Exemplo n.º 1
0
	function saveTab( $option ) {
		global $_CB_database, $_CB_framework, $_POST;

		$this->_importNeeded();
		$this->_importNeededSave();

		if ( isset( $_POST['params'] ) ) {
		 	$_POST['params']	=	cbParamsEditorController::getRawParamsMagicgpcEscaped( $_POST['params'] );
		} else {
			$_POST['params']	=	'';
		}
	
		if ( ! isset( $_POST['tabid'] ) || ( count( $_POST ) == 0 ) ) {
			echo "<script type=\"text/javascript\"> alert('" . addslashes( CBTxt::T('Missing post values') ) . "'); window.history.go(-2); </script>\n";
			exit();
		}
		if ( $_POST['tabid'] ) {
			$oldrow		=	new moscomprofilerTabs( $_CB_database );
			if ( $oldrow->load( (int) $_POST['tabid'] )
				&& 	( ! in_array( $oldrow->useraccessgroupid, getChildGIDS( userGID( $_CB_framework->myId() ) ) ) ) ) {
				echo "<script type=\"text/javascript\"> alert('" . addslashes( CBTxt::T('Unauthorized Access') ) . "'); window.history.go(-1);</script>\n";
				exit;
			}
		}
	
		$row = new moscomprofilerTabs( $_CB_database );
		if (!$row->bind( $_POST )) {
			echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-1); </script>\n";
			exit();
		}
	
		if ( ! $row->ordering_register ) {
			$row->ordering_register		=	10;
		}
	
		$row->description	=	cleanEditorsTranslationJunk( trim( $row->description ) );
	
		if (!$row->check()) {
			echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-2); </script>\n";
			exit();
		}
		$row->tabid			=	(int) cbGetParam( $_POST, 'tabid', 0 );
		if ( ! $row->store() ) {
			echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-2); </script>\n";
			exit();
		}
	
		$row->checkin();
		cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=showTab" ), CBTxt::T('Successfully Saved Tab') . ": ". $row->title );
	}
function removeTabs($cid, $option)
{
    global $_CB_database, $_CB_framework;
    if (!is_array($cid) || count($cid) < 1) {
        echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Select an item to delete')) . "'); window.history.go(-1);</script>\n";
        exit;
    }
    $msg = '';
    if (count($cid)) {
        $obj = new moscomprofilerTabs($_CB_database);
        foreach ($cid as $id) {
            $noDelete = 0;
            $obj->load((int) $id);
            if (!$_CB_framework->acl->amIaSuperAdmin()) {
                if (!in_array($obj->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
                    echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
                    exit;
                }
            }
            $_CB_database->setQuery("SELECT COUNT(*) FROM #__comprofiler_fields WHERE tabid=" . (int) $id);
            $onField = $_CB_database->loadResult();
            if ($obj->sys > 0) {
                $msg .= sprintf(CBTxt::T('%s cannot be deleted because it is a system tab.'), getLangDefinition($obj->title)) . " \n";
                $noDelete = 1;
            }
            if ($obj->pluginid) {
                $plugin = new moscomprofilerPlugin($_CB_database);
                if ($plugin->load($obj->pluginid)) {
                    $msg .= sprintf(CBTxt::T('%s cannot be deleted because it is a tab belonging to an installed plugin.'), getLangDefinition($obj->title)) . " \n";
                    $noDelete = 1;
                }
            }
            if ($onField > 0) {
                $msg .= sprintf(CBTxt::T('%s is being referenced by an existing field and cannot be deleted!'), getLangDefinition($obj->title));
                $noDelete = 1;
            }
            if ($noDelete == 0) {
                $obj->delete($id);
                $msg .= $obj->getError();
            }
        }
    }
    if ($msg) {
        echo "<script type=\"text/javascript\"> alert('" . str_replace("\n", '\\n', addslashes($msg)) . "'); window.history.go(-1);</script>\n";
        exit;
    }
    cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=showTab"));
}
 /**
  * Installs a tab into database, finding already existing one if needed.
  *
  * @param  int                 $pluginid
  * @param  CBSimpleXMLElement  $tab
  * @return int|boolean         id of tab or FALSE in case of error (error saved with $this->setError() ).
  */
 function installTab($pluginid, &$tab)
 {
     global $_CB_database, $_CB_framework;
     // Check to see if plugin tab already exists in db
     if ($tab->attributes('class')) {
         $query = "SELECT tabid FROM #__comprofiler_tabs WHERE " . "pluginclass = " . $_CB_database->Quote($tab->attributes('class'));
     } else {
         $query = "SELECT tabid FROM #__comprofiler_tabs WHERE pluginid = " . (int) $pluginid . " AND pluginclass = ''";
     }
     $_CB_database->setQuery($query);
     $tabid = $_CB_database->loadResult();
     if ($tab->attributes('type') == 'existingSytemTab') {
         if ($tabid == null) {
             $this->setError(1, 'installTab error: existingSystemTab' . ': ' . $tab->attributes('class') . ' ' . 'not found' . '.');
             return false;
         }
     } else {
         $row = new moscomprofilerTabs($_CB_database);
         if ($tabid) {
             $row->load((int) $tabid);
         }
         if (!$row->tabid) {
             $row->title = $tab->attributes('name');
             $row->description = trim($tab->attributes('description'));
             $row->ordering = 99;
             $row->position = $tab->attributes('position');
             $row->displaytype = $tab->attributes('displaytype');
             $row->ordering_register = $tab->attributes('ordering_register');
         }
         $row->width = $tab->attributes('width');
         $row->pluginclass = $tab->attributes('class');
         $row->pluginid = $pluginid;
         $row->fields = $tab->attributes('fields');
         $row->sys = $tab->attributes('sys');
         $row->useraccessgroupid = -2;
         $row->viewaccesslevel = 1;
         $userGroupName = $tab->attributes('useraccessgroup');
         $viewAccessLevelName = $tab->attributes('viewaccesslevel');
         switch ($userGroupName) {
             case 'All Registered Users':
                 $row->useraccessgroupid = -1;
                 break;
             case 'Everybody':
             default:
                 if ($userGroupName && $userGroupName != 'Everybody') {
                     $groupId = $_CB_framework->acl->get_group_id($userGroupName, 'ARO');
                     if ($groupId) {
                         $row->useraccessgroupid = $groupId;
                     }
                     break;
                 }
         }
         if ($viewAccessLevelName) {
             $accessLevels = $_CB_framework->acl->get_access_children_tree(2, false, false);
             $viewAccessLevelId = array_search($viewAccessLevelName, $accessLevels);
             if ($viewAccessLevelId !== false) {
                 $row->viewaccesslevel = $viewAccessLevelId;
             }
         }
         if (!$row->store()) {
             $this->setError(1, 'SQL error' . ': ' . $row->getError());
             return false;
         }
         $tabid = (int) $row->tabid;
     }
     return $tabid;
 }
 function saveTab($option)
 {
     global $_CB_database, $_CB_framework, $_POST;
     $this->_importNeeded();
     $this->_importNeededSave();
     if (isset($_POST['params'])) {
         $_POST['params'] = cbParamsEditorController::getRawParamsMagicgpcEscaped($_POST['params']);
     } else {
         $_POST['params'] = '';
     }
     if (!isset($_POST['tabid']) || count($_POST) == 0) {
         echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Missing post values')) . "'); window.history.go(-2); </script>\n";
         exit;
     }
     $oldrow = new moscomprofilerTabs($_CB_database);
     if (isset($_POST['tabid']) && $_POST['tabid']) {
         $oldrow->load((int) $_POST['tabid']);
         // Check if user is a super user:
         if (!$_CB_framework->acl->amIaSuperAdmin()) {
             // Check if user belongs to useraccessgroupid:
             if (!in_array($oldrow->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
                 echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
                 exit;
             }
             // Check if user belongs to viewaccesslevel:
             if (!in_array($oldrow->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
                 echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
                 exit;
             }
         }
     }
     $row = new moscomprofilerTabs($_CB_database);
     if (!$row->bind($_POST)) {
         echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
         exit;
     }
     // Set defaults if nothing is found
     // Also check if oldrow value to use its current value or default otherwise
     // This prevents a tab from storing to database with null values when some inputs are set disabled:
     if ($row->useraccessgroupid == '') {
         $row->useraccessgroupid = $oldrow->useraccessgroupid != '' ? $oldrow->useraccessgroupid : -2;
     }
     if ($row->viewaccesslevel == '') {
         $row->viewaccesslevel = $oldrow->viewaccesslevel != '' ? $oldrow->viewaccesslevel : 1;
     }
     if ($row->ordering == '') {
         $row->ordering = $oldrow->ordering != '' ? $oldrow->ordering : 999;
     }
     if ($row->ordering_register == '') {
         $row->ordering_register = $oldrow->ordering_register != '' ? $oldrow->ordering_register : 10;
     }
     if ($row->enabled == '') {
         $row->enabled = $oldrow->enabled != '' ? $oldrow->enabled : 1;
     }
     $row->description = cleanEditorsTranslationJunk(trim($row->description));
     if (!$row->check()) {
         echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
         exit;
     }
     $row->tabid = (int) cbGetParam($_POST, 'tabid', 0);
     // Check if user is a super user:
     if (!$_CB_framework->acl->amIaSuperAdmin()) {
         $canEditState = CBuser::getMyInstance()->authoriseAction('core.edit.state');
         // Check if user belongs to useraccessgroupid
         if ($row->useraccessgroupid != '' && !in_array($row->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
             echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
             exit;
         }
         // Check if user belongs to viewaccesslevel
         if ($row->viewaccesslevel != '' && !in_array($row->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
             echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
             exit;
         }
         // Check if user can edit status (and if not, that status are as expected):
         if (!$canEditState) {
             $failed = false;
             // Check if row exists and if useraccessgroupid is different from existing row
             // Check if row doesn't exist and if useraccessgroupid is different from default
             if ($oldrow->tabid && ($row->useraccessgroupid != '' && $oldrow->useraccessgroupid != $row->useraccessgroupid) || !$oldrow->tabid && ($row->useraccessgroupid != '' && $row->useraccessgroupid != -2)) {
                 $failed = true;
             }
             // Check if row exists and if viewaccesslevel is different from existing row
             // Check if row doesn't exist and if viewaccesslevel is different from default
             // Check if user can edit status:
             if ($oldrow->tabid && ($row->viewaccesslevel != '' && $oldrow->viewaccesslevel != $row->viewaccesslevel) || !$oldrow->tabid && ($row->viewaccesslevel != '' && $row->viewaccesslevel != 1)) {
                 $failed = true;
             }
             // Check if row exists and if ordering is different from existing row
             // Check if row doesn't exist and if ordering is different from default
             // Check if user can edit status:
             if ($oldrow->tabid && ($row->ordering != '' && $oldrow->ordering != $row->ordering) || !$oldrow->tabid && ($row->ordering != '' && $row->ordering != 999)) {
                 $failed = true;
             }
             // Check if row exists and if ordering_register is different from existing row
             // Check if row doesn't exist and if ordering_register is different from default
             // Check if user can edit status:
             if ($oldrow->tabid && ($row->ordering_register != '' && $oldrow->ordering_register != $row->ordering_register) || !$oldrow->tabid && ($row->ordering_register != '' && $row->ordering_register != 10)) {
                 $failed = true;
             }
             // Check if row exists and if publish is different from existing row
             // Check if row doesn't exist and if publish is different from default
             // Check if user can edit status:
             if ($oldrow->tabid && ($row->enabled != '' && $oldrow->enabled != $row->enabled) || !$oldrow->tabid && ($row->enabled != '' && $row->enabled != 1)) {
                 $failed = true;
             }
             if ($failed) {
                 echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
                 exit;
             }
         }
     }
     if (!$row->store()) {
         echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
         exit;
     }
     $row->checkin();
     cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=showTab"), CBTxt::T('Successfully Saved Tab') . ": " . $row->title);
 }