/** * Finder before save content method * Article is passed by reference, but after the save, so no changes will be saved. * Method is called right after the content is saved * * @param string The context of the content passed to the plugin */ public function onContentBeforeSave($context, &$article, $isNew) { if (!$article instanceof \Hubzero\Base\Object || $context == 'com_content.article') { return; } $key = $this->_key($context); $content = ltrim($article->get($key)); if (!$content) { return; } // Is there a format already applied? if (preg_match('/^<!-- \\{FORMAT:(.*)\\} -->/i', $content, $matches)) { $format = strtolower(trim($matches[1])); if ($format != 'html') { return; } } elseif (strstr($content, '</')) { // Force apply a format? if (!$this->params->get('applyFormat')) { return; } } if ($this->params->get('sanitizeBefore', 1)) { $content = \Hubzero\Utility\Sanitize::clean($content); $content = \Hubzero\Utility\Sanitize::html($content); } if ($this->params->get('applyFormat')) { $content = preg_replace('/^(<!-- \\{FORMAT:HTML\\} -->)/i', '', $content); $content = '<!-- {FORMAT:HTML} -->' . $content; } $article->set($key, $content); }
/** * Clean some text * * @param string $text Text to clean * @return string * @throws \InvalidArgumentException If no text passed */ public function __invoke($text = null) { if (null === $text) { throw new \InvalidArgumentException(__METHOD__ . '(); No text passed.'); } return Sanitize::clean($text); }
/** * Validate data * * @return boolean True if data is valid */ public function check() { $this->title = trim($this->title); if ($this->title == '') { $this->setError(Lang::txt('Missing title for the wish list')); return false; } $this->description = rtrim(stripslashes($this->description)); $this->description = Sanitize::clean($this->description); $this->description = nl2br($this->description); return true; }
/** * onIndex * * @param string $type * @param integer $id * @param boolean $run * @access public * @return void */ public function onIndex($type, $id, $run = false) { if ($type == 'publication') { if ($run === true) { // Establish a db connection $db = App::get('db'); // Sanitize the string $id = \Hubzero\Utility\Sanitize::paranoid($id); // Get the record $sql = "SELECT\n\t\t\t\t\t#__publications.id,\n\t\t\t\t\talias,\n\t\t\t\t\t#__publications.access,\n\t\t\t\t\tmaster_doi,\n\t\t\t\t\tpublished_up,\n\t\t\t\t\t#__publications.created_by,\n\t\t\t\t\tabstract,\n\t\t\t\t\tdescription,\n\t\t\t\t\ttitle,\n\t\t\t\t\tdoi,\n\t\t\t\t\tstate,\n\t\t\t\t\trelease_notes,\n\t\t\t\t\tMAX(#__publication_versions.id) as latestVersion\n\t\t\t\t\tFROM #__publications \n\t\t\t\tLEFT JOIN #__publication_versions\n\t\t\t\tON #__publications.id = #__publication_versions.publication_id\n\t\t\t\tWHERE #__publications.id = {$id};"; $row = $db->setQuery($sql)->query()->loadObject(); // Get the name of the author if (isset($row->latestVersion)) { $sql1 = "SELECT user_id, name FROM #__publication_authors WHERE publication_version_id={$row->latestVersion} AND role != 'submitter';"; $authors = $db->setQuery($sql1)->query()->loadAssocList(); // Get any tags $sql2 = "SELECT tag\n\t\t\t\t\t\tFROM #__tags\n\t\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\t\tWHERE #__tags_object.objectid = {$row->latestVersion} AND #__tags_object.tbl = 'publications';"; $tags = $db->setQuery($sql2)->query()->loadColumn(); } else { $authors = array(); $tags = array(); } // @TODO: PHP 5.5 includes array_column() $owners = array(); $authorNames = array(); if (isset($authors) && !empty($authors)) { foreach ($authors as $author) { array_push($owners, $author['user_id']); } foreach ($authors as $author) { array_push($authorNames, $author['name']); } } // Determine the path if ($row->alias != '') { $path = '/publications/' . $row->alias; } else { $path = '/publications/' . $id; } // Public condition if ($row->state == 1 && $row->access == 0) { $access_level = 'public'; } elseif ($row->state == 1 && $row->access == 1) { $access_level = 'registered'; } else { $access_level = 'private'; } // Authors have access $owner_type = 'user'; // So does submitter; array_push($owners, $row->created_by); // Get the title $title = $row->title; // Build the description, clean up text $content = $row->abstract . ' ' . $row->description . ' ' . $row->release_notes; $content = preg_replace('/<[^>]*>/', ' ', $content); $content = preg_replace('/ {2,}/', ' ', $content); $description = \Hubzero\Utility\Sanitize::stripAll($content); if (isset($row->doi)) { $doi = $row->doi; } else { $doi = ''; } // Create a record object $record = new \stdClass(); $record->id = $type . '-' . $id; $record->hubtype = $type; $record->title = $title; $record->description = $description; $record->author = $authorNames; $row->doi = $doi; $record->tags = $tags; $record->path = $path; $record->access_level = $access_level; $record->owner = $owners; $record->owner_type = $owner_type; // Return the formatted record return $record; } else { $db = App::get('db'); $sql = "SELECT id FROM #__publications;"; $ids = $db->setQuery($sql)->query()->loadColumn(); return $ids; } } }
?> <?php echo 'Email: ' . $this->shipping['email']; ?> </td> </tr> <?php if ($this->shipping['comments']) { ?> <tr> <th style="text-align: right; padding: 0 0.5em; font-weight: bold; white-space: nowrap; vertical-align: top;" align="right"><?php echo Lang::txt('COM_STORE_DETAILS'); ?> :</th> <td style="text-align: left; padding: 0 0.5em; vertical-align: top;" width="100%" align="left"><?php echo \Hubzero\Utility\Sanitize::stripAll($this->shipping['comments']); ?> </td> </tr> <?php } ?> </tbody> </table> </td> </tr> </tbody> </table> <!-- Start Spacer --> <table class="tbl-spacer" width="100%" cellpadding="0" cellspacing="0" border="0">
/** * Saves a project * Redirects to main listing * * @param boolean $redirect * @return void */ public function saveTask($redirect = false) { // Check for request forgeries Request::checkToken(); // Config $setup_complete = $this->config->get('confirm_step', 0) ? 3 : 2; // Incoming $formdata = $_POST; $id = Request::getVar('id', 0); $action = Request::getVar('admin_action', ''); $message = rtrim(\Hubzero\Utility\Sanitize::clean(Request::getVar('message', ''))); // Load model $model = new Models\Project($id); if (!$model->exists()) { App::redirect('index.php?option=' . $this->_option, Lang::txt('COM_PROJECTS_NOTICE_ID_NOT_FOUND'), 'error'); } $title = $formdata['title'] ? rtrim($formdata['title']) : $model->get('title'); $type = isset($formdata['type']) ? $formdata['type'] : 1; $model->set('title', $title); $model->set('about', rtrim(\Hubzero\Utility\Sanitize::clean($formdata['about']))); $model->set('type', $type); $model->set('modified', Date::toSql()); $model->set('modified_by', User::get('id')); $model->set('private', Request::getInt('private', 0)); $this->_message = Lang::txt('COM_PROJECTS_SUCCESS_SAVED'); // Was project suspended? $suspended = false; if ($model->isInactive()) { $suspended = $model->table('Activity')->checkActivity($id, Lang::txt('COM_PROJECTS_ACTIVITY_PROJECT_SUSPENDED')); } $subject = Lang::txt('COM_PROJECTS_PROJECT') . ' "' . $model->get('alias') . '" '; $sendmail = 0; // Get project managers $managers = $model->table('Owner')->getIds($id, 1, 1); // Admin actions if ($action) { switch ($action) { case 'delete': $model->set('state', 2); $what = Lang::txt('COM_PROJECTS_ACTIVITY_PROJECT_DELETED'); $subject .= Lang::txt('COM_PROJECTS_MSG_ADMIN_DELETED'); $this->_message = Lang::txt('COM_PROJECTS_SUCCESS_DELETED'); break; case 'suspend': $model->set('state', 0); $what = Lang::txt('COM_PROJECTS_ACTIVITY_PROJECT_SUSPENDED'); $subject .= Lang::txt('COM_PROJECTS_MSG_ADMIN_SUSPENDED'); $this->_message = Lang::txt('COM_PROJECTS_SUCCESS_SUSPENDED'); break; case 'reinstate': $model->set('state', 1); $what = $suspended ? Lang::txt('COM_PROJECTS_ACTIVITY_PROJECT_REINSTATED') : Lang::txt('COM_PROJECTS_ACTIVITY_PROJECT_ACTIVATED'); $subject .= $suspended ? Lang::txt('COM_PROJECTS_MSG_ADMIN_REINSTATED') : Lang::txt('COM_PROJECTS_MSG_ADMIN_ACTIVATED'); $this->_message = $suspended ? Lang::txt('COM_PROJECTS_SUCCESS_REINSTATED') : Lang::txt('COM_PROJECTS_SUCCESS_ACTIVATED'); break; } // Add activity $model->recordActivity($what, 0, '', '', 'project', 0, $admin = 1); $sendmail = 1; } elseif ($message) { $subject .= ' - ' . Lang::txt('COM_PROJECTS_MSG_ADMIN_NEW_MESSAGE'); $sendmail = 1; $this->_message = Lang::txt('COM_PROJECTS_SUCCESS_MESSAGE_SENT'); } // Save changes if (!$model->store()) { $this->setError($model->getError()); return false; } // Incoming tags $tags = Request::getVar('tags', '', 'post'); // Save the tags $cloud = new Models\Tags($model->get('id')); $cloud->setTags($tags, User::get('id'), 1); // Save params $incoming = Request::getVar('params', array()); if (!empty($incoming)) { foreach ($incoming as $key => $value) { if ($key == 'quota' || $key == 'pubQuota') { // convert GB to bytes $value = Helpers\Html::convertSize(floatval($value), 'GB', 'b'); } $model->saveParam($key, $value); } } // Add members if specified $this->model = $model; $this->_saveMember(); // Change ownership $this->_changeOwnership(); // Send message if ($this->config->get('messaging', 0) && $sendmail && count($managers) > 0) { // Email config $from = array(); $from['name'] = Config::get('sitename') . ' ' . Lang::txt('COM_PROJECTS'); $from['email'] = Config::get('mailfrom'); // Html email $from['multipart'] = md5(date('U')); // Message body $eview = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => 'admin_plain')); $eview->option = $this->_option; $eview->subject = $subject; $eview->action = $action; $eview->project = $model; $eview->message = $message; $body = array(); $body['plaintext'] = $eview->loadTemplate(false); $body['plaintext'] = str_replace("\n", "\r\n", $body['plaintext']); // HTML email $eview->setLayout('admin_html'); $body['multipart'] = $eview->loadTemplate(); $body['multipart'] = str_replace("\n", "\r\n", $body['multipart']); // Send HUB message Event::trigger('xmessage.onSendMessage', array('projects_admin_notice', $subject, $body, $from, $managers, $this->_option)); } Notify::message($this->_message, 'success'); // Redirect to edit view? if ($redirect) { App::redirect(Route::url('index.php?option=' . $this->_option . '&task=edit&id=' . $id, false)); } else { App::redirect(Route::url('index.php?option=' . $this->_option, false)); } }
/** * Save an event * * @return void */ public function saveTask() { // Check if they are logged in if (User::isGuest()) { $this->loginTask(); return; } // good ol' form validation Request::checkToken(); Request::checkHoneypot() or die('Invalid Field Data Detected. Please try again.'); $offset = $this->offset; // Incoming $start_time = Request::getVar('start_time', '08:00', 'post'); $start_time = $start_time ? $start_time : '08:00'; $start_pm = Request::getInt('start_pm', 0, 'post'); $end_time = Request::getVar('end_time', '17:00', 'post'); $end_time = $end_time ? $end_time : '17:00'; $end_pm = Request::getInt('end_pm', 0, 'post'); $time_zone = Request::getVar('time_zone', -5, 'post'); $tags = Request::getVar('tags', '', 'post'); // Bind the posted data to an event object $row = new Event($this->database); if (!$row->bind($_POST)) { throw new Exception($row->getError(), 500); } // New entry or existing? if ($row->id) { $state = 'edit'; // Existing - update modified info $row->modified = strftime("%Y-%m-%d %H:%M:%S", time() + $offset * 60 * 60); if (User::get('id')) { $row->modified_by = User::get('id'); } } else { $state = 'add'; // New - set created info $row->created = strftime("%Y-%m-%d %H:%M:%S", time() + $offset * 60 * 60); if (User::get('id')) { $row->created_by = User::get('id'); } } // Set some fields and do some cleanup work if ($row->catid) { $row->catid = intval($row->catid); } //$row->title = htmlentities($row->title); $row->content = $_POST['econtent']; $row->content = \Hubzero\Utility\Sanitize::clean($row->content); // Get the custom fields defined in the events configuration if (isset($_POST['fields'])) { $fields = $_POST['fields']; $fields = array_map('trim', $fields); // Wrap up the content of the field and attach it to the event content $fs = $this->config->fields; foreach ($fields as $param => $value) { if (trim($value) != '') { $row->content .= '<ef:' . $param . '>' . $this->_clean($value) . '</ef:' . $param . '>'; } else { foreach ($fs as $f) { if ($f[0] == $param && end($f) == 1) { throw new Exception(Lang::txt('EVENTS_REQUIRED_FIELD_CHECK', $f[1]), 500); } } } } } // Clean adresse $row->adresse_info = $this->_clean($row->adresse_info); // Clean contact $row->contact_info = $this->_clean($row->contact_info); // Clean extra $row->extra_info = $this->_clean($row->extra_info); // Prepend http:// to URLs without it if ($row->extra_info != NULL) { if (substr($row->extra_info, 0, 7) != 'http://' && substr($row->extra_info, 0, 8) != 'https://') { $row->extra_info = 'http://' . $row->extra_info; } } // Reformat the time into 24hr format if necessary if ($this->config->getCfg('calUseStdTime') == 'YES') { list($hrs, $mins) = explode(':', $start_time); $hrs = intval($hrs); $mins = intval($mins); if ($hrs != 12 && $start_pm) { $hrs += 12; } else { if ($hrs == 12 && !$start_pm) { $hrs = 0; } } if ($hrs < 10) { $hrs = '0' . $hrs; } if ($mins < 10) { $mins = '0' . $mins; } $start_time = $hrs . ':' . $mins; list($hrs, $mins) = explode(':', $end_time); $hrs = intval($hrs); $mins = intval($mins); if ($hrs != 12 && $end_pm) { $hrs += 12; } else { if ($hrs == 12 && !$end_pm) { $hrs = 0; } } if ($hrs < 10) { $hrs = '0' . $hrs; } if ($mins < 10) { $mins = '0' . $mins; } $end_time = $hrs . ':' . $mins; } // hack to fix where timezones cant be found by offset int // really need to figure datetimes out switch ($row->time_zone) { case -12: $tz = 'Pacific/Kwajalein'; break; case -9.5: $tz = 'Pacific/Marquesa'; break; case -3.5: $tz = 'Canada/Newfoundland'; break; case -2: $tz = 'America/Noronha'; break; case 3.5: $tz = 'Asia/Tehran'; break; case 4.5: $tz = 'Asia/Kabul'; break; case 6: $tz = 'Asia/Dhaka'; break; case 6.5: $tz = 'Asia/Rangoon'; break; case 8.75: $tz = 'Asia/Shanghai'; break; case 9.5: $tz = 'Australia/Adelaide'; break; case 11: $tz = 'Asia/Vladivostok'; break; case 11.5: $tz = 'Asia/Vladivostok'; break; case 13: $tz = 'Pacific/Tongatapu'; break; case 14: $tz = 'Pacific/Kiritimati'; break; default: $tz = timezone_name_from_abbr('', $row->time_zone * 3600, NULL); } // create publish up date time string $rpup = $row->publish_up; $publishtime = date('Y-m-d 00:00:00'); if ($row->publish_up) { $publishtime = $row->publish_up . ' ' . $start_time . ':00'; $row->publish_up = \Date::of($publishtime)->toSql(); } // create publish down date/time string $publishtime = date('Y-m-d 00:00:00'); if ($row->publish_down) { $publishtime = $row->publish_down . ' ' . $end_time . ':00'; $row->publish_down = \Date::of($publishtime)->toSql(); } // Always unpublish if no Publisher otherwise publish automatically if ($this->config->getCfg('adminlevel')) { $row->state = 0; } else { $row->state = 1; } $row->state = 1; // Verify that the event doesn't start after it ends or ends before it starts. $pubdow = strtotime($row->publish_down); $pubup = strtotime($row->publish_up); if ($pubdow <= $pubup) { // Set the error message $this->setError(Lang::txt('EVENTS_EVENT_MUST_END_AFTER_START')); // Fall through to the edit view $this->editTask($row); return; } //set the scope to be regular events $row->scope = 'event'; if (!$row->check()) { // Set the error message $this->setError($row->getError()); $this->tags = $tags; // Fall through to the edit view $this->editTask($row); return; } if (!$row->store()) { // Set the error message $this->setError($row->getError()); $this->tags = $tags; // Fall through to the edit view $this->editTask($row); return; } $row->checkin(); // Save the tags $rt = new Tags($row->id); $rt->setTags($tags, User::get('id')); // Build the message to be e-mailed if ($state == 'add') { $subject = '[' . Config::get('sitename') . ' ' . Lang::txt('EVENTS_CAL_LANG_CAL_TITLE') . '] - ' . Lang::txt('EVENTS_CAL_LANG_MAIL_ADDED'); $eview = new View(array('name' => 'emails', 'layout' => 'created')); } else { $subject = '[' . Config::get('sitename') . ' ' . Lang::txt('EVENTS_CAL_LANG_CAL_TITLE') . '] - ' . Lang::txt('EVENTS_CAL_LANG_MAIL_ADDED'); $eview = new View(array('name' => 'emails', 'layout' => 'edited')); } $eview->option = $this->_option; $eview->sitename = Config::get('sitename'); $eview->user = User::getInstance(); $eview->row = $row; $message = $eview->loadTemplate(); $message = str_replace("\n", "\r\n", $message); // Send the e-mail $this->_sendMail(Config::get('sitename'), Config::get('mailfrom'), $subject, $message); // Redirect to the details page for the event we just created App::redirect(Route::url('index.php?option=' . $this->_option . '&task=details&id=' . $row->id)); }
/** * Display a feed of comments * * @return void */ protected function _feed() { if (!$this->params->get('comments_feeds')) { $this->action = 'view'; $this->_view(); return; } // Set the mime encoding for the document Document::setType('feed'); // Load the comments $comment = new \Plugins\Hubzero\Comments\Models\Comment(); $filters = array('parent' => 0, 'item_type' => $this->obj_type, 'item_id' => $this->obj_id); if ($this->obj instanceof \Hubzero\Base\Model) { $title = $this->obj->get('title'); } else { $title = $this->obj->title; } // Start a new feed object $doc = Document::instance(); $doc->link = Route::url($this->url); $doc->title = Config::get('sitename') . ' - ' . Lang::txt(strtoupper($this->_option)); $doc->title .= $title ? ': ' . stripslashes($title) : ''; $doc->title .= ': ' . Lang::txt('PLG_HUBZERO_COMMENTS'); $doc->description = Lang::txt('PLG_HUBZERO_COMMENTS_RSS_DESCRIPTION', Config::get('sitename'), stripslashes($title)); $doc->copyright = Lang::txt('PLG_HUBZERO_COMMENTS_RSS_COPYRIGHT', date("Y"), Config::get('sitename')); // Start outputing results if any found if ($comment->replies('list', $filters)->total() > 0) { foreach ($comment->replies() as $row) { // URL link to article $link = Route::url('index.php?option=' . $this->_option . '§ion=' . $section->alias . '&category=' . $category->alias . '&alias=' . $entry->alias . '#c' . $row->id); $author = Lang::txt('PLG_HUBZERO_COMMENTS_ANONYMOUS'); if (!$row->get('anonymous')) { $author = $row->creator('name'); } // Prepare the title $title = Lang::txt('PLG_HUBZERO_COMMENTS_COMMENT_BY', $author) . ' @ ' . $row->created('time') . ' on ' . $row->created('date'); // Strip html from feed item description text if ($row->isReported()) { $description = Lang::txt('PLG_HUBZERO_COMMENTS_REPORTED_AS_ABUSIVE'); } else { $description = $row->content('clean'); } @($date = $row->created() ? date('r', strtotime($row->created())) : ''); // Load individual item creator class $item = new \Hubzero\Document\Type\Feed\Item(); $item->title = $title; $item->link = $link; $item->description = $description; $item->date = $date; $item->category = ''; $item->author = $author; // Loads item info into rss array $doc->addItem($item); // Check for any replies if ($row->replies()->total()) { foreach ($row->replies() as $reply) { // URL link to article $link = Route::url('index.php?option=' . $this->_option . '§ion=' . $section->alias . '&category=' . $category->alias . '&alias=' . $entry->alias . '#c' . $reply->id); $author = Lang::txt('PLG_HUBZERO_COMMENTS_ANONYMOUS'); if (!$reply->anonymous) { $cuser = User::getInstance($reply->created_by); $author = $cuser->get('name'); } // Prepare the title $title = Lang::txt('PLG_HUBZERO_COMMENTS_REPLY_TO_COMMENT', $row->id, $author) . ' @ ' . Date::of($reply->created)->toLocal(Lang::txt('TIME_FORMAT_HZ1')) . ' ' . Lang::txt('PLG_HUBZERO_COMMENTS_ON') . ' ' . Date::of($reply->created)->toLocal(Lang::txt('DATE_FORMAT_HZ1')); // Strip html from feed item description text if ($reply->reports) { $description = Lang::txt('PLG_HUBZERO_COMMENTS_REPORTED_AS_ABUSIVE'); } else { $description = is_object($p) ? $p->parse(stripslashes($reply->content)) : nl2br(stripslashes($reply->content)); } $description = html_entity_decode(\Hubzero\Utility\Sanitize::clean($description)); @($date = $reply->created ? gmdate('r', strtotime($reply->created)) : ''); // Load individual item creator class $item = new \Hubzero\Document\Type\Feed\Item(); $item->title = $title; $item->link = $link; $item->description = $description; $item->date = $date; $item->category = ''; $item->author = $author; // Loads item info into rss array $doc->addItem($item); if ($reply->replies) { foreach ($reply->replies as $response) { // URL link to article $link = Route::url('index.php?option=' . $this->_option . '§ion=' . $section->alias . '&category=' . $category->alias . '&alias=' . $entry->alias . '#c' . $response->id); $author = Lang::txt('PLG_HUBZERO_COMMENTS_ANONYMOUS'); if (!$response->anonymous) { $cuser = User::getInstance($response->created_by); $author = $cuser->get('name'); } // Prepare the title $title = Lang::txt('PLG_HUBZERO_COMMENTS_REPLY_TO_COMMENT', $reply->id, $author) . ' @ ' . Date::of($response->created)->toLocal(Lang::txt('TIME_FORMAT_HZ1')) . ' ' . Lang::txt('PLG_HUBZERO_COMMENTS_ON') . ' ' . Date::of($response->created)->toLocal(Lang::txt('DATE_FORMAT_HZ1')); // Strip html from feed item description text if ($response->reports) { $description = Lang::txt('PLG_HUBZERO_COMMENTS_REPORTED_AS_ABUSIVE'); } else { $description = is_object($p) ? $p->parse(stripslashes($response->content)) : nl2br(stripslashes($response->content)); } $description = html_entity_decode(\Hubzero\Utility\Sanitize::clean($description)); @($date = $response->created ? gmdate('r', strtotime($response->created)) : ''); // Load individual item creator class $item = new \Hubzero\Document\Type\Feed\Item(); $item->title = $title; $item->link = $link; $item->description = $description; $item->date = $date; $item->category = ''; $item->author = $author; // Loads item info into rss array $doc->addItem($item); } } } } } } // Output the feed echo $doc->render(); }
/** * Static method for formatting results * * @param object $row Database row * @return string HTML */ public static function out($row) { $row->href = Route::url($row->href); $month = Date::of($row->publish_up)->toLocal('M'); $day = Date::of($row->publish_up)->toLocal('d'); $year = Date::of($row->publish_up)->toLocal('Y'); // Start building the HTML $html = "\t" . '<li class="event">' . "\n"; $html .= "\t\t" . '<p class="event-date"><span class="month">' . $month . '</span> <span class="day">' . $day . '</span> <span class="year">' . $year . '</span></p>' . "\n"; $html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n"; if ($row->ftext) { $row->ftext = str_replace('[[BR]]', '', $row->ftext); // Remove tags to prevent tables from being displayed within a table. $row->ftext = strip_tags($row->ftext); $html .= "\t\t" . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->ftext)), 200) . "\n"; } $html .= "\t\t" . '<p class="href">' . Request::base() . trim($row->href, '/') . '</p>' . "\n"; $html .= "\t" . '</li>' . "\n"; // Return output return $html; }
} $base = rtrim(Request::base(), '/'); $html = '<h3>' . $this->escape(stripslashes($name)) . ' <span>(' . Lang::txt('COM_TAGS_RESULTS_THROUGH_OF', $this->filters['start'] + 1, $ttl, $total) . ')</span></h3>' . "\n"; if ($this->results) { $html .= '<ol class="results">' . "\n"; foreach ($this->results as $row) { $obj = 'plgTags' . ucfirst($row->section); if (method_exists($obj, 'out')) { $html .= call_user_func(array($obj, 'out'), $row); } else { // @todo accomodate scope (aka) group citations if (strstr($row->href, 'index.php')) { $row->href = Route::url($row->href); } $html .= "\t" . '<li>' . "\n"; $html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . \Hubzero\Utility\Sanitize::clean($row->title) . '</a></p>' . "\n"; if ($row->ftext) { $html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(strip_tags($row->ftext), 200) . "</p>\n"; } $html .= "\t\t" . '<p class="href">' . $base . $row->href . '</p>' . "\n"; $html .= "\t" . '</li>' . "\n"; } } $html .= '</ol>' . "\n"; } else { $html = '<p class="warning">' . Lang::txt('COM_TAGS_NO_RESULTS') . '</p>'; } echo $html; ?> </div><!-- / .container-block --> <?php
/** * Applies filters to Citations model and returns applied filters * @param array $filters array of POST values * @return array sanitized and validated filter values */ private function _filterHandler($filters = array(), $scope_id = 0) { $citations = \Components\Citations\Models\Citation::all(); // require citations if (!$citations) { return false; } // get the ones for this group $citations->where('scope', '=', 'member'); $citations->where('scope_id', '=', $scope_id); $citations->where('published', '!=', $citations::STATE_DELETED); // don't include deleted citations if (count($filters) > 0) { foreach ($filters as $filter => $value) { // sanitization $value = \Hubzero\Utility\Sanitize::clean($value); // we handle things differently in search and sorting if ($filter != 'search' && $filter != 'sort' && $filter != 'tag' && $value != "") { switch ($filter) { case 'author': $citations->where('author', 'LIKE', "%{$value}%", 'and', 1); break; case 'publishedin': $citations->where('date_publish', 'LIKE', "%{$value}-%"); break; case 'year_start': $citations->where('year', '>=', $value); break; case 'year_end': $citations->where('year', '<=', $value); break; case 'filter': if ($value == 'aff') { $value = 1; } else { $value = 0; } $citations->where('affiliated', '=', $value); break; default: $citations->where($filter, '=', $value); break; } } // end if not search & not sort & non-empty value // for searching if ($filter == "search" && $value != "") { $terms = preg_split('/\\s+/', $value); $value = \Hubzero\Utility\Sanitize::clean($value); $term = $value; $collection = array(); $columns = array('author', 'title', 'isbn', 'doi', 'publisher', 'abstract'); foreach ($columns as $column) { foreach ($terms as $term) { // copy the original item $cite = clone $citations; // do some searching $cite->where($column, 'LIKE', "%{$term}%"); foreach ($cite as $c) { // put for collection later array_push($collection, $c->id); } // end foreach $cite } // end foreach terms } // end foreach columns // remove duplicates $collection = array_unique($collection); // pull the appropriate ones. $citations->whereIn('id', $collection); } // end searching // for tags if ($filter == "tag" && $value != "") { $collection = array(); $cite = clone $citations; foreach ($cite as $c) { foreach ($c->tags as $tag) { if ($tag->tag == $value) { array_push($collection, $c->id); } } } // remove duplicates $collection = array_unique($collection); // get the tagged ones $citations->whereIn('id', $collection); } // end if tags if ($filter == "sort" && $value != "") { $clause = explode(" ", $value); $citations->order($clause[0], $clause[1]); } } // end foreach filters as filter return array('citations' => $citations, 'filters' => $filters); } else { return array('citations' => $citations, 'filters' => array()); } }
/** * Generate an RSS feed * * @return string RSS */ public function feedTask() { // Incoming $tagstring = trim(Request::getVar('tag', '', 'request', 'none', 2)); // Ensure we were passed a tag if (!$tagstring) { throw new Exception(Lang::txt('COM_TAGS_NO_TAG'), 404); } // Break the string into individual tags $tgs = explode(',', $tagstring); // Sanitize the tag $tags = array(); $added = array(); foreach ($tgs as $tag) { // Load the tag $tagobj = Tag::getInstance($tag); if (in_array($tagobj->get('tag'), $added)) { continue; } $added[] = $tagobj->get('tag'); // Ensure we loaded the tag's info from the database if ($tagobj->exists()) { $tags[] = $tagobj; } } // Paging variables $limitstart = Request::getInt('limitstart', 0); $limit = Request::getInt('limit', Config::get('list_limit')); $areas = array(); $searchareas = Event::trigger('tags.onTagAreas'); foreach ($searchareas as $area) { $areas = array_merge($areas, $area); } // Get the active category $area = Request::getVar('area', ''); $sort = Request::getVar('sort', ''); if ($area) { $activeareas = array($area); } else { $activeareas = $areas; } // Get the search results if (count($activeareas) > 1) { $sqls = Event::trigger('tags.onTagView', array($tags, $limit, $limitstart, $sort, $activeareas)); if ($sqls) { $s = array(); foreach ($sqls as $sql) { if (!is_string($sql)) { continue; } if (trim($sql) != '') { $s[] = $sql; } } $query = "("; $query .= implode(") UNION (", $s); $query .= ") ORDER BY "; switch ($sort) { case 'title': $query .= 'title ASC, publish_up'; break; case 'id': $query .= "id DESC"; break; case 'date': default: $query .= 'publish_up DESC, title'; break; } $query .= $limit != 'all' && $limit > 0 ? " LIMIT {$limitstart}, {$limit}" : ""; } $this->database->setQuery($query); $results = array($this->database->loadObjectList()); } else { $results = Event::trigger('tags.onTagView', array($tags, $limit, $limitstart, $sort, $activeareas)); } // Run through the array of arrays returned from plugins and find the one that returned results $rows = array(); if ($results) { foreach ($results as $result) { if (is_array($result) && !empty($result)) { $rows = $result; break; } } } // Build some basic RSS document information $title = Lang::txt(strtoupper($this->_option)) . ': '; for ($i = 0, $n = count($tags); $i < $n; $i++) { if ($i > 0) { $title .= '+ '; } $title .= $tags[$i]->get('raw_tag') . ' '; } $title = trim($title); $title .= ': ' . $area; // Set the mime encoding for the document Document::setType('feed'); // Start a new feed object $doc = Document::instance(); $doc->link = Route::url('index.php?option=' . $this->_option); $doc->title = Config::get('sitename') . ' - ' . $title; $doc->description = Lang::txt('COM_TAGS_RSS_DESCRIPTION', Config::get('sitename'), $title); $doc->copyright = Lang::txt('COM_TAGS_RSS_COPYRIGHT', gmdate("Y"), Config::get('sitename')); $doc->category = Lang::txt('COM_TAGS_RSS_CATEGORY'); // Start outputing results if any found if (count($rows) > 0) { include_once PATH_CORE . DS . 'components' . DS . 'com_resources' . DS . 'helpers' . DS . 'helper.php'; foreach ($rows as $row) { // Prepare the title $title = strip_tags($row->title); $title = html_entity_decode($title); // Strip html from feed item description text $description = html_entity_decode(String::truncate(Sanitize::stripAll(stripslashes($row->ftext)), 300)); $author = ''; @($date = $row->publish_up ? date('r', strtotime($row->publish_up)) : ''); if (isset($row->data3) || isset($row->rcount)) { $resourceEx = new \Components\Resources\Helpers\Helper($row->id, $this->database); $resourceEx->getCitationsCount(); $resourceEx->getLastCitationDate(); $resourceEx->getContributors(); $author = strip_tags($resourceEx->contributors); } // Load individual item creator class $item = new \Hubzero\Document\Type\Feed\Item(); $item->title = $title; $item->link = $row->href; $item->description = $description; $item->date = $date; $item->category = isset($row->data1) ? $row->data1 : ''; $item->author = $author; // Loads item info into rss array $doc->addItem($item); } } }
/** * Add membership request for user * * @return array */ public function dorequestTask() { // Check if they're logged in if (User::isGuest()) { $this->loginTask(Lang::txt('COM_GROUPS_INVITE_MUST_BE_LOGGED_IN_TO_REQUEST')); return; } Request::checkToken(); //check to make sure we have cname if (!$this->cn) { $this->_errorHandler(400, Lang::txt('COM_GROUPS_ERROR_NO_ID')); } // Load the group page $this->view->group = Group::getInstance($this->cn); // Ensure we found the group info if (!$this->view->group || !$this->view->group->get('gidNumber')) { $this->_errorHandler(404, Lang::txt('COM_GROUPS_ERROR_NOT_FOUND')); } // Get the group params $gparams = new Registry($this->view->group->get('params')); // If membership is managed in seperate place disallow action if ($gparams->get('membership_control', 1) == 0) { $this->setNotification(Lang::txt('COM_GROUPS_MEMBERSHIP_MANAGED_ELSEWHERE'), 'error'); App::redirect(Route::url('index.php?option=com_groups&cn=' . $this->view->group->get('cn'))); return; } //make sure group has restricted policy if ($this->view->group->get('join_policy') != 1) { return; } //add user to applicants $this->view->group->add('applicants', array(User::get('id'))); $this->view->group->update(); // Instantiate the reason object and bind the incoming data $row = new Reason($this->database); $row->uidNumber = User::get('id'); $row->gidNumber = $this->view->group->get('gidNumber'); $row->reason = Request::getVar('reason', Lang::txt('GROUPS_NO_REASON_GIVEN'), 'post'); $row->reason = \Hubzero\Utility\Sanitize::stripAll($row->reason); $row->date = Date::toSql(); // Check and store the reason if (!$row->check()) { return App::abort(500, $row->getError()); } if (!$row->store()) { return App::abort(500, $row->getError()); } // Log the membership request Log::log(array('gidNumber' => $this->view->group->get('gidNumber'), 'action' => 'membership_requested', 'comments' => array(User::get('id')))); // Log activity $url = Route::url('index.php?option=' . $this->_option . '&cn=' . $this->view->group->get('cn')); $recipients = array(['group', $this->view->group->get('gidNumber')], ['user', User::get('id')]); foreach ($this->view->group->get('managers') as $recipient) { $recipients[] = ['user', $recipient]; } Event::trigger('system.logActivity', ['activity' => ['action' => 'requested', 'scope' => 'group', 'scope_id' => $this->view->group->get('gidNumber'), 'description' => Lang::txt('COM_GROUPS_ACTIVITY_GROUP_USER_REQUESTED', '<a href="' . $url . '">' . $this->view->group->get('description') . '</a>'), 'details' => array('title' => $this->view->group->get('description'), 'url' => $url, 'cn' => $this->view->group->get('cn'), 'gidNumber' => $this->view->group->get('gidNumber'))], 'recipients' => $recipients]); // E-mail subject $subject = Lang::txt('COM_GROUPS_JOIN_REQUEST_EMAIL_SUBJECT', $this->view->group->get('cn')); // Build the e-mail message $eview = new \Hubzero\Component\View(array('name' => 'emails', 'layout' => 'request')); $eview->option = $this->_option; $eview->sitename = Config::get('sitename'); $eview->user = User::getInstance(); $eview->group = $this->view->group; $eview->row = $row; $html = $eview->loadTemplate(); $html = str_replace("\n", "\r\n", $html); // Get the system administrator e-mail $emailadmin = Config::get('mailfrom'); // Build the "from" portion of the e-mail $from = array(); $from['name'] = Config::get('sitename') . ' ' . Lang::txt(strtoupper($this->_name)); $from['email'] = Config::get('mailfrom'); // build array of managers $managers = array(); foreach ($this->view->group->get('managers') as $m) { $profile = User::getInstance($m); if ($profile) { $managers[$profile->get('email')] = $profile->get('name'); } } // create new message $message = new \Hubzero\Mail\Message(); // build message object and send $message->setSubject($subject)->addFrom($from['email'], $from['name'])->setTo($managers)->addHeader('X-Mailer', 'PHP/' . phpversion())->addHeader('X-Component', 'com_groups')->addHeader('X-Component-Object', 'group_membership_requested')->addPart($html, 'text/plain')->send(); //tell the user they just did good $this->setNotification(Lang::txt('COM_GROUPS_INVITE_REQUEST_FORWARDED'), 'passed'); // Push through to the groups listing App::redirect($url); }
/** * Save param * * @param string $param * @param string $value * * @return void */ public function saveParam($param = '', $value = '') { // Clean up incoming $param = \Hubzero\Utility\Sanitize::paranoid($param, array('-', '_')); $value = \Hubzero\Utility\Sanitize::clean($value); if (!$this->exists()) { return false; } if (!$param || !$value) { return false; } $this->version->saveParam($this->get('version_id'), trim($param), htmlentities($value)); return $value; }
/** * Save an entry * * @return string */ private function save() { Request::checkToken(); //get request vars $event = Request::getVar('event', array(), 'post'); $event['time_zone'] = Request::getVar('time_zone', -5); $event['params'] = Request::getVar('params', array()); $event['content'] = Request::getVar('content', '', 'post', 'STRING', JREQUEST_ALLOWRAW); $registration = Request::getVar('include-registration', 0); //set vars for saving $event['catid'] = '-1'; $event['state'] = 1; $event['scope'] = 'group'; $event['scope_id'] = $this->group->get('gidNumber'); $event['modified'] = Date::toSql(); $event['modified_by'] = $this->user->get('id'); // repeating rule $event['repeating_rule'] = $this->_buildRepeatingRule(); //if we are updating set modified time and actor if (!isset($event['id']) || $event['id'] == 0) { $event['created'] = Date::toSql(); $event['created_by'] = $this->user->get('id'); } // timezone $timezone = new DateTimezone(Config::get('offset')); //parse publish up date/time if (isset($event['publish_up']) && $event['publish_up'] != '') { // combine date & time if (isset($event['publish_up_time'])) { $event['publish_up'] = $event['publish_up'] . ' ' . $event['publish_up_time']; } $event['publish_up'] = Date::of($event['publish_up'], $timezone)->format("Y-m-d H:i:s"); unset($event['publish_up_time']); } //parse publish down date/time if (isset($event['publish_down']) && $event['publish_down'] != '') { // combine date & time if (isset($event['publish_down_time'])) { $event['publish_down'] = $event['publish_down'] . ' ' . $event['publish_down_time']; } $event['publish_down'] = Date::of($event['publish_down'], $timezone)->format("Y-m-d H:i:s"); unset($event['publish_down_time']); } //parse register by date/time if (isset($event['registerby']) && $event['registerby'] != '') { //remove @ symbol $event['registerby'] = str_replace("@", "", $event['registerby']); $event['registerby'] = Date::of($event['registerby'], $timezone)->format("Y-m-d H:i:s"); } //stringify params if (isset($event['params']) && count($event['params']) > 0) { $params = new \Hubzero\Config\Registry($event['params']); $event['params'] = $params->toString(); } //did we want to turn off registration? if (!$registration) { $event['registerby'] = '0000-00-00 00:00:00'; } //instantiate new event object $eventsModelEvent = new \Components\Events\Models\Event(); // attempt to bind if (!$eventsModelEvent->bind($event)) { $this->setError($eventsModelEvent->getError()); $this->event = $eventsModelEvent; return $this->edit(); } if (isset($event['content']) && $event['content']) { $event['content'] = \Hubzero\Utility\Sanitize::clean($event['content']); } if (isset($event['extra_info']) && $event['extra_info'] && !\Hubzero\Utility\Validate::url($event['extra_info'])) { $this->setError('Website entered does not appear to be a valid URL.'); $this->event = $eventsModelEvent; return $this->edit(); } //make sure we have both start and end time if ($event['publish_up'] == '') { $this->setError('You must enter an event start, an end date is optional.'); $this->event = $eventsModelEvent; return $this->edit(); } //check to make sure end time is greater than start time if (isset($event['publish_down']) && $event['publish_down'] != '0000-00-00 00:00:00' && $event['publish_down'] != '') { $up = strtotime($event['publish_up']); $down = strtotime($event['publish_down']); $allday = isset($event['allday']) && $event['allday'] == 1 ? true : false; // make sure up greater than down when not all day // when all day event up can equal down if ($up >= $down && !$allday || $allday && $up > $down) { $this->setError('You must an event end date greater than the start date.'); $this->event = $eventsModelEvent; return $this->edit(); } } //make sure registration email is valid if ($registration && isset($event['email']) && $event['email'] != '' && !filter_var($event['email'], FILTER_VALIDATE_EMAIL)) { $this->setError('You must enter a valid email address for the events registration admin email.'); $this->event = $eventsModelEvent; return $this->edit(); } //make sure registration email is valid if ($registration && (!isset($event['registerby']) || $event['registerby'] == '')) { $this->setError('You must enter a valid event registration deadline to require registration.'); Request::setVar('includeRegistration', 1); $this->event = $eventsModelEvent; return $this->edit(); } //check to make sure we have valid info if (!$eventsModelEvent->store(true)) { $this->setError('An error occurred when trying to edit the event. Please try again.'); $this->event = $eventsModelEvent; return $this->edit(); } //get the year and month for this event //so we can jump to that spot $year = Date::of(strtotime($event['publish_up']))->format("Y"); $month = Date::of(strtotime($event['publish_up']))->format("m"); //build message $message = Lang::txt('You have successfully created a new group event.'); if (isset($event['id']) && $event['id'] != 0) { $message = Lang::txt('You have successfully edited the group event.'); } //inform user and redirect App::redirect(Route::url('index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=calendar&action=details&event_id=' . $eventsModelEvent->get('id')), $message, 'passed'); }
/** * Save block content * * @return string HTML */ public function save($manifest = NULL, $blockId = 0, $pub = NULL, $actor = 0, $elementId = 0) { // Set block manifest if ($this->_manifest === NULL) { $this->_manifest = $manifest ? $manifest : self::getManifest(); } // Make sure changes are allowed if ($this->_parent->checkFreeze($this->_manifest->params, $pub)) { return false; } // Load publication version $row = new \Components\Publications\Tables\Version($this->_parent->_db); if (!$row->load($pub->version_id)) { $this->setError(Lang::txt('PLG_PROJECTS_PUBLICATIONS_PUBLICATION_VERSION_NOT_FOUND')); return false; } $originalType = $row->license_type; $originalText = $row->license_text; // Load license class $objL = new \Components\Publications\Tables\License($this->_parent->_db); // Incoming - license screen agreements $license = Request::getInt('license', 0, 'post'); $text = \Hubzero\Utility\Sanitize::clean(Request::getVar('license_text', '', 'post')); $agree = Request::getInt('agree', 0, 'post'); $custom = Request::getVar('substitute', array(), 'request', 'array'); if ($license) { if (!$objL->load($license)) { $this->setError(Lang::txt('There was a problem saving license selection')); return false; } if ($objL->agreement == 1 && !$agree) { $this->setError(Lang::txt('PLG_PROJECTS_PUBLICATIONS_LICENSE_NEED_AGREEMENT')); return false; } elseif ($objL->customizable == 1 && !$text) { $this->setError(Lang::txt('PLG_PROJECTS_PUBLICATIONS_LICENSE_NEED_TEXT')); return false; } $row->license_type = $license; $text = preg_replace("/\r/", '', $text); $row->license_text = $text; // Pre-defined license text if ($objL->text && $objL->customizable == 0) { $row->license_text = $objL->text; // Do we have template items to replace? preg_match_all('/\\[([^\\]]*)\\]/', $objL->text, $substitutes); if (count($substitutes) > 1) { foreach ($substitutes[1] as $sub) { if (!isset($custom[$sub]) || !$custom[$sub]) { $this->setError(Lang::txt('PLG_PROJECTS_PUBLICATIONS_LICENSE_NEED_CUSTOM')); return false; } else { $row->license_text = preg_replace('/\\[' . $sub . '\\]/', trim($custom[$sub]), $row->license_text); } } } } $row->store(); // Save agreement $row->saveParam($pub->version_id, 'licenseagreement', 1); // Save custom fields in version params foreach ($custom as $label => $value) { $row->saveParam($pub->version_id, 'licensecustom' . strtolower($label), trim($value)); } if ($license != $originalType || $text != $originalText) { $this->_parent->set('_update', 1); } // Check agreements return true; } // Incoming - selector screen $selections = Request::getVar('selecteditems', ''); $toAttach = explode(',', $selections); $i = 0; foreach ($toAttach as $license) { if (!trim($license)) { continue; } // Make sure license exists if ($objL->load($license)) { $row->license_type = $license; $i++; $row->store(); // Clear agreement if license is changed if ($originalType != $license) { // Save agreement $row->saveParam($pub->version_id, 'licenseagreement', 0); $this->_parent->set('_update', 1); } // Only one choice break; } } if ($i) { $this->set('_message', Lang::txt('License selection saved')); return true; } else { $this->setError(Lang::txt('There was a problem saving license selection')); return false; } }
/** * Recursive method to add comments to a flat RSS feed * * @param object $doc JDocumentFeed * @param object $row BlogModelComment * @return void */ private function _comment(&$doc, $row) { // Load individual item creator class $item = new \Hubzero\Document\Type\Feed\Item(); $item->title = Lang::txt('Comment #%s', $row->get('id')) . ' @ ' . $row->created('time') . ' on ' . $row->created('date'); $item->link = Route::url($this->entry->link() . '#c' . $row->get('id')); if ($row->isReported()) { $item->description = Lang::txt('COM_BLOG_COMMENT_REPORTED_AS_ABUSIVE'); } else { $item->description = html_entity_decode(Sanitize::stripAll($row->content())); } $item->description = '<![CDATA[' . $item->description . ']]>'; if ($row->get('anonymous')) { //$item->author = Lang::txt('COM_BLOG_ANONYMOUS'); } else { $item->author = $row->creator()->get('email') . ' (' . $row->creator()->get('name') . ')'; } $item->date = $row->created(); $item->category = ''; $doc->addItem($item); $replies = $row->replies()->whereIn('state', array(1, 3)); if ($replies->count() > 0) { foreach ($replies as $reply) { $this->_comment($doc, $reply); } } }
/** * Static method for formatting results * * @param object $row Database row * @return string HTML */ public function out($row) { $row->href = Route::url('index.php?option=com_kb§ion=' . $row->data2 . '&category=' . $row->data1 . '&alias=' . $row->alias); // Start building the HTML $html = "\t" . '<li class="kb-entry">' . "\n"; $html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n"; if ($row->ftext) { $html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->ftext)), 200) . "</p>\n"; } $html .= "\t\t" . '<p class="href">' . Request::base() . ltrim($row->href, '/') . '</p>' . "\n"; $html .= "\t" . '</li>' . "\n"; // Return output return $html; }
/** * onIndex * * @param string $type * @param integer $id * @param boolean $run * @access public * @return void */ public function onIndex($type, $id, $run = false) { if ($type == 'wiki') { if ($run === true) { // Establish a db connection $db = App::get('db'); // Sanitize the string $id = \Hubzero\Utility\Sanitize::paranoid($id); // Get the record $sql = "SELECT * FROM #__wiki_pages\n\t\t\t\t\tJOIN #__wiki_versions\n\t\t\t\t\tON #__wiki_pages.version_id = #__wiki_versions.id\n\t\t\t\t\tWHERE #__wiki_pages.id = {$id} AND #__wiki_pages.state = 1;"; $row = $db->setQuery($sql)->query()->loadObject(); // Get the name of the author $sql1 = "SELECT name FROM #__users WHERE id={$row->created_by};"; $author = $db->setQuery($sql1)->query()->loadResult(); // Get any tags $sql2 = "SELECT tag \n\t\t\t\t\tFROM #__tags\n\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\tWHERE #__tags_object.objectid = {$id} AND #__tags_object.tbl = 'wiki';"; $tags = $db->setQuery($sql2)->query()->loadColumn(); // Determine the path if ($row->scope == 'site') { $path = '/wiki/' . $row->path; } elseif ($row->scope == 'group') { $group = \Hubzero\User\Group::getInstance($row->scope_id); // Make sure group is valid. if (is_object($group)) { $cn = $group->get('cn'); $path = '/groups/' . $cn . '/wiki/' . $row->path; } } else { // Only group and site wiki is supported right now // @TODO: Project Notes return; } // Public condition if ($row->state == 1 && ($row->access == 0 || ($row->access = 1))) { $access_level = 'public'; } elseif ($row->state == 1 && $row->access == 2) { $access_level = 'registered'; } else { $access_level = 'private'; } if ($row->scope != 'group') { $owner_type = 'user'; $owner = $row->created_by; } else { $owner_type = 'group'; $owner = $row->scope_id; } // Get the title $title = $row->title; // Build the description, clean up text $content = $row->pagehtml; $content = preg_replace('/<[^>]*>/', ' ', $content); $content = preg_replace('/ {2,}/', ' ', $content); $description = \Hubzero\Utility\Sanitize::stripAll($content); // Create a record object $record = new \stdClass(); $record->id = $type . '-' . $id; $record->hubtype = $type; $record->title = $title; $record->description = $description; $record->author = array($author); $record->tags = $tags; $record->path = $path; $record->access_level = $access_level; $record->owner = $owner; $record->owner_type = $owner_type; // Return the formatted record return $record; } else { $db = App::get('db'); $sql = "SELECT #__wiki_pages.id FROM #__wiki_pages\n\t\t\t\t\tJOIN #__wiki_versions\n\t\t\t\t\tON #__wiki_pages.version_id = #__wiki_versions.id\n\t\t\t\t\tWHERE #__wiki_pages.state = 1;"; $ids = $db->setQuery($sql)->query()->loadColumn(); return $ids; } } }
/** * List all group files * * @return array */ public function listfilesTask() { // set the neeced layout $this->view->setLayout('filelist'); //get request vars $this->view->folders = array(); $this->view->files = array(); $this->view->type = \Hubzero\Utility\Sanitize::paranoid(Request::getWord('type', '')); $this->view->relpath = Request::getVar('path', '/'); // make sure we default to uploads folder for non-super groups if ($this->group->get('type') != 3 && (!$this->view->relpath || $this->view->relpath == '/')) { $this->view->relpath = '/uploads'; } $this->view->relpath = \Hubzero\Filesystem\Util::normalizePath($this->view->relpath); $this->view->relpath = explode('/', $this->view->relpath); foreach ($this->view->relpath as $i => $p) { $this->view->relpath[$i] = preg_replace('/[^a-zA-Z0-9_\\-]/', '', $p); } $this->view->relpath = implode(DS, $this->view->relpath); //build path to the group folder $this->path = rtrim($this->path, DS) . $this->view->relpath; // if we have a directory if (is_dir($this->path)) { //get list of files $folders = Filesystem::directories($this->path, '.', false); $files = Filesystem::files($this->path, '.', false); // filter by type if (isset($this->view->type) && $this->view->type != '') { foreach ($files as $k => $file) { $fileInfo = pathinfo($file); $ext = strtolower($fileInfo['extension']); if ($this->view->type == 'images' && !in_array($ext, array('jpg', 'jpeg', 'png', 'gif', 'bmp', 'tiff'))) { unset($files[$k]); } else { if ($this->view->type == 'files' && in_array($ext, array('jpg', 'jpeg', 'png', 'gif', 'bmp', 'tiff'))) { unset($files[$k]); } } } } //reset array keys $this->view->folders = array_values($folders); $this->view->files = array_values($files); } // pass vars to view //$this->view->config = $this->config; $this->view->group = $this->group; $this->view->path = $this->path; // get view notifications $this->view->notifications = $this->getNotifications() ? $this->getNotifications() : array(); //display view $this->view->display(); }
/** * Display module content * * @return void */ public function display() { // Field labels $this->name_label = $this->params->get('name_label', Lang::txt('MOD_RAPID_CONTACT_FIELD_NAME')); $this->email_label = $this->params->get('email_label', Lang::txt('MOD_RAPID_CONTACT_FIELD_EMAIL')); $this->subject_label = $this->params->get('subject_label', Lang::txt('MOD_RAPID_CONTACT_FIELD_SUBJECT')); $this->message_label = $this->params->get('message_label', Lang::txt('MOD_RAPID_CONTACT_FIELD_MESSAGE')); // Button text $this->button_text = $this->params->get('button_text', Lang::txt('MOD_RAPID_CONTACT_SEND')); // Pre text $this->pre_text = $this->params->get('pre_text', ''); // Thank you message $this->page_text = $this->params->get('page_text', Lang::txt('MOD_RAPID_CONTACT_THANK_YOU')); // Error messages $this->error_text = $this->params->get('error_text', Lang::txt('MOD_RAPID_CONTACT_ERROR_SENDING')); $this->no_email = $this->params->get('no_email', Lang::txt('MOD_RAPID_CONTACT_ERROR_NO_EMAIL')); $this->invalid_email = $this->params->get('invalid_email', Lang::txt('MOD_RAPID_CONTACT_ERROR_INVALID_EMAIL')); // From $this->from_name = $this->params->get('from_name', Lang::txt('MOD_RAPID_CONTACT')); $this->from_email = $this->params->get('from_email', '*****@*****.**'); // To $this->recipient = $this->params->get('email_recipient', Config::get('mailfrom')); if (!trim($this->recipient)) { $this->recipient = Config::get('mailfrom'); } // Enable Anti-spam? $this->enable_anti_spam = $this->params->get('enable_anti_spam', true); $this->anti_spam_q = $this->params->get('anti_spam_q', Lang::txt('MOD_RAPID_CONTACT_ANTIPSAM')); $this->anti_spam_a = $this->params->get('anti_spam_a', '2'); $this->mod_class_suffix = $this->params->get('moduleclass_sfx', ''); $disable_https = $this->params->get('disable_https', false); $exact_url = $this->params->get('exact_url', true); if (!$exact_url) { //$this->url = $this->_cleanXss(filter_var(Request::current(), FILTER_SANITIZE_URL)); $this->url = Request::current(); } else { if (!$disable_https) { $this->url = !empty($_SERVER['HTTPS']) ? 'https://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] : 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; } else { $this->url = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; } } //$qs = str_replace(array('"', '?'), '', urldecode($_SERVER['QUERY_STRING'])); //$aqs = explode('?', $this->url); //$this->url = $aqs[0] . '?' . urlencode($qs); $fixed_url = $this->params->get('fixed_url', true); if ($fixed_url) { $this->url = $this->params->get('fixed_url_address', ''); } $this->error = ''; $this->replacement = ''; $this->posted = array('name' => '', 'email' => '', 'subject' => '', 'message' => ''); if (isset($_POST['rp'])) { $this->posted = Request::getVar('rp', array(), 'post'); if ($this->enable_anti_spam) { if (!isset($this->posted['anti_spam_answer']) || $this->posted['anti_spam_answer'] != $this->anti_spam_a) { $this->error = Lang::txt('MOD_RAPID_CONTACT_INVALID_ANTIPSAM_ANSWER'); } } if ($this->posted['email'] === '') { $this->error = $this->no_email; } if (!preg_match("#^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$#i", $this->posted['email'])) { $this->error = $this->invalid_email; } if ($this->error == '') { $mySubject = Sanitize::clean($this->posted['subject']); $myMessage = Lang::txt('MOD_RAPID_CONTACT_MESSAGE_FROM', $this->posted['name'], $this->posted['email'], Request::getVar('HTTP_REFERER', '', 'SERVER'), Config::get('sitename')); $myMessage .= "\n\n" . Sanitize::clean($this->posted['message']); $this->from_email = $this->posted['email']; $this->from_name = isset($this->posted['name']) && Sanitize::clean($this->posted['name']) ? Sanitize::clean($this->posted['name']) : $this->posted['email']; $mailSender = new Message(); $mailSender->setSubject($mySubject)->addFrom($this->from_email, $this->from_name)->addTo($this->recipient)->addReplyTo($this->posted['email'], $this->posted['name'])->setBody($myMessage); if (!$mailSender->send()) { $this->error = $this->error_text; } else { $this->replacement = $this->page_text; } } } require $this->getLayoutPath($this->params->get('layout', 'default')); }
/** * Save comment * * @param integer $itemid * @param string $tbl * @param string $comment * @param integer $by * @param integer $parent_activity * @param integer $admin * @return integer (comment id) or false */ public function addComment($itemid = NULL, $tbl = '', $comment = '', $by = 0, $parent_activity = 0, $admin = 0) { if (!$itemid || !$tbl || !$by || !$comment || !$parent_activity) { return false; } $comment = \Hubzero\Utility\String::truncate($comment, 250); $comment = \Hubzero\Utility\Sanitize::stripAll($comment); $this->itemid = $itemid; $this->tbl = $tbl; $this->parent_activity = $parent_activity; $this->comment = $comment; $this->admin = $admin; $this->created = \Factory::getDate()->toSql(); $this->created_by = $by; if (!$this->store()) { return false; } else { return $this->id; } }
/** * Store changes to this offering * * @param boolean $check Perform data validation check? * @return boolean False if error, True on success */ public function store($check = true) { if (!$this->get('anonymous')) { $this->set('anonymous', 0); } $string = str_replace(array('&', '<', '>'), array('&', '<', '>'), $this->get('about')); $this->set('about', \Hubzero\Utility\Sanitize::clean($string)); if (!parent::store($check)) { return false; } return true; }
/** * Saves transaction notes * * @param string notes * @return bool true */ public function setTransactionNotes($notes) { $notes = \Hubzero\Utility\Sanitize::stripAll($notes); $sql = "UPDATE `#__cart_transaction_info` SET\n\t\t\t\t`tiNotes` = " . $this->_db->quote($notes) . "\n\t\t\t\tWHERE `tId` = " . $this->_db->quote($this->cart->tId); $this->_db->setQuery($sql); $this->_db->query(); return true; }
/** * Save an entry * * @return void */ public function saveTask() { // Check if they're logged in if (User::isGuest()) { $this->loginTask(); return; } Request::checkToken(); // get the posted vars $id = Request::getInt('id', 0, 'post'); $c = Request::getVar('fields', array(), 'post'); $c['id'] = $id; // clean vars foreach ($c as $key => $val) { if (!is_array($val)) { $val = html_entity_decode(urldecode($val)); $val = Sanitize::stripAll($val); $c[$key] = Sanitize::clean($val); } } // Bind incoming data to object $row = new Citation($this->database); if (!$row->bind($c)) { $this->setError($row->getError()); $this->editTask(); return; } // New entry so set the created date if (!$row->id) { $row->created = Date::toSql(); } if (!filter_var($row->url, FILTER_VALIDATE_URL)) { $row->url = null; } // Check content for missing required data if (!$row->check()) { $this->setError($row->getError()); $this->editTask(); return; } // Store new content if (!$row->store()) { $this->setError($row->getError()); $this->editTask(); return; } // Incoming associations $arr = Request::getVar('assocs', array(), 'post'); $ignored = array(); foreach ($arr as $a) { $a = array_map('trim', $a); // Initiate extended database class $assoc = new Association($this->database); //check to see if we should delete if (isset($a['id']) && $a['tbl'] == '' && $a['oid'] == '') { // Delete the row if (!$assoc->delete($a['id'])) { $this->setError($assoc->getError()); $this->editTask(); return; } } else { if ($a['tbl'] != '' || $a['oid'] != '') { $a['cid'] = $row->id; // bind the data if (!$assoc->bind($a)) { $this->setError($assoc->getError()); $this->editTask(); return; } // Check content if (!$assoc->check()) { $this->setError($assoc->getError()); $this->editTask(); return; } // Store new content if (!$assoc->store()) { $this->setError($assoc->getError()); $this->editTask(); return; } } } } //check if we are allowing tags if ($this->config->get('citation_allow_tags', 'no') == 'yes') { $tags = trim(Request::getVar('tags', '', 'post')); $ct1 = new Tags($row->id); $ct1->setTags($tags, User::get('id'), 0, 1, ''); } //check if we are allowing badges if ($this->config->get('citation_allow_badges', 'no') == 'yes') { $badges = trim(Request::getVar('badges', '', 'post')); $ct2 = new Tags($row->id); $ct2->setTags($badges, User::get('id'), 0, 1, 'badge'); } // Redirect $task = '&task=browse'; if ($this->config->get('citation_single_view', 1)) { $task = '&task=view&id=' . $row->id; } App::redirect(Route::url('index.php?option=' . $this->_option . $task), Lang::txt('COM_CITATIONS_CITATION_SAVED')); }
/** * onIndex * * @param string $type * @param integer $id * @param boolean $run * @access public * @return void */ public function onIndex($type, $id, $run = false) { if ($type == 'event') { if ($run === true) { // Establish a db connection $db = App::get('db'); // Sanitize the string $id = \Hubzero\Utility\Sanitize::paranoid($id); // Get the record $sql = "SELECT * FROM #__events WHERE id={$id};"; $row = $db->setQuery($sql)->query()->loadObject(); // Get the (start) date of the event // Format the date for SOLR $date = Date::of($row->publish_up)->format('Y-m-d'); $date .= 'T'; $date .= Date::of($row->publish_up)->format('h:m:s') . 'Z'; // Get the name of the author $sql1 = "SELECT name FROM #__users WHERE id={$row->created_by};"; $author = $db->setQuery($sql1)->query()->loadResult(); // Get any tags $sql2 = "SELECT tag \n\t\t\t\t\tFROM #__tags\n\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\tWHERE #__tags_object.objectid = {$id} AND #__tags_object.tbl = 'events';"; $tags = $db->setQuery($sql2)->query()->loadColumn(); if ($row->scope == 'event' || $row->scope == '') { $path = '/events/details/' . $row->id; } elseif ($row->scope == 'group') { $group = \Hubzero\User\Group::getInstance($row->scope_id); // Make sure group is valid. if (is_object($group)) { $cn = $group->get('cn'); $path = '/groups/' . $cn . '/calendar/details/' . $row->id; } else { $path = ''; } } // Public condition if ($row->state == 1 && $row->approved == 1 && $row->scope != 'group') { $access_level = 'public'; } else { // Default private $access_level = 'private'; } if ($row->scope != 'group') { $owner_type = 'user'; $owner = $row->created_by; } else { $owner_type = 'group'; $owner = $row->scope_id; } // Get the title $title = $row->title; // Build the description, clean up text $content = preg_replace('/<[^>]*>/', ' ', $row->content); $content = preg_replace('/ {2,}/', ' ', $content); $description = \Hubzero\Utility\Sanitize::stripAll($content); // Format the date for SOLR $date = Date::of($row->publish_up)->format('Y-m-d'); $date .= 'T'; $date .= Date::of($row->publish_up)->format('h:m:s') . 'Z'; // Create a record object $record = new \stdClass(); $record->id = $type . '-' . $id; $record->hubtype = $type; $record->title = $title; $record->description = $description; $record->author = array($author); $record->tags = $tags; $record->path = $path; $record->access_level = $access_level; $record->date = $date; $record->owner = $owner; $record->owner_type = $owner_type; // Return the formatted record return $record; } else { $db = App::get('db'); $sql = "SELECT id FROM #__events;"; $ids = $db->setQuery($sql)->query()->loadColumn(); return $ids; } } }
/** * Save a success story and show a thank you message * * @return void */ public function sendstoryTask() { if (User::isGuest()) { $here = Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=' . $this->_task); App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($here)), Lang::txt('COM_FEEDBACK_STORY_LOGIN'), 'warning'); } Request::checkToken(); $fields = Request::getVar('fields', array(), 'post'); $fields = array_map('trim', $fields); $fields['user_id'] = User::get('id'); // Initiate class and bind posted items to database fields $row = Quote::oneOrNew(0)->set($fields); // Check that a story was entered if (!$row->get('quote')) { $this->setError(Lang::txt('COM_FEEDBACK_ERROR_MISSING_STORY')); return $this->storyTask($row); } // Check for an author if (!$row->get('fullname')) { $this->setError(Lang::txt('COM_FEEDBACK_ERROR_MISSING_AUTHOR')); return $this->storyTask($row); } // Check for an organization if (!$row->get('org')) { $this->setError(Lang::txt('COM_FEEDBACK_ERROR_MISSING_ORGANIZATION')); return $this->storyTask($row); } // Code cleaner for xhtml transitional compliance $row->set('quote', Sanitize::stripAll($row->get('quote'))); $row->set('quote', str_replace('<br>', '<br />', $row->get('quote'))); $row->set('date', Date::toSql()); // Store new content if (!$row->save()) { $this->setError($row->getError()); return $this->storyTask($row); } $addedPictures = array(); $path = $row->filespace() . DS . $row->get('id'); if (!is_dir($path)) { if (!Filesystem::makeDirectory($path)) { $this->setError(Lang::txt('COM_FEEDBACK_ERROR_UNABLE_TO_CREATE_UPLOAD_PATH')); } } // If there is a temp dir for this user then copy the contents to the newly created folder $tempDir = $this->tmpPath() . DS . User::get('id'); if (is_dir($tempDir)) { $dirIterator = new DirectoryIterator($tempDir); foreach ($dirIterator as $file) { if ($file->isDot() || $file->isDir()) { continue; } $name = $file->getFilename(); if ($file->isFile()) { if ('cvs' == strtolower($name) || '.svn' == strtolower($name)) { continue; } if (Filesystem::move($tempDir . DS . $name, $path . DS . $name)) { array_push($addedPictures, $name); } } } // Remove temp folder Filesystem::deleteDirectory($tempDir); } $path = substr($row->filespace(), strlen(PATH_ROOT)) . DS . $row->get('id'); // Set page title $this->_buildTitle(); // Set the pathway $this->_buildPathway(); // Output HTML $this->view->set('row', $row)->set('path', $path)->set('addedPictures', $addedPictures)->set('title', $this->_title)->setErrors($this->getErrors())->setLayout('thanks')->display(); }
/** * Display an RSS feed of latest entries * * @return string */ private function _feed() { if (!$this->params->get('feeds_enabled', 1)) { return $this->_browse(); } include_once PATH_CORE . DS . 'libraries' . DS . 'joomla' . DS . 'document' . DS . 'feed' . DS . 'feed.php'; // Filters for returning results $filters = array('limit' => Request::getInt('limit', Config::get('list_limit')), 'start' => Request::getInt('limitstart', 0), 'year' => Request::getInt('year', 0), 'month' => Request::getInt('month', 0), 'scope' => 'group', 'scope_id' => $this->group->get('gidNumber'), 'search' => Request::getVar('search', ''), 'created_by' => Request::getInt('author', 0), 'state' => 'public'); $path = Request::path(); if (strstr($path, '/')) { $bits = $this->_parseUrl(); $filters['year'] = isset($bits[0]) && is_numeric($bits[0]) ? $bits[0] : $filters['year']; $filters['month'] = isset($bits[1]) && is_numeric($bits[1]) ? $bits[1] : $filters['month']; } if ($filters['year'] > date("Y")) { $filters['year'] = 0; } if ($filters['month'] > 12) { $filters['month'] = 0; } // Set the mime encoding for the document Document::setType('feed'); // Start a new feed object $doc = Document::instance(); $doc->link = Route::url('index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=' . $this->_name); // Build some basic RSS document information $doc->title = Config::get('sitename') . ': ' . Lang::txt('Groups') . ': ' . stripslashes($this->group->get('description')) . ': ' . Lang::txt('Blog'); $doc->description = Lang::txt('PLG_GROUPS_BLOG_RSS_DESCRIPTION', $this->group->get('cn'), Config::get('sitename')); $doc->copyright = Lang::txt('PLG_GROUPS_BLOG_RSS_COPYRIGHT', date("Y"), Config::get('sitename')); $doc->category = Lang::txt('PLG_GROUPS_BLOG_RSS_CATEGORY'); $rows = $this->model->entries($filters)->ordered()->paginated()->rows(); // Start outputing results if any found if ($rows->count() > 0) { foreach ($rows as $row) { $item = new \Hubzero\Document\Type\Feed\Item(); // Strip html from feed item description text $item->description = $row->content; $item->description = \Hubzero\Utility\Sanitize::stripAll(strip_tags(html_entity_decode($item->description))); if ($this->params->get('feed_entries') == 'partial') { $item->description = \Hubzero\Utility\String::truncate($item->description, 300); } $item->description = '<![CDATA[' . $item->description . ']]>'; // Load individual item creator class $item->title = html_entity_decode(strip_tags($row->get('title'))); $item->link = Route::url($row->link()); $item->date = date('r', strtotime($row->published())); $item->category = ''; $item->author = $row->creator()->get('name'); // Loads item info into rss array $doc->addItem($item); } } // Output the feed echo $doc->render(); exit; }
/** * Save a review * * @return void */ public function savereview() { // Is the user logged in? if (User::isGuest()) { $this->setError(Lang::txt('PLG_PUBLICATIONS_REVIEWS_LOGIN_NOTICE')); return; } $publication =& $this->publication; // Do we have a publication ID? if (!$publication->exists()) { // No ID - fail! Can't do anything else without an ID $this->setError(Lang::txt('PLG_PUBLICATIONS_REVIEWS_NO_RESOURCE_ID')); return; } $database = App::get('db'); // Bind the form data to our object $row = new \Components\Publications\Tables\Review($database); if (!$row->bind($_POST)) { $this->setError($row->getError()); return; } // Perform some text cleaning, etc. $row->id = Request::getInt('reviewid', 0); $row->state = 1; $row->comment = \Hubzero\Utility\Sanitize::stripAll($row->comment); $row->anonymous = $row->anonymous == 1 || $row->anonymous == '1' ? $row->anonymous : 0; $row->created = $row->created ? $row->created : Date::toSql(); $row->created_by = User::get('id'); $message = $row->id ? Lang::txt('PLG_PUBLICATIONS_REVIEWS_EDITS_SAVED') : Lang::txt('PLG_PUBLICATIONS_REVIEWS_REVIEW_POSTED'); // Check for missing (required) fields if (!$row->check()) { $this->setError($row->getError()); return; } // Save the data if (!$row->store()) { $this->setError($row->getError()); return; } // Calculate the new average rating for the parent publication $publication->table()->calculateRating(); $publication->table()->updateRating(); // Process tags $tags = trim(Request::getVar('review_tags', '')); if ($tags) { $rt = new \Components\Publications\Helpers\Tags($database); $rt->tag_object($row->created_by, $publication->get('id'), $tags, 1, 0); } // Get version authors $users = $publication->table('Author')->getAuthors($publication->get('version_id'), 1, 1, true); // Build the subject $subject = Config::get('sitename') . ' ' . Lang::txt('PLG_PUBLICATIONS_REVIEWS_CONTRIBUTIONS'); // Message $eview = new \Hubzero\Plugin\View(array('folder' => 'publications', 'element' => 'reviews', 'name' => 'emails')); $eview->option = $this->_option; $eview->juser = User::getInstance(); $eview->publication = $publication; $message = $eview->loadTemplate(); $message = str_replace("\n", "\r\n", $message); // Build the "from" data for the e-mail $from = array(); $from['name'] = Config::get('sitename') . ' ' . Lang::txt('PLG_PUBLICATIONS_REVIEWS_CONTRIBUTIONS'); $from['email'] = Config::get('mailfrom'); // Send message if (!Event::trigger('xmessage.onSendMessage', array('publications_new_comment', $subject, $message, $from, $users, $this->_option))) { $this->setError(Lang::txt('PLG_PUBLICATIONS_REVIEWS_FAILED_TO_MESSAGE')); } App::redirect(Route::url($publication->link('reviews')), $message); return; }
// Does this category have a unique output display? $func = 'plgWhatsnew' . ucfirst($row->section) . 'Out'; // Check if a method exist (using JPlugin style) $obj = 'plgWhatsnew' . ucfirst($this->cats[$k]['category']); if (function_exists($func)) { $html .= $func($row, $this->period); } elseif (method_exists($obj, 'out')) { $html .= call_user_func(array($obj, 'out'), $row, $this->period); } else { if (strstr($row->href, 'index.php')) { $row->href = Route::url($row->href); } $html .= "\t" . '<li>' . "\n"; $html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n"; if ($row->text) { $html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(strip_tags(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->text))), 200) . '</p>' . "\n"; } $html .= "\t\t" . '<p class="href">' . rtrim(Request::getSchemeAndHttpHost(), '/') . '/' . ltrim($row->href, '/') . '</p>' . "\n"; $html .= "\t" . '</li>' . "\n"; } } $html .= '</ol>' . "\n"; // Initiate paging if we we're displaying an active category if ($dopaging) { $pageNav = $this->pagination($this->total, $this->start, $this->limit); $pageNav->setAdditionalUrlParam('category', urlencode(strToLower($this->active))); $pageNav->setAdditionalUrlParam('period', $this->period); $html .= $pageNav->render(); $html .= '<div class="clearfix"></div>'; } else { $html .= '<p class="moreresults">' . Lang::txt('COM_WHATSNEW_TOP_SHOWN', $amt);