/** * Saves changes to an order * * @return void */ public function saveTask() { // Check for request forgeries Request::checkToken(); $statusmsg = ''; $data = array_map('trim', $_POST); $action = isset($data['action']) ? $data['action'] : ''; $id = $data['id'] ? $data['id'] : 0; $cost = intval($data['total']); if ($id) { // initiate extended database class $row = new Order($this->database); $row->load($id); $row->notes = \Hubzero\Utility\Sanitize::clean($data['notes']); $hold = $row->total; $row->total = $cost; // get user bank account $xprofile = User::getInstance($row->uid); $BTL_Q = new Teller($this->database, $xprofile->get('id')); switch ($action) { case 'complete_order': // adjust credit $credit = $BTL_Q->credit_summary(); $adjusted = $credit - $hold; $BTL_Q->credit_adjustment($adjusted); // remove hold $sql = "DELETE FROM `#__users_transactions` WHERE category='store' AND type='hold' AND referenceid='" . $id . "' AND uid=" . intval($row->uid); $this->database->setQuery($sql); if (!$this->database->query()) { throw new Exception($this->database->getErrorMsg(), 500); } // debit account if ($cost > 0) { $BTL_Q->withdraw($cost, Lang::txt('COM_STORE_BANKING_PURCHASE') . ' #' . $id, 'store', $id); } // update order information $row->status_changed = Date::toSql(); $row->status = 1; $statusmsg = Lang::txt('COM_STORE_ORDER') . ' #' . $id . ' ' . Lang::txt('COM_STORE_HAS_BEEN') . ' ' . strtolower(Lang::txt('COM_STORE_COMPLETED')) . '.'; break; case 'cancel_order': // adjust credit $credit = $BTL_Q->credit_summary(); $adjusted = $credit - $hold; $BTL_Q->credit_adjustment($adjusted); // remove hold $sql = "DELETE FROM `#__users_transactions` WHERE category='store' AND type='hold' AND referenceid='" . $id . "' AND uid=" . intval($row->uid); $this->database->setQuery($sql); if (!$this->database->query()) { throw new Exception($this->database->getErrorMsg(), 500); } // update order information $row->status_changed = Date::toSql(); $row->status = 2; $statusmsg = Lang::txt('COM_STORE_ORDER') . ' #' . $id . ' ' . Lang::txt('COM_STORE_HAS_BEEN') . ' ' . strtolower(Lang::txt('COM_STORE_CANCELLED')) . '.'; break; case 'message': $statusmsg = Lang::txt('COM_STORE_MSG_SENT') . '.'; break; default: $statusmsg = Lang::txt('COM_STORE_ORDER_DETAILS_UPDATED') . '.'; break; } // check content if (!$row->check()) { throw new Exception($row->getError(), 500); return; } // store new content if (!$row->store()) { throw new Exception($row->getError(), 500); } // send email if ($action || $data['message']) { if (\Hubzero\Utility\Validate::email($row->email)) { $message = new \Hubzero\Mail\Message(); $message->setSubject(Config::get('sitename') . ' ' . Lang::txt('COM_STORE_EMAIL_UPDATE_SHORT', $id)); $message->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' ' . Lang::txt('COM_STORE_STORE')); // Plain text email $eview = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => '_plain')); $eview->option = $this->_option; $eview->controller = $this->_controller; $eview->orderid = $id; $eview->cost = $cost; $eview->row = $row; $eview->action = $action; $eview->message = \Hubzero\Utility\Sanitize::stripAll($data['message']); $plain = $eview->loadTemplate(false); $plain = str_replace("\n", "\r\n", $plain); $message->addPart($plain, 'text/plain'); // HTML email $eview->setLayout('_html'); $html = $eview->loadTemplate(); $html = str_replace("\n", "\r\n", $html); $message->addPart($html, 'text/html'); // Send e-mail $message->setTo(array($row->email)); $message->send(); } } } App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), $statusmsg); }
/** * Save an entry * * @return void */ public function saveTask() { // Check if they're logged in if (User::isGuest()) { $this->loginTask(); return; } Request::checkToken(); // get the posted vars $id = Request::getInt('id', 0, 'post'); $c = Request::getVar('fields', array(), 'post'); $c['id'] = $id; // clean vars foreach ($c as $key => $val) { if (!is_array($val)) { $val = html_entity_decode(urldecode($val)); $val = Sanitize::stripAll($val); $c[$key] = Sanitize::clean($val); } } // Bind incoming data to object $row = new Citation($this->database); if (!$row->bind($c)) { $this->setError($row->getError()); $this->editTask(); return; } // New entry so set the created date if (!$row->id) { $row->created = Date::toSql(); } if (!filter_var($row->url, FILTER_VALIDATE_URL)) { $row->url = null; } // Check content for missing required data if (!$row->check()) { $this->setError($row->getError()); $this->editTask(); return; } // Store new content if (!$row->store()) { $this->setError($row->getError()); $this->editTask(); return; } // Incoming associations $arr = Request::getVar('assocs', array(), 'post'); $ignored = array(); foreach ($arr as $a) { $a = array_map('trim', $a); // Initiate extended database class $assoc = new Association($this->database); //check to see if we should delete if (isset($a['id']) && $a['tbl'] == '' && $a['oid'] == '') { // Delete the row if (!$assoc->delete($a['id'])) { $this->setError($assoc->getError()); $this->editTask(); return; } } else { if ($a['tbl'] != '' || $a['oid'] != '') { $a['cid'] = $row->id; // bind the data if (!$assoc->bind($a)) { $this->setError($assoc->getError()); $this->editTask(); return; } // Check content if (!$assoc->check()) { $this->setError($assoc->getError()); $this->editTask(); return; } // Store new content if (!$assoc->store()) { $this->setError($assoc->getError()); $this->editTask(); return; } } } } //check if we are allowing tags if ($this->config->get('citation_allow_tags', 'no') == 'yes') { $tags = trim(Request::getVar('tags', '', 'post')); $ct1 = new Tags($row->id); $ct1->setTags($tags, User::get('id'), 0, 1, ''); } //check if we are allowing badges if ($this->config->get('citation_allow_badges', 'no') == 'yes') { $badges = trim(Request::getVar('badges', '', 'post')); $ct2 = new Tags($row->id); $ct2->setTags($badges, User::get('id'), 0, 1, 'badge'); } // Redirect $task = '&task=browse'; if ($this->config->get('citation_single_view', 1)) { $task = '&task=view&id=' . $row->id; } App::redirect(Route::url('index.php?option=' . $this->_option . $task), Lang::txt('COM_CITATIONS_CITATION_SAVED')); }
/** * Save a success story and show a thank you message * * @return void */ public function sendstoryTask() { if (User::isGuest()) { $here = Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=' . $this->_task); App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($here)), Lang::txt('COM_FEEDBACK_STORY_LOGIN'), 'warning'); } Request::checkToken(); $fields = Request::getVar('fields', array(), 'post'); $fields = array_map('trim', $fields); $fields['user_id'] = User::get('id'); // Initiate class and bind posted items to database fields $row = Quote::oneOrNew(0)->set($fields); // Check that a story was entered if (!$row->get('quote')) { $this->setError(Lang::txt('COM_FEEDBACK_ERROR_MISSING_STORY')); return $this->storyTask($row); } // Check for an author if (!$row->get('fullname')) { $this->setError(Lang::txt('COM_FEEDBACK_ERROR_MISSING_AUTHOR')); return $this->storyTask($row); } // Check for an organization if (!$row->get('org')) { $this->setError(Lang::txt('COM_FEEDBACK_ERROR_MISSING_ORGANIZATION')); return $this->storyTask($row); } // Code cleaner for xhtml transitional compliance $row->set('quote', Sanitize::stripAll($row->get('quote'))); $row->set('quote', str_replace('<br>', '<br />', $row->get('quote'))); $row->set('date', Date::toSql()); // Store new content if (!$row->save()) { $this->setError($row->getError()); return $this->storyTask($row); } $addedPictures = array(); $path = $row->filespace() . DS . $row->get('id'); if (!is_dir($path)) { if (!Filesystem::makeDirectory($path)) { $this->setError(Lang::txt('COM_FEEDBACK_ERROR_UNABLE_TO_CREATE_UPLOAD_PATH')); } } // If there is a temp dir for this user then copy the contents to the newly created folder $tempDir = $this->tmpPath() . DS . User::get('id'); if (is_dir($tempDir)) { $dirIterator = new DirectoryIterator($tempDir); foreach ($dirIterator as $file) { if ($file->isDot() || $file->isDir()) { continue; } $name = $file->getFilename(); if ($file->isFile()) { if ('cvs' == strtolower($name) || '.svn' == strtolower($name)) { continue; } if (Filesystem::move($tempDir . DS . $name, $path . DS . $name)) { array_push($addedPictures, $name); } } } // Remove temp folder Filesystem::deleteDirectory($tempDir); } $path = substr($row->filespace(), strlen(PATH_ROOT)) . DS . $row->get('id'); // Set page title $this->_buildTitle(); // Set the pathway $this->_buildPathway(); // Output HTML $this->view->set('row', $row)->set('path', $path)->set('addedPictures', $addedPictures)->set('title', $this->_title)->setErrors($this->getErrors())->setLayout('thanks')->display(); }
?> <?php echo 'Email: ' . $this->shipping['email']; ?> </td> </tr> <?php if ($this->shipping['comments']) { ?> <tr> <th style="text-align: right; padding: 0 0.5em; font-weight: bold; white-space: nowrap; vertical-align: top;" align="right"><?php echo Lang::txt('COM_STORE_DETAILS'); ?> :</th> <td style="text-align: left; padding: 0 0.5em; vertical-align: top;" width="100%" align="left"><?php echo \Hubzero\Utility\Sanitize::stripAll($this->shipping['comments']); ?> </td> </tr> <?php } ?> </tbody> </table> </td> </tr> </tbody> </table> <!-- Start Spacer --> <table class="tbl-spacer" width="100%" cellpadding="0" cellspacing="0" border="0">
/** * onIndex * * @param string $type * @param integer $id * @param boolean $run * @access public * @return void */ public function onIndex($type, $id, $run = false) { if ($type == 'wiki') { if ($run === true) { // Establish a db connection $db = App::get('db'); // Sanitize the string $id = \Hubzero\Utility\Sanitize::paranoid($id); // Get the record $sql = "SELECT * FROM #__wiki_pages\n\t\t\t\t\tJOIN #__wiki_versions\n\t\t\t\t\tON #__wiki_pages.version_id = #__wiki_versions.id\n\t\t\t\t\tWHERE #__wiki_pages.id = {$id} AND #__wiki_pages.state = 1;"; $row = $db->setQuery($sql)->query()->loadObject(); // Get the name of the author $sql1 = "SELECT name FROM #__users WHERE id={$row->created_by};"; $author = $db->setQuery($sql1)->query()->loadResult(); // Get any tags $sql2 = "SELECT tag \n\t\t\t\t\tFROM #__tags\n\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\tWHERE #__tags_object.objectid = {$id} AND #__tags_object.tbl = 'wiki';"; $tags = $db->setQuery($sql2)->query()->loadColumn(); // Determine the path if ($row->scope == 'site') { $path = '/wiki/' . $row->path; } elseif ($row->scope == 'group') { $group = \Hubzero\User\Group::getInstance($row->scope_id); // Make sure group is valid. if (is_object($group)) { $cn = $group->get('cn'); $path = '/groups/' . $cn . '/wiki/' . $row->path; } } else { // Only group and site wiki is supported right now // @TODO: Project Notes return; } // Public condition if ($row->state == 1 && ($row->access == 0 || ($row->access = 1))) { $access_level = 'public'; } elseif ($row->state == 1 && $row->access == 2) { $access_level = 'registered'; } else { $access_level = 'private'; } if ($row->scope != 'group') { $owner_type = 'user'; $owner = $row->created_by; } else { $owner_type = 'group'; $owner = $row->scope_id; } // Get the title $title = $row->title; // Build the description, clean up text $content = $row->pagehtml; $content = preg_replace('/<[^>]*>/', ' ', $content); $content = preg_replace('/ {2,}/', ' ', $content); $description = \Hubzero\Utility\Sanitize::stripAll($content); // Create a record object $record = new \stdClass(); $record->id = $type . '-' . $id; $record->hubtype = $type; $record->title = $title; $record->description = $description; $record->author = array($author); $record->tags = $tags; $record->path = $path; $record->access_level = $access_level; $record->owner = $owner; $record->owner_type = $owner_type; // Return the formatted record return $record; } else { $db = App::get('db'); $sql = "SELECT #__wiki_pages.id FROM #__wiki_pages\n\t\t\t\t\tJOIN #__wiki_versions\n\t\t\t\t\tON #__wiki_pages.version_id = #__wiki_versions.id\n\t\t\t\t\tWHERE #__wiki_pages.state = 1;"; $ids = $db->setQuery($sql)->query()->loadColumn(); return $ids; } } }
/** * onIndex * * @param string $type * @param integer $id * @param boolean $run * @access public * @return void */ public function onIndex($type, $id, $run = false) { if ($type == 'event') { if ($run === true) { // Establish a db connection $db = App::get('db'); // Sanitize the string $id = \Hubzero\Utility\Sanitize::paranoid($id); // Get the record $sql = "SELECT * FROM #__events WHERE id={$id};"; $row = $db->setQuery($sql)->query()->loadObject(); // Get the (start) date of the event // Format the date for SOLR $date = Date::of($row->publish_up)->format('Y-m-d'); $date .= 'T'; $date .= Date::of($row->publish_up)->format('h:m:s') . 'Z'; // Get the name of the author $sql1 = "SELECT name FROM #__users WHERE id={$row->created_by};"; $author = $db->setQuery($sql1)->query()->loadResult(); // Get any tags $sql2 = "SELECT tag \n\t\t\t\t\tFROM #__tags\n\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\tWHERE #__tags_object.objectid = {$id} AND #__tags_object.tbl = 'events';"; $tags = $db->setQuery($sql2)->query()->loadColumn(); if ($row->scope == 'event' || $row->scope == '') { $path = '/events/details/' . $row->id; } elseif ($row->scope == 'group') { $group = \Hubzero\User\Group::getInstance($row->scope_id); // Make sure group is valid. if (is_object($group)) { $cn = $group->get('cn'); $path = '/groups/' . $cn . '/calendar/details/' . $row->id; } else { $path = ''; } } // Public condition if ($row->state == 1 && $row->approved == 1 && $row->scope != 'group') { $access_level = 'public'; } else { // Default private $access_level = 'private'; } if ($row->scope != 'group') { $owner_type = 'user'; $owner = $row->created_by; } else { $owner_type = 'group'; $owner = $row->scope_id; } // Get the title $title = $row->title; // Build the description, clean up text $content = preg_replace('/<[^>]*>/', ' ', $row->content); $content = preg_replace('/ {2,}/', ' ', $content); $description = \Hubzero\Utility\Sanitize::stripAll($content); // Format the date for SOLR $date = Date::of($row->publish_up)->format('Y-m-d'); $date .= 'T'; $date .= Date::of($row->publish_up)->format('h:m:s') . 'Z'; // Create a record object $record = new \stdClass(); $record->id = $type . '-' . $id; $record->hubtype = $type; $record->title = $title; $record->description = $description; $record->author = array($author); $record->tags = $tags; $record->path = $path; $record->access_level = $access_level; $record->date = $date; $record->owner = $owner; $record->owner_type = $owner_type; // Return the formatted record return $record; } else { $db = App::get('db'); $sql = "SELECT id FROM #__events;"; $ids = $db->setQuery($sql)->query()->loadColumn(); return $ids; } } }
// Does this category have a unique output display? $func = 'plgWhatsnew' . ucfirst($row->section) . 'Out'; // Check if a method exist (using JPlugin style) $obj = 'plgWhatsnew' . ucfirst($this->cats[$k]['category']); if (function_exists($func)) { $html .= $func($row, $this->period); } elseif (method_exists($obj, 'out')) { $html .= call_user_func(array($obj, 'out'), $row, $this->period); } else { if (strstr($row->href, 'index.php')) { $row->href = Route::url($row->href); } $html .= "\t" . '<li>' . "\n"; $html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n"; if ($row->text) { $html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(strip_tags(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->text))), 200) . '</p>' . "\n"; } $html .= "\t\t" . '<p class="href">' . rtrim(Request::getSchemeAndHttpHost(), '/') . '/' . ltrim($row->href, '/') . '</p>' . "\n"; $html .= "\t" . '</li>' . "\n"; } } $html .= '</ol>' . "\n"; // Initiate paging if we we're displaying an active category if ($dopaging) { $pageNav = $this->pagination($this->total, $this->start, $this->limit); $pageNav->setAdditionalUrlParam('category', urlencode(strToLower($this->active))); $pageNav->setAdditionalUrlParam('period', $this->period); $html .= $pageNav->render(); $html .= '<div class="clearfix"></div>'; } else { $html .= '<p class="moreresults">' . Lang::txt('COM_WHATSNEW_TOP_SHOWN', $amt);
/** * onIndex * * @param string $type * @param integer $id * @param boolean $run * @access public * @return void */ public function onIndex($type, $id, $run = false) { if ($type == 'citation') { if ($run === true) { // Establish a db connection $db = App::get('db'); // Sanitize the string $id = \Hubzero\Utility\Sanitize::paranoid($id); // Get the record $sql = "SELECT * FROM #__citations WHERE id={$id};"; $row = $db->setQuery($sql)->query()->loadObject(); // Obtain list of related authors $sql1 = "SELECT author FROM #__citations_authors WHERE cid={$id};"; $authors = $db->setQuery($sql1)->query()->loadColumn(); // Get any tags $sql2 = "SELECT tag \n\t\t\t\t\tFROM #__tags\n\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\tWHERE #__tags_object.objectid = {$id} AND #__tags_object.tbl = 'citations';"; $tags = $db->setQuery($sql2)->query()->loadColumn(); // Determine the path if ($row->scope == 'member') { $path = '/members/' . $row->scope_id . '/citations'; } elseif ($row->scope == 'group') { $group = \Hubzero\User\Group::getInstance($row->scope_id); // Make sure group is valid. if (is_object($group)) { $cn = $group->get('cn'); $path = '/groups/' . $cn . '/citations'; } else { $path = ''; } } else { $path = '/citations/view/' . $id; } $access_level = 'public'; if ($row->scope != 'group') { $owner_type = 'user'; $owner = $row->uid; } else { $owner_type = 'group'; $owner = $row->scope_id; } // Get the title $title = $row->title; // Build the description, clean up text $content = $row->address . ' ' . $row->author . ' ' . $row->booktitle . ' ' . $row->chapter . ' ' . $row->cite . ' ' . $row->edition . ' ' . $row->eprint . ' ' . $row->howpublished . ' ' . $row->institution . ' ' . $row->isbn . ' ' . $row->journal . ' ' . $row->month . ' ' . $row->note . ' ' . $row->number . ' ' . $row->organization . ' ' . $row->pages . ' ' . $row->publisher . ' ' . $row->series . ' ' . $row->school . ' ' . $row->title . ' ' . $row->url . ' ' . $row->volume . ' ' . $row->year . ' ' . $row->doi . ' ' . $row->ref_type . ' ' . $row->date_submit . ' ' . $row->date_accept . ' ' . $row->date_publish . ' ' . $row->software_use . ' ' . $row->notes . ' ' . $row->language . ' ' . $row->label . ' '; $content = preg_replace('/<[^>]*>/', ' ', $content); $content = preg_replace('/ {2,}/', ' ', $content); $description = \Hubzero\Utility\Sanitize::stripAll($content); // Create a record object $record = new \stdClass(); $record->id = $type . '-' . $id; $record->hubtype = $type; $record->title = $title; $record->description = $description; $record->author = $authors; $record->tags = $tags; $record->path = $path; $record->access_level = $access_level; $record->owner = $owner; $record->owner_type = $owner_type; // Return the formatted record return $record; } else { $db = App::get('db'); $sql = "SELECT id FROM #__citations;"; $ids = $db->setQuery($sql)->query()->loadColumn(); return $ids; } } }
/** * Special formatting for results * * @param object $row Database row * @param string $period Time period * @return string */ public static function out($row, $period) { $database = App::get('db'); $config = Component::params('com_publications'); // Get version authors $pa = new \Components\Publications\Tables\Author($database); $authors = $pa->getAuthors($row->version_id); // Start building HTML $html = "\t" . '<li class="publication">' . "\n"; $html .= "\t\t" . '<p><span class="pub-thumb"><img src="' . Route::url('index.php?option=com_publications&id=' . $row->id . '&v=' . $row->version_id) . '/Image:thumb' . '" alt="" /></span>'; $html .= '<span class="pub-details"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a>' . "\n"; $html .= "\t\t" . '<span class="block details">' . Date::of($row->published_up)->toLocal('d M Y') . ' <span>|</span> ' . $row->cat_name; if ($authors) { $html .= ' <span>|</span> ' . Lang::txt('PLG_WHATSNEW_PUBLICATIONS_CONTRIBUTORS') . ' ' . \Components\Publications\Helpers\Html::showContributors($authors, false, true); } $html .= '</span></span></p>' . "\n"; if ($row->text) { $html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->text)), 200) . '</p>' . "\n"; } $html .= "\t\t" . '<p class="href">' . Request::base() . trim($row->href, '/') . '</p>' . "\n"; $html .= "\t" . '</li>' . "\n"; // Return output return $html; }
<p class="details"> <?php $info = array(); if ($thedate) { $info[] = $thedate; } if ($this->line->type && $params->get('show_type') || $this->line->standalone == 1) { $info[] = stripslashes($this->line->typetitle); } if ($helper->contributors && $params->get('show_authors')) { $info[] = Lang::txt('COM_RESOURCES_CONTRIBUTORS') . ': ' . $helper->contributors; } echo implode(' <span>|</span> ', $info); ?> </p> <p> <?php $content = ''; if ($this->line->introtext) { $content = $this->line->introtext; } else { if ($this->line->fulltxt) { $content = $this->line->fulltxt; $content = preg_replace("#<nb:(.*?)>(.*?)</nb:(.*?)>#s", '', $content); $content = trim($content); } } echo \Hubzero\Utility\String::truncate(strip_tags(\Hubzero\Utility\Sanitize::stripAll(stripslashes($content))), 300); ?> </p> </li>
/** * Special formatting for results * * @param object $row Database row * @param string $period Time period * @return string */ public static function out($row, $period) { if (strstr($row->href, 'index.php')) { $row->href = Route::url($row->href); } $html = "\t" . '<li>' . "\n"; $html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n"; if ($row->text) { $html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->text)), 200) . '</p>' . "\n"; } $html .= "\t\t" . '<p class="href">' . Request::base() . ltrim($row->href, '/') . '</p>' . "\n"; $html .= "\t" . '</li>' . "\n"; // Return output return $html; }
/** * Save item * * @return string */ protected function _save() { if (User::isGuest()) { $this->setError(Lang::txt('MEMBERS_LOGIN_NOTICE')); return; } if (User::get('id') != $this->member->get('id')) { $this->setError(Lang::txt('PLG_MEMBERS_TODO_NOT_AUTHORIZED')); return $this->_browse(); } // Check for request forgeries Request::checkToken(); // Incoming $content = Request::getVar('content', ''); $projectid = Request::getInt('projectid', 0); $due = trim(Request::getVar('due', '')); $model = new \Components\Projects\Models\Project($projectid); if (!$content) { $this->setError(Lang::txt('PLG_MEMBERS_TODO_ERROR_PROVIDE_CONTENT')); return $this->_browse(); } if (!$model->exists() || !$model->access('content')) { $this->setError(Lang::txt('PLG_MEMBERS_TODO_ERROR_ACCESS_PROJECT')); return $this->_browse(); } // Initiate extended database class $objTD = new \Components\Projects\Tables\Todo($this->database); $content = rtrim(stripslashes($content)); $objTD->content = $content ? $content : $objTD->content; $objTD->content = \Hubzero\Utility\Sanitize::stripAll($objTD->content); $objTD->created_by = $this->member->get('id'); $objTD->created = Date::toSql(); $objTD->projectid = $model->get('id'); if (strlen($objTD->content) > 255) { $objTD->details = $objTD->content; } $objTD->content = \Hubzero\Utility\String::truncate($objTD->content, 255); if ($due && $due != 'mm/dd/yyyy') { $date = explode('/', $due); if (count($date) == 3) { $month = $date[0]; $day = $date[1]; $year = $date[2]; if (intval($month) && intval($day) && intval($year)) { if (strlen($day) == 1) { $day = '0' . $day; } if (strlen($month) == 1) { $month = '0' . $month; } if (checkdate($month, $day, $year)) { $objTD->duedate = Date::of(mktime(0, 0, 0, $month, $day, $year))->toSql(); } } } } else { $objTD->duedate = ''; } // Get last order $lastorder = $objTD->getLastOrder($model->get('id')); $objTD->priority = $lastorder ? $lastorder + 1 : 1; // Store content if (!$objTD->store()) { $this->setError($objTD->getError()); return $this->_browse(); } else { // Record activity $aid = $model->recordActivity(Lang::txt('PLG_MEMBERS_TODO_ACTIVITY_TODO_ADDED'), $objTD->id, 'to do', Route::url('index.php?option=com_projects&alias=' . $model->get('alias') . '&active=todo&action=view&todoid=' . $objTD->id), 'todo', 1); // Store activity ID if ($aid) { $objTD->activityid = $aid; $objTD->store(); } } App::redirect(Route::url($this->member->link() . '&active=' . $this->_name), Lang::txt('PLG_MEMBERS_TODO_SAVED')); }
/** * Static method for formatting results * * @param object $row Database row * @return string HTML */ public static function out($row) { require_once \Component::path('com_members') . DS . 'models' . DS . 'member.php'; $member = \Components\Members\Models\Member::oneOrNew($row->id); $row->href = Route::url($member->link()); $html = "\t" . '<li class="member">' . "\n"; $html .= "\t\t" . '<p class="photo"><img width="50" height="50" src="' . $member->picture() . '" alt="" /></p>' . "\n"; $html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n"; if ($row->ftext) { $html .= "\t\t" . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->ftext)), 200) . "\n"; } $html .= "\t\t" . '<p class="href">' . Request::base() . ltrim($row->href, '/') . '</p>' . "\n"; $html .= "\t" . '</li>' . "\n"; return $html; }
/** * Recursive function to append comments to a feed * * @param object $comments * @return void */ protected function _feedItem($comments) { foreach ($comments as $comment) { // Load individual item creator class $item = new \Hubzero\Document\Type\Feed\Item(); $item->author = Lang::txt('COM_KB_ANONYMOUS'); if (!$comment->get('anonymous')) { $item->author = $comment->creator('name', $item->author); } // Prepare the title $item->title = Lang::txt('COM_KB_COMMENTS_RSS_COMMENT_TITLE', $item->author) . ' @ ' . $comment->created('time') . ' on ' . $comment->created('date'); // URL link to article $item->link = $feed->link . '#c' . $comment->get('id'); // Strip html from feed item description text if ($comment->isReported()) { $item->description = Lang::txt('COM_KB_COMMENT_REPORTED_AS_ABUSIVE'); } else { $item->description = html_entity_decode(\Hubzero\Utility\Sanitize::stripAll($comment->content('clean'))); } $item->date = $comment->created(); $item->category = ''; // Loads item info into rss array Document::addItem($item); if ($comment->replies()->total()) { $this->_feedItem($comment->replies()); } } }
/** * Save comment * * @param integer $itemid * @param string $tbl * @param string $comment * @param integer $by * @param integer $parent_activity * @param integer $admin * @return integer (comment id) or false */ public function addComment($itemid = NULL, $tbl = '', $comment = '', $by = 0, $parent_activity = 0, $admin = 0) { if (!$itemid || !$tbl || !$by || !$comment || !$parent_activity) { return false; } $comment = \Hubzero\Utility\String::truncate($comment, 250); $comment = \Hubzero\Utility\Sanitize::stripAll($comment); $this->itemid = $itemid; $this->tbl = $tbl; $this->parent_activity = $parent_activity; $this->comment = $comment; $this->admin = $admin; $this->created = \Factory::getDate()->toSql(); $this->created_by = $by; if (!$this->store()) { return false; } else { return $this->id; } }
/** * Special formatting for results * * @param object $row Database row * @param string $period Time period * @return string */ public function out($row, $period) { // Start building the HTML $html = "\t" . '<li class="event">' . "\n"; $html .= "\t\t" . '<p class="event-date"><span class="month">' . Date::of($row->publish_up)->toLocal('M') . '</span>'; $html .= '<span class="day">' . Date::of($row->publish_up)->toLocal('d') . '</span> '; $html .= '<span class="year">' . Date::of($row->publish_up)->toLocal('Y') . '</span></p>' . "\n"; $html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n"; if ($row->itext) { $row->itext = str_replace('[[BR]]', '', $row->itext); $html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->itext)), 200) . '</p>' . "\n"; } $html .= "\t\t" . '<p class="href">' . Request::base() . trim($row->href, '/') . '</p>' . "\n"; $html .= "\t" . '</li>' . "\n"; // Return output return $html; }
/** * Saves transaction notes * * @param string notes * @return bool true */ public function setTransactionNotes($notes) { $notes = \Hubzero\Utility\Sanitize::stripAll($notes); $sql = "UPDATE `#__cart_transaction_info` SET\n\t\t\t\t`tiNotes` = " . $this->_db->quote($notes) . "\n\t\t\t\tWHERE `tId` = " . $this->_db->quote($this->cart->tId); $this->_db->setQuery($sql); $this->_db->query(); return true; }
/** * Latest Questions Feed * * @return void */ public function latestTask() { //get the id of module so we get the right params $mid = Request::getInt('m', 0); //get module params $params = \Module::params($mid); //number of questions to get $limit = intval($params->get('limit', 5)); //open, closed, or both $state = $params->get('state', 'both'); $records = Question::all(); if ($state == 'open') { $records->whereEquals('state', 0); } if ($state == 'closed') { $records->whereEquals('state', 1); } if (!$state || $state == 'both') { $records->where('state', '<', Question::STATE_DELETED); } $questions = $records->ordered()->limit($limit)->start(0)->paginated()->rows(); //force mime type of document to be rss Document::setType('feed'); // Start a new feed object $doc = Document::instance(); //set rss feed attribs $doc->link = Route::url('index.php?option=com_answers'); $doc->title = Lang::txt('COM_ANSWERS_LATEST_QUESTIONS_RSS_TITLE', Config::get('sitename')); $doc->description = Lang::txt('COM_ANSWERS_LATEST_QUESTIONS_RSS_DESCRIPTION', Config::get('sitename')); $doc->copyright = Lang::txt('COM_ANSWERS_LATEST_QUESTIONS_RSS_COPYRIGHT', gmdate("Y"), Config::get('sitename')); $doc->category = Lang::txt('COM_ANSWERS_LATEST_QUESTIONS_RSS_CATEGORY'); //add each question to the feed foreach ($questions as $question) { //set feed item attibs and add item to feed $item = new \Hubzero\Document\Type\Feed\Item(); $item->title = html_entity_decode(Sanitize::stripAll(stripslashes($question->subject))); $item->link = Route::url($question->link()); $item->description = html_entity_decode(Sanitize::stripAll(stripslashes($question->question))); $item->date = date("r", strtotime($question->get('created'))); $item->category = Lang::txt('COM_ANSWERS_LATEST_QUESTIONS_RSS_CATEGORY_ITEM'); $item->author = $question->creator()->get('name', Lang::txt('COM_ANSWERS_ANONYMOUS')); $doc->addItem($item); } }
/** * Display an RSS feed of latest entries * * @return string */ private function _feed() { if (!$this->params->get('feeds_enabled', 1)) { return $this->_browse(); } include_once PATH_CORE . DS . 'libraries' . DS . 'joomla' . DS . 'document' . DS . 'feed' . DS . 'feed.php'; // Filters for returning results $filters = array('limit' => Request::getInt('limit', Config::get('list_limit')), 'start' => Request::getInt('limitstart', 0), 'year' => Request::getInt('year', 0), 'month' => Request::getInt('month', 0), 'scope' => 'group', 'scope_id' => $this->group->get('gidNumber'), 'search' => Request::getVar('search', ''), 'created_by' => Request::getInt('author', 0), 'state' => 'public'); $path = Request::path(); if (strstr($path, '/')) { $bits = $this->_parseUrl(); $filters['year'] = isset($bits[0]) && is_numeric($bits[0]) ? $bits[0] : $filters['year']; $filters['month'] = isset($bits[1]) && is_numeric($bits[1]) ? $bits[1] : $filters['month']; } if ($filters['year'] > date("Y")) { $filters['year'] = 0; } if ($filters['month'] > 12) { $filters['month'] = 0; } // Set the mime encoding for the document Document::setType('feed'); // Start a new feed object $doc = Document::instance(); $doc->link = Route::url('index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=' . $this->_name); // Build some basic RSS document information $doc->title = Config::get('sitename') . ': ' . Lang::txt('Groups') . ': ' . stripslashes($this->group->get('description')) . ': ' . Lang::txt('Blog'); $doc->description = Lang::txt('PLG_GROUPS_BLOG_RSS_DESCRIPTION', $this->group->get('cn'), Config::get('sitename')); $doc->copyright = Lang::txt('PLG_GROUPS_BLOG_RSS_COPYRIGHT', date("Y"), Config::get('sitename')); $doc->category = Lang::txt('PLG_GROUPS_BLOG_RSS_CATEGORY'); $rows = $this->model->entries($filters)->ordered()->paginated()->rows(); // Start outputing results if any found if ($rows->count() > 0) { foreach ($rows as $row) { $item = new \Hubzero\Document\Type\Feed\Item(); // Strip html from feed item description text $item->description = $row->content; $item->description = \Hubzero\Utility\Sanitize::stripAll(strip_tags(html_entity_decode($item->description))); if ($this->params->get('feed_entries') == 'partial') { $item->description = \Hubzero\Utility\String::truncate($item->description, 300); } $item->description = '<![CDATA[' . $item->description . ']]>'; // Load individual item creator class $item->title = html_entity_decode(strip_tags($row->get('title'))); $item->link = Route::url($row->link()); $item->date = date('r', strtotime($row->published())); $item->category = ''; $item->author = $row->creator()->get('name'); // Loads item info into rss array $doc->addItem($item); } } // Output the feed echo $doc->render(); exit; }
/** * Static method for formatting results * * @param object $row Database row * @return string HTML */ public static function out($row) { include_once Component::path('com_publications') . DS . 'tables' . DS . 'author.php'; require_once Component::path('com_publications') . DS . 'helpers' . DS . 'html.php'; $row->href = Route::url('index.php?option=com_publications&id=' . $row->id); $database = App::get('db'); // Get version authors $pa = new \Components\Publications\Tables\Author($database); $authors = $pa->getAuthors($row->ftext); // Get the component params $config = Component::params('com_publications'); $row->rating = $row->rcount; $row->category = $row->data1; $row->area = $row->data2; $row->ranking = $row->data3; // Set the display date switch ($config->get('show_date')) { case 0: $thedate = ''; break; case 1: $thedate = Date::of($row->created)->toLocal(Lang::txt('DATE_FORMAT_HZ1')); break; case 2: $thedate = Date::of($row->modified)->toLocal(Lang::txt('DATE_FORMAT_HZ1')); break; case 3: $thedate = Date::of($row->publish_up)->toLocal(Lang::txt('DATE_FORMAT_HZ1')); break; } if (strstr($row->href, 'index.php')) { $row->href = Route::url($row->href); } // Start building the HTML $html = "\t" . '<li class="'; $html .= 'publication">' . "\n"; $html .= "\t\t" . '<p class="title"><a href="' . $row->href . '/?v=' . $row->alias . '">' . stripslashes($row->title) . '</a></p>' . "\n"; $html .= "\t\t" . '<p class="details">' . $thedate . ' <span>|</span> ' . $row->area; if ($authors) { $html .= ' <span>|</span> ' . Lang::txt('PLG_TAGS_PUBLICATIONS_CONTRIBUTORS') . ' ' . stripslashes(\Components\Publications\Helpers\Html::showContributors($authors, true, false)); } $html .= '</p>' . "\n"; if ($row->itext) { $html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->itext)), 200) . '</p>' . "\n"; } $html .= "\t\t" . '<p class="href">' . Request::base() . trim($row->href . '/?v=' . $row->alias, '/') . '</p>' . "\n"; $html .= "\t" . '</li>' . "\n"; // Return output return $html; }
/** * onIndex * * @param string $type * @param integer $id * @param boolean $run * @access public * @return void */ public function onIndex($type, $id, $run = false) { if ($type == 'publication') { if ($run === true) { // Establish a db connection $db = App::get('db'); // Sanitize the string $id = \Hubzero\Utility\Sanitize::paranoid($id); // Get the record $sql = "SELECT\n\t\t\t\t\t#__publications.id,\n\t\t\t\t\talias,\n\t\t\t\t\t#__publications.access,\n\t\t\t\t\tmaster_doi,\n\t\t\t\t\tpublished_up,\n\t\t\t\t\t#__publications.created_by,\n\t\t\t\t\tabstract,\n\t\t\t\t\tdescription,\n\t\t\t\t\ttitle,\n\t\t\t\t\tdoi,\n\t\t\t\t\tstate,\n\t\t\t\t\trelease_notes,\n\t\t\t\t\tMAX(#__publication_versions.id) as latestVersion\n\t\t\t\t\tFROM #__publications \n\t\t\t\tLEFT JOIN #__publication_versions\n\t\t\t\tON #__publications.id = #__publication_versions.publication_id\n\t\t\t\tWHERE #__publications.id = {$id};"; $row = $db->setQuery($sql)->query()->loadObject(); // Get the name of the author if (isset($row->latestVersion)) { $sql1 = "SELECT user_id, name FROM #__publication_authors WHERE publication_version_id={$row->latestVersion} AND role != 'submitter';"; $authors = $db->setQuery($sql1)->query()->loadAssocList(); // Get any tags $sql2 = "SELECT tag\n\t\t\t\t\t\tFROM #__tags\n\t\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\t\tWHERE #__tags_object.objectid = {$row->latestVersion} AND #__tags_object.tbl = 'publications';"; $tags = $db->setQuery($sql2)->query()->loadColumn(); } else { $authors = array(); $tags = array(); } // @TODO: PHP 5.5 includes array_column() $owners = array(); $authorNames = array(); if (isset($authors) && !empty($authors)) { foreach ($authors as $author) { array_push($owners, $author['user_id']); } foreach ($authors as $author) { array_push($authorNames, $author['name']); } } // Determine the path if ($row->alias != '') { $path = '/publications/' . $row->alias; } else { $path = '/publications/' . $id; } // Public condition if ($row->state == 1 && $row->access == 0) { $access_level = 'public'; } elseif ($row->state == 1 && $row->access == 1) { $access_level = 'registered'; } else { $access_level = 'private'; } // Authors have access $owner_type = 'user'; // So does submitter; array_push($owners, $row->created_by); // Get the title $title = $row->title; // Build the description, clean up text $content = $row->abstract . ' ' . $row->description . ' ' . $row->release_notes; $content = preg_replace('/<[^>]*>/', ' ', $content); $content = preg_replace('/ {2,}/', ' ', $content); $description = \Hubzero\Utility\Sanitize::stripAll($content); if (isset($row->doi)) { $doi = $row->doi; } else { $doi = ''; } // Create a record object $record = new \stdClass(); $record->id = $type . '-' . $id; $record->hubtype = $type; $record->title = $title; $record->description = $description; $record->author = $authorNames; $row->doi = $doi; $record->tags = $tags; $record->path = $path; $record->access_level = $access_level; $record->owner = $owners; $record->owner_type = $owner_type; // Return the formatted record return $record; } else { $db = App::get('db'); $sql = "SELECT id FROM #__publications;"; $ids = $db->setQuery($sql)->query()->loadColumn(); return $ids; } } }
/** * Save item * * @return string */ public function save() { // Check for request forgeries Request::checkToken(['get', 'post']); // Incoming $listcolor = Request::getVar('list', ''); $content = Request::getVar('content', ''); $todoid = Request::getInt('todoid', 0); $newlist = Request::getVar('newlist', '', 'post'); $newcolor = Request::getVar('newcolor', '', 'post'); $page = Request::getVar('page', 'list', 'post'); $assigned = Request::getInt('assigned', 0); $mine = Request::getInt('mine', 0); $state = Request::getInt('state', 0); $ajax = Request::getInt('ajax', 0); $task = $this->_task; $new = 0; // Check permission if (!$this->model->access('content')) { throw new Exception(Lang::txt('ALERTNOTAUTH'), 403); return; } // Check if assignee is owner $objO = $this->model->table('Owner'); if ($assigned && !$objO->isOwner($assigned, $this->model->get('id'))) { $assigned = 0; } if ($mine && !$assigned) { $assigned = $this->_uid; } // Initiate extended database class $objTD = new \Components\Projects\Tables\Todo($this->_database); // Load up todo if exists if (!$objTD->loadTodo($this->model->get('id'), $todoid)) { $objTD->created_by = $this->_uid; $objTD->created = Date::toSql(); $objTD->projectid = $this->model->get('id'); $assigned = $assigned; $new = 1; } else { $content = $content ? $content : $objTD->content; } // Prevent resubmit if ($task == 'save' && $content == '' && $newlist == '') { App::redirect($this->model->link('todo')); return; } // Save if not empty if ($task == 'save' && $content != '') { $content = rtrim(stripslashes($content)); $objTD->content = $content ? $content : $objTD->content; $objTD->content = \Hubzero\Utility\Sanitize::stripAll($objTD->content); // Save access under details if (strlen($objTD->content) > 255) { $objTD->details = $objTD->content; } $objTD->content = \Hubzero\Utility\String::truncate($objTD->content, 255); $objTD->color = $listcolor == 'none' ? '' : $listcolor; $objTD->assigned_to = $assigned; $objTD->state = $state; // Get due date $due = trim(Request::getVar('due', '')); if ($due && $due != 'mm/dd/yyyy') { $date = explode('/', $due); if (count($date) == 3) { $month = $date[0]; $day = $date[1]; $year = $date[2]; if (intval($month) && intval($day) && intval($year)) { if (strlen($day) == 1) { $day = '0' . $day; } if (strlen($month) == 1) { $month = '0' . $month; } if (checkdate($month, $day, $year)) { $objTD->duedate = Date::of(mktime(0, 0, 0, $month, $day, $year))->toSql(); } } } else { $this->setError(Lang::txt('PLG_PROJECTS_TODO_TODO_WRONG_DATE_FORMAT')); } } else { $objTD->duedate = ''; } // Get last order $lastorder = $objTD->getLastOrder($this->model->get('id')); $neworder = $lastorder ? $lastorder + 1 : 1; $objTD->priority = $todoid ? $objTD->priority : $neworder; // Get list name $objTD->todolist = $listcolor == 'none' ? NULL : $objTD->getListName($this->model->get('id'), $objTD->color); // Store content if (!$objTD->store()) { $this->setError($objTD->getError()); } else { $this->_msg = $todoid ? Lang::txt('PLG_PROJECTS_TODO_TODO_ITEM_SAVED') : Lang::txt('PLG_PROJECTS_TODO_TODO_NEW_ITEM_SAVED'); } } elseif ($task == 'assign') { $changed = $objTD->assigned_to == $assigned ? 0 : 1; if ($changed) { $objTD->assigned_to = $assigned; $this->_mine = 0; // do not send to My Todo's list // Store content if (!$objTD->store()) { $this->setError($objTD->getError()); } else { $this->_msg = $mine ? Lang::txt('PLG_PROJECTS_TODO_TODO_ASSIGNED_TO_MINE') : Lang::txt('PLG_PROJECTS_TODO_TODO_REASSIGNED'); } } } else { if ($task == 'changestate') { $changed = $objTD->state == $state ? 0 : 1; if ($changed) { $objTD->state = $state; if ($state == 1) { $objTD->closed = Date::toSql(); $objTD->closed_by = $this->_uid; } // Store content if (!$objTD->store()) { $this->setError($objTD->getError()); } else { $this->_msg = $state == 1 ? Lang::txt('PLG_PROJECTS_TODO_TODO_MARKED_COMPLETED') : Lang::txt('PLG_PROJECTS_TODO_TODO_MARKED_INCOMPLETE'); if ($state == 1) { // Record activity $aid = $this->model->recordActivity(Lang::txt('PLG_PROJECTS_TODO_ACTIVITY_TODO_COMPLETED'), $objTD->id, 'to do', Route::url('index.php?option=' . $this->_option . '&alias=' . $this->model->get('alias') . '&active=todo' . '&action=view&todoid=' . $objTD->id), 'todo', 1); } } } } } // Save new empty list information if ($newlist != '' && $newcolor != '') { $new = 0; $newlist = \Hubzero\Utility\Sanitize::stripAll(trim($newlist)); if (!$objTD->getListName($this->model->get('id'), $newcolor)) { $objTD = new \Components\Projects\Tables\Todo($this->_database); $objTD->created_by = $this->_uid; $objTD->created = Date::toSql(); $objTD->projectid = $this->model->get('id'); $objTD->content = 'provisioned'; $objTD->state = 2; // inactive $objTD->todolist = $newlist; $objTD->color = $newcolor; // Store content if (!$objTD->store()) { $this->setError(Lang::txt('PLG_PROJECTS_TODO_TODO_ERROR_LIST_SAVE')); } else { $this->_msg = Lang::txt('PLG_PROJECTS_TODO_TODO_LIST_SAVED'); } } } // Record activity if ($new) { $aid = $this->model->recordActivity(Lang::txt('PLG_PROJECTS_TODO_ACTIVITY_TODO_ADDED'), $objTD->id, 'to do', Route::url('index.php?option=' . $this->_option . '&alias=' . $this->model->get('alias') . '&active=todo' . '&action=view&todoid=' . $objTD->id), 'todo', 1); // Store activity ID if ($aid) { $objTD->activityid = $aid; $objTD->store(); } } // Set redirect path if ($page == 'item') { $url = Route::url('index.php?option=' . $this->_option . '&alias=' . $this->model->get('alias') . '&active=todo' . '&action=view&todoid=' . $objTD->id); } else { $url = Route::url('index.php?option=' . $this->_option . '&alias=' . $this->model->get('alias') . '&active=todo&list=' . $objTD->color); } // Go to view if ($ajax) { $this->_todoid = $todoid; return $page == 'item' ? $this->item() : $this->page(); } // Pass error or success message if ($this->getError()) { \Notify::message($this->getError(), 'error', 'projects'); } elseif (!empty($this->_msg)) { \Notify::message($this->_msg, 'success', 'projects'); } // Redirect App::redirect(Route::url($url)); }
/** * Recursive method to add comments to a flat RSS feed * * @param object $doc JDocumentFeed * @param object $row BlogModelComment * @return void */ private function _comment(&$doc, $row) { // Load individual item creator class $item = new \Hubzero\Document\Type\Feed\Item(); $item->title = Lang::txt('Comment #%s', $row->get('id')) . ' @ ' . $row->created('time') . ' on ' . $row->created('date'); $item->link = Route::url($this->entry->link() . '#c' . $row->get('id')); if ($row->isReported()) { $item->description = Lang::txt('COM_BLOG_COMMENT_REPORTED_AS_ABUSIVE'); } else { $item->description = html_entity_decode(Sanitize::stripAll($row->content())); } $item->description = '<![CDATA[' . $item->description . ']]>'; if ($row->get('anonymous')) { //$item->author = Lang::txt('COM_BLOG_ANONYMOUS'); } else { $item->author = $row->creator()->get('email') . ' (' . $row->creator()->get('name') . ')'; } $item->date = $row->created(); $item->category = ''; $doc->addItem($item); $replies = $row->replies()->whereIn('state', array(1, 3)); if ($replies->count() > 0) { foreach ($replies as $reply) { $this->_comment($doc, $reply); } } }
/** * onIndex * * @param string $type * @param integer $id * @param boolean $run * @access public * @return void */ public function onIndex($type, $id, $run = false) { if ($type == 'blog-entry') { if ($run === true) { // Establish a db connection $db = App::get('db'); // Sanitize the string $id = \Hubzero\Utility\Sanitize::paranoid($id); // Get the record $sql = "SELECT * FROM #__blog_entries WHERE id={$id} AND state != 2;"; $row = $db->setQuery($sql)->query()->loadObject(); // Get the name of the author $sql1 = "SELECT name FROM #__users WHERE id={$row->created_by};"; $author = $db->setQuery($sql1)->query()->loadResult(); // Get any tags $sql2 = "SELECT tag \n\t\t\t\t\tFROM #__tags\n\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\tWHERE #__tags_object.objectid = {$id} AND #__tags_object.tbl = 'blog';"; $tags = $db->setQuery($sql2)->query()->loadColumn(); // Determine the path $year = Date::of(strtotime($row->publish_up))->toLocal('Y'); $month = Date::of(strtotime($row->publish_up))->toLocal('m'); $alias = $row->alias; if ($row->scope == 'site') { $path = '/blog/' . $year . '/' . $month . '/' . $alias; } elseif ($row->scope == 'member') { $path = '/members/' . $row->scope_id . '/blog/' . $year . '/' . $month . '/' . $alias; } elseif ($row->scope == 'group') { $group = Group::getInstance($row->scope_id); // Make sure group is valid. if (is_object($group)) { $cn = $group->get('cn'); $path = '/groups/' . $cn . '/blog/' . $year . '/' . $month . '/' . $alias; } else { $path = ''; } } // Public condition if ($row->state == 1 && $row->access == 1) { $access_level = 'public'; } elseif ($row->state == 1 && $row->access == 2) { $access_level = 'registered'; } else { $access_level = 'private'; } if ($row->scope != 'group') { $owner_type = 'user'; $owner = $row->created_by; } else { $owner_type = 'group'; $owner = $row->scope_id; } // Get the title $title = $row->title; // Build the description, clean up text $content = preg_replace('/<[^>]*>/', ' ', $row->content); $content = preg_replace('/ {2,}/', ' ', $content); $description = \Hubzero\Utility\Sanitize::stripAll($content); // Create a record object $record = new \stdClass(); $record->id = $type . '-' . $id; $record->hubtype = $type; $record->title = $title; $record->description = $description; $record->author = array($author); $record->tags = $tags; $record->path = $path; $record->access_level = $access_level; $record->owner = $owner; $record->owner_type = $owner_type; // Return the formatted record return $record; } else { $db = App::get('db'); $sql = "SELECT id FROM #__blog_entries WHERE state != 2"; $ids = $db->setQuery($sql)->query()->loadColumn(); return $ids; } } }
/** * Static method for formatting results * * @param object $row Database row * @return string HTML */ public function out($row) { $row->href = Route::url('index.php?option=com_kb§ion=' . $row->data2 . '&category=' . $row->data1 . '&alias=' . $row->alias); // Start building the HTML $html = "\t" . '<li class="kb-entry">' . "\n"; $html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n"; if ($row->ftext) { $html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->ftext)), 200) . "</p>\n"; } $html .= "\t\t" . '<p class="href">' . Request::base() . ltrim($row->href, '/') . '</p>' . "\n"; $html .= "\t" . '</li>' . "\n"; // Return output return $html; }
/** * Generate an RSS feed * * @return string RSS */ public function feedTask() { // Incoming $tagstring = trim(Request::getVar('tag', '', 'request', 'none', 2)); // Ensure we were passed a tag if (!$tagstring) { throw new Exception(Lang::txt('COM_TAGS_NO_TAG'), 404); } // Break the string into individual tags $tgs = explode(',', $tagstring); // Sanitize the tag $tags = array(); $added = array(); foreach ($tgs as $tag) { // Load the tag $tagobj = Tag::getInstance($tag); if (in_array($tagobj->get('tag'), $added)) { continue; } $added[] = $tagobj->get('tag'); // Ensure we loaded the tag's info from the database if ($tagobj->exists()) { $tags[] = $tagobj; } } // Paging variables $limitstart = Request::getInt('limitstart', 0); $limit = Request::getInt('limit', Config::get('list_limit')); $areas = array(); $searchareas = Event::trigger('tags.onTagAreas'); foreach ($searchareas as $area) { $areas = array_merge($areas, $area); } // Get the active category $area = Request::getVar('area', ''); $sort = Request::getVar('sort', ''); if ($area) { $activeareas = array($area); } else { $activeareas = $areas; } // Get the search results if (count($activeareas) > 1) { $sqls = Event::trigger('tags.onTagView', array($tags, $limit, $limitstart, $sort, $activeareas)); if ($sqls) { $s = array(); foreach ($sqls as $sql) { if (!is_string($sql)) { continue; } if (trim($sql) != '') { $s[] = $sql; } } $query = "("; $query .= implode(") UNION (", $s); $query .= ") ORDER BY "; switch ($sort) { case 'title': $query .= 'title ASC, publish_up'; break; case 'id': $query .= "id DESC"; break; case 'date': default: $query .= 'publish_up DESC, title'; break; } $query .= $limit != 'all' && $limit > 0 ? " LIMIT {$limitstart}, {$limit}" : ""; } $this->database->setQuery($query); $results = array($this->database->loadObjectList()); } else { $results = Event::trigger('tags.onTagView', array($tags, $limit, $limitstart, $sort, $activeareas)); } // Run through the array of arrays returned from plugins and find the one that returned results $rows = array(); if ($results) { foreach ($results as $result) { if (is_array($result) && !empty($result)) { $rows = $result; break; } } } // Build some basic RSS document information $title = Lang::txt(strtoupper($this->_option)) . ': '; for ($i = 0, $n = count($tags); $i < $n; $i++) { if ($i > 0) { $title .= '+ '; } $title .= $tags[$i]->get('raw_tag') . ' '; } $title = trim($title); $title .= ': ' . $area; // Set the mime encoding for the document Document::setType('feed'); // Start a new feed object $doc = Document::instance(); $doc->link = Route::url('index.php?option=' . $this->_option); $doc->title = Config::get('sitename') . ' - ' . $title; $doc->description = Lang::txt('COM_TAGS_RSS_DESCRIPTION', Config::get('sitename'), $title); $doc->copyright = Lang::txt('COM_TAGS_RSS_COPYRIGHT', gmdate("Y"), Config::get('sitename')); $doc->category = Lang::txt('COM_TAGS_RSS_CATEGORY'); // Start outputing results if any found if (count($rows) > 0) { include_once PATH_CORE . DS . 'components' . DS . 'com_resources' . DS . 'helpers' . DS . 'helper.php'; foreach ($rows as $row) { // Prepare the title $title = strip_tags($row->title); $title = html_entity_decode($title); // Strip html from feed item description text $description = html_entity_decode(String::truncate(Sanitize::stripAll(stripslashes($row->ftext)), 300)); $author = ''; @($date = $row->publish_up ? date('r', strtotime($row->publish_up)) : ''); if (isset($row->data3) || isset($row->rcount)) { $resourceEx = new \Components\Resources\Helpers\Helper($row->id, $this->database); $resourceEx->getCitationsCount(); $resourceEx->getLastCitationDate(); $resourceEx->getContributors(); $author = strip_tags($resourceEx->contributors); } // Load individual item creator class $item = new \Hubzero\Document\Type\Feed\Item(); $item->title = $title; $item->link = $row->href; $item->description = $description; $item->date = $date; $item->category = isset($row->data1) ? $row->data1 : ''; $item->author = $author; // Loads item info into rss array $doc->addItem($item); } } }
/** * Static method for formatting results * * @param object $row Database row * @return string HTML */ public static function out($row) { $row->href = Route::url($row->href); $month = Date::of($row->publish_up)->toLocal('M'); $day = Date::of($row->publish_up)->toLocal('d'); $year = Date::of($row->publish_up)->toLocal('Y'); // Start building the HTML $html = "\t" . '<li class="event">' . "\n"; $html .= "\t\t" . '<p class="event-date"><span class="month">' . $month . '</span> <span class="day">' . $day . '</span> <span class="year">' . $year . '</span></p>' . "\n"; $html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n"; if ($row->ftext) { $row->ftext = str_replace('[[BR]]', '', $row->ftext); // Remove tags to prevent tables from being displayed within a table. $row->ftext = strip_tags($row->ftext); $html .= "\t\t" . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->ftext)), 200) . "\n"; } $html .= "\t\t" . '<p class="href">' . Request::base() . trim($row->href, '/') . '</p>' . "\n"; $html .= "\t" . '</li>' . "\n"; // Return output return $html; }
/** * Add membership request for user * * @return array */ public function dorequestTask() { // Check if they're logged in if (User::isGuest()) { $this->loginTask(Lang::txt('COM_GROUPS_INVITE_MUST_BE_LOGGED_IN_TO_REQUEST')); return; } Request::checkToken(); //check to make sure we have cname if (!$this->cn) { $this->_errorHandler(400, Lang::txt('COM_GROUPS_ERROR_NO_ID')); } // Load the group page $this->view->group = Group::getInstance($this->cn); // Ensure we found the group info if (!$this->view->group || !$this->view->group->get('gidNumber')) { $this->_errorHandler(404, Lang::txt('COM_GROUPS_ERROR_NOT_FOUND')); } // Get the group params $gparams = new Registry($this->view->group->get('params')); // If membership is managed in seperate place disallow action if ($gparams->get('membership_control', 1) == 0) { $this->setNotification(Lang::txt('COM_GROUPS_MEMBERSHIP_MANAGED_ELSEWHERE'), 'error'); App::redirect(Route::url('index.php?option=com_groups&cn=' . $this->view->group->get('cn'))); return; } //make sure group has restricted policy if ($this->view->group->get('join_policy') != 1) { return; } //add user to applicants $this->view->group->add('applicants', array(User::get('id'))); $this->view->group->update(); // Instantiate the reason object and bind the incoming data $row = new Reason($this->database); $row->uidNumber = User::get('id'); $row->gidNumber = $this->view->group->get('gidNumber'); $row->reason = Request::getVar('reason', Lang::txt('GROUPS_NO_REASON_GIVEN'), 'post'); $row->reason = \Hubzero\Utility\Sanitize::stripAll($row->reason); $row->date = Date::toSql(); // Check and store the reason if (!$row->check()) { return App::abort(500, $row->getError()); } if (!$row->store()) { return App::abort(500, $row->getError()); } // Log the membership request Log::log(array('gidNumber' => $this->view->group->get('gidNumber'), 'action' => 'membership_requested', 'comments' => array(User::get('id')))); // Log activity $url = Route::url('index.php?option=' . $this->_option . '&cn=' . $this->view->group->get('cn')); $recipients = array(['group', $this->view->group->get('gidNumber')], ['user', User::get('id')]); foreach ($this->view->group->get('managers') as $recipient) { $recipients[] = ['user', $recipient]; } Event::trigger('system.logActivity', ['activity' => ['action' => 'requested', 'scope' => 'group', 'scope_id' => $this->view->group->get('gidNumber'), 'description' => Lang::txt('COM_GROUPS_ACTIVITY_GROUP_USER_REQUESTED', '<a href="' . $url . '">' . $this->view->group->get('description') . '</a>'), 'details' => array('title' => $this->view->group->get('description'), 'url' => $url, 'cn' => $this->view->group->get('cn'), 'gidNumber' => $this->view->group->get('gidNumber'))], 'recipients' => $recipients]); // E-mail subject $subject = Lang::txt('COM_GROUPS_JOIN_REQUEST_EMAIL_SUBJECT', $this->view->group->get('cn')); // Build the e-mail message $eview = new \Hubzero\Component\View(array('name' => 'emails', 'layout' => 'request')); $eview->option = $this->_option; $eview->sitename = Config::get('sitename'); $eview->user = User::getInstance(); $eview->group = $this->view->group; $eview->row = $row; $html = $eview->loadTemplate(); $html = str_replace("\n", "\r\n", $html); // Get the system administrator e-mail $emailadmin = Config::get('mailfrom'); // Build the "from" portion of the e-mail $from = array(); $from['name'] = Config::get('sitename') . ' ' . Lang::txt(strtoupper($this->_name)); $from['email'] = Config::get('mailfrom'); // build array of managers $managers = array(); foreach ($this->view->group->get('managers') as $m) { $profile = User::getInstance($m); if ($profile) { $managers[$profile->get('email')] = $profile->get('name'); } } // create new message $message = new \Hubzero\Mail\Message(); // build message object and send $message->setSubject($subject)->addFrom($from['email'], $from['name'])->setTo($managers)->addHeader('X-Mailer', 'PHP/' . phpversion())->addHeader('X-Component', 'com_groups')->addHeader('X-Component-Object', 'group_membership_requested')->addPart($html, 'text/plain')->send(); //tell the user they just did good $this->setNotification(Lang::txt('COM_GROUPS_INVITE_REQUEST_FORWARDED'), 'passed'); // Push through to the groups listing App::redirect($url); }
/** * Save a review * * @return void */ public function savereview() { // Is the user logged in? if (User::isGuest()) { $this->setError(Lang::txt('PLG_PUBLICATIONS_REVIEWS_LOGIN_NOTICE')); return; } $publication =& $this->publication; // Do we have a publication ID? if (!$publication->exists()) { // No ID - fail! Can't do anything else without an ID $this->setError(Lang::txt('PLG_PUBLICATIONS_REVIEWS_NO_RESOURCE_ID')); return; } $database = App::get('db'); // Bind the form data to our object $row = new \Components\Publications\Tables\Review($database); if (!$row->bind($_POST)) { $this->setError($row->getError()); return; } // Perform some text cleaning, etc. $row->id = Request::getInt('reviewid', 0); $row->state = 1; $row->comment = \Hubzero\Utility\Sanitize::stripAll($row->comment); $row->anonymous = $row->anonymous == 1 || $row->anonymous == '1' ? $row->anonymous : 0; $row->created = $row->created ? $row->created : Date::toSql(); $row->created_by = User::get('id'); $message = $row->id ? Lang::txt('PLG_PUBLICATIONS_REVIEWS_EDITS_SAVED') : Lang::txt('PLG_PUBLICATIONS_REVIEWS_REVIEW_POSTED'); // Check for missing (required) fields if (!$row->check()) { $this->setError($row->getError()); return; } // Save the data if (!$row->store()) { $this->setError($row->getError()); return; } // Calculate the new average rating for the parent publication $publication->table()->calculateRating(); $publication->table()->updateRating(); // Process tags $tags = trim(Request::getVar('review_tags', '')); if ($tags) { $rt = new \Components\Publications\Helpers\Tags($database); $rt->tag_object($row->created_by, $publication->get('id'), $tags, 1, 0); } // Get version authors $users = $publication->table('Author')->getAuthors($publication->get('version_id'), 1, 1, true); // Build the subject $subject = Config::get('sitename') . ' ' . Lang::txt('PLG_PUBLICATIONS_REVIEWS_CONTRIBUTIONS'); // Message $eview = new \Hubzero\Plugin\View(array('folder' => 'publications', 'element' => 'reviews', 'name' => 'emails')); $eview->option = $this->_option; $eview->juser = User::getInstance(); $eview->publication = $publication; $message = $eview->loadTemplate(); $message = str_replace("\n", "\r\n", $message); // Build the "from" data for the e-mail $from = array(); $from['name'] = Config::get('sitename') . ' ' . Lang::txt('PLG_PUBLICATIONS_REVIEWS_CONTRIBUTIONS'); $from['email'] = Config::get('mailfrom'); // Send message if (!Event::trigger('xmessage.onSendMessage', array('publications_new_comment', $subject, $message, $from, $users, $this->_option))) { $this->setError(Lang::txt('PLG_PUBLICATIONS_REVIEWS_FAILED_TO_MESSAGE')); } App::redirect(Route::url($publication->link('reviews')), $message); return; }
/** * onIndex * * @param string $type * @param integer $id * @param boolean $run * @access public * @return void */ public function onIndex($type, $id, $run = false) { if ($type == 'question') { if ($run === true) { // Establish a db connection $db = App::get('db'); // Sanitize the string $id = \Hubzero\Utility\Sanitize::paranoid($id); // Get the record $sql = "SELECT * FROM #__answers_questions WHERE id={$id};"; $row = $db->setQuery($sql)->query()->loadObject(); // Get the name of the author if ($row->anonymous == 0) { $sql1 = "SELECT name FROM #__users WHERE id={$row->created_by};"; $author = $db->setQuery($sql1)->query()->loadResult(); } else { $author = 'anonymous'; } // Get any tags $sql2 = "SELECT tag \n\t\t\t\t\tFROM #__tags\n\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\tWHERE #__tags_object.objectid = {$id} AND #__tags_object.tbl = 'answers';"; $tags = $db->setQuery($sql2)->query()->loadColumn(); // Get the associated responses $sql3 = "SELECT * FROM #__answers_responses WHERE question_id={$id};"; $responses = $db->setQuery($sql3)->query()->loadObjectList(); // Concatenate responses $responseString = ''; foreach ($responses as $response) { if ($response->state == 0) { $responseString .= $response->answer . ' '; } } // Determine the path $path = '/answers/qustion/' . $id; // Always public condition $access_level = 'public'; $owner_type = 'user'; $owner = $row->created_by; // Get the title $title = $row->subject; // Build the description, clean up text $content = $row->question . ' ' . $responseString; $content = preg_replace('/<[^>]*>/', ' ', $content); $content = preg_replace('/ {2,}/', ' ', $content); $description = \Hubzero\Utility\Sanitize::stripAll($content); // Create a record object $record = new \stdClass(); $record->id = $type . '-' . $id; $record->hubtype = $type; $record->title = $title; $record->description = $description; $record->author = array($author); $record->tags = $tags; $record->path = $path; $record->access_level = $access_level; $record->owner = $owner; $record->owner_type = $owner_type; // Return the formatted record return $record; } else { $db = App::get('db'); $sql = "SELECT id FROM #__answers_questions;"; $ids = $db->setQuery($sql)->query()->loadColumn(); return $ids; } } }