/**
* Method to save the configuration data.
*
* @param array $data An array containing all global config data.
*
* @return boolean True on success, false on failure.
*
* @since 1.6
*/
public function save($data)
{
$app = JFactory::getApplication();
// Save the rules
if (isset($data['rules'])) {
$rules = new JAccessRules($data['rules']);
// Check that we aren't removing our Super User permission
// Need to get groups from database, since they might have changed
$myGroups = JAccess::getGroupsByUser(JFactory::getUser()->get('id'));
$myRules = $rules->getData();
$hasSuperAdmin = $myRules['core.admin']->allow($myGroups);
if (!$hasSuperAdmin) {
$app->enqueueMessage(JText::_('COM_CONFIG_ERROR_REMOVING_SUPER_ADMIN'), 'error');
return false;
}
$asset = JTable::getInstance('asset');
if ($asset->loadByName('root.1')) {
$asset->rules = (string) $rules;
if (!$asset->check() || !$asset->store()) {
$app->enqueueMessage(JText::_('SOME_ERROR_CODE'), 'error');
return;
}
} else {
$app->enqueueMessage(JText::_('COM_CONFIG_ERROR_ROOT_ASSET_NOT_FOUND'), 'error');
return false;
}
}
// Clear cache of com_config component.
$this->cleanCache('_system', 0);
$this->cleanCache('_system', 1);
}
public function loadAllowedCategories($user, &$categories) {
$user = JFactory::getUser($user);
$accesslevels = (array) $user->authorisedLevels();
$groups_r = JAccess::getGroupsByUser($user->id, true);
$groups = JAccess::getGroupsByUser($user->id, false);
$catlist = array();
foreach ( $categories as $category ) {
// Check if user is a moderator
if (self::isModerator($user->id, $category->id)) {
$catlist[$category->id] = $category->id;
}
// Check against Joomla access level
elseif ($category->accesstype == 'joomla') {
if ( in_array($category->access, $accesslevels) ) {
$catlist[$category->id] = $category->id;
}
}
// Check against Joomla user group
elseif ($category->accesstype == 'none') {
$pub_access = (($category->pub_recurse && in_array($category->pub_access, $groups_r)) || in_array($category->pub_access, $groups));
$admin_access = (($category->admin_recurse && in_array($category->admin_access, $groups_r)) || in_array($category->admin_access, $groups));
if (($category->pub_access == 0)
|| ($category->pub_access == - 1 && $user->id > 0)
|| ( $pub_access )
|| ( $admin_access )) {
$catlist[$category->id] = $category->id;
}
}
}
return $catlist;
}
function isAllowed($allowedGroups, $groups = null)
{
if ($allowedGroups == 'all') {
return true;
}
if ($allowedGroups == 'none') {
return false;
}
$my = JFactory::getUser();
if (empty($groups) and empty($my->id)) {
return false;
}
if (empty($groups)) {
if (version_compare(JVERSION, '1.6.0', '<')) {
$groups = $my->gid;
} else {
$groups = JAccess::getGroupsByUser($my->id);
}
}
if (!is_array($allowedGroups)) {
$allowedGroups = explode(',', trim($allowedGroups, ','));
}
if (is_array($groups)) {
$inter = array_intersect($groups, $allowedGroups);
if (empty($inter)) {
return false;
}
return true;
} else {
return in_array($groups, $allowedGroups);
}
}
function loadAllowedCategories($user)
{
$user = JFactory::getUser($user);
$accesslevels = (array) $user->authorisedLevels();
$groups_r = (array) JAccess::getGroupsByUser($user->id, true);
$groups = (array) JAccess::getGroupsByUser($user->id, false);
$categories = KunenaCategory::loadCategories();
$catlist = array();
foreach ($categories as $category) {
// Check if user is a moderator
if (self::isModerator($user->id, $category->id)) {
$catlist[$category->id] = $category->id;
} elseif ($category->accesstype == 'joomla.level') {
if (in_array($category->access, $accesslevels)) {
$catlist[$category->id] = $category->id;
}
} elseif ($category->accesstype == 'none') {
$pub_access = in_array($category->pub_access, $category->pub_recurse ? $groups_r : $groups);
$admin_access = in_array($category->admin_access, $category->admin_recurse ? $groups_r : $groups);
if ($pub_access || $admin_access) {
$catlist[$category->id] = $category->id;
}
}
}
return $catlist;
}
/**
* Check if a user can administer the community
*/
public static function isCommunityAdmin($userid = null)
{
static $resultArr;
if (isset($resultArr[$userid])) {
return $resultArr[$userid];
}
//for Joomla 1.6 afterward checking
$jUser = CFactory::getUser($userid);
if ($jUser instanceof CUser && method_exists($jUser, 'authorise')) {
// group 6 = manager, 7 = administrator
if ($jUser->authorise('core.admin') || in_array('7', JAccess::getGroupsByUser($userid))) {
$resultArr[$userid] = true;
return true;
} else {
$resultArr[$userid] = false;
return false;
}
}
//for joomla 1.5
$my = CFactory::getUser($userid);
$cacl = CACL::getInstance();
$usergroup = $cacl->getGroupsByUserId($my->id);
$admingroups = array(0 => 'Super Administrator', 1 => 'Administrator', 2 => 'Manager', 3 => 'Super Users');
return in_array($usergroup, $admingroups);
//return ( $my->usertype == 'Super Administrator' || $my->usertype == 'Administrator' || $my->usertype == 'Manager' );
}
public function display($tpl = null)
{
$this->doc = JFactory::getDocument();
$this->app = JFactory::getApplication();
$this->user = JFactory::getUser();
$this->params = $this->app->getParams();
$this->menu = $this->app->getMenu()->getActive();
// Params
$this->showDate = $this->app->input->get('showDate', $this->params->get('showDate', 1));
$this->showIcon = $this->app->input->get('showIcon', $this->params->get('showIcon', 1));
$this->showDesc = $this->app->input->get('showDesc', $this->params->get('showDesc', 1));
$this->showAuth = $this->app->input->get('showAuth', $this->params->get('showAuth', 0));
$this->showLicence = $this->app->input->get('showLicence', $this->params->get('showLicence', 0));
$this->showSize = $this->app->input->get('showSize', $this->params->get('showSize', 1));
$this->showMD5 = $this->app->input->get('showMD5', $this->params->get('showMD5', 0));
$this->showNew = $this->app->input->get('showNew', $this->params->get('showNew', 1));
$this->newfiledays = $this->params->get('newfiledays', 7);
$this->show_page_heading = $this->app->input->get('show_page_heading', 1);
$this->subview = $this->app->input->get('subview', 'list');
$this->defIcon = $this->params->get('defaulticon', "./media/com_simplefilemanager/images/document.png");
$this->linkOnEntryTitle = $this->params->get('linkOnTitle', 1);
$this->enableOrderingSelect = $this->app->input->get('sortFieldSelection', 1);
// Permissions
$this->canCreate = $this->user->authorise('core.create', 'com_simplefilemanager');
$this->canEdit = $this->user->authorise('core.edit', 'com_simplefilemanager');
$this->canCheckin = $this->user->authorise('core.manage', 'com_simplefilemanager');
$this->canChange = $this->user->authorise('core.edit.state', 'com_simplefilemanager');
$this->canDelete = $this->user->authorise('core.delete', 'com_simplefilemanager');
// View data
$this->state = $this->get('State');
$this->items = $this->get('Items');
$this->pagination = $this->get('Pagination');
$this->params = $this->app->getParams('com_simplefilemanager');
$this->catID = $this->app->input->get('catid', 0);
$this->category = JCategories::getInstance('Simplefilemanager')->get($this->catID);
$this->sortDirection = $this->state->get('list.direction');
$this->sortColumn = $this->state->get('list.ordering');
$this->sortFields = $this->getSortFields();
// CSS and Libraries
$this->doc->addStyleSheet("./media/com_simplefilemanager/css/site.stylesheet.css");
foreach ($this->items as $item) {
$item->icon = $item->icon ?: $this->defIcon;
$item->canDownload = $item->visibility == 1 || $item->visibility == 3 && $item->reserved_user == $this->user->id || $item->visibility == 2 && $item->user->id || $item->visibility == 5 && $item->author == $this->user->id || $item->visibility == 4 && in_array($item->reserved_group, JAccess::getGroupsByUser($this->user->id));
}
if (!$this->catID or !$this->category) {
JError::raiseError(500);
}
// TODO: Check if user can view cateogry else throw a 403 error
$this->children = $this->category->getChildren();
// Check for errors.
if (count($errors = $this->get('Errors'))) {
throw new Exception(implode("\n", $errors));
}
$this->_prepareDocument();
parent::display($tpl);
echo JText::_("COM_SIMPLEFILEMANAGER_CREDITS");
}
/**
* Returns the groups the user is part of
*
* @return array An array of group id's
*/
public function getGroups()
{
$data = $this->getData();
$groups = KObjectConfig::unbox($data->groups);
if (empty($groups)) {
$this->getSession()->set('user.groups', JAccess::getGroupsByUser($this->getId()));
}
return parent::getGroups();
}
/**
* Check user access
*
*/
public function allowEdit($userid)
{
// This condition is already available in StreamAccess class
// added here to eliminate dependency, in case StreamAccess has the condition removed
$groupIds = JAccess::getGroupsByUser($userid);
if (in_array(8, $groupIds) || in_array(7, $groupIds)) {
return true;
}
return false;
}
/**
* Method to get the options to populate list
*
* @return array The field option objects.
*
* @since 3.2
*/
protected function getOptions()
{
$showEmpty = $this->element['showempty'];
// Hash for caching
$hash = md5($this->element);
if (!isset(static::$options[$hash])) {
static::$options[$hash] = parent::getOptions();
$options = array();
$db = JFactory::getDbo();
$user = JFactory::getUser();
$canDo = ImcHelper::getActions();
$canShowAllIssues = $canDo->get('imc.showall.issues');
if ($canShowAllIssues) {
$query = $db->getQuery(true)->select('a.id AS value')->select('a.title AS text')->select('COUNT(DISTINCT b.id) AS level')->from('#__usergroups as a')->where('a.id > 9')->join('LEFT', '#__usergroups AS b ON a.lft > b.lft AND a.rgt < b.rgt')->group('a.id, a.title, a.lft, a.rgt')->order('a.lft ASC');
} else {
//get user groups higher than 9
$usergroups = JAccess::getGroupsByUser($user->id, false);
for ($i = 0; $i < count($usergroups); $i++) {
if ($usergroups[$i] <= 9) {
unset($usergroups[$i]);
}
}
$ids = implode(',', $usergroups);
//get lft, rgt for these groups
$where = array();
$query = $db->getQuery(true)->select('a.id, a.lft, a.rgt')->from('#__usergroups as a')->where('a.id IN (' . $ids . ')');
$db->setQuery($query);
if ($grps = $db->loadAssocList()) {
foreach ($grps as $grp) {
$where[] = '(a.lft >= ' . $grp['lft'] . ' AND a.rgt <= ' . $grp['rgt'] . ')';
$where[] = ' OR ';
}
array_pop($where);
} else {
$where[] = "1=1";
}
$query = $db->getQuery(true)->select('a.id AS value')->select('a.title AS text')->select('COUNT(DISTINCT b.id) AS level')->from('#__usergroups as a')->where('a.id > 9')->where(implode("\n", $where))->join('LEFT', '#__usergroups AS b ON a.lft > b.lft AND a.rgt < b.rgt')->group('a.id, a.title, a.lft, a.rgt')->order('a.lft ASC');
}
$db->setQuery($query);
if ($options = $db->loadObjectList()) {
if ($showEmpty) {
$empty = new stdClass();
$empty->value = '0';
$empty->text = '';
$empty->level = 1;
array_unshift($options, $empty);
}
foreach ($options as &$option) {
$option->text = str_repeat('- ', $option->level) . $option->text;
}
static::$options[$hash] = array_merge(static::$options[$hash], $options);
}
}
return static::$options[$hash];
}
public static function getUserAccessLevel($board_id)
{
$userData = JFactory::getUser();
$userGroups = JAccess::getGroupsByUser($userData->id);
$boardAccessList = comQuipForumHelper::getboardAccessListDB($userGroups);
$highestAccessLevel = 0;
foreach ((array) $userGroups as $kgroup => $vgroup) {
if (@$boardAccessList[$board_id][$vgroup] > $highestAccessLevel) {
$highestAccessLevel = $boardAccessList[$board_id][$vgroup];
}
}
return $highestAccessLevel;
}
public function calculate()
{
$variant = $this->get('variant');
$quantity = $this->get('quantity');
$date = $this->get('date');
$group_id = $this->get('group_id');
$pricing = new JObject();
//set the base price
$pricing->base_price = $variant->price;
$pricing->price = $variant->price;
$pricing->calculator = 'standard';
//see if we have advanced pricing for this product / variant
$model = F0FModel::getTmpInstance('ProductPrices', 'J2StoreModel');
J2Store::plugin()->event('BeforeGetPrice', array(&$pricing, &$model));
$model->setState('variant_id', $variant->j2store_variant_id);
//where quantity_from < $quantity
$model->setState('filter_quantity', $quantity);
$tz = JFactory::getConfig()->get('offset');
// does date even matter?
$nullDate = JFactory::getDBO()->getNullDate();
if (empty($date) || $date == $nullDate) {
$date = JFactory::getDate('now', $tz)->toSql(true);
}
//where date_from <= $date
//where date_to >= $date OR date_to == nullDate
$model->setState('filter_date', $date);
// does group_id?
$user = JFactory::getUser();
if (empty($group_id)) {
$group_id = implode(',', JAccess::getGroupsByUser($user->id));
}
//if(empty($group_id)) $group_id = implode(',', JAccess::getAuthorisedViewLevels($user->id));
$model->setState('group_id', $group_id);
// set the ordering so the most discounted item is at the top of the list
$model->setState('orderby', 'quantity_from');
$model->setState('direction', 'DESC');
try {
$price = $model->getItem();
//var_dump($price);
} catch (Exception $e) {
$price = new stdClass();
}
if (isset($price->price)) {
$pricing->special_price = $price->price;
//this is going to be the sale price
$pricing->price = $price->price;
$pricing->is_discount_pricing_available = $pricing->base_price > $pricing->price ? true : false;
}
return $pricing;
}
/**
* Display the view
*/
public function display($tpl = null)
{
if (!empty($this->item)) {
$this->form = $this->get('Form');
}
// Check for errors.
if (count($errors = $this->get('Errors'))) {
throw new Exception(implode("\n", $errors));
}
// Check for errors.
if (count($errors = $this->get('Errors'))) {
throw new Exception(implode("\n", $errors));
}
// Get API
$jinput = JFactory::getApplication()->input;
$user = JFactory::getUser();
$this->params = JComponentHelper::getParams('com_simplefilemanager');
$id = $jinput->getInt('id', 0);
// Changed from:
// $id = $jinput->get->get('id',0, 'INTEGER');
// Because of incompatibility with router.php
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select('file_name, visibility, reserved_group, reserved_user, state');
$query->from($db->quoteName('#__simplefilemanager'));
$query->where($db->quoteName('id') . ' = ' . $id);
$db->setQuery($query);
$row = $db->loadAssoc();
// Check if file exists in database
if (!$row) {
throw new Exception("No input file", 403);
}
// Check if file exists on file system
if (!file_exists($row['file_name'])) {
throw new Exception("File not found", 404);
}
// Check permissions
if ($row['state'] != '1' or $row['visibility'] == 2 and !$user->id or $row['visibility'] == 3 and $user->id != $row['reserved_user'] or $row['visibility'] == 4 and !in_array($row['reserved_group'], JAccess::getGroupsByUser($user->id)) or $row['visibility'] == 5 and $user->id != $row['author']) {
throw new Exception("No access", 403);
}
// Increment download counter
$db1 = JFactory::getDbo();
$query1 = $db1->getQuery(true);
$db1->setQuery("UPDATE #__simplefilemanager SET download_counter = download_counter + 1, download_last = NOW() WHERE id = " . $id);
$db1->execute();
$this->file_name = $row['file_name'];
parent::display($tpl);
}
/**
* Fetch the user for the given user identifier from the backend
*
* @param string $identifier A unique user identifier, (i.e a username or email address)
* @return KUserInterface|null Returns a UserInterface object or NULL if the user could not be found.
*/
public function fetch($identifier)
{
$table = JUser::getTable();
if ($table->load($identifier)) {
$user = JUser::getInstance(0);
$user->setProperties($table->getProperties());
$params = new JRegistry();
$params->loadString($table->params);
$user->setParameters($params);
$data = array('id' => $user->id, 'email' => $user->email, 'name' => $user->name, 'username' => $user->username, 'password' => $user->password, 'salt' => '', 'groups' => JAccess::getGroupsByUser($user->id), 'roles' => JAccess::getAuthorisedViewLevels($user->id), 'authentic' => !$user->guest, 'enabled' => !$user->block, 'expired' => (bool) $user->activation, 'attributes' => $user->getParameters()->toArray());
$user = $this->create($data);
} else {
$user = null;
}
return $user;
}
public static function checkContenuto4Utente($userid, $contenutoid)
{
$groups = JAccess::getGroupsByUser($userid, true);
$db = JFactory::getDBO();
$query = '
SELECT count(*) as count
FROM #__gg_contenuti_acl
WHERE id_contenuto=' . $contenutoid . '
and id_group in (' . implode(",", $groups) . ')';
FB::LOG($query, "query checkContenuto4Utente");
// FB::LOG($groups, "groups getTOTContenuti");
$db->setQuery($query);
$totgroups = $db->loadAssoc();
FB::LOG($totgroups, "risultato checkContenuto4Utente");
return $totgroups['count'];
}
/**
* Checks the user group of the user and returns true if the user belongs to a selected group
*
* @return bool
*/
private function allowedUserGroups()
{
$user = JFactory::getUser();
$allowed_user_groups = false;
$filter_groups = (array) $this->params->get('filter_groups', 8);
$user_group = JAccess::getGroupsByUser($user->id);
foreach ($user_group as $value) {
foreach ($filter_groups as $filter_groups_value) {
if ($value == $filter_groups_value) {
$allowed_user_groups = true;
break;
}
}
}
return $allowed_user_groups;
}
/**
* generate contribution access sql that used with blogs
*
* @since 5.0
* @access public
* @param string
* @return
*/
public static function genAccessSQL($contributorType, $columnPrefix, $options = array())
{
$db = EB::db();
$my = JFactory::getUser();
$gid = array();
if ($my->id == 0) {
$gid = JAccess::getGroupsByUser(0, false);
} else {
$gid = JAccess::getGroupsByUser($my->id, false);
}
$gids = '';
if (count($gid) > 0) {
foreach ($gid as $id) {
$gids .= empty($gids) ? $id : ',' . $id;
}
}
$sourceSQL = '';
if ($contributorType == EASYBLOG_POST_SOURCE_TEAM) {
$sourceSQL = self::getTeamBlogSQL($columnPrefix, $gids, $options);
} else {
if ($contributorType == EASYBLOG_POST_SOURCE_JOMSOCIAL_GROUP) {
$sourceSQL = self::getJomSocialGroupSQL($columnPrefix, $options);
} else {
if ($contributorType == EASYBLOG_POST_SOURCE_JOMSOCIAL_EVENT) {
$sourceSQL = self::getJomSocialEventSQL($columnPrefix, $options);
} else {
if ($contributorType == EASYBLOG_POST_SOURCE_EASYSOCIAL_GROUP) {
$sourceSQL = self::getEasySocialGroupSQL($columnPrefix, $options);
} else {
if ($contributorType == EASYBLOG_POST_SOURCE_EASYSOCIAL_EVENT) {
$sourceSQL = self::getEasySocialEventSQL($columnPrefix, $options);
}
}
}
}
}
$concate = isset($options['concateOperator']) ? $options['concateOperator'] : 'OR';
$sql = '';
if ($sourceSQL) {
//starting bracket
$sql = " {$concate} (";
$sql .= $sourceSQL;
//ending bracket
$sql .= ")";
}
return $sql;
}
/**
* Build an SQL query to load the list data.
*
* @return JDatabaseQuery
* @since 1.6
*/
protected function getListQuery()
{
$app = JFactory::getApplication('site');
$user = JFactory::getUser();
$groups = implode(',', $user->getAuthorisedViewLevels());
$params = JComponentHelper::getParams('com_simplefilemanager');
// Create a new query object.
$db = $this->getDbo();
$query = $db->getQuery(true);
// Select the required fields from the table.
$query->select($this->getState('list.select', 'DISTINCT a.*'));
$query->from('`#__simplefilemanager` AS a');
// Join over the users for the checked out user.
$query->select('uc.name AS editor');
$query->join('LEFT', '#__users AS uc ON uc.id=a.checked_out');
// Join over the created by field 'created_by'
$query->join('LEFT', '#__users AS created_by ON created_by.id = a.created_by');
if (!JFactory::getUser()->authorise('core.manage', 'com_simplefilemanager')) {
if ($params->get('forceListVisibility', 0) == 1) {
// Can't see only documents reserved to a single user (included the author)
$query->where("((a.visibility = 1) OR ((a.visibility = 3) AND (a.reserved_user="******")) OR (a.visibility = 2) OR ((a.visibility = 5) AND (a.author=" . $user->id . ")) OR (a.visibility = 4))");
} else {
$query->where("((a.visibility = 1) OR ((a.visibility = 3) AND (a.reserved_user="******")) OR ((a.visibility = 2) AND (" . $user->id . ">0)) OR ((a.visibility = 5) AND (a.author=" . $user->id . ")) OR ((a.visibility = 4) AND ( a.reserved_group IN (" . implode(", ", JAccess::getGroupsByUser($user->id)) . "))))");
}
}
if (!JFactory::getUser()->authorise('core.edit.state', 'com_simplefilemanager')) {
$query->where('a.state = 1');
}
if ($categoryId = $this->getState('catid') and $categoryId != 0) {
$query->where('a.catid = ' . (int) $categoryId);
}
// Filter by search in title
$search = $this->getState('filter.search');
if (!empty($search)) {
if (stripos($search, 'id:') === 0) {
$query->where('a.id = ' . (int) substr($search, 3));
} else {
$search = $db->Quote('%' . $db->escape($search, true) . '%');
}
}
// Add the list ordering clause.
$query->order($db->escape($this->getState('list.ordering', 'a.file_created')) . ' ' . $db->escape($this->getState('list.direction', 'ASC')));
return $query;
}
function getAuthorize()
{
$mainframe = JFactory::getApplication();
$option = 'com_tz_pinboard';
$params = $mainframe->getParams($option);
$modticket = $params->get('modticket', array());
$user = JFactory::getUser();
$groups = JAccess::getGroupsByUser($user->id);
if (!count($modticket) || !count($groups)) {
return false;
}
foreach ($modticket as $mod) {
foreach ($groups as $group) {
if (intval($mod) == intval($group)) {
return true;
}
}
}
}
public function getForumObjectList()
{
$this->userData = JFactory::getUser();
$this->userGroups = JAccess::getGroupsByUser($this->userData->id);
$this->getForumObjectListDB();
$this->boardAccessList = comQuipForumHelper::getBoardAccessListDB($this->userGroups);
foreach ((array) $this->forumObjectList as $kboard => $vboard) {
$readAccess = 0;
foreach ((array) $this->userGroups as $kgroup => $vgroup) {
if (@$this->boardAccessList[$vboard->id][$vgroup] > 0) {
$readAccess = 1;
}
}
if (!$readAccess) {
unset($this->forumObjectList[$kboard]);
}
}
return $this->forumObjectList;
}
public static function getCategoriesByUserGroups($user = null)
{
if ($user == null) {
$user = JFactory::getUser();
}
self::$catIds = array();
ImcHelper::getCategoriesUserGroups();
//populates self::catIds
$categories = self::$catIds;
$usergroups = JAccess::getGroupsByUser($user->id);
$allowed_catIds = array();
foreach ($categories as $category) {
foreach ($category['usergroups'] as $groupid) {
if (in_array($groupid, $usergroups)) {
array_push($allowed_catIds, $category['catid']);
}
}
}
return $allowed_catIds;
}
function saveCatg()
{
require JPATH_COMPONENT_ADMINISTRATOR . DS . 'config.datsogallery.php';
$is_admin = array(7, 8);
$db = JFactory::getDBO();
$user = JFactory::getUser();
$userGroups = JAccess::getGroupsByUser($user->id, true);
$post = JRequest::get('post');
//$post['description'] = JRequest::getVar('description', '', 'post', 'string', JREQUEST_ALLOWRAW);
$row = new DatsoCategories($db);
if (!array_intersect($is_admin, $userGroups)) {
$category = explode(',', $ad_category);
$getfirst = array_shift($category);
$db->setQuery('SELECT cid' . ' FROM #__datsogallery_catg' . ' WHERE user_id = ' . (int) $user->id . ' AND parent = ' . $ad_category);
$result = $db->loadResult();
$row->parent = $result ? $result : $ad_category;
$row->ordering = $row->getNextOrder('parent = ' . $row->parent);
} else {
$row->ordering = $row->getNextOrder('parent = 0');
}
$row->user_id = $user->id;
$row->approved = !$user_categories_approval || array_intersect($is_admin, $userGroups) ? 1 : 0;
$row->published = 1;
jimport('joomla.utilities.date');
$dtz = new DateTimeZone(JFactory::getApplication()->getCfg('offset'));
$date = new JDate($row->date);
$date->setTimezone($dtz);
$row->date = $date->toMySQL(true);
if (!$row->bind($post)) {
JError::raiseError(500, $row->getError());
}
if (!$row->check()) {
JError::raiseError(500, $row->getError());
}
if (!$row->store()) {
JError::raiseError(500, $row->getError());
}
if ($ad_category_notify && !array_intersect($is_admin, $userGroups)) {
categoryNotify($user->username, $post['name']);
}
}
public function onBeforeSerialConsume(&$serial, $user_id, &$do, &$extra_data)
{
$user = hikaserial::loadUser(true);
$ids = array();
parent::listPlugins('groupfilterconsumer', $ids, false);
if (!$do) {
return;
}
foreach ($ids as $id) {
parent::pluginParams($id);
if (in_array($serial->serial_pack_id, $this->plugin_params->packs_id)) {
if (empty($user) || empty($user->user_cms_id)) {
$do = false;
}
if (!empty($this->plugin_params->groups)) {
$valid_groups = explode(',', trim($this->plugin_params->groups, ','));
foreach ($valid_groups as &$g) {
$g = (int) $g;
}
unset($g);
if (!HIKASHOP_J16) {
$joomla_user = clone JFactory::getUser($user->user_cms_id);
$userGroups = array($joomla_user->gid);
} else {
jimport('joomla.access.access');
$userGroups = JAccess::getGroupsByUser($user->user_cms_id, true);
}
$f = false;
foreach ($userGroups as $g) {
if (in_array($g, $valid_groups)) {
$f = true;
break;
}
}
if (!$f) {
$do = false;
}
}
}
}
}
/**
* Display the view
*/
public function display($tpl = null)
{
$this->doc = JFactory::getDocument();
$this->app = JFactory::getApplication();
$this->params = $this->app->getParams();
$this->menu = $this->app->getMenu()->getActive();
$this->defIcon = $this->params->get('defaulticon', "./media/com_simplefilemanager/images/document.png");
$this->showDate = $this->app->input->get('showDate', $this->params->get('showDate', 1, "int"));
$this->showIcon = $this->app->input->get('showIcon', $this->params->get('showIcon', 1, "int"));
$this->showDesc = $this->app->input->get('showDesc', $this->params->get('showDesc', 1, "int"));
$this->showAuth = $this->app->input->get('showAuth', $this->params->get('showAuth', 1, "int"));
$this->showLicence = $this->app->input->get('showLicence', $this->params->get('showLicence', 1, "int"));
$this->showSize = $this->app->input->get('showSize', $this->params->get('showSize', 1, "int"));
$this->showMD5 = $this->app->input->get('showMD5', $this->params->get('showMD5', 1, "int"));
$this->showNew = $this->app->input->get('showNew', $this->params->get('showNew', 1, "int"));
$this->newfiledays = $this->params->get('newfiledays', 7, "int");
$this->show_page_heading = $this->app->input->get('show_page_heading', 1, "int");
$app = JFactory::getApplication();
$user = JFactory::getUser();
$this->state = $this->get('State');
$this->item = $this->get('Data');
$this->params = $app->getParams('com_simplefilemanager');
if (!empty($this->item)) {
$this->form = $this->get('Form');
}
$this->item->icon = $this->item->icon ?: $this->defIcon;
$this->item->canDownload = $this->item->visibility == 1 || $this->item->visibility == 3 && $this->item->reserved_user == $user->id || $this->item->visibility == 2 && $user->id || $this->item->visibility == 5 && $this->author == $user->id || $this->item->visibility == 4 && in_array($this->item->reserved_group, JAccess::getGroupsByUser($user->id));
// Check for errors.
if (count($errors = $this->get('Errors'))) {
throw new Exception(implode("\n", $errors));
}
if ($this->_layout == 'edit') {
$authorised = $user->authorise('core.create', 'com_simplefilemanager');
if ($authorised !== true) {
throw new Exception(JText::_('JERROR_ALERTNOAUTHOR'));
}
}
$this->_prepareDocument();
parent::display($tpl);
}
function getFrontendLists($index = '')
{
$my = JFactory::getUser();
if (empty($my->id)) {
return array();
}
if (!ACYMAILING_J16) {
$groups = array($my->gid);
} else {
jimport('joomla.access.access');
$groups = JAccess::getGroupsByUser($my->id, false);
}
$possibleValues = array();
$possibleValues[] = 'access_manage = \'all\'';
$possibleValues[] = 'userid = ' . intval($my->id);
foreach ($groups as $oneGroup) {
$possibleValues[] = 'access_manage LIKE \'%,' . intval($oneGroup) . ',%\'';
}
$query = 'SELECT * FROM ' . acymailing_table('list') . ' WHERE published = 1 AND type = \'' . $this->type . '\' AND (' . implode(' OR ', $possibleValues) . ') ORDER BY ordering ASC';
$this->database->setQuery($query);
return $this->database->loadObjectList($index);
}
function getDefault()
{
$queryDefaultTemp = 'SELECT * FROM ' . acymailing_table('template') . ' WHERE premium = 1 AND published = 1 ORDER BY ordering ASC LIMIT 1';
if (acymailing_level(3)) {
$my = JFactory::getUser();
if (!ACYMAILING_J16) {
$groups = $my->gid;
$condGroup = ' OR access LIKE (\'%,' . $groups . ',%\')';
} else {
jimport('joomla.access.access');
$groups = JAccess::getGroupsByUser($my->id, false);
$condGroup = '';
foreach ($groups as $group) {
$condGroup .= ' OR access LIKE (\'%,' . $group . ',%\')';
}
}
$queryDefaultTemp = 'SELECT * FROM ' . acymailing_table('template') . ' WHERE premium = 1 AND published = 1 AND (access = \'all\' ' . $condGroup . ') ORDER BY ordering ASC LIMIT 1';
}
$this->database->setQuery($queryDefaultTemp);
$template = $this->database->loadObject();
return $this->_prepareTemplate($template);
}
private function updateGroup($user_id, $new_group_id, $remove_group_id = 0)
{
$user = clone JFactory::getUser($user_id);
if (version_compare(JVERSION, '1.6.0', '<')) {
if ($user->gid != 25) {
$user->set('gid', $new_group_id);
$acl = JFactory::getACL();
$user->set('usertype', $acl->get_group_name($new_group_id));
}
} else {
jimport('joomla.access.access');
$userGroups = JAccess::getGroupsByUser($user_id, true);
$userGroups[] = $new_group_id;
if (!empty($remove_group_id)) {
$key = array_search($remove_group_id, $userGroups);
if (is_int($key)) {
unset($userGroups[$key]);
}
}
$user->set('groups', $userGroups);
}
$user->save();
}
public function isMemberGrp($groupId, $userId)
{
$groupsUserIsIn = JAccess::getGroupsByUser($userId);
if(in_array(7,$groupsUserIsIn) || in_array(8,$groupsUserIsIn))
{
return true;
}
$db = &JFactory::getDBO();
$query = 'SELECT user_id FROM #__awd_groups_members '
.'WHERE group_id = ' . (int)$groupId . ' AND user_id = ' . (int)$userId
.' AND status="1"'
;
$db->setQuery($query);
$result = $db->loadResult();
$config = &JComponentHelper::getParams('com_awdwall');
$moderator_users = $config->get('moderator_users', '');
$moderator_type = $config->get('moderator_type', '0');
$moderator_users=explode(',',$moderator_users);
if($moderator_type==0)
{
if(in_array($userId,$moderator_users))
{
return true;
}
}
if($result && (int)$result > 0){
return true;
}else{
return false;
}
}
/**
* Check if logined user is Super Admin
*/
public function isAdmin($checkSuperuser = false)
{
if ($checkSuperuser) {
return in_array(8, JAccess::getGroupsByUser($this->id));
// we'd want to check if the user's a superadmin
} else {
if (is_null($this->_isAdmin)) {
$groupIds = JAccess::getGroupsByUser($this->id);
$this->_isAdmin = in_array(8, $groupIds) || in_array(7, $groupIds);
}
return $this->_isAdmin;
}
}
/**
* Applies the global text filters to arbitrary text as per settings for current user groups
*
* @param text $text The string to filter
*
* @return string The filtered string
*
* @since 11.4
*/
public static function filterText($text)
{
// Filter settings
$config = self::getParams('com_config');
$user = JFactory::getUser();
$userGroups = JAccess::getGroupsByUser($user->get('id'));
$filters = $config->get('filters');
$blackListTags = array();
$blackListAttributes = array();
$customListTags = array();
$customListAttributes = array();
$whiteListTags = array();
$whiteListAttributes = array();
$noHtml = false;
$whiteList = false;
$blackList = false;
$customList = false;
$unfiltered = false;
// Cycle through each of the user groups the user is in.
// Remember they are included in the Public group as well.
foreach ($userGroups as $groupId) {
// May have added a group by not saved the filters.
if (!isset($filters->{$groupId})) {
continue;
}
// Each group the user is in could have different filtering properties.
$filterData = $filters->{$groupId};
$filterType = strtoupper($filterData->filter_type);
if ($filterType == 'NH') {
// Maximum HTML filtering.
$noHtml = true;
} elseif ($filterType == 'NONE') {
// No HTML filtering.
$unfiltered = true;
} else {
// Black or white list.
// Preprocess the tags and attributes.
$tags = explode(',', $filterData->filter_tags);
$attributes = explode(',', $filterData->filter_attributes);
$tempTags = array();
$tempAttributes = array();
foreach ($tags as $tag) {
$tag = trim($tag);
if ($tag) {
$tempTags[] = $tag;
}
}
foreach ($attributes as $attribute) {
$attribute = trim($attribute);
if ($attribute) {
$tempAttributes[] = $attribute;
}
}
// Collect the black or white list tags and attributes.
// Each list is cummulative.
if ($filterType == 'BL') {
$blackList = true;
$blackListTags = array_merge($blackListTags, $tempTags);
$blackListAttributes = array_merge($blackListAttributes, $tempAttributes);
} elseif ($filterType == 'CBL') {
// Only set to true if Tags or Attributes were added
if ($tempTags || $tempAttributes) {
$customList = true;
$customListTags = array_merge($customListTags, $tempTags);
$customListAttributes = array_merge($customListAttributes, $tempAttributes);
}
} elseif ($filterType == 'WL') {
$whiteList = true;
$whiteListTags = array_merge($whiteListTags, $tempTags);
$whiteListAttributes = array_merge($whiteListAttributes, $tempAttributes);
}
}
}
// Remove duplicates before processing (because the black list uses both sets of arrays).
$blackListTags = array_unique($blackListTags);
$blackListAttributes = array_unique($blackListAttributes);
$customListTags = array_unique($customListTags);
$customListAttributes = array_unique($customListAttributes);
$whiteListTags = array_unique($whiteListTags);
$whiteListAttributes = array_unique($whiteListAttributes);
// Unfiltered assumes first priority.
if ($unfiltered) {
// Dont apply filtering.
} else {
// Custom blacklist precedes Default blacklist
if ($customList) {
$filter = JFilterInput::getInstance(array(), array(), 1, 1);
// Override filter's default blacklist tags and attributes
if ($customListTags) {
$filter->tagBlacklist = $customListTags;
}
if ($customListAttributes) {
$filter->attrBlacklist = $customListAttributes;
}
} elseif ($blackList) {
// Remove the white-listed tags and attributes from the black-list.
$blackListTags = array_diff($blackListTags, $whiteListTags);
$blackListAttributes = array_diff($blackListAttributes, $whiteListAttributes);
$filter = JFilterInput::getInstance($blackListTags, $blackListAttributes, 1, 1);
// Remove white listed tags from filter's default blacklist
if ($whiteListTags) {
$filter->tagBlacklist = array_diff($filter->tagBlacklist, $whiteListTags);
}
// Remove white listed attributes from filter's default blacklist
if ($whiteListAttributes) {
$filter->attrBlacklist = array_diff($filter->attrBlacklist);
}
} elseif ($whiteList) {
$filter = JFilterInput::getInstance($whiteListTags, $whiteListAttributes, 0, 0, 0);
// turn off xss auto clean
} else {
$filter = JFilterInput::getInstance();
}
$text = $filter->clean($text, 'html');
}
return $text;
}
/**
* Gets an array of the authorised user groups
*
* @return array
*
* @since 11.1
*/
public function getAuthorisedGroups()
{
if ($this->_authGroups === null) {
$this->_authGroups = array();
}
if (empty($this->_authGroups)) {
$this->_authGroups = JAccess::getGroupsByUser($this->id);
}
return $this->_authGroups;
}
