function download()
{
if ($orderID = (int) Director::urlParam("ID")) {
if ($optionID = (int) Director::urlParam("OtherID")) {
if ($item = DataObject::get_one("ShopOrderItem", "OrderID = {$orderID} AND OptionID = {$optionID}")) {
if ($item->hasDownload()) {
//item is found and belongs to order/is ordered and has a download attached
$file = $item->DownloadFile();
$filename = $file->Filename;
$path = BASE_PATH . "/" . $file->Filename;
//if file doesn't exists, generate heavy error for noticing
if (!file_exists($path)) {
user_error("Error while ShopClient requested purchased Download. The file does not exists!\n\t\t\tFilename: '{$filename}'\n\t\t\tFilepath: '{$path}'\n\t\t\tOrderID: '{$orderID}'\n\t\t\tItemID: '{$itemID}'\n\t\t\t");
}
header('Content-type: application/x-octet-stream');
header('Content-disposition: attachment; filename=' . $file->Name);
readfile($path);
exit;
}
}
}
}
exit("<h2>" . _t("Shop.Download.NotValid", "%The requested Download is not valid%") . "</h2>");
return array();
}
/**
* Get the order via url 'ID' or form submission 'OrderID'.
* It will check for permission based on session id or member id.
*
* @return the order
*/
public function orderfromid($extrafilter = null)
{
$orderid = Director::urlParam('ID');
if (!$orderid) {
$orderid = isset($_POST['OrderID']) ? $_POST['OrderID'] : null;
}
if (!is_numeric($orderid)) {
return null;
}
$order = null;
$filter = $this->orderfilter();
if ($extrafilter) {
$filter .= " AND {$extrafilter}";
}
$idfilter = $orderid ? " AND \"ID\" = {$orderid}" : "";
//security filter to only allow viewing orders associated with this session, or member id
$order = DataObject::get_one('Order', "\"Status\" NOT IN('Cart','AdminCancelled','MemberCancelled') AND " . $filter . $idfilter, true, "Created DESC");
//if no id, then get first of latest orders for member or session id?
/*
//TODO: permission message on failure
if(!$order){
//order doesn't exist, or don't have permission
$this->setSessionMessage($reason,'bad');
}
*/
return $order;
}
function Order()
{
if ($orderID = Director::urlParam('Action')) {
return DataObject::get_by_id('Order', $orderID);
} else {
return ShoppingCart::current_order();
}
}
public function tag()
{
$this->TagStr = $tag = Director::urlParam('ID');
// page limits
$paginator = new AbcPaginator(Taggable::$default_num_page_items);
$dataSet = Taggable::getTaggedWith($tag, null, $paginator->start, $paginator->limit);
$this->TagSet = $dataSet;
// Supply template with pagination data
$this->Paginator = $paginator->dataForTemplate($dataSet->unlimitedRowCount, 2);
return array();
}
/**
* Updates the database schema, creating tables & fields as necessary.
*/
function build()
{
// The default time limit of 30 seconds is normally not enough
increase_time_limit_to(600);
// Get all our classes
SS_ClassLoader::instance()->getManifest()->regenerate();
if (isset($_GET['returnURL'])) {
echo "<p>Setting up the database; you will be returned to your site shortly....</p>";
$this->doBuild(true);
echo "<p>Done!</p>";
Director::redirect($_GET['returnURL']);
} else {
if (!Director::is_cli() && Director::urlParam('Controller') == __CLASS__) {
echo '<p style="color: red;"><i>db/build</i> has been deprecated. Please use <b>dev/build</b> instead.</p>';
}
$this->doBuild(isset($_REQUEST['quiet']) || isset($_REQUEST['from_installer']), !isset($_REQUEST['dont_populate']));
}
}
function init()
{
parent::init();
$bt = defined('DB::USE_ANSI_SQL') ? "\"" : "`";
$page = null;
//NOTE: this function (Director::urlParam) is depreciated, but should actuall be kept
$URLSegment = Director::urlParam("URLSegment");
$Action = Director::urlParam("Action");
foreach (self::$old_to_new_array as $oldURL => $newURL) {
if ($URLSegment == $oldURL) {
$page = DataObject::get_one("SiteTree", "URLSegment = '{$newURL}'");
Director::redirect($page->Link(), 301);
} elseif ($URLSegment . "/" . $Action == $oldURL) {
$page = DataObject::get_one("SiteTree", "URLSegment = '{$newURL}'");
Director::redirect($page->Link(), 301);
}
}
}
function add()
{
if ($id = Director::urlParam("ID")) {
$quantity = Director::urlParam("OtherID") ? (int) Director::urlParam("OtherID") : 1;
if ($item = DataObject::get_by_id("ShopItem", $id)) {
if ($item->StockQuantity >= 0) {
if ($item->StockQuantity - $quantity < 0) {
exit(_t("Shop.OutOfStock", "%Out Of Stock%"));
}
}
}
$optionID = isset($_REQUEST['optionid']) ? (int) $_REQUEST['optionid'] : null;
if (ShopOrder::addItem((int) $id, $quantity, $optionID)) {
$this->Message = "OK";
return array();
}
}
}
/**
* url action function that toggles a given field permission on or off
* action: simplify/toggleFieldPermission/ID
* where ID = Page|Name|Type|GroupID
* eg; simplify/toggleFieldPermission/Page|Behaviour|1
* TODO: the pipe delimiting is rather eh. refactor.
*
*/
public static function toggleFieldPermission()
{
//ID = Permission "Page|Name|Type|GroupID"
$code = explode("|", Director::urlParam("ID"));
$page = $code[0];
$field = $code[1];
$type = $code[2];
$groupID = $code[3];
//Does perm exist - delete if so
$perm = SimplifyPermission::checkField($page, $field, $type, $groupID);
if ($perm) {
$perm->delete();
} else {
//it doesn't exist, create it
$perm = new SimplifyPermission();
$perm->HidePage = $page;
$perm->HideName = $field;
$perm->HideType = $type;
$perm->GroupID = $groupID;
$perm->write();
}
}
function pdf()
{
exit("deactivated for now...");
if ($ID = Director::urlParam("ID")) {
if ($invoice = DataObject::get_one("ShopInvoice", "PublicURL = '" . Convert::Raw2SQL($ID) . "'")) {
$this->Invoice = $invoice;
if (!isset($_REQUEST['view'])) {
//generate pdf
require dirname(__FILE__) . '/Thirdparty/html2fpdf/html2fpdf.php';
//to get work HTML2PDF
error_reporting(E_ALL ^ (E_NOTICE | E_DEPRECATED));
$pdf = new HTML2FPDF();
$pdf->AddPage();
$pdfPath = $invoice->generatePDF();
$outputPath = TEMP_FOLDER . "/shopsystem/";
$outputFile = $outputPath . $invoice->PublicURL . ".pdf";
$fp = fopen($pdfPath, "r");
$strContent = fread($fp, filesize($pdfPath));
fclose($fp);
$pdf->WriteHTML($strContent);
$pdf->Output($outputFile);
header('Content-type: application/pdf');
header('Content-Disposition: attachment; filename="invoice.pdf"');
echo file_get_contents($outputFile);
//PDF file is generated successfully!
exit;
}
if (isset($_REQUEST['remove'])) {
//remove invoice from public by generating a new public url
$invoice->PublicURL = ShopInvoice::generatePublicURL();
$invoice->write();
}
}
}
return array();
}
/**
* Returns either the current order from the shopping cart or
* by the specified Order ID in the URL.
*
* @return Order
*/
function Order()
{
if ($orderID = Director::urlParam('Action') && is_numeric(Director::urlParam('Action'))) {
$order = DataObject::get_by_id('Order', $orderID);
if ($order && $order->MemberID == Member::currentUserID()) {
return $order;
}
} else {
return ShoppingCart::current_order();
}
}
/**
* A simple form for creating blog entries
*/
function BlogEntryForm() {
if(!Permission::check('BLOGMANAGEMENT')) return Security::permissionFailure();
Requirements::javascript('jsparty/behaviour.js');
Requirements::javascript('jsparty/prototype.js');
Requirements::javascript('jsparty/scriptaculous/effects.js');
Requirements::javascript('cms/javascript/PageCommentInterface.js');
Requirements::javascript('blog/javascript/bbcodehelp.js');
$id = 0;
if(Director::urlParam('ID')) {
$id = (int) Director::urlParam('ID');
}
$codeparser = new BBCodeParser();
$membername = Member::currentMember() ? Member::currentMember()->getName() : "";
if(BlogEntry::$allow_wysiwyg_editing) {
$contentfield = new HtmlEditorField("BlogPost", _t("BlogEntry.CN"));
} else {
$contentfield = new CompositeField(
new LiteralField("BBCodeHelper","<a id=\"BBCodeHint\" target='new'>"._t("BlogEntry.BBH")."</a><div class='clear'><!-- --></div>" ),
new TextareaField("BlogPost", _t("BlogEntry.CN"),20), // This is called BlogPost as the id #Content is generally used already
new LiteralField("BBCodeTags","<div id=\"BBTagsHolder\">".$codeparser->useable_tagsHTML()."</div>")
);
}
if(class_exists('TagField')) {
$tagfield = new TagField('Tags', null, null, 'BlogEntry');
$tagfield->setSeparator(', ');
} else {
$tagfield = new TextField('Tags');
}
$fields = new FieldSet(
new HiddenField("ID", "ID"),
new TextField("Title",_t('BlogHolder.SJ', "Subject")),
new TextField("Author",_t('BlogEntry.AU'),$membername),
$contentfield,
$tagfield,
new LiteralField("Tagsnote"," <label id='tagsnote'>"._t('BlogHolder.TE', "For example: sport, personal, science fiction")."<br/>" .
_t('BlogHolder.SPUC', "Please separate tags using commas.")."</label>")
);
$submitAction = new FormAction('postblog', _t('BlogHolder.POST', 'Post blog entry'));
$actions = new FieldSet($submitAction);
$validator = new RequiredFields('Title','Content');
$form = new Form($this, 'BlogEntryForm',$fields, $actions,$validator);
if($id != 0) {
$entry = DataObject::get_by_id('BlogEntry', $id);
$form->loadNonBlankDataFrom($entry);
$form->datafieldByName('BlogPost')->setValue($entry->Content);
} else {
$form->loadNonBlankDataFrom(array("Author" => Cookie::get("BlogHolder_Name")));
}
return $form;
}
private function stepArrayData($number)
{
$step = self::$steps[$number];
$linkingMode = $step == Director::urlParam("Action") ? "current" : null;
return new ArrayData(array("URLSegment" => $step, "Link" => $this->dataRecord->Link() . $step, "Title" => _t("Shop.Checkout." . ucfirst($step), "%" . ucfirst($step) . "%"), "LinkingMode" => $linkingMode));
}
public function LinkingMode()
{
return Director::urlParam('ID') == $this->Folder()->Name ? "current" : "link";
}
/**
* Adds vote to the db.
*
* @return Vote data.
*/
protected function stats() {
// if($this->isAjax) {
$args = array();
$vote = Director::urlParam('Vote');
if($vote) {
$args = array(
'choice' => Director::urlParam('Vote'),
'allVotesCount' => Vote::all_votes_count(),
'voteCount' => Vote::vote_count($vote),
'votePercentage' => Vote::vote_percentage($vote)
);
}
$json = json_encode($args);
return $json;
// }
}
/**
* Returns the form to cancel the current order,
* checking to see if they can cancel their order
* first of all.
*
* @return Order_CancelForm
*/
function CancelForm()
{
return null;
// This needs to be fixed, URL routing is broken so ID doesn't get picked up
if ($order = DataObject::get_by_id('Order', (int) Director::urlParam('ID'))) {
if ($order->canCancel()) {
return new Order_CancelForm($this, 'CancelForm', $order->ID);
}
}
}
public function CurrentAlbum()
{
if ($this->current_album) {
return $this->current_album;
}
if ($url_segment = Director::urlParam('ID')) {
$albums = DataObject::get($this->albumClass, "ImageGalleryPageID = {$this->ID} AND File.Name = '{$url_segment}'", "", "LEFT JOIN File ON File.ID = FolderID");
return $albums ? $albums->First() : false;
}
return false;
}
/**
* Returns a message explaining why the customer
* can't checkout the requested order.
*
* @return string
*/
function Message()
{
$orderID = Director::urlParam('Action');
$checkoutLink = self::find_link();
if ($memberID = Member::currentUserID()) {
if ($order = DataObject::get_one('Order', "ID = '{$orderID}' AND MemberID = '{$memberID}'")) {
return 'You can not checkout this order because it has been already successfully completed. Click <a href="' . $order->Link() . '">here</a> to see it\'s details, otherwise you can <a href="' . $checkoutLink . '">checkout</a> your current order.';
} else {
return 'You do not have any order corresponding to that ID, so you can\'t checkout this order.';
}
} else {
$redirectLink = CheckoutPage::get_checkout_order_link($orderID);
return 'You can not checkout this order because you are not logged in. To do so, please <a href="Security/login?BackURL=' . $redirectLink . '">login</a> first, otherwise you can <a href="' . $checkoutLink . '">checkout</a> your current order.';
}
}
/**
* The constructor for the Uploadify field. Sets some more default settings that require
* logic, e.g. upload_max_filesize.
*
* @param string $name The name of the field. For single files, omit the "ID" and use
* just the relation name
* @param string $title The label for the field
* @param array $configuration Some extra confuguration settings to add {@see setVar}
* @param Form $form The parent form to this field
*/
public function __construct($name, $title = null, $configuration = array(), $form = null)
{
parent::__construct($name, $title, null, $form);
// A little hack to make things easier in the CMS
$controller = Director::urlParam('Controller');
if (is_subclass_of($controller, "LeftAndMain")) {
self::$backend = true;
}
$this->setVar('sizeLimit', self::convert_bytes(ini_get('upload_max_filesize')));
$this->setVar('buttonText', _t('Uploadify.BUTTONTEXT', 'Browse...'));
$this->addParam('PHPSESSID', session_id());
$this->setVar('queueID', 'UploadifyFieldQueue_' . $this->Name());
if ($this->Backend()) {
$this->template .= "Backend";
}
foreach ($configuration as $key => $val) {
$this->setVar($key, $val);
}
}
function testURLParam()
{
Director::test('DirectorTestRule/myaction/myid/myotherid');
// TODO Works on the assumption that urlParam() is not unset after a test run, which is dodgy
$this->assertEquals(Director::urlParam('Action'), 'myaction');
$this->assertEquals(Director::urlParam('ID'), 'myid');
$this->assertEquals(Director::urlParam('OtherID'), 'myotherid');
}
/**
* Query for all legislator data by zipcode
*
* @return JSON
*/
public function zip() {
$sl = $this->_connectSL();
if($zip = Director::urlParam('Query')) {
$leg = $sl->legislatorZipCode($zip);
if(count((array)$leg)) {
$leg->success = 1;
} else {
$leg->success = 0;
}
$json = json_encode($leg);
return $json;
}
return json_encode(array());
}
function edit_recievers()
{
if (!($id = Director::urlParam("ID"))) {
user_error("Please choose an ID");
}
return array();
}
function add($request = null, $id = null)
{
if (!$id) {
$id = Director::urlParam("ID");
}
if ($id) {
if (isset($_REQUEST['quantity'])) {
$quantity = (int) $_REQUEST['quantity'];
}
$item = ShopOrder::addItem($id, $quantity);
if (isset($_REQUEST['ref'])) {
if ($_REQUEST['ref'] == "item") {
//redirect to product page
Director::redirect($item->OriginalItem->Link());
}
}
}
}
public function testURLParam()
{
// 2.4 only
$originalDeprecation = Deprecation::dump_settings();
Deprecation::notification_version('2.4');
Director::test('DirectorTestRule/myaction/myid/myotherid');
// TODO Works on the assumption that urlParam() is not unset after a test run, which is dodgy
$this->assertEquals(Director::urlParam('Action'), 'myaction');
$this->assertEquals(Director::urlParam('ID'), 'myid');
$this->assertEquals(Director::urlParam('OtherID'), 'myotherid');
Deprecation::restore_settings($originalDeprecation);
}
/**
* This function is used for isCurrent() and isSection() to prepare
* the cached answers.
*/
protected function prepareCurrentAndSection() {
if(!self::$currentPageID || Director::urlParam('URLSegment') != self::$currentPageIDSetFromURLSegment) {
self::$currentPageID = Director::currentPage() ? Director::currentPage()->ID : null;
self::$currentPageIDSetFromURLSegment = Director::urlParam('URLSegment');
if(!isset(self::$currentPageID)) {
self::$currentPageID = -1;
$nextID = (Director::currentPage() && isset(Director::currentPage()->Parent->ID))
? Director::currentPage()->Parent->ID
: null;
} else {
$nextID = SiteTree::$currentPageID;
}
$table = (Versioned::current_stage() == "Live")
? "SiteTree_Live"
: "SiteTree";
SiteTree::$currentSectionIDs = array();
while($nextID) {
self::$currentSectionIDs[] = $nextID;
$nextID = DB::query("SELECT ParentID FROM SiteTree WHERE ID = $nextID")->value();
}
}
}
/**
* Only display the blog entries that have the specified tag
*/
function ShowTag()
{
if ($this->request->latestParam('Action') == 'tag') {
return Convert::raw2xml(Director::urlParam('ID'));
}
}
public function JobSearchForm()
{
$action = Director::urlParam('Action');
$request = $this->getRequest();
$useAdvanced = FALSE;
return new JobamaticSearchForm($this, 'JobSearchForm', NULL, NULL, TRUE);
}