/** * Save a question and redirect to the main listing when done * * @return void */ private function _save() { // Login required if (User::isGuest()) { return $this->_browse(); } // Check for request forgeries Request::checkToken(); Lang::load('com_answers'); // Incoming $tags = Request::getVar('tags', ''); $funds = Request::getInt('funds', 0); $reward = Request::getInt('reward', 0); // If offering a reward, do some checks if ($reward) { // Is it an actual number? if (!is_numeric($reward)) { App::abort(500, Lang::txt('COM_ANSWERS_REWARD_MUST_BE_NUMERIC')); return; } // Are they offering more than they can afford? if ($reward > $funds) { App::abort(500, Lang::txt('COM_ANSWERS_INSUFFICIENT_FUNDS')); return; } } // Initiate class and bind posted items to database fields $fields = Request::getVar('question', array(), 'post', 'none', 2); $row = new \Components\Answers\Models\Question($fields['id']); if (!$row->bind($fields)) { $this->setError($row->getError()); return $this->_new($row); } if ($reward && $this->banking) { $row->set('reward', 1); } // Ensure the user added a tag /* if (!$tags) { $this->setError(Lang::txt('COM_ANSWERS_QUESTION_MUST_HAVE_TAG')); return $this->_new($row); } */ // Store new content if (!$row->store(true)) { $row->set('tags', $tags); $this->setError($row->getError()); return $this->_new($row); } // Hold the reward for this question if we're banking if ($reward && $this->banking) { $BTL = new \Hubzero\Bank\Teller($this->database, User::get('id')); $BTL->hold($reward, Lang::txt('COM_ANSWERS_HOLD_REWARD_FOR_BEST_ANSWER'), 'answers', $row->get('id')); } // Add the tags $row->tag($tags); // Add the tag to link to the resource $tag = $this->model->isTool() ? 'tool:' . $this->model->resource->alias : 'resource:' . $this->model->resource->id; $row->addTag($tag, User::get('id'), $this->model->isTool() ? 0 : 1); // Get users who need to be notified on every question $config = Component::params('com_answers'); $apu = $config->get('notify_users', ''); $apu = explode(',', $apu); $apu = array_map('trim', $apu); $receivers = array(); // Get tool contributors if question is about a tool if ($tags) { $tags = explode(',', $tags); if (count($tags) > 0) { require_once PATH_CORE . DS . 'components' . DS . 'com_tools' . DS . 'tables' . DS . 'author.php'; require_once PATH_CORE . DS . 'components' . DS . 'com_tools' . DS . 'tables' . DS . 'version.php'; $TA = new \Components\Tools\Tables\Author($this->database); $objV = new \Components\Tools\Tables\Version($this->database); if ($this->model->isTool()) { $toolname = $this->model->resource->alias; $rev = $objV->getCurrentVersionProperty($toolname, 'revision'); $authors = $TA->getToolAuthors('', 0, $toolname, $rev); if (count($authors) > 0) { foreach ($authors as $author) { $receivers[] = $author->uidNumber; } } } } } if (!empty($apu)) { foreach ($apu as $u) { $user = User::getInstance($u); if ($user) { $receivers[] = $user->get('id'); } } } $receivers = array_unique($receivers); // Send the message if (!empty($receivers)) { // Send a message about the new question to authorized users (specified admins or related content authors) $from = array('email' => Config::get('mailfrom'), 'name' => Config::get('sitename') . ' ' . Lang::txt('COM_ANSWERS_ANSWERS'), 'multipart' => md5(date('U'))); // Build the message subject $subject = Lang::txt('COM_ANSWERS_ANSWERS') . ', ' . Lang::txt('new question about content you author or manage'); // Build the message $eview = new \Hubzero\Mail\View(array('base_path' => PATH_CORE . DS . 'components' . DS . 'com_answers' . DS . 'site', 'name' => 'emails', 'layout' => 'question_plaintext')); $eview->option = 'com_answers'; $eview->sitename = Config::get('sitename'); $eview->question = $row; $eview->id = $row->get('id', 0); $eview->boundary = $from['multipart']; $message['plaintext'] = $eview->loadTemplate(false); $message['plaintext'] = str_replace("\n", "\r\n", $message['plaintext']); // HTML message $eview->setLayout('question_html'); $message['multipart'] = $eview->loadTemplate(); $message['multipart'] = str_replace("\n", "\r\n", $message['multipart']); if (!Event::trigger('xmessage.onSendMessage', array('new_question_admin', $subject, $message, $from, $receivers, 'com_answers'))) { $this->setError(Lang::txt('COM_ANSWERS_MESSAGE_FAILED')); } } // Redirect to the question App::redirect(Route::url('index.php?option=' . $this->option . '&id=' . $this->model->resource->id . '&active=' . $this->_name)); }
/** * Invoke a tool session * * @return void */ public function invokeTask() { // Check that the user is logged in if (User::isGuest()) { $this->loginTask(); return; } $params = Request::getString('params', '', 'default', JREQUEST_ALLOWRAW); if (!empty($params)) { $params_whitelist = explode(',', $this->config->get('params_whitelist', '')); $separator = "\r\n"; $line = trim(strtok($params, $separator)); $verified_params = array(); while ($line !== false) { $re = "/\\s*(directory|file|int)\\s*(?:\\:|\\(\\s*(.*?)\\s*\\)\\s*:)\\s*(.*?)\\s*\$/"; if (preg_match($re, $line, $matches) != false) { $type = $matches[1]; $key = $matches[2]; $value = $matches[3]; if ($type == 'directory' || $type == 'file') { // Replace ~/ prefix with user's home directory if (strncmp($value, "~/", 2) === 0) { $homeDirectory = rtrim(User::get('homeDirectory'), '/'); if (!isset($homeDirectory[0]) || $homeDirectory[0] !== '/') { break; } $value = substr_replace($value, $homeDirectory, 0, 1); } // Fail if $value doesn't start with '/' if ($value[0] != '/') { break; } // Fail if unable to normalize $value $value = $this->normalize_path($value, $type == 'file'); if ($value === false) { break; } // Fail if $value contains a control charcater (0x00-0x1F) or an invalid utf-8 string if (preg_match('/^[^\\x00-\\x1f]*$/u', $value) == 0) { break; } // Fail if whitelist is empty if (empty($params_whitelist)) { break; } // Fail if $value isn't prefixed with a whitelisted directory foreach ($params_whitelist as $wl) { if (empty($wl)) { continue; } $wl = rtrim(trim($wl), '/') . '/'; // make sure we compare against a full path element if (strncmp($wl, $value, strlen($wl)) === 0) { $match = $wl; break; } } if (!isset($match)) { break; } // Add verified parameter to array if ($key) { $verified_params[] = $type . '(' . $key . '):' . $value; } else { $verified_params[] = $type . ':' . $value; } } else { if ($type == 'int') { // Fail if $value contains a control charcater (0x00-0x1F) or an invalid utf-8 string if (preg_match('/^[^\\x00-\\x1f]*$/u', $value) == 0) { break; } // Fail if $value not an integer if (preg_match('/^[-+]?[0-9]+$/', $value) == 0) { break; } // Add verified parameter to array if ($key) { $verified_params[] = $type . '(' . $key . '):' . $value; } else { $verified_params[] = $type . ':' . $value; } } } } else { if (!empty($line)) { break; } } $line = strtok($separator); // Get next line } if ($line !== false) { $this->badparamsTask($params); return; } } // Incoming $app = new stdClass(); $app->name = trim(str_replace(':', '-', Request::getVar('app', ''))); //$app->number = 0; $app->version = Request::getVar('version', 'default'); // Get the user's IP address $app->ip = Request::ip(); // Make sure we have an app to invoke if (!$app->name) { App::redirect(Route::url($this->config->get('stopRedirect', 'index.php?option=com_members&task=myaccount'))); return; } // Get the parent toolname (appname without any revision number "_r423") include_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'version.php'; $tv = new \Components\Tools\Tables\Version($this->database); switch ($app->version) { case 1: case 'current': case 'default': $app->name = $tv->getCurrentVersionProperty($app->name, 'instance'); break; case 'test': case 'dev': $app->name .= '_dev'; break; default: $app->name .= '_r' . $app->version; break; } $app->toolname = $app->name; if ($parent = $tv->getToolname($app->name)) { $app->toolname = $parent; } // Check of the toolname has a revision indicator $r = substr(strrchr($app->name, '_'), 1); if (substr($r, 0, 1) != 'r' && substr($r, 0, 3) != 'dev') { $r = ''; } // No version passed and no revision if ((!$app->version || $app->version == 'default' || $app->version == 'current') && !$r) { // Get the latest version $app->version = $tv->getCurrentVersionProperty($app->toolname, 'revision'); $app->name = $app->toolname . '_r' . $app->version; } // Get the caption/session title $tv->loadFromInstance($app->name); $app->caption = stripslashes($tv->title); $app->title = stripslashes($tv->title); // Check if they have access to run this tool $hasaccess = $this->_getToolAccess($app->name); //$status2 = ($hasaccess) ? "PASSED" : "FAILED"; //Log::debug("mw::invoke " . $app->name . " by " . User::get('username') . " from " . $app->ip . " _getToolAccess " . $status2); if ($this->getError()) { echo '<!-- ' . $this->getError() . ' -->'; } if (!$hasaccess) { //$this->_redirect = Route::url('index.php?option=' . $this->_option . '&task=accessdenied'); $this->app = $app; $this->accessdeniedTask(); return; } $country = \Hubzero\Geocode\Geocode::ipcountry($app->ip); //die($app->ip . $country); // Log the launch attempt $this->_recordUsage($app->toolname, User::get('id')); // Get the middleware database $mwdb = \Components\Tools\Helpers\Utils::getMWDBO(); // Find out how many sessions the user is running. $ms = new \Components\Tools\Tables\Session($mwdb); $jobs = $ms->getCount(User::get('username')); // Find out how many sessions the user is ALLOWED to run. include_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'preferences.php'; $preferences = new \Components\Tools\Tables\Preferences($this->database); $preferences->loadByUser(User::get('id')); if (!$preferences || !$preferences->id) { include_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'sessionclass.php'; $scls = new \Components\Tools\Tables\SessionClass($this->database); $default = $scls->find('one', array('alias' => 'default')); $preferences->user_id = User::get('id'); $preferences->class_id = $default->id; $preferences->jobs = $default->jobs ? $default->jobs : 3; $preferences->store(); } $remain = $preferences->jobs - $jobs; // Have they reached their session quota? if ($remain <= 0) { $this->quotaexceededTask(); return; } if ($this->config->get('warn_multiples', 0) && !Request::getInt('newinstance', 0)) { $sessions = $ms->getRecords(User::get('username'), $app->name, false); if ($sessions && count($sessions) > 0) { $this->view->setLayout('list'); $this->view->app = $app; $this->view->config = $this->config; $this->view->sessions = $sessions; foreach ($this->getErrors() as $error) { $view->setError($error); } $this->view->display(); return; } } // Get their disk space usage $this->_getDiskUsage(); $this->_redirect = ''; $app->percent = 0; if ($this->config->get('show_storage', 1)) { $app->percent = $this->percent; } if ($this->percent >= 100) { App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=storage')); return; } // Get plugins Plugin::import('mw', $app->toolname); // Trigger any events that need to be called before session invoke Event::trigger('mw.onBeforeSessionInvoke', array($app->toolname, $app->version)); $toolparams = ''; if (!empty($params)) { $toolparams = " params=" . rawurlencode($params) . " "; } // Determine zone $app->zone_id = 0; if ($this->config->get('zones')) { $middleware = new \Components\Tools\Models\Middleware(); $this->database->setQuery("SELECT zone_id FROM `#__tool_version_zone` WHERE tool_version_id=" . $this->database->quote($tv->id)); $middleware->set('allowed', $this->database->loadColumn()); if ($zone = $middleware->zoning($app->ip, $middleware->get('allowed'))) { if ($zone->exists()) { $toolparams .= ' zone=' . $zone->get('zone'); $app->zone_id = $zone->get('id'); } } } // We've passed all checks so let's actually start the session $status = $this->middleware("start user="******" ip=" . $app->ip . " app=" . $app->name . " version=" . $app->version . $toolparams, $output); if ($this->getError()) { //App::abort(500, $this->getError()); //return; App::redirect(Route::url($this->config->get('stopRedirect', 'index.php?option=com_members&task=myaccount')), Lang::txt('COM_TOOLS_ERROR_SESSION_INVOKE_FAILED'), 'error'); return; } $app->sess = !empty($output->session) ? $output->session : ''; // Trigger any events that need to be called after session invoke Event::trigger('mw.onAfterSessionInvoke', array($app->toolname, $app->version)); // Get a count of the number of sessions of this specific tool $appcount = $ms->getCount(User::get('username'), $app->name); // Do we have more than one session of this tool? if ($appcount > 1) { // We do, so let's append a timestamp $app->caption .= ' (' . Date::toLocal('g:i a') . ')'; } // Save the changed caption $ms->load($app->sess); $ms->sessname = $app->caption; $ms->params = $params; if (!$ms->store()) { App::abort(500, $ms->getError()); } $rtrn = Request::getVar('return', ''); $url = 'index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&app=' . $app->toolname . '&task=session&sess=' . $app->sess . '&return=' . $rtrn . (Request::getWord('viewer') ? '&viewer=' . Request::getWord('viewer') : ''); // Log activity Event::trigger('system.logActivity', ['activity' => ['action' => 'created', 'scope' => 'tool.session', 'scope_id' => $app->sess, 'description' => Lang::txt('COM_TOOLS_ACTIVITY_SESSION_CREATED', $app->sess, '<a href="' . Route::url($url) . '">' . $app->caption . '</a>'), 'details' => array('tool' => $app->name, 'url' => $url)], 'recipients' => array(['user', User::get('id')])]); App::redirect(Route::url($url, false)); }
/** * Display a list of authors * * @param integer $id Resource ID * @return void */ public function displayTask($id = null) { // Incoming if (!$id) { $id = Request::getInt('rid', 0); } // Ensure we have an ID to work with if (!$id) { App::abort(500, Lang::txt('COM_TOOLS_CONTRIBUTE_NO_ID')); } $this->view->version = Request::getVar('version', 'dev'); // Get all contributors of this resource $helper = new \Components\Resources\Helpers\Helper($id, $this->database); if ($this->view->version == 'dev') { $helper->getCons(); } else { $obj = new \Components\Tools\Tables\Tool($this->database); $toolname = $obj->getToolnameFromResource($id); $objV = new \Components\Tools\Tables\Version($this->database); $revision = $objV->getCurrentVersionProperty($toolname, 'revision'); $helper->getToolAuthors($toolname, $revision); } // Get a list of all existing contributors include_once PATH_CORE . DS . 'components' . DS . 'com_resources' . DS . 'tables' . DS . 'contributor' . DS . 'roletype.php'; $resource = new \Components\Resources\Tables\Resource($this->database); $resource->load($id); $rt = new \Components\Resources\Tables\Contributor\RoleType($this->database); // Output HTML $this->view->config = $this->config; $this->view->contributors = $helper->_contributors; $this->view->id = $id; $this->view->roles = $rt->getRolesForType($resource->type); $this->view->setErrors($this->getErrors())->setLayout('display')->display(); }
/** * Display a list of screenshots for this entry * * @param integer $rid Resource ID * @param string $version Tool version * @return void */ public function displayTask($rid = NULL, $version = NULL) { $this->view->setLayout('display'); // Incoming if (!$rid) { $rid = Request::getInt('rid', 0); } if (!$version) { $version = Request::getVar('version', 'dev'); } // Ensure we have an ID to work with if (!$rid) { App::abort(500, Lang::txt('COM_TOOLS_CONTRIBUTE_NO_ID')); return; } // Get resource information $resource = new \Components\Resources\Tables\Resource($this->database); $resource->load($rid); // Get version id $objV = new \Components\Tools\Tables\Version($this->database); $vid = $objV->getVersionIdFromResource($rid, $version); // Do we have a published tool? $this->view->published = $objV->getCurrentVersionProperty($resource->alias, 'id'); // Get screenshot information for this resource $ss = new \Components\Resources\Tables\Screenshot($this->database); $this->view->shots = $ss->getScreenshots($rid, $vid); // Build paths include_once PATH_CORE . DS . 'components' . DS . 'com_resources' . DS . 'helpers' . DS . 'html.php'; $path = \Components\Resources\Helpers\Html::build_path($resource->created, $rid, ''); $this->view->upath = PATH_APP . DS . trim($this->rconfig->get('uploadpath'), DS) . $path; $this->view->wpath = DS . trim($this->rconfig->get('uploadpath'), DS) . $path; if ($vid) { $this->view->upath .= DS . $vid; $this->view->wpath .= DS . $vid; } // Make sure wpath is preceded by app if (substr($this->view->wpath, 0, 4) != DS . 'app') { $this->view->wpath = DS . 'app' . $this->view->wpath; } // get config $this->view->cparams = Component::params('com_resources'); $this->view->version = $version; $this->view->rid = $rid; foreach ($this->getErrors() as $error) { $this->view->setError($error); } // Output HTML $this->view->display(); }
/** * Runs a rappture job. * * This is more than just invoking a tool. We're expecting a driver file to pass to the * tool to be picked up and automatically run by rappture. * * @apiMethod POST * @apiUri /tools/run * @apiParameter { * "name": "app", * "description": "Name of app installed as a tool in the hub", * "type": "string", * "required": true, * } * @apiParameter { * "name": "revision", * "description": "The specific requested revision of the app", * "type": "string", * "required": false, * "default": "default", * } * @apiParameter { * "name": "xml", * "description": "Content of the driver file that rappture will use to invoke the given app", * "type": "string", * "required": true, * } * @return void */ public function runTask() { $this->requiresAuthentication(); // Get the user_id and attempt to load user profile $userid = App::get('authn')['user_id']; $profile = User::getInstance($userid); // Make sure we have a user if (!$profile->get('id')) { throw new Exception(Lang::txt('Unable to find user.'), 404); } // Grab tool name and version $tool_name = Request::getVar('app', ''); $tool_version = Request::getVar('revision', 'default'); // Build application object $app = new stdClass(); $app->name = trim(str_replace(':', '-', $tool_name)); $app->version = $tool_version; $app->ip = $_SERVER["REMOTE_ADDR"]; // Check to make sure we have an app to invoke if (!$app->name) { throw new Exception(Lang::txt('A valid app name must be provided'), 404); } // Include needed tool libraries require_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'version.php'; require_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'session.php'; require_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'viewperm.php'; // Create database object $database = \App::get('db'); // Load the tool version $tv = new \Components\Tools\Tables\Version($database); switch ($app->version) { case 1: case 'default': $app->name = $tv->getCurrentVersionProperty($app->name, 'instance'); break; case 'test': case 'dev': $app->name .= '_dev'; break; default: $app->name .= '_r' . $app->version; break; } $app->toolname = $app->name; if ($parent = $tv->getToolname($app->name)) { $app->toolname = $parent; } // Check of the toolname has a revision indicator $r = substr(strrchr($app->name, '_'), 1); if (substr($r, 0, 1) != 'r' && substr($r, 0, 3) != 'dev') { $r = ''; } // No version passed and no revision if ((!$app->version || $app->version == 'default') && !$r) { // Get the latest version $app->version = $tv->getCurrentVersionProperty($app->toolname, 'revision'); $app->name = $app->toolname . '_r' . $app->version; } // Get the caption/session title $tv->loadFromInstance($app->name); $app->caption = stripslashes($tv->title); $app->title = stripslashes($tv->title); // Make sure we have a valid tool if ($app->title == '' || $app->toolname == '') { throw new Exception(Lang::txt('The tool "%s" does not exist on the HUB.', $tool_name), 404); } // Get tool access $toolAccess = \Components\Tools\Helpers\Utils::getToolAccess($app->name, $profile->get('username')); // Do we have access if ($toolAccess->valid != 1) { throw new Exception($toolAccess->error->message, 500); } // Log the launch attempt \Components\Tools\Helpers\Utils::recordToolUsage($app->toolname, $profile->get('id')); // Get the middleware database $mwdb = \Components\Tools\Helpers\Utils::getMWDBO(); // Find out how many sessions the user is running $ms = new \Components\Tools\Tables\Session($mwdb); $jobs = $ms->getCount($profile->get('username')); // Find out how many sessions the user is ALLOWED to run. include_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'preferences.php'; $preferences = new \Components\Tools\Tables\Preferences($database); $preferences->loadByUser($profile->get('id')); if (!$preferences || !$preferences->id) { $default = $preferences->find('one', array('alias' => 'default')); $preferences->user_id = $profile->get('id'); $preferences->class_id = $default->id; $preferences->jobs = $default->jobs; $preferences->store(); } $remain = $preferences->jobs - $jobs; //can we open another session if ($remain <= 0) { throw new Exception(Lang::txt('You are using all (%s) your available job slots.', $jobs), 401); } // Check for an incoming driver file if ($driver = Request::getVar('xml', false, 'post', 'none', 2)) { // Build a path to where the driver file will go through webdav $base = DS . 'webdav' . DS . 'home'; $user = DS . $profile->get('username'); $data = DS . 'data'; $drvr = DS . '.queued_drivers'; $inst = DS . md5(time()) . '.xml'; // Real home directory $homeDir = $profile->get('homeDirectory'); // First, make sure webdav is there and that the necessary folders are there if (!\Filesystem::exists($base)) { throw new Exception(Lang::txt('Home directories are unavailable'), 500); } // Now see if the user has a home directory yet if (!\Filesystem::exists($homeDir)) { // Try to create their home directory require_once dirname(dirname(__DIR__)) . DS . 'helpers' . DS . 'utils.php'; if (!\Components\Tools\Helpers\Utils::createHomeDirectory($profile->get('username'))) { throw new Exception(Lang::txt('Failed to create user home directory'), 500); } } // Check for, and create if needed a session data directory if (!\Filesystem::exists($base . $user . $data) && !\Filesystem::makeDirectory($base . $user . $data, 0700)) { throw new Exception(Lang::txt('Failed to create data directory'), 500); } // Check for, and create if needed a queued drivers directory if (!\Filesystem::exists($base . $user . $data . $drvr) && !\Filesystem::makeDirectory($base . $user . $data . $drvr, 0700)) { throw new Exception(Lang::txt('Failed to create drivers directory'), 500); } // Write the driver file out if (!\Filesystem::write($base . $user . $data . $drvr . $inst, $driver)) { throw new Exception(Lang::txt('Failed to create driver file'), 500); } } else { throw new Exception(Lang::txt('No driver file provided'), 404); } // Now build params path that will be included with tool execution // We know from the checks above that this directory already exists $params = 'file(execute):' . $homeDir . DS . 'data' . DS . '.queued_drivers' . $inst; $encoded = ' params=' . rawurlencode($params) . ' '; $command = 'start user='******'username') . " ip={$app->ip} app={$app->name} version={$app->version}" . $encoded; $status = \Components\Tools\Helpers\Utils::middleware($command, $output); if (!$status) { throw new Exception(Lang::txt('Tool invocation failed'), 500); } $this->send(array('success' => true, 'session' => $output->session)); }
/** * Publish a tool * * @return void */ public function publishTask() { // Set the layout (note: all the views for this controller use the same layout) $this->view->setLayout('display'); // Create a Tool object $obj = new \Components\Tools\Tables\Tool($this->database); // Do we have an alias? if ($alias = Request::getVar('app', '')) { $this->_toolid = $obj->getToolId($alias); } // Do we have a tool ID if (!$this->_toolid) { App::abort(403, Lang::txt('COM_TOOLS_ERROR_TOOL_NOT_FOUND')); return; } // Get the tool status $obj->getToolStatus($this->_toolid, $this->_option, $status, 'dev'); // Check for a status if (count($status) <= 0) { App::abort(500, Lang::txt('COM_TOOLS_ERR_CANNOT_RETRIEVE')); return; } $result = true; Log::debug("publish(): checkpoint 1:{$result}"); // get config // Create a Tool Version object $objV = new \Components\Tools\Tables\Version($this->database); $objV->getToolVersions($this->_toolid, $tools, '', 1); // make checks if (!is_numeric($status['revision'])) { // bad format $result = false; $this->setError(Lang::txt('COM_TOOLS_ERR_MISSING_REVISION_OR_BAD_FORMAT')); } else { if (count($tools) > 0 && $status['revision']) { // check for duplicate revision foreach ($tools as $t) { if ($t->revision == $status['revision']) { $result = false; $this->setError(Lang::txt('COM_TOOLS_ERR_REVISION_EXISTS') . ' ' . $status['revision']); } } // check that revision number is greater than in previous version $currentrev = $objV->getCurrentVersionProperty($status['toolname'], 'revision'); if ($currentrev && intval($currentrev) > intval($status['revision'])) { $result = false; $this->setError(Lang::txt('COM_TOOLS_ERR_REVISION_GREATER')); } } } // Log checkpoint Log::debug("publish(): checkpoint 2:{$result}, check revision"); // check if version is valid if (!\Components\Tools\Models\Tool::validateVersion($status['version'], $error_v, $this->_toolid)) { $result = false; $this->setError($error_v); } // Log checkpoint Log::debug("publish(): checkpoint 3:{$result}, running finalize tool"); // Run finalizetool if (!$this->getError()) { if ($this->_finalizeTool($out)) { $this->setMessage(Lang::txt('COM_TOOLS_Version finalized.')); } else { $this->setError($out); $result = false; } } Log::debug("publish(): checkpoint 4:{$result}, running doi stuff"); // Register DOI handle if ($result && $this->config->get('new_doi', 0)) { include_once PATH_CORE . DS . 'components' . DS . 'com_resources' . DS . 'tables' . DS . 'doi.php'; // Collect metadata $url = Request::base() . ltrim(Route::url('index.php?option=com_resources&id=' . $status['resourceid'] . '&rev=' . $status['revision']), DS); // Check if DOI exists for this revision $objDOI = new \Components\Resources\Tables\Doi($this->database); $bingo = $objDOI->getDoi($status['resourceid'], $status['revision'], '', 1); // DOI already exists for this revision if ($bingo) { $this->setError(Lang::txt('COM_TOOLS_ERR_DOI_ALREADY_EXISTS') . ': ' . $bingo); } else { // Get latest DOI label $latestdoi = $objDOI->getLatestDoi($status['resourceid']); $newlabel = $latestdoi ? intval($latestdoi) + 1 : 1; // Collect metadata $metadata = array('targetURL' => $url, 'title' => htmlspecialchars(stripslashes($status['title'])), 'version' => $status['version'], 'abstract' => htmlspecialchars(stripslashes($status['description']))); // Get authors $objA = new \Components\Tools\Tables\Author($this->database); $authors = $objA->getAuthorsDOI($status['resourceid']); // Register DOI $doiSuccess = $objDOI->registerDOI($authors, $this->config, $metadata, $doierr); // Save [new] DOI record if ($doiSuccess) { if (!$objDOI->loadDOI($status['resourceid'], $status['revision'])) { if ($objDOI->saveDOI($status['revision'], $newlabel, $status['resourceid'], $status['toolname'], 0, $doiSuccess)) { $this->setMessage(Lang::txt('COM_TOOLS_SUCCESS_DOI_CREATED') . ' ' . $doiSuccess); } else { $this->setError(Lang::txt('COM_TOOLS_ERR_DOI_STORE_FAILED')); $result = false; } } else { $this->setError(Lang::txt('COM_TOOLS_DOI already exists: ') . $objDOI->doi); } } else { $this->setError(Lang::txt('COM_TOOLS_ERR_DOI_STORE_FAILED')); $this->setError($doierr); $result = false; } } } if ($result) { $invokedir = rtrim($this->config->get('invokescript_dir', DS . 'apps'), "\\/"); $hzt = \Components\Tools\Models\Tool::getInstance($this->_toolid); $hztv_cur = $hzt->getCurrentVersion(); $hztv_dev = $hzt->getDevelopmentVersion(); Log::debug("publish(): checkpoint 6:{$result}, running database stuff"); // create tool instance in the database $newtool = $status['toolname'] . '_r' . $status['revision']; // get version id $currentid = is_object($hztv_cur) ? $hztv_cur->id : null; $new = $currentid ? 0 : 1; $devid = $hztv_dev->id; $exportmap = array('@OPEN' => null, '@GROUP' => null, '@US' => 'us', '@PU' => 'pu', '@D1' => 'd1'); $new_hztv = \Components\Tools\Models\Version::createInstance($status['toolname'], $newtool); $new_hztv->toolname = $status['toolname']; $new_hztv->instance = $newtool; $new_hztv->toolid = $this->_toolid; $new_hztv->state = 1; $new_hztv->title = $status['title']; $new_hztv->version = $status['version']; $new_hztv->revision = $status['revision']; $new_hztv->description = $status['description']; $new_hztv->toolaccess = $status['exec']; $new_hztv->codeaccess = $status['code']; $new_hztv->wikiaccess = $status['wiki']; $new_hztv->vnc_geometry = $status['vncGeometry']; $new_hztv->vnc_command = $invokedir . DS . $status['toolname'] . DS . 'r' . $status['revision'] . DS . 'middleware' . DS . 'invoke -T r' . $status['revision']; $new_hztv->mw = $status['mw']; $new_hztv->released = Date::toSql(); $new_hztv->released_by = User::get('username'); $new_hztv->license = $status['license']; $new_hztv->fulltxt = $status['fulltxt']; $new_hztv->exportControl = $exportmap[strtoupper($status['exec'])]; $new_hztv->owner = $hztv_dev->owner; $new_hztv->member = $hztv_dev->member; $new_hztv->vnc_timeout = $hztv_dev->vnc_timeout; $new_hztv->hostreq = $hztv_dev->hostreq; $new_hztv->params = $status['params']; if (!$new_hztv->update()) { $this->setError(Lang::txt('COM_TOOLS_ERROR_UPDATING_INSTANCE')); $result = false; } else { $this->_setTracAccess($new_hztv->toolname, $new_hztv->codeaccess, $new_hztv->wikiaccess); // update tool entry $hzt = \Components\Tools\Models\Tool::getInstance($this->_toolid); $hzt->add('version', $new_hztv->instance); $hzt->update(); if ($hzt->published != 1) { $hzt->published = 1; // save tool info if (!$hzt->update()) { $this->setError(Lang::txt('COM_TOOLS_ERROR_UPDATING_INSTANCE')); } else { $this->setMessage(Lang::txt('COM_TOOLS_NOTICE_TOOL_MARKED_PUBLISHED')); } } // unpublish previous version if (!$new) { if ($hzt->unpublishVersion($hztv_cur->instance)) { $this->setMessage(Lang::txt('COM_TOOLS_NOTICE_UNPUBLISHED_PREV_VERSION_DB')); } else { $this->setError(Lang::txt('COM_TOOLS_ERR_FAILED_TO_UNPUBLISH_PREV_VERSION_DB')); } } // get version id $currentid = $new_hztv->id; // save authors for this version $objA = new \Components\Tools\Tables\Author($this->database); if ($objA->saveAuthors($status['developers'], $currentid, $status['resourceid'], $status['revision'], $status['toolname'])) { $this->setMessage(Lang::txt('COM_TOOLS_AUTHORS_SAVED')); } else { $this->setError(Lang::txt('COM_TOOLS_ERROR_SAVING_AUTHORS', $currentid)); } // transfer screenshots if ($devid && $currentid) { include_once __DIR__ . DS . 'screenshots.php'; $screenshots = new Screenshots(); if ($screenshots->transfer($devid, $currentid, $status['resourceid'])) { $this->setMessage(Lang::txt('COM_TOOLS_SCREENSHOTS_TRANSFERRED')); } else { $this->setError(Lang::txt('COM_TOOLS_ERROR_TRANSFERRING_SCREENSHOTS')); } } include_once __DIR__ . DS . 'resource.php'; $resource = new Resource(); // update and publish resource page $resource->updatePage($status['resourceid'], $status, '1', $new); } } Log::debug("publish(): checkpoint 7:{$result}, gather output"); // Set errors to view foreach ($this->getErrors() as $error) { $this->view->setError($error); } // Set messages to view $this->view->messages = $this->getMessages(); // Output HTML if (!($no_html = Request::getInt('no_html', 0))) { App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=pipeline&task=status&app=' . $alias)); return; } $this->view->display(); }
/** * Save a question * * @return void */ public function saveqTask() { // Check for request forgeries Request::checkToken(); // Login required if (User::isGuest()) { $this->setError(Lang::txt('COM_ANSWERS_PLEASE_LOGIN')); $this->loginTask(); return; } if (!User::authorise('core.edit', $this->_option) && !User::authorise('core.create', $this->_option) && !User::authorise('core.manage', $this->_option)) { throw new Exception(Lang::txt('JLIB_APPLICATION_ERROR_ACCESS_FORBIDDEN'), 403); } // Incoming $fields = Request::getVar('fields', array(), 'post', 'none', 2); $tags = Request::getVar('tags', ''); if (!isset($fields['reward'])) { $fields['reward'] = 0; } // If offering a reward, do some checks if ($fields['reward']) { // Is it an actual number? if (!is_numeric($fields['reward'])) { throw new Exception(Lang::txt('COM_ANSWERS_REWARD_MUST_BE_NUMERIC'), 500); } // Are they offering more than they can afford? if ($fields['reward'] > $fields['funds']) { throw new Exception(Lang::txt('COM_ANSWERS_INSUFFICIENT_FUNDS'), 500); } } // clean input array_walk($fields, function (&$field, $key) { $field = \Hubzero\Utility\Sanitize::clean($field); }); // Initiate class and bind posted items to database fields $row = new Question($fields['id']); if (!$row->bind($fields)) { throw new Exception($row->getError(), 500); } if ($fields['reward'] && $this->config->get('banking')) { $row->set('reward', 1); } // Store new content if (!Request::checkHoneypot()) { $this->setError(Lang::txt('JLIB_APPLICATION_ERROR_INVALID_CONTENT')); $this->newTask($row); return; } // Ensure the user added a tag if (!$tags) { $this->setError(Lang::txt('COM_ANSWERS_QUESTION_MUST_HAVE_TAG')); $this->newTask($row); return; } // We need to temporarily set this so the store() method // has access to the tags string to be able to run it // through spam checkers and validation. $row->set('tags', $tags); // Store new content if (!$row->store(true)) { Request::setVar('tag', $tags); $this->setError($row->getError()); $this->newTask($row); return; } // Hold the reward for this question if we're banking if ($fields['reward'] && $this->config->get('banking')) { $BTL = new Teller($this->database, User::get('id')); $BTL->hold($fields['reward'], Lang::txt('COM_ANSWERS_HOLD_REWARD_FOR_BEST_ANSWER'), 'answers', $row->get('id')); } // Add the tags $row->tag($tags); // Get users who need to be notified on every question $apu = $this->config->get('notify_users', ''); $apu = explode(',', $apu); $apu = array_map('trim', $apu); $receivers = array(); // Get tool contributors if question is about a tool if ($tags) { $tags = preg_split("/[,;]/", $tags); if (count($tags) > 0) { require_once PATH_CORE . DS . 'components' . DS . 'com_tools' . DS . 'tables' . DS . 'author.php'; require_once PATH_CORE . DS . 'components' . DS . 'com_tools' . DS . 'tables' . DS . 'version.php'; $TA = new \Components\Tools\Tables\Author($this->database); $objV = new \Components\Tools\Tables\Version($this->database); foreach ($tags as $tag) { if ($tag == '') { continue; } if (preg_match('/tool:/', $tag)) { $toolname = preg_replace('/tool:/', '', $tag); if (trim($toolname)) { $rev = $objV->getCurrentVersionProperty($toolname, 'revision'); $authors = $TA->getToolAuthors('', 0, $toolname, $rev); if (count($authors) > 0) { foreach ($authors as $author) { $receivers[] = $author->uidNumber; } } } } } } } if (!empty($apu)) { foreach ($apu as $u) { $user = User::getInstance($u); if ($user) { $receivers[] = $user->get('id'); } } } $receivers = array_unique($receivers); // Send the message if (!empty($receivers)) { // Send a message about the new question to authorized users (specified admins or related content authors) $from = array('email' => Config::get('mailfrom'), 'name' => Config::get('sitename') . ' ' . Lang::txt('COM_ANSWERS_ANSWERS'), 'multipart' => md5(date('U'))); // Build the message subject $subject = Lang::txt('COM_ANSWERS_ANSWERS') . ', ' . Lang::txt('new question about content you author or manage'); $message = array(); // Plain text message $eview = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => 'question_plaintext')); $eview->option = $this->_option; $eview->sitename = Config::get('sitename'); $eview->question = $row; $eview->id = $row->get('id', 0); $eview->boundary = $from['multipart']; $message['plaintext'] = $eview->loadTemplate(false); $message['plaintext'] = str_replace("\n", "\r\n", $message['plaintext']); // HTML message $eview->setLayout('question_html'); $message['multipart'] = $eview->loadTemplate(); $message['multipart'] = str_replace("\n", "\r\n", $message['multipart']); if (!Event::trigger('xmessage.onSendMessage', array('new_question_admin', $subject, $message, $from, $receivers, $this->_option))) { $this->setError(Lang::txt('COM_ANSWERS_MESSAGE_FAILED')); } } // Redirect to the question App::redirect(Route::url('index.php?option=' . $this->_option . '&task=question&id=' . $row->get('id')), Lang::txt('COM_ANSWERS_NOTICE_QUESTION_POSTED_THANKS')); }