private function save() { $data = $this->get('pdata'); if (!$data) { $data = SPFactory::payment()->summary(); } $methods = SPFactory::payment()->getMethods($this->get('entry'), $data); $visitor = $this->get('visitor'); $xml = $this->payment(); if (count($methods)) { $xml['payment_methods'] = array(); foreach ($methods as $mid => $mout) { $params = array(); if (is_array($mout)) { $params = $mout; $mout = $mout['content']; unset($params['content']); } $xml['payment_methods'][$mid] = array('_complex' => 1, '_xml' => 1, '_data' => $mout, '_attributes' => $params); } } $xml['visitor'] = $this->visitorArray($visitor); $this->_attr = $xml; Sobi::Trigger('PaymentView', ucfirst(__FUNCTION__), array(&$this->_attr)); }
/** * @param SPEntry $entry * @param string $request * @throws SPException * @return array */ protected function verify($entry, $request) { $save = array(); $data = SPRequest::raw($this->nid . '_url', null, $request); $dexs = strlen($data); $data = SPFactory::db()->escape($data); if ($this->ownLabel) { $save['label'] = SPRequest::raw($this->nid, null, $request); /* check if there was a filter */ if ($this->filter && strlen($save['label'])) { $registry =& SPFactory::registry(); $registry->loadDBSection('fields_filter'); $filters = $registry->get('fields_filter'); $filter = isset($filters[$this->filter]) ? $filters[$this->filter] : null; if (!count($filter)) { throw new SPException(SPLang::e('FIELD_FILTER_ERR', $this->filter)); } else { if (!preg_match(base64_decode($filter['params']), $save['label'])) { throw new SPException(str_replace('$field', $this->name, SPLang::e($filter['description']))); } } } } /* check if it was required */ if ($this->required && !$dexs) { throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name)); } /* check if there was an adminField */ if ($this->adminField && $dexs) { if (!Sobi::Can('adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name)); } } /* check if it was free */ if (!$this->isFree && $this->fee && $dexs) { SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid); } /* check if it should contains unique data */ if ($this->uniqueData && $dexs) { $matches = $this->searchData($data, Sobi::Reg('current_section')); if (count($matches)) { throw new SPException(SPLang::e('FIELD_NOT_UNIQUE', $this->name)); } } /* check if it was editLimit */ if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $dexs) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name)); } /* check if it was editable */ if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $dexs && $entry->get('version') > 1) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name)); } /* check the response code */ if ($dexs && $this->validateUrl) { if (preg_match('/[a-z0-9]@[a-z0-9].[a-z]/i', $data)) { $domain = explode('@', $data, 2); $domain = $domain[1]; if (!checkdnsrr($domain, 'MX')) { throw new SPException(SPLang::e('FIELD_MAIL_NO_MX', $data)); } } else { throw new SPException(SPLang::e('FIELD_MAIL_WRONG_FORM', $data)); } } if ($dexs) { /* if we are here, we can save these data */ $save['url'] = $data; } else { $save = null; } $this->setData($save); return $save; }
/** * @param SPEntry $entry * @param string $request * @throws SPException * @return bool */ private function verify($entry, $request) { static $store = null; $directory = SPRequest::string($this->nid, null, false, $request); if (strtolower($request) == 'post' || strtolower($request) == 'get') { $data = SPRequest::file($this->nid, 'tmp_name'); } else { $data = SPRequest::file($this->nid, 'tmp_name', $request); } if ($store == null) { $store = SPFactory::registry()->get('requestcache_stored'); } if (is_array($store) && isset($store[$this->nid])) { if (!strstr($store[$this->nid], 'file://') && !strstr($store[$this->nid], 'directory://')) { $data = $store[$this->nid]; } else { $directory = $store[$this->nid]; } } if ($directory && strstr($directory, 'directory://')) { list($data, $dirName, $files) = $this->getAjaxFiles($directory); if (count($files)) { foreach ($files as $file) { if ($file == '.') { continue; } if ($file == '..') { continue; } if (strpos($file, 'icon_') !== false) { continue; } if (strpos($file, 'resized_') !== false) { continue; } if (strpos($file, 'cropped_') !== false) { continue; } if (strpos($file, '.var') !== false) { continue; } $fileSize = filesize($dirName . $file); } } } else { $fileSize = SPRequest::file($this->nid, 'size'); } $del = SPRequest::bool($this->nid . '_delete', false, $request); $dexs = strlen($data); if ($this->required && !$dexs) { $files = $this->getRaw(); if (!count($files)) { throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name)); } } if ($fileSize > $this->maxSize) { throw new SPException(SPLang::e('FIELD_IMG_TOO_LARGE', $this->name, $fileSize, $this->maxSize)); } /* check if there was an adminField */ if ($this->adminField && ($dexs || $del)) { if (!Sobi::Can('entry.adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name)); } } /* check if it was free */ if (!$this->isFree && $this->fee && $dexs) { SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid); } /* check if it was editLimit */ if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $dexs) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name)); } /* check if it was editable */ if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $dexs && $entry->get('version') > 1) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name)); } return true; }
/** * @param SPEntry $entry * @param string $request * @param $data * @throws SPException * @return string */ private function verify($entry, $request, $data) { $cdata = count($data); /* check if it was required */ if ($this->required && !$cdata) { throw new SPException(SPLang::e('FIELD_REQUIRED_ERR_OPT', $this->name)); } /* check if there was an adminField */ if ($this->adminField && $cdata) { if (!Sobi::Can('entry.adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name)); } } /* check if it was free */ if (!$this->isFree && $this->fee && $cdata) { SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid); } /* check if it was editLimit */ if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $cdata) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name)); } /* check if it was editable */ if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $cdata && $entry->get('version') > 1) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name)); } return $cdata; }
/** */ public function delete() { parent::delete(); Sobi::Trigger($this->name(), ucfirst(__FUNCTION__), array($this->id)); foreach ($this->fields as $field) { $field->deleteData($this->id); } /** Thu, Jul 30, 2015 10:11:57 - delete history */ SPFactory::db()->delete('spdb_history', array('sid' => $this->id)); /** Thu, Jul 30, 2015 10:22:38 - delete payments */ SPFactory::payment()->deletePayments($this->id); /** Thu, Jul 30, 2015 11:32:45 - delete counters */ SPFactory::db()->delete('spdb_counter', array('sid' => $this->id)); SPFactory::cache()->purgeSectionVars(); SPFactory::cache()->deleteObj('entry', $this->id); }
/** * @param SPEntry $entry * @param SPdb $db * @param string $request * @throws SPException * @return array */ private function verify($entry, &$db, $request) { $save = array(); if ($this->ownLabel) { $save['label'] = SPRequest::raw($this->nid, null, $request); /* check if there was a filter */ if ($this->filter && strlen($save['label'])) { $registry =& SPFactory::registry(); $registry->loadDBSection('fields_filter'); $filters = $registry->get('fields_filter'); $filter = isset($filters[$this->filter]) ? $filters[$this->filter] : null; if (!count($filter)) { throw new SPException(SPLang::e('FIELD_FILTER_ERR', $this->filter)); } else { if (!preg_match(base64_decode($filter['params']), $save['label'])) { throw new SPException(str_replace('$field', $this->name, SPLang::e($filter['description']))); } } } } $data = SPRequest::raw($this->nid . '_url', null, $request); $save['protocol'] = $db->escape(SPRequest::word($this->nid . '_protocol', null, $request)); $dexs = strlen($data); $data = $db->escape($data); $data = preg_replace('/([a-z]{1,5}\\:\\/\\/)/i', null, $data); $save['url'] = $data; /* check if it was required */ if ($this->required && !$dexs) { throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name)); } /* check if there was an adminField */ if ($this->adminField && $dexs) { if (!Sobi::Can('entry.adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name)); } } /* check if it was free */ if (!$this->isFree && $this->fee && $dexs) { SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid); } /* check if it should contains unique data */ if ($this->uniqueData && $dexs) { $matches = $this->searchData($data, Sobi::Reg('current_section')); if (count($matches)) { throw new SPException(SPLang::e('FIELD_NOT_UNIQUE', $this->name)); } } /* check if it was editLimit */ if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $dexs) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name)); } /* check if it was editable */ if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $dexs && $entry->get('version') > 1) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name)); } /* check the response code */ if ($dexs && $this->validateUrl) { $rclass = SPLoader::loadClass('services.remote'); $err = 0; $response = 0; try { $connection = new $rclass(); $connection->setOptions(array('url' => $save['protocol'] . '://' . $data, 'connecttimeout' => 10, 'header' => false, 'returntransfer' => true)); $connection->exec(); $response = $connection->info('response_code'); $err = $connection->error(false); $errTxt = $connection->error(); $connection->close(); if ($err) { Sobi::Error($this->name(), SPLang::e('FIELD_URL_CANNOT_VALIDATE', $errTxt), SPC::WARNING, 0, __LINE__, __FILE__); } } catch (SPException $x) { Sobi::Error($this->name(), SPLang::e('FIELD_URL_CANNOT_VALIDATE', $x->getMessage()), SPC::WARNING, 0, __LINE__, __FILE__); } if ($err || $response != 200) { $response = $err ? $errTxt : $response; Sobi::Error($this->name(), SPLang::e('FIELD_URL_ERR', $save['protocol'] . '://' . $data, $response), SPC::WARNING, 0, __LINE__, __FILE__); throw new SPException(SPLang::e('FIELD_URL_ERR', $save['protocol'] . '://' . $data, $response)); } } if (!$dexs) { $save = null; } return $save; }
/** * @param SPEntry $entry * @param string $request * @throws SPException * @return string */ private function verify($entry, $request) { $data = SPRequest::raw($this->nid, null, $request); $dexs = strlen($data); /* check if it was required */ if ($this->required && !$dexs) { throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name)); } if ($dexs) { /* check if there was an adminField */ if ($this->adminField) { if (!Sobi::Can('entry.adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->get('name'))); } } /* check if it was free */ if (!$this->isFree && $this->fee) { SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid); } /* check if it was editLimit */ if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name)); } /* check if it was editable */ if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $entry->get('version') > 1) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name)); } if ($this->allowHtml) { $checkMethod = function_exists('mb_strlen') ? 'mb_strlen' : 'strlen'; $check = $checkMethod(str_replace(array("\n", "\r", "\t"), null, strip_tags($data))); if ($this->maxLength && $check > $this->maxLength) { throw new SPException(SPLang::e('FIELD_TEXTAREA_LIMIT', $this->maxLength, $this->name, $dexs)); } } else { if ($this->maxLength && $dexs > $this->maxLength) { throw new SPException(SPLang::e('FIELD_TEXTAREA_LIMIT', $this->maxLength, $this->name, $dexs)); } } } $data = SPRequest::string($this->nid, null, true, $request); $this->setData($data); return $data; }
/** * Save an entry * * @param bool $apply */ protected function save($apply) { $new = true; if (!$this->_model) { $this->setModel(SPLoader::loadModel($this->_type)); } if ($this->_model->get('oType') != 'entry') { Sobi::Error('Entry', sprintf('Serious security violation. Trying to save an object which claims to be an entry but it is a %s. Task was %s', $this->_model->get('oType'), SPRequest::task()), SPC::ERROR, 403, __LINE__, __FILE__); exit; } /* check if we have stored last edit in cache */ $tsId = SPRequest::string('editentry', null, false, 'cookie'); if (!$tsId) { $tsId = SPRequest::cmd('ssid'); } $request = $this->getCache($tsId); $this->_model->init(SPRequest::sid($request)); $tplPackage = Sobi::Cfg('section.template', SPC::DEFAULT_TEMPLATE); $this->tplCfg($tplPackage); $customClass = null; if (isset($this->_tCfg['general']['functions']) && $this->_tCfg['general']['functions']) { $customClass = SPLoader::loadClass('/' . str_replace('.php', null, $this->_tCfg['general']['functions']), false, 'templates'); if (method_exists($customClass, 'BeforeStoreEntry')) { $customClass::BeforeStoreEntry($this->_model, $this->store['post']); SPFactory::registry()->set('requestcache_stored', $this->store); SPFactory::registry()->set('requestcache', $this->store['post']); } } $preState = array('approved' => $this->_model->get('approved'), 'state' => $this->_model->get('state'), 'new' => !$this->_model->get('id')); SPFactory::registry()->set('object_previous_state', $preState); $this->_model->getRequest($this->_type, $request); Sobi::Trigger($this->name(), __FUNCTION__, array(&$this->_model)); if ($this->_model->get('id') && $this->_model->get('id') == SPRequest::sid()) { $new = false; if (Sobi::My('id') && Sobi::My('id') == $this->_model->get('owner')) { $this->authorise('edit', 'own'); } else { $this->authorise('edit', '*'); } } else { $this->authorise('add', 'own'); } $this->_model->save($request); /* if there is something pay */ $pCount = SPFactory::payment()->count($this->_model->get('id')); if ($pCount && !Sobi::Can('entry.payment.free')) { // $this->paymentView( $tsid ); if ($customClass && method_exists($customClass, 'BeforeStoreEntryPayment')) { $customClass::BeforeStoreEntryPayment($this->_model->get('id')); } SPFactory::payment()->store($this->_model->get('id')); } /* delete cache files on after */ $file = str_replace('.', '-', $tsId); if (SPLoader::dirPath('tmp.edit.' . $file)) { SPFs::delete(SPLoader::dirPath('tmp.edit.' . $file)); } else { SPFactory::cache()->deleteVar('request_cache_' . $tsId); } SPLoader::loadClass('env.cookie'); SPCookie::delete('editentry'); $sid = $this->_model->get('id'); $pid = SPRequest::int('pid') ? SPRequest::int('pid') : Sobi::Section(); if ($new) { if ($this->_model->get('state') || Sobi::Can('entry.see_unpublished.own')) { $msg = $this->_model->get('state') ? Sobi::Txt('EN.ENTRY_SAVED') : Sobi::Txt('EN.ENTRY_SAVED_NP'); $url = Sobi::Url(array('sid' => $sid, 'pid' => $pid)); } else { // determine if there is a custom redirect if (Sobi::Cfg('redirects.entry_save_enabled') && !($pCount && !Sobi::Can('entry.payment.free'))) { $redirect = Sobi::Cfg('redirects.entry_save_url', null); if (!preg_match('/http[s]?:\\/\\/.*/', $redirect) && $redirect != 'index.php') { $redirect = Sobi::Url($redirect); } $this->response($redirect, Sobi::Txt(Sobi::Cfg('redirects.entry_save_msg', 'EN.ENTRY_SAVED_NP')), true, Sobi::Cfg('redirects.entry_save_msgtype', SPC::SUCCESS_MSG)); } else { $msg = Sobi::Txt('EN.ENTRY_SAVED_NP'); $url = Sobi::Url(array('sid' => $pid)); } } } elseif ($this->_model->get('approved') || Sobi::Can('entry.see_unapproved.own')) { $url = Sobi::Url(array('sid' => $sid, 'pid' => $pid)); $msg = $this->_model->get('approved') ? Sobi::Txt('EN.ENTRY_SAVED') : Sobi::Txt('EN.ENTRY_SAVED_NA'); } else { if ($this->_model->get('approved')) { $msg = Sobi::Txt('EN.ENTRY_SAVED'); } else { $msg = Sobi::Txt('EN.ENTRY_SAVED_NA'); } $url = Sobi::Url(array('sid' => $sid, 'pid' => $pid)); } if ($pCount && !Sobi::Can('entry.payment.free')) { $ident = md5(microtime() . $tsId . $sid . time()); $data = array('data' => SPFactory::payment()->summary($sid), 'ident' => $ident); $url = Sobi::Url(array('sid' => $sid, 'task' => 'entry.payment'), false, false); if (Sobi::Cfg('cache.l3_enabled', true)) { SPFactory::cache()->addObj($data, 'payment', $sid, Sobi::Section(), true); } else { SPFs::write(SPLoader::path('tmp.edit.' . $ident . '.payment', 'front', false, 'var'), SPConfig::serialize($data)); $url = Sobi::Url(array('sid' => $sid, 'task' => 'entry.payment', 'tsid' => $ident), false, false); } SPLoader::loadClass('env.cookie'); SPCookie::set('payment_' . $sid, $ident, SPCookie::days(1)); } if ($customClass && method_exists($customClass, 'AfterStoreEntry')) { $customClass::AfterStoreEntry($this->_model); } $this->logChanges('save', SPRequest::string('history-note')); $this->response($url, $msg, true, SPC::SUCCESS_MSG); }
/** * @param SPEntry $entry * @param string $request * @throws SPException * @return string */ private function verify($entry, $request) { $data = SPRequest::raw($this->nid, null, $request); $dexs = strlen($data); /* check if it was required */ if ($this->required && !$dexs) { throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name)); } /* check if there was a filter */ if ($this->filter && $dexs) { $registry =& SPFactory::registry(); $registry->loadDBSection('fields_filter'); $filters = $registry->get('fields_filter'); $filter = isset($filters[$this->filter]) ? $filters[$this->filter] : null; if (!count($filter)) { throw new SPException(SPLang::e('FIELD_FILTER_ERR', $this->filter)); } else { if (!preg_match(base64_decode($filter['params']), $data)) { throw new SPException(str_replace('$field', $this->name, SPLang::e($filter['description']))); } } } /* check if there was an adminField */ if ($this->adminField && $dexs) { if (!Sobi::Can('entry.adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name)); } } /* check if it was free */ if (!$this->isFree && $this->fee && $dexs) { SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid); } /* check if it should contains unique data */ if ($this->uniqueData && $dexs) { $matches = $this->searchData($data, Sobi::Reg('current_section')); if (count($matches) > 1 || count($matches) == 1 && $matches[0] != $entry->get('id')) { throw new SPException(SPLang::e('FIELD_NOT_UNIQUE', $this->name)); } } /* check if it was editLimit */ if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $dexs) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name)); } /* check if it was editable */ if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $dexs && $entry->get('version') > 1) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name)); } if (!$dexs) { $data = null; } $this->setData($data); return $data; }
/** * @param SPEntry $entry * @param string $request * @throws SPException * @return string * @throw SPException */ private function verify($entry, $request) { $data = SPRequest::arr($this->nid, array(), $request); if (!$data) { $dataString = SPRequest::string($this->nid, null, false, $request); if (strstr($dataString, '://')) { $data = SPFactory::config()->structuralData($dataString); } else { $dataString = SPRequest::int($this->nid, 0, $request); if ($dataString) { $data = array($dataString); } } } else { if (count($data) > $this->catsMaxLimit && count($data) > 1) { $data = array_slice($data, 0, $this->catsMaxLimit); } } $dexs = count($data); /* check if it was required */ if ($this->required && !$dexs && $this->method != 'fixed') { throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name)); } /* check if there was an adminField */ if ($this->adminField && $dexs && $this->method != 'fixed') { if (!Sobi::Can('entry.adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name)); } } /* check if it was free */ if (!$this->isFree && $this->fee && $dexs) { SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid); } /* check if it was editLimit */ if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $dexs) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name)); } /* check if it was editable */ if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $dexs && $entry->get('version') > 1) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name)); } if (!$dexs) { $data = array(); } $this->setData($data); return $data; }