/** * Method override to check if you can add a new record. * * @param array An array of input data. * * @return boolean */ protected function allowAdd($data = array()) { $jinput = JFactory::getApplication()->input; // Initialise variables. $user = JFactory::getUser(); $categoryId = JArrayHelper::getValue($data, 'catid', $jinput->getInt('catid'), 'int'); $allow = null; if ($categoryId) { // If the category has been passed in the data or URL check it. $allow = $user->authorise('core.create', 'com_jem.category.' . $categoryId); } $jemsettings = JEMHelper::config(); $maintainer = JEMUser::ismaintainer('add'); $genaccess = JEMUser::validate_user($jemsettings->evdelrec, $jemsettings->delivereventsyes); $valguest = JEMUser::validate_guest(); if ($maintainer || $genaccess || $valguest) { return true; } if ($allow === null) { // In the absense of better information, revert to the component permissions. return parent::allowAdd(); } else { return $allow; } }
/** * Checks if the user is allowed to edit an item * * * @param int $allowowner * @param int $ownerid * @param int $recurse * @param int $level * @return boolean True on success */ static function editaccess($allowowner, $ownerid, $recurse, $level) { $user = JFactory::getUser(); $generalaccess = JEMUser::validate_user($recurse, $level); if ($allowowner == 1 && ($user->get('id') == $ownerid && $ownerid != 0)) { return true; } elseif ($generalaccess == 1) { return true; } return false; }
/** * Store */ public function store($updateNulls = true) { $date = JFactory::getDate(); $user = JFactory::getUser(); $jinput = JFactory::getApplication()->input; $app = JFactory::getApplication(); $jemsettings = JEMHelper::config(); $settings = JemHelper::globalattribs(); $valguest = JEMUser::validate_guest(); $guest_fldstatus = $settings->get('guest_fldstatus', '0'); // Check if we're in the front or back if ($app->isAdmin()) { $backend = true; } else { $backend = false; } if ($this->id) { // Existing event $this->modified = $date->toSql(); $this->modified_by = $user->get('id'); } else { // New event if (!intval($this->created)) { $this->created = $date->toSql(); } if (empty($this->created_by)) { $this->created_by = $user->get('id'); } } // Check if image was selected jimport('joomla.filesystem.file'); $image_dir = JPATH_SITE . '/images/jem/events/'; $allowable = array('gif', 'jpg', 'png'); $image_to_delete = false; // get image (frontend) - allow "removal on save" (Hoffi, 2014-06-07) if (!$backend) { if ($jemsettings->imageenabled == 2 || $jemsettings->imageenabled == 1) { $file = JFactory::getApplication()->input->files->get('userfile', '', 'array'); $removeimage = JFactory::getApplication()->input->get('removeimage', '', 'int'); if (!empty($file['name'])) { //check the image $check = JEMImage::check($file, $jemsettings); if ($check !== false) { //sanitize the image filename $filename = JemHelper::sanitize($image_dir, $file['name']); $filepath = $image_dir . $filename; if (JFile::upload($file['tmp_name'], $filepath)) { $image_to_delete = $this->datimage; // delete previous image $this->datimage = $filename; } } } elseif (!empty($removeimage)) { // if removeimage is non-zero remove image from event // (file will be deleted later (e.g. housekeeping) if unused) $image_to_delete = $this->datimage; $this->datimage = ''; } } // end image if } // if (!backend) $format = JFile::getExt($image_dir . $this->datimage); if (!in_array($format, $allowable)) { $this->datimage = ''; } if (!$backend) { /* check if the user has the required rank for autopublish */ $maintainer = JEMUser::ismaintainer('publish'); $autopubev = JEMUser::validate_user($jemsettings->evpubrec, $jemsettings->autopubl); if (!($autopubev || $maintainer || $user->authorise('core.edit', 'com_jem'))) { if ($valguest) { $this->published = $guest_fldstatus; } else { $this->published = 0; } } } ################ ## RECURRENCE ## ################ # check if recurrence_groupcheck is true $rec_groupcheck = $jinput->getInt('recurrence_check'); if ($rec_groupcheck) { # the check returned true, so it's considered as an edit # Retrieve id of current event from recurrence_table # as the check was true we can skip the groupid=groupid_ref from the where statement # but to be sure it's added here too $db = JFactory::getDbo(); $query = $db->getQuery(true); $query->select('id'); $query->from($db->quoteName('#__jem_recurrence')); $query->where(array('groupid = groupid_ref ', 'itemid= ' . $this->id)); $db->setQuery($query); $recurrenceid = $db->loadResult(); if ($recurrenceid) { # Retrieve recurrence-table $recurrence_table = JTable::getInstance('Recurrence', 'JEMTable'); # Load row-data $recurrence_table->load($recurrenceid); # We want to skip this event from Ical output /* $recurrence_table->exdate = $this->dates.'T'.$this->times; */ # it's a delete of the set so groupid_ref will be blanked /* $recurrence_table->groupid_ref = ""; */ # it's an edit and not a delete so groupid_ref won't be adjusted # but we will set the recurrence_id field, as this event has been adjusted and contains # info that's not inline with original recurrence-info $var2 = $recurrence_table->startdate_org; $var3 = new JDate($var2); $var4 = $var3->format('Ymd\\THis\\Z'); $recurrence_table->recurrence_id = $var4; # Store fields $recurrence_table->store(); } } # check if the field recurrence_group is filled and if the recurrence_type has been set # if the type has been set then it's part of recurrence and we should have a recurrence_group number if (empty($this->recurrence_group) && $this->recurrence_freq) { $this->recurrence_group = mt_rand(0, 9999); } ## END RECURRENCE ## return parent::store($updateNulls); }