protected function menu(&$data) { if (Sobi::Cfg('general.top_menu', true)) { $data['menu'] = array('front' => array('_complex' => 1, '_data' => Sobi::Reg('current_section_name'), '_attributes' => array('lang' => Sobi::Lang(false), 'url' => Sobi::Url(array('sid' => Sobi::Section()))))); if (Sobi::Can('section.search')) { $data['menu']['search'] = array('_complex' => 1, '_data' => Sobi::Txt('MN.SEARCH'), '_attributes' => array('lang' => Sobi::Lang(false), 'url' => Sobi::Url(array('task' => 'search', 'sid' => Sobi::Section())))); } if (Sobi::Can('entry', 'add', 'own', Sobi::Section())) { $data['menu']['add'] = array('_complex' => 1, '_data' => Sobi::Txt('MN.ADD_ENTRY'), '_attributes' => array('lang' => Sobi::Lang(false), 'url' => Sobi::Url(array('task' => 'entry.add', 'sid' => SPRequest::sid())))); } } }
/** * @param double $amount * @param string $reference - just a text to save in the db * @param int $sid - id of the entry * @param string $fid - field id or unique reference identifier * @return void */ public function add($amount, $reference, $sid = 0, $fid = null) { if ($sid && $this->check($sid, $fid) || Sobi::Can('entry.payment.free')) { return true; } $this->payments[$sid][] = array('reference' => $reference, 'amount' => $amount, 'id' => $fid); Sobi::Trigger('Payment', ucfirst(__FUNCTION__), array(&$this->payments, $sid)); }
protected function userPermissionsQuery(&$conditions, $oPrefix = null) { $db =& SPFactory::db(); if (!Sobi::Can('entry.access.*')) { if (Sobi::Can('entry.access.unpublished_own')) { $conditions[] = $db->argsOr(array($oPrefix . 'state' => '1', $oPrefix . 'owner' => Sobi::My('id'))); if (Sobi::Can('entry.access.unapproved_own')) { $conditions[] = $db->argsOr(array($oPrefix . 'approved' => '1', $oPrefix . 'owner' => Sobi::My('id'))); } elseif (!(Sobi::Can('entry.access.unapproved_own') || Sobi::Can('entry.access.unapproved_any'))) { $conditions[$oPrefix . 'approved'] = '1'; } } elseif (!Sobi::Can('entry.access.unpublished_any')) { $conditions[$oPrefix . 'state'] = '1'; } } if (!Sobi::Can('entry.access.*')) { // @todo: expired permission if (Sobi::Can('entry.access.expired_own')) { $conditions[] = $db->argsOr(array('@VALID' => $db->valid($oPrefix . 'validUntil', $oPrefix . 'validSince'), 'owner' => Sobi::My('id'))); } else { // conflicts with "entry.access.unpublished_own" See #521 //$conditions[ 'state' ] = '1'; // if ( false && ( Sobi::Can( 'entry.access.unpublished_own' ) ) ) { // $conditions[ '@VALID' ] = $db->valid( $oPrefix . 'validUntil', $oPrefix . 'validSince', null, array( 'owner' => Sobi::My( 'id' ) ) ); // } // elseif ( !( Sobi::Can( 'entry.access.unpublished_any' ) ) ) { $conditions['@VALID'] = $db->valid($oPrefix . 'validUntil', $oPrefix . 'validSince'); // } } } return $conditions; }
/** */ public function __construct() { if (!Sobi::Can('template.manage')) { Sobi::Error($this->name(), SPLang::e('UNAUTHORIZED_ACCESS_TASK', SPRequest::task()), SPC::ERROR, 403, __LINE__, __FILE__); exit; } }
/** */ public function __construct() { if (!Sobi::Can('acl.manage')) { Sobi::Error('ACL', SPLang::e('UNAUTHORIZED_ACCESS_TASK', SPRequest::task()), SPC::WARNING, 403, __LINE__, __FILE__); exit; } parent::__construct(); }
/** */ public function __construct() { if (Sobi::Section()) { if (!Sobi::Can('section.configure')) { Sobi::Error($this->name(), SPLang::e('UNAUTHORIZED_ACCESS_TASK', SPRequest::task()), SPC::ERROR, 403, __LINE__, __FILE__); exit; } } elseif (!Sobi::Can('cms.apps')) { Sobi::Error($this->name(), SPLang::e('UNAUTHORIZED_ACCESS_TASK', SPRequest::task()), SPC::ERROR, 403, __LINE__, __FILE__); exit; } }
private function view() { $type = $this->key('template_type', 'xslt'); if ($type != 'php' && Sobi::Cfg('global.disable_xslt', false)) { $type = 'php'; } if ($type == 'xslt') { $visitor = $this->get('visitor'); $current = $this->get('section'); $categories = $this->get('categories'); $entries = $this->get('entries'); $data = array(); $data['id'] = $current->get('id'); $data['section'] = array('_complex' => 1, '_data' => Sobi::Section(true), '_attributes' => array('id' => Sobi::Section(), 'lang' => Sobi::Lang(false))); $data['name'] = array('_complex' => 1, '_data' => $this->get('listing_name'), '_attributes' => array('lang' => Sobi::Lang(false))); if (Sobi::Cfg('category.show_desc')) { $desc = $current->get('description'); if (Sobi::Cfg('category.parse_desc')) { Sobi::Trigger('prepare', 'Content', array(&$desc, $current)); } $data['description'] = array('_complex' => 1, '_cdata' => 1, '_data' => $desc, '_attributes' => array('lang' => Sobi::Lang(false))); } $data['meta'] = array('description' => $current->get('metaDesc'), 'keys' => $this->metaKeys($current), 'author' => $current->get('metaAuthor'), 'robots' => $current->get('metaRobots')); $data['entries_in_line'] = $this->get('$eInLine'); $data['categories_in_line'] = $this->get('$cInLine'); $this->menu($data); $this->alphaMenu($data); $data['visitor'] = $this->visitorArray($visitor); if (count($categories)) { foreach ($categories as $category) { if (is_numeric($category)) { $category = SPFactory::Category($category); } $data['categories'][] = array('_complex' => 1, '_attributes' => array('id' => $category->get('id'), 'nid' => $category->get('nid')), '_data' => $this->category($category)); unset($category); } } if (count($entries)) { $this->loadNonStaticData($entries); $manager = Sobi::Can('entry', 'edit', '*', Sobi::Section()) ? true : false; foreach ($entries as $eid) { $en = $this->entry($eid, $manager); $data['entries'][] = array('_complex' => 1, '_attributes' => array('id' => $en['id']), '_data' => $en); } $this->navigation($data); } $this->_attr = $data; } // general listing trigger Sobi::Trigger('Listing', ucfirst(__FUNCTION__), array(&$this->_attr)); // specific lisitng trigger Sobi::Trigger($this->_type, ucfirst(__FUNCTION__), array(&$this->_attr)); }
public function __construct() { $registry =& SPFactory::registry(); $registry->loadDBSection('config'); $this->_task = strlen($this->_task) ? $this->_task : $this->_defTask; if (!Sobi::Reg('current_section') && $this->_task == 'general') { $this->_task = 'global'; if (!Sobi::Can('cms.admin')) { Sobi::Error('ACL', SPLang::e('UNAUTHORIZED_ACCESS_TASK', SPRequest::task()), SPC::WARNING, 403, __LINE__, __FILE__); } } else { if (!$this->_aclCheck) { Sobi::Error('ACL', SPLang::e('UNAUTHORIZED_ACCESS_TASK', SPRequest::task()), SPC::WARNING, 403, __LINE__, __FILE__); } } parent::__construct(); }
/** */ private function getSections() { try { $sections = SPFactory::db()->select('*', 'spdb_object', array('oType' => 'section'), 'id')->loadObjectList(); } catch (SPException $x) { Sobi::Error($this->name(), SPLang::e('CANNOT_GET_SECTIONS_LIST', $x->getMessage()), SPC::WARNING, 500, __LINE__, __FILE__); } if (count($sections)) { foreach ($sections as $section) { if (Sobi::Can('section', 'access', $section->id, 'valid')) { $s = SPFactory::Section($section->id); $s->extend($section); $this->_sections[] = $s; } } Sobi::Trigger($this->name(), __FUNCTION__, array(&$this->_sections)); } }
/** */ private function getSections() { $order = $this->parseOrdering(); try { $sections = SPFactory::db()->select('*', 'spdb_object', array('oType' => 'section'), $order)->loadObjectList(); } catch (SPException $x) { Sobi::Error($this->name(), SPLang::e('DB_REPORTS_ERR', $x->getMessage()), SPC::WARNING, 500, __LINE__, __FILE__); } if (count($sections)) { SPLoader::loadClass('models.datamodel'); SPLoader::loadClass('models.dbobject'); SPLoader::loadModel('section'); foreach ($sections as $section) { if (Sobi::Can('section', 'access', 'any', $section->id)) { $s = new SPSection(); $s->extend($section); $this->_sections[] = $s; } } } }
protected function iconChooser() { if (!Sobi::Can('category.edit')) { Sobi::Error('category', 'You have no permission to access this site', SPC::ERROR, 403, __LINE__, __FILE__); } if (strlen(SPRequest::cmd('font'))) { return $this->iconFont(); } $folder = SPRequest::cmd('iconFolder', null); $callback = SPRequest::cmd('callback', 'SPSelectIcon'); $dir = $folder ? Sobi::Cfg('images.category_icons') . str_replace('.', '/', $folder) . '/' : Sobi::Cfg('images.category_icons'); $files = array(); $dirs = array(); if ($folder) { $up = explode('.', $folder); unset($up[count($up) - 1]); $dirs[] = array('name' => Sobi::Txt('FOLEDR_UP'), 'count' => count(scandir($dir . '..')) - 2, 'url' => Sobi::Url(array('task' => 'category.icon', 'out' => 'html', 'iconFolder' => count($up) ? implode('.', $up) : null))); } $ext = array('png', 'jpg', 'jpeg', 'gif'); if (is_dir($dir) && ($dh = opendir($dir))) { while (($file = readdir($dh)) !== false) { if (filetype($dir . $file) == 'file' && in_array(strtolower(SPFs::getExt($file)), $ext)) { $files[] = array('name' => $folder ? str_replace('.', '/', $folder) . '/' . $file : $file, 'path' => str_replace('\\', '/', str_replace(SOBI_ROOT, Sobi::Cfg('live_site'), str_replace('//', '/', $dir . $file)))); } elseif (filetype($dir . $file) == 'dir' && !($file == '.' || $file == '..')) { $dirs[] = array('name' => $file, 'count' => count(scandir($dir . $file)) - 2, 'path' => str_replace('\\', '/', str_replace(SOBI_ROOT, Sobi::Cfg('live_site'), str_replace('//', '/', $dir . $file))), 'url' => Sobi::Url(array('task' => 'category.icon', 'out' => 'html', 'iconFolder' => $folder ? $folder . '.' . $file : $file))); } } closedir($dh); } sort($files); sort($dirs); $view = SPFactory::View('category'); $view->setTemplate('category.icon'); $view->assign($this->_task, 'task'); $view->assign($callback, 'callback'); $view->assign($files, 'files'); $view->assign(Sobi::Cfg('images.folder_ico'), 'folder'); $view->assign($dirs, 'directories'); $view->icon(); }
/** */ public function execute() { if (!Sobi::Can('section.search')) { if ($this->_task != 'suggest') { if (Sobi::Cfg('redirects.section_search_enabled') && strlen(Sobi::Cfg('redirects.section_search_url', null))) { $this->escape(Sobi::Cfg('redirects.section_search_url', null), SPLang::e(Sobi::Cfg('redirects.section_search_msg', 'UNAUTHORIZED_ACCESS')), Sobi::Cfg('redirects.section_search_msgtype', SPC::ERROR_MSG)); } else { Sobi::Error($this->name(), SPLang::e('UNAUTHORIZED_ACCESS_TASK', SPRequest::task()), SPC::ERROR, 403, __LINE__, __FILE__); } } else { exit; } } $r = false; SPLoader::loadClass('env.cookie'); SPLoader::loadClass('env.browser'); SPRequest::set('task', $this->_type . '.' . $this->_task); switch ($this->_task) { case 'results': case 'view': $this->form(); $r = true; break; case 'search': $this->search(); $r = true; break; case 'suggest': $this->suggest(); $r = true; break; default: if (!parent::execute()) { Sobi::Error($this->name(), SPLang::e('SUCH_TASK_NOT_FOUND', SPRequest::task()), SPC::NOTICE, 404, __LINE__, __FILE__); } break; } return $r; }
/** * @param SPEntry $entry * @param string $request * @throws SPException * @return array */ protected function verify($entry, $request) { $save = array(); $data = SPRequest::raw($this->nid . '_url', null, $request); $dexs = strlen($data); $data = SPFactory::db()->escape($data); if ($this->ownLabel) { $save['label'] = SPRequest::raw($this->nid, null, $request); /* check if there was a filter */ if ($this->filter && strlen($save['label'])) { $registry =& SPFactory::registry(); $registry->loadDBSection('fields_filter'); $filters = $registry->get('fields_filter'); $filter = isset($filters[$this->filter]) ? $filters[$this->filter] : null; if (!count($filter)) { throw new SPException(SPLang::e('FIELD_FILTER_ERR', $this->filter)); } else { if (!preg_match(base64_decode($filter['params']), $save['label'])) { throw new SPException(str_replace('$field', $this->name, SPLang::e($filter['description']))); } } } } /* check if it was required */ if ($this->required && !$dexs) { throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name)); } /* check if there was an adminField */ if ($this->adminField && $dexs) { if (!Sobi::Can('adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name)); } } /* check if it was free */ if (!$this->isFree && $this->fee && $dexs) { SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid); } /* check if it should contains unique data */ if ($this->uniqueData && $dexs) { $matches = $this->searchData($data, Sobi::Reg('current_section')); if (count($matches)) { throw new SPException(SPLang::e('FIELD_NOT_UNIQUE', $this->name)); } } /* check if it was editLimit */ if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $dexs) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name)); } /* check if it was editable */ if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $dexs && $entry->get('version') > 1) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name)); } /* check the response code */ if ($dexs && $this->validateUrl) { if (preg_match('/[a-z0-9]@[a-z0-9].[a-z]/i', $data)) { $domain = explode('@', $data, 2); $domain = $domain[1]; if (!checkdnsrr($domain, 'MX')) { throw new SPException(SPLang::e('FIELD_MAIL_NO_MX', $data)); } } else { throw new SPException(SPLang::e('FIELD_MAIL_WRONG_FORM', $data)); } } if ($dexs) { /* if we are here, we can save these data */ $save['url'] = $data; } else { $save = null; } $this->setData($save); return $save; }
/** * @param SPEntry $entry * @param string $request * @throws SPException * @return bool */ private function verify($entry, $request) { static $store = null; $directory = SPRequest::string($this->nid, null, false, $request); if (strtolower($request) == 'post' || strtolower($request) == 'get') { $data = SPRequest::file($this->nid, 'tmp_name'); } else { $data = SPRequest::file($this->nid, 'tmp_name', $request); } if ($store == null) { $store = SPFactory::registry()->get('requestcache_stored'); } if (is_array($store) && isset($store[$this->nid])) { if (!strstr($store[$this->nid], 'file://') && !strstr($store[$this->nid], 'directory://')) { $data = $store[$this->nid]; } else { $directory = $store[$this->nid]; } } if ($directory && strstr($directory, 'directory://')) { list($data, $dirName, $files) = $this->getAjaxFiles($directory); if (count($files)) { foreach ($files as $file) { if ($file == '.') { continue; } if ($file == '..') { continue; } if (strpos($file, 'icon_') !== false) { continue; } if (strpos($file, 'resized_') !== false) { continue; } if (strpos($file, 'cropped_') !== false) { continue; } if (strpos($file, '.var') !== false) { continue; } $fileSize = filesize($dirName . $file); } } } else { $fileSize = SPRequest::file($this->nid, 'size'); } $del = SPRequest::bool($this->nid . '_delete', false, $request); $dexs = strlen($data); if ($this->required && !$dexs) { $files = $this->getRaw(); if (!count($files)) { throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name)); } } if ($fileSize > $this->maxSize) { throw new SPException(SPLang::e('FIELD_IMG_TOO_LARGE', $this->name, $fileSize, $this->maxSize)); } /* check if there was an adminField */ if ($this->adminField && ($dexs || $del)) { if (!Sobi::Can('entry.adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name)); } } /* check if it was free */ if (!$this->isFree && $this->fee && $dexs) { SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid); } /* check if it was editLimit */ if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $dexs) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name)); } /* check if it was editable */ if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $dexs && $entry->get('version') > 1) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name)); } return true; }
/** * @param SPEntry $entry * @param string $request * @throws SPException * @return string * @throw SPException */ private function verify($entry, $request) { $data = SPRequest::arr($this->nid, array(), $request); if (!$data) { $dataString = SPRequest::string($this->nid, null, false, $request); if (strstr($dataString, '://')) { $data = SPFactory::config()->structuralData($dataString); } else { $dataString = SPRequest::int($this->nid, 0, $request); if ($dataString) { $data = array($dataString); } } } else { if (count($data) > $this->catsMaxLimit && count($data) > 1) { $data = array_slice($data, 0, $this->catsMaxLimit); } } $dexs = count($data); /* check if it was required */ if ($this->required && !$dexs && $this->method != 'fixed') { throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name)); } /* check if there was an adminField */ if ($this->adminField && $dexs && $this->method != 'fixed') { if (!Sobi::Can('entry.adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name)); } } /* check if it was free */ if (!$this->isFree && $this->fee && $dexs) { SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid); } /* check if it was editLimit */ if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $dexs) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name)); } /* check if it was editable */ if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $dexs && $entry->get('version') > 1) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name)); } if (!$dexs) { $data = array(); } $this->setData($data); return $data; }
protected function sections() { $subMenu = array(); try { $sections = SPFactory::db()->select('id', 'spdb_object', array('oType' => 'section'), 'id')->loadResultArray(); } catch (SPException $x) { Sobi::Error($this->name(), SPLang::e('DB_REPORTS_ERR', $x->getMessage()), SPC::WARNING, 500, __LINE__, __FILE__); } $sectionLength = 30; if (count($sections)) { $sections = SPLang::translateObject($sections, 'name'); $subMenu = array(); foreach ($sections as $section) { if (Sobi::Can('section', 'access', 'any', $section['id'])) { $subMenu[] = array('type' => 'url', 'task' => '', 'url' => array('sid' => $section['id']), 'label' => SPLang::clean(strlen($section['value']) < $sectionLength ? $section['value'] : substr($section['value'], 0, $sectionLength - 3) . ' ...'), 'icon' => 'file', 'element' => 'button'); } } } return $subMenu; }
/** * @param SPEntry $entry * @param string $request * @throws SPException * @return string */ private function verify($entry, $request) { $data = SPRequest::raw($this->nid, null, $request); $dexs = strlen($data); /* check if it was required */ if ($this->required && !$dexs) { throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name)); } /* check if there was a filter */ if ($this->filter && $dexs) { $registry =& SPFactory::registry(); $registry->loadDBSection('fields_filter'); $filters = $registry->get('fields_filter'); $filter = isset($filters[$this->filter]) ? $filters[$this->filter] : null; if (!count($filter)) { throw new SPException(SPLang::e('FIELD_FILTER_ERR', $this->filter)); } else { if (!preg_match(base64_decode($filter['params']), $data)) { throw new SPException(str_replace('$field', $this->name, SPLang::e($filter['description']))); } } } /* check if there was an adminField */ if ($this->adminField && $dexs) { if (!Sobi::Can('entry.adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name)); } } /* check if it was free */ if (!$this->isFree && $this->fee && $dexs) { SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid); } /* check if it should contains unique data */ if ($this->uniqueData && $dexs) { $matches = $this->searchData($data, Sobi::Reg('current_section')); if (count($matches) > 1 || count($matches) == 1 && $matches[0] != $entry->get('id')) { throw new SPException(SPLang::e('FIELD_NOT_UNIQUE', $this->name)); } } /* check if it was editLimit */ if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $dexs) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name)); } /* check if it was editable */ if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $dexs && $entry->get('version') > 1) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name)); } if (!$dexs) { $data = null; } $this->setData($data); return $data; }
/** * @param SPEntry $entry * @param string $request * @param $data * @throws SPException * @return string */ private function verify($entry, $request, $data) { $cdata = count($data); /* check if it was required */ if ($this->required && !$cdata) { throw new SPException(SPLang::e('FIELD_REQUIRED_ERR_OPT', $this->name)); } /* check if there was an adminField */ if ($this->adminField && $cdata) { if (!Sobi::Can('entry.adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->name)); } } /* check if it was free */ if (!$this->isFree && $this->fee && $cdata) { SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid); } /* check if it was editLimit */ if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit') && $cdata) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name)); } /* check if it was editable */ if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $cdata && $entry->get('version') > 1) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name)); } return $cdata; }
protected function entryData($getFields = true) { /** @var SPEntry $entry */ $entry = $this->get('entry'); $visitor = $this->get('visitor'); $data = array(); $data['section'] = array('_complex' => 1, '_data' => Sobi::Section(true), '_attributes' => array('id' => Sobi::Section(), 'lang' => Sobi::Lang(false))); $en = array(); $en['name'] = array('_complex' => 1, '_data' => $entry->get('name'), '_attributes' => array('lang' => Sobi::Lang(false))); $en['created_time'] = $entry->get('createdTime'); $en['updated_time'] = $entry->get('updatedTime'); $en['valid_since'] = $entry->get('validSince'); $en['valid_until'] = $entry->get('validUntil'); $en['author'] = $entry->get('owner'); $en['counter'] = $entry->get('counter'); $en['approved'] = $entry->get('approved'); $this->fixTimes($en); // $mytime = date( 'Y-m-d H:i:s', time()); if ($entry->get('state') == 0) { $en['state'] = 'unpublished'; } else { if (strtotime($entry->get('validUntil')) != 0 && strtotime($entry->get('validUntil')) < time()) { $en['state'] = 'expired'; } elseif (strtotime($entry->get('validSince')) != 0 && strtotime($entry->get('validSince')) > time()) { $en['state'] = 'pending'; } else { $en['state'] = 'published'; } } $en['url'] = Sobi::Url(array('pid' => $entry->get('parent'), 'sid' => $entry->get('id'), 'title' => Sobi::Cfg('sef.alias', true) ? $entry->get('nid') : $entry->get('name')), true, true, true); if (Sobi::Can('entry', 'edit', '*') || Sobi::My('id') == $entry->get('owner') && Sobi::Can('entry', 'edit', 'own')) { $en['edit_url'] = Sobi::Url(array('task' => 'entry.edit', 'sid' => $entry->get('id'))); } if (Sobi::Can('entry', 'manage', '*')) { $en['approve_url'] = Sobi::Url(array('task' => $entry->get('approved') ? 'entry.unapprove' : 'entry.approve', 'sid' => $entry->get('id'))); } if ($entry->get('owner') == Sobi::My('id') && Sobi::Can('entry', 'delete', 'own') || Sobi::Can('entry', 'delete', '*')) { $en['delete_url'] = Sobi::Url(array('task' => 'entry.delete', 'sid' => $entry->get('id'))); } if (Sobi::Can('entry', 'publish', '*') || Sobi::My('id') == $entry->get('owner') && Sobi::Can('entry', 'publish', 'own')) { $en['publish_url'] = Sobi::Url(array('task' => $entry->get('state') ? 'entry.unpublish' : 'entry.publish', 'sid' => $entry->get('id'))); } $cats = $entry->get('categories'); $categories = array(); if (count($cats)) { $cn = SPLang::translateObject(array_keys($cats), array('name', 'alias'), 'category'); } $primaryCat = $entry->get('parent'); foreach ($cats as $cid => $cat) { $cAttr = array('lang' => Sobi::Lang(false), 'id' => $cat['pid'], 'alias' => $cat['alias'], 'position' => $cat['position'], 'url' => Sobi::Url(array('sid' => $cat['pid'], 'title' => Sobi::Cfg('sef.alias', true) ? $cat['alias'] : $cat['name']))); if ($cat['pid'] == $primaryCat) { $cAttr['primary'] = 'true'; } $categories[] = array('_complex' => 1, '_data' => SPLang::clean($cn[$cid]['value']), '_attributes' => $cAttr); } $en['categories'] = $categories; $en['meta'] = array('description' => $entry->get('metaDesc'), 'keys' => $this->metaKeys($entry), 'author' => $entry->get('metaAuthor'), 'robots' => $entry->get('metaRobots')); if ($getFields) { $fields = $entry->getFields(); if (count($fields)) { $en['fields'] = $this->fieldStruct($fields, 'details'); } } $this->menu($data); $this->alphaMenu($data); $data['entry'] = array('_complex' => 1, '_data' => $en, '_attributes' => array('id' => $entry->get('id'), 'nid' => $entry->get('nid'), 'version' => $entry->get('version'))); $data['visitor'] = $this->visitorArray($visitor); return $data; }
private function checkCopy() { return !(in_array(SPRequest::task(), array('entry.approve', 'entry.edit', 'entry.save', 'entry.submit', 'entry.payment')) || Sobi::Can('entry.access.unapproved_any') || $this->owner == Sobi::My('id') && Sobi::Can('entry.manage.own') || $this->owner == Sobi::My('id') && Sobi::Can('entry.access.unpublished_own') || Sobi::Can('entry.manage.*')); }
/** * Checks if the field should be displayed or not * @param string $view * @param bool $new * @return bool */ public function enabled($view, $new = false) { if ($view == 'form') { // while editing an entry we have to get the real data $this->fullInit(true); if ($this->get('isOutputOnly')) { return false; } if (!Sobi::Can('entry.adm_fields.edit')) { if ($this->adminField) { return false; } /* * When the user is adding the entry very first time this should not affect because * the field is not editable but the user has to be able to add data for the first time */ if (!$this->editable && SPRequest::task() != 'entry.add' && !($new && in_array(SPRequest::task(), array('entry.submit', 'entry.save')))) { //if ( !( $this->editable ) && !( $new && in_array( SPRequest::task(), array( 'entry.add', 'entry.submit', 'entry.save' ) ) ) ) { return false; } if (!$this->editLimit) { return false; } } } else { if ($this->get('isInputOnly')) { return false; } } $this->currentView = $view; if (!$this->enabled) { return false; } if ($view != 'form' && !($this->showIn == $view || $this->showIn == 'both')) { return false; } /* * not every field has the same raw data */ /** Thu, Jun 19, 2014 11:39:04 fix by Anibal Sanchez see #1242 */ if (isset($this->_fData->publishDown)) { if (count($this->_fData) && (!(strtotime($this->_fData->publishUp) < time()) || strtotime($this->_fData->publishDown) > 0 && strtotime($this->_fData->publishDown) <= time())) { return false; } } // if ( isset( $this->_fData->publishDown ) ) { // if ( count( $this->_fData ) && ( !( strtotime( $this->_fData->publishUp ) < time() ) || ( ( ( strtotime( $this->_fData->publishDown ) > 0 ) && strtotime( $this->_fData->publishDown ) > time() ) ) ) ) { // return false; // } // } return true; }
/** */ public function save() { /* initial org settings */ /* @var SPdb $db */ $db = SPFactory::db(); $this->nid = $this->createAlias(); $this->approved = Sobi::Can($this->type(), 'publish', 'own'); $db->transaction(); parent::save(); $properties = get_class_vars(__CLASS__); /* get database columns and their ordering */ $cols = $db->getColumns($this->_dbTable); $values = array(); /* and sort the properties in the same order */ foreach ($cols as $col) { $values[$col] = array_key_exists($col, $properties) ? $this->{$col} : ''; } Sobi::Trigger($this->name(), ucfirst(__FUNCTION__), array(&$values)); /* try to save */ try { $db->insertUpdate($this->_dbTable, $values); } catch (SPException $x) { $db->rollback(); Sobi::Error($this->name(), SPLang::e('CANNOT_SAVE_CATEGORY_DB_ERR', $x->getMessage()), SPC::ERROR, 500, __LINE__, __FILE__); } /* insert relation */ try { $db->delete('spdb_relations', array('id' => $this->id, 'oType' => 'category')); if (!$this->position) { $db->select('MAX( position ) + 1', 'spdb_relations', array('pid' => $this->parent, 'oType' => 'category')); $this->position = (int) $db->loadResult(); if (!$this->position) { $this->position = 1; } } $db->insertUpdate('spdb_relations', array('id' => $this->id, 'pid' => $this->parent, 'oType' => 'category', 'position' => $this->position, 'validSince' => $this->validSince, 'validUntil' => $this->validUntil)); } catch (SPException $x) { $db->rollback(); Sobi::Error($this->name(), SPLang::e('CANNOT_SAVE_CATEGORY_DB_ERR', $x->getMessage()), SPC::ERROR, 500, __LINE__, __FILE__); } /* if there was no errors, commit the database changes */ $db->commit(); SPFactory::cache()->purgeSectionVars()->deleteObj('category', $this->id)->deleteObj('category', $this->parent); /* trigger plugins */ Sobi::Trigger('afterSave', $this->name(), array(&$this)); }
/** * authorise action * @param string $action * @param string $ownership * @return bool */ protected function authorise($action = 'access', $ownership = 'valid') { if (!Sobi::Can($this->_type, $action, $ownership, Sobi::Section())) { switch ($action) { case 'add': if (Sobi::Cfg('redirects.entry_add_enabled', false) && strlen(Sobi::Cfg('redirects.entry_add_url', null))) { $this->escape(Sobi::Cfg('redirects.entry_add_url', null), SPLang::e(Sobi::Cfg('redirects.entry_add_msg', 'UNAUTHORIZED_ACCESS')), Sobi::Cfg('redirects.entry_add_msgtype', 'message')); } else { Sobi::Error($this->name(), SPLang::e('UNAUTHORIZED_ACCESS_TASK', SPRequest::task()), SPC::ERROR, 403, __LINE__, __FILE__); } break; default: Sobi::Error($this->name(), SPLang::e('UNAUTHORIZED_ACCESS_TASK', SPRequest::task()), SPC::ERROR, 403, __LINE__, __FILE__); break; } } return true; }
/** * @param $key * @param $val * @param $cfgSection * @return SPConfig */ public function &saveCfg($key, $val, $cfgSection = 'general') { if (Sobi::Can('configure', 'section')) { if (strstr($key, '.')) { $key = explode('.', $key); $cfgSection = $key[0]; $key = $key[1]; } Sobi::Trigger('Config', 'Save', array(&$key, &$val, &$cfgSection)); /* @var SPdb $db */ $db =& SPFactory::db(); try { $db->insertUpdate('spdb_config', array('sKey' => $key, 'sValue' => $val, 'section' => Sobi::Reg('current_section', 0), 'critical' => 0, 'cSection' => $cfgSection)); } catch (SPException $x) { Sobi::Error('config', SPLang::e('CANNOT_SAVE_CONFIG', $x->getMessage()), SPC::WARNING, 500, __LINE__, __CLASS__); } } return $this; }
/** * @param SPEntry $entry * @param string $request * @throws SPException * @return string */ private function verify($entry, $request) { $data = SPRequest::raw($this->nid, null, $request); $dexs = strlen($data); /* check if it was required */ if ($this->required && !$dexs) { throw new SPException(SPLang::e('FIELD_REQUIRED_ERR', $this->name)); } if ($dexs) { /* check if there was an adminField */ if ($this->adminField) { if (!Sobi::Can('entry.adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH', $this->get('name'))); } } /* check if it was free */ if (!$this->isFree && $this->fee) { SPFactory::payment()->add($this->fee, $this->name, $entry->get('id'), $this->fid); } /* check if it was editLimit */ if ($this->editLimit == 0 && !Sobi::Can('entry.adm_fields.edit')) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_EXP', $this->name)); } /* check if it was editable */ if (!$this->editable && !Sobi::Can('entry.adm_fields.edit') && $entry->get('version') > 1) { throw new SPException(SPLang::e('FIELD_NOT_AUTH_NOT_ED', $this->name)); } if ($this->allowHtml) { $checkMethod = function_exists('mb_strlen') ? 'mb_strlen' : 'strlen'; $check = $checkMethod(str_replace(array("\n", "\r", "\t"), null, strip_tags($data))); if ($this->maxLength && $check > $this->maxLength) { throw new SPException(SPLang::e('FIELD_TEXTAREA_LIMIT', $this->maxLength, $this->name, $dexs)); } } else { if ($this->maxLength && $dexs > $this->maxLength) { throw new SPException(SPLang::e('FIELD_TEXTAREA_LIMIT', $this->maxLength, $this->name, $dexs)); } } } $data = SPRequest::string($this->nid, null, true, $request); $this->setData($data); return $data; }
public function ProxyReset() { $eid = SPRequest::int('eid'); // let's allow it for admins only right now // later we can extend it a bit // $entry = SPFactory::Entry( $eid ); if (Sobi::Can('entry.manage.any')) { SPFactory::db()->delete('spdb_field_url_clicks', array('section' => Sobi::Section(), 'sid' => $eid, 'fid' => $this->nid)); } echo 1; }
private function view() { $type = $this->key('template_type', 'xslt'); if ($type != 'php' && Sobi::Cfg('global.disable_xslt', false)) { $type = 'php'; } if ($type == 'xslt') { $visitor = $this->get('visitor'); $current = $this->get($this->_type); $orderings = $this->get('orderings'); $categories = $this->get('categories'); $entries = $this->get('entries'); $cUrl = array('title' => Sobi::Cfg('sef.alias', true) ? $current->get('nid') : $current->get('name'), 'sid' => $current->get('id')); if (SPRequest::int('site', 0)) { $cUrl['site'] = SPRequest::int('site', 0); } SPFactory::header()->addCanonical(Sobi::Url($cUrl, true, true, true)); $data = array(); $data['id'] = $current->get('id'); $data['counter'] = $current->get('counter'); $data['section'] = array('_complex' => 1, '_data' => Sobi::Section(true), '_attributes' => array('id' => Sobi::Section(), 'lang' => Sobi::Lang(false))); $data['name'] = array('_complex' => 1, '_data' => $current->get('name'), '_attributes' => array('lang' => Sobi::Lang(false))); if (Sobi::Cfg('category.show_desc') || $current->get('oType') == 'section') { $desc = $current->get('description'); if (Sobi::Cfg('category.parse_desc')) { Sobi::Trigger('prepare', 'Content', array(&$desc, $current)); } $data['description'] = array('_complex' => 1, '_cdata' => 1, '_data' => $desc, '_attributes' => array('lang' => Sobi::Lang(false))); } $showIcon = $current->get('showIcon'); if ($showIcon == SPC::GLOBAL_SETTING) { $showIcon = Sobi::Cfg('category.show_icon', true); } if ($showIcon && $current->get('icon')) { if (SPFs::exists(Sobi::Cfg('images.category_icons') . '/' . $current->get('icon'))) { $data['icon'] = Sobi::FixPath(Sobi::Cfg('images.category_icons_live') . $current->get('icon')); } } $data['meta'] = array('description' => $current->get('metaDesc'), 'keys' => $this->metaKeys($current), 'author' => $current->get('metaAuthor'), 'robots' => $current->get('metaRobots')); $data['entries_in_line'] = $this->get('$eInLine'); $data['categories_in_line'] = $this->get('$cInLine'); $data['number_of_subcats'] = Sobi::Cfg('list.num_subcats'); $this->menu($data); $this->alphaMenu($data); $data['visitor'] = $this->visitorArray($visitor); if (count($categories)) { $this->loadNonStaticData($categories); foreach ($categories as $category) { $cat = $this->category($category); $data['categories'][] = array('_complex' => 1, '_attributes' => array('id' => $cat['id'], 'nid' => $cat['nid']), '_data' => $cat); } if (strstr($orderings['categories'], 'name') && Sobi::Cfg('lang.multimode', false)) { usort($data['categories'], 'self::orderByName'); if ($orderings['categories'] == 'name.desc') { $data['categories'] = array_reverse($data['categories']); } } } if (count($entries)) { $this->loadNonStaticData($entries); $manager = Sobi::Can('entry', 'edit', '*', Sobi::Section()) ? true : false; foreach ($entries as $eid) { $en = $this->entry($eid, $manager); $data['entries'][] = array('_complex' => 1, '_attributes' => array('id' => $en['id'], 'nid' => $en['nid']), '_data' => $en); } if (strstr($orderings['entries'], 'name') && Sobi::Cfg('lang.multimode', false)) { usort($data['entries'], 'self::orderByName'); if ($orderings['entries'] == 'name.desc') { $data['entries'] = array_reverse($data['entries']); } } $this->navigation($data); } $this->fixTimes($data); $this->_attr = $data; } Sobi::Trigger($this->_type, ucfirst(__FUNCTION__), array(&$this->_attr)); }
public function display() { $this->_type = 'search'; $type = $this->key('template_type', 'xslt'); if ($type != 'php' && Sobi::Cfg('global.disable_xslt', false)) { $type = 'php'; } if ($type == 'xslt') { $searchData = array(); $fields = $this->get('fields'); $visitor = $this->get('visitor'); $p = $this->get('priorities'); $priorities = array(); if (is_array($p) && count($p)) { foreach ($p as $priority => $eids) { if (is_array($eids) && count($eids)) { foreach ($eids as $sid) { $priorities[$sid] = $priority; } } } } $entries = $this->get('entries'); $searchData['section'] = array('_complex' => 1, '_data' => Sobi::Section(true), '_attributes' => array('id' => Sobi::Section(), 'lang' => Sobi::Lang(false))); $searchPhrase = $this->get('search_for'); $phrase = $this->get('search_phrase'); $searchPhrase = strlen($searchPhrase) ? $searchPhrase : Sobi::Txt('SH.SEARCH_FOR_BOX'); SPFactory::header()->addJsCode('var spSearchDefStr = "' . Sobi::Txt('SH.SEARCH_FOR_BOX') . '"'); if ($this->get('$eInLine')) { $searchData['entries_in_line'] = $this->get('$eInLine'); } if ($this->get('$eCount') >= 0) { $searchData['message'] = Sobi::Txt('SH.SEARCH_FOUND_RESULTS', array('count' => $this->get('$eCount'))); } $this->menu($searchData); $this->alphaMenu($searchData); $fData = array(); if (Sobi::Cfg('search.show_searchbox', true)) { $fData['searchbox'] = array('_complex' => 1, '_data' => array('label' => array('_complex' => 1, '_data' => Sobi::Txt('SH.SEARCH_FOR'), '_attributes' => array('lang' => Sobi::Lang(false))), 'data' => array('_complex' => 1, '_xml' => 1, '_data' => SPHtml_Input::text('sp_search_for', $searchPhrase, array('class' => Sobi::Cfg('search.form_box_def_css', 'SPSearchBox'), 'id' => 'SPSearchBox')))), '_attributes' => array('position' => 1, 'css_class' => 'SPSearchBox')); } if (Sobi::Cfg('search.top_button', true)) { $fData['top_button'] = array('_complex' => 1, '_data' => array('label' => array('_complex' => 1, '_data' => Sobi::Txt('SH.SEARCH_START'), '_attributes' => array('lang' => Sobi::Lang())), 'data' => array('_complex' => 1, '_xml' => 1, '_data' => SPHtml_Input::submit('search', Sobi::Txt('SH.START'), array('id' => 'top_button')))), '_attributes' => array('position' => 1, 'css_class' => 'SPSearchButton')); } if (Sobi::Cfg('search.show_phrase', true)) { $fData['phrase'] = array('_complex' => 1, '_data' => array('label' => array('_complex' => 1, '_data' => Sobi::Txt('SH.FIND_ENTRIES_THAT_HAVE'), '_attributes' => array('lang' => Sobi::Lang(false))), 'data' => array('_complex' => 1, '_xml' => 1, '_data' => SPHtml_Input::radioList('spsearchphrase', array('all' => Sobi::Txt('SH.FIND_ENTRIES_THAT_HAVE_ALL_WORDS'), 'any' => Sobi::Txt('SH.FIND_ENTRIES_THAT_HAVE_ANY_WORDS'), 'exact' => Sobi::Txt('SH.FIND_ENTRIES_THAT_HAVE_EXACT_PHRASE')), 'spsearchphrase', strlen($phrase) ? $phrase : Sobi::Cfg('search.form_searchphrase_def', 'all'), null, 'right'))), '_attributes' => array('position' => 1, 'css_class' => 'SPSearchPhrase')); } if (count($fields)) { foreach ($fields as $field) { $data = $field->searchForm(); $suffix = $field->get('searchMethod') != 'range' ? $field->get('suffix') : null; if (strlen($data)) { $fData[$field->get('nid')] = array('_complex' => 1, '_data' => array('label' => array('_complex' => 1, '_data' => $field->get('name'), '_attributes' => array('lang' => Sobi::Lang())), 'data' => array('_complex' => 1, '_xml' => 1, '_data' => $data)), '_attributes' => array('id' => $field->get('id'), 'type' => $field->get('type'), 'suffix' => $suffix, 'position' => $field->get('position'), 'css_class' => strlen($field->get('cssClass')) ? $field->get('cssClass') : 'spField')); } } } if (Sobi::Cfg('search.bottom_button', false)) { $fData['bottom_button'] = array('_complex' => 1, '_data' => array('label' => array('_complex' => 1, '_data' => Sobi::Txt('SH.SEARCH_START'), '_attributes' => array('lang' => Sobi::Lang(false))), 'data' => array('_complex' => 1, '_xml' => 1, '_data' => SPHtml_Input::submit('search', Sobi::Txt('SH.START')))), '_attributes' => array('position' => 1, 'css_class' => 'SPSearchButton')); } $searchData['fields'] = $fData; if (count($entries)) { $this->loadNonStaticData($entries); $manager = Sobi::Can('entry', 'edit', '*', Sobi::Section()) ? true : false; foreach ($entries as $entry) { $en = $this->entry($entry, $manager); $searchData['entries'][] = array('_complex' => 1, '_attributes' => array('id' => $en['id'], 'search-priority' => isset($priorities[$en['id']]) ? $priorities[$en['id']] : 'undefined'), '_data' => $en); } $this->navigation($searchData); } $searchData['visitor'] = $this->visitorArray($visitor); $this->_attr = $searchData; } Sobi::Trigger($this->_type, ucfirst(__FUNCTION__), array(&$this->_attr)); parent::display($this->_type); }
public function fetchElement($name, &$label) { $sid = $this->settings()->get('sid'); $this->oType = 'section'; switch ($name) { case 'sid': $params = array('id' => 'sid', 'size' => 5, 'class' => 'text_area', 'style' => 'text-align: center;', 'readonly' => 'readonly'); return SPHtml_Input::text('jform[params][sid]', $sid, $params); break; case 'tplFile': case 'modalTemplate': return $this->tplFile($this->settings()->get('tplFile'), $name == 'modalTemplate'); break; case 'spOrder': return $this->ordering($this->settings()->get('spOrder')); break; case 'spLimit': return $this->limits($this->settings()->get('spLimit')); break; case 'cid': if (!in_array($sid, array_keys($this->sections))) { $catName = SPLang::translateObject($sid, array('name')); if (isset($catName[$sid]['value'])) { $this->oName = $catName[$sid]['value']; $this->oType = 'category'; } } return $this->getCat(); break; default: $sections = array(); if (count($this->sections)) { $sections[] = Sobi::Txt('SELECT_SECTION'); foreach ($this->sections as $section) { if (Sobi::Can('section', 'access', 'valid', $section->id)) { $s = SPFactory::Model('section'); $s->extend($section); $sections[$s->get('id')] = $s->get('name'); } } } $params = array('id' => 'spsection', 'class' => 'text_area required'); return SPHtml_Input::select('jform[params][section]', $sections, $this->settings()->get('section'), false, $params); break; } }
protected function loadSection() { $sections = array(); $sectionsOutput = array(); try { $sections = SPFactory::db()->select('*', 'spdb_object', array('oType' => 'section'), 'id')->loadObjectList(); } catch (SPException $x) { Sobi::Error($this->name(), $x->getMessage(), SPC::ERROR, 500, __LINE__, __FILE__); } if (count($sections)) { $sectionsOutput[] = Sobi::Txt('SOBI_SELECT_SECTION'); foreach ($sections as $section) { if (Sobi::Can('section', 'access', 'valid', $section->id)) { $s = new SPSection(); $s->extend($section); $sectionsOutput[$s->get('id')] = $s->get('name'); } } } $params = array('id' => 'SobiSection', 'class' => 'required'); return SPHtml_Input::select('section', $sectionsOutput, self::$section, false, $params); }