示例#1
0
 /**
  * Method to get the selected documents data.
  *
  * @param	integer	The id of the download.
  *
  * @return	mixed	item data object on success, false on failure.
  */
 public function &getItems($pk = null)
 {
     global $jlistConfig;
     // Initialise variables.
     $sum_files_volume = 0;
     $sum_files_prices = 0;
     $must_confirm_license = false;
     $directlink = false;
     $pk = $this->getState('download.id');
     $marked_files_id = $this->getState('download.marked_files.id');
     if (!$pk > 0) {
         if (count($marked_files_id) > 1) {
             $marked_files_id = implode(',', $marked_files_id);
         } else {
             $pk = $marked_files_id[0];
         }
     } else {
         // user has clicked on download link - not checkbox used
         $directlink = true;
     }
     if ($this->_items === null) {
         $this->_items = array();
     }
     if (!isset($this->_items[$pk])) {
         try {
             $db = $this->getDbo();
             $query = $db->getQuery(true);
             $query->select($this->getState('item.select', 'a.file_id, a.asset_id, a.file_title, a.file_alias, a.description, a.description_long, a.file_pic, a.images, a.price, a.release, ' . 'a.file_language, a.system, a.license, a.url_license, a.license_agree, a.size, a.url_download, a.preview_filename, a.other_file_id, a.md5_value, a.sha1_value, ' . 'a.extern_file, a.extern_site, a.mirror_1, a.mirror_2, a.extern_site_mirror_1, a.extern_site_mirror_2, a.url_home, a.author, a.url_author, a.created_mail, a.submitted_by, ' . 'a.changelog, a.password_md5, a.views, a.update_active, a.custom_field_1, a.custom_field_2, a.custom_field_3, a.custom_field_4, a.custom_field_5, a.custom_field_6, ' . 'a.custom_field_7, a.custom_field_8, a.custom_field_9, a.custom_field_10, a.custom_field_11, a.custom_field_12, a.custom_field_13, a.custom_field_14, a.published, ' . 'CASE WHEN badcats.id is null THEN a.published ELSE 0 END AS state, ' . 'a.cat_id, a.date_added, a.created_id, a.file_date, ' . 'a.modified_date as modified, ' . 'a.publish_from, a.publish_to, a.modified_id, a.checked_out, a.checked_out_time,  ' . 'a.ordering, a.metakey, a.metadesc, a.robots, a.access, a.downloads, a.language'));
             $query->from('#__jdownloads_files AS a');
             // Join on category table.
             $query->select('c.title AS category_title, c.alias AS category_alias, c.access AS category_access, c.cat_dir AS category_cat_dir, c.cat_dir_parent AS category_cat_dir_parent, c.password AS category_password');
             $query->join('LEFT', '#__jdownloads_categories AS c on c.id = a.cat_id');
             // Join on license table.
             $query->select('l.title AS license_title, l.url AS license_url, l.description AS license_text, l.id as lid');
             $query->join('LEFT', '#__jdownloads_licenses AS l on l.id = a.license');
             // Filter by language
             if ($this->getState('filter.language')) {
                 $query->where('a.language in (' . $db->quote(JFactory::getLanguage()->getTag()) . ',' . $db->quote('*') . ')');
             }
             // Join over the categories to get parent category titles
             $query->select('parent.title as parent_title, parent.id as parent_id, parent.alias as parent_alias');
             $query->join('LEFT', '#__jdownloads_categories as parent ON parent.id = c.parent_id');
             if ($pk > 0) {
                 $query->where('a.file_id = ' . (int) $pk);
             } else {
                 $query->where('a.file_id IN (' . $marked_files_id . ')');
             }
             // Join to check for category published state in parent categories up the tree
             // If all categories are published, badcats.id will be null, and we just use the download state
             $subquery = ' (SELECT cat.id as id FROM #__jdownloads_categories AS cat JOIN #__jdownloads_categories AS parent ';
             $subquery .= 'ON cat.lft BETWEEN parent.lft AND parent.rgt ';
             $subquery .= 'WHERE parent.published <= 0 GROUP BY cat.id)';
             $query->join('LEFT OUTER', $subquery . ' AS badcats ON badcats.id = c.id');
             // Filter by published state.
             $published = $this->getState('filter.published');
             if (is_numeric($published)) {
                 $query->where('(a.published = ' . (int) $published . ')');
             }
             // get the data
             $db->setQuery($query);
             $files = $db->loadObjectList();
             if ($error = $db->getErrorMsg()) {
                 throw new Exception($error);
             }
             if (empty($files)) {
                 return JError::raiseError(404, JText::_('COM_JDOWNLOADS_DOWNLOAD_NOT_FOUND'));
             }
             foreach ($files as $file) {
                 // Check for published state if filter set.
                 if (is_numeric($published) && $file->published != $published) {
                     return JError::raiseError(404, JText::_('COM_JDOWNLOADS_DOWNLOAD_NOT_FOUND'));
                 }
                 $file->params = clone $this->getState('params');
                 // Compute selected asset permissions.
                 $user = JFactory::getUser();
                 $userId = $user->get('id');
                 $asset = 'com_jdownloads.download.' . $file->file_id;
                 // Check at first the 'download' permission.
                 if ($user->authorise('download', $asset)) {
                     $file->params->set('access-download', true);
                 }
                 // Technically guest could edit a download, but lets not check that to improve performance a little.
                 if (!$user->get('guest')) {
                     // Check general edit permission first.
                     if ($user->authorise('core.edit', $asset)) {
                         $file->params->set('access-edit', true);
                     } elseif (!empty($userId) && $user->authorise('core.edit.own', $asset)) {
                         // Check for a valid user and that they are the owner.
                         if ($userId == $file->created_id) {
                             $file->params->set('access-edit', true);
                         }
                     }
                 }
                 // Compute view access permissions.
                 if ($access = $this->getState('filter.access')) {
                     // If the access filter has been set, we already know this user can view.
                     $file->params->set('access-view', true);
                 } else {
                     // If no access filter is set, the layout takes some responsibility for display of limited information.
                     $user = JFactory::getUser();
                     $groups = $user->getAuthorisedViewLevels();
                     if ($file->cat_id == 0 || $file->category_access === null) {
                         $file->params->set('access-view', in_array($file->access, $groups));
                     } else {
                         $file->params->set('access-view', in_array($file->access, $groups) && in_array($file->category_access, $groups));
                     }
                 }
                 // we check some data fields and store the calculated values
                 $sum_files_volume += JDHelper::convertFileSizeToKB($file->size);
                 $sum_files_prices += floatval($file->price);
                 if ($file->license && $file->license_agree) {
                     $must_confirm_license = true;
                 }
             }
             // store the values for the selected files - so we can check it later
             $this->state->sum_selected_volume = $sum_files_volume;
             $this->state->sum_files_prices = $sum_files_prices;
             $this->state->must_confirm_license = $must_confirm_license;
             $this->state->directlink_used = $directlink;
             $this->state->sum_selected_files = count($files);
             $this->_items[$pk] = $files;
         } catch (JException $e) {
             if ($e->getCode() == 404) {
                 // Need to go thru the error handler to allow Redirect to work.
                 JError::raiseError(404, $e->getMessage());
             } else {
                 $this->setError($e);
                 $this->_items[$pk] = false;
             }
         }
     }
     return $this->_items[$pk];
 }
示例#2
0
 /**
  * Write the download activity in the log table 
  * 
  * @param integer  $type (1:download or 2:upload/creation in frontend)
  * @param mixed  $files
  * @param mixed  $upload_data
  */
 public static function updateLog($type, $files, $upload_data)
 {
     $db = JFactory::getDBO();
     $query = $db->getQuery(true);
     $user = JFactory::getUser();
     $ip = self::getRealIp();
     $app = JFactory::getApplication();
     // get current 'now' data with correct local time zone
     $date = JFactory::getDate('now')->format('Y-m-d H:i:s', true);
     // True to return the date string in the local time zone, false to return it in GMT.
     if ($type == 1) {
         foreach ($files as $file) {
             $filesize = JDHelper::convertFileSizeToKB($file->size);
             if ($file->extern_file != '') {
                 $db->setQuery("INSERT INTO #__jdownloads_logs (type, log_file_id, log_file_size, log_file_name, log_title, log_ip, log_datetime, log_user) VALUES ( '" . $type . "', '" . $file->file_id . "', '" . $filesize . "', '" . $file->extern_file . "', '" . $db->escape($file->file_title) . "',  '" . $ip . "', '" . $date . "', '" . $user->get('id') . "')");
             } else {
                 $db->setQuery("INSERT INTO #__jdownloads_logs (type, log_file_id, log_file_size, log_file_name, log_title, log_ip, log_datetime, log_user) VALUES ( '" . $type . "', '" . $file->file_id . "', '" . $filesize . "', '" . $db->escape($file->url_download) . "', '" . $db->escape($file->file_title) . "',  '" . $ip . "', '" . $date . "', '" . $user->get('id') . "')");
             }
             $db->execute();
         }
     } else {
         if ($type = 2) {
             $filesize = JDHelper::convertFileSizeToKB($upload_data->size);
             $db->setQuery("INSERT INTO #__jdownloads_logs (type, log_file_id, log_file_size, log_file_name, log_title, log_ip, log_datetime, log_user) VALUES ( '" . $type . "', '" . $upload_data->file_id . "', '" . $filesize . "', '" . $db->escape($upload_data->url_download) . "', '" . $db->escape($upload_data->file_title) . "',  '" . $ip . "', '" . $date . "', '" . $user->get('id') . "')");
             $db->execute();
         }
     }
 }