/** * Helper method for fetching a single row and pass it to K2 response. * This is triggered by the edit function. * Usually there will be no need to override this function. * * @param integer $id The id of the row to edit. * * @return void */ protected function setRow($id) { // Create row $row = new stdClass(); $row->importArticles = false; $user = JFactory::getUser(); if ($user->authorise('core.admin', 'com_k2')) { $row->importArticles = true; } K2Response::setRow($row); }
public function close() { // Check for token JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN')); // User $user = JFactory::getUser(); if (!$user->authorise('core.edit', 'com_users')) { K2Response::throwError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'), 403); } $this->model->close(); return $this; }
public function deleteOrphans() { // Check for token JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN')); // Check permissions $user = JFactory::getUser(); if (!$user->authorise('k2.tags.manage', 'com_k2')) { K2Response::throwError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION')); } // Get model $model = K2Model::getInstance('Tags'); $model->deleteOrphans(); $application = JFactory::getApplication(); $application->enqueueMessage(JText::_('K2_DELETE_COMPLETED')); echo json_encode(K2Response::render()); return $this; }
/** * Update function. * Updates an existing resource. * * @return void */ protected function update() { // Check for token JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN')); // Permissions $user = JFactory::getUser(); if (!$user->authorise('core.admin', 'com_k2')) { K2Response::throwError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION')); } // Get extension $component = JComponentHelper::getComponent('com_k2'); // Prepare data for model $id = $component->id; $option = 'com_k2'; $data = $this->input->get('jform', array(), 'array'); // Use Joomla! model for saving settings require_once JPATH_SITE . '/components/com_config/model/cms.php'; require_once JPATH_SITE . '/components/com_config/model/form.php'; JModelLegacy::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_config/model'); $model = JModelLegacy::getInstance('Component', 'ConfigModel'); // Get form JForm::addFormPath(JPATH_ADMINISTRATOR . '/components/com_k2'); $form = JForm::getInstance('com_k2.settings', 'config', array('control' => 'jform'), false, '/config'); // Validate the posted data $return = $model->validate($form, $data); // Check for validation errors if ($return === false) { // Get the validation errors $errors = $model->getErrors(); $message = $errors[0] instanceof Exception ? $errors[0]->getMessage() : $errors[0]; K2Response::throwError($message); } // Attempt to save the configuration. $data = array('params' => $return, 'id' => $id, 'option' => $option); $return = $model->save($data); $options = array('defaultgroup' => '_system', 'cachebase' => JPATH_ADMINISTRATOR . '/cache'); $cache = JCache::getInstance('callback', $options); $cache->clean(); // Check the return value. if ($return === false) { // Save failed, go back to the screen and display a notice. K2Response::throwError(JText::sprintf('JERROR_SAVE_FAILED', $model->getError())); } }
/** * Helper method for fetching a single row and pass it to K2 response. * This is triggered by the edit function. * Usually there will be no need to override this function. * * @param integer $id The id of the row to edit. * * @return void */ protected function setRow($id) { $row = new stdClass(); $db = JFactory::getDBO(); $row->dbVersion = $db->getVersion(); $row->phpVersion = phpversion(); $row->server = $this->getServer(); $row->gd = extension_loaded('gd'); if ($row->gd) { $gdinfo = gd_info(); $row->gdVersion = $gdinfo['GD Version']; } $row->mediaFolder = is_writable(JPATH_SITE . '/media/k2'); $row->attachmentsFolder = is_writable(JPATH_SITE . '/media/k2/attachments'); $row->categoriesFolder = is_writable(JPATH_SITE . '/media/k2/categories'); $row->galleriesFolder = is_writable(JPATH_SITE . '/media/k2/galleries'); $row->itemsFolder = is_writable(JPATH_SITE . '/media/k2/items'); $row->usersFolder = is_writable(JPATH_SITE . '/media/k2/users'); $row->mediaFolder = is_writable(JPATH_SITE . '/media/k2/media'); $row->cacheFolder = is_writable(JPATH_SITE . '/cache'); $row->maxFileUploadSize = ini_get('upload_max_filesize'); $row->memoryLimit = ini_get('memory_limit'); $row->allowURLFopen = ini_get('allow_url_fopen'); $row->mod_k2_comments = JFile::exists(JPATH_SITE . '/modules/mod_k2_comments/mod_k2_comments.php'); $row->mod_k2_content = JFile::exists(JPATH_SITE . '/modules/mod_k2_content/mod_k2_content.php'); $row->mod_k2_tools = JFile::exists(JPATH_SITE . '/modules/mod_k2_tools/mod_k2_tools.php'); $row->mod_k2_user = JFile::exists(JPATH_SITE . '/modules/mod_k2_user/mod_k2_user.php'); $row->mod_k2_users = JFile::exists(JPATH_SITE . '/modules/mod_k2_users/mod_k2_users.php'); $row->mod_k2_quickicons = JFile::exists(JPATH_ADMINISTRATOR . '/modules/mod_k2_quickicons/mod_k2_quickicons.php'); $row->mod_k2_stats = JFile::exists(JPATH_ADMINISTRATOR . '/modules/mod_k2_stats/mod_k2_stats.php'); $row->plg_finder_k2 = JFile::exists(JPATH_SITE . '/plugins/finder/k2/k2.php'); $row->plg_search_k2 = JFile::exists(JPATH_SITE . '/plugins/search/k2/k2.php'); $row->plg_system_k2 = JFile::exists(JPATH_SITE . '/plugins/system/k2/k2.php'); $row->plg_user_k2 = JFile::exists(JPATH_SITE . '/plugins/user/k2/k2.php'); $row->plg_finder_k2_enabled = JPluginHelper::isEnabled('finder', 'k2'); $row->plg_search_k2_enabled = JPluginHelper::isEnabled('search', 'k2'); $row->plg_system_k2_enabled = JPluginHelper::isEnabled('system', 'k2'); $row->plg_user_k2_enabled = JPluginHelper::isEnabled('user', 'k2'); $row->plg_content_allvideos = JFile::exists(JPATH_SITE . '/plugins/content/jw_allvideos/jw_allvideos.php'); $row->plg_content_sigpro = JFile::exists(JPATH_SITE . '/plugins/content/jw_sigpro/jw_sigpro.php'); K2Response::setRow($row); }
public function upload() { // Check for token JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN')); // Get user $user = JFactory::getUser(); // Get input $type = $this->input->get('type', '', 'cmd'); $itemId = $this->input->get('itemId', 0, 'int'); $replace = $this->input->get('temp', '', 'cmd'); $file = $this->input->files->get('file'); $path = $this->input->get('path', '', 'string'); $path = str_replace(JURI::root(true) . '/', '', $path); $categoryId = null; // Permissions check if ($itemId) { if ($type == 'item') { $item = K2Items::getInstance($itemId); $authorised = $item->canEdit; $categoryId = $item->catid; } else { if ($type == 'category') { $authorised = K2Categories::getInstance($itemId)->canEdit; } else { if ($type == 'user') { $authorised = $user->authorise('core.edit', 'com_users') || $user->id == $itemId; } } } } else { $authorised = $user->authorise('k2.' . $type . '.create', 'com_k2'); } if (!$authorised) { K2Response::throwError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'), 403); } // Generate image using helper depending on type $image = K2HelperImages::add($type, $file, $path, $replace, $categoryId); // Response echo json_encode($image); return $this; }
public function upload() { // Check for token JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN')); // Get user $user = JFactory::getUser(); // Permissions check if (!$user->authorise('k2.item.create', 'com_k2') && !$user->authorise('k2.item.edit', 'com_k2') && !$user->authorise('k2.item.edit.own', 'com_k2')) { K2Response::throwError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'), 403); } // Get input $input = JFactory::getApplication()->input; $upload = $input->get('upload', '', 'cmd'); $url = $input->get('url', '', 'string'); $archive = $input->files->get('archive'); // Create the gallery and delete the previous one if it is set $gallery = K2HelperGalleries::add($archive, $url, $upload); // Response echo json_encode($gallery); // Return return $this; }
/** * Hook for children views to allow them set the menu for the list requests. * Children views usually will not need to override this method. * * @return void */ protected function setListActions() { $user = JFactory::getUser(); if ($user->authorise('core.create', 'com_users')) { K2Response::addAction('add', 'K2_ADD', array('data-action' => 'add')); } }
/** * Builds the whole response object. * * @return object $response. */ public static function render() { if (!is_object(self::$response)) { self::$response = new stdClass(); } self::$response->title = self::getTitle(); self::$response->scripts = array_unique(self::$scripts); self::$response->scriptDeclarations = array_unique(self::$scriptDeclarations); self::$response->styles = array_unique(self::$styles); self::$response->states = self::getStates(); self::$response->menu = self::getMenu(); self::$response->actions = self::getActions(); self::$response->rows = self::getRows(); self::$response->pagination = self::getPagination(); self::$response->filters = self::getFilters(); self::$response->toolbar = self::getToolbar(); self::$response->batch = self::getBatch(); self::$response->row = self::getRow(); self::$response->form = self::getForm(); self::$response->status = self::getStatus(); self::$response->messages = JFactory::getApplication()->getMessageQueue(); return self::$response; }
/** * Default implementation for patch function. * Patch requests are routed here by the main Sync function. * These requests are usually coming from lists togglers and state buttons. * Usually there will be no need to override this function. * * @return void */ protected function patch() { // Check for token JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN')); // Batch update $ids = $this->input->get('id', array(), 'array'); JArrayHelper::toInteger($ids); $states = $this->input->get('states', array(), 'array'); $mode = $this->input->get('mode', 'apply', 'string'); // Ensure we have ids $ids = array_filter($ids); if (!count($ids)) { K2Response::throwError(JText::_('K2_NO_ROWS_SELECTED'), 401); } foreach ($ids as $key => $id) { $data = array(); $data['id'] = $id; foreach ($states as $state => $values) { $value = is_array($values) ? $values[$key] : $values; if ($value != '') { $data[$state] = $value; } } if ($mode == 'clone') { $sourceData = $this->model->getCopyData($id); $data = array_merge($sourceData, $data); $data['id'] = null; $this->model->setState('patch', false); } else { $this->model->setState('patch', true); } $this->model->setState('data', $data); $result = $this->model->save(); if (!$result) { K2Response::throwError($this->model->getError()); } } // Trigger change state event for items and categories if ($mode != 'clone' && isset($states['state']) && in_array($this->resourceType, array('items', 'categories'))) { // Get dispatcher $dispatcher = JDispatcher::getInstance(); // Import content plugins JPluginHelper::importPlugin('content'); if ($this->resourceType == 'items') { $eventName = 'onContentChangeState'; $context = 'com_k2.' . $this->resourceType; } else { if ($this->resourceType == 'categories') { $eventName = 'onCategoryChangeState'; $context = 'com_k2'; } } $dispatcher->trigger($eventName, array($context, $ids, $states['state'])); } K2Response::setResponse($result); }
private function importCategory($category) { $categoryData = array(); $categoryData['id'] = null; $categoryData['title'] = $category->title; $categoryData['description'] = $category->description; if ($category->published < 0) { $categoryData['state'] = -1; } else { if ($category->published > 0) { $categoryData['state'] = 1; } else { $categoryData['state'] = 0; } } $categoryData['parent_id'] = 0; $categoryData['access'] = $category->access; $categoryData['language'] = $category->language; $categoryParams = new JRegistry($category->params); $categoryImage = $categoryParams->get('image'); if ($categoryImage) { $image = K2HelperImages::add('category', null, $categoryImage); $categoryData['image'] = array('id' => '', 'temp' => $image->temp, 'path' => '', 'remove' => 0, 'caption' => '', 'credits' => ''); } $model = K2Model::getInstance('Categories'); $model->setState('data', $categoryData); if (!$model->save()) { K2Response::throwError($model->getError()); } // Get generated category id $categoryId = $model->getState('id'); // Import JForm jimport('joomla.form.form'); // Determine form name and path $formName = 'K2CategoriesForm'; $formPath = JPATH_ADMINISTRATOR . '/components/com_k2/models/categories.xml'; $form = JForm::getInstance($formName, $formPath); $params = new JRegistry(''); foreach ($form->getFieldset() as $field) { $params->def($field->__get('fieldname'), $field->__get('value')); } // Update date and author information since the model has auto set this data during save $db = JFactory::getDbo(); $query = $db->getQuery(true); $query->update($db->quoteName('#__k2_categories')); $query->set($db->quoteName('created') . ' = ' . $db->quote($category->created_time)); $query->set($db->quoteName('modified') . ' = ' . $db->quote($category->modified_time)); $query->set($db->quoteName('created_by') . ' = ' . $db->quote($category->created_user_id)); $query->set($db->quoteName('modified_by') . ' = ' . $db->quote($category->modified_user_id)); $query->set($db->quoteName('params') . ' = ' . $db->quote($params->toString())); $query->where($db->quoteName('id') . ' = ' . $categoryId); $db->setQuery($query); $db->execute(); return $categoryId; }
public function onAfterRoute() { // Get application $application = JFactory::getApplication(); // Get user $user = JFactory::getUser(); // Get params $params = JComponentHelper::getParams('com_k2'); // Get document $document = JFactory::getDocument(); // Get input $option = $application->input->get('option'); $view = $application->input->get('view'); $task = $application->input->get('task'); $format = $application->input->get('format'); // Detect if we are in edit mode if ($application->isAdmin() && $option == 'com_k2' || $application->isSite() && $option == 'com_k2' && ($view == 'admin' || $view == '')) { define('K2_EDIT_MODE', true); } else { define('K2_EDIT_MODE', false); } // Redirect settings editing from com_config to K2 if ($application->isAdmin() && $option == 'com_config' && $view == 'component' && $application->input->get('component') == 'com_k2') { $application->redirect('index.php?option=com_k2#settings'); } // Throw an error in JSON format when the session has expired to catch the Joomla! invalid redirect to com_login in JSON format $isCommentsRequest = $application->isSite() && K2_EDIT_MODE && $task == 'comments.sync'; if ($user->get('guest') && K2_EDIT_MODE && $format == 'json' && !$isCommentsRequest) { K2Response::throwError(JText::_('K2_SESSION_EXPIRED'), 500); } // Front-end only check if ($application->isSite()) { // Enforce system template for editing if (K2_EDIT_MODE) { $application->setTemplate('system'); } // Load head data if document type is HTML if ($document->getType() == 'html') { // Javascript files JHtml::_('jquery.framework'); $document->addScript(JURI::root(true) . '/media/k2app/assets/js/k2.js?v3.0.0&sitepath=' . JURI::root(true) . '/'); // CSS files. Check first that K2 CSS is enabled in component settings if ($params->get('enable_css')) { // Load k2.css. Check for overrides in template's css directory if (JFile::exists(JPATH_SITE . '/templates/' . $application->getTemplate() . '/css/k2.css')) { $document->addStyleSheet(JURI::root(true) . '/templates/' . $application->getTemplate() . '/css/k2.css?v=3.0.0'); } else { $document->addStyleSheet(JURI::root(true) . '/components/com_k2/css/k2.css?v=3.0.0'); } // Load k2.print.css if we are in print mode. Check for overrides in template's css directory if ($application->input->get('print', false, 'bool')) { if (JFile::exists(JPATH_SITE . '/templates/' . $application->getTemplate() . '/css/k2.print.css')) { $document->addStyleSheet(JURI::root(true) . '/templates/' . $application->getTemplate() . '/css/k2.print.css?v=3.0.0', 'text/css', 'print'); } else { $document->addStyleSheet(JURI::root(true) . '/components/com_k2/css/k2.print.css?v=3.0.0', 'text/css', 'print'); } } } } } }
/** * Hook for children views to allow them set the menu for the list requests. * Children views usually will not need to override this method. * * @return void */ protected function setListActions() { $user = JFactory::getUser(); if ($user->authorise('k2.extrafields.manage', 'com_k2')) { K2Response::addAction('add', 'K2_ADD', array('data-action' => 'add')); } }
/** * Hook for children views to allow them set the menu for the edit requests. * Children views usually will not need to override this method. * * @return void */ protected function setFormActions() { K2Response::addAction('save', 'K2_SAVE', array('data-action' => 'save', 'data-resource' => $this->getName())); K2Response::addAction('saveAndClose', 'K2_SAVE_AND_CLOSE', array('data-action' => 'save-and-close')); K2Response::addAction('close', 'K2_CLOSE', array('data-action' => 'close')); }
/** * Hook for children views to allow them set the title. * * @param string $title The title. * * @return void */ protected function setTitle($title) { K2Response::setTitle(JText::_($title)); }
protected function setToolbar() { K2Response::addToolbarAction('publish', 'K2_PUBLISH', array('data-state' => 'state', 'data-value' => '1', 'data-action' => 'set-state')); K2Response::addToolbarAction('unpublish', 'K2_UNPUBLISH', array('data-state' => 'state', 'data-value' => '0', 'data-action' => 'set-state')); K2Response::addToolbarAction('remove', 'K2_DELETE', array('data-action' => 'remove')); }
protected function setBatchActions() { K2Response::addBatchAction('category', 'K2_CATEGORY', K2HelperHTML::categories('catid', null, 'K2_LEAVE_UNCHANGED')); K2Response::addBatchAction('author', 'K2_AUTHOR', '<input data-widget="user" data-null="' . JText::_('K2_LEAVE_UNCHANGED') . '" data-min="0" data-placeholder="' . JText::_('K2_LEAVE_UNCHANGED') . '" type="hidden" name="created_by" value="" />'); K2Response::addBatchAction('access', 'K2_ACCESS', JHtml::_('access.level', 'access', null, '', array(JHtml::_('select.option', '', JText::_('K2_LEAVE_UNCHANGED'))))); K2Response::addBatchAction('language', 'K2_LANGUAGE', K2HelperHTML::language('language', '', 'K2_LEAVE_UNCHANGED')); }
protected function setBatchActions() { K2Response::addBatchAction('access', 'K2_ACCESS', JHtml::_('access.level', 'access', null, '', array(JHtml::_('select.option', '', JText::_('K2_LEAVE_UNCHANGED'))))); K2Response::addBatchAction('language', 'K2_LANGUAGE', K2HelperHTML::language('language', '', 'K2_LEAVE_UNCHANGED')); K2Response::addBatchAction('parent', 'K2_PARENT', K2HelperHTML::categories('parent_id', '', 'K2_LEAVE_UNCHANGED', false, '', false, 'id', false, true)); K2Response::addBatchAction('inheritance', 'K2_INHERITANCE', K2HelperHTML::categories('inheritance', '', 'K2_LEAVE_UNCHANGED', false, '', false, 'id', true)); }
protected function addStyle($url) { K2Response::addStyle($url); }
public function connector() { $application = JFactory::getApplication(); $user = JFactory::getUser(); if ($user->guest) { K2Response::throwError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'), 403); } $params = JComponentHelper::getParams('com_media'); $root = $params->get('file_path', 'media'); $folder = $this->input->get('folder', $root, 'path'); $type = $this->input->get('type', 'video', 'cmd'); if (JString::trim($folder) == "") { $folder = $root; } else { // Ensure that we are always below the root directory if (strpos($folder, $root) !== 0) { $folder = $root; } } // Disable debug $this->input->set('debug', false); $url = JURI::root(true) . '/' . $folder; $path = JPATH_SITE . '/' . JPath::clean($folder); JPath::check($path); include_once JPATH_SITE . '/media/k2app/vendor/elfinder/php/elFinderConnector.class.php'; include_once JPATH_SITE . '/media/k2app/vendor/elfinder/php/elFinder.class.php'; include_once JPATH_SITE . '/media/k2app/vendor/elfinder/php/elFinderVolumeDriver.class.php'; include_once JPATH_SITE . '/media/k2app/vendor/elfinder/php/elFinderVolumeLocalFileSystem.class.php'; function access($attr, $path, $data, $volume) { $application = JFactory::getApplication(); $ext = strtolower(JFile::getExt(basename($path))); if ($ext == 'php') { return true; } // Hide files and folders starting with . if (strpos(basename($path), '.') === 0 && $attr == 'hidden') { return true; } // Read only access for front-end. Full access for administration section. switch ($attr) { case 'read': return true; break; case 'write': return $application->isSite() ? false : true; break; case 'locked': return $application->isSite() ? true : false; break; case 'hidden': return false; break; } } if ($application->isAdmin()) { $permissions = array('read' => true, 'write' => true); } else { $permissions = array('read' => true, 'write' => false); } $options = array('roots' => array(array('driver' => 'LocalFileSystem', 'path' => $path, 'URL' => $url, 'accessControl' => 'access', 'defaults' => $permissions))); $connector = new elFinderConnector(new elFinder($options)); $connector->run(); return $this; }
public function report() { // Check for token JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN')); // Get application $application = JFactory::getApplication(); // Get configuration $configuration = JFactory::getConfig(); // Get input $id = $application->input->get('id', 0, 'int'); $reportName = $application->input->get('reportName', '', 'string'); $reportReason = $application->input->get('reportReason', '', 'string'); // Get params $params = JComponentHelper::getParams('com_k2'); // Get user $user = JFactory::getUser(); // Check if user can report if (!$params->get('comments') || !$params->get('commentsReporting') || $params->get('commentsReporting') == '2' && $user->guest) { K2Response::throwError(JText::_('K2_ALERTNOTAUTH'), 403); } // Get comment $comment = K2Comments::getInstance($id); // Check comment is published if (!$comment->state) { K2Response::throwError(JText::_('K2_COMMENT_NOT_FOUND')); } // Get item $item = K2Items::getInstance($comment->itemId); // Check access to the item $item->checkSiteAccess(); // Check input if (trim($reportName) == '') { K2Response::throwError(JText::_('K2_PLEASE_TYPE_YOUR_NAME')); } if (trim($reportReason) == '') { K2Response::throwError(JText::_('K2_PLEASE_TYPE_THE_REPORT_REASON')); } // Check captcha depending on settings require_once JPATH_SITE . '/components/com_k2/helpers/captcha.php'; $data = $this->getInputData(); if (!($result = K2HelperCaptcha::check($data, $this))) { K2Response::throwError($this->getError()); } $mailer = JFactory::getMailer(); $senderEmail = $configuration->get('mailfrom'); $senderName = $configuration->get('fromname'); $mailer->setSender(array($senderEmail, $senderName)); $mailer->setSubject(JText::_('K2_COMMENT_REPORT')); $mailer->IsHTML(true); $body = "\n <strong>" . JText::_('K2_NAME') . "</strong>: " . $reportName . " <br/>\n <strong>" . JText::_('K2_REPORT_REASON') . "</strong>: " . $reportReason . " <br/>\n <strong>" . JText::_('K2_COMMENT') . "</strong>: " . nl2br($comment->text) . " <br/>\n "; $mailer->setBody($body); $mailer->ClearAddresses(); $mailer->AddAddress($params->get('commentsReportRecipient', $configuration->get('mailfrom'))); $mailer->Send(); $application->enqueueMessage(JText::_('K2_REPORT_SUBMITTED')); echo json_encode(K2Response::render()); return $this; }