/**
* Method to build the WHERE clause
*
* @access private
* @return string
*/
function _buildItemWhere()
{
$user = JFactory::getUser();
$db = JFactory::getDBO();
// Get the view's parameters
$cparams = $this->_params;
// Date-Times are stored as UTC, we should use current UTC time to compare and not user time (requestTime),
// thus the items are published globally at the time the author specified in his/her local clock
//$app = JFactory::getApplication();
//$now = FLEXI_J16GE ? $app->requestTime : $app->get('requestTime'); // NOT correct behavior it should be UTC (below)
//$date = JFactory::getDate();
//$now = FLEXI_J16GE ? $date->toSql() : $date->toMySQL(); // NOT good if string passed to function that will be cached, because string continuesly different
$_nowDate = 'UTC_TIMESTAMP()';
//$db->Quote($now);
$nullDate = $db->getNullDate();
// First thing we need to do is to select only the requested FAVOURED items
$where = ' WHERE fav.userid = ' . (int) $user->get('id');
// Get privilege to view non viewable items (upublished, archived, trashed, expired, scheduled).
// NOTE: ACL view level is checked at a different place
if (FLEXI_J16GE) {
$ignoreState = $user->authorise('flexicontent.ignoreviewstate', 'com_flexicontent');
} else {
if (FLEXI_ACCESS) {
$ignoreState = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'ignoreviewstate', 'users', $user->gmid) : 1;
} else {
$ignoreState = $user->gid > 19;
}
}
// author has 19 and editor has 20
if (!$ignoreState) {
// Limit by publication state. Exception: when displaying personal user items or items modified by the user
$where .= ' AND ( i.state IN (1, -5) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )';
//.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )';
// Limit by publish up/down dates. Exception: when displaying personal user items or items modified by the user
$where .= ' AND ( ( i.publish_up = ' . $this->_db->Quote($nullDate) . ' OR i.publish_up <= ' . $_nowDate . ' ) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )';
//.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )';
$where .= ' AND ( ( i.publish_down = ' . $this->_db->Quote($nullDate) . ' OR i.publish_down >= ' . $_nowDate . ' ) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )';
//.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )';
}
$where .= !FLEXI_J16GE ? ' AND i.sectionid = ' . FLEXI_SECTION : '';
/*
* If we have a filter, and this is enabled... lets tack the AND clause
* for the filter onto the WHERE clause of the item query.
*/
// ****************************************
// Create WHERE clause part for Text Search
// ****************************************
$text = JRequest::getString('filter', JRequest::getString('q', ''), 'default');
// Check for LIKE %word% search, for languages without spaces
$filter_word_like_any = $cparams->get('filter_word_like_any', 0);
$phrase = $filter_word_like_any ? JRequest::getWord('searchphrase', JRequest::getWord('p', 'any'), 'default') : JRequest::getWord('searchphrase', JRequest::getWord('p', 'exact'), 'default');
$si_tbl = 'flexicontent_items_ext';
$search_prefix = $cparams->get('add_search_prefix') ? 'vvv' : '';
// SEARCH WORD Prefix
$text = !$search_prefix ? trim($text) : preg_replace('/(\\b[^\\s,\\.]+\\b)/u', $search_prefix . '$0', trim($text));
$words = preg_split('/\\s\\s*/u', $text);
if (strlen($text)) {
$ts = 'ie';
$escaped_text = FLEXI_J16GE ? $db->escape($text, true) : $db->getEscaped($text, true);
$quoted_text = $db->Quote($escaped_text, false);
switch ($phrase) {
case 'natural':
$_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ') ';
break;
case 'natural_expanded':
$_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' WITH QUERY EXPANSION) ';
break;
case 'exact':
$stopwords = array();
$shortwords = array();
if (!$search_prefix) {
$words = flexicontent_db::removeInvalidWords($words, $stopwords, $shortwords, $si_tbl, 'search_index', $isprefix = 0);
}
if (empty($words)) {
// All words are stop-words or too short, we could try to execute a query that only contains a LIKE %...% , but it would be too slow
JRequest::setVar('ignoredwords', implode(' ', $stopwords));
JRequest::setVar('shortwords', implode(' ', $shortwords));
$_text_match = ' 0=1 ';
} else {
// speed optimization ... 2-level searching: first require ALL words, then require exact text
$newtext = '+' . implode(' +', $words);
$quoted_text = FLEXI_J16GE ? $db->escape($newtext, true) : $db->getEscaped($newtext, true);
$quoted_text = $db->Quote($quoted_text, false);
$exact_text = $db->Quote('%' . $escaped_text . '%', false);
$_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' IN BOOLEAN MODE) AND ' . $ts . '.search_index LIKE ' . $exact_text;
}
break;
case 'all':
$stopwords = array();
$shortwords = array();
if (!$search_prefix) {
$words = flexicontent_db::removeInvalidWords($words, $stopwords, $shortwords, $si_tbl, 'search_index', $isprefix = 1);
}
JRequest::setVar('ignoredwords', implode(' ', $stopwords));
JRequest::setVar('shortwords', implode(' ', $shortwords));
$newtext = '+' . implode('* +', $words) . '*';
$quoted_text = FLEXI_J16GE ? $db->escape($newtext, true) : $db->getEscaped($newtext, true);
$quoted_text = $db->Quote($quoted_text, false);
$_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' IN BOOLEAN MODE) ';
break;
case 'any':
default:
$stopwords = array();
$shortwords = array();
if (!$search_prefix) {
$words = flexicontent_db::removeInvalidWords($words, $stopwords, $shortwords, $si_tbl, 'search_index', $isprefix = 1);
}
JRequest::setVar('ignoredwords', implode(' ', $stopwords));
JRequest::setVar('shortwords', implode(' ', $shortwords));
$newtext = implode('* ', $words) . '*';
$quoted_text = FLEXI_J16GE ? $db->escape($newtext, true) : $db->getEscaped($newtext, true);
$quoted_text = $db->Quote($quoted_text, false);
$_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' IN BOOLEAN MODE) ';
break;
}
$where .= ' AND ' . $_text_match;
}
return $where;
}
<tr>
<td colspan="13">
<?php
echo $pagination_footer;
?>
</td>
</tr>
</tfoot>
<tbody>
<?php
if (FLEXI_J16GE) {
$canCheckinRecords = $user->authorise('core.admin', 'checkin');
} else {
if (FLEXI_ACCESS) {
$canCheckinRecords = $user->gid < 25 ? FAccess::checkComponentAccess('com_checkin', 'manage', 'users', $user->gmid) : 1;
} else {
$canCheckinRecords = $user->gid >= 24;
}
}
if (FLEXI_J16GE) {
$originalOrders = array();
$extension = 'com_content';
}
$k = 0;
$i = 0;
foreach ($this->rows as $row) {
if (FLEXI_J16GE) {
$canEdit = $user->authorise('core.edit', $extension . '.category.' . $row->id);
$canEditOwn = $user->authorise('core.edit.own', $extension . '.category.' . $row->id) && $row->created_user_id == $user->get('id');
$canEditState = $user->authorise('core.edit.state', $extension . '.category.' . $row->id);
/**
* Method to get the assigned items for a category
*
* @access private
* @return int
*/
function _getassigned($id)
{
global $globalcats;
$user = JFactory::getUser();
$db = JFactory::getDBO();
// Get the view's parameters
$params = $this->_params;
$use_tmp = true;
// Date-Times are stored as UTC, we should use current UTC time to compare and not user time (requestTime),
// thus the items are published globally at the time the author specified in his/her local clock
//$app = JFactory::getApplication();
//$now = FLEXI_J16GE ? $app->requestTime : $app->get('requestTime'); // NOT correct behavior it should be UTC (below)
//$date = JFactory::getDate();
//$now = FLEXI_J16GE ? $date->toSql() : $date->toMySQL(); // NOT good if string passed to function that will be cached, because string continuesly different
$_nowDate = 'UTC_TIMESTAMP()';
//$db->Quote($now);
$nullDate = $db->getNullDate();
// Get some parameters and other info
$catlang = $params->get('language', '');
// category language (currently UNUSED), this is property in J2.5 instead of as parameter in FC J1.5
$lang = flexicontent_html::getUserCurrentLang();
// Get user current language
$filtercat = $params->get('filtercat', 0);
// Filter items using currently selected language
$show_noauth = $params->get('show_noauth', 0);
// Show unauthorized items
// First thing we need to do is to select only the requested items
$where = ' WHERE 1 ';
if ($this->_authorid) {
$where .= ' AND i.created_by = ' . $db->Quote($this->_authorid);
}
// Filter the category view with the current user language
if ((FLEXI_FISH || FLEXI_J16GE) && $filtercat) {
$lta = FLEXI_J16GE || $use_tmp ? 'i' : 'ie';
$where .= ' AND ( ' . $lta . '.language LIKE ' . $db->Quote($lang . '%') . (FLEXI_J16GE ? ' OR ' . $lta . '.language="*" ' : '') . ' ) ';
}
// Get privilege to view non viewable items (upublished, archived, trashed, expired, scheduled).
// NOTE: ACL view level is checked at a different place
if (FLEXI_J16GE) {
$ignoreState = $user->authorise('flexicontent.ignoreviewstate', 'com_flexicontent');
} else {
if (FLEXI_ACCESS) {
$ignoreState = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'ignoreviewstate', 'users', $user->gmid) : 1;
} else {
$ignoreState = $user->gid > 19;
}
}
// author has 19 and editor has 20
if (!$ignoreState) {
// Limit by publication state. Exception: when displaying personal user items or items modified by the user
$where .= ' AND ( i.state IN (1, -5) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )';
//.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )';
// Limit by publish up/down dates. Exception: when displaying personal user items or items modified by the user
$where .= ' AND ( ( i.publish_up = ' . $db->Quote($nullDate) . ' OR i.publish_up <= ' . $_nowDate . ' ) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )';
//.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )';
$where .= ' AND ( ( i.publish_down = ' . $db->Quote($nullDate) . ' OR i.publish_down >= ' . $_nowDate . ' ) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )';
//.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )';
}
// Count items according to full depth level !!!
$catlist = !empty($globalcats[$id]->descendants) ? $globalcats[$id]->descendants : $id;
$where .= ' AND rel.catid IN (' . $catlist . ')';
// Select only items that user has view access, if listing of unauthorized content is not enabled
// Checking item, category, content type access level
$joinaccess = '';
if (!$show_noauth) {
if (FLEXI_J16GE) {
$aid_arr = JAccess::getAuthorisedViewLevels($user->id);
$aid_list = implode(",", $aid_arr);
$where .= ' AND ty.access IN (0,' . $aid_list . ')';
$where .= ' AND mc.access IN (0,' . $aid_list . ')';
$where .= ' AND i.access IN (0,' . $aid_list . ')';
} else {
$aid = (int) $user->get('aid');
if (FLEXI_ACCESS) {
$joinaccess .= ' LEFT JOIN #__flexiaccess_acl AS gt ON ty.id = gt.axo AND gt.aco = "read" AND gt.axosection = "type"';
$joinaccess .= ' LEFT JOIN #__flexiaccess_acl AS gc ON mc.id = gc.axo AND gc.aco = "read" AND gc.axosection = "category"';
$joinaccess .= ' LEFT JOIN #__flexiaccess_acl AS gi ON i.id = gi.axo AND gi.aco = "read" AND gi.axosection = "item"';
$where .= ' AND (gt.aro IN ( ' . $user->gmid . ' ) OR ty.access <= ' . $aid . ')';
$where .= ' AND (gc.aro IN ( ' . $user->gmid . ' ) OR mc.access <= ' . $aid . ')';
$where .= ' AND (gi.aro IN ( ' . $user->gmid . ' ) OR i.access <= ' . $aid . ')';
} else {
$where .= ' AND ty.access <= ' . $aid;
$where .= ' AND mc.access <= ' . $aid;
$where .= ' AND i.access <= ' . $aid;
}
}
}
$query = 'SELECT COUNT(DISTINCT rel.itemid)' . ' FROM #__flexicontent_cats_item_relations AS rel' . (!$use_tmp ? ' JOIN #__content AS i ON rel.itemid = i.id' : ' JOIN #__flexicontent_items_tmp AS i ON rel.itemid = i.id') . (!$use_tmp ? ' JOIN #__flexicontent_items_ext AS ie ON rel.itemid = ie.item_id' : '') . ' JOIN #__flexicontent_types AS ty ON ' . (!$use_tmp ? 'ie' : 'i') . '.type_id = ty.id' . ' JOIN #__categories AS mc ON mc.id = i.catid AND mc.published = 1' . $joinaccess . $where;
$db->setQuery($query);
$assigneditems = $db->loadResult();
if ($db->getErrorNum()) {
JFactory::getApplication()->enqueueMessage(__FUNCTION__ . '(): SQL QUERY ERROR:<br/>' . nl2br($db->getErrorMsg()), 'error');
}
return $assigneditems;
}
/**
* Method to fetch the tags form
*
* @since 1.5
*/
function gettags()
{
$id = JRequest::getInt('id', 0);
$model = $this->getModel('item');
$tags = $model->gettags();
$user = JFactory::getUser();
$used = null;
if ($id) {
$used = $model->getUsedtagsIds($id);
}
if (!is_array($used)) {
$used = array();
}
if (FLEXI_J16GE) {
$permission = FlexicontentHelperPerm::getPerm();
$CanNewTags = $permission->CanNewTags;
$CanUseTags = $permission->CanUseTags;
}
if (FLEXI_ACCESS) {
$CanNewTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'newtags', 'users', $user->gmid) : 1;
$CanUseTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'usetags', 'users', $user->gmid) : 1;
} else {
// no FLEXIAccess everybody can create / use tags
$CanNewTags = 1;
$CanUseTags = 1;
}
$CanUseTags = $CanUseTags ? '' : ' disabled="disabled"';
$n = count($tags);
$rsp = '';
if ($n > 0) {
$rsp .= '<div class="qf_tagbox">';
$rsp .= '<ul>';
for ($i = 0, $n; $i < $n; $i++) {
$tag = $tags[$i];
$rsp .= '<li><div><span class="qf_tagidbox"><input type="checkbox" name="tag[]" value="' . $tag->id . '"' . (in_array($tag->id, $used) ? 'checked="checked"' : '') . $CanUseTags . ' /></span>' . $tag->name . '</div></li>';
if ($CanUseTags && in_array($tag->id, $used)) {
$rsp .= '<input type="hidden" name="tag[]" value="' . $tag->id . '" />';
}
}
$rsp .= '</ul>';
$rsp .= '</div>';
$rsp .= '<div class="clear"></div>';
}
if ($CanNewTags) {
$rsp .= '<div class="qf_addtag">';
$rsp .= '<label for="addtags">' . JText::_('FLEXI_ADD_TAG') . '</label>';
$rsp .= '<input type="text" id="tagname" class="inputbox" size="30" />';
$rsp .= '<input type="button" class="fc_button" value="' . JText::_('FLEXI_ADD') . '" onclick="addtag()" />';
$rsp .= '</div>';
}
echo $rsp;
}
/**
* Logic to delete categories
*
* @access public
* @return void
* @since 1.0
*/
function remove()
{
// Check for request forgeries
JRequest::checkToken() or jexit('Invalid Token');
$user = JFactory::getUser();
if (FLEXI_J16GE) {
$perms = FlexicontentHelperPerm::getPerm();
$CanCats = $perms->CanCats;
} else {
if (FLEXI_ACCESS) {
$CanCats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'categories', 'users', $user->gmid) : 1;
} else {
$CanCats = 1;
}
}
$cid = JRequest::getVar('cid', array(0), 'post', 'array');
$msg = '';
if (!is_array($cid) || count($cid) < 1) {
// no category selected
JError::raiseWarning(500, JText::_('FLEXI_SELECT_ITEM_DELETE'));
} else {
if (!$CanCats) {
// no access rights
JError::raiseWarning(500, JText::_('FLEXI_ALERTNOTAUTH_TASK'));
} else {
// try to delete the category and clean cache
$model = $this->getModel('categories');
$msg = $model->delete($cid);
if (!$msg) {
JError::raiseWarning(500, $model->getError());
$this->setRedirect('index.php?option=com_flexicontent&view=categories', $msg);
return;
}
// clean cache
$cache = JFactory::getCache('com_flexicontent');
$cache->clean();
$catscache = JFactory::getCache('com_flexicontent_cats');
$catscache->clean();
}
}
// redirect to categories management tab
$this->setRedirect('index.php?option=com_flexicontent&view=categories', $msg);
}
/**
* Build the where clause
*
* @access private
* @return string
*/
function _buildContentWhere()
{
$app = JFactory::getApplication();
$user = JFactory::getUser();
$option = JRequest::getVar('option');
$langparent_item = $app->getUserStateFromRequest($option . '.itemelement.langparent_item', 'langparent_item', 0, 'int');
$type_id = $app->getUserStateFromRequest($option . '.itemelement.type_id', 'type_id', 0, 'int');
$created_by = $app->getUserStateFromRequest($option . '.itemelement.created_by', 'created_by', 0, 'int');
if ($langparent_item) {
$user_fullname = JFactory::getUser($created_by)->name;
$this->_db->setQuery('SELECT name FROM #__flexicontent_types WHERE id = ' . $type_id);
$type_name = $this->_db->loadResult();
$msg = sprintf("Selecting ORIGINAL Content item for a translating item of Content Type: \"%s\" and User: \"%s\"", $type_name, $user_fullname);
$jAp = JFactory::getApplication();
$jAp->enqueueMessage($msg, 'message');
}
$filter_state = $app->getUserStateFromRequest($option . '.itemelement.filter_state', 'filter_state', '', 'word');
$filter_cats = $app->getUserStateFromRequest($option . '.itemelement.filter_cats', 'filter_cats', '', 'int');
$filter_type = $app->getUserStateFromRequest($option . '.itemelement.filter_type', 'filter_type', '', 'int');
if (FLEXI_FISH || FLEXI_J16GE) {
if ($langparent_item) {
$filter_lang = flexicontent_html::getSiteDefaultLang();
} else {
$filter_lang = $app->getUserStateFromRequest($option . '.itemelement.filter_lang', 'filter_lang', '', 'cmd');
}
}
$search = $app->getUserStateFromRequest($option . '.itemelement.search', 'search', '', 'string');
$search = trim(JString::strtolower($search));
$where = array();
$where[] = ' i.state != -2';
// Exclude trashed
if (!FLEXI_J16GE) {
$where[] = ' sectionid = ' . FLEXI_SECTION;
}
if ($filter_state) {
if ($filter_state == 'P') {
$where[] = 'i.state = 1';
} else {
if ($filter_state == 'U') {
$where[] = 'i.state = 0';
} else {
if ($filter_state == 'PE') {
$where[] = 'i.state = -3';
} else {
if ($filter_state == 'OQ') {
$where[] = 'i.state = -4';
} else {
if ($filter_state == 'IP') {
$where[] = 'i.state = -5';
} else {
if ($filter_state == 'A') {
$where[] = 'i.state = ' . (FLEXI_J16GE ? 2 : -1);
}
}
}
}
}
}
}
if ($filter_cats) {
$where[] = 'rel.catid = ' . $filter_cats;
}
if ($langparent_item && $type_id) {
$where[] = 'ie.type_id = ' . $type_id;
} else {
if ($filter_type) {
$where[] = 'ie.type_id = ' . $filter_type;
}
}
if (FLEXI_FISH || FLEXI_J16GE) {
if ($filter_lang) {
$where[] = 'ie.language = ' . $this->_db->Quote($filter_lang);
}
}
if ($search) {
$search_escaped = FLEXI_J16GE ? $this->_db->escape($search, true) : $this->_db->getEscaped($search, true);
$where[] = ' LOWER(i.title) LIKE ' . $this->_db->Quote('%' . $search_escaped . '%', false);
}
/*if (FLEXI_J16GE) {
$isAdmin = JAccess::check($user->id, 'core.admin', 'root.1');
} else {
$isAdmin = $user->gid >= 24;
}*/
if (FLEXI_J16GE) {
$assocanytrans = $user->authorise('flexicontent.assocanytrans', 'com_flexicontent');
} else {
if (FLEXI_ACCESS) {
$assocanytrans = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'assocanytrans', 'users', $user->gmid) : 1;
} else {
$assocanytrans = $user->gid >= 24;
}
}
// is at least admin
if (!$assocanytrans) {
if ($langparent_item && $created_by) {
$where[] = ' i.created_by=' . $created_by;
}
}
$where = count($where) ? ' WHERE ' . implode(' AND ', $where) : '';
return $where;
}
/**
* Method (for J1.5) to check if the user can add an item anywhere
*
* @access public
* @return boolean True on success
* @since 1.5
*/
function canAdd()
{
$user = JFactory::getUser();
if (FLEXI_ACCESS && $user->gid < 25) {
$canSubmit = FAccess::checkComponentAccess('com_content', 'submit', 'users', $user->gmid);
$canAdd = FAccess::checkAllContentAccess('com_content', 'add', 'users', $user->gmid, 'content', 'all');
if (!$canSubmit && !$canAdd) {
return false;
}
} else {
$canAdd = $user->authorize('com_content', 'add', 'content', 'all');
if (!$canAdd) {
return false;
}
}
return true;
}
/**
* Check in a record
*
* @since 1.5
*/
static function checkin($tbl, $redirect_url, & $controller)
{
$cid = JRequest::getVar( 'cid', array(0), 'post', 'array' );
$pk = (int)$cid[0];
$user = JFactory::getUser();
$controller->setRedirect( $redirect_url, '' );
static $canCheckinRecords = null;
if ($canCheckinRecords === null) {
if (FLEXI_J16GE) {
$canCheckinRecords = $user->authorise('core.admin', 'checkin');
} else if (FLEXI_ACCESS) {
$canCheckinRecords = ($user->gid < 25) ? FAccess::checkComponentAccess('com_checkin', 'manage', 'users', $user->gmid) : 1;
} else {
// Only admin or super admin can check-in
$canCheckinRecords = $user->gid >= 24;
}
}
// Only attempt to check the row in if it exists.
if ($pk)
{
// Get an instance of the row to checkin.
$table = JTable::getInstance($tbl, '');
if (!$table->load($pk))
{
$controller->setError($table->getError());
return;// false;
}
// Record check-in is allowed if either (a) current user has Global Checkin privilege OR (b) record checked out by current user
if ($table->checked_out) {
if ( !$canCheckinRecords && $table->checked_out != $user->id) {
$controller->setError(JText::_( 'FLEXI_RECORD_CHECKED_OUT_DIFF_USER'));
return;// false;
}
}
// Attempt to check the row in.
if (!$table->checkin($pk))
{
$controller->setError($table->getError());
return;// false;
}
}
$controller->setRedirect( $redirect_url, JText::sprintf('FLEXI_RECORD_CHECKED_IN_SUCCESSFULLY', 1) );
return;// true;
}
/**
* Method to select new state for many items
*
* @since 1.5
*/
function selectstate()
{
$user = JFactory::getUser();
// General permission since we do not have a specific item yet
if (FLEXI_J16GE) {
$permission = FlexicontentHelperPerm::getPerm();
$auth_publish = $permission->CanPublish || $permission->CanPublishOwn;
$auth_delete = $permission->CanDelete || $permission->CanDeleteOwn;
$auth_archive = $permission->CanArchives;
} else {
if (FLEXI_ACCESS) {
$auth_publish = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'publish', 'users', $user->gmid) || FAccess::checkComponentAccess('com_content', 'publishown', 'users', $user->gmid) : 1;
$auth_delete = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'delete', 'users', $user->gmid) || FAccess::checkComponentAccess('com_content', 'deleteown', 'users', $user->gmid) : 1;
$auth_archive = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'archives', 'users', $user->gmid) : 1;
} else {
$auth_publish = $user->authorize('com_content', 'publish', 'content', 'all');
$auth_delete = $user->gid >= 23;
// is at least manager
$auth_archive = $user->gid >= 23;
// is at least manager
}
}
if ($auth_publish || $auth_archive || $auth_delete) {
//header('Content-type: application/json');
@ob_end_clean();
header('Content-type: text/html; charset=utf-8');
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Cache-Control: no-cache");
header("Pragma: no-cache");
if (FLEXI_J30GE) {
$fc_css = JURI::base(true) . '/components/com_flexicontent/assets/css/j3x.css';
} else {
if (FLEXI_J16GE) {
$fc_css = JURI::base(true) . '/components/com_flexicontent/assets/css/j25.css';
}
}
echo '
<link rel="stylesheet" href="' . JURI::base(true) . '/components/com_flexicontent/assets/css/flexicontentbackend.css" />
<link rel="stylesheet" href="' . $fc_css . '" />
<link rel="stylesheet" href="' . JURI::root(true) . '/media/jui/css/bootstrap.min.css" />
';
?>
<div id="flexicontent" class="flexicontent">
<?php
$btn_class = FLEXI_J30GE ? ' btn btn-small' : ' fc_button fcsimple fcsmall';
if ($auth_publish) {
$state['P'] = array('name' => 'FLEXI_PUBLISHED', 'desc' => 'FLEXI_PUBLISHED_DESC', 'icon' => 'tick.png', 'btn_class' => 'btn-success');
$state['IP'] = array('name' => 'FLEXI_IN_PROGRESS', 'desc' => 'FLEXI_NOT_FINISHED_YET', 'icon' => 'publish_g.png', 'btn_class' => 'btn-success', 'clear' => true);
$state['U'] = array('name' => 'FLEXI_UNPUBLISHED', 'desc' => 'FLEXI_UNPUBLISHED_DESC', 'icon' => 'publish_x.png', 'btn_class' => 'btn-warning');
$state['PE'] = array('name' => 'FLEXI_PENDING', 'desc' => 'FLEXI_NEED_TO_BE_APPROVED', 'icon' => 'publish_r.png', 'btn_class' => 'btn-warning');
$state['OQ'] = array('name' => 'FLEXI_TO_WRITE', 'desc' => 'FLEXI_TO_WRITE_DESC', 'icon' => 'publish_y.png', 'btn_class' => 'btn-warning', 'clear' => true);
}
if ($auth_archive) {
$state['A'] = array('name' => 'FLEXI_ARCHIVED', 'desc' => 'FLEXI_ARCHIVED_STATE', 'icon' => 'archive.png', 'btn_class' => 'btn-info');
}
if ($auth_delete) {
$state['T'] = array('name' => 'FLEXI_TRASHED', 'desc' => 'FLEXI_TRASHED_TO_BE_DELETED', 'icon' => 'trash.png', 'btn_class' => 'btn-danger');
}
echo "<b>" . JText::_('FLEXI_SELECT_STATE') . ":</b><br /><br />";
?>
<?php
foreach ($state as $shortname => $statedata) {
$css = "width:216px; margin:0px 24px 12px 0px;";
$link = JURI::base(true) . "/index.php?option=com_flexicontent&task=items.changestate&newstate=" . $shortname . "&" . (FLEXI_J30GE ? JSession::getFormToken() : JUtility::getToken()) . "=1";
$icon = "../components/com_flexicontent/assets/images/" . $statedata['icon'];
?>
<span class="fc-filter nowrap_box">
<?php
/*<img src="<?php echo $icon; ?>" style="margin:4px 0 0 0; border-width:0px; vertical-align:top;" alt="<?php echo JText::_( $statedata['desc'] ); ?>" /> */
?>
<span style="<?php
echo $css;
?>
" class="<?php
echo $btn_class . ' ' . $statedata['btn_class'];
?>
"
onclick="window.parent.document.adminForm.newstate.value='<?php
echo $shortname;
?>
'; window.parent.document.adminForm.boxchecked.value==0 ? alert('<?php
echo JText::_('FLEXI_NO_ITEMS_SELECTED');
?>
') : window.parent.Joomla.submitbutton('items.changestate')"
>
<?php
echo JText::_($statedata['name']);
?>
</span>
</span>
<?php
if (isset($statedata['clear'])) {
echo '<div class="fcclear"></div>';
}
}
?>
</div>
<?php
exit;
}
}
/**
* Method to select new state for many items
*
* @since 1.5
*/
function selectstate()
{
$user = JFactory::getUser();
// General permission since we do not have a specific item yet
if (FLEXI_J16GE) {
$permission = FlexicontentHelperPerm::getPerm();
$auth_publish = $permission->CanPublish || $permission->CanPublishOwn;
$auth_delete = $permission->CanDelete || $permission->CanDeleteOwn;
$auth_archive = $permission->CanArchives;
} else {
if (FLEXI_ACCESS) {
$auth_publish = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'publish', 'users', $user->gmid) || FAccess::checkComponentAccess('com_content', 'publishown', 'users', $user->gmid) : 1;
$auth_delete = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'delete', 'users', $user->gmid) || FAccess::checkComponentAccess('com_content', 'deleteown', 'users', $user->gmid) : 1;
$auth_archive = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'archives', 'users', $user->gmid) : 1;
} else {
$auth_publish = $user->authorize('com_content', 'publish', 'content', 'all');
$auth_delete = $user->gid >= 23;
// is at least manager
$auth_archive = $user->gid >= 23;
// is at least manager
}
}
if ($auth_publish || $auth_archive || $auth_delete) {
//header('Content-type: application/json');
@ob_end_clean();
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Cache-Control: no-cache");
header("Pragma: no-cache");
echo '<link rel="stylesheet" href="' . JURI::base() . 'components/com_flexicontent/assets/css/flexicontentbackend.css" />';
if (FLEXI_J30GE) {
$fc_css = JURI::base() . 'components/com_flexicontent/assets/css/j3x.css';
} else {
if (FLEXI_J16GE) {
$fc_css = JURI::base() . 'components/com_flexicontent/assets/css/j25.css';
} else {
$fc_css = JURI::base() . 'components/com_flexicontent/assets/css/j15.css';
}
}
echo '<link rel="stylesheet" href="' . $fc_css . '" />';
if ($auth_publish) {
$state['P'] = array('name' => 'FLEXI_PUBLISHED', 'desc' => 'FLEXI_PUBLISHED_DESC', 'icon' => 'tick.png', 'color' => 'darkgreen');
$state['IP'] = array('name' => 'FLEXI_IN_PROGRESS', 'desc' => 'FLEXI_NOT_FINISHED_YET', 'icon' => 'publish_g.png', 'color' => 'darkgreen', 'clear' => true);
$state['U'] = array('name' => 'FLEXI_UNPUBLISHED', 'desc' => 'FLEXI_UNPUBLISHED_DESC', 'icon' => 'publish_x.png', 'color' => 'darkred');
$state['PE'] = array('name' => 'FLEXI_PENDING', 'desc' => 'FLEXI_NEED_TO_BE_APPROVED', 'icon' => 'publish_r.png', 'color' => 'darkred');
$state['OQ'] = array('name' => 'FLEXI_TO_WRITE', 'desc' => 'FLEXI_TO_WRITE_DESC', 'icon' => 'publish_y.png', 'color' => 'darkred', 'clear' => true);
}
if ($auth_archive) {
$state['A'] = array('name' => 'FLEXI_ARCHIVED', 'desc' => 'FLEXI_ARCHIVED_STATE', 'icon' => 'archive.png', 'color' => 'gray');
}
if ($auth_delete) {
$state['T'] = array('name' => 'FLEXI_TRASHED', 'desc' => 'FLEXI_TRASHED_TO_BE_DELETED', 'icon' => 'trash.png', 'color' => 'gray');
}
echo "<b>" . JText::_('FLEXI_SELECT_STATE') . ":</b><br /><br />";
?>
<?php
foreach ($state as $shortname => $statedata) {
$css = "width:28%; margin:0px 1% 12px 1%; padding:1%; color:" . $statedata['color'] . ";";
$link = JURI::base(true) . "/index.php?option=com_flexicontent&task=items.changestate&newstate=" . $shortname . "&" . (FLEXI_J30GE ? JSession::getFormToken() : JUtility::getToken()) . "=1";
$icon = "../components/com_flexicontent/assets/images/" . $statedata['icon'];
?>
<a style="<?php
echo $css;
?>
" class="fc_button" href="javascript:;"
onclick="
window.parent.document.adminForm.newstate.value='<?php
echo $shortname;
?>
';
if(window.parent.document.adminForm.boxchecked.value==0)
alert('<?php
echo JText::_('FLEXI_NO_ITEMS_SELECTED');
?>
');
else
<?php
if (FLEXI_J16GE) {
?>
window.parent.Joomla.submitbutton('items.changestate')";
<?php
} else {
?>
window.parent.submitbutton('changestate')";
<?php
}
?>
target="_parent">
<img src="<?php
echo $icon;
?>
" width="16" height="16" border="0" alt="<?php
echo JText::_($statedata['desc']);
?>
" />
<?php
echo JText::_($statedata['name']);
?>
</a>
<?php
if (isset($statedata['clear'])) {
echo "<div style='width:100%; float: left; clear both;'></div>";
}
}
?>
<?php
exit;
}
}
static function getUserPerms($user_id = null)
{
// handle jcomments integration
if (JPluginHelper::isEnabled('system', 'jcomments')) {
$Comments_Enabled = 1;
$destpath = JPATH_SITE . DS . 'components' . DS . 'com_jcomments' . DS . 'plugins';
$dest = $destpath . DS . 'com_flexicontent.plugin.php';
$source = JPATH_SITE . DS . 'components' . DS . 'com_flexicontent' . DS . 'librairies' . DS . 'jcomments' . DS . 'com_flexicontent.plugin.php';
jimport('joomla.filesystem.file');
if (!JFile::exists($dest)) {
if (!JFolder::exists($destpath)) {
if (!JFolder::create($destpath)) {
JError::raiseWarning(100, JText::_('FLEXIcontent: Unable to create jComments plugin folder'));
}
}
if (!JFile::copy($source, $dest)) {
JError::raiseWarning(100, JText::_('FLEXIcontent: Unable to copy jComments plugin'));
} else {
$mainframe->enqueueMessage(JText::_('Copied FLEXIcontent jComments plugin'));
}
}
} else {
$Comments_Enabled = 0;
}
// Find permissions for given user id
$user = $user_id ? JFactory::getUser($user_id) : JFactory::getUser();
// no user id given, use current user)
$permission = new stdClass();
// !!! This is the Super User Privelege of GLOBAL Configuration (==> (for J2.5) core.admin ACTION allowed on ROOT ASSET: 'root.1')
$permission->SuperAdmin = $user->gid > 24;
//!!! ALLOWs USERS to change component's CONFIGURATION (==> (for J2.5) core.admin ACTION allowed on COMPONENT ASSET: e.g. 'com_flexicontent')
$permission->CanConfig = $permission->SuperAdmin;
// No FLEXI ACCESS ..
if (!FLEXI_ACCESS) {
$permission->CanManage = $user->gid >= 23;
// At least J1.5 Manager
$permission->CanAdd = $user->authorize('com_content', 'add', 'content', 'all');
// ($user->gid >= 19); // At least J1.5 Author
$permission->CanEdit = $user->authorize('com_content', 'edit', 'content', 'all');
// ($user->gid >= 20); // At least J1.5 Editor
$permission->CanEditOwn = $user->authorize('com_content', 'edit', 'content', 'own');
// ($user->gid >= 20); // At least J1.5 Editor
$permission->CanPublish = $user->authorize('com_content', 'publish', 'content', 'all');
// ($user->gid >= 21); // At least J1.5 Publisher
$permission->CanPublishOwn = $user->authorize('com_content', 'publish', 'content', 'own');
// ($user->gid >= 21); // At least J1.5 Publisher
$permission->CanDelete = $user->gid >= 23;
// At least J1.5 Manager
$permission->CanDeleteOwn = $user->gid >= 23;
// At least J1.5 Manager
$permission->CanChangeCat = 1;
// J1.5 lacks this
$permission->CanChangeSecCat = 1;
// J1.5 lacks this
$permission->CanChangeFeatCat = 1;
// J1.5 lacks this
$permission->CanRights = $user->gid >= 23;
// At least J1.5 Manager
$permission->CanAccLvl = $user->gid >= 20;
// At least J1.5 Editor
// ITEMS: component controlled permissions
$permission->DisplayAllItems = $user->gid >= 23;
// At least J1.5 Manager
$permission->CanCopy = $user->gid >= 23;
// At least J1.5 Manager
$permission->CanOrder = $user->gid >= 23;
// At least J1.5 Manager
$permission->CanParams = $user->gid >= 19;
// At least J1.5 Author
$permission->CanVersion = $user->gid >= 19;
// At least J1.5 Author
$permission->AssocAnyTrans = $user->gid >= 19;
// At least J1.5 Author
//$permission->EditCreationDate = ($user->gid >= 23); // At least J1.5 Manager
$permission->IgnoreViewState = $user->gid >= 20;
// At least J1.5 Editor
$permission->RequestApproval = $user->gid >= 20;
// At least J1.5 Editor
// CATEGORIES: management tab and usage
$permission->CanCats = $user->gid >= 23;
// At least J1.5 Manager
$permission->ViewAllCats = 1;
$permission->ViewTree = 1;
$permission->MultiCat = $user->gid >= 19;
// At least J1.5 Author
$permission->CanAddCats = $user->gid >= 23;
// At least J1.5 Manager
// TAGS: management tab and usage
$permission->CanTags = $user->gid >= 23;
// At least J1.5 Manager
$permission->CanUseTags = $user->gid >= 19;
// At least J1.5 Author
$permission->CanNewTags = $user->gid >= 19;
// At least J1.5 Author
// VARIOUS management TABS: types, archives, statistics, templates, tags
$permission->CanTypes = $user->gid >= 23;
// At least J1.5 Manager
$permission->CanArchives = $user->gid >= 23;
// At least J1.5 Manager
$permission->CanTemplates = $user->gid >= 23;
// At least J1.5 Manager
$permission->CanStats = $user->gid >= 23;
// At least J1.5 Manager
$permission->CanImport = $user->gid >= 23;
// At least J1.5 Manager
// FIELDS: management tab
$permission->CanFields = $user->gid >= 23;
// At least J1.5 Manager
$permission->CanCopyFields = $user->gid >= 24;
// At least J1.5 Administrator
$permission->CanOrderFields = $user->gid >= 24;
// At least J1.5 Administrator
$permission->CanAddField = $user->gid >= 24;
// At least J1.5 Administrator
$permission->CanEditField = $user->gid >= 24;
// At least J1.5 Administrator
$permission->CanDeleteField = $user->gid >= 24;
// At least J1.5 Administrator
$permission->CanPublishField = $user->gid >= 24;
// At least J1.5 Administrator
// FILES: management tab
$permission->CanFiles = $user->gid >= 19;
// At least J1.5 Author
$permission->CanUpload = $user->gid >= 19;
// At least J1.5 Author
$permission->CanViewAllFiles = $user->gid >= 23;
// At least J1.5 Manager
// AUTHORS: management tab
$permission->CanAuthors = $user->gid >= 24;
// At least J1.5 Administrator
$permission->CanGroups = 0;
//FLEXI_J16GE ? $permission->CanAuthors : 0;
// SEARCH INDEX: management tab
$permission->CanIndex = $user->gid >= 23;
// At least J1.5 Manager
// OTHER components permissions
$permission->CanPlugins = $user->gid >= 24;
// At least J1.5 Administrator
$permission->CanComments = $user->gid >= 23;
// At least J1.5 Manager
$permission->CanComments = $permission->CanComments && $Comments_Enabled;
// Global parameter to force always displaying of categories as tree
if (JComponentHelper::getParams('com_flexicontent')->get('cats_always_astree', 1)) {
$permission->ViewTree = 1;
}
return $permission;
}
//!!! ALLOWs USERS in JOOMLA BACKEND : (not used in J1.5)
// (a) to view the FLEXIcontent menu item in Components Menu and
// (b) to access the FLEXIcontent component screens (whatever they are allowed to see by individual FLEXIcontent area permissions)
// NOTE: the initially installed permissions allows all areas to be managed for J2.5 and none (except for items) for J1.5
$permission->CanManage = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'manage', 'users', $user->gmid) : 1;
// ITEMS/CATEGORIES: category-inherited permissions, (NOTE: these are the global settings, so:)
// *** 1. the action permissions of individual items are checked seperately per item
// *** 2. the view permission is checked via the access level of each item
$permission->CanAdd = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'submit', 'users', $user->gmid) || FAccess::checkAllContentAccess('com_content', 'add', 'users', $user->gmid, 'content', 'all') : 1;
$permission->CanEdit = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'edit', 'users', $user->gmid) : 1;
$permission->CanEditOwn = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'editown', 'users', $user->gmid) : 1;
$permission->CanPublish = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'publish', 'users', $user->gmid) : 1;
$permission->CanPublishOwn = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'publishown', 'users', $user->gmid) : 1;
$permission->CanDelete = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'delete', 'users', $user->gmid) : 1;
$permission->CanDeleteOwn = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'deleteown', 'users', $user->gmid) : 1;
$permission->CanChangeCat = 1;
$permission->CanChangeSecCat = 1;
$permission->CanChangeFeatCat = 1;
// Permission for changing the ACL rules of items and categories that user can edit
// Given to users that FLEXIaccess configuration
$permission->CanRights = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexiaccess', 'manage', 'users', $user->gmid) : 1;
// Permission for changing the access level of items and categories that user can edit
// (a) In J1.5 with FLEXIaccess, this is given to those that can edit the FLEXIaccess configuration
// (b) In J1.5 without FLEXIaccess, this is given to users being at least an Editor
// (c) In J2.5, this is the FLEXIcontent component ACTION 'accesslevel'
$permission->CanAccLvl = $permission->CanRights;
// ITEMS: component controlled permissions
$permission->DisplayAllItems = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'displayallitems', 'users', $user->gmid) : 1;
// (backend) List all items (otherwise only items that can be edited)
$permission->CanCopy = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'copyitems', 'users', $user->gmid) : 1;
// (backend) Item Copy Task
$permission->CanOrder = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'order', 'users', $user->gmid) : 1;
// (backend) Reorder items inside the category
$permission->CanParams = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'paramsitems', 'users', $user->gmid) : 1;
// (backend) Edit item parameters like meta data and template parameters
$permission->CanVersion = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'versioning', 'users', $user->gmid) : 1;
// (backend) Use item versioning
$permission->AssocAnyTrans = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'assocanytrans', 'users', $user->gmid) : 1;
// (item edit form) associate any translation
//$permission->EditCreationDate = ($user->gid < 25) ? FAccess::checkComponentAccess('com_flexicontent', 'editcreationdate', 'users', $user->gmid) : 1; // (item edit form) edit creation date (frontend)
$permission->IgnoreViewState = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'ignoreviewstate', 'users', $user->gmid) : 1;
// (Frontend Content Lists) ignore view state
$permission->RequestApproval = $user->gid >= 20;
// At least J1.5 Editor
// CATEGORIES: management tab and usage
$permission->CanCats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'categories', 'users', $user->gmid) : 1;
// (backend) Allow management of Categories
$permission->ViewAllCats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'usercats', 'users', $user->gmid) : 1;
// (e.g. item edit form) view the categories which user cannot assign to items
$permission->ViewTree = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'cattree', 'users', $user->gmid) : 1;
// (e.g. item edit form) view categories as tree instead of flat list
$permission->MultiCat = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'multicat', 'users', $user->gmid) : 1;
// (e.g. item edit form) allow user to assign each item to multiple categories
$permission->CanAddCats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'addcats', 'users', $user->gmid) : 1;
// add new Categories
// TAGS: management tab and usage
$permission->CanTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'tags', 'users', $user->gmid) : 1;
// (backend) Allow management of Item Types
$permission->CanUseTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'usetags', 'users', $user->gmid) : 1;
// edit already assigned Tags of items
$permission->CanNewTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'newtags', 'users', $user->gmid) : 1;
// add new Tags to items
// VARIOUS management TABS: types, archives, statistics, templates, tags
$permission->CanTypes = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'types', 'users', $user->gmid) : 1;
// (backend) Allow management of Item Types
$permission->CanArchives = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'archives', 'users', $user->gmid) : 1;
// (backend) Allow management of Archives
$permission->CanTemplates = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'templates', 'users', $user->gmid) : 1;
// (backend) Allow management of Templates
$permission->CanStats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'stats', 'users', $user->gmid) : 1;
// (backend) Allow management of Statistics
$permission->CanImport = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'import', 'users', $user->gmid) : 1;
// (backend) Allow management of (Content) Import
// FIELDS: management tab
$permission->CanFields = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'fields', 'users', $user->gmid) : 1;
// (backend) Allow management of Fields
$permission->CanCopyFields = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'copyfields', 'users', $user->gmid) : 1;
// (backend) Field Copy Task
$permission->CanOrderFields = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'orderfields', 'users', $user->gmid) : 1;
// (backend) Reorder fields inside each item type
$permission->CanAddField = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'createfield', 'users', $user->gmid) : 1;
// (backend) Create fields
$permission->CanEditField = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'editfield', 'users', $user->gmid) : 1;
// (backend) Edit fields
$permission->CanDeleteField = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'deletefield', 'users', $user->gmid) : 1;
// (backend) Delete fields
$permission->CanPublishField = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'publishfield', 'users', $user->gmid) : 1;
// (backend) Publish fields
// FILES: management tab
$permission->CanFiles = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'files', 'users', $user->gmid) : 1;
$permission->CanUpload = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'uploadfiles', 'users', $user->gmid) : 1;
// allow user to upload Files
$permission->CanViewAllFiles = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'viewallfiles', 'users', $user->gmid) : 1;
// allow user to view all Files
// AUTHORS: management tab
$permission->CanAuthors = $user->gid < 25 ? FAccess::checkComponentAccess('com_users', 'manage', 'users', $user->gmid) : 1;
$permission->CanGroups = 0;
//FLEXI_J16GE ? $permission->CanAuthors : 0;
// SEARCH INDEX: management tab
$permission->CanIndex = $permission->CanFields && ($permission->CanAddField || $permission->CanEditField);
// OTHER components permissions
$permission->CanPlugins = $user->gid < 25 ? FAccess::checkComponentAccess('com_plugins', 'manage', 'users', $user->gmid) : 1;
$permission->CanComments = $user->gid < 25 ? FAccess::checkComponentAccess('com_jcomments', 'manage', 'users', $user->gmid) : 1;
$permission->CanComments = $permission->CanComments && $Comments_Enabled;
// Global parameter to force always displaying of categories as tree
if (JComponentHelper::getParams('com_flexicontent')->get('cats_always_astree', 1)) {
$permission->ViewTree = 1;
}
return $permission;
}
/**
* Method to fetch the tags form
*
* @since 1.5
*/
function viewtags() {
// Check for request forgeries
JRequest::checkToken('request') or jexit( 'Invalid Token' );
$user = JFactory::getUser();
if (FLEXI_J16GE) {
$CanUseTags = FlexicontentHelperPerm::getPerm()->CanUseTags;
} else if (FLEXI_ACCESS) {
$CanUseTags = ($user->gid < 25) ? FAccess::checkComponentAccess('com_flexicontent', 'usetags', 'users', $user->gmid) : 1;
} else {
$CanUseTags = 1;
}
if($CanUseTags) {
//header('Content-type: application/json');
@ob_end_clean();
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Cache-Control: no-cache");
header("Pragma: no-cache");
//header("Content-type:text/json");
$model = $this->getModel(FLEXI_ITEMVIEW);
$tagobjs = $model->gettags(JRequest::getVar('q'));
$array = array();
echo "[";
foreach($tagobjs as $tag) {
$array[] = "{\"id\":\"".$tag->id."\",\"name\":\"".$tag->name."\"}";
}
echo implode(",", $array);
echo "]";
jexit();
}
}
