/**
* Checks if the user's IP is contained in a list of IPs or IP expressions
*
* @param array $ipTable The list of IP expressions
*
* @return null|bool True if it's in the list, null if the filtering can't proceed
*/
public static function IPinList($ipTable = array())
{
// Get our IP address
$ip = static::getIp();
return F0FUtilsIp::IPinList($ip, $ipTable);
}
public function onBeforeDispatch()
{
$result = parent::onBeforeDispatch();
if ($result) {
// Clear com_modules and com_plugins cache (needed when we alter module/plugin state)
$core_components = array('com_modules', 'com_plugins');
foreach ($core_components as $component) {
try {
$cache = JFactory::getCache($component);
$cache->clean();
} catch (Exception $e) {
// suck it up
}
}
// Merge the language overrides
$paths = array(JPATH_ROOT, JPATH_ADMINISTRATOR);
$jlang = JFactory::getLanguage();
$jlang->load($this->component, $paths[0], 'en-GB', true);
$jlang->load($this->component, $paths[0], null, true);
$jlang->load($this->component, $paths[1], 'en-GB', true);
$jlang->load($this->component, $paths[1], null, true);
$jlang->load($this->component . '.override', $paths[0], 'en-GB', true);
$jlang->load($this->component . '.override', $paths[0], null, true);
$jlang->load($this->component . '.override', $paths[1], 'en-GB', true);
$jlang->load($this->component . '.override', $paths[1], null, true);
// Load Akeeba Strapper
if (!defined('ADMINTOOLSMEDIATAG')) {
$staticFilesVersioningTag = md5(ADMINTOOLS_VERSION . ADMINTOOLS_DATE);
define('ADMINTOOLSMEDIATAG', $staticFilesVersioningTag);
}
include_once JPATH_ROOT . '/media/akeeba_strapper/strapper.php';
AkeebaStrapper::$tag = ADMINTOOLSMEDIATAG;
AkeebaStrapper::bootstrap();
AkeebaStrapper::jQueryUI();
AkeebaStrapper::addCSSfile('admin://components/com_admintools/media/css/backend.css');
// Work around non-transparent proxy and reverse proxy IP issues
if (class_exists('F0FUtilsIp', true)) {
F0FUtilsIp::workaroundIPIssues();
}
// Control Check
$view = F0FInflector::singularize($this->input->getCmd('view', $this->defaultView));
if ($view == 'liveupdate') {
$url = JUri::base() . 'index.php?option=com_admintools';
JFactory::getApplication()->redirect($url);
return;
}
// ========== Master PW check ==========
/** @var AdmintoolsModelMasterpw $model */
$model = F0FModel::getAnInstance('Masterpw', 'AdmintoolsModel');
if (!$model->accessAllowed($view)) {
$url = $view == 'cpanel' ? 'index.php' : 'index.php?option=com_admintools&view=cpanel';
JFactory::getApplication()->redirect($url, JText::_('ATOOLS_ERR_NOTAUTHORIZED'), 'error');
return;
}
}
return $result;
}
/**
* Returns the country of the current user using GeoIP detection, as long as we can get their IP from the server,
* the GeoIP Provider plugin is installed and returns results for that IP.
*
* @return string The country code or "XX" when no detection was possible.
*/
private function getCountryFromGeoIP()
{
$country = 'XX';
// If the GeoIP provider is not loaded return "XX" (no country detected)
if (!class_exists('AkeebaGeoipProvider')) {
return $country;
}
// Get the IP from the server
$ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '0.0.0.0';
// If we have a newer FOF version, use it to get the correct IP address of the client
if (class_exists('F0FUtilsIp')) {
$ip = F0FUtilsIp::getIp();
}
// Use GeoIP to detect the country
$geoip = new AkeebaGeoipProvider();
$country = $geoip->getCountryCode($ip);
// If detection failed, return "XX" (no country detected)
if (empty($country)) {
$country = 'XX';
}
return $country;
}
/**
* Work around non-transparent proxy and reverse proxy IP issues
*
* @return void
*/
protected function workaroundIP()
{
$enableWorkarounds = $this->componentParams->getValue('ipworkarounds', -1);
// Upgrade from older versions (default: enable IP workarounds)
if ($enableWorkarounds == -1) {
$enableWorkarounds = 1;
$this->componentParams->setValue('ipworkarounds', 1, true);
}
if (class_exists('F0FUtilsIp', true)) {
F0FUtilsIp::setAllowIpOverrides($enableWorkarounds);
F0FUtilsIp::workaroundIPIssues();
}
}
if (!defined('ADMINTOOLS_VERSION') && JFile::exists($version_php)) {
require_once $version_php;
}
// If JSON functions don't exist, load our compatibility layer
if (!function_exists('json_encode') || !function_exists('json_decode')) {
require_once JPATH_COMPONENT_ADMINISTRATOR . DIRECTORY_SEPARATOR . 'helpers' . DIRECTORY_SEPARATOR . 'jsonlib.php';
}
JLoader::import('joomla.application.component.model');
require_once JPATH_ADMINISTRATOR . '/components/com_admintools/models/storage.php';
$paths = array(JPATH_ADMINISTRATOR, JPATH_ROOT);
$jlang = JFactory::getLanguage();
$jlang->load('com_admintools', $paths[0], 'en-GB', true);
$jlang->load('com_admintools', $paths[0], null, true);
$jlang->load('com_admintools', $paths[1], 'en-GB', true);
$jlang->load('com_admintools', $paths[1], null, true);
$jlang->load('com_admintools' . '.override', $paths[0], 'en-GB', true);
$jlang->load('com_admintools' . '.override', $paths[0], null, true);
$jlang->load('com_admintools' . '.override', $paths[1], 'en-GB', true);
$jlang->load('com_admintools' . '.override', $paths[1], null, true);
// Force the view and task
JFactory::getApplication()->input->set('view', 'blocks');
JFactory::getApplication()->input->set('task', 'browse');
if (class_exists('JRequest')) {
JRequest::setVar('view', 'blocks');
JRequest::setVar('task', 'browse');
}
// Work around non-transparent proxy and reverse proxy IP issues
if (class_exists('F0FUtilsIp', true)) {
F0FUtilsIp::workaroundIPIssues();
}
F0FDispatcher::getTmpInstance('com_admintools')->dispatch();
/**
* Should I allow the remote client's IP to be overridden by an X-Forwarded-For or Client-Ip HTTP header?
*
* @param bool $newState True to allow the override
*
* @return void
*/
public static function setAllowIpOverrides($newState)
{
self::$allowIpOverrides = $newState ? true : false;
}
/**
* Removed the current IP from all the "block" lists
*
* @param string $externalIp Additional IP address to check
*
* @return bool
*/
public function unblockme($externalIp = null)
{
// First let's get the current IP of the user
$internalIP = F0FUtilsIp::getIp();
if (array_key_exists('FOF_REMOTE_ADDR', $_SERVER)) {
$internalIP = $_SERVER['FOF_REMOTE_ADDR'];
} elseif (function_exists('getenv')) {
if (getenv('FOF_REMOTE_ADDR')) {
$internalIP = getenv('FOF_REMOTE_ADDR');
}
}
$ipList[] = $internalIP;
if ($externalIp) {
$ipList[] = $externalIp;
}
/** @var AdmintoolsModelIpautobans $autoban */
$autoban = F0FModel::getTmpInstance('Ipautobans', 'AdmintoolsModel');
/** @var AdmintoolsModelIpautobanhistories $history */
$history = F0FModel::getTmpInstance('Ipautobanhistories', 'AdmintoolsModel');
/** @var AdmintoolsModelIpbls $black */
$black = F0FModel::getTmpInstance('Ipbls', 'AdmintoolsModel');
/** @var AdmintoolsModelLogs $log */
$log = F0FModel::getTmpInstance('Logs', 'AdmintoolsModel');
$db = $this->getDbo();
// Let's delete all the IP. We are going to directly use the database since it would be faster
// than loading the record and then deleting it
foreach ($ipList as $ip) {
$autoban->reset()->set('ip', $ip);
$history->reset()->set('ip', $ip);
$black->reset()->set('ip', $ip);
$log->reset()->set('ip', $ip);
if ($autoban->getList(true)) {
$query = $db->getQuery(true)->delete($db->qn('#__admintools_ipautoban'))->where($db->qn('ip') . ' = ' . $db->q($ip));
$db->setQuery($query)->execute();
}
if ($history->getList(true)) {
$query = $db->getQuery(true)->delete($db->qn('#__admintools_ipautobanhistory'))->where($db->qn('ip') . ' = ' . $db->q($ip));
$db->setQuery($query)->execute();
}
if ($black->getList(true)) {
$query = $db->getQuery(true)->delete($db->qn('#__admintools_ipblock'))->where($db->qn('ip') . ' = ' . $db->q($ip));
$db->setQuery($query)->execute();
}
// I have to delete the log of security exceptions, too. Otherwise at the next check the user will be
// banned once again
if ($log->getList(true)) {
$query = $db->getQuery(true)->delete($db->qn('#__admintools_log'))->where($db->qn('ip') . ' = ' . $db->q($ip));
$db->setQuery($query)->execute();
}
}
}
/**
* Processes the form data and creates a new subscription
*/
public function createNewSubscription()
{
// Fetch state and validation variables
$this->setState('opt', '');
$state = $this->getStateVariables();
$validation = $this->getValidation();
// Mark this subscription attempt in the session
JFactory::getSession()->set('apply_validation.' . $state->id, 1, 'com_akeebasubs');
// Step #1.a. Check that the form is valid
// ----------------------------------------------------------------------
$isValid = $this->isValid();
if (!$isValid) {
return false;
}
// Step #1.b. Check that the subscription level is allowed
// ----------------------------------------------------------------------
// Is this actually an allowed subscription level?
$allowedLevels = F0FModel::getTmpInstance('Levels', 'AkeebasubsModel')->only_once(1)->enabled(1)->getItemList();
$allowed = false;
if (count($allowedLevels)) {
foreach ($allowedLevels as $l) {
if ($l->akeebasubs_level_id == $state->id) {
$allowed = true;
break;
}
}
}
if (!$allowed) {
return false;
}
// Fetch the level's object, used later on
$level = F0FModel::getTmpInstance('Levels', 'AkeebasubsModel')->getItem($state->id);
// Step #2. Check that the payment plugin exists or return false
// ----------------------------------------------------------------------
$plugins = $this->getPaymentPlugins();
$found = false;
if (!empty($plugins)) {
foreach ($plugins as $plugin) {
if ($plugin->name == $state->paymentmethod) {
$found = true;
break;
}
}
}
if (!$found) {
return false;
}
// Reset the session flag, so that future registrations will merge the
// data from the database
JFactory::getSession()->set('firstrun', true, 'com_akeebasubs');
// Step #2.b. Apply block rules in the Professional release
// ----------------------------------------------------------------------
if (F0FModel::getTmpInstance('Blockrules', 'AkeebasubsModel')->isBlocked($state)) {
throw new Exception(JText::_('JLIB_APPLICATION_ERROR_ACCESS_FORBIDDEN'), 403);
}
// Step #3. Create or update a user record
// ----------------------------------------------------------------------
$user = JFactory::getUser();
$this->setState('user', $user);
$userIsSaved = $this->updateUserInfo(true, $level);
if (!$userIsSaved) {
return false;
} else {
$user = $this->getState('user', $user);
}
// Store the user's ID in the session
$session = JFactory::getSession();
$session->set('subscribes.user_id', $user->id, 'com_akeebasubs');
// Step #4. Create or add user extra fields
// ----------------------------------------------------------------------
// Find an existing record
$dummy = $this->saveCustomFields();
// Step #5. Check for existing subscription records and calculate the subscription expiration date
// ----------------------------------------------------------------------
// First, the question: is this level part of a group?
$haveLevelGroup = false;
if ($level->akeebasubs_levelgroup_id > 0) {
// Is the level group published?
$levelGroup = F0FModel::getTmpInstance('Levelgroups', 'AkeebasubsModel')->getItem($level->akeebasubs_levelgroup_id);
if ($levelGroup instanceof F0FTable) {
$haveLevelGroup = $levelGroup->enabled;
}
}
if ($haveLevelGroup) {
// We have a level group. Get all subscriptions for all levels in
// the group.
$subscriptions = array();
$levelsInGroup = F0FModel::getTmpInstance('Levels', 'AkeebasubsModel')->levelgroup($level->akeebasubs_levelgroup_id)->getList(true);
foreach ($levelsInGroup as $l) {
$someSubscriptions = F0FModel::getTmpInstance('Subscriptions', 'AkeebasubsModel')->user_id($user->id)->level($l->akeebasubs_level_id)->paystate('C')->getList(true);
if (count($someSubscriptions)) {
$subscriptions = array_merge($subscriptions, $someSubscriptions);
}
}
} else {
// No level group found. Get subscriptions on the same level.
$subscriptions = F0FModel::getTmpInstance('Subscriptions', 'AkeebasubsModel')->user_id($user->id)->level($state->id)->paystate('C')->getList(true);
}
$jNow = new JDate();
$now = $jNow->toUnix();
$mNow = $jNow->toSql();
if (empty($subscriptions)) {
$startDate = $now;
} else {
$startDate = $now;
foreach ($subscriptions as $row) {
// Only take into account paid-for subscriptions
if ($row->state != 'C') {
continue;
}
// Calculate the expiration date
$jDate = new JDate($row->publish_down);
$expiryDate = $jDate->toUnix();
// If the subscription expiration date is earlier than today, ignore it
if ($expiryDate < $now) {
continue;
}
// If the previous subscription's expiration date is later than the current start date,
// update the start date to be one second after that.
if ($expiryDate > $startDate) {
$startDate = $expiryDate + 1;
}
// Also mark the old subscription as "communicated". We don't want
// to spam our users with subscription renewal notices or expiration
// notification after they have effectively renewed!
F0FModel::getTmpInstance('Subscriptions', 'AkeebasubsModel')->setId($row->akeebasubs_subscription_id)->getItem()->save(array('contact_flag' => 3));
}
}
// Step #6. Create a new subscription record
// ----------------------------------------------------------------------
$nullDate = JFactory::getDbo()->getNullDate();
$level = F0FModel::getTmpInstance('Levels', 'AkeebasubsModel')->setId($state->id)->getItem();
if ($level->forever) {
$jStartDate = new JDate();
$endDate = '2038-01-01 00:00:00';
} elseif (!is_null($level->fixed_date) && $level->fixed_date != $nullDate) {
$jStartDate = new JDate();
$endDate = $level->fixed_date;
} else {
$jStartDate = new JDate($startDate);
// Subscription duration (length) modifiers, via plugins
$duration_modifier = 0;
JLoader::import('joomla.plugin.helper');
JPluginHelper::importPlugin('akeebasubs');
$app = JFactory::getApplication();
$jResponse = $app->triggerEvent('onValidateSubscriptionLength', array($state));
if (is_array($jResponse) && !empty($jResponse)) {
foreach ($jResponse as $pluginResponse) {
if (empty($pluginResponse)) {
continue;
}
$duration_modifier += $pluginResponse;
}
}
// Calculate the effective duration
$duration = (int) $level->duration + $duration_modifier;
if ($duration <= 0) {
$duration = 0;
}
$duration = $duration * 3600 * 24;
$endDate = $startDate + $duration;
}
$mStartDate = $jStartDate->toSql();
$jEndDate = new JDate($endDate);
$mEndDate = $jEndDate->toSql();
// Store the price validation's "oldsub" and "expiration" keys in
// the subscriptions subcustom array
$subcustom = $state->subcustom;
if (empty($subcustom)) {
$subcustom = array();
} elseif (is_object($subcustom)) {
$subcustom = (array) $subcustom;
}
$priceValidation = $this->validatePrice();
$subcustom['fixdates'] = array('oldsub' => $priceValidation->oldsub, 'allsubs' => $priceValidation->allsubs, 'expiration' => $priceValidation->expiration);
// Serialise custom subscription parameters
$custom_subscription_params = json_encode($subcustom);
// Get the IP address
$ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '0.0.0.0';
if (class_exists('F0FUtilsIp', true)) {
$ip = F0FUtilsIp::getIp();
}
// Get the country from the IP address if the Akeeba GeoIP Provider Plugin is installed and activated
$ip_country = '(Unknown)';
if (class_exists('AkeebaGeoipProvider')) {
$geoip = new AkeebaGeoipProvider();
$ip_country = $geoip->getCountryName($ip);
if (empty($ip_country)) {
$ip_country = '(Unknown)';
}
}
// Setup the new subscription
$data = array('akeebasubs_subscription_id' => null, 'user_id' => $user->id, 'akeebasubs_level_id' => $state->id, 'publish_up' => $mStartDate, 'publish_down' => $mEndDate, 'notes' => '', 'enabled' => $validation->price->gross < 0.01 ? 1 : 0, 'processor' => $validation->price->gross < 0.01 ? 'none' : $state->paymentmethod, 'processor_key' => $validation->price->gross < 0.01 ? $this->_uuid(true) : '', 'state' => $validation->price->gross < 0.01 ? 'C' : 'N', 'net_amount' => $validation->price->net - $validation->price->discount, 'tax_amount' => $validation->price->tax, 'gross_amount' => $validation->price->gross, 'recurring_amount' => $validation->price->recurring, 'tax_percent' => $validation->price->taxrate, 'created_on' => $mNow, 'params' => $custom_subscription_params, 'ip' => $ip, 'ip_country' => $ip_country, 'akeebasubs_coupon_id' => $validation->price->couponid, 'akeebasubs_upgrade_id' => $validation->price->upgradeid, 'contact_flag' => 0, 'prediscount_amount' => $validation->price->net, 'discount_amount' => $validation->price->discount, 'first_contact' => '0000-00-00 00:00:00', 'second_contact' => '0000-00-00 00:00:00', 'akeebasubs_affiliate_id' => 0, 'affiliate_comission' => 0);
$subscription = F0FModel::getTmpInstance('Subscriptions', 'AkeebasubsModel')->getTable();
$subscription->reset();
$subscription->akeebasubs_subscription_id = 0;
$subscription->_dontCheckPaymentID = true;
$result = $subscription->save($data);
$this->_item = $subscription;
// Step #7. Hit the coupon code, if a coupon is indeed used
// ----------------------------------------------------------------------
if ($validation->price->couponid) {
F0FModel::getTmpInstance('Coupons', 'AkeebasubsModel')->setId($validation->price->couponid)->getItem()->hit();
}
// Step #8. Clear the session
// ----------------------------------------------------------------------
$session = JFactory::getSession();
$session->set('validation_cache_data', null, 'com_akeebasubs');
$session->set('apply_validation.' . $state->id, null, 'com_akeebasubs');
// Step #9. Call the specific plugin's onAKPaymentNew() method and get the redirection URL,
// or redirect immediately on auto-activated subscriptions
// ----------------------------------------------------------------------
if ($subscription->gross_amount != 0) {
// Non-zero charges; use the plugins
$app = JFactory::getApplication();
$jResponse = $app->triggerEvent('onAKPaymentNew', array($state->paymentmethod, $user, $level, $subscription));
if (empty($jResponse)) {
return false;
}
foreach ($jResponse as $response) {
if ($response === false) {
continue;
}
$this->paymentForm = $response;
}
} else {
// Zero charges. First apply subscription replacement
if (!class_exists('plgAkpaymentAbstract')) {
require_once JPATH_ADMINISTRATOR . '/components/com_akeebasubs/assets/akpayment.php';
}
$updates = array();
plgAkpaymentAbstract::fixSubscriptionDates($subscription, $updates);
if (!empty($updates)) {
$result = $subscription->save($updates);
$this->_item = $subscription;
}
// and then just redirect
$app = JFactory::getApplication();
$slug = F0FModel::getTmpInstance('Levels', 'AkeebasubsModel')->setId($subscription->akeebasubs_level_id)->getItem()->slug;
$app->redirect(str_replace('&', '&', JRoute::_('index.php?option=com_akeebasubs&layout=default&view=message&slug=' . $slug . '&layout=order&subid=' . $subscription->akeebasubs_subscription_id)));
return false;
}
// Return true
// ----------------------------------------------------------------------
return true;
}
/**
* Work around non-transparent proxy and reverse proxy IP issues
*
* @return void
*/
protected function workaroundIP()
{
// IP workarounds are always disabled in the Core version
if (!defined('ADMINTOOLS_PRO'))
{
require_once JPATH_ADMINISTRATOR . '/components/com_admintools/version.php';
}
if (!ADMINTOOLS_PRO)
{
return;
}
$enableWorkarounds = $this->componentParams->getValue('ipworkarounds', -1);
// Upgrade from older versions (default: enable IP workarounds)
if ($enableWorkarounds == -1)
{
$enableWorkarounds = 1;
$this->componentParams->setValue('ipworkarounds', 1, true);
}
if (class_exists('F0FUtilsIp', true))
{
F0FUtilsIp::setAllowIpOverrides($enableWorkarounds);
F0FUtilsIp::workaroundIPIssues();
}
}
