/** * Method to build the WHERE clause * * @access private * @return string */ function _buildItemWhere() { $user = JFactory::getUser(); $db = JFactory::getDBO(); // Get the view's parameters $cparams = $this->_params; // Date-Times are stored as UTC, we should use current UTC time to compare and not user time (requestTime), // thus the items are published globally at the time the author specified in his/her local clock //$app = JFactory::getApplication(); //$now = FLEXI_J16GE ? $app->requestTime : $app->get('requestTime'); // NOT correct behavior it should be UTC (below) //$date = JFactory::getDate(); //$now = FLEXI_J16GE ? $date->toSql() : $date->toMySQL(); // NOT good if string passed to function that will be cached, because string continuesly different $_nowDate = 'UTC_TIMESTAMP()'; //$db->Quote($now); $nullDate = $db->getNullDate(); // First thing we need to do is to select only the requested FAVOURED items $where = ' WHERE fav.userid = ' . (int) $user->get('id'); // Get privilege to view non viewable items (upublished, archived, trashed, expired, scheduled). // NOTE: ACL view level is checked at a different place if (FLEXI_J16GE) { $ignoreState = $user->authorise('flexicontent.ignoreviewstate', 'com_flexicontent'); } else { if (FLEXI_ACCESS) { $ignoreState = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'ignoreviewstate', 'users', $user->gmid) : 1; } else { $ignoreState = $user->gid > 19; } } // author has 19 and editor has 20 if (!$ignoreState) { // Limit by publication state. Exception: when displaying personal user items or items modified by the user $where .= ' AND ( i.state IN (1, -5) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )'; //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )'; // Limit by publish up/down dates. Exception: when displaying personal user items or items modified by the user $where .= ' AND ( ( i.publish_up = ' . $this->_db->Quote($nullDate) . ' OR i.publish_up <= ' . $_nowDate . ' ) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )'; //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )'; $where .= ' AND ( ( i.publish_down = ' . $this->_db->Quote($nullDate) . ' OR i.publish_down >= ' . $_nowDate . ' ) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )'; //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )'; } $where .= !FLEXI_J16GE ? ' AND i.sectionid = ' . FLEXI_SECTION : ''; /* * If we have a filter, and this is enabled... lets tack the AND clause * for the filter onto the WHERE clause of the item query. */ // **************************************** // Create WHERE clause part for Text Search // **************************************** $text = JRequest::getString('filter', JRequest::getString('q', ''), 'default'); // Check for LIKE %word% search, for languages without spaces $filter_word_like_any = $cparams->get('filter_word_like_any', 0); $phrase = $filter_word_like_any ? JRequest::getWord('searchphrase', JRequest::getWord('p', 'any'), 'default') : JRequest::getWord('searchphrase', JRequest::getWord('p', 'exact'), 'default'); $si_tbl = 'flexicontent_items_ext'; $search_prefix = $cparams->get('add_search_prefix') ? 'vvv' : ''; // SEARCH WORD Prefix $text = !$search_prefix ? trim($text) : preg_replace('/(\\b[^\\s,\\.]+\\b)/u', $search_prefix . '$0', trim($text)); $words = preg_split('/\\s\\s*/u', $text); if (strlen($text)) { $ts = 'ie'; $escaped_text = FLEXI_J16GE ? $db->escape($text, true) : $db->getEscaped($text, true); $quoted_text = $db->Quote($escaped_text, false); switch ($phrase) { case 'natural': $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ') '; break; case 'natural_expanded': $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' WITH QUERY EXPANSION) '; break; case 'exact': $stopwords = array(); $shortwords = array(); if (!$search_prefix) { $words = flexicontent_db::removeInvalidWords($words, $stopwords, $shortwords, $si_tbl, 'search_index', $isprefix = 0); } if (empty($words)) { // All words are stop-words or too short, we could try to execute a query that only contains a LIKE %...% , but it would be too slow JRequest::setVar('ignoredwords', implode(' ', $stopwords)); JRequest::setVar('shortwords', implode(' ', $shortwords)); $_text_match = ' 0=1 '; } else { // speed optimization ... 2-level searching: first require ALL words, then require exact text $newtext = '+' . implode(' +', $words); $quoted_text = FLEXI_J16GE ? $db->escape($newtext, true) : $db->getEscaped($newtext, true); $quoted_text = $db->Quote($quoted_text, false); $exact_text = $db->Quote('%' . $escaped_text . '%', false); $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' IN BOOLEAN MODE) AND ' . $ts . '.search_index LIKE ' . $exact_text; } break; case 'all': $stopwords = array(); $shortwords = array(); if (!$search_prefix) { $words = flexicontent_db::removeInvalidWords($words, $stopwords, $shortwords, $si_tbl, 'search_index', $isprefix = 1); } JRequest::setVar('ignoredwords', implode(' ', $stopwords)); JRequest::setVar('shortwords', implode(' ', $shortwords)); $newtext = '+' . implode('* +', $words) . '*'; $quoted_text = FLEXI_J16GE ? $db->escape($newtext, true) : $db->getEscaped($newtext, true); $quoted_text = $db->Quote($quoted_text, false); $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' IN BOOLEAN MODE) '; break; case 'any': default: $stopwords = array(); $shortwords = array(); if (!$search_prefix) { $words = flexicontent_db::removeInvalidWords($words, $stopwords, $shortwords, $si_tbl, 'search_index', $isprefix = 1); } JRequest::setVar('ignoredwords', implode(' ', $stopwords)); JRequest::setVar('shortwords', implode(' ', $shortwords)); $newtext = implode('* ', $words) . '*'; $quoted_text = FLEXI_J16GE ? $db->escape($newtext, true) : $db->getEscaped($newtext, true); $quoted_text = $db->Quote($quoted_text, false); $_text_match = ' MATCH (' . $ts . '.search_index) AGAINST (' . $quoted_text . ' IN BOOLEAN MODE) '; break; } $where .= ' AND ' . $_text_match; } return $where; }
<tr> <td colspan="13"> <?php echo $pagination_footer; ?> </td> </tr> </tfoot> <tbody> <?php if (FLEXI_J16GE) { $canCheckinRecords = $user->authorise('core.admin', 'checkin'); } else { if (FLEXI_ACCESS) { $canCheckinRecords = $user->gid < 25 ? FAccess::checkComponentAccess('com_checkin', 'manage', 'users', $user->gmid) : 1; } else { $canCheckinRecords = $user->gid >= 24; } } if (FLEXI_J16GE) { $originalOrders = array(); $extension = 'com_content'; } $k = 0; $i = 0; foreach ($this->rows as $row) { if (FLEXI_J16GE) { $canEdit = $user->authorise('core.edit', $extension . '.category.' . $row->id); $canEditOwn = $user->authorise('core.edit.own', $extension . '.category.' . $row->id) && $row->created_user_id == $user->get('id'); $canEditState = $user->authorise('core.edit.state', $extension . '.category.' . $row->id);
/** * Method to get the assigned items for a category * * @access private * @return int */ function _getassigned($id) { global $globalcats; $user = JFactory::getUser(); $db = JFactory::getDBO(); // Get the view's parameters $params = $this->_params; $use_tmp = true; // Date-Times are stored as UTC, we should use current UTC time to compare and not user time (requestTime), // thus the items are published globally at the time the author specified in his/her local clock //$app = JFactory::getApplication(); //$now = FLEXI_J16GE ? $app->requestTime : $app->get('requestTime'); // NOT correct behavior it should be UTC (below) //$date = JFactory::getDate(); //$now = FLEXI_J16GE ? $date->toSql() : $date->toMySQL(); // NOT good if string passed to function that will be cached, because string continuesly different $_nowDate = 'UTC_TIMESTAMP()'; //$db->Quote($now); $nullDate = $db->getNullDate(); // Get some parameters and other info $catlang = $params->get('language', ''); // category language (currently UNUSED), this is property in J2.5 instead of as parameter in FC J1.5 $lang = flexicontent_html::getUserCurrentLang(); // Get user current language $filtercat = $params->get('filtercat', 0); // Filter items using currently selected language $show_noauth = $params->get('show_noauth', 0); // Show unauthorized items // First thing we need to do is to select only the requested items $where = ' WHERE 1 '; if ($this->_authorid) { $where .= ' AND i.created_by = ' . $db->Quote($this->_authorid); } // Filter the category view with the current user language if ((FLEXI_FISH || FLEXI_J16GE) && $filtercat) { $lta = FLEXI_J16GE || $use_tmp ? 'i' : 'ie'; $where .= ' AND ( ' . $lta . '.language LIKE ' . $db->Quote($lang . '%') . (FLEXI_J16GE ? ' OR ' . $lta . '.language="*" ' : '') . ' ) '; } // Get privilege to view non viewable items (upublished, archived, trashed, expired, scheduled). // NOTE: ACL view level is checked at a different place if (FLEXI_J16GE) { $ignoreState = $user->authorise('flexicontent.ignoreviewstate', 'com_flexicontent'); } else { if (FLEXI_ACCESS) { $ignoreState = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'ignoreviewstate', 'users', $user->gmid) : 1; } else { $ignoreState = $user->gid > 19; } } // author has 19 and editor has 20 if (!$ignoreState) { // Limit by publication state. Exception: when displaying personal user items or items modified by the user $where .= ' AND ( i.state IN (1, -5) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )'; //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )'; // Limit by publish up/down dates. Exception: when displaying personal user items or items modified by the user $where .= ' AND ( ( i.publish_up = ' . $db->Quote($nullDate) . ' OR i.publish_up <= ' . $_nowDate . ' ) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )'; //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )'; $where .= ' AND ( ( i.publish_down = ' . $db->Quote($nullDate) . ' OR i.publish_down >= ' . $_nowDate . ' ) OR ( i.created_by = ' . $user->id . ' AND i.created_by != 0 ) )'; //.' OR ( i.modified_by = '.$user->id.' AND i.modified_by != 0 ) )'; } // Count items according to full depth level !!! $catlist = !empty($globalcats[$id]->descendants) ? $globalcats[$id]->descendants : $id; $where .= ' AND rel.catid IN (' . $catlist . ')'; // Select only items that user has view access, if listing of unauthorized content is not enabled // Checking item, category, content type access level $joinaccess = ''; if (!$show_noauth) { if (FLEXI_J16GE) { $aid_arr = JAccess::getAuthorisedViewLevels($user->id); $aid_list = implode(",", $aid_arr); $where .= ' AND ty.access IN (0,' . $aid_list . ')'; $where .= ' AND mc.access IN (0,' . $aid_list . ')'; $where .= ' AND i.access IN (0,' . $aid_list . ')'; } else { $aid = (int) $user->get('aid'); if (FLEXI_ACCESS) { $joinaccess .= ' LEFT JOIN #__flexiaccess_acl AS gt ON ty.id = gt.axo AND gt.aco = "read" AND gt.axosection = "type"'; $joinaccess .= ' LEFT JOIN #__flexiaccess_acl AS gc ON mc.id = gc.axo AND gc.aco = "read" AND gc.axosection = "category"'; $joinaccess .= ' LEFT JOIN #__flexiaccess_acl AS gi ON i.id = gi.axo AND gi.aco = "read" AND gi.axosection = "item"'; $where .= ' AND (gt.aro IN ( ' . $user->gmid . ' ) OR ty.access <= ' . $aid . ')'; $where .= ' AND (gc.aro IN ( ' . $user->gmid . ' ) OR mc.access <= ' . $aid . ')'; $where .= ' AND (gi.aro IN ( ' . $user->gmid . ' ) OR i.access <= ' . $aid . ')'; } else { $where .= ' AND ty.access <= ' . $aid; $where .= ' AND mc.access <= ' . $aid; $where .= ' AND i.access <= ' . $aid; } } } $query = 'SELECT COUNT(DISTINCT rel.itemid)' . ' FROM #__flexicontent_cats_item_relations AS rel' . (!$use_tmp ? ' JOIN #__content AS i ON rel.itemid = i.id' : ' JOIN #__flexicontent_items_tmp AS i ON rel.itemid = i.id') . (!$use_tmp ? ' JOIN #__flexicontent_items_ext AS ie ON rel.itemid = ie.item_id' : '') . ' JOIN #__flexicontent_types AS ty ON ' . (!$use_tmp ? 'ie' : 'i') . '.type_id = ty.id' . ' JOIN #__categories AS mc ON mc.id = i.catid AND mc.published = 1' . $joinaccess . $where; $db->setQuery($query); $assigneditems = $db->loadResult(); if ($db->getErrorNum()) { JFactory::getApplication()->enqueueMessage(__FUNCTION__ . '(): SQL QUERY ERROR:<br/>' . nl2br($db->getErrorMsg()), 'error'); } return $assigneditems; }
/** * Method to fetch the tags form * * @since 1.5 */ function gettags() { $id = JRequest::getInt('id', 0); $model = $this->getModel('item'); $tags = $model->gettags(); $user = JFactory::getUser(); $used = null; if ($id) { $used = $model->getUsedtagsIds($id); } if (!is_array($used)) { $used = array(); } if (FLEXI_J16GE) { $permission = FlexicontentHelperPerm::getPerm(); $CanNewTags = $permission->CanNewTags; $CanUseTags = $permission->CanUseTags; } if (FLEXI_ACCESS) { $CanNewTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'newtags', 'users', $user->gmid) : 1; $CanUseTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'usetags', 'users', $user->gmid) : 1; } else { // no FLEXIAccess everybody can create / use tags $CanNewTags = 1; $CanUseTags = 1; } $CanUseTags = $CanUseTags ? '' : ' disabled="disabled"'; $n = count($tags); $rsp = ''; if ($n > 0) { $rsp .= '<div class="qf_tagbox">'; $rsp .= '<ul>'; for ($i = 0, $n; $i < $n; $i++) { $tag = $tags[$i]; $rsp .= '<li><div><span class="qf_tagidbox"><input type="checkbox" name="tag[]" value="' . $tag->id . '"' . (in_array($tag->id, $used) ? 'checked="checked"' : '') . $CanUseTags . ' /></span>' . $tag->name . '</div></li>'; if ($CanUseTags && in_array($tag->id, $used)) { $rsp .= '<input type="hidden" name="tag[]" value="' . $tag->id . '" />'; } } $rsp .= '</ul>'; $rsp .= '</div>'; $rsp .= '<div class="clear"></div>'; } if ($CanNewTags) { $rsp .= '<div class="qf_addtag">'; $rsp .= '<label for="addtags">' . JText::_('FLEXI_ADD_TAG') . '</label>'; $rsp .= '<input type="text" id="tagname" class="inputbox" size="30" />'; $rsp .= '<input type="button" class="fc_button" value="' . JText::_('FLEXI_ADD') . '" onclick="addtag()" />'; $rsp .= '</div>'; } echo $rsp; }
/** * Logic to delete categories * * @access public * @return void * @since 1.0 */ function remove() { // Check for request forgeries JRequest::checkToken() or jexit('Invalid Token'); $user = JFactory::getUser(); if (FLEXI_J16GE) { $perms = FlexicontentHelperPerm::getPerm(); $CanCats = $perms->CanCats; } else { if (FLEXI_ACCESS) { $CanCats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'categories', 'users', $user->gmid) : 1; } else { $CanCats = 1; } } $cid = JRequest::getVar('cid', array(0), 'post', 'array'); $msg = ''; if (!is_array($cid) || count($cid) < 1) { // no category selected JError::raiseWarning(500, JText::_('FLEXI_SELECT_ITEM_DELETE')); } else { if (!$CanCats) { // no access rights JError::raiseWarning(500, JText::_('FLEXI_ALERTNOTAUTH_TASK')); } else { // try to delete the category and clean cache $model = $this->getModel('categories'); $msg = $model->delete($cid); if (!$msg) { JError::raiseWarning(500, $model->getError()); $this->setRedirect('index.php?option=com_flexicontent&view=categories', $msg); return; } // clean cache $cache = JFactory::getCache('com_flexicontent'); $cache->clean(); $catscache = JFactory::getCache('com_flexicontent_cats'); $catscache->clean(); } } // redirect to categories management tab $this->setRedirect('index.php?option=com_flexicontent&view=categories', $msg); }
/** * Build the where clause * * @access private * @return string */ function _buildContentWhere() { $app = JFactory::getApplication(); $user = JFactory::getUser(); $option = JRequest::getVar('option'); $langparent_item = $app->getUserStateFromRequest($option . '.itemelement.langparent_item', 'langparent_item', 0, 'int'); $type_id = $app->getUserStateFromRequest($option . '.itemelement.type_id', 'type_id', 0, 'int'); $created_by = $app->getUserStateFromRequest($option . '.itemelement.created_by', 'created_by', 0, 'int'); if ($langparent_item) { $user_fullname = JFactory::getUser($created_by)->name; $this->_db->setQuery('SELECT name FROM #__flexicontent_types WHERE id = ' . $type_id); $type_name = $this->_db->loadResult(); $msg = sprintf("Selecting ORIGINAL Content item for a translating item of Content Type: \"%s\" and User: \"%s\"", $type_name, $user_fullname); $jAp = JFactory::getApplication(); $jAp->enqueueMessage($msg, 'message'); } $filter_state = $app->getUserStateFromRequest($option . '.itemelement.filter_state', 'filter_state', '', 'word'); $filter_cats = $app->getUserStateFromRequest($option . '.itemelement.filter_cats', 'filter_cats', '', 'int'); $filter_type = $app->getUserStateFromRequest($option . '.itemelement.filter_type', 'filter_type', '', 'int'); if (FLEXI_FISH || FLEXI_J16GE) { if ($langparent_item) { $filter_lang = flexicontent_html::getSiteDefaultLang(); } else { $filter_lang = $app->getUserStateFromRequest($option . '.itemelement.filter_lang', 'filter_lang', '', 'cmd'); } } $search = $app->getUserStateFromRequest($option . '.itemelement.search', 'search', '', 'string'); $search = trim(JString::strtolower($search)); $where = array(); $where[] = ' i.state != -2'; // Exclude trashed if (!FLEXI_J16GE) { $where[] = ' sectionid = ' . FLEXI_SECTION; } if ($filter_state) { if ($filter_state == 'P') { $where[] = 'i.state = 1'; } else { if ($filter_state == 'U') { $where[] = 'i.state = 0'; } else { if ($filter_state == 'PE') { $where[] = 'i.state = -3'; } else { if ($filter_state == 'OQ') { $where[] = 'i.state = -4'; } else { if ($filter_state == 'IP') { $where[] = 'i.state = -5'; } else { if ($filter_state == 'A') { $where[] = 'i.state = ' . (FLEXI_J16GE ? 2 : -1); } } } } } } } if ($filter_cats) { $where[] = 'rel.catid = ' . $filter_cats; } if ($langparent_item && $type_id) { $where[] = 'ie.type_id = ' . $type_id; } else { if ($filter_type) { $where[] = 'ie.type_id = ' . $filter_type; } } if (FLEXI_FISH || FLEXI_J16GE) { if ($filter_lang) { $where[] = 'ie.language = ' . $this->_db->Quote($filter_lang); } } if ($search) { $search_escaped = FLEXI_J16GE ? $this->_db->escape($search, true) : $this->_db->getEscaped($search, true); $where[] = ' LOWER(i.title) LIKE ' . $this->_db->Quote('%' . $search_escaped . '%', false); } /*if (FLEXI_J16GE) { $isAdmin = JAccess::check($user->id, 'core.admin', 'root.1'); } else { $isAdmin = $user->gid >= 24; }*/ if (FLEXI_J16GE) { $assocanytrans = $user->authorise('flexicontent.assocanytrans', 'com_flexicontent'); } else { if (FLEXI_ACCESS) { $assocanytrans = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'assocanytrans', 'users', $user->gmid) : 1; } else { $assocanytrans = $user->gid >= 24; } } // is at least admin if (!$assocanytrans) { if ($langparent_item && $created_by) { $where[] = ' i.created_by=' . $created_by; } } $where = count($where) ? ' WHERE ' . implode(' AND ', $where) : ''; return $where; }
/** * Method (for J1.5) to check if the user can add an item anywhere * * @access public * @return boolean True on success * @since 1.5 */ function canAdd() { $user = JFactory::getUser(); if (FLEXI_ACCESS && $user->gid < 25) { $canSubmit = FAccess::checkComponentAccess('com_content', 'submit', 'users', $user->gmid); $canAdd = FAccess::checkAllContentAccess('com_content', 'add', 'users', $user->gmid, 'content', 'all'); if (!$canSubmit && !$canAdd) { return false; } } else { $canAdd = $user->authorize('com_content', 'add', 'content', 'all'); if (!$canAdd) { return false; } } return true; }
/** * Check in a record * * @since 1.5 */ static function checkin($tbl, $redirect_url, & $controller) { $cid = JRequest::getVar( 'cid', array(0), 'post', 'array' ); $pk = (int)$cid[0]; $user = JFactory::getUser(); $controller->setRedirect( $redirect_url, '' ); static $canCheckinRecords = null; if ($canCheckinRecords === null) { if (FLEXI_J16GE) { $canCheckinRecords = $user->authorise('core.admin', 'checkin'); } else if (FLEXI_ACCESS) { $canCheckinRecords = ($user->gid < 25) ? FAccess::checkComponentAccess('com_checkin', 'manage', 'users', $user->gmid) : 1; } else { // Only admin or super admin can check-in $canCheckinRecords = $user->gid >= 24; } } // Only attempt to check the row in if it exists. if ($pk) { // Get an instance of the row to checkin. $table = JTable::getInstance($tbl, ''); if (!$table->load($pk)) { $controller->setError($table->getError()); return;// false; } // Record check-in is allowed if either (a) current user has Global Checkin privilege OR (b) record checked out by current user if ($table->checked_out) { if ( !$canCheckinRecords && $table->checked_out != $user->id) { $controller->setError(JText::_( 'FLEXI_RECORD_CHECKED_OUT_DIFF_USER')); return;// false; } } // Attempt to check the row in. if (!$table->checkin($pk)) { $controller->setError($table->getError()); return;// false; } } $controller->setRedirect( $redirect_url, JText::sprintf('FLEXI_RECORD_CHECKED_IN_SUCCESSFULLY', 1) ); return;// true; }
/** * Method to select new state for many items * * @since 1.5 */ function selectstate() { $user = JFactory::getUser(); // General permission since we do not have a specific item yet if (FLEXI_J16GE) { $permission = FlexicontentHelperPerm::getPerm(); $auth_publish = $permission->CanPublish || $permission->CanPublishOwn; $auth_delete = $permission->CanDelete || $permission->CanDeleteOwn; $auth_archive = $permission->CanArchives; } else { if (FLEXI_ACCESS) { $auth_publish = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'publish', 'users', $user->gmid) || FAccess::checkComponentAccess('com_content', 'publishown', 'users', $user->gmid) : 1; $auth_delete = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'delete', 'users', $user->gmid) || FAccess::checkComponentAccess('com_content', 'deleteown', 'users', $user->gmid) : 1; $auth_archive = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'archives', 'users', $user->gmid) : 1; } else { $auth_publish = $user->authorize('com_content', 'publish', 'content', 'all'); $auth_delete = $user->gid >= 23; // is at least manager $auth_archive = $user->gid >= 23; // is at least manager } } if ($auth_publish || $auth_archive || $auth_delete) { //header('Content-type: application/json'); @ob_end_clean(); header('Content-type: text/html; charset=utf-8'); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Cache-Control: no-cache"); header("Pragma: no-cache"); if (FLEXI_J30GE) { $fc_css = JURI::base(true) . '/components/com_flexicontent/assets/css/j3x.css'; } else { if (FLEXI_J16GE) { $fc_css = JURI::base(true) . '/components/com_flexicontent/assets/css/j25.css'; } } echo ' <link rel="stylesheet" href="' . JURI::base(true) . '/components/com_flexicontent/assets/css/flexicontentbackend.css" /> <link rel="stylesheet" href="' . $fc_css . '" /> <link rel="stylesheet" href="' . JURI::root(true) . '/media/jui/css/bootstrap.min.css" /> '; ?> <div id="flexicontent" class="flexicontent"> <?php $btn_class = FLEXI_J30GE ? ' btn btn-small' : ' fc_button fcsimple fcsmall'; if ($auth_publish) { $state['P'] = array('name' => 'FLEXI_PUBLISHED', 'desc' => 'FLEXI_PUBLISHED_DESC', 'icon' => 'tick.png', 'btn_class' => 'btn-success'); $state['IP'] = array('name' => 'FLEXI_IN_PROGRESS', 'desc' => 'FLEXI_NOT_FINISHED_YET', 'icon' => 'publish_g.png', 'btn_class' => 'btn-success', 'clear' => true); $state['U'] = array('name' => 'FLEXI_UNPUBLISHED', 'desc' => 'FLEXI_UNPUBLISHED_DESC', 'icon' => 'publish_x.png', 'btn_class' => 'btn-warning'); $state['PE'] = array('name' => 'FLEXI_PENDING', 'desc' => 'FLEXI_NEED_TO_BE_APPROVED', 'icon' => 'publish_r.png', 'btn_class' => 'btn-warning'); $state['OQ'] = array('name' => 'FLEXI_TO_WRITE', 'desc' => 'FLEXI_TO_WRITE_DESC', 'icon' => 'publish_y.png', 'btn_class' => 'btn-warning', 'clear' => true); } if ($auth_archive) { $state['A'] = array('name' => 'FLEXI_ARCHIVED', 'desc' => 'FLEXI_ARCHIVED_STATE', 'icon' => 'archive.png', 'btn_class' => 'btn-info'); } if ($auth_delete) { $state['T'] = array('name' => 'FLEXI_TRASHED', 'desc' => 'FLEXI_TRASHED_TO_BE_DELETED', 'icon' => 'trash.png', 'btn_class' => 'btn-danger'); } echo "<b>" . JText::_('FLEXI_SELECT_STATE') . ":</b><br /><br />"; ?> <?php foreach ($state as $shortname => $statedata) { $css = "width:216px; margin:0px 24px 12px 0px;"; $link = JURI::base(true) . "/index.php?option=com_flexicontent&task=items.changestate&newstate=" . $shortname . "&" . (FLEXI_J30GE ? JSession::getFormToken() : JUtility::getToken()) . "=1"; $icon = "../components/com_flexicontent/assets/images/" . $statedata['icon']; ?> <span class="fc-filter nowrap_box"> <?php /*<img src="<?php echo $icon; ?>" style="margin:4px 0 0 0; border-width:0px; vertical-align:top;" alt="<?php echo JText::_( $statedata['desc'] ); ?>" /> */ ?> <span style="<?php echo $css; ?> " class="<?php echo $btn_class . ' ' . $statedata['btn_class']; ?> " onclick="window.parent.document.adminForm.newstate.value='<?php echo $shortname; ?> '; window.parent.document.adminForm.boxchecked.value==0 ? alert('<?php echo JText::_('FLEXI_NO_ITEMS_SELECTED'); ?> ') : window.parent.Joomla.submitbutton('items.changestate')" > <?php echo JText::_($statedata['name']); ?> </span> </span> <?php if (isset($statedata['clear'])) { echo '<div class="fcclear"></div>'; } } ?> </div> <?php exit; } }
/** * Method to select new state for many items * * @since 1.5 */ function selectstate() { $user = JFactory::getUser(); // General permission since we do not have a specific item yet if (FLEXI_J16GE) { $permission = FlexicontentHelperPerm::getPerm(); $auth_publish = $permission->CanPublish || $permission->CanPublishOwn; $auth_delete = $permission->CanDelete || $permission->CanDeleteOwn; $auth_archive = $permission->CanArchives; } else { if (FLEXI_ACCESS) { $auth_publish = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'publish', 'users', $user->gmid) || FAccess::checkComponentAccess('com_content', 'publishown', 'users', $user->gmid) : 1; $auth_delete = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'delete', 'users', $user->gmid) || FAccess::checkComponentAccess('com_content', 'deleteown', 'users', $user->gmid) : 1; $auth_archive = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'archives', 'users', $user->gmid) : 1; } else { $auth_publish = $user->authorize('com_content', 'publish', 'content', 'all'); $auth_delete = $user->gid >= 23; // is at least manager $auth_archive = $user->gid >= 23; // is at least manager } } if ($auth_publish || $auth_archive || $auth_delete) { //header('Content-type: application/json'); @ob_end_clean(); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Cache-Control: no-cache"); header("Pragma: no-cache"); echo '<link rel="stylesheet" href="' . JURI::base() . 'components/com_flexicontent/assets/css/flexicontentbackend.css" />'; if (FLEXI_J30GE) { $fc_css = JURI::base() . 'components/com_flexicontent/assets/css/j3x.css'; } else { if (FLEXI_J16GE) { $fc_css = JURI::base() . 'components/com_flexicontent/assets/css/j25.css'; } else { $fc_css = JURI::base() . 'components/com_flexicontent/assets/css/j15.css'; } } echo '<link rel="stylesheet" href="' . $fc_css . '" />'; if ($auth_publish) { $state['P'] = array('name' => 'FLEXI_PUBLISHED', 'desc' => 'FLEXI_PUBLISHED_DESC', 'icon' => 'tick.png', 'color' => 'darkgreen'); $state['IP'] = array('name' => 'FLEXI_IN_PROGRESS', 'desc' => 'FLEXI_NOT_FINISHED_YET', 'icon' => 'publish_g.png', 'color' => 'darkgreen', 'clear' => true); $state['U'] = array('name' => 'FLEXI_UNPUBLISHED', 'desc' => 'FLEXI_UNPUBLISHED_DESC', 'icon' => 'publish_x.png', 'color' => 'darkred'); $state['PE'] = array('name' => 'FLEXI_PENDING', 'desc' => 'FLEXI_NEED_TO_BE_APPROVED', 'icon' => 'publish_r.png', 'color' => 'darkred'); $state['OQ'] = array('name' => 'FLEXI_TO_WRITE', 'desc' => 'FLEXI_TO_WRITE_DESC', 'icon' => 'publish_y.png', 'color' => 'darkred', 'clear' => true); } if ($auth_archive) { $state['A'] = array('name' => 'FLEXI_ARCHIVED', 'desc' => 'FLEXI_ARCHIVED_STATE', 'icon' => 'archive.png', 'color' => 'gray'); } if ($auth_delete) { $state['T'] = array('name' => 'FLEXI_TRASHED', 'desc' => 'FLEXI_TRASHED_TO_BE_DELETED', 'icon' => 'trash.png', 'color' => 'gray'); } echo "<b>" . JText::_('FLEXI_SELECT_STATE') . ":</b><br /><br />"; ?> <?php foreach ($state as $shortname => $statedata) { $css = "width:28%; margin:0px 1% 12px 1%; padding:1%; color:" . $statedata['color'] . ";"; $link = JURI::base(true) . "/index.php?option=com_flexicontent&task=items.changestate&newstate=" . $shortname . "&" . (FLEXI_J30GE ? JSession::getFormToken() : JUtility::getToken()) . "=1"; $icon = "../components/com_flexicontent/assets/images/" . $statedata['icon']; ?> <a style="<?php echo $css; ?> " class="fc_button" href="javascript:;" onclick=" window.parent.document.adminForm.newstate.value='<?php echo $shortname; ?> '; if(window.parent.document.adminForm.boxchecked.value==0) alert('<?php echo JText::_('FLEXI_NO_ITEMS_SELECTED'); ?> '); else <?php if (FLEXI_J16GE) { ?> window.parent.Joomla.submitbutton('items.changestate')"; <?php } else { ?> window.parent.submitbutton('changestate')"; <?php } ?> target="_parent"> <img src="<?php echo $icon; ?> " width="16" height="16" border="0" alt="<?php echo JText::_($statedata['desc']); ?> " /> <?php echo JText::_($statedata['name']); ?> </a> <?php if (isset($statedata['clear'])) { echo "<div style='width:100%; float: left; clear both;'></div>"; } } ?> <?php exit; } }
static function getUserPerms($user_id = null) { // handle jcomments integration if (JPluginHelper::isEnabled('system', 'jcomments')) { $Comments_Enabled = 1; $destpath = JPATH_SITE . DS . 'components' . DS . 'com_jcomments' . DS . 'plugins'; $dest = $destpath . DS . 'com_flexicontent.plugin.php'; $source = JPATH_SITE . DS . 'components' . DS . 'com_flexicontent' . DS . 'librairies' . DS . 'jcomments' . DS . 'com_flexicontent.plugin.php'; jimport('joomla.filesystem.file'); if (!JFile::exists($dest)) { if (!JFolder::exists($destpath)) { if (!JFolder::create($destpath)) { JError::raiseWarning(100, JText::_('FLEXIcontent: Unable to create jComments plugin folder')); } } if (!JFile::copy($source, $dest)) { JError::raiseWarning(100, JText::_('FLEXIcontent: Unable to copy jComments plugin')); } else { $mainframe->enqueueMessage(JText::_('Copied FLEXIcontent jComments plugin')); } } } else { $Comments_Enabled = 0; } // Find permissions for given user id $user = $user_id ? JFactory::getUser($user_id) : JFactory::getUser(); // no user id given, use current user) $permission = new stdClass(); // !!! This is the Super User Privelege of GLOBAL Configuration (==> (for J2.5) core.admin ACTION allowed on ROOT ASSET: 'root.1') $permission->SuperAdmin = $user->gid > 24; //!!! ALLOWs USERS to change component's CONFIGURATION (==> (for J2.5) core.admin ACTION allowed on COMPONENT ASSET: e.g. 'com_flexicontent') $permission->CanConfig = $permission->SuperAdmin; // No FLEXI ACCESS .. if (!FLEXI_ACCESS) { $permission->CanManage = $user->gid >= 23; // At least J1.5 Manager $permission->CanAdd = $user->authorize('com_content', 'add', 'content', 'all'); // ($user->gid >= 19); // At least J1.5 Author $permission->CanEdit = $user->authorize('com_content', 'edit', 'content', 'all'); // ($user->gid >= 20); // At least J1.5 Editor $permission->CanEditOwn = $user->authorize('com_content', 'edit', 'content', 'own'); // ($user->gid >= 20); // At least J1.5 Editor $permission->CanPublish = $user->authorize('com_content', 'publish', 'content', 'all'); // ($user->gid >= 21); // At least J1.5 Publisher $permission->CanPublishOwn = $user->authorize('com_content', 'publish', 'content', 'own'); // ($user->gid >= 21); // At least J1.5 Publisher $permission->CanDelete = $user->gid >= 23; // At least J1.5 Manager $permission->CanDeleteOwn = $user->gid >= 23; // At least J1.5 Manager $permission->CanChangeCat = 1; // J1.5 lacks this $permission->CanChangeSecCat = 1; // J1.5 lacks this $permission->CanChangeFeatCat = 1; // J1.5 lacks this $permission->CanRights = $user->gid >= 23; // At least J1.5 Manager $permission->CanAccLvl = $user->gid >= 20; // At least J1.5 Editor // ITEMS: component controlled permissions $permission->DisplayAllItems = $user->gid >= 23; // At least J1.5 Manager $permission->CanCopy = $user->gid >= 23; // At least J1.5 Manager $permission->CanOrder = $user->gid >= 23; // At least J1.5 Manager $permission->CanParams = $user->gid >= 19; // At least J1.5 Author $permission->CanVersion = $user->gid >= 19; // At least J1.5 Author $permission->AssocAnyTrans = $user->gid >= 19; // At least J1.5 Author //$permission->EditCreationDate = ($user->gid >= 23); // At least J1.5 Manager $permission->IgnoreViewState = $user->gid >= 20; // At least J1.5 Editor $permission->RequestApproval = $user->gid >= 20; // At least J1.5 Editor // CATEGORIES: management tab and usage $permission->CanCats = $user->gid >= 23; // At least J1.5 Manager $permission->ViewAllCats = 1; $permission->ViewTree = 1; $permission->MultiCat = $user->gid >= 19; // At least J1.5 Author $permission->CanAddCats = $user->gid >= 23; // At least J1.5 Manager // TAGS: management tab and usage $permission->CanTags = $user->gid >= 23; // At least J1.5 Manager $permission->CanUseTags = $user->gid >= 19; // At least J1.5 Author $permission->CanNewTags = $user->gid >= 19; // At least J1.5 Author // VARIOUS management TABS: types, archives, statistics, templates, tags $permission->CanTypes = $user->gid >= 23; // At least J1.5 Manager $permission->CanArchives = $user->gid >= 23; // At least J1.5 Manager $permission->CanTemplates = $user->gid >= 23; // At least J1.5 Manager $permission->CanStats = $user->gid >= 23; // At least J1.5 Manager $permission->CanImport = $user->gid >= 23; // At least J1.5 Manager // FIELDS: management tab $permission->CanFields = $user->gid >= 23; // At least J1.5 Manager $permission->CanCopyFields = $user->gid >= 24; // At least J1.5 Administrator $permission->CanOrderFields = $user->gid >= 24; // At least J1.5 Administrator $permission->CanAddField = $user->gid >= 24; // At least J1.5 Administrator $permission->CanEditField = $user->gid >= 24; // At least J1.5 Administrator $permission->CanDeleteField = $user->gid >= 24; // At least J1.5 Administrator $permission->CanPublishField = $user->gid >= 24; // At least J1.5 Administrator // FILES: management tab $permission->CanFiles = $user->gid >= 19; // At least J1.5 Author $permission->CanUpload = $user->gid >= 19; // At least J1.5 Author $permission->CanViewAllFiles = $user->gid >= 23; // At least J1.5 Manager // AUTHORS: management tab $permission->CanAuthors = $user->gid >= 24; // At least J1.5 Administrator $permission->CanGroups = 0; //FLEXI_J16GE ? $permission->CanAuthors : 0; // SEARCH INDEX: management tab $permission->CanIndex = $user->gid >= 23; // At least J1.5 Manager // OTHER components permissions $permission->CanPlugins = $user->gid >= 24; // At least J1.5 Administrator $permission->CanComments = $user->gid >= 23; // At least J1.5 Manager $permission->CanComments = $permission->CanComments && $Comments_Enabled; // Global parameter to force always displaying of categories as tree if (JComponentHelper::getParams('com_flexicontent')->get('cats_always_astree', 1)) { $permission->ViewTree = 1; } return $permission; } //!!! ALLOWs USERS in JOOMLA BACKEND : (not used in J1.5) // (a) to view the FLEXIcontent menu item in Components Menu and // (b) to access the FLEXIcontent component screens (whatever they are allowed to see by individual FLEXIcontent area permissions) // NOTE: the initially installed permissions allows all areas to be managed for J2.5 and none (except for items) for J1.5 $permission->CanManage = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'manage', 'users', $user->gmid) : 1; // ITEMS/CATEGORIES: category-inherited permissions, (NOTE: these are the global settings, so:) // *** 1. the action permissions of individual items are checked seperately per item // *** 2. the view permission is checked via the access level of each item $permission->CanAdd = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'submit', 'users', $user->gmid) || FAccess::checkAllContentAccess('com_content', 'add', 'users', $user->gmid, 'content', 'all') : 1; $permission->CanEdit = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'edit', 'users', $user->gmid) : 1; $permission->CanEditOwn = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'editown', 'users', $user->gmid) : 1; $permission->CanPublish = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'publish', 'users', $user->gmid) : 1; $permission->CanPublishOwn = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'publishown', 'users', $user->gmid) : 1; $permission->CanDelete = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'delete', 'users', $user->gmid) : 1; $permission->CanDeleteOwn = $user->gid < 25 ? FAccess::checkComponentAccess('com_content', 'deleteown', 'users', $user->gmid) : 1; $permission->CanChangeCat = 1; $permission->CanChangeSecCat = 1; $permission->CanChangeFeatCat = 1; // Permission for changing the ACL rules of items and categories that user can edit // Given to users that FLEXIaccess configuration $permission->CanRights = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexiaccess', 'manage', 'users', $user->gmid) : 1; // Permission for changing the access level of items and categories that user can edit // (a) In J1.5 with FLEXIaccess, this is given to those that can edit the FLEXIaccess configuration // (b) In J1.5 without FLEXIaccess, this is given to users being at least an Editor // (c) In J2.5, this is the FLEXIcontent component ACTION 'accesslevel' $permission->CanAccLvl = $permission->CanRights; // ITEMS: component controlled permissions $permission->DisplayAllItems = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'displayallitems', 'users', $user->gmid) : 1; // (backend) List all items (otherwise only items that can be edited) $permission->CanCopy = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'copyitems', 'users', $user->gmid) : 1; // (backend) Item Copy Task $permission->CanOrder = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'order', 'users', $user->gmid) : 1; // (backend) Reorder items inside the category $permission->CanParams = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'paramsitems', 'users', $user->gmid) : 1; // (backend) Edit item parameters like meta data and template parameters $permission->CanVersion = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'versioning', 'users', $user->gmid) : 1; // (backend) Use item versioning $permission->AssocAnyTrans = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'assocanytrans', 'users', $user->gmid) : 1; // (item edit form) associate any translation //$permission->EditCreationDate = ($user->gid < 25) ? FAccess::checkComponentAccess('com_flexicontent', 'editcreationdate', 'users', $user->gmid) : 1; // (item edit form) edit creation date (frontend) $permission->IgnoreViewState = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'ignoreviewstate', 'users', $user->gmid) : 1; // (Frontend Content Lists) ignore view state $permission->RequestApproval = $user->gid >= 20; // At least J1.5 Editor // CATEGORIES: management tab and usage $permission->CanCats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'categories', 'users', $user->gmid) : 1; // (backend) Allow management of Categories $permission->ViewAllCats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'usercats', 'users', $user->gmid) : 1; // (e.g. item edit form) view the categories which user cannot assign to items $permission->ViewTree = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'cattree', 'users', $user->gmid) : 1; // (e.g. item edit form) view categories as tree instead of flat list $permission->MultiCat = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'multicat', 'users', $user->gmid) : 1; // (e.g. item edit form) allow user to assign each item to multiple categories $permission->CanAddCats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'addcats', 'users', $user->gmid) : 1; // add new Categories // TAGS: management tab and usage $permission->CanTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'tags', 'users', $user->gmid) : 1; // (backend) Allow management of Item Types $permission->CanUseTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'usetags', 'users', $user->gmid) : 1; // edit already assigned Tags of items $permission->CanNewTags = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'newtags', 'users', $user->gmid) : 1; // add new Tags to items // VARIOUS management TABS: types, archives, statistics, templates, tags $permission->CanTypes = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'types', 'users', $user->gmid) : 1; // (backend) Allow management of Item Types $permission->CanArchives = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'archives', 'users', $user->gmid) : 1; // (backend) Allow management of Archives $permission->CanTemplates = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'templates', 'users', $user->gmid) : 1; // (backend) Allow management of Templates $permission->CanStats = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'stats', 'users', $user->gmid) : 1; // (backend) Allow management of Statistics $permission->CanImport = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'import', 'users', $user->gmid) : 1; // (backend) Allow management of (Content) Import // FIELDS: management tab $permission->CanFields = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'fields', 'users', $user->gmid) : 1; // (backend) Allow management of Fields $permission->CanCopyFields = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'copyfields', 'users', $user->gmid) : 1; // (backend) Field Copy Task $permission->CanOrderFields = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'orderfields', 'users', $user->gmid) : 1; // (backend) Reorder fields inside each item type $permission->CanAddField = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'createfield', 'users', $user->gmid) : 1; // (backend) Create fields $permission->CanEditField = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'editfield', 'users', $user->gmid) : 1; // (backend) Edit fields $permission->CanDeleteField = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'deletefield', 'users', $user->gmid) : 1; // (backend) Delete fields $permission->CanPublishField = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'publishfield', 'users', $user->gmid) : 1; // (backend) Publish fields // FILES: management tab $permission->CanFiles = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'files', 'users', $user->gmid) : 1; $permission->CanUpload = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'uploadfiles', 'users', $user->gmid) : 1; // allow user to upload Files $permission->CanViewAllFiles = $user->gid < 25 ? FAccess::checkComponentAccess('com_flexicontent', 'viewallfiles', 'users', $user->gmid) : 1; // allow user to view all Files // AUTHORS: management tab $permission->CanAuthors = $user->gid < 25 ? FAccess::checkComponentAccess('com_users', 'manage', 'users', $user->gmid) : 1; $permission->CanGroups = 0; //FLEXI_J16GE ? $permission->CanAuthors : 0; // SEARCH INDEX: management tab $permission->CanIndex = $permission->CanFields && ($permission->CanAddField || $permission->CanEditField); // OTHER components permissions $permission->CanPlugins = $user->gid < 25 ? FAccess::checkComponentAccess('com_plugins', 'manage', 'users', $user->gmid) : 1; $permission->CanComments = $user->gid < 25 ? FAccess::checkComponentAccess('com_jcomments', 'manage', 'users', $user->gmid) : 1; $permission->CanComments = $permission->CanComments && $Comments_Enabled; // Global parameter to force always displaying of categories as tree if (JComponentHelper::getParams('com_flexicontent')->get('cats_always_astree', 1)) { $permission->ViewTree = 1; } return $permission; }
/** * Method to fetch the tags form * * @since 1.5 */ function viewtags() { // Check for request forgeries JRequest::checkToken('request') or jexit( 'Invalid Token' ); $user = JFactory::getUser(); if (FLEXI_J16GE) { $CanUseTags = FlexicontentHelperPerm::getPerm()->CanUseTags; } else if (FLEXI_ACCESS) { $CanUseTags = ($user->gid < 25) ? FAccess::checkComponentAccess('com_flexicontent', 'usetags', 'users', $user->gmid) : 1; } else { $CanUseTags = 1; } if($CanUseTags) { //header('Content-type: application/json'); @ob_end_clean(); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Cache-Control: no-cache"); header("Pragma: no-cache"); //header("Content-type:text/json"); $model = $this->getModel(FLEXI_ITEMVIEW); $tagobjs = $model->gettags(JRequest::getVar('q')); $array = array(); echo "["; foreach($tagobjs as $tag) { $array[] = "{\"id\":\"".$tag->id."\",\"name\":\"".$tag->name."\"}"; } echo implode(",", $array); echo "]"; jexit(); } }