/**
* Saves changes to an order
*
* @return void
*/
public function saveTask()
{
// Check for request forgeries
Request::checkToken();
$statusmsg = '';
$data = array_map('trim', $_POST);
$action = isset($data['action']) ? $data['action'] : '';
$id = $data['id'] ? $data['id'] : 0;
$cost = intval($data['total']);
if ($id) {
// initiate extended database class
$row = new Order($this->database);
$row->load($id);
$row->notes = \Hubzero\Utility\Sanitize::clean($data['notes']);
$hold = $row->total;
$row->total = $cost;
// get user bank account
$xprofile = User::getInstance($row->uid);
$BTL_Q = new Teller($this->database, $xprofile->get('id'));
switch ($action) {
case 'complete_order':
// adjust credit
$credit = $BTL_Q->credit_summary();
$adjusted = $credit - $hold;
$BTL_Q->credit_adjustment($adjusted);
// remove hold
$sql = "DELETE FROM `#__users_transactions` WHERE category='store' AND type='hold' AND referenceid='" . $id . "' AND uid=" . intval($row->uid);
$this->database->setQuery($sql);
if (!$this->database->query()) {
throw new Exception($this->database->getErrorMsg(), 500);
}
// debit account
if ($cost > 0) {
$BTL_Q->withdraw($cost, Lang::txt('COM_STORE_BANKING_PURCHASE') . ' #' . $id, 'store', $id);
}
// update order information
$row->status_changed = Date::toSql();
$row->status = 1;
$statusmsg = Lang::txt('COM_STORE_ORDER') . ' #' . $id . ' ' . Lang::txt('COM_STORE_HAS_BEEN') . ' ' . strtolower(Lang::txt('COM_STORE_COMPLETED')) . '.';
break;
case 'cancel_order':
// adjust credit
$credit = $BTL_Q->credit_summary();
$adjusted = $credit - $hold;
$BTL_Q->credit_adjustment($adjusted);
// remove hold
$sql = "DELETE FROM `#__users_transactions` WHERE category='store' AND type='hold' AND referenceid='" . $id . "' AND uid=" . intval($row->uid);
$this->database->setQuery($sql);
if (!$this->database->query()) {
throw new Exception($this->database->getErrorMsg(), 500);
}
// update order information
$row->status_changed = Date::toSql();
$row->status = 2;
$statusmsg = Lang::txt('COM_STORE_ORDER') . ' #' . $id . ' ' . Lang::txt('COM_STORE_HAS_BEEN') . ' ' . strtolower(Lang::txt('COM_STORE_CANCELLED')) . '.';
break;
case 'message':
$statusmsg = Lang::txt('COM_STORE_MSG_SENT') . '.';
break;
default:
$statusmsg = Lang::txt('COM_STORE_ORDER_DETAILS_UPDATED') . '.';
break;
}
// check content
if (!$row->check()) {
throw new Exception($row->getError(), 500);
return;
}
// store new content
if (!$row->store()) {
throw new Exception($row->getError(), 500);
}
// send email
if ($action || $data['message']) {
if (\Hubzero\Utility\Validate::email($row->email)) {
$message = new \Hubzero\Mail\Message();
$message->setSubject(Config::get('sitename') . ' ' . Lang::txt('COM_STORE_EMAIL_UPDATE_SHORT', $id));
$message->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' ' . Lang::txt('COM_STORE_STORE'));
// Plain text email
$eview = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => '_plain'));
$eview->option = $this->_option;
$eview->controller = $this->_controller;
$eview->orderid = $id;
$eview->cost = $cost;
$eview->row = $row;
$eview->action = $action;
$eview->message = \Hubzero\Utility\Sanitize::stripAll($data['message']);
$plain = $eview->loadTemplate(false);
$plain = str_replace("\n", "\r\n", $plain);
$message->addPart($plain, 'text/plain');
// HTML email
$eview->setLayout('_html');
$html = $eview->loadTemplate();
$html = str_replace("\n", "\r\n", $html);
$message->addPart($html, 'text/html');
// Send e-mail
$message->setTo(array($row->email));
$message->send();
}
}
}
App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), $statusmsg);
}
/**
* Save an entry
*
* @return void
*/
public function saveTask()
{
// Check if they're logged in
if (User::isGuest()) {
$this->loginTask();
return;
}
Request::checkToken();
// get the posted vars
$id = Request::getInt('id', 0, 'post');
$c = Request::getVar('fields', array(), 'post');
$c['id'] = $id;
// clean vars
foreach ($c as $key => $val) {
if (!is_array($val)) {
$val = html_entity_decode(urldecode($val));
$val = Sanitize::stripAll($val);
$c[$key] = Sanitize::clean($val);
}
}
// Bind incoming data to object
$row = new Citation($this->database);
if (!$row->bind($c)) {
$this->setError($row->getError());
$this->editTask();
return;
}
// New entry so set the created date
if (!$row->id) {
$row->created = Date::toSql();
}
if (!filter_var($row->url, FILTER_VALIDATE_URL)) {
$row->url = null;
}
// Check content for missing required data
if (!$row->check()) {
$this->setError($row->getError());
$this->editTask();
return;
}
// Store new content
if (!$row->store()) {
$this->setError($row->getError());
$this->editTask();
return;
}
// Incoming associations
$arr = Request::getVar('assocs', array(), 'post');
$ignored = array();
foreach ($arr as $a) {
$a = array_map('trim', $a);
// Initiate extended database class
$assoc = new Association($this->database);
//check to see if we should delete
if (isset($a['id']) && $a['tbl'] == '' && $a['oid'] == '') {
// Delete the row
if (!$assoc->delete($a['id'])) {
$this->setError($assoc->getError());
$this->editTask();
return;
}
} else {
if ($a['tbl'] != '' || $a['oid'] != '') {
$a['cid'] = $row->id;
// bind the data
if (!$assoc->bind($a)) {
$this->setError($assoc->getError());
$this->editTask();
return;
}
// Check content
if (!$assoc->check()) {
$this->setError($assoc->getError());
$this->editTask();
return;
}
// Store new content
if (!$assoc->store()) {
$this->setError($assoc->getError());
$this->editTask();
return;
}
}
}
}
//check if we are allowing tags
if ($this->config->get('citation_allow_tags', 'no') == 'yes') {
$tags = trim(Request::getVar('tags', '', 'post'));
$ct1 = new Tags($row->id);
$ct1->setTags($tags, User::get('id'), 0, 1, '');
}
//check if we are allowing badges
if ($this->config->get('citation_allow_badges', 'no') == 'yes') {
$badges = trim(Request::getVar('badges', '', 'post'));
$ct2 = new Tags($row->id);
$ct2->setTags($badges, User::get('id'), 0, 1, 'badge');
}
// Redirect
$task = '&task=browse';
if ($this->config->get('citation_single_view', 1)) {
$task = '&task=view&id=' . $row->id;
}
App::redirect(Route::url('index.php?option=' . $this->_option . $task), Lang::txt('COM_CITATIONS_CITATION_SAVED'));
}
/**
* Save a success story and show a thank you message
*
* @return void
*/
public function sendstoryTask()
{
if (User::isGuest()) {
$here = Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=' . $this->_task);
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($here)), Lang::txt('COM_FEEDBACK_STORY_LOGIN'), 'warning');
}
Request::checkToken();
$fields = Request::getVar('fields', array(), 'post');
$fields = array_map('trim', $fields);
$fields['user_id'] = User::get('id');
// Initiate class and bind posted items to database fields
$row = Quote::oneOrNew(0)->set($fields);
// Check that a story was entered
if (!$row->get('quote')) {
$this->setError(Lang::txt('COM_FEEDBACK_ERROR_MISSING_STORY'));
return $this->storyTask($row);
}
// Check for an author
if (!$row->get('fullname')) {
$this->setError(Lang::txt('COM_FEEDBACK_ERROR_MISSING_AUTHOR'));
return $this->storyTask($row);
}
// Check for an organization
if (!$row->get('org')) {
$this->setError(Lang::txt('COM_FEEDBACK_ERROR_MISSING_ORGANIZATION'));
return $this->storyTask($row);
}
// Code cleaner for xhtml transitional compliance
$row->set('quote', Sanitize::stripAll($row->get('quote')));
$row->set('quote', str_replace('<br>', '<br />', $row->get('quote')));
$row->set('date', Date::toSql());
// Store new content
if (!$row->save()) {
$this->setError($row->getError());
return $this->storyTask($row);
}
$addedPictures = array();
$path = $row->filespace() . DS . $row->get('id');
if (!is_dir($path)) {
if (!Filesystem::makeDirectory($path)) {
$this->setError(Lang::txt('COM_FEEDBACK_ERROR_UNABLE_TO_CREATE_UPLOAD_PATH'));
}
}
// If there is a temp dir for this user then copy the contents to the newly created folder
$tempDir = $this->tmpPath() . DS . User::get('id');
if (is_dir($tempDir)) {
$dirIterator = new DirectoryIterator($tempDir);
foreach ($dirIterator as $file) {
if ($file->isDot() || $file->isDir()) {
continue;
}
$name = $file->getFilename();
if ($file->isFile()) {
if ('cvs' == strtolower($name) || '.svn' == strtolower($name)) {
continue;
}
if (Filesystem::move($tempDir . DS . $name, $path . DS . $name)) {
array_push($addedPictures, $name);
}
}
}
// Remove temp folder
Filesystem::deleteDirectory($tempDir);
}
$path = substr($row->filespace(), strlen(PATH_ROOT)) . DS . $row->get('id');
// Set page title
$this->_buildTitle();
// Set the pathway
$this->_buildPathway();
// Output HTML
$this->view->set('row', $row)->set('path', $path)->set('addedPictures', $addedPictures)->set('title', $this->_title)->setErrors($this->getErrors())->setLayout('thanks')->display();
}
?>
<?php
echo 'Email: ' . $this->shipping['email'];
?>
</td>
</tr>
<?php
if ($this->shipping['comments']) {
?>
<tr>
<th style="text-align: right; padding: 0 0.5em; font-weight: bold; white-space: nowrap; vertical-align: top;" align="right"><?php
echo Lang::txt('COM_STORE_DETAILS');
?>
:</th>
<td style="text-align: left; padding: 0 0.5em; vertical-align: top;" width="100%" align="left"><?php
echo \Hubzero\Utility\Sanitize::stripAll($this->shipping['comments']);
?>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<!-- Start Spacer -->
<table class="tbl-spacer" width="100%" cellpadding="0" cellspacing="0" border="0">
/**
* onIndex
*
* @param string $type
* @param integer $id
* @param boolean $run
* @access public
* @return void
*/
public function onIndex($type, $id, $run = false)
{
if ($type == 'wiki') {
if ($run === true) {
// Establish a db connection
$db = App::get('db');
// Sanitize the string
$id = \Hubzero\Utility\Sanitize::paranoid($id);
// Get the record
$sql = "SELECT * FROM #__wiki_pages\n\t\t\t\t\tJOIN #__wiki_versions\n\t\t\t\t\tON #__wiki_pages.version_id = #__wiki_versions.id\n\t\t\t\t\tWHERE #__wiki_pages.id = {$id} AND #__wiki_pages.state = 1;";
$row = $db->setQuery($sql)->query()->loadObject();
// Get the name of the author
$sql1 = "SELECT name FROM #__users WHERE id={$row->created_by};";
$author = $db->setQuery($sql1)->query()->loadResult();
// Get any tags
$sql2 = "SELECT tag \n\t\t\t\t\tFROM #__tags\n\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\tWHERE #__tags_object.objectid = {$id} AND #__tags_object.tbl = 'wiki';";
$tags = $db->setQuery($sql2)->query()->loadColumn();
// Determine the path
if ($row->scope == 'site') {
$path = '/wiki/' . $row->path;
} elseif ($row->scope == 'group') {
$group = \Hubzero\User\Group::getInstance($row->scope_id);
// Make sure group is valid.
if (is_object($group)) {
$cn = $group->get('cn');
$path = '/groups/' . $cn . '/wiki/' . $row->path;
}
} else {
// Only group and site wiki is supported right now
// @TODO: Project Notes
return;
}
// Public condition
if ($row->state == 1 && ($row->access == 0 || ($row->access = 1))) {
$access_level = 'public';
} elseif ($row->state == 1 && $row->access == 2) {
$access_level = 'registered';
} else {
$access_level = 'private';
}
if ($row->scope != 'group') {
$owner_type = 'user';
$owner = $row->created_by;
} else {
$owner_type = 'group';
$owner = $row->scope_id;
}
// Get the title
$title = $row->title;
// Build the description, clean up text
$content = $row->pagehtml;
$content = preg_replace('/<[^>]*>/', ' ', $content);
$content = preg_replace('/ {2,}/', ' ', $content);
$description = \Hubzero\Utility\Sanitize::stripAll($content);
// Create a record object
$record = new \stdClass();
$record->id = $type . '-' . $id;
$record->hubtype = $type;
$record->title = $title;
$record->description = $description;
$record->author = array($author);
$record->tags = $tags;
$record->path = $path;
$record->access_level = $access_level;
$record->owner = $owner;
$record->owner_type = $owner_type;
// Return the formatted record
return $record;
} else {
$db = App::get('db');
$sql = "SELECT #__wiki_pages.id FROM #__wiki_pages\n\t\t\t\t\tJOIN #__wiki_versions\n\t\t\t\t\tON #__wiki_pages.version_id = #__wiki_versions.id\n\t\t\t\t\tWHERE #__wiki_pages.state = 1;";
$ids = $db->setQuery($sql)->query()->loadColumn();
return $ids;
}
}
}
/**
* onIndex
*
* @param string $type
* @param integer $id
* @param boolean $run
* @access public
* @return void
*/
public function onIndex($type, $id, $run = false)
{
if ($type == 'event') {
if ($run === true) {
// Establish a db connection
$db = App::get('db');
// Sanitize the string
$id = \Hubzero\Utility\Sanitize::paranoid($id);
// Get the record
$sql = "SELECT * FROM #__events WHERE id={$id};";
$row = $db->setQuery($sql)->query()->loadObject();
// Get the (start) date of the event
// Format the date for SOLR
$date = Date::of($row->publish_up)->format('Y-m-d');
$date .= 'T';
$date .= Date::of($row->publish_up)->format('h:m:s') . 'Z';
// Get the name of the author
$sql1 = "SELECT name FROM #__users WHERE id={$row->created_by};";
$author = $db->setQuery($sql1)->query()->loadResult();
// Get any tags
$sql2 = "SELECT tag \n\t\t\t\t\tFROM #__tags\n\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\tWHERE #__tags_object.objectid = {$id} AND #__tags_object.tbl = 'events';";
$tags = $db->setQuery($sql2)->query()->loadColumn();
if ($row->scope == 'event' || $row->scope == '') {
$path = '/events/details/' . $row->id;
} elseif ($row->scope == 'group') {
$group = \Hubzero\User\Group::getInstance($row->scope_id);
// Make sure group is valid.
if (is_object($group)) {
$cn = $group->get('cn');
$path = '/groups/' . $cn . '/calendar/details/' . $row->id;
} else {
$path = '';
}
}
// Public condition
if ($row->state == 1 && $row->approved == 1 && $row->scope != 'group') {
$access_level = 'public';
} else {
// Default private
$access_level = 'private';
}
if ($row->scope != 'group') {
$owner_type = 'user';
$owner = $row->created_by;
} else {
$owner_type = 'group';
$owner = $row->scope_id;
}
// Get the title
$title = $row->title;
// Build the description, clean up text
$content = preg_replace('/<[^>]*>/', ' ', $row->content);
$content = preg_replace('/ {2,}/', ' ', $content);
$description = \Hubzero\Utility\Sanitize::stripAll($content);
// Format the date for SOLR
$date = Date::of($row->publish_up)->format('Y-m-d');
$date .= 'T';
$date .= Date::of($row->publish_up)->format('h:m:s') . 'Z';
// Create a record object
$record = new \stdClass();
$record->id = $type . '-' . $id;
$record->hubtype = $type;
$record->title = $title;
$record->description = $description;
$record->author = array($author);
$record->tags = $tags;
$record->path = $path;
$record->access_level = $access_level;
$record->date = $date;
$record->owner = $owner;
$record->owner_type = $owner_type;
// Return the formatted record
return $record;
} else {
$db = App::get('db');
$sql = "SELECT id FROM #__events;";
$ids = $db->setQuery($sql)->query()->loadColumn();
return $ids;
}
}
}
// Does this category have a unique output display?
$func = 'plgWhatsnew' . ucfirst($row->section) . 'Out';
// Check if a method exist (using JPlugin style)
$obj = 'plgWhatsnew' . ucfirst($this->cats[$k]['category']);
if (function_exists($func)) {
$html .= $func($row, $this->period);
} elseif (method_exists($obj, 'out')) {
$html .= call_user_func(array($obj, 'out'), $row, $this->period);
} else {
if (strstr($row->href, 'index.php')) {
$row->href = Route::url($row->href);
}
$html .= "\t" . '<li>' . "\n";
$html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n";
if ($row->text) {
$html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(strip_tags(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->text))), 200) . '</p>' . "\n";
}
$html .= "\t\t" . '<p class="href">' . rtrim(Request::getSchemeAndHttpHost(), '/') . '/' . ltrim($row->href, '/') . '</p>' . "\n";
$html .= "\t" . '</li>' . "\n";
}
}
$html .= '</ol>' . "\n";
// Initiate paging if we we're displaying an active category
if ($dopaging) {
$pageNav = $this->pagination($this->total, $this->start, $this->limit);
$pageNav->setAdditionalUrlParam('category', urlencode(strToLower($this->active)));
$pageNav->setAdditionalUrlParam('period', $this->period);
$html .= $pageNav->render();
$html .= '<div class="clearfix"></div>';
} else {
$html .= '<p class="moreresults">' . Lang::txt('COM_WHATSNEW_TOP_SHOWN', $amt);
/**
* onIndex
*
* @param string $type
* @param integer $id
* @param boolean $run
* @access public
* @return void
*/
public function onIndex($type, $id, $run = false)
{
if ($type == 'citation') {
if ($run === true) {
// Establish a db connection
$db = App::get('db');
// Sanitize the string
$id = \Hubzero\Utility\Sanitize::paranoid($id);
// Get the record
$sql = "SELECT * FROM #__citations WHERE id={$id};";
$row = $db->setQuery($sql)->query()->loadObject();
// Obtain list of related authors
$sql1 = "SELECT author FROM #__citations_authors WHERE cid={$id};";
$authors = $db->setQuery($sql1)->query()->loadColumn();
// Get any tags
$sql2 = "SELECT tag \n\t\t\t\t\tFROM #__tags\n\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\tWHERE #__tags_object.objectid = {$id} AND #__tags_object.tbl = 'citations';";
$tags = $db->setQuery($sql2)->query()->loadColumn();
// Determine the path
if ($row->scope == 'member') {
$path = '/members/' . $row->scope_id . '/citations';
} elseif ($row->scope == 'group') {
$group = \Hubzero\User\Group::getInstance($row->scope_id);
// Make sure group is valid.
if (is_object($group)) {
$cn = $group->get('cn');
$path = '/groups/' . $cn . '/citations';
} else {
$path = '';
}
} else {
$path = '/citations/view/' . $id;
}
$access_level = 'public';
if ($row->scope != 'group') {
$owner_type = 'user';
$owner = $row->uid;
} else {
$owner_type = 'group';
$owner = $row->scope_id;
}
// Get the title
$title = $row->title;
// Build the description, clean up text
$content = $row->address . ' ' . $row->author . ' ' . $row->booktitle . ' ' . $row->chapter . ' ' . $row->cite . ' ' . $row->edition . ' ' . $row->eprint . ' ' . $row->howpublished . ' ' . $row->institution . ' ' . $row->isbn . ' ' . $row->journal . ' ' . $row->month . ' ' . $row->note . ' ' . $row->number . ' ' . $row->organization . ' ' . $row->pages . ' ' . $row->publisher . ' ' . $row->series . ' ' . $row->school . ' ' . $row->title . ' ' . $row->url . ' ' . $row->volume . ' ' . $row->year . ' ' . $row->doi . ' ' . $row->ref_type . ' ' . $row->date_submit . ' ' . $row->date_accept . ' ' . $row->date_publish . ' ' . $row->software_use . ' ' . $row->notes . ' ' . $row->language . ' ' . $row->label . ' ';
$content = preg_replace('/<[^>]*>/', ' ', $content);
$content = preg_replace('/ {2,}/', ' ', $content);
$description = \Hubzero\Utility\Sanitize::stripAll($content);
// Create a record object
$record = new \stdClass();
$record->id = $type . '-' . $id;
$record->hubtype = $type;
$record->title = $title;
$record->description = $description;
$record->author = $authors;
$record->tags = $tags;
$record->path = $path;
$record->access_level = $access_level;
$record->owner = $owner;
$record->owner_type = $owner_type;
// Return the formatted record
return $record;
} else {
$db = App::get('db');
$sql = "SELECT id FROM #__citations;";
$ids = $db->setQuery($sql)->query()->loadColumn();
return $ids;
}
}
}
/**
* Special formatting for results
*
* @param object $row Database row
* @param string $period Time period
* @return string
*/
public static function out($row, $period)
{
$database = App::get('db');
$config = Component::params('com_publications');
// Get version authors
$pa = new \Components\Publications\Tables\Author($database);
$authors = $pa->getAuthors($row->version_id);
// Start building HTML
$html = "\t" . '<li class="publication">' . "\n";
$html .= "\t\t" . '<p><span class="pub-thumb"><img src="' . Route::url('index.php?option=com_publications&id=' . $row->id . '&v=' . $row->version_id) . '/Image:thumb' . '" alt="" /></span>';
$html .= '<span class="pub-details"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a>' . "\n";
$html .= "\t\t" . '<span class="block details">' . Date::of($row->published_up)->toLocal('d M Y') . ' <span>|</span> ' . $row->cat_name;
if ($authors) {
$html .= ' <span>|</span> ' . Lang::txt('PLG_WHATSNEW_PUBLICATIONS_CONTRIBUTORS') . ' ' . \Components\Publications\Helpers\Html::showContributors($authors, false, true);
}
$html .= '</span></span></p>' . "\n";
if ($row->text) {
$html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->text)), 200) . '</p>' . "\n";
}
$html .= "\t\t" . '<p class="href">' . Request::base() . trim($row->href, '/') . '</p>' . "\n";
$html .= "\t" . '</li>' . "\n";
// Return output
return $html;
}
<p class="details">
<?php
$info = array();
if ($thedate) {
$info[] = $thedate;
}
if ($this->line->type && $params->get('show_type') || $this->line->standalone == 1) {
$info[] = stripslashes($this->line->typetitle);
}
if ($helper->contributors && $params->get('show_authors')) {
$info[] = Lang::txt('COM_RESOURCES_CONTRIBUTORS') . ': ' . $helper->contributors;
}
echo implode(' <span>|</span> ', $info);
?>
</p>
<p>
<?php
$content = '';
if ($this->line->introtext) {
$content = $this->line->introtext;
} else {
if ($this->line->fulltxt) {
$content = $this->line->fulltxt;
$content = preg_replace("#<nb:(.*?)>(.*?)</nb:(.*?)>#s", '', $content);
$content = trim($content);
}
}
echo \Hubzero\Utility\String::truncate(strip_tags(\Hubzero\Utility\Sanitize::stripAll(stripslashes($content))), 300);
?>
</p>
</li>
/**
* Special formatting for results
*
* @param object $row Database row
* @param string $period Time period
* @return string
*/
public static function out($row, $period)
{
if (strstr($row->href, 'index.php')) {
$row->href = Route::url($row->href);
}
$html = "\t" . '<li>' . "\n";
$html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n";
if ($row->text) {
$html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->text)), 200) . '</p>' . "\n";
}
$html .= "\t\t" . '<p class="href">' . Request::base() . ltrim($row->href, '/') . '</p>' . "\n";
$html .= "\t" . '</li>' . "\n";
// Return output
return $html;
}
/**
* Save item
*
* @return string
*/
protected function _save()
{
if (User::isGuest()) {
$this->setError(Lang::txt('MEMBERS_LOGIN_NOTICE'));
return;
}
if (User::get('id') != $this->member->get('id')) {
$this->setError(Lang::txt('PLG_MEMBERS_TODO_NOT_AUTHORIZED'));
return $this->_browse();
}
// Check for request forgeries
Request::checkToken();
// Incoming
$content = Request::getVar('content', '');
$projectid = Request::getInt('projectid', 0);
$due = trim(Request::getVar('due', ''));
$model = new \Components\Projects\Models\Project($projectid);
if (!$content) {
$this->setError(Lang::txt('PLG_MEMBERS_TODO_ERROR_PROVIDE_CONTENT'));
return $this->_browse();
}
if (!$model->exists() || !$model->access('content')) {
$this->setError(Lang::txt('PLG_MEMBERS_TODO_ERROR_ACCESS_PROJECT'));
return $this->_browse();
}
// Initiate extended database class
$objTD = new \Components\Projects\Tables\Todo($this->database);
$content = rtrim(stripslashes($content));
$objTD->content = $content ? $content : $objTD->content;
$objTD->content = \Hubzero\Utility\Sanitize::stripAll($objTD->content);
$objTD->created_by = $this->member->get('id');
$objTD->created = Date::toSql();
$objTD->projectid = $model->get('id');
if (strlen($objTD->content) > 255) {
$objTD->details = $objTD->content;
}
$objTD->content = \Hubzero\Utility\String::truncate($objTD->content, 255);
if ($due && $due != 'mm/dd/yyyy') {
$date = explode('/', $due);
if (count($date) == 3) {
$month = $date[0];
$day = $date[1];
$year = $date[2];
if (intval($month) && intval($day) && intval($year)) {
if (strlen($day) == 1) {
$day = '0' . $day;
}
if (strlen($month) == 1) {
$month = '0' . $month;
}
if (checkdate($month, $day, $year)) {
$objTD->duedate = Date::of(mktime(0, 0, 0, $month, $day, $year))->toSql();
}
}
}
} else {
$objTD->duedate = '';
}
// Get last order
$lastorder = $objTD->getLastOrder($model->get('id'));
$objTD->priority = $lastorder ? $lastorder + 1 : 1;
// Store content
if (!$objTD->store()) {
$this->setError($objTD->getError());
return $this->_browse();
} else {
// Record activity
$aid = $model->recordActivity(Lang::txt('PLG_MEMBERS_TODO_ACTIVITY_TODO_ADDED'), $objTD->id, 'to do', Route::url('index.php?option=com_projects&alias=' . $model->get('alias') . '&active=todo&action=view&todoid=' . $objTD->id), 'todo', 1);
// Store activity ID
if ($aid) {
$objTD->activityid = $aid;
$objTD->store();
}
}
App::redirect(Route::url($this->member->link() . '&active=' . $this->_name), Lang::txt('PLG_MEMBERS_TODO_SAVED'));
}
/**
* Static method for formatting results
*
* @param object $row Database row
* @return string HTML
*/
public static function out($row)
{
require_once \Component::path('com_members') . DS . 'models' . DS . 'member.php';
$member = \Components\Members\Models\Member::oneOrNew($row->id);
$row->href = Route::url($member->link());
$html = "\t" . '<li class="member">' . "\n";
$html .= "\t\t" . '<p class="photo"><img width="50" height="50" src="' . $member->picture() . '" alt="" /></p>' . "\n";
$html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n";
if ($row->ftext) {
$html .= "\t\t" . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->ftext)), 200) . "\n";
}
$html .= "\t\t" . '<p class="href">' . Request::base() . ltrim($row->href, '/') . '</p>' . "\n";
$html .= "\t" . '</li>' . "\n";
return $html;
}
/**
* Recursive function to append comments to a feed
*
* @param object $comments
* @return void
*/
protected function _feedItem($comments)
{
foreach ($comments as $comment) {
// Load individual item creator class
$item = new \Hubzero\Document\Type\Feed\Item();
$item->author = Lang::txt('COM_KB_ANONYMOUS');
if (!$comment->get('anonymous')) {
$item->author = $comment->creator('name', $item->author);
}
// Prepare the title
$item->title = Lang::txt('COM_KB_COMMENTS_RSS_COMMENT_TITLE', $item->author) . ' @ ' . $comment->created('time') . ' on ' . $comment->created('date');
// URL link to article
$item->link = $feed->link . '#c' . $comment->get('id');
// Strip html from feed item description text
if ($comment->isReported()) {
$item->description = Lang::txt('COM_KB_COMMENT_REPORTED_AS_ABUSIVE');
} else {
$item->description = html_entity_decode(\Hubzero\Utility\Sanitize::stripAll($comment->content('clean')));
}
$item->date = $comment->created();
$item->category = '';
// Loads item info into rss array
Document::addItem($item);
if ($comment->replies()->total()) {
$this->_feedItem($comment->replies());
}
}
}
/**
* Save comment
*
* @param integer $itemid
* @param string $tbl
* @param string $comment
* @param integer $by
* @param integer $parent_activity
* @param integer $admin
* @return integer (comment id) or false
*/
public function addComment($itemid = NULL, $tbl = '', $comment = '', $by = 0, $parent_activity = 0, $admin = 0)
{
if (!$itemid || !$tbl || !$by || !$comment || !$parent_activity) {
return false;
}
$comment = \Hubzero\Utility\String::truncate($comment, 250);
$comment = \Hubzero\Utility\Sanitize::stripAll($comment);
$this->itemid = $itemid;
$this->tbl = $tbl;
$this->parent_activity = $parent_activity;
$this->comment = $comment;
$this->admin = $admin;
$this->created = \Factory::getDate()->toSql();
$this->created_by = $by;
if (!$this->store()) {
return false;
} else {
return $this->id;
}
}
/**
* Special formatting for results
*
* @param object $row Database row
* @param string $period Time period
* @return string
*/
public function out($row, $period)
{
// Start building the HTML
$html = "\t" . '<li class="event">' . "\n";
$html .= "\t\t" . '<p class="event-date"><span class="month">' . Date::of($row->publish_up)->toLocal('M') . '</span>';
$html .= '<span class="day">' . Date::of($row->publish_up)->toLocal('d') . '</span> ';
$html .= '<span class="year">' . Date::of($row->publish_up)->toLocal('Y') . '</span></p>' . "\n";
$html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n";
if ($row->itext) {
$row->itext = str_replace('[[BR]]', '', $row->itext);
$html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->itext)), 200) . '</p>' . "\n";
}
$html .= "\t\t" . '<p class="href">' . Request::base() . trim($row->href, '/') . '</p>' . "\n";
$html .= "\t" . '</li>' . "\n";
// Return output
return $html;
}
/**
* Saves transaction notes
*
* @param string notes
* @return bool true
*/
public function setTransactionNotes($notes)
{
$notes = \Hubzero\Utility\Sanitize::stripAll($notes);
$sql = "UPDATE `#__cart_transaction_info` SET\n\t\t\t\t`tiNotes` = " . $this->_db->quote($notes) . "\n\t\t\t\tWHERE `tId` = " . $this->_db->quote($this->cart->tId);
$this->_db->setQuery($sql);
$this->_db->query();
return true;
}
/**
* Latest Questions Feed
*
* @return void
*/
public function latestTask()
{
//get the id of module so we get the right params
$mid = Request::getInt('m', 0);
//get module params
$params = \Module::params($mid);
//number of questions to get
$limit = intval($params->get('limit', 5));
//open, closed, or both
$state = $params->get('state', 'both');
$records = Question::all();
if ($state == 'open') {
$records->whereEquals('state', 0);
}
if ($state == 'closed') {
$records->whereEquals('state', 1);
}
if (!$state || $state == 'both') {
$records->where('state', '<', Question::STATE_DELETED);
}
$questions = $records->ordered()->limit($limit)->start(0)->paginated()->rows();
//force mime type of document to be rss
Document::setType('feed');
// Start a new feed object
$doc = Document::instance();
//set rss feed attribs
$doc->link = Route::url('index.php?option=com_answers');
$doc->title = Lang::txt('COM_ANSWERS_LATEST_QUESTIONS_RSS_TITLE', Config::get('sitename'));
$doc->description = Lang::txt('COM_ANSWERS_LATEST_QUESTIONS_RSS_DESCRIPTION', Config::get('sitename'));
$doc->copyright = Lang::txt('COM_ANSWERS_LATEST_QUESTIONS_RSS_COPYRIGHT', gmdate("Y"), Config::get('sitename'));
$doc->category = Lang::txt('COM_ANSWERS_LATEST_QUESTIONS_RSS_CATEGORY');
//add each question to the feed
foreach ($questions as $question) {
//set feed item attibs and add item to feed
$item = new \Hubzero\Document\Type\Feed\Item();
$item->title = html_entity_decode(Sanitize::stripAll(stripslashes($question->subject)));
$item->link = Route::url($question->link());
$item->description = html_entity_decode(Sanitize::stripAll(stripslashes($question->question)));
$item->date = date("r", strtotime($question->get('created')));
$item->category = Lang::txt('COM_ANSWERS_LATEST_QUESTIONS_RSS_CATEGORY_ITEM');
$item->author = $question->creator()->get('name', Lang::txt('COM_ANSWERS_ANONYMOUS'));
$doc->addItem($item);
}
}
/**
* Display an RSS feed of latest entries
*
* @return string
*/
private function _feed()
{
if (!$this->params->get('feeds_enabled', 1)) {
return $this->_browse();
}
include_once PATH_CORE . DS . 'libraries' . DS . 'joomla' . DS . 'document' . DS . 'feed' . DS . 'feed.php';
// Filters for returning results
$filters = array('limit' => Request::getInt('limit', Config::get('list_limit')), 'start' => Request::getInt('limitstart', 0), 'year' => Request::getInt('year', 0), 'month' => Request::getInt('month', 0), 'scope' => 'group', 'scope_id' => $this->group->get('gidNumber'), 'search' => Request::getVar('search', ''), 'created_by' => Request::getInt('author', 0), 'state' => 'public');
$path = Request::path();
if (strstr($path, '/')) {
$bits = $this->_parseUrl();
$filters['year'] = isset($bits[0]) && is_numeric($bits[0]) ? $bits[0] : $filters['year'];
$filters['month'] = isset($bits[1]) && is_numeric($bits[1]) ? $bits[1] : $filters['month'];
}
if ($filters['year'] > date("Y")) {
$filters['year'] = 0;
}
if ($filters['month'] > 12) {
$filters['month'] = 0;
}
// Set the mime encoding for the document
Document::setType('feed');
// Start a new feed object
$doc = Document::instance();
$doc->link = Route::url('index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=' . $this->_name);
// Build some basic RSS document information
$doc->title = Config::get('sitename') . ': ' . Lang::txt('Groups') . ': ' . stripslashes($this->group->get('description')) . ': ' . Lang::txt('Blog');
$doc->description = Lang::txt('PLG_GROUPS_BLOG_RSS_DESCRIPTION', $this->group->get('cn'), Config::get('sitename'));
$doc->copyright = Lang::txt('PLG_GROUPS_BLOG_RSS_COPYRIGHT', date("Y"), Config::get('sitename'));
$doc->category = Lang::txt('PLG_GROUPS_BLOG_RSS_CATEGORY');
$rows = $this->model->entries($filters)->ordered()->paginated()->rows();
// Start outputing results if any found
if ($rows->count() > 0) {
foreach ($rows as $row) {
$item = new \Hubzero\Document\Type\Feed\Item();
// Strip html from feed item description text
$item->description = $row->content;
$item->description = \Hubzero\Utility\Sanitize::stripAll(strip_tags(html_entity_decode($item->description)));
if ($this->params->get('feed_entries') == 'partial') {
$item->description = \Hubzero\Utility\String::truncate($item->description, 300);
}
$item->description = '<![CDATA[' . $item->description . ']]>';
// Load individual item creator class
$item->title = html_entity_decode(strip_tags($row->get('title')));
$item->link = Route::url($row->link());
$item->date = date('r', strtotime($row->published()));
$item->category = '';
$item->author = $row->creator()->get('name');
// Loads item info into rss array
$doc->addItem($item);
}
}
// Output the feed
echo $doc->render();
exit;
}
/**
* Static method for formatting results
*
* @param object $row Database row
* @return string HTML
*/
public static function out($row)
{
include_once Component::path('com_publications') . DS . 'tables' . DS . 'author.php';
require_once Component::path('com_publications') . DS . 'helpers' . DS . 'html.php';
$row->href = Route::url('index.php?option=com_publications&id=' . $row->id);
$database = App::get('db');
// Get version authors
$pa = new \Components\Publications\Tables\Author($database);
$authors = $pa->getAuthors($row->ftext);
// Get the component params
$config = Component::params('com_publications');
$row->rating = $row->rcount;
$row->category = $row->data1;
$row->area = $row->data2;
$row->ranking = $row->data3;
// Set the display date
switch ($config->get('show_date')) {
case 0:
$thedate = '';
break;
case 1:
$thedate = Date::of($row->created)->toLocal(Lang::txt('DATE_FORMAT_HZ1'));
break;
case 2:
$thedate = Date::of($row->modified)->toLocal(Lang::txt('DATE_FORMAT_HZ1'));
break;
case 3:
$thedate = Date::of($row->publish_up)->toLocal(Lang::txt('DATE_FORMAT_HZ1'));
break;
}
if (strstr($row->href, 'index.php')) {
$row->href = Route::url($row->href);
}
// Start building the HTML
$html = "\t" . '<li class="';
$html .= 'publication">' . "\n";
$html .= "\t\t" . '<p class="title"><a href="' . $row->href . '/?v=' . $row->alias . '">' . stripslashes($row->title) . '</a></p>' . "\n";
$html .= "\t\t" . '<p class="details">' . $thedate . ' <span>|</span> ' . $row->area;
if ($authors) {
$html .= ' <span>|</span> ' . Lang::txt('PLG_TAGS_PUBLICATIONS_CONTRIBUTORS') . ' ' . stripslashes(\Components\Publications\Helpers\Html::showContributors($authors, true, false));
}
$html .= '</p>' . "\n";
if ($row->itext) {
$html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->itext)), 200) . '</p>' . "\n";
}
$html .= "\t\t" . '<p class="href">' . Request::base() . trim($row->href . '/?v=' . $row->alias, '/') . '</p>' . "\n";
$html .= "\t" . '</li>' . "\n";
// Return output
return $html;
}
/**
* onIndex
*
* @param string $type
* @param integer $id
* @param boolean $run
* @access public
* @return void
*/
public function onIndex($type, $id, $run = false)
{
if ($type == 'publication') {
if ($run === true) {
// Establish a db connection
$db = App::get('db');
// Sanitize the string
$id = \Hubzero\Utility\Sanitize::paranoid($id);
// Get the record
$sql = "SELECT\n\t\t\t\t\t#__publications.id,\n\t\t\t\t\talias,\n\t\t\t\t\t#__publications.access,\n\t\t\t\t\tmaster_doi,\n\t\t\t\t\tpublished_up,\n\t\t\t\t\t#__publications.created_by,\n\t\t\t\t\tabstract,\n\t\t\t\t\tdescription,\n\t\t\t\t\ttitle,\n\t\t\t\t\tdoi,\n\t\t\t\t\tstate,\n\t\t\t\t\trelease_notes,\n\t\t\t\t\tMAX(#__publication_versions.id) as latestVersion\n\t\t\t\t\tFROM #__publications \n\t\t\t\tLEFT JOIN #__publication_versions\n\t\t\t\tON #__publications.id = #__publication_versions.publication_id\n\t\t\t\tWHERE #__publications.id = {$id};";
$row = $db->setQuery($sql)->query()->loadObject();
// Get the name of the author
if (isset($row->latestVersion)) {
$sql1 = "SELECT user_id, name FROM #__publication_authors WHERE publication_version_id={$row->latestVersion} AND role != 'submitter';";
$authors = $db->setQuery($sql1)->query()->loadAssocList();
// Get any tags
$sql2 = "SELECT tag\n\t\t\t\t\t\tFROM #__tags\n\t\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\t\tWHERE #__tags_object.objectid = {$row->latestVersion} AND #__tags_object.tbl = 'publications';";
$tags = $db->setQuery($sql2)->query()->loadColumn();
} else {
$authors = array();
$tags = array();
}
// @TODO: PHP 5.5 includes array_column()
$owners = array();
$authorNames = array();
if (isset($authors) && !empty($authors)) {
foreach ($authors as $author) {
array_push($owners, $author['user_id']);
}
foreach ($authors as $author) {
array_push($authorNames, $author['name']);
}
}
// Determine the path
if ($row->alias != '') {
$path = '/publications/' . $row->alias;
} else {
$path = '/publications/' . $id;
}
// Public condition
if ($row->state == 1 && $row->access == 0) {
$access_level = 'public';
} elseif ($row->state == 1 && $row->access == 1) {
$access_level = 'registered';
} else {
$access_level = 'private';
}
// Authors have access
$owner_type = 'user';
// So does submitter;
array_push($owners, $row->created_by);
// Get the title
$title = $row->title;
// Build the description, clean up text
$content = $row->abstract . ' ' . $row->description . ' ' . $row->release_notes;
$content = preg_replace('/<[^>]*>/', ' ', $content);
$content = preg_replace('/ {2,}/', ' ', $content);
$description = \Hubzero\Utility\Sanitize::stripAll($content);
if (isset($row->doi)) {
$doi = $row->doi;
} else {
$doi = '';
}
// Create a record object
$record = new \stdClass();
$record->id = $type . '-' . $id;
$record->hubtype = $type;
$record->title = $title;
$record->description = $description;
$record->author = $authorNames;
$row->doi = $doi;
$record->tags = $tags;
$record->path = $path;
$record->access_level = $access_level;
$record->owner = $owners;
$record->owner_type = $owner_type;
// Return the formatted record
return $record;
} else {
$db = App::get('db');
$sql = "SELECT id FROM #__publications;";
$ids = $db->setQuery($sql)->query()->loadColumn();
return $ids;
}
}
}
/**
* Save item
*
* @return string
*/
public function save()
{
// Check for request forgeries
Request::checkToken(['get', 'post']);
// Incoming
$listcolor = Request::getVar('list', '');
$content = Request::getVar('content', '');
$todoid = Request::getInt('todoid', 0);
$newlist = Request::getVar('newlist', '', 'post');
$newcolor = Request::getVar('newcolor', '', 'post');
$page = Request::getVar('page', 'list', 'post');
$assigned = Request::getInt('assigned', 0);
$mine = Request::getInt('mine', 0);
$state = Request::getInt('state', 0);
$ajax = Request::getInt('ajax', 0);
$task = $this->_task;
$new = 0;
// Check permission
if (!$this->model->access('content')) {
throw new Exception(Lang::txt('ALERTNOTAUTH'), 403);
return;
}
// Check if assignee is owner
$objO = $this->model->table('Owner');
if ($assigned && !$objO->isOwner($assigned, $this->model->get('id'))) {
$assigned = 0;
}
if ($mine && !$assigned) {
$assigned = $this->_uid;
}
// Initiate extended database class
$objTD = new \Components\Projects\Tables\Todo($this->_database);
// Load up todo if exists
if (!$objTD->loadTodo($this->model->get('id'), $todoid)) {
$objTD->created_by = $this->_uid;
$objTD->created = Date::toSql();
$objTD->projectid = $this->model->get('id');
$assigned = $assigned;
$new = 1;
} else {
$content = $content ? $content : $objTD->content;
}
// Prevent resubmit
if ($task == 'save' && $content == '' && $newlist == '') {
App::redirect($this->model->link('todo'));
return;
}
// Save if not empty
if ($task == 'save' && $content != '') {
$content = rtrim(stripslashes($content));
$objTD->content = $content ? $content : $objTD->content;
$objTD->content = \Hubzero\Utility\Sanitize::stripAll($objTD->content);
// Save access under details
if (strlen($objTD->content) > 255) {
$objTD->details = $objTD->content;
}
$objTD->content = \Hubzero\Utility\String::truncate($objTD->content, 255);
$objTD->color = $listcolor == 'none' ? '' : $listcolor;
$objTD->assigned_to = $assigned;
$objTD->state = $state;
// Get due date
$due = trim(Request::getVar('due', ''));
if ($due && $due != 'mm/dd/yyyy') {
$date = explode('/', $due);
if (count($date) == 3) {
$month = $date[0];
$day = $date[1];
$year = $date[2];
if (intval($month) && intval($day) && intval($year)) {
if (strlen($day) == 1) {
$day = '0' . $day;
}
if (strlen($month) == 1) {
$month = '0' . $month;
}
if (checkdate($month, $day, $year)) {
$objTD->duedate = Date::of(mktime(0, 0, 0, $month, $day, $year))->toSql();
}
}
} else {
$this->setError(Lang::txt('PLG_PROJECTS_TODO_TODO_WRONG_DATE_FORMAT'));
}
} else {
$objTD->duedate = '';
}
// Get last order
$lastorder = $objTD->getLastOrder($this->model->get('id'));
$neworder = $lastorder ? $lastorder + 1 : 1;
$objTD->priority = $todoid ? $objTD->priority : $neworder;
// Get list name
$objTD->todolist = $listcolor == 'none' ? NULL : $objTD->getListName($this->model->get('id'), $objTD->color);
// Store content
if (!$objTD->store()) {
$this->setError($objTD->getError());
} else {
$this->_msg = $todoid ? Lang::txt('PLG_PROJECTS_TODO_TODO_ITEM_SAVED') : Lang::txt('PLG_PROJECTS_TODO_TODO_NEW_ITEM_SAVED');
}
} elseif ($task == 'assign') {
$changed = $objTD->assigned_to == $assigned ? 0 : 1;
if ($changed) {
$objTD->assigned_to = $assigned;
$this->_mine = 0;
// do not send to My Todo's list
// Store content
if (!$objTD->store()) {
$this->setError($objTD->getError());
} else {
$this->_msg = $mine ? Lang::txt('PLG_PROJECTS_TODO_TODO_ASSIGNED_TO_MINE') : Lang::txt('PLG_PROJECTS_TODO_TODO_REASSIGNED');
}
}
} else {
if ($task == 'changestate') {
$changed = $objTD->state == $state ? 0 : 1;
if ($changed) {
$objTD->state = $state;
if ($state == 1) {
$objTD->closed = Date::toSql();
$objTD->closed_by = $this->_uid;
}
// Store content
if (!$objTD->store()) {
$this->setError($objTD->getError());
} else {
$this->_msg = $state == 1 ? Lang::txt('PLG_PROJECTS_TODO_TODO_MARKED_COMPLETED') : Lang::txt('PLG_PROJECTS_TODO_TODO_MARKED_INCOMPLETE');
if ($state == 1) {
// Record activity
$aid = $this->model->recordActivity(Lang::txt('PLG_PROJECTS_TODO_ACTIVITY_TODO_COMPLETED'), $objTD->id, 'to do', Route::url('index.php?option=' . $this->_option . '&alias=' . $this->model->get('alias') . '&active=todo' . '&action=view&todoid=' . $objTD->id), 'todo', 1);
}
}
}
}
}
// Save new empty list information
if ($newlist != '' && $newcolor != '') {
$new = 0;
$newlist = \Hubzero\Utility\Sanitize::stripAll(trim($newlist));
if (!$objTD->getListName($this->model->get('id'), $newcolor)) {
$objTD = new \Components\Projects\Tables\Todo($this->_database);
$objTD->created_by = $this->_uid;
$objTD->created = Date::toSql();
$objTD->projectid = $this->model->get('id');
$objTD->content = 'provisioned';
$objTD->state = 2;
// inactive
$objTD->todolist = $newlist;
$objTD->color = $newcolor;
// Store content
if (!$objTD->store()) {
$this->setError(Lang::txt('PLG_PROJECTS_TODO_TODO_ERROR_LIST_SAVE'));
} else {
$this->_msg = Lang::txt('PLG_PROJECTS_TODO_TODO_LIST_SAVED');
}
}
}
// Record activity
if ($new) {
$aid = $this->model->recordActivity(Lang::txt('PLG_PROJECTS_TODO_ACTIVITY_TODO_ADDED'), $objTD->id, 'to do', Route::url('index.php?option=' . $this->_option . '&alias=' . $this->model->get('alias') . '&active=todo' . '&action=view&todoid=' . $objTD->id), 'todo', 1);
// Store activity ID
if ($aid) {
$objTD->activityid = $aid;
$objTD->store();
}
}
// Set redirect path
if ($page == 'item') {
$url = Route::url('index.php?option=' . $this->_option . '&alias=' . $this->model->get('alias') . '&active=todo' . '&action=view&todoid=' . $objTD->id);
} else {
$url = Route::url('index.php?option=' . $this->_option . '&alias=' . $this->model->get('alias') . '&active=todo&list=' . $objTD->color);
}
// Go to view
if ($ajax) {
$this->_todoid = $todoid;
return $page == 'item' ? $this->item() : $this->page();
}
// Pass error or success message
if ($this->getError()) {
\Notify::message($this->getError(), 'error', 'projects');
} elseif (!empty($this->_msg)) {
\Notify::message($this->_msg, 'success', 'projects');
}
// Redirect
App::redirect(Route::url($url));
}
/**
* Recursive method to add comments to a flat RSS feed
*
* @param object $doc JDocumentFeed
* @param object $row BlogModelComment
* @return void
*/
private function _comment(&$doc, $row)
{
// Load individual item creator class
$item = new \Hubzero\Document\Type\Feed\Item();
$item->title = Lang::txt('Comment #%s', $row->get('id')) . ' @ ' . $row->created('time') . ' on ' . $row->created('date');
$item->link = Route::url($this->entry->link() . '#c' . $row->get('id'));
if ($row->isReported()) {
$item->description = Lang::txt('COM_BLOG_COMMENT_REPORTED_AS_ABUSIVE');
} else {
$item->description = html_entity_decode(Sanitize::stripAll($row->content()));
}
$item->description = '<![CDATA[' . $item->description . ']]>';
if ($row->get('anonymous')) {
//$item->author = Lang::txt('COM_BLOG_ANONYMOUS');
} else {
$item->author = $row->creator()->get('email') . ' (' . $row->creator()->get('name') . ')';
}
$item->date = $row->created();
$item->category = '';
$doc->addItem($item);
$replies = $row->replies()->whereIn('state', array(1, 3));
if ($replies->count() > 0) {
foreach ($replies as $reply) {
$this->_comment($doc, $reply);
}
}
}
/**
* onIndex
*
* @param string $type
* @param integer $id
* @param boolean $run
* @access public
* @return void
*/
public function onIndex($type, $id, $run = false)
{
if ($type == 'blog-entry') {
if ($run === true) {
// Establish a db connection
$db = App::get('db');
// Sanitize the string
$id = \Hubzero\Utility\Sanitize::paranoid($id);
// Get the record
$sql = "SELECT * FROM #__blog_entries WHERE id={$id} AND state != 2;";
$row = $db->setQuery($sql)->query()->loadObject();
// Get the name of the author
$sql1 = "SELECT name FROM #__users WHERE id={$row->created_by};";
$author = $db->setQuery($sql1)->query()->loadResult();
// Get any tags
$sql2 = "SELECT tag \n\t\t\t\t\tFROM #__tags\n\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\tWHERE #__tags_object.objectid = {$id} AND #__tags_object.tbl = 'blog';";
$tags = $db->setQuery($sql2)->query()->loadColumn();
// Determine the path
$year = Date::of(strtotime($row->publish_up))->toLocal('Y');
$month = Date::of(strtotime($row->publish_up))->toLocal('m');
$alias = $row->alias;
if ($row->scope == 'site') {
$path = '/blog/' . $year . '/' . $month . '/' . $alias;
} elseif ($row->scope == 'member') {
$path = '/members/' . $row->scope_id . '/blog/' . $year . '/' . $month . '/' . $alias;
} elseif ($row->scope == 'group') {
$group = Group::getInstance($row->scope_id);
// Make sure group is valid.
if (is_object($group)) {
$cn = $group->get('cn');
$path = '/groups/' . $cn . '/blog/' . $year . '/' . $month . '/' . $alias;
} else {
$path = '';
}
}
// Public condition
if ($row->state == 1 && $row->access == 1) {
$access_level = 'public';
} elseif ($row->state == 1 && $row->access == 2) {
$access_level = 'registered';
} else {
$access_level = 'private';
}
if ($row->scope != 'group') {
$owner_type = 'user';
$owner = $row->created_by;
} else {
$owner_type = 'group';
$owner = $row->scope_id;
}
// Get the title
$title = $row->title;
// Build the description, clean up text
$content = preg_replace('/<[^>]*>/', ' ', $row->content);
$content = preg_replace('/ {2,}/', ' ', $content);
$description = \Hubzero\Utility\Sanitize::stripAll($content);
// Create a record object
$record = new \stdClass();
$record->id = $type . '-' . $id;
$record->hubtype = $type;
$record->title = $title;
$record->description = $description;
$record->author = array($author);
$record->tags = $tags;
$record->path = $path;
$record->access_level = $access_level;
$record->owner = $owner;
$record->owner_type = $owner_type;
// Return the formatted record
return $record;
} else {
$db = App::get('db');
$sql = "SELECT id FROM #__blog_entries WHERE state != 2";
$ids = $db->setQuery($sql)->query()->loadColumn();
return $ids;
}
}
}
/**
* Static method for formatting results
*
* @param object $row Database row
* @return string HTML
*/
public function out($row)
{
$row->href = Route::url('index.php?option=com_kb§ion=' . $row->data2 . '&category=' . $row->data1 . '&alias=' . $row->alias);
// Start building the HTML
$html = "\t" . '<li class="kb-entry">' . "\n";
$html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n";
if ($row->ftext) {
$html .= "\t\t" . '<p>' . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->ftext)), 200) . "</p>\n";
}
$html .= "\t\t" . '<p class="href">' . Request::base() . ltrim($row->href, '/') . '</p>' . "\n";
$html .= "\t" . '</li>' . "\n";
// Return output
return $html;
}
/**
* Generate an RSS feed
*
* @return string RSS
*/
public function feedTask()
{
// Incoming
$tagstring = trim(Request::getVar('tag', '', 'request', 'none', 2));
// Ensure we were passed a tag
if (!$tagstring) {
throw new Exception(Lang::txt('COM_TAGS_NO_TAG'), 404);
}
// Break the string into individual tags
$tgs = explode(',', $tagstring);
// Sanitize the tag
$tags = array();
$added = array();
foreach ($tgs as $tag) {
// Load the tag
$tagobj = Tag::getInstance($tag);
if (in_array($tagobj->get('tag'), $added)) {
continue;
}
$added[] = $tagobj->get('tag');
// Ensure we loaded the tag's info from the database
if ($tagobj->exists()) {
$tags[] = $tagobj;
}
}
// Paging variables
$limitstart = Request::getInt('limitstart', 0);
$limit = Request::getInt('limit', Config::get('list_limit'));
$areas = array();
$searchareas = Event::trigger('tags.onTagAreas');
foreach ($searchareas as $area) {
$areas = array_merge($areas, $area);
}
// Get the active category
$area = Request::getVar('area', '');
$sort = Request::getVar('sort', '');
if ($area) {
$activeareas = array($area);
} else {
$activeareas = $areas;
}
// Get the search results
if (count($activeareas) > 1) {
$sqls = Event::trigger('tags.onTagView', array($tags, $limit, $limitstart, $sort, $activeareas));
if ($sqls) {
$s = array();
foreach ($sqls as $sql) {
if (!is_string($sql)) {
continue;
}
if (trim($sql) != '') {
$s[] = $sql;
}
}
$query = "(";
$query .= implode(") UNION (", $s);
$query .= ") ORDER BY ";
switch ($sort) {
case 'title':
$query .= 'title ASC, publish_up';
break;
case 'id':
$query .= "id DESC";
break;
case 'date':
default:
$query .= 'publish_up DESC, title';
break;
}
$query .= $limit != 'all' && $limit > 0 ? " LIMIT {$limitstart}, {$limit}" : "";
}
$this->database->setQuery($query);
$results = array($this->database->loadObjectList());
} else {
$results = Event::trigger('tags.onTagView', array($tags, $limit, $limitstart, $sort, $activeareas));
}
// Run through the array of arrays returned from plugins and find the one that returned results
$rows = array();
if ($results) {
foreach ($results as $result) {
if (is_array($result) && !empty($result)) {
$rows = $result;
break;
}
}
}
// Build some basic RSS document information
$title = Lang::txt(strtoupper($this->_option)) . ': ';
for ($i = 0, $n = count($tags); $i < $n; $i++) {
if ($i > 0) {
$title .= '+ ';
}
$title .= $tags[$i]->get('raw_tag') . ' ';
}
$title = trim($title);
$title .= ': ' . $area;
// Set the mime encoding for the document
Document::setType('feed');
// Start a new feed object
$doc = Document::instance();
$doc->link = Route::url('index.php?option=' . $this->_option);
$doc->title = Config::get('sitename') . ' - ' . $title;
$doc->description = Lang::txt('COM_TAGS_RSS_DESCRIPTION', Config::get('sitename'), $title);
$doc->copyright = Lang::txt('COM_TAGS_RSS_COPYRIGHT', gmdate("Y"), Config::get('sitename'));
$doc->category = Lang::txt('COM_TAGS_RSS_CATEGORY');
// Start outputing results if any found
if (count($rows) > 0) {
include_once PATH_CORE . DS . 'components' . DS . 'com_resources' . DS . 'helpers' . DS . 'helper.php';
foreach ($rows as $row) {
// Prepare the title
$title = strip_tags($row->title);
$title = html_entity_decode($title);
// Strip html from feed item description text
$description = html_entity_decode(String::truncate(Sanitize::stripAll(stripslashes($row->ftext)), 300));
$author = '';
@($date = $row->publish_up ? date('r', strtotime($row->publish_up)) : '');
if (isset($row->data3) || isset($row->rcount)) {
$resourceEx = new \Components\Resources\Helpers\Helper($row->id, $this->database);
$resourceEx->getCitationsCount();
$resourceEx->getLastCitationDate();
$resourceEx->getContributors();
$author = strip_tags($resourceEx->contributors);
}
// Load individual item creator class
$item = new \Hubzero\Document\Type\Feed\Item();
$item->title = $title;
$item->link = $row->href;
$item->description = $description;
$item->date = $date;
$item->category = isset($row->data1) ? $row->data1 : '';
$item->author = $author;
// Loads item info into rss array
$doc->addItem($item);
}
}
}
/**
* Static method for formatting results
*
* @param object $row Database row
* @return string HTML
*/
public static function out($row)
{
$row->href = Route::url($row->href);
$month = Date::of($row->publish_up)->toLocal('M');
$day = Date::of($row->publish_up)->toLocal('d');
$year = Date::of($row->publish_up)->toLocal('Y');
// Start building the HTML
$html = "\t" . '<li class="event">' . "\n";
$html .= "\t\t" . '<p class="event-date"><span class="month">' . $month . '</span> <span class="day">' . $day . '</span> <span class="year">' . $year . '</span></p>' . "\n";
$html .= "\t\t" . '<p class="title"><a href="' . $row->href . '">' . stripslashes($row->title) . '</a></p>' . "\n";
if ($row->ftext) {
$row->ftext = str_replace('[[BR]]', '', $row->ftext);
// Remove tags to prevent tables from being displayed within a table.
$row->ftext = strip_tags($row->ftext);
$html .= "\t\t" . \Hubzero\Utility\String::truncate(\Hubzero\Utility\Sanitize::stripAll(stripslashes($row->ftext)), 200) . "\n";
}
$html .= "\t\t" . '<p class="href">' . Request::base() . trim($row->href, '/') . '</p>' . "\n";
$html .= "\t" . '</li>' . "\n";
// Return output
return $html;
}
/**
* Add membership request for user
*
* @return array
*/
public function dorequestTask()
{
// Check if they're logged in
if (User::isGuest()) {
$this->loginTask(Lang::txt('COM_GROUPS_INVITE_MUST_BE_LOGGED_IN_TO_REQUEST'));
return;
}
Request::checkToken();
//check to make sure we have cname
if (!$this->cn) {
$this->_errorHandler(400, Lang::txt('COM_GROUPS_ERROR_NO_ID'));
}
// Load the group page
$this->view->group = Group::getInstance($this->cn);
// Ensure we found the group info
if (!$this->view->group || !$this->view->group->get('gidNumber')) {
$this->_errorHandler(404, Lang::txt('COM_GROUPS_ERROR_NOT_FOUND'));
}
// Get the group params
$gparams = new Registry($this->view->group->get('params'));
// If membership is managed in seperate place disallow action
if ($gparams->get('membership_control', 1) == 0) {
$this->setNotification(Lang::txt('COM_GROUPS_MEMBERSHIP_MANAGED_ELSEWHERE'), 'error');
App::redirect(Route::url('index.php?option=com_groups&cn=' . $this->view->group->get('cn')));
return;
}
//make sure group has restricted policy
if ($this->view->group->get('join_policy') != 1) {
return;
}
//add user to applicants
$this->view->group->add('applicants', array(User::get('id')));
$this->view->group->update();
// Instantiate the reason object and bind the incoming data
$row = new Reason($this->database);
$row->uidNumber = User::get('id');
$row->gidNumber = $this->view->group->get('gidNumber');
$row->reason = Request::getVar('reason', Lang::txt('GROUPS_NO_REASON_GIVEN'), 'post');
$row->reason = \Hubzero\Utility\Sanitize::stripAll($row->reason);
$row->date = Date::toSql();
// Check and store the reason
if (!$row->check()) {
return App::abort(500, $row->getError());
}
if (!$row->store()) {
return App::abort(500, $row->getError());
}
// Log the membership request
Log::log(array('gidNumber' => $this->view->group->get('gidNumber'), 'action' => 'membership_requested', 'comments' => array(User::get('id'))));
// Log activity
$url = Route::url('index.php?option=' . $this->_option . '&cn=' . $this->view->group->get('cn'));
$recipients = array(['group', $this->view->group->get('gidNumber')], ['user', User::get('id')]);
foreach ($this->view->group->get('managers') as $recipient) {
$recipients[] = ['user', $recipient];
}
Event::trigger('system.logActivity', ['activity' => ['action' => 'requested', 'scope' => 'group', 'scope_id' => $this->view->group->get('gidNumber'), 'description' => Lang::txt('COM_GROUPS_ACTIVITY_GROUP_USER_REQUESTED', '<a href="' . $url . '">' . $this->view->group->get('description') . '</a>'), 'details' => array('title' => $this->view->group->get('description'), 'url' => $url, 'cn' => $this->view->group->get('cn'), 'gidNumber' => $this->view->group->get('gidNumber'))], 'recipients' => $recipients]);
// E-mail subject
$subject = Lang::txt('COM_GROUPS_JOIN_REQUEST_EMAIL_SUBJECT', $this->view->group->get('cn'));
// Build the e-mail message
$eview = new \Hubzero\Component\View(array('name' => 'emails', 'layout' => 'request'));
$eview->option = $this->_option;
$eview->sitename = Config::get('sitename');
$eview->user = User::getInstance();
$eview->group = $this->view->group;
$eview->row = $row;
$html = $eview->loadTemplate();
$html = str_replace("\n", "\r\n", $html);
// Get the system administrator e-mail
$emailadmin = Config::get('mailfrom');
// Build the "from" portion of the e-mail
$from = array();
$from['name'] = Config::get('sitename') . ' ' . Lang::txt(strtoupper($this->_name));
$from['email'] = Config::get('mailfrom');
// build array of managers
$managers = array();
foreach ($this->view->group->get('managers') as $m) {
$profile = User::getInstance($m);
if ($profile) {
$managers[$profile->get('email')] = $profile->get('name');
}
}
// create new message
$message = new \Hubzero\Mail\Message();
// build message object and send
$message->setSubject($subject)->addFrom($from['email'], $from['name'])->setTo($managers)->addHeader('X-Mailer', 'PHP/' . phpversion())->addHeader('X-Component', 'com_groups')->addHeader('X-Component-Object', 'group_membership_requested')->addPart($html, 'text/plain')->send();
//tell the user they just did good
$this->setNotification(Lang::txt('COM_GROUPS_INVITE_REQUEST_FORWARDED'), 'passed');
// Push through to the groups listing
App::redirect($url);
}
/**
* Save a review
*
* @return void
*/
public function savereview()
{
// Is the user logged in?
if (User::isGuest()) {
$this->setError(Lang::txt('PLG_PUBLICATIONS_REVIEWS_LOGIN_NOTICE'));
return;
}
$publication =& $this->publication;
// Do we have a publication ID?
if (!$publication->exists()) {
// No ID - fail! Can't do anything else without an ID
$this->setError(Lang::txt('PLG_PUBLICATIONS_REVIEWS_NO_RESOURCE_ID'));
return;
}
$database = App::get('db');
// Bind the form data to our object
$row = new \Components\Publications\Tables\Review($database);
if (!$row->bind($_POST)) {
$this->setError($row->getError());
return;
}
// Perform some text cleaning, etc.
$row->id = Request::getInt('reviewid', 0);
$row->state = 1;
$row->comment = \Hubzero\Utility\Sanitize::stripAll($row->comment);
$row->anonymous = $row->anonymous == 1 || $row->anonymous == '1' ? $row->anonymous : 0;
$row->created = $row->created ? $row->created : Date::toSql();
$row->created_by = User::get('id');
$message = $row->id ? Lang::txt('PLG_PUBLICATIONS_REVIEWS_EDITS_SAVED') : Lang::txt('PLG_PUBLICATIONS_REVIEWS_REVIEW_POSTED');
// Check for missing (required) fields
if (!$row->check()) {
$this->setError($row->getError());
return;
}
// Save the data
if (!$row->store()) {
$this->setError($row->getError());
return;
}
// Calculate the new average rating for the parent publication
$publication->table()->calculateRating();
$publication->table()->updateRating();
// Process tags
$tags = trim(Request::getVar('review_tags', ''));
if ($tags) {
$rt = new \Components\Publications\Helpers\Tags($database);
$rt->tag_object($row->created_by, $publication->get('id'), $tags, 1, 0);
}
// Get version authors
$users = $publication->table('Author')->getAuthors($publication->get('version_id'), 1, 1, true);
// Build the subject
$subject = Config::get('sitename') . ' ' . Lang::txt('PLG_PUBLICATIONS_REVIEWS_CONTRIBUTIONS');
// Message
$eview = new \Hubzero\Plugin\View(array('folder' => 'publications', 'element' => 'reviews', 'name' => 'emails'));
$eview->option = $this->_option;
$eview->juser = User::getInstance();
$eview->publication = $publication;
$message = $eview->loadTemplate();
$message = str_replace("\n", "\r\n", $message);
// Build the "from" data for the e-mail
$from = array();
$from['name'] = Config::get('sitename') . ' ' . Lang::txt('PLG_PUBLICATIONS_REVIEWS_CONTRIBUTIONS');
$from['email'] = Config::get('mailfrom');
// Send message
if (!Event::trigger('xmessage.onSendMessage', array('publications_new_comment', $subject, $message, $from, $users, $this->_option))) {
$this->setError(Lang::txt('PLG_PUBLICATIONS_REVIEWS_FAILED_TO_MESSAGE'));
}
App::redirect(Route::url($publication->link('reviews')), $message);
return;
}
/**
* onIndex
*
* @param string $type
* @param integer $id
* @param boolean $run
* @access public
* @return void
*/
public function onIndex($type, $id, $run = false)
{
if ($type == 'question') {
if ($run === true) {
// Establish a db connection
$db = App::get('db');
// Sanitize the string
$id = \Hubzero\Utility\Sanitize::paranoid($id);
// Get the record
$sql = "SELECT * FROM #__answers_questions WHERE id={$id};";
$row = $db->setQuery($sql)->query()->loadObject();
// Get the name of the author
if ($row->anonymous == 0) {
$sql1 = "SELECT name FROM #__users WHERE id={$row->created_by};";
$author = $db->setQuery($sql1)->query()->loadResult();
} else {
$author = 'anonymous';
}
// Get any tags
$sql2 = "SELECT tag \n\t\t\t\t\tFROM #__tags\n\t\t\t\t\tLEFT JOIN #__tags_object\n\t\t\t\t\tON #__tags.id=#__tags_object.tagid\n\t\t\t\t\tWHERE #__tags_object.objectid = {$id} AND #__tags_object.tbl = 'answers';";
$tags = $db->setQuery($sql2)->query()->loadColumn();
// Get the associated responses
$sql3 = "SELECT * FROM #__answers_responses WHERE question_id={$id};";
$responses = $db->setQuery($sql3)->query()->loadObjectList();
// Concatenate responses
$responseString = '';
foreach ($responses as $response) {
if ($response->state == 0) {
$responseString .= $response->answer . ' ';
}
}
// Determine the path
$path = '/answers/qustion/' . $id;
// Always public condition
$access_level = 'public';
$owner_type = 'user';
$owner = $row->created_by;
// Get the title
$title = $row->subject;
// Build the description, clean up text
$content = $row->question . ' ' . $responseString;
$content = preg_replace('/<[^>]*>/', ' ', $content);
$content = preg_replace('/ {2,}/', ' ', $content);
$description = \Hubzero\Utility\Sanitize::stripAll($content);
// Create a record object
$record = new \stdClass();
$record->id = $type . '-' . $id;
$record->hubtype = $type;
$record->title = $title;
$record->description = $description;
$record->author = array($author);
$record->tags = $tags;
$record->path = $path;
$record->access_level = $access_level;
$record->owner = $owner;
$record->owner_type = $owner_type;
// Return the formatted record
return $record;
} else {
$db = App::get('db');
$sql = "SELECT id FROM #__answers_questions;";
$ids = $db->setQuery($sql)->query()->loadColumn();
return $ids;
}
}
}
