, $htmlspecialchars = true, $inPage = true) { global $_CB_framework; if (!Access::authorised($sourceElem)) { return null; } $ui = $_CB_framework->getUi(); $actionName = null; if (substr($cbUri, 0, 4) == 'cbo:') { $subTaskValue = substr($cbUri, 4); switch ($subTaskValue) { /** @noinspection PhpMissingBreakStatementInspection */ case 'newrow': // $id = 0; // fallthrough: no break on purpose. // $id = 0; // fallthrough: no break on purpose. case 'rowedit': //TBD this is duplicate of below $baseUrl = 'index.php'; if ($this->_options['view'] == 'editPlugin') { $task = $this->_options['view']; } else { $task = 'editrow'; } $baseUrl .= '?option=' . $this->_options['option'] . '&view=' . $task; if (isset($this->_options['pluginid'])) { $baseUrl .= '&cid=' . $this->_options['pluginid']; } $url = $baseUrl . '&table=' . $this->_tableBrowserModel->attributes('name') . '&action=editrow'; // below: . '&tid=' . $id; break; case 'saveorder': case 'editrows': case 'deleterows': case 'copyrows': case 'updaterows': case 'publish': case 'unpublish': case 'enable': case 'disable': default: $url = 'javascript:cbDoListTask(this, ' . "'" . addslashes($this->taskName(false)) . "','" . addslashes($this->subtaskName(false)) . "','" . addslashes($this->subtaskValue($subTaskValue, false)) . "','" . addslashes($this->fieldId('id', null, false)) . "'" . ");"; break; } } elseif (substr($cbUri, 0, 10) == 'cb_action:') { $actionName = substr($cbUri, 10); $action = $this->_actions->getChildByNameAttr('action', 'name', $actionName); if ($action) { if (!Access::authorised($action)) { return null; } $requestNames = explode(' ', $action->attributes('request')); $requestValues = explode(' ', $action->attributes('action')); $parametersValues = explode(' ', $action->attributes('parameters')); $baseUrl = 'index.php'; $baseUrl .= '?'; $baseRequests = array('option' => 'option', 'view' => 'view', 'cid' => 'pluginid'); $urlParams = array(); foreach ($baseRequests as $breq => $breqOptionsValue) { if (!(in_array($breq, $requestNames) || in_array($breq, $parametersValues)) && isset($this->_options[$breqOptionsValue])) { $urlParams[$breq] = $breq . '=' . $this->_options[$breqOptionsValue]; } } for ($i = 0, $n = count($requestNames); $i < $n; $i++) { $urlParams[$requestNames[$i]] = $requestNames[$i] . '=' . $requestValues[$i]; // other parameters = paramvalues added below } $url = $baseUrl . implode('&', $urlParams); } else { $url = "#action_not_defined:" . $actionName; } } else { $url = cbUnHtmlspecialchars($cbUri); } if (cbStartOfStringMatch($url, 'index.php')) { // get the parameters of action/link from XML : $parametersNames = explode(' ', $sourceElem->attributes('parameters')); $parametersValues = explode(' ', $sourceElem->attributes('paramvalues')); $parametersValuesTypes = explode(' ', $sourceElem->attributes('paramvaluestypes')); // generate current action (and parameters ?) as cbprevstate $cbprevstate = array(); foreach ($this->_options as $req => $act) { if ($req && $act && !in_array($req, array('cbprevstate'))) { $cbprevstate[] = $req . '=' . $act; } } $parametersNames[] = 'cbprevstate'; $parametersValues[] = "'" . base64_encode(implode('&', $cbprevstate)) . "'"; // finally generate URL: for ($i = 0, $n = count($parametersNames); $i < $n; $i++) { $nameOfVariable = $parametersValues[$i]; if ($nameOfVariable != '') { if (isset($parametersValuesTypes[$i]) && $parametersValuesTypes[$i]) { if ($parametersValuesTypes[$i] == 'sql:field') { if (is_callable(array($data, 'get'))) { $nameOfVariable = $data->get($nameOfVariable); } else { $nameOfVariable = $data->{$nameOfVariable}; } } else { // $nameOfVariable untouched } } elseif (substr($nameOfVariable, 0, 1) == "'" && substr($nameOfVariable, -1) == "'") { $nameOfVariable = substr($nameOfVariable, 1, -1); } else { if (is_callable(array($data, 'get'))) { $nameOfVariable = $data->get($nameOfVariable); } else { $nameOfVariable = $data->{$nameOfVariable}; } } $url .= '&' . $parametersNames[$i] . '=' . urlencode($nameOfVariable); } } if ($ui == 2) { $url = $_CB_framework->backendUrl($url, $htmlspecialchars, $inPage ? 'html' : 'component'); } else { $url = cbSef($url, $htmlspecialchars, $inPage ? 'html' : 'component'); } } elseif ($htmlspecialchars) { $url = htmlspecialchars($url); } return $url; }
/** * Writes the edit form for new and existing module * * A new record is defined when <var>$row</var> is passed with the <var>id</var> * property set to 0. * * @param array $options * @param array $actionPath * @param SimpleXMLElement $viewModel * @param TableInterface|\stdClass $data * @param RegistryEditController $params * @param PluginTable $pluginRow * @param string $viewType ( 'view', 'param', 'depends': means: <param> tag => param, <field> tag => view ) * @param string $cbprevstate * @param boolean $htmlOutput True to output headers for CSS and Javascript */ public static function editPluginView($options, $actionPath, $viewModel, $data, $params, $pluginRow, $viewType, $cbprevstate, $htmlOutput) { global $_CB_framework, $_CB_Backend_Title, $_PLUGINS, $ueConfig; $name = $viewModel->attributes('name'); $label = $viewModel->attributes('label'); $iconPair = explode(':', $viewModel->attributes('icon')); if (count($iconPair) > 1) { $iconset = isset($iconPair[0]) ? $iconPair[0] : null; $icon = isset($iconPair[1]) ? $iconPair[1] : null; } else { $iconset = 'fa'; $icon = isset($iconPair[0]) ? $iconPair[0] : null; } if ($icon) { if ($iconset == 'fa') { $icon = 'fa fa-' . $icon; } elseif ($iconset) { $icon = $iconset . $icon; } } $id = null; if (is_object($data)) { $dataArray = get_object_vars($data); if (in_array('id', $dataArray)) { // General object $id = (int) $data->id; } elseif (in_array('tabid', $dataArray)) { // Field object $id = (int) $data->tabid; } elseif (in_array('fieldid', $dataArray)) { // Tab object $id = (int) $data->fieldid; } } if ($id !== null) { if (isset($data->title)) { $item = $data->title; } elseif (isset($data->name)) { $item = $data->name; } else { $item = $id; } $title = ($id ? CBTxt::T('Edit') : CBTxt::T('New')) . ($label ? ' ' . htmlspecialchars(CBTxt::T($label)) . ' ' : null) . ($item ? ' [' . htmlspecialchars(CBTxt::T($item)) . ']' : null); } else { $title = $label ? htmlspecialchars(CBTxt::T($label)) : null; } if ($viewModel->attributes('label')) { $showDisclaimer = true; if ($pluginRow) { if (!$icon) { $icon = 'cb-' . str_replace('.', '_', $pluginRow->element) . '-' . $name; } $_CB_Backend_Title = array(0 => array($icon, htmlspecialchars(CBTxt::T($pluginRow->name)) . ($title ? ': ' . $title : null))); } else { if (!$icon) { $icon = 'cb-' . $name; } $_CB_Backend_Title = array(0 => array($icon, htmlspecialchars(CBTxt::T('Community Builder')) . ($title ? ': ' . $title : null))); } // Null the label so the view form doesn't output it as we already did as page title: $viewModel->addAttribute('label', null); } else { $showDisclaimer = false; } $htmlFormatting = $viewModel->attributes('viewformatting'); if (!$htmlFormatting) { if ($_CB_framework->getUi() == 1 && (isset($ueConfig['use_divs']) && $ueConfig['use_divs'] == 1)) { $htmlFormatting = 'div'; } else { $htmlFormatting = 'table'; } } new cbTabs(true, 2); $settingsHtml = $params->draw(null, null, null, null, null, null, false, $viewType, $htmlFormatting); if ($htmlOutput) { outputCbTemplate(); outputCbJs(); self::outputAdminJs(); initToolTip(); self::outputRegTemplate(); } $return = null; if ($pluginRow && $pluginRow->id) { if (!$pluginRow->published) { $return .= '<div class="alert alert-danger">' . CBTxt::T('PLUGIN_NAME_IS_NOT_PUBLISHED', '[plugin_name] is not published.', array('[plugin_name]' => htmlspecialchars(CBTxt::T($pluginRow->name)))) . '</div>'; } if (!$_PLUGINS->checkPluginCompatibility($pluginRow)) { $return .= '<div class="alert alert-danger">' . CBTxt::T('PLUGIN_NAME_IS_NOT_COMPATIBLE_WITH_YOUR_CURRENT_CB_VERSION', '[plugin_name] is not compatible with your current CB version.', array('[plugin_name]' => htmlspecialchars(CBTxt::T($pluginRow->name)))) . '</div>'; } } if (is_object($data) && isset($data->id) && $data->id) { if (isset($data->published) && !$data->published) { $return .= '<div class="alert alert-danger">' . CBTxt::T('NAME_IS_NOT_PUBLISHED', '[name] is not published.', array('[name]' => htmlspecialchars(CBTxt::T($label)))) . '</div>'; } if (isset($data->enabled) && !$data->enabled) { $return .= '<div class="alert alert-danger">' . CBTxt::T('NAME_IS_NOT_ENABLED', '[name] is not enabled.', array('[name]' => htmlspecialchars(CBTxt::T($label)))) . '</div>'; } } if ($viewModel->attributes('formformatting') == 'none') { $return .= $settingsHtml ? $settingsHtml : null; } else { cbValidator::loadValidation(); $cssClass = RegistryEditView::buildClasses($viewModel); if (!$cssClass) { $cssClass = 'cb_form form-auto'; } $return .= '<form enctype="multipart/form-data" action="' . $_CB_framework->backendUrl('index.php') . '" method="post" name="adminForm" class="cbValidation ' . htmlspecialchars($cssClass) . '" id="cbAdminFormForm">' . ($settingsHtml ? $settingsHtml : null) . '<input type="hidden" name="option" value="' . htmlspecialchars($options['option']) . '" />' . ($pluginRow ? '<input type="hidden" name="cid" value="' . (int) $pluginRow->id . '" />' : null) . ($cbprevstate ? '<input type="hidden" name="cbprevstate" value="' . htmlspecialchars($cbprevstate) . '" />' : null); if ($actionPath) { foreach ($actionPath as $k => $v) { $return .= '<input type="hidden" name="' . htmlspecialchars($k) . '" value="' . htmlspecialchars($v) . '" />'; } } $return .= cbGetSpoofInputTag('plugin') . '</form>'; } if ($showDisclaimer) { $disclaimerTitle = 'Disclaimer'; $disclaimerText = 'This software comes "as is" with no guarantee for accuracy, function or fitness for any purpose.'; $disclaimerTitleTr = CBTxt::Th('Disclaimer'); $disclaimerTextTr = CBTxt::Th('This software comes "as is" with no guarantee for accuracy, function or fitness for any purpose.'); $return .= '<div class="cbregCopyrightfooter content-spacer" style="font-size:11px; color:black; display:block;">' . CBTxt::Th('CB_FOOTNOTE_OPEN_SOURCE_WITH_PLUGINS', 'Community Builder for Joomla, an open-source social framework by <a href="http://www.joomlapolis.com/?pk_campaign=in-cb&pk_kwd=footer" target="_blank">Joomlapolis.com</a>, easy to extend with <a href="http://www.joomlapolis.com/cb-solutions?pk_campaign=in-cb&pk_kwd=footer" target="_blank">CB plugins</a>. Professional <a href="http://www.joomlapolis.com/support?pk_campaign=in-cb&pk_kwd=footer" target="_blank">Support</a> is available with a <a href="http://www.joomlapolis.com/memberships?pk_campaign=in-cb&pk_kwd=footer" target="_blank">Membership</a>.') . '<br /><strong>' . $disclaimerTitle . ':</strong> ' . $disclaimerText . ($disclaimerText != $disclaimerTextTr ? '<br /><strong>' . $disclaimerTitleTr . ':</strong> ' . $disclaimerTextTr : null) . '<br />' . CBTxt::Th('CB_FOOTNOTE_REVIEW_AND_RATE_AT_JED', 'If you use Community Builder, please post a rating and a review on the <a href="[JEDURL]" target="_blank">Joomla! Extensions Directory</a>.', array('[JEDURL]' => htmlspecialchars('http://extensions.joomla.org/extensions/clients-a-communities/communities/210 '))) . '</div>'; } echo $return; }
/** * Prefixes the $attribute of $column (or table or other xml element) with * $colNamePrefix if $column->attributes( 'nametype' ) == 'namesuffix' or 'nameprefix' * * @param SimpleXMLElement $column * @param string $colNamePrefix * @param string $attribute * @param string $modifyingAttr * @return string */ protected function prefixedName(SimpleXMLElement $column, $colNamePrefix, $attribute = 'name', $modifyingAttr = 'nametype') { $colName = $column->attributes($attribute); $colNameType = $column->attributes($modifyingAttr); switch ($colNameType) { case 'nameprefix': $colName .= $colNamePrefix; break; case 'namesuffix': $colName = $colNamePrefix . $colName; break; default: break; } return $colName; }
/** * Transforms XML to Array * @param SimpleXMLElement $el * @param string $callBacks * @return array */ protected function & xml2arr( &$el, &$callBacks ) { $names_values = array(); if ( $el ) { $nam = $el->getName(); if ( array_key_exists( $nam, $callBacks ) ) { $names_values[$nam] = call_user_func_array( $callBacks[$nam], array( &$el, &$callBacks ) ); } else { $names_values[$nam] = $el->attributes(); foreach ( $el->children() as $elChild ) { $names_values = array_merge_recursive( $names_values, array( $nam => $this->xml2arr( $elChild, $callBacks ) ) ); } } } return $names_values; }
/** * Performs a table action on a click in table * * @return void * @throws \Exception */ protected function _performTableActions() { global $_CB_framework; if (!isset($_REQUEST[$this->name])) { return; } $subtask = cbGetParam($_REQUEST[$this->name], 'subtask', ''); if (!$subtask) { return; } $task_parsed = explode('/', $subtask); $cid = cbGetParam($_REQUEST[$this->name], 'idcid', array()); if (!is_array($cid)) { $ocid = $cid; $cid = array(); $cid[] = $ocid; } switch ($task_parsed[0]) { case 'orderup': case 'orderdown': case 'saveorder': if ($this->listFieldsRows) { if (isset($task_parsed[1])) { $field = $task_parsed[1]; $fieldNode = $this->listFieldsRows->getChildByNameAttr('field', 'name', $field); if (!$fieldNode) { $fieldNode = $this->listFieldsRows->getChildByNameAttr('param', 'name', $field); } } else { $field = null; $fieldNode = false; } if (!$fieldNode || $fieldNode->attributes('type') !== 'ordering' || !Access::authorised($fieldNode)) { $_CB_framework->enqueueMessage(CBTxt::T('This field can not ordered'), 'error'); return; } $dataModelClass = $this->class; if ($task_parsed[0] != 'saveorder') { $dataModelValue = $cid[0]; } else { $dataModelValue = null; } $row = $this->createLoadClass($dataModelClass, $dataModelValue); if (!$row) { $_CB_framework->enqueueMessage(CBTxt::T('No row data found'), 'error'); return; } if ($task_parsed[0] == 'saveorder') { $order = cbGetParam($_REQUEST[$this->name], $field, array(0)); } $where = ''; $orderinggroups = $fieldNode->getElementByPath('orderinggroups'); /** @var $orderinggroups SimpleXMLElement|null */ if ($orderinggroups) { foreach ($orderinggroups->children() as $group) { /** @var $group SimpleXMLElement */ $orderingFieldName = $group->attributes('name'); if ($group->getName() == 'ordering' && $orderingFieldName && array_key_exists($orderingFieldName, get_object_vars($row))) { if ($task_parsed[0] != 'saveorder') { $where .= $this->_db->NameQuote($orderingFieldName) . ' = ' . XmlTypeCleanQuote::sqlCleanQuote($row->{$orderingFieldName}, $group->attributes('type'), $this->_pluginParams, $this->_db) . ' AND '; } else { $where .= $orderingFieldName . "='\$row->" . $orderingFieldName . "' AND "; } } } } if ($task_parsed[0] != 'saveorder') { $inc = $task_parsed[0] == 'orderup' ? -1 : 1; /** @var OrderedTable $row */ $row->move($inc, $where . $field . " > -10000 AND " . $field . " < 10000 ", $field); } else { $this->saveOrder($cid, $row, $order, "\$condition = \"" . $where . $field . " > -10000 AND " . $field . " < 10000 \";", $field); } $_CB_framework->enqueueMessage(CBTxt::T('ROW_COUNT_ORDER_SUCCESS', 'Row ordered successfully!|%%COUNT%% rows ordered successfully!', array('%%COUNT%%' => count($cid)))); } break; case 'publish': case 'unpublish': case 'enable': case 'disable': case 'setfield': case 'doaction': if ($this->listFieldsRows) { $field = null; switch ($task_parsed[0]) { case 'publish': case 'unpublish': $value = $task_parsed[0] == 'publish' ? 1 : 0; $field = 'published'; break; case 'enable': case 'disable': $value = $task_parsed[0] == 'enable' ? 1 : 0; $field = 'enabled'; break; case 'setfield': $value = $task_parsed[2]; break; case 'doaction': $value = null; break; default: throw new \Exception(__FUNCTION__ . ': Impossible value'); } if (isset($task_parsed[1])) { $field = $task_parsed[1]; } /** @var SimpleXMLElement $fieldNode */ $fieldNode = $this->listFieldsRows->xpath('(//field[@name="' . $field . '"][@onclick="toggle"])[last()]'); if (!$fieldNode) { $fieldNode = $this->listFieldsRows->xpath('(//param[@name="' . $field . '"][@onclick="toggle"])[last()]'); } if (!$fieldNode) { // We're not a field toggle so lets check if we're a menu item for permission/usage checks: $fieldNode = $this->toolbarmenu->xpath('(//menu[@name="' . $field . '"])[last()]'); } if (!$fieldNode || !Access::authorised($fieldNode[0])) { $_CB_framework->enqueueMessage(CBTxt::T('THIS_FIELD_CAN_NOT_TOGGLE_TASK', 'This field can not toggle: [task]', array('[task]' => $task_parsed[0])), 'error'); return; } $fieldNode = $fieldNode[0]; $taskName = CBTxt::T($fieldNode->attributes('label')); if ($task_parsed[0] == 'setfield') { // Check field value if allowed: $this->registryEditVew->resolveXmlParamType($fieldNode); if ($fieldNode->getChildByNameAttributes('option')) { $valueNode = $fieldNode->getAnyChildByNameAttr('option', 'index', $value); if (!$valueNode) { $valueNode = $fieldNode->getAnyChildByNameAttr('option', 'value', $value); } if ($valueNode) { $valueLabel = CBTxt::T($valueNode->data()); if ($valueLabel) { $taskName = $valueLabel; } } else { $_CB_framework->enqueueMessage(CBTxt::T('This field can not be set to that value'), 'error'); return; } } } if (!$taskName) { $taskName = $task_parsed[0]; } if (count($cid) < 1) { $_CB_framework->enqueueMessage(CBTxt::T('SELECT_A_ROW_TO_TASK', 'Select a row to [task]', array('[task]' => strtolower($taskName))), 'error'); return; } $dataModelClass = $this->class; foreach ($cid as $c) { $dataModelValue = $c; $row = $this->createLoadClass($dataModelClass, $dataModelValue); if (!$row) { $_CB_framework->enqueueMessage(CBTxt::T('No row data found'), 'error'); return; } if ($task_parsed[0] == 'doaction') { $this->registryEditVew->pushModelOfData($row); $toggle = $this->registryEditVew->_form_private($field, $value, $fieldNode, null); $this->registryEditVew->popModelOfData(); if (!$toggle) { $_CB_framework->enqueueMessage(CBTxt::T('CANNOT_TASK_ROW_ID_ID_BECAUSE_ERROR', 'Cannot [task] row id [id] because: [error]', array('[id]' => $dataModelValue, '[task]' => strtolower($taskName), '[error]' => $row->getError())), 'error'); return; } } elseif ($row->{$field} != $value) { if (is_callable(array($row, 'historySetMessage'))) { $row->historySetMessage(ucfirst($task_parsed[0]) . ' ' . $field . ' from administration backend'); } if ($fieldNode->attributes('class') && $fieldNode->attributes('method')) { $this->registryEditVew->pushModelOfData($row); $toggle = $this->registryEditVew->_form_private($field, $value, $fieldNode, null); $this->registryEditVew->popModelOfData(); if (!$toggle) { $_CB_framework->enqueueMessage(CBTxt::T('CANNOT_TASK_ROW_ID_ID_BECAUSE_ERROR', 'Cannot [task] row id [id] because: [error]', array('[id]' => $dataModelValue, '[task]' => strtolower($taskName), '[error]' => $row->getError())), 'error'); return; } } elseif ($row->hasFeature('checkout')) { /** @var CheckedOrderedTable $row */ if (!$row->isCheckedOut($_CB_framework->myId())) { $row->{$field} = $value; if ($row->check()) { if (!$row->store()) { $_CB_framework->enqueueMessage(CBTxt::T('CANNOT_TASK_ROW_ID_ID_BECAUSE_ERROR', 'Cannot [task] row id [id] because: [error]', array('[id]' => $dataModelValue, '[task]' => strtolower($taskName), '[error]' => $row->getError())), 'error'); return; } } else { $_CB_framework->enqueueMessage(CBTxt::T('CANNOT_TASK_ROW_ID_ID_BECAUSE_ERROR', 'Cannot [task] row id [id] because: [error]', array('[id]' => $dataModelValue, '[task]' => strtolower($taskName), '[error]' => $row->getError())), 'error'); return; } $row->checkin(); } } else { $row->{$field} = $value; if ($row->check()) { if (!$row->store()) { $_CB_framework->enqueueMessage(CBTxt::T('CANNOT_TASK_ROW_ID_ID_BECAUSE_ERROR', 'Cannot [task] row id [id] because: [error]', array('[id]' => $dataModelValue, '[task]' => strtolower($taskName), '[error]' => $row->getError())), 'error'); return; } } else { $_CB_framework->enqueueMessage(CBTxt::T('CANNOT_TASK_ROW_ID_ID_BECAUSE_ERROR', 'Cannot [task] row id [id] because: [error]', array('[id]' => $dataModelValue, '[task]' => strtolower($taskName), '[error]' => $row->getError())), 'error'); return; } } } } $_CB_framework->enqueueMessage(CBTxt::T('ROW_COUNT_TASK_SUCCESS', '{1} Row [task] successfully!|%%COUNT%% rows [task] successfully!', array('%%COUNT%%' => count($cid), '[task]' => strtolower($taskName)))); } break; case 'editrows': if ($this->listFieldsRows) { if (count($cid) != 1) { $_CB_framework->enqueueMessage(CBTxt::T('SELECT_A_ROW_TO_TASK', 'Select a row to [task]', array('[task]' => 'edit')), 'error'); return; } if (isset($task_parsed[1])) { $field = $task_parsed[1]; } else { $field = 'tid'; } if ($this->_options['view'] == 'editPlugin') { $task = $this->_options['view']; } else { $task = 'editrow'; } $baseUrl = 'index.php?option=' . $this->_options['option'] . '&view=' . $task; if (isset($this->_options['pluginid'])) { $baseUrl .= '&cid=' . $this->_options['pluginid']; } $url = $baseUrl . '&table=' . $this->_tableBrowserModel->attributes('name') . '&action=editrow&' . urlencode($field) . '=' . urlencode($cid[0]); cbRedirect($url); } break; case 'deleterows': if ($this->listFieldsRows) { if (count($cid) < 1) { $_CB_framework->enqueueMessage(CBTxt::T('SELECT_A_ROW_TO_TASK', 'Select a row to [task]', array('[task]' => 'delete')), 'error'); return; } $dataModelClass = $this->class; foreach ($cid as $id) { $dataModelValue = $id; $row = $this->createLoadClass($dataModelClass, $dataModelValue); if (!$row) { $_CB_framework->enqueueMessage(CBTxt::T('No row data found'), 'error'); return; } if ($row->canDelete($dataModelValue)) { if (!$row->delete($dataModelValue)) { $_CB_framework->enqueueMessage(CBTxt::T('CANNOT_DELETE_ROW_ID_BECAUSE_ERROR', 'Cannot delete row id [id] because: [error]', array('[id]' => $dataModelValue, '[error]' => $row->getError())), 'error'); return; } } else { $_CB_framework->enqueueMessage(CBTxt::T('CANNOT_DELETE_ROW_ID_BECAUSE_ERROR', 'Cannot delete row id [id] because: [error]', array('[id]' => $dataModelValue, '[error]' => $row->getError())), 'error'); return; } } $_CB_framework->enqueueMessage(CBTxt::T('ROW_COUNT_DELETED_SUCCESS', 'Row deleted successfully!|%%COUNT%% rows deleted successfully!', array('%%COUNT%%' => count($cid)))); } break; case 'batchrows': if ($this->listFieldsRows) { if (count($cid) < 1) { $_CB_framework->enqueueMessage(CBTxt::T('SELECT_A_ROW_TO_TASK', 'Select a row to [task]', array('[task]' => 'batch')), 'error'); return; } $postData = array(); foreach ($this->_batchPossibilitesArray as $key => $value) { // <batchprocess><batch> if (!$this->isValueEmpty($value['internalvalue'])) { $field = $value['valuefield']; $postData[$field] = $value['internalvalue']; } // Reset back to null as we don't want the values reselected on display: $this->_batchPossibilitesArray[$key]['value'] = null; $this->_batchPossibilitesArray[$key]['internalvalue'] = $value['value']; } if (count($postData) < 1) { $_CB_framework->enqueueMessage(CBTxt::T('Nothing to process'), 'error'); return; } $dataModelClass = $this->class; foreach ($cid as $id) { $dataModelValue = $id; /** @var $row TableInterface */ $row = $this->createLoadClass($dataModelClass, $dataModelValue); if (!$row) { $_CB_framework->enqueueMessage(CBTxt::T('No row data found'), 'error'); return; } $rowPost = array(); foreach ($postData as $key => $value) { if (property_exists($row, $key)) { $rowPost[$key] = is_array($value) ? json_encode($value) : $value; } } if (count($rowPost) < 1) { $_CB_framework->enqueueMessage(CBTxt::T('Nothing to process'), 'error'); return; } if (!$row->bind($rowPost)) { $_CB_framework->enqueueMessage(CBTxt::T('CANNOT_BATCH_PROCESS_ROW_ID_ID_BECAUSE_ERROR', 'Cannot batch process row id [id] because: [error]', array('[id]' => $dataModelValue, '[error]' => $row->getError())), 'error'); return; } if (!$row->check()) { $_CB_framework->enqueueMessage(CBTxt::T('CANNOT_BATCH_PROCESS_ROW_ID_ID_BECAUSE_ERROR', 'Cannot batch process row id [id] because: [error]', array('[id]' => $dataModelValue, '[error]' => $row->getError())), 'error'); return; } if (!$row->store()) { $_CB_framework->enqueueMessage(CBTxt::T('CANNOT_BATCH_PROCESS_ROW_ID_ID_BECAUSE_ERROR', 'Cannot batch process row id [id] because: [error]', array('[id]' => $dataModelValue, '[error]' => $row->getError())), 'error'); return; } } $_CB_framework->enqueueMessage(CBTxt::T('ROW_COUNT_SAVED_SUCCESS', 'Row saved successfully!|%%COUNT%% rows saved successfully!', array('%%COUNT%%' => count($cid)))); } break; case 'copyrows': if ($this->listFieldsRows) { if (count($cid) < 1) { $_CB_framework->enqueueMessage(CBTxt::T('SELECT_A_ROW_TO_TASK', 'Select a row to [task]', array('[task]' => 'copy')), 'error'); return; } $dataModelClass = $this->class; foreach ($cid as $id) { $dataModelValue = $id; /** @var $row TableInterface */ $row = $this->createLoadClass($dataModelClass, $dataModelValue); if (!$row) { $_CB_framework->enqueueMessage(CBTxt::T('No row data found'), 'error'); return; } if ($row->canCopy()) { if (!$row->copy()) { $_CB_framework->enqueueMessage(CBTxt::T('CANNOT_COPY_ROW_ID_ID_BECAUSE_ERROR', 'Cannot copy row id [id] because: [error]', array('[id]' => $dataModelValue, '[error]' => $row->getError())), 'error'); return; } } else { $_CB_framework->enqueueMessage(CBTxt::T('CANNOT_COPY_ROW_ID_ID_BECAUSE_ERROR', 'Cannot copy row id [id] because: [error]', array('[id]' => $dataModelValue, '[error]' => $row->getError())), 'error'); return; } } $_CB_framework->enqueueMessage(CBTxt::T('ROW_COUNT_COPIED_SUCCESS', 'Row copied successfully!|%%COUNT%% rows copied successfully!', array('%%COUNT%%' => count($cid)))); } break; case 'action': if ($this->listFieldsRows) { if (count($cid) != 1) { $_CB_framework->enqueueMessage(CBTxt::T('SELECT_A_ROW_TO_TASK', 'Select a row to [task]', array('[task]' => isset($task_parsed[1]) ? $task_parsed[1] : 'action')), 'error'); return; } if (isset($task_parsed[1])) { if (isset($task_parsed[2])) { $field = $task_parsed[2]; } else { $field = 'tid'; } $baseUrl = 'index.php?option=' . $this->_options['option'] . '&view=' . $this->_options['view']; if (isset($this->_options['pluginid'])) { $baseUrl .= '&cid=' . $this->_options['pluginid']; } $url = $baseUrl . '&table=' . $this->_tableBrowserModel->attributes('name') . '&action=' . urlencode($task_parsed[1]) . '&' . urlencode($field) . '=' . urlencode($cid[0]); cbRedirect($url); } } break; default: break; } //TBD cbRedirect( $_CB_framework->backendUrl( 'index.php?option=com_comprofiler&task=showPlugins', $msg ) ); }
/** * @param int $duration * @return string */ public static function getLatestCBVersion($duration = 12) { global $_CB_framework, $ueConfig; cbimport('cb.snoopy'); $cache = $_CB_framework->getCfg('absolute_path') . '/cache/cblatestversion.xml'; $xml = null; if (file_exists($cache)) { if (!$duration || intval(($_CB_framework->now() - filemtime($cache)) / 3600) > $duration) { $request = true; } else { $xml = new SimpleXMLElement(trim(file_get_contents($cache))); $request = false; } } else { $request = true; } if ($request) { $s = new CBSnoopy(); $s->read_timeout = 30; $s->referer = $_CB_framework->getCfg('live_site'); @$s->fetch('http://www.joomlapolis.com/versions/comprofilerversion.php?currentversion=' . urlencode($ueConfig['version'])); if ((int) $s->status == 200) { try { $results = $s->results; $infoPosition = strpos($results, ':'); if ($infoPosition === false) { $version = $results; $info = null; } else { $version = substr($results, 0, $infoPosition); $info = substr($results, $infoPosition + 1); } $xml = new SimpleXMLElement('<cbversion version="' . htmlspecialchars($version) . '" info="' . htmlspecialchars($info) . '"></cbversion>'); $xml->saveXML($cache); } catch (Exception $e) { } } } if ($xml) { return $xml->attributes('version'); } else { return null; } }
/** * Saves the CB plugin view after an edit view form submit * * @param array $options * @param array $actionPath * @param array $keyValues * @param array $parametersValues * @param SimpleXMLElement $viewModel * @param TableInterface $data * @param RegistryEditController $params * @param string $mode * @param string $dataModelType * @param PluginTable $plugin * @param SimpleXMLElement $dataModel * @param RegistryInterface $pluginParams * @param string $cbprevstate * @param int $ui * @return null|string NULL: ok, STRING: error */ protected function savePluginView($options, $actionPath, $keyValues, $parametersValues, $viewModel, $data, $params, &$mode, $dataModelType, $plugin, $dataModel, $pluginParams, $cbprevstate, $ui) { global $_CB_framework; new cbTabs(false, 2, -1, false); // prevents output of CB tabs js code until we are done with drawing (or redirecting) $resultingMsg = null; cbSpoofCheck('plugin'); $postArray = $this->input->getNamespaceRegistry('post')->asArray(); // List of variables to exclude from the $postArray: $exclude = array('option', 'cid', 'cbprevstate', cbSpoofField()); foreach ($actionPath as $k => $v) { $exclude[] = $k; } // Remove the exclude variables from the $postArray before being used in the below cases: foreach ($exclude as $v) { if (isset($postArray[$v])) { unset($postArray[$v]); } } // Fix multi-selects and multi-checkboxes arrays to |*|-delimited strings: $postArray = $this->recursiveMultiSelectFix($postArray); foreach ($postArray as $key => $value) { if (property_exists($data, $key)) { $postArray[$key] = is_array($value) ? json_encode($value) : $value; } } $errorMsg = null; switch ($dataModelType) { case 'sql:row': if ($ui == 2) { if (true !== ($error = RegistryEditView::validateAndBindPost($params, $postArray))) { $errorMsg = $error; break; } if (!$data->bind($postArray)) { $errorMsg = $data->getError(); break; } } else { RegistryEditView::setFieldsListArrayValues(true); $fields = $params->draw(null, null, null, null, null, null, false, 'param', 'fieldsListArray'); // New CB2.0 way for bind(): foreach ($fields as $key => $value) { if (property_exists($data, $key)) { $data->{$key} = is_array($value) ? json_encode($value) : $value; } } } if (!$data->check()) { $errorMsg = $data->getError(); break; } $dataModelKey = $data->getKeyName(); $dataModelValueOld = $data->{$dataModelKey}; if ($mode == 'savecopy') { if (!$data->canCopy($data)) { $errorMsg = $data->getError(); break; } if (!$data->copy($data)) { $errorMsg = $data->getError(); break; } } else { if (!$data->store()) { $errorMsg = $data->getError(); break; } } $dataModelValue = $data->{$dataModelKey}; // Id changed; be sure to update the url encase of redirect: if (count($keyValues) == 1) { $urlKeys = array_keys($keyValues); $urlDataKey = $urlKeys[0]; if ($mode == 'savenew') { unset($actionPath[$urlDataKey]); } elseif ($dataModelValue != $dataModelValueOld) { $actionPath[$urlDataKey] = $dataModelValue; } } if ($data->hasFeature('checkout')) { /** @var \CBLib\Database\Table\CheckedOrderedTable $data */ $data->checkin(); } $this->savePluginViewOrder($data, $viewModel); $resultingMsg = $data->cbResultOfStore(); break; case 'sql:field': // <data name="params" type="sql:field" table="#__cbsubs_config" class="cbpaidConfig" key="id" value="1" valuetype="sql:int" /> $dataModelName = $dataModel->attributes('name'); $dataModelKey = $dataModel->attributes('key'); $dataModelValue = $dataModel->attributes('value'); if ($ui == 2) { if (true !== ($error = RegistryEditView::validateAndBindPost($params, $postArray))) { $errorMsg = $error; break; } } $rawParams = array(); $rawParams[$dataModelName] = json_encode($postArray); $xmlsql = new XmlQuery($this->db, null, $pluginParams); $xmlsql->process_data($dataModel); if ($dataModelValue) { $result = $xmlsql->queryUpdate($rawParams); } else { $result = $xmlsql->queryInsert($rawParams, $dataModelKey); } if (!$result) { $errorMsg = $xmlsql->getErrorMsg(); } break; case 'parameters': if ($ui == 2) { if (true !== ($error = RegistryEditView::validateAndBindPost($params, $postArray))) { $errorMsg = $error; break; } } $rawParams = array(); $rawParams['params'] = json_encode($postArray); // $plugin = new PluginTable( $this->_db ); // $plugin->load( $pluginId ); if (!$plugin->bind($rawParams)) { $errorMsg = $plugin->getError(); break; } if (!$plugin->check()) { $errorMsg = $plugin->getError(); break; } if (!$plugin->store()) { $errorMsg = $plugin->getError(); break; } $plugin->checkin(); $plugin->updateOrder("type='" . $plugin->getDbo()->getEscaped($plugin->type) . "' AND ordering > -10000 AND ordering < 10000 "); $resultingMsg = $plugin->cbResultOfStore(); break; case 'class': if ($ui == 2) { if (true !== ($error = RegistryEditView::validateAndBindPost($params, $postArray))) { $errorMsg = $error; break; } } if (!$data->bind($postArray)) { $errorMsg = $data->getError(); break; } if (!$data->check()) { $errorMsg = $data->getError(); break; } if (!$data->store()) { $errorMsg = $data->getError(); break; } if ($data->hasFeature('checkout')) { /** @var \CBLib\Database\Table\CheckedOrderedTable $data */ $data->checkin(); } $this->savePluginViewOrder($data, $viewModel); $resultingMsg = $data->cbResultOfStore(); break; case 'sql:multiplerows': default: echo 'Save error: showview data type: ' . $dataModelType . ' not implemented !'; exit; break; } if ($ui == 2) { $url = 'index.php?option=' . $options['option'] . '&view=' . $options['view']; if ($options['view'] == 'editPlugin') { $url .= '&cid=' . $options['pluginid']; } $url = $_CB_framework->backendUrl($url); } else { $url = 'index.php'; if (count($options) > 0) { $fixOptions = array(); foreach ($options as $k => $v) { $fixOptions[$k] = $k . '=' . urlencode($v); } $url .= '?' . implode('&', $fixOptions); } } if (isset($data->title)) { $dataItem = CBTxt::T($data->title); } elseif (isset($data->name)) { $dataItem = CBTxt::T($data->name); } else { $dataItem = null; } if ($errorMsg) { if (in_array($mode, array('save', 'savenew', 'savecopy'))) { $mode = 'apply'; } $msg = CBTxt::T('FAILED_TO_SAVE_LABEL_ITEM_BECAUSE_ERROR', 'Failed to save [label] [item] because: [error]', array('[label]' => $viewModel->attributes('label'), '[item]' => $dataItem, '[error]' => $errorMsg)); $msgType = 'error'; } else { $msg = CBTxt::T('SUCCESSFULLY_SAVED_LABEL_ITEM', 'Successfully saved [label] [item]', array('[label]' => $viewModel->attributes('label'), '[item]' => $dataItem)); $msgType = 'message'; } switch ($mode) { case 'apply': case 'savenew': case 'savecopy': unset($actionPath['view']); foreach ($actionPath as $k => $v) { if ($v !== '') { $url .= '&' . $k . '=' . $v; } } foreach ($parametersValues as $k => $v) { $url .= '&' . $k . '=' . $v; } if ($cbprevstate) { $url .= '&cbprevstate=' . $cbprevstate; } break; case 'save': if ($cbprevstate) { $prevUrl = base64_decode($cbprevstate); // $parametersValues[] = "'" . base64_encode( implode( '&', $cbprevstate ) ) . "'"; if (!preg_match('$[:/]$', $prevUrl)) { $prevUrl = str_replace('&pluginid=', '&cid=', $prevUrl); if ($ui == 2) { $url = $_CB_framework->backendUrl('index.php?' . $prevUrl); } else { $url = 'index.php?' . $prevUrl; } } } break; } if ($resultingMsg) { if ($ui != 2) { return $resultingMsg; // in frontend, for now, don't redirect here: think this is right ! } else { // If not an apply then change it to an apply so we can redisplay the view with the resulting message above it: if (in_array($mode, array('save', 'savenew', 'savecopy'))) { $mode = 'apply'; } echo $resultingMsg; } } else { if ($ui != 2) { return null; // in frontend, for now, don't redirect here: think this is right ! // $url = cbUnHtmlspecialchars( cbSef( $url ) ); } if ($mode == 'apply' && $errorMsg) { $_CB_framework->enqueueMessage($msg, $msgType); } else { cbRedirect($ui == 2 ? $url : cbSef(htmlspecialchars($url), false), $msg, $msgType); } } return null; }
/** * Renders the header of the menu group * * @param SimpleXMLElement $param * @param string $htmlFormatting * @return string */ protected function renderMenuGroupHeader(&$param, $htmlFormatting) { $html = array(); $legend = $param->attributes('label'); $description = $param->attributes('description'); $cssclass = RegistryEditView::buildClasses($param); if ($htmlFormatting == 'table') { $html[] = '<tr><td colspan="3" style="width: 100%;"' . ($cssclass ? ' class="' . htmlspecialchars($cssclass) . '"' : '') . '>'; } elseif ($htmlFormatting == 'td') { $html[] = '<td' . ($cssclass ? ' class="' . htmlspecialchars($cssclass) . '"' : '') . '>'; } if ($legend) { $html[] = '<h2>' . CBTxt::Th($legend) . '</h2>'; } if ($htmlFormatting == 'table') { $html[] = '<table class="table table-noborder">'; if ($description) { $html[] = '<tr><td colspan="3" style="width: 100%;"><strong>' . CBTxt::Th($description) . '</strong></td></tr>'; } } elseif ($htmlFormatting == 'td') { if ($description) { $html[] = '<td colspan="3" style="width: 100%;"><strong>' . CBTxt::Th($description) . '</strong></td>'; } } else { if ($description) { $html[] = '<strong>' . CBTxt::Th($description) . '</strong>'; } } if (!in_array($htmlFormatting, array('table', 'td'))) { $html[] = '<div class="cbButtonMenu' . ($cssclass ? ' ' . htmlspecialchars($cssclass) : '') . '">'; } return implode('', $html); }
/** * Installs a field value * * @param int $fieldId * @param SimpleXMLElement $fieldValue * @return boolean True on success, False on failure */ function installFieldValue($fieldId, $fieldValue) { global $_CB_database; $row = new FieldValueTable(); $row->fieldid = (int) $fieldId; $row->fieldtitle = $fieldValue->attributes('title'); $row->ordering = $fieldValue->attributes('ordering'); $row->sys = $fieldValue->attributes('sys'); $_CB_database->setQuery("SELECT fieldvalueid FROM #__comprofiler_field_values WHERE fieldid = " . (int) $fieldId . " AND fieldtitle = '" . $row->fieldtitle . "'"); $fieldValueId = $_CB_database->loadResult(); if ($fieldValueId) { $row->fieldvalueid = $fieldValueId; } try { $row->store(); } catch (\RuntimeException $e) { $this->setError(1, 'SQL error on field store' . ': ' . htmlspecialchars($e->getMessage())); return false; } return true; }
/** * Checks if $xmlFilename is a package file * * @param string $xmlFilename A file path * @return object A DOMIT XML document, or null if the file failed to parse */ function isPackageFile($xmlFilename) { if (!file_exists($xmlFilename)) { return null; } $xmlString = trim(file_get_contents($xmlFilename)); $element = new SimpleXMLElement($xmlString); if (count($element->children()) == 0) { return null; } if ($element->getName() != 'cbinstall') { //echo "didn't find cbinstall"; return null; } // Set the type $this->installType($element->attributes('type')); $this->installFilename($xmlFilename); return $element; }