/** * Updates the Block config from the Blocks Admin * @param none * @return bool true on success */ public function update() { $vars = $this->getContent(); if (xarVarFetch('include_root', 'checkbox', $include_root, 0, XARVAR_NOT_REQUIRED)) { $vars['include_root'] = $include_root; } // The root pages define sections of the page landscape that this block applies to. if (!isset($vars['root_ids'])) { $vars['root_ids'] = array(); } if (xarVarFetch('new_root_pid', 'int:0', $new_root_pid, 0, XARVAR_NOT_REQUIRED) && !empty($new_root_pid)) { $vars['root_ids'][] = $new_root_pid; } if (xarVarFetch('remove_root_pid', 'list:int:1', $remove_root_pid, array(), XARVAR_NOT_REQUIRED) && !empty($remove_root_pid)) { // Easier to check with the keys and values flipped. $vars['root_ids'] = array_flip($vars['root_ids']); foreach ($remove_root_pid as $remove) { if (isset($vars['root_ids'][$remove])) { unset($vars['root_ids'][$remove]); } } // Flip keys and values back. $vars['root_ids'] = array_flip($vars['root_ids']); // Reorder the keys. $vars['root_ids'] = array_values($vars['root_ids']); } $this->setContent($vars); return true; }
function calendar_userapi_getUserDateTimeInfo() { // dates come in as YYYYMMDD xarVarFetch('cal_date', 'str:4:8', $cal_date, xarLocaleFormatDate('%Y%m%d')); $data = array(); $data['cal_date'] =& $cal_date; if (!preg_match('/([\\d]{4,4})([\\d]{2,2})?([\\d]{2,2})?/', $cal_date, $match)) { $year = xarLocaleFormateDate('Y'); $month = xarLocaleFormateDate('m'); $day = xarLocaleFormateDate('d'); } else { $year = $match[1]; if (isset($match[2])) { $month = $match[2]; } else { $month = '01'; } if (isset($match[3])) { $day = $match[3]; } else { $day = '01'; } } //$data['selected_date'] = (int) $year.$month.$day; $data['cal_day'] = (int) $day; $data['cal_month'] = (int) $month; $data['cal_year'] = (int) $year; //$data['selected_timestamp'] = gmmktime(0,0,0,$month,$day,$year); sys::import('xaraya.structures.datetime'); $today = new XarDateTime(); $usertz = xarModUserVars::get('roles', 'usertimezone', xarSession::getVar('role_id')); $useroffset = $today->getTZOffset($usertz); $data['now'] = getdate(time() + $useroffset); return $data; }
/** * View the cart */ function shop_user_viewcart() { // If the user returns to the cart after taking other steps, unset any errors from earlier in the session. xarSession::delVar('errors'); sys::import('modules.dynamicdata.class.objects.master'); $subtotals = array(); $products = array(); $total = 0; // May want to display cust info with the cart... $cust = xarMod::APIFunc('shop', 'user', 'customerinfo'); $data['cust'] = $cust; $shop = xarSession::getVar('shop'); foreach ($shop as $pid => $val) { // If this post variable is set, we must need to update the quantity if (isset($_POST['qty' . $pid])) { unset($qty_new); // Have to unset this since we're in a foreach if (!xarVarFetch('qty' . $pid, 'isset', $qty_new, NULL, XARVAR_DONT_SET)) { return; } if ($qty_new == 0) { unset($shop[$pid]); } else { $shop[$pid]['qty'] = $qty_new; } } // If the quantity hasn't been set to zero, add it to the $products array... if (isset($shop[$pid])) { // Commas in the quantity seem to mess up our math $products[$pid]['qty'] = str_replace(',', '', $shop[$pid]['qty']); // Get the product info $object = DataObjectMaster::getObject(array('name' => 'shop_products')); $some_id = $object->getItem(array('itemid' => $pid)); $values = $object->getFieldValues(); $products[$pid]['title'] = xarVarPrepForDisplay($values['title']); $products[$pid]['price'] = $values['price']; $subtotal = $values['price'] * $products[$pid]['qty']; $subtotals[] = $subtotal; // so we can use array_sum() to add it all up if (substr($subtotal, 0, 1) == '.') { $subtotal = '0' . $subtotal; } $products[$pid]['subtotal'] = number_format($subtotal, 2); } } xarSession::setVar('shop', $shop); $total = array_sum($subtotals); // Add a zero to the front of the number if it starts with a decimal... if (substr($total, 0, 1) == '.') { $total = '0' . $total; } $total = number_format($total, 2); xarSession::setVar('products', $products); // update the session variable $data['products'] = $products; // don't want too much session stuff in the templates xarSession::setVar('total', $total); $data['total'] = $total; return $data; }
function wurfl_admin_delete() { if (!xarSecurityCheck('ManageWurfl')) { return; } if (!xarVarFetch('name', 'str:1', $name, 'wurfl_wurfl', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'int', $data['itemid'], '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('confirm', 'str:1', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['object']->getItem(array('itemid' => $data['itemid'])); $data['tplmodule'] = 'wurfl'; $data['authid'] = xarSecGenAuthKey('wurfl'); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return; } // Delete the item $item = $data['object']->deleteItem(); // Jump to the next page xarController::redirect(xarModURL('wurfl', 'admin', 'view')); return true; } return $data; }
function publications_user_new($args) { extract($args); // Get parameters if (!xarVarFetch('ptid', 'id', $data['ptid'], xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('catid', 'str', $catid, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemtype', 'id', $itemtype, NULL, XARVAR_NOT_REQUIRED)) { return; } $data['items'] = array(); $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $data['properties'] = $data['object']->getProperties(); if (!empty($data['ptid'])) { $template = $pubtypeobject->properties['template']->value; } else { // TODO: allow templates per category ? $template = null; } // Get the settings of the publication type we are using $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid'])); return xarTplModule('publications', 'admin', 'new', $data, $template); }
/** * view statistics */ function publications_admin_stats($args = array()) { if (!xarSecurityCheck('AdminPublications')) { return; } if (!xarVarFetch('group', 'isset', $group, array(), XARVAR_NOT_REQUIRED)) { return; } extract($args); if (!empty($group)) { $newgroup = array(); foreach ($group as $field) { if (empty($field)) { continue; } $newgroup[] = $field; } $group = $newgroup; } if (empty($group)) { $group = array('pubtype_id', 'state', 'owner'); } $data = array(); $data['group'] = $group; $data['stats'] = xarModAPIFunc('publications', 'admin', 'getstats', array('group' => $group)); $data['pubtypes'] = xarModAPIFunc('publications', 'user', 'get_pubtypes'); $data['statelist'] = xarModAPIFunc('publications', 'user', 'getstates'); $data['fields'] = array('pubtype_id' => xarML('Publication Type'), 'state' => xarML('Status'), 'owner' => xarML('Author'), 'pubdate_year' => xarML('Publication Year'), 'pubdate_month' => xarML('Publication Month'), 'pubdate_day' => xarML('Publication Day'), 'locale' => xarML('Language')); return $data; }
function publications_admin_modify_pubtype($args) { if (!xarSecurityCheck('AdminPublications')) { return; } extract($args); // Get parameters if (!xarVarFetch('itemid', 'isset', $data['itemid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('returnurl', 'str:1', $data['returnurl'], 'view', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('name', 'str:1', $name, '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('tab', 'str:1', $data['tab'], '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } if (empty($name) && empty($itemid)) { return xarResponse::NotFound(); } // Get our object $data['object'] = DataObjectMaster::getObject(array('name' => 'publications_types')); if (!empty($data['itemid'])) { $data['object']->getItem(array('itemid' => $data['itemid'])); } else { $type_list = DataObjectMaster::getObjectList(array('name' => 'publications_types')); $where = 'name = ' . $name; $items = $type_list->getItems(array('where' => $where)); $item = current($items); $data['object']->getItem(array('itemid' => $item['id'])); } // Send the publication type and the object properties to the template $data['properties'] = $data['object']->getProperties(); // Get the settings of the publication type we are using $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['itemid'])); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return; } // Get the data from the form $isvalid = $data['object']->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with error messages return xarTplModule('publications', 'admin', 'modify_pubtype', $data); } else { // Good data: create the item $itemid = $data['object']->updateItem(array('itemid' => $data['itemid'])); // Jump to the next page xarController::redirect(xarModURL('publications', 'admin', 'view_pubtypes')); return true; } } return $data; }
function calendar_userapi_next($args = array()) { xarVarFetch('cal_sdow', 'int:0:7', $cal_sdow, 0); // what function are we in xarVarFetch('func', 'str::', $func); extract($args); unset($args); if (!isset($cal_interval)) { $cal_interval = 1; } xarVarValidate('int::', $cal_date); xarVarValidate('int:1:', $cal_interval); xarVarValidate('str::', $cal_type); $y = substr($cal_date, 0, 4); $m = substr($cal_date, 4, 2); $d = substr($cal_date, 6, 2); switch (strtolower($cal_type)) { case 'day': $d += $cal_interval; break; case 'week': $d += 7 * $cal_interval; break; case 'month': $m += $cal_interval; break; case 'year': $y += $cal_interval; break; } $new_date = gmdate('Ymd', gmmktime(0, 0, 0, $m, $d, $y)); return xarModURL('calendar', 'user', strtolower($func), array('cal_date' => $new_date, 'cal_sdow' => $cal_sdow)); }
/** * View items of the wurfl object * */ function wurfl_admin_view($args) { if (!xarSecurityCheck('ManageWurfl')) { return; } $modulename = 'wurfl'; // Define which object will be shown if (!xarVarFetch('objectname', 'str', $objectname, null, XARVAR_DONT_SET)) { return; } if (!empty($objectname)) { xarModUserVars::set($modulename, 'defaultmastertable', $objectname); } // Set a return url xarSession::setVar('ddcontext.' . $modulename, array('return_url' => xarServer::getCurrentURL())); // Get the available dropdown options $object = DataObjectMaster::getObjectList(array('objectid' => 1)); $data['objectname'] = xarModUserVars::get($modulename, 'defaultmastertable'); $items = $object->getItems(); $options = array(); foreach ($items as $item) { if (strpos($item['name'], $modulename) !== false) { $options[] = array('id' => $item['name'], 'name' => $item['name']); } } $data['options'] = $options; return $data; }
/** * Publications Module * * @package modules * @subpackage publications module * @category Third Party Xaraya Module * @version 2.0.0 * @copyright (C) 2011 Netspan AG * @license GPL {@link http://www.gnu.org/licenses/gpl.html} * @author Marc Lutolf <*****@*****.**> */ function publications_user_view_pages($args) { extract($args); if (!xarSecurityCheck('ManagePublications')) { return; } // Accept a parameter to allow selection of a single tree. xarVarFetch('contains', 'id', $contains, 0, XARVAR_NOT_REQUIRED); $data = xarMod::apiFunc('publications', 'user', 'getpagestree', array('key' => 'index', 'dd_flag' => false, 'tree_contains_pid' => $contains)); if (empty($data['pages'])) { // TODO: pass to template. return $data; //xarML('NO PAGES DEFINED'); } else { $data['pages'] = xarMod::apiFunc('publications', 'tree', 'array_maptree', $data['pages']); } $data['contains'] = $contains; // Check modify and delete privileges on each page. // EditPage - allows basic changes, but no moving or renaming (good for sub-editors who manage content) // AddPage - new pages can be added (further checks may limit it to certain page types) // DeletePage - page can be renamed, moved and deleted if (!empty($data['pages'])) { // Bring in the access property for security checks sys::import('modules.dynamicdata.class.properties.master'); $accessproperty = DataPropertyMaster::getProperty(array('name' => 'access')); $accessproperty->module = 'publications'; $accessproperty->component = 'Page'; foreach ($data['pages'] as $key => $page) { $thisinstance = $page['name'] . ':' . $page['ptid']['name']; // Do we have admin access? $args = array('instance' => $thisinstance, 'level' => 800); $adminaccess = $accessproperty->check($args); // Decide whether this page can be modified by the current user /*try { $args = array( 'instance' => $thisinstance, 'group' => $page['access']['modify_access']['group'], 'level' => $page['access']['modify_access']['level'], ); } catch (Exception $e) { $args = array(); }*/ $data['pages'][$key]['edit_allowed'] = $adminaccess || $accessproperty->check($args); /* // Decide whether this page can be deleted by the current user try { $args = array( 'instance' => $thisinstance, 'group' => $page['access']['delete_access']['group'], 'level' => $page['access']['delete_access']['level'], ); } catch (Exception $e) { $args = array(); }*/ $data['pages'][$key]['delete_allowed'] = $adminaccess || $accessproperty->check($args); } } return $data; }
/** * Modify a customer */ function shop_admin_modifycustomer() { if (!xarVarFetch('itemid', 'id', $data['itemid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } $objectname = 'shop_customers'; $data['objectname'] = $objectname; // Check if we still have no id of the item to modify. if (empty($data['itemid'])) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item id', 'admin', 'modify', 'shop'); throw new Exception($msg); } if (!xarSecurityCheck('AdminShop', 1, 'Item', $data['itemid'])) { return; } sys::import('modules.dynamicdata.class.objects.master'); $object = DataObjectMaster::getObject(array('name' => $objectname)); $data['object'] = $object; $data['label'] = $object->label; $object->getItem(array('itemid' => $data['itemid'])); $values = $object->getFieldValues(); foreach ($values as $name => $value) { $data[$name] = xarVarPrepForDisplay($value); } $rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users')); $rolesobject->getItem(array('itemid' => $data['itemid'])); if ($data['confirm']) { // Check for a valid confirmation key if (!xarSecConfirmAuthKey()) { return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Get the data from the form $isvalid = $object->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with the data we picked up and with error messages return xarTplModule('shop', 'admin', 'modifycustomer', $data); } elseif (isset($data['preview'])) { // Show a preview, same thing as the above essentially return xarTplModule('shop', 'admin', 'modifycustomer', $data); } else { $first_name = $object->properties['first_name']->getValue(); $last_name = $object->properties['last_name']->getValue(); $rolesobject->properties['name']->setValue($first_name . ' ' . $last_name); $rolesobject->updateItem(); $object->updateItem(); // Jump to the next page xarResponse::redirect(xarModURL('shop', 'admin', 'modifycustomer', array('itemid' => $data['itemid']))); return $data; } } else { // Get that specific item of the object $object->getItem(array('itemid' => $data['itemid'])); } // Return the template variables defined in this function return $data; }
/** * Create a new customer */ function shop_user_newcustomer() { if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('returnurl', 'str', $returnurl, NULL, XARVAR_NOT_REQUIRED)) { return; } sys::import('modules.dynamicdata.class.objects.master'); $rolesobject = DataObjectMaster::getObject(array('name' => 'roles_users')); $data['properties'] = $rolesobject->properties; // Check if we are in 'preview' mode from the input here - the rest is handled by checkInput() // Here we are testing for a button clicked, so we test for a string if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) { return; } // Check if we are submitting the form // Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false) if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } if ($data['confirm']) { // Check for a valid confirmation key. The value is automatically gotten from the template if (!xarSecConfirmAuthKey()) { return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Get the data from the form and see if it is all valid // Either way the values are now stored in the object $isvalid = $rolesobject->properties['email']->checkInput(); $isvalid2 = $rolesobject->properties['password']->checkInput(); if (!$isvalid || !$isvalid2) { // Bad data: redisplay the form with the data we picked up and with error messages return xarTplModule('shop', 'user', 'newcustomer', $data); } else { $email = $rolesobject->properties['email']->getValue(); $password = $rolesobject->properties['password']->getValue(); $rolesobject->properties['name']->setValue($email); $rolesobject->properties['email']->setValue($email); $rolesobject->properties['uname']->setValue($email); $rolesobject->properties['password']->setValue($password); $rolesobject->properties['state']->setValue(3); $authmodule = (int) xarMod::getID('shop'); $rolesobject->properties['authmodule']->setValue($authmodule); $uid = $rolesobject->createItem(); $custobject = DataObjectMaster::getObject(array('name' => 'shop_customers')); $custobject->createItem(array('id' => $uid)); if (isset($returnurl)) { xarMod::APIFunc('authsystem', 'user', 'login', array('uname' => $email, 'pass' => $password)); xarResponse::redirect($returnurl); } else { xarResponse::redirect(xarModURL('shop')); } // Always add the next line even if processing never reaches it return true; } } // Return the template variables defined in this function return $data; }
/** * Allows a user to modify their Calendar specific changes */ function calendar_user_updateconfig() { xarVarFetch('cal_sdow', 'int:0:6', $cal_sdow, xarModUserVars::get('calendar', 'cal_sdow')); xarModUserVars::set('calendar', 'cal_sdow', $cal_sdow); xarVarFetch('default_view', 'str::', $default_view, xarModUserVars::get('calendar', 'default_view')); xarModUserVars::set('calendar', 'default_view', $default_view); xarController::redirect(xarModURL('calendar', 'user', 'modifyconfig')); }
public function update(array $data = array()) { $args = array(); if (!xarVarFetch('numitems', 'int:1:200', $args['numitems'], $this->numitems, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('pubtype_id', 'id', $args['pubtype_id'], $this->pubtype_id, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('linkpubtype', 'checkbox', $args['linkpubtype'], false, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('nopublimit', 'checkbox', $args['nopublimit'], false, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('catfilter', 'id', $args['catfilter'], $this->catfilter, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('includechildren', 'checkbox', $args['includechildren'], false, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('nocatlimit', 'checkbox', $args['nocatlimit'], false, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('linkcat', 'checkbox', $args['linkcat'], false, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('dynamictitle', 'checkbox', $args['dynamictitle'], false, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('showsummary', 'checkbox', $args['showsummary'], false, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('showdynamic', 'checkbox', $args['showdynamic'], false, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('showvalue', 'checkbox', $args['showvalue'], false, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('pubstate', 'strlist:,:int:1:4', $args['pubstate'], $this->pubstate, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('toptype', 'enum:author:date:hits:rating:title', $args['toptype'], $this->toptype, XARVAR_NOT_REQUIRED)) { return; } if ($args['nopublimit'] == true) { $args['pubtype_id'] = 0; } if ($args['nocatlimit']) { $args['catfilter'] = 1; $args['includechildren'] = 0; } if ($args['includechildren']) { $args['linkcat'] = 0; } $this->setContent($args); return true; }
function wurfl_admin_modifyconfig() { // Security Check if (!xarSecurityCheck('AdminWurfl')) { return; } if (!xarVarFetch('phase', 'str:1:100', $phase, 'modify', XARVAR_NOT_REQUIRED, XARVAR_PREP_FOR_DISPLAY)) { return; } if (!xarVarFetch('tab', 'str:1:100', $data['tab'], 'general', XARVAR_NOT_REQUIRED)) { return; } $data['module_settings'] = xarMod::apiFunc('base', 'admin', 'getmodulesettings', array('module' => 'wurfl')); $data['module_settings']->setFieldList('items_per_page, use_module_alias, module_alias_name, enable_short_urls'); $data['module_settings']->getItem(); switch (strtolower($phase)) { case 'modify': default: switch ($data['tab']) { case 'general': break; case 'tab2': break; case 'tab3': break; default: break; } break; case 'update': // Confirm authorisation code if (!xarSecConfirmAuthKey()) { return; } switch ($data['tab']) { case 'general': $isvalid = $data['module_settings']->checkInput(); if (!$isvalid) { return xarTplModule('wurfl', 'admin', 'modifyconfig', $data); } else { $itemid = $data['module_settings']->updateItem(); } break; case 'tab2': break; case 'tab3': break; default: break; } xarController::redirect(xarModURL('wurfl', 'admin', 'modifyconfig', array('tab' => $data['tab']))); // Return return true; break; } $data['authid'] = xarSecGenAuthKey(); return $data; }
function publications_admin_templates_page($args) { if (!xarSecurityCheck('AdminPublications')) { return; } extract($args); if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('ptid', 'id', $data['ptid'], 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'id', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('file', 'str', $data['file'], 'summary', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('source_data', 'str', $data['source_data'], '', XARVAR_NOT_REQUIRED)) { return; } if (empty($data['itemid']) || empty($data['ptid'])) { return xarResponse::NotFound(); } $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $pubtype = explode('_', $pubtypeobject->properties['name']->value); $pubtype = isset($pubtype[1]) ? $pubtype[1] : $pubtype[0]; $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $basepath = sys::code() . "modules/publications/xartemplates/objects/" . $pubtype; $sourcefile = $basepath . "/" . $data['file'] . "_" . $data['itemid'] . ".xt"; $overridepath = "themes/" . xarModVars::get('themes', 'default_theme') . "/modules/publications/objects/" . $pubtype; $overridefile = $overridepath . "/" . $data['file'] . "-" . $data['itemid'] . ".xt"; // If we are saving, write the file now if ($confirm && !empty($data['source_data'])) { xarMod::apiFunc('publications', 'admin', 'write_file', array('file' => $overridefile, 'data' => $data['source_data'])); } // Let the template know what kind of file this is if (file_exists($overridefile)) { $data['filetype'] = 'theme'; $filepath = $overridefile; $data['writable'] = is_writable($overridefile); } else { $data['filetype'] = 'module'; $filepath = $sourcefile; $data['writable'] = is_writeable_dir($overridepath); } $data['source_data'] = trim(xarMod::apiFunc('publications', 'admin', 'read_file', array('file' => $filepath))); // Initialize the template if (empty($data['source_data'])) { $data['source_data'] = '<xar:template xmlns:xar="http://xaraya.com/2004/blocklayout">'; $data['source_data'] .= "\n"; $data['source_data'] .= "\n" . '</xar:template>'; } $data['files'] = array(array('id' => 'summary', 'name' => 'summary display'), array('id' => 'detail', 'name' => 'detail display')); return $data; }
/** * Import an object definition or an object item from XML */ function publications_admin_importpubtype($args) { if (!xarSecurityCheck('AdminPublications')) { return; } if (!xarVarFetch('import', 'isset', $import, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('xml', 'isset', $xml, NULL, XARVAR_DONT_SET)) { return; } extract($args); $data = array(); $data['menutitle'] = xarML('Dynamic Data Utilities'); $data['warning'] = ''; $data['options'] = array(); $basedir = 'modules/publications'; $filetype = 'xml'; $files = xarModAPIFunc('dynamicdata', 'admin', 'browse', array('basedir' => $basedir, 'filetype' => $filetype)); if (!isset($files) || count($files) < 1) { $files = array(); $data['warning'] = xarML('There are currently no XML files available for import in "#(1)"', $basedir); } if (!empty($import) || !empty($xml)) { if (!xarSecConfirmAuthKey()) { return; } if (!empty($import)) { $found = ''; foreach ($files as $file) { if ($file == $import) { $found = $file; break; } } if (empty($found) || !file_exists($basedir . '/' . $file)) { $msg = xarML('File not found'); throw new BadParameterException(null, $msg); } $ptid = xarModAPIFunc('publications', 'admin', 'importpubtype', array('file' => $basedir . '/' . $file)); } else { $ptid = xarModAPIFunc('publications', 'admin', 'importpubtype', array('xml' => $xml)); } if (empty($ptid)) { return; } $data['warning'] = xarML('Publication type #(1) was successfully imported', $ptid); } natsort($files); array_unshift($files, ''); foreach ($files as $file) { $data['options'][] = array('id' => $file, 'name' => $file); } $data['authid'] = xarSecGenAuthKey(); return $data; }
/** * List the product attributes */ function shop_admin_attributes() { if (!xarVarFetch('startnum', 'isset', $data['startnum'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('user_id', 'isset', $user_id, NULL, XARVAR_DONT_SET)) { return; } $objectname = 'shop_attributes'; $data['objectname'] = $objectname; // Security check - important to do this as early as possible to avoid // potential security holes or just too much wasted processing if (!xarSecurityCheck('AdminShop')) { return; } $data['items_per_page'] = xarModVars::get('shop', 'items_per_page'); // Load the DD master object class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.objects.master'); // Get the object label for the template $object = DataObjectMaster::getObject(array('name' => $objectname)); $data['label'] = $object->label; // Get the fields to display in the admin interface $config = $object->configuration; if (!empty($config['adminfields'])) { $data['adminfields'] = $config['adminfields']; } else { $data['adminfields'] = array_keys($object->getProperties()); } // Get the object we'll be working with. Note this is a so called object list $mylist = DataObjectMaster::getObjectList(array('name' => $objectname)); // Load the DD master property class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.properties.master'); $data['sort'] = xarMod::ApiFunc('shop', 'admin', 'sort', array('sortfield_fallback' => 'ID', 'ascdesc_fallback' => 'ASC')); // We have some filters for the items $filters = array('startnum' => $data['startnum'], 'status' => DataPropertyMaster::DD_DISPLAYSTATE_ACTIVE, 'sort' => $data['sort']); if (isset($user_id)) { $filters['where'] = 'user_id eq ' . $user_id; } // Get the items $items = $mylist->getItems($filters); if (isset($user_id)) { // Get the object we'll be working with. Note this is a so called object list $mylist2 = DataObjectMaster::getObjectList(array('name' => 'shop_customers')); $filters = array(); if (isset($user_id)) { $filters['where'] = 'ID eq ' . $user_id; } $items2 = $mylist2->getItems($filters); $data['fname'] = $items2[$user_id]['FirstName']; $data['lname'] = $items2[$user_id]['LastName']; } $data['mylist'] = $mylist; // Return the template variables defined in this function return $data; }
/** * Used to get the current view the calendar is in (Day, Week, Month, Year) */ function calendar_userapi_currentView() { xarVarFetch('func', 'str::', $func, 'main', XARVAR_NOT_REQUIRED); $valid = array('day', 'week', 'month', 'year'); $func = strtolower($func); if (!in_array($func, $valid)) { return xarModVars::get('calendar', 'default_view'); } else { return $func; } }
public function update(array $data = array()) { $args = array(); xarVarFetch('numitems', 'int', $args['numitems'], $this->numitems, XARVAR_NOT_REQUIRED); xarVarFetch('showvalue', 'checkbox', $args['showvalue'], 0, XARVAR_NOT_REQUIRED); xarVarFetch('showpubtype', 'checkbox', $args['showpubtype'], 0, XARVAR_NOT_REQUIRED); xarVarFetch('showcategory', 'checkbox', $args['showcategory'], 0, XARVAR_NOT_REQUIRED); xarVarFetch('showauthor', 'checkbox', $args['showauthor'], 0, XARVAR_NOT_REQUIRED); $this->setContent($args); return true; }
function update(array $data = array()) { $args = array(); xarVarFetch('pubtype_id', 'int', $args['pubtype_id'], $this->pubtype_id, XARVAR_NOT_REQUIRED); xarVarFetch('pubstate', 'str', $args['pubstate'], $this->pubstate, XARVAR_NOT_REQUIRED); xarVarFetch('displaytype', 'str', $args['displaytype'], $this->displaytype, XARVAR_NOT_REQUIRED); xarVarFetch('fillerid', 'id', $args['fillerid'], $this->fillerid, XARVAR_NOT_REQUIRED); xarVarFetch('alttitle', 'str', $args['alttitle'], $this->alttitle, XARVAR_NOT_REQUIRED); xarVarFetch('alttext', 'str', $args['alttext'], $this->alttext, XARVAR_NOT_REQUIRED); $this->setContent($args); return true; }
function publications_admin_stylesheet_type($args) { if (!xarSecurityCheck('AdminPublications')) { return; } extract($args); if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('ptid', 'id', $data['ptid'], xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('file', 'str', $data['file'], '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('source_data', 'str', $data['source_data'], '', XARVAR_NOT_REQUIRED)) { return; } $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $pubtype = explode('_', $pubtypeobject->properties['name']->value); $pubtype = isset($pubtype[1]) ? $pubtype[1] : $pubtype[0]; $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $basepath = sys::code() . "modules/publications/xarstyles"; $sourcefile = $basepath . "/" . $data['file'] . ".css"; $overridepath = "themes/" . xarModVars::get('themes', 'default_theme') . "/modules/publications/style"; $overridefile = $overridepath . "/" . $data['file'] . ".css"; // If we are saving, write the file now if ($confirm && !empty($data['file']) && !empty($data['source_data'])) { xarMod::apiFunc('publications', 'admin', 'write_file', array('file' => $overridefile, 'data' => $data['source_data'])); } // Let the template know what kind of file this is if (empty($data['file'])) { $data['filetype'] = 'empty'; $filepath = ''; $data['writable'] = 0; } elseif (file_exists($overridefile)) { $data['filetype'] = 'theme'; $filepath = $overridefile; $data['writable'] = is_writable($overridefile); } elseif (file_exists($sourcefile)) { $data['filetype'] = 'module'; $filepath = $sourcefile; $data['writable'] = is_writeable_dir($overridepath); } else { $data['filetype'] = 'unknown'; $filepath = $overridefile; $data['writable'] = is_writeable_dir($overridepath); } $data['source_data'] = trim(xarMod::apiFunc('publications', 'admin', 'read_file', array('file' => $filepath))); return $data; }
public function update(array $data = array()) { xarVarFetch('locale', 'str', $data['locale'], '', XARVAR_NOT_REQUIRED); xarVarFetch('alttitle', 'str', $data['alttitle'], '', XARVAR_NOT_REQUIRED); xarVarFetch('altsummary', 'str', $data['altsummary'], '', XARVAR_NOT_REQUIRED); xarVarFetch('showtitle', 'checkbox', $data['showtitle'], false, XARVAR_NOT_REQUIRED); xarVarFetch('showsummary', 'checkbox', $data['showsummary'], false, XARVAR_NOT_REQUIRED); xarVarFetch('showpubdate', 'checkbox', $data['showpubdate'], false, XARVAR_NOT_REQUIRED); xarVarFetch('showauthor', 'checkbox', $data['showauthor'], false, XARVAR_NOT_REQUIRED); xarVarFetch('showsubmit', 'checkbox', $data['showsubmit'], false, XARVAR_NOT_REQUIRED); $this->setContent($data); return true; }
function publications_admin_create() { if (!xarVarFetch('ptid', 'id', $data['ptid'])) { return; } if (!xarVarFetch('new_cids', 'array', $cids, NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('save', 'str', $save, NULL, XARVAR_NOT_REQUIRED)) { return; } // Confirm authorisation code // This has been disabled for now // if (!xarSecConfirmAuthKey()) return; $data['items'] = array(); $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $data['ptid'])); $data['object'] = DataObjectMaster::getObject(array('name' => $pubtypeobject->properties['name']->value)); $isvalid = $data['object']->checkInput(); $data['settings'] = xarModAPIFunc('publications', 'user', 'getsettings', array('ptid' => $data['ptid'])); if ($data['preview'] || !$isvalid) { // Show debug info if called for if (!$isvalid && xarModVars::get('publications', 'debugmode') && in_array(xarUserGetVar('uname'), xarConfigVars::get(null, 'Site.User.DebugAdmins'))) { var_dump($data['object']->getInvalids()); } // Preview or bad data: redisplay the form $data['properties'] = $data['object']->getProperties(); if ($data['preview']) { $data['tab'] = 'preview'; } return xarTplModule('publications', 'admin', 'new', $data); } // Create the object $id = $data['object']->createItem(); // if we can edit publications, go to admin view, otherwise go to user view if (xarSecurityCheck('EditPublications', 0, 'Publication', $data['ptid'] . ':All:All:All')) { // Redirect if we came from somewhere else $cuurent_listview = xarSession::getVar('publications_current_listview'); if (!empty($cuurent_listview)) { xarController::redirect($cuurent_listview); } xarController::redirect(xarModURL('publications', 'admin', 'view', array('ptid' => $data['ptid']))); } else { xarController::redirect(xarModURL('publications', 'user', 'view', array('ptid' => $data['ptid']))); } return true; }
/** * Create a new product */ function shop_admin_newproduct() { // See if the current user has the privilege to add an item. We cannot pass any extra arguments here if (!xarSecurityCheck('Addshop')) { return; } if (!xarVarFetch('objectid', 'id', $data['objectid'], NULL, XARVAR_DONT_SET)) { return; } $objectname = 'shop_products'; $data['objectname'] = $objectname; // Load the DD master object class. This line will likely disappear in future versions sys::import('modules.dynamicdata.class.objects.master'); $object = DataObjectMaster::getObject(array('name' => $objectname)); $data['label'] = $object->label; $data['object'] = $object; // Check if we are in 'preview' mode from the input here - the rest is handled by checkInput() // Here we are testing for a button clicked, so we test for a string if (!xarVarFetch('preview', 'str', $data['preview'], NULL, XARVAR_DONT_SET)) { return; } // Check if we are submitting the form // Here we are testing for a hidden field we define as true on the template, so we can use a boolean (true/false) if (!xarVarFetch('confirm', 'bool', $data['confirm'], false, XARVAR_NOT_REQUIRED)) { return; } if ($data['confirm']) { // Check for a valid confirmation key. The value is automatically gotten from the template if (!xarSecConfirmAuthKey()) { return xarTplModule('privileges', 'user', 'errors', array('layout' => 'bad_author')); } // Get the data from the form and see if it is all valid // Either way the values are now stored in the object $isvalid = $data['object']->checkInput(); if (!$isvalid) { // Bad data: redisplay the form with the data we picked up and with error messages return xarTplModule('shop', 'admin', 'newproduct', $data); } elseif (isset($data['preview'])) { // Show a preview, same thing as the above essentially return xarTplModule('shop', 'admin', 'newproduct', $data); } else { $itemid = $data['object']->createItem(); // Jump to the next page xarResponse::redirect(xarModURL('shop', 'admin', 'products')); return true; } } // Return the template variables defined in this function return $data; }
function calendar_admin_create_calendars() { // Get parameters // TODO HELPNEEDED here: how do I handle this (e.g. missing calname should return a // message if (!xarVarFetch('add_calendar', 'isset', $add_calendar)) { return; } if (!xarVarFetch('calname', 'str:1:', $calname)) { return; } if (!xarVarFetch('addtype', 'str:1:', $addtype)) { return; } if (!xarVarFetch('location', 'str:1:', $location, '', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('uri', 'str:1:', $uri, '', XARVAR_NOT_REQUIRED)) { return; } // Confirm Auth Key if (!xarSecConfirmAuthKey()) { return; } // Security Check // TODO // if(!xarSecurityCheck('AddCalendar', 0, 'Calendar')) {return;} // Check if module name has already been used. $checkname = xarMod::apiFunc('calendar', 'user', 'get', array('calname' => $calname)); if (!empty($checkname)) { $msg = xarML('Calendar name "#(1)" already exists. Please go back and enter a different name', $calname); throw new Exception($msg); } if ($addtype == 'db') { $fileuri = 'a'; } elseif ($addtype == 'file') { $fileuri = $location; } elseif ($addtype == 'uri') { $fileuri = $uri; } // Pass to API $calid = xarMod::apiFunc('calendar', 'admin', 'create_calendars', array('calname' => $calname, 'fileuri' => $fileuri, 'addtype' => $addtype)); if (!$calid) { return; } // Go on and edit the new instance xarController::redirect(xarModURL('calendar', 'admin', 'add_calendars', array('calid' => $calid, 'calname' => $calname))); }
/** * Remove an item from the cart */ function shop_user_remove($args) { if (!xarVarFetch('id', 'isset', $pid, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('returnurl', 'isset', $returnurl, NULL, XARVAR_DONT_SET)) { return; } $shop = xarSession::getVar('shop'); unset($shop[$pid]); xarSession::setVar('shop', $shop); // Return the template variables defined in this function xarResponse::redirect($returnurl); return true; }
function publications_admin_multiops() { // Get parameters if (!xarVarFetch('idlist', 'isset', $idlist, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('operation', 'isset', $operation, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('redirecttarget', 'isset', $redirecttarget, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('returnurl', 'str', $returnurl, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('objectname', 'str', $objectname, 'listings_listing', XARVAR_DONT_SET)) { return; } if (!xarVarFetch('localmodule', 'str', $module, 'listings', XARVAR_DONT_SET)) { return; } // Confirm authorisation code //if (!xarSecConfirmAuthKey()) return; // Catch missing params here, rather than below if (empty($idlist)) { return xarTplModule('publications', 'user', 'errors', array('layout' => 'no_items')); } if ($operation === '') { return xarTplModule('publications', 'user', 'errors', array('layout' => 'no_operation')); } $ids = explode(',', $idlist); switch ($operation) { case 0: foreach ($ids as $id => $val) { if (empty($val)) { continue; } // Get the item $item = $object->getItem(array('itemid' => $val)); // Update it if (!$object->deleteItem(array('state' => $operation))) { return; } } break; } return true; }
function mailer_user_view_mailer() { if (!xarSecurityCheck('ReadMailer')) { return; } if (!xarVarFetch('name', 'str', $name, 'mailer_mails', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('itemid', 'int', $data['itemid'], 0, XARVAR_NOT_REQUIRED)) { return; } $data['object'] = DataObjectMaster::getObject(array('name' => $name)); $data['object']->getItem(array('itemid' => $data['itemid'])); $data['tplmodule'] = 'mailer'; return $data; }
/** * redirect to a site based on some URL field of the item */ function publications_user_redirect($args) { // Get parameters from user if (!xarVarFetch('id', 'id', $id, NULL, XARVAR_NOT_REQUIRED)) { return; } // Override if needed from argument array extract($args); if (!isset($id) || !is_numeric($id) || $id < 1) { return xarML('Invalid publication ID'); } // Load API if (!xarModAPILoad('publications', 'user')) { return; } // Get publication $publication = xarModAPIFunc('publications', 'user', 'get', array('id' => $id)); if (!is_array($publication)) { $msg = xarML('Failed to retrieve publication in #(3)_#(1)_#(2).php', 'user', 'get', 'publications'); throw new DataNotFoundException(null, $msg); } $ptid = $publication['pubtype_id']; // Get publication types $pubtypes = xarModAPIFunc('publications', 'user', 'get_pubtypes'); // TODO: improve this e.g. when multiple URL fields are present // Find an URL field based on the pubtype configuration foreach ($pubtypes[$ptid]['config'] as $field => $value) { if (empty($value['label'])) { continue; } if ($value['format'] == 'url' && !empty($publication[$field]) && $publication[$field] != 'http://') { // TODO: add some verifications here ! $hooks = xarModCallHooks('item', 'display', $id, array('module' => 'publications', 'itemtype' => $ptid), 'publications'); xarController::redirect($article[$field]); return true; } elseif ($value['format'] == 'urltitle' && !empty($publication[$field]) && substr($publication[$field], 0, 2) == 'a:') { $array = unserialize($publication[$field]); if (!empty($array['link']) && $array['link'] != 'http://') { $hooks = xarModCallHooks('item', 'display', $id, array('module' => 'publications', 'itemtype' => $ptid), 'publications'); xarController::redirect($array['link']); return true; } } } return xarML('Unable to find valid redirect field'); }