function save($array, &$queryModel, $rrule, $dryrun = false) { $cfg =& JEVConfig::getInstance(); $db =& JFactory::getDBO(); $user = JFactory::getUser(); // Allow plugins to check data validity $dispatcher =& JDispatcher::getInstance(); JPluginHelper::importPlugin("jevents"); $res = $dispatcher->trigger('onBeforeSaveEvent', array(&$array, &$rrule, $dryrun)); // TODO do error and hack checks here $ev_id = intval(JArrayHelper::getValue($array, "evid", 0)); $newevent = $ev_id == 0; $data = array(); // TODO add UID to edit form $data["UID"] = JArrayHelper::getValue($array, "uid", md5(uniqid(rand(), true))); $data["X-EXTRAINFO"] = JArrayHelper::getValue($array, "extra_info", ""); $data["LOCATION"] = JArrayHelper::getValue($array, "location", ""); $data["allDayEvent"] = JArrayHelper::getValue($array, "allDayEvent", "off"); $data["CONTACT"] = JArrayHelper::getValue($array, "contact_info", ""); $data["DESCRIPTION"] = JArrayHelper::getValue($array, "jevcontent", ""); $data["publish_down"] = JArrayHelper::getValue($array, "publish_down", "2006-12-12"); $data["publish_up"] = JArrayHelper::getValue($array, "publish_up", "2006-12-12"); $data["SUMMARY"] = JArrayHelper::getValue($array, "title", ""); $data["URL"] = JArrayHelper::getValue($array, "url", ""); // If user is jevents can deleteall or has backend access then allow them to specify the creator $jevuser = JEVHelper::getAuthorisedUser(); $creatorid = JRequest::getInt("jev_creatorid", 0); if ($creatorid > 0) { if (JVersion::isCompatible("1.6.0")) { //$access = JAccess::check($user->id, "core.deleteall","com_jevents"); $access = $user->authorise('core.admin', 'com_jevents'); } else { // Get an ACL object $acl =& JFactory::getACL(); $grp = $acl->getAroGroup($user->get('id')); $access = $acl->is_group_child_of($grp->name, 'Public Backend'); } if ($jevuser && $jevuser->candeleteall || $access) { $data["X-CREATEDBY"] = $creatorid; } } $ics_id = JArrayHelper::getValue($array, "ics_id", 0); if ($data["allDayEvent"] == "on") { $start_time = "00:00"; } else { $start_time = JArrayHelper::getValue($array, "start_time", "08:00"); } $publishstart = $data["publish_up"] . ' ' . $start_time . ':00'; $data["DTSTART"] = JevDate::strtotime($publishstart); if ($data["allDayEvent"] == "on") { $end_time = "00:00"; } else { $end_time = JArrayHelper::getValue($array, "end_time", "15:00"); } $publishend = $data["publish_down"] . ' ' . $end_time . ':00'; if (isset($array["noendtime"]) && $array["noendtime"]) { $publishend = $data["publish_down"] . ' 23:59:59'; } $data["DTEND"] = JevDate::strtotime($publishend); // iCal for whole day uses 00:00:00 on the next day JEvents uses 23:59:59 on the same day list($h, $m, $s) = explode(":", $end_time . ':00'); if ($h + $m + $s == 0 && $data["allDayEvent"] == "on" && $data["DTEND"] > $data["DTSTART"]) { //if (($h+$m+$s)==0 && $data["allDayEvent"]=="on" && $data["DTEND"]>=$data["DTSTART"]) { //$publishend = JevDate::strftime('%Y-%m-%d 23:59:59',($data["DTEND"]-86400)); $publishend = JevDate::strftime('%Y-%m-%d 23:59:59', $data["DTEND"]); $data["DTEND"] = JevDate::strtotime($publishend); } $data["RRULE"] = $rrule; $data["MULTIDAY"] = JArrayHelper::getValue($array, "multiday", "1"); $data["NOENDTIME"] = JArrayHelper::getValue($array, "noendtime", "0"); $data["X-COLOR"] = JArrayHelper::getValue($array, "color", ""); $data["LOCKEVENT"] = JArrayHelper::getValue($array, "lockevent", "0"); // Add any custom fields into $data array foreach ($array as $key => $value) { if (strpos($key, "custom_") === 0) { $data[$key] = $value; } } $vevent = iCalEvent::iCalEventFromData($data); $vevent->catid = JArrayHelper::getValue($array, "catid", 0); if (is_array($vevent->catid)) { JArrayHelper::toInteger($vevent->catid); } // if catid is empty then use the catid of the ical calendar if (is_string($vevent->catid) && $vevent->catid <= 0 || is_array($vevent->catid) && count($vevent->catid) == 0) { $query = "SELECT catid FROM #__jevents_icsfile WHERE ics_id={$ics_id}"; $db->setQuery($query); $vevent->catid = $db->loadResult(); } $vevent->access = intval(JArrayHelper::getValue($array, "access", 0)); if (!JVersion::isCompatible("1.6.0")) { $vevent->access = $vevent->access > $user->aid ? $user->aid : $vevent->access; } $vevent->state = intval(JArrayHelper::getValue($array, "state", 0)); // Shouldn't really do this like this $vevent->_detail->priority = intval(JArrayHelper::getValue($array, "priority", 0)); // FRONT END AUTO PUBLISHING CODE $frontendPublish = JEVHelper::isEventPublisher(); if (!$frontendPublish) { $frontendPublish = JEVHelper::canPublishOwnEvents($ev_id); } // Always unpublish if no Publisher otherwise publish automatically (for new events) // Should we always notify of new events $notifyAdmin = $cfg->get("com_notifyallevents", 0); if (!JFactory::getApplication()->isAdmin()) { if ($frontendPublish && $ev_id == 0) { $vevent->state = 1; } else { if (!$frontendPublish) { $vevent->state = 0; // In this case we send a notification email to admin $notifyAdmin = true; } } } $vevent->icsid = $ics_id; if ($ev_id > 0) { $vevent->ev_id = $ev_id; } $rp_id = intval(JArrayHelper::getValue($array, "rp_id", 0)); if ($rp_id > 0) { // I should be able to do this in one operation but that can come later $testevent = $queryModel->listEventsById(intval($rp_id), 1, "icaldb"); if (!JEVHelper::canEditEvent($testevent)) { JError::raiseError(403, JText::_('ALERTNOTAUTH')); } } $db =& JFactory::getDBO(); $success = true; //echo "class = ".get_class($vevent); if (!$dryrun) { if (!$vevent->store()) { echo $db->getErrorMsg() . "<br/>"; $success = false; JError::raiseWarning(101, JText::_('COULD_NOT_SAVE_EVENT_')); } } else { // need a value for eventid to pretend we have saved the event so we can get the repetitions if (!isset($vevent->ev_id)) { $vevent->ev_id = 0; } $vevent->rrule->eventid = $vevent->ev_id; } // Only update the repetitions if the event edit says the reptitions will have changed or a new event if ($newevent || JRequest::getInt("updaterepeats", 1)) { $repetitions = $vevent->getRepetitions(true); if (!$dryrun) { if (!$vevent->storeRepetitions()) { echo $db->getErrorMsg() . "<br/>"; $success = false; JError::raiseWarning(101, JText::_('COULD_NOT_SAVE_REPETITIONS')); } } } $res = $dispatcher->trigger('onAfterSaveEvent', array(&$vevent, $dryrun)); if ($dryrun) { return $vevent; } // If not authorised to publish in the frontend then notify the administrator if (!$dryrun && $success && $notifyAdmin && !JFactory::getApplication()->isAdmin()) { JLoader::register('JEventsCategory', JEV_ADMINPATH . "/libraries/categoryClass.php"); $cat = new JEventsCategory($db); $cat->load($vevent->catid); $adminuser = $cat->getAdminUser(); $adminEmail = $adminuser->email; $config = new JConfig(); $sitename = $config->sitename; $subject = JText::_('JEV_MAIL_ADDED') . ' ' . $sitename; $subject = $vevent->state == '1' ? '[Info] ' . $subject : '[Approval] ' . $subject; $Itemid = JEVHelper::getItemid(); // reload the event to get the reptition ids $evid = intval($vevent->ev_id); $testevent = $queryModel->getEventById($evid, 1, "icaldb"); $rp_id = $testevent->rp_id(); list($year, $month, $day) = JEVHelper::getYMD(); //http://joomlacode1.5svn/index.php?option=com_jevents&task=icalevent.edit&evid=1&Itemid=68&rp_id=72&year=2008&month=09&day=10&lang=cy $uri =& JURI::getInstance(JURI::base()); $root = $uri->toString(array('scheme', 'host', 'port')); $modifylink = '<a href="' . $root . JRoute::_('index.php?option=' . JEV_COM_COMPONENT . '&task=icalevent.edit&evid=' . $evid . '&rp_id=' . $rp_id . '&Itemid=' . $Itemid . "&year={$year}&month={$month}&day={$day}") . '"><b>' . JText::_('JEV_MODIFY') . '</b></a>' . "\n"; $viewlink = '<a href="' . $root . JRoute::_('index.php?option=' . JEV_COM_COMPONENT . '&task=icalrepeat.detail&evid=' . $rp_id . '&Itemid=' . $Itemid . "&year={$year}&month={$month}&day={$day}&login=1") . '"><b>' . JText::_('JEV_VIEW') . '</b></a>' . "\n"; $created_by = $user->name; if ($created_by == null) { $created_by = "Anonymous"; if (JRequest::getString("custom_anonusername", "") != "") { $created_by = JRequest::getString("custom_anonusername", "") . " (" . JRequest::getString("custom_anonemail", "") . ")"; } } JEV_CommonFunctions::sendAdminMail($sitename, $adminEmail, $subject, $testevent->title(), $testevent->content(), $created_by, JURI::root(), $modifylink, $viewlink); } if ($success) { return $vevent; } return $success; }
function canUserEdit() { $is_event_creator = JEVHelper::isEventCreator(); $user = JFactory::getUser(); // are we authorised to do anything with this category or calendar $jevuser = JEVHelper::getAuthorisedUser(); if ($this->_icsid > 0 && $jevuser && $jevuser->calendars != "" && $jevuser->calendars != "all") { $allowedcals = explode("|", $jevuser->calendars); if (!in_array($this->_icsid, $allowedcals)) { return false; } } if ($this->_catid > 0 && $jevuser && $jevuser->categories != "" && $jevuser->categories != "all") { $allowedcats = explode("|", $jevuser->categories); if (!in_array($this->_catid, $allowedcats)) { return false; } } // if can create events and this was created by this user then can edit (not valid for anon users) if ($is_event_creator && $this->isEditable() && $this->created_by() == $user->id && $user->id > 0) { return true; } // if "event publisher" or "event editor" can always edit event if (JEVHelper::canEditEvent($this)) { return true; } if (JEVHelper::canPublishEvent($this)) { return true; } return false; }
protected function setCreatorLookup() { // If user is jevents can deleteall or has backend access then allow them to specify the creator $jevuser = JEVHelper::getAuthorisedUser(); $user = JFactory::getUser(); if (JVersion::isCompatible("1.6.0")) { //$access = JAccess::check($user->id, "core.deleteall", "com_jevents"); $access = $user->authorise('core.admin', 'com_jevents'); } else { // Get an ACL object $acl =& JFactory::getACL(); $grp = $acl->getAroGroup($user->get('id')); // if no valid group (e.g. anon user) then skip this. if (!$grp) { return; } $access = $acl->is_group_child_of($grp->name, 'Public Backend'); } $db = JFactory::getDBO(); if ($jevuser && $jevuser->candeleteall || $access) { if (JVersion::isCompatible("1.6.0")) { $params =& JComponentHelper::getParams(JEV_COM_COMPONENT); $authorisedonly = $params->get("authorisedonly", 0); // if authorised only then load from database if ($authorisedonly) { $sql = "SELECT tl.*, ju.* FROM #__jev_users AS tl "; $sql .= " LEFT JOIN #__users as ju ON tl.user_id=ju.id "; $sql .= " WHERE tl.cancreate=1"; $sql .= " ORDER BY ju.name ASC"; $db->setQuery($sql); $users = $db->loadObjectList(); } else { $rules = JAccess::getAssetRules("com_jevents", true); $creatorgroups = $rules->getData(); // need to merge the arrays because of stupid way Joomla checks super user permissions //$creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups["core.create"]->getData()); // use union orf arrays sincee getData no longer has string keys in the resultant array //$creatorgroups = $creatorgroups["core.admin"]->getData()+ $creatorgroups["core.create"]->getData(); // use union orf arrays sincee getData no longer has string keys in the resultant array $creatorgroupsdata = $creatorgroups["core.admin"]->getData(); // take the higher permission setting foreach ($creatorgroups["core.create"]->getData() as $creatorgroup => $permission) { if ($permission) { $creatorgroupsdata[$creatorgroup] = $permission; } } $users = array(0); foreach ($creatorgroupsdata as $creatorgroup => $permission) { if ($permission == 1) { $users = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $users); } } $sql = "SELECT * FROM #__users where id IN (" . implode(",", array_values($users)) . ") ORDER BY name asc"; $db->setQuery($sql); $users = $db->loadObjectList(); } } else { $db = JFactory::getDBO(); $params =& JComponentHelper::getParams(JEV_COM_COMPONENT); $authorisedonly = $params->get("authorisedonly", 0); // if authorised only then load from database if ($authorisedonly) { $sql = "SELECT tl.*, ju.* FROM #__jev_users AS tl "; $sql .= " LEFT JOIN #__users as ju ON tl.user_id=ju.id "; $sql .= " WHERE tl.cancreate=1"; $sql .= " ORDER BY ju.name ASC"; $db->setQuery($sql); $users = $db->loadObjectList(); } else { $params =& JComponentHelper::getParams(JEV_COM_COMPONENT); $minaccess = $params->getValue("jevcreator_level", 19); $sql = "SELECT * FROM #__users where gid>=" . $minaccess; $sql .= " ORDER BY name ASC"; $db->setQuery($sql); $users = $db->loadObjectList(); } } $userOptions[] = JHTML::_('select.option', '-1', JText::_('SELECT_USER')); foreach ($users as $user) { $userOptions[] = JHTML::_('select.option', $user->id, $user->name . " ( " . $user->username . " )"); } $creator = $this->row->created_by() > 0 ? $this->row->created_by() : (isset($jevuser) ? $jevuser->user_id : 0); $userlist = JHTML::_('select.genericlist', $userOptions, 'jev_creatorid', 'class="inputbox" size="1" ', 'value', 'text', $creator); $this->assignRef("users", $userlist); } }
function csvimport() { if (!JFactory::getApplication()->isAdmin()) { JError::raiseError(403, JText::_('ALERTNOTAUTH')); } // get the view $this->view =& $this->getView("icalevent", "html"); // get all the raw native calendars $nativeCals = $this->dataModel->queryModel->getNativeIcalendars(); // Strip this list down based on user permissions $jevuser =& JEVHelper::getAuthorisedUser(); if ($jevuser && $jevuser->calendars != "" && $jevuser->calendars != "all") { $cals = array_keys($nativeCals); $allowedcals = explode("|", $jevuser->calendars); foreach ($cals as $calid) { if (!in_array($calid, $allowedcals)) { unset($nativeCals[$calid]); } } } // only offer a choice of native calendars if it exists! if (count($nativeCals) > 0) { $icalList = array(); $icalList[] = JHTML::_('select.option', '0', JText::_('JEV_EVENT_CHOOSE_ICAL'), 'ics_id', 'label'); $icalList = array_merge($icalList, $nativeCals); $callist = JHTML::_('select.genericlist', $icalList, 'ics_id', " onchange='preselectCategory(this);'", 'ics_id', 'label', 0); $this->view->assign('callist', $callist); } else { JError::raiseWarning(870, JText::_('INVALID_CALENDAR_STRUCTURE')); } // Set the layout $this->view->setLayout('csvimport'); $this->view->display(); }
/** * Build HTML selection list of categories * * @param int $catid Selected catid * @param string $args Additional HTML attributes for the <select> tag * @param string $catidList Restriction list of categories * @param boolean $with_unpublished Set true to build list with unpublished categories * @param boolean $require_sel First entry: true = Choose one category, false = All categories * @param int $catidtop Top level category ancestor */ public static function buildCategorySelect($catid, $args, $catidList = null, $with_unpublished = false, $require_sel = false, $catidtop = 0, $fieldname = "catid", $sectionname = JEV_COM_COMPONENT, $excludeid = false, $order = "ordering", $eventediting = false) { // need to declare this because of bug in Joomla JHtml::_('select.options', on content pages - it loade the WRONG CLASS! include_once JPATH_SITE . "/libraries/cms/html/category.php"; ob_start(); $t_first_entry = $require_sel ? JText::_('JEV_EVENT_CHOOSE_CATEG') : JText::_('JEV_EVENT_ALLCAT'); $options = JHtml::_('category.options', $sectionname); /* hide second level categories for ($i=0;$i<count($options);$i++){ if (strpos($options[$i]->text,"-")!==false){ unset($options[$i]); } } $options = array_values($options); */ if ($catidList != null) { $cats = explode(',', $catidList); $count = count($options); for ($o = 0; $o < $count; $o++) { if (!in_array($options[$o]->value, $cats)) { unset($options[$o]); } } $options = array_values($options); } // translate where appropriate $count = count($options); for ($o = 0; $o < $count; $o++) { $options[$o]->text = strpos($options[$o]->text, "JEV_") === 0 ? JText::_($options[$o]->text) : $options[$o]->text; } // Thanks to ssobada // when editing events we restrict the available list! $jevtask = JRequest::getString("jevtask"); if (strpos($jevtask, "icalevent.edit") !== false || strpos($jevtask, "icalrepeat.edit") !== false) { $user = JFactory::getUser(); $params = JComponentHelper::getParams(JEV_COM_COMPONENT); $authorisedonly = $params->get("authorisedonly", 0); if ($authorisedonly) { $jevuser = JEVHelper::getAuthorisedUser(); if ($jevuser) { if ($jevuser->categories == "all") { $cats = array(); foreach ($options as $opt) { $cats[] = $opt->value; } } else { if ($jevuser->categories != "") { $cats = explode("|", $jevuser->categories); } else { if (JRequest::getInt("evid", 0) > 0) { // TODO - this should check the creator of the event $action = 'core.edit'; $cats = $user->getAuthorisedCategories('com_jevents', $action); $action = 'core.edit.own'; $cats = array_merge($cats, $user->getAuthorisedCategories('com_jevents', $action)); } else { $action = 'core.create'; $cats = $user->getAuthorisedCategories('com_jevents', $action); } } } } else { if (JRequest::getInt("evid", 0) > 0) { // TODO - this should check the creator of the event $action = 'core.edit'; $cats = $user->getAuthorisedCategories('com_jevents', $action); $action = 'core.edit.own'; $cats = array_merge($cats, $user->getAuthorisedCategories('com_jevents', $action)); } else { $action = 'core.create'; $cats = $user->getAuthorisedCategories('com_jevents', $action); } } } else { if (JRequest::getInt("evid", 0) > 0) { // TODO - this should check the creator of the event $action = 'core.edit'; $cats = $user->getAuthorisedCategories('com_jevents', $action); $action = 'core.edit.own'; $cats = array_merge($cats, $user->getAuthorisedCategories('com_jevents', $action)); } else { $action = 'core.create'; $cats = $user->getAuthorisedCategories('com_jevents', $action); } } $dispatcher = JEventDispatcher::getInstance(); $dispatcher->trigger('onGetAccessibleCategoriesForEditing', array(&$cats)); // allow anon-user event creation through if (isset($user->id) && $user->id > 0) { $count = count($options); for ($o = 0; $o < $count; $o++) { if (!in_array($options[$o]->value, $cats)) { unset($options[$o]); } } $options = array_values($options); } // Do we disable top level categories $params = JComponentHelper::getParams(JEV_COM_COMPONENT); if ($params->get("blocktoplevelcategories", 0)) { $count = count($options); for ($o = 0; $o < $count; $o++) { if (strpos($options[$o]->text, "-") !== 0) { // Do not block if there is a child! This is a crude test of this if (array_key_exists($o + 1, $options) && strpos($options[$o + 1]->text, "-") !== 0) { continue; } // If its the last one then it also has no children if (!array_key_exists($o + 1, $options)) { continue; } $options[$o]->disable = true; } } } } else { } // if only one category then preselect it if (count($options) == 1) { $catid = current($options)->value; } // sort categories alphabetically //usort($options, function($a, $b) { return strcmp($a->text,$b->text);}); // should we offer multi-choice categories? // do not use jev_com_component incase we call this from locations etc. $params = JComponentHelper::getParams(JRequest::getCmd("option")); if ($eventediting && $params->get("multicategory", 0)) { $size = count($options) > 6 ? 6 : count($options) + 1; ?> <select name="<?php echo $fieldname; ?> []" id="<?php echo $fieldname; ?> " <?php echo $args; ?> multiple="multiple" size="<?php echo $size; ?> " style="width:300px;"> <?php } else { ?> <select name="<?php echo $fieldname; ?> " <?php echo $args; ?> id="<?php echo $fieldname; ?> " > <option value="0"><?php echo $t_first_entry; ?> </option> <?php } ?> <?php echo JHtml::_('select.options', $options, 'value', 'text', $catid); ?> </select> <?php return ob_get_clean(); }
function importform() { // Can only do this if can add an event // Must be at least an event creator to edit or create events $is_event_editor = JEVHelper::isEventCreator(); if (!$is_event_editor) { $user = JFactory::getUser(); if ($user->id) { $this->setRedirect(JURI::root(), JText::_('JEV_NOTAUTH_CREATE_EVENT')); $this->redirect(); } else { $comuser = version_compare(JVERSION, '1.6.0', '>=') ? "com_users" : "com_user"; $this->setRedirect(JRoute::_("index.php?option={$comuser}&view=login"), JText::_('JEV_NOTAUTH_CREATE_EVENT')); $this->redirect(); } return; } $params = JComponentHelper::getParams(JEV_COM_COMPONENT); if (!$params->get("feimport", 0)) { return; } $document = JFactory::getDocument(); $viewType = $document->getType(); $cfg = JEVConfig::getInstance(); $theme = JEV_CommonFunctions::getJEventsViewName(); $view = "icals"; $this->addViewPath($this->_basePath . '/' . "views" . '/' . $theme); $this->view = $this->getView($view, $viewType, $theme . "View", array('base_path' => $this->_basePath, "template_path" => $this->_basePath . '/' . "views" . '/' . $theme . '/' . $view . '/' . 'tmpl', "name" => $theme . '/' . $view)); // Set the layout $this->view->setLayout('importform'); $this->view->assign("task", $this->_task); // get all the raw native calendars $nativeCals = $this->dataModel->queryModel->getNativeIcalendars(); // Strip this list down based on user permissions $jevuser = JEVHelper::getAuthorisedUser(); if ($jevuser && $jevuser->calendars != "" && $jevuser->calendars != "all") { $cals = array_keys($nativeCals); $allowedcals = explode("|", $jevuser->calendars); foreach ($cals as $calid) { if (!in_array($calid, $allowedcals)) { unset($nativeCals[$calid]); } } } $excats = "0"; if ($jevuser && $jevuser->categories != "" && $jevuser->categories != "all") { // Find which categories to exclude $db = JFactory::getDBO(); $catsql = 'SELECT id FROM #__categories WHERE id NOT IN (' . str_replace("|", ",", $jevuser->categories) . ') AND extension="com_jevents"'; $db->setQuery($catsql); $excats = implode(",", $db->loadColumn()); } // only offer a choice of native calendars if it exists! if (count($nativeCals) > 1) { $icalList = array(); $icalList[] = JHTML::_('select.option', '0', JText::_('JEV_EVENT_CHOOSE_ICAL'), 'ics_id', 'label'); $icalList = array_merge($icalList, $nativeCals); $clist = JHTML::_('select.genericlist', $icalList, 'icsid', " onchange='preselectCategory(this);'", 'ics_id', 'label', 0); $this->view->assign('clistChoice', true); $this->view->assign('defaultCat', 0); } else { if (count($nativeCals) == 0 || !is_array($nativeCals)) { JError::raiseWarning(870, JText::_('INVALID_CALENDAR_STRUCTURE')); } $icsid = current($nativeCals)->ics_id; $clist = '<input type="hidden" name="icsid" value="' . $icsid . '" />'; $this->view->assign('clistChoice', false); $params = JComponentHelper::getParams(JEV_COM_COMPONENT); if ($params->get("defaultcat", false)) { $this->view->assign('defaultCat', current($nativeCals)->catid); } else { $this->view->assign('defaultCat', 0); } } $this->view->assign('excats', $excats); $this->view->assign('nativeCals', $nativeCals); $this->view->assign('clist', $clist); // View caching logic -- simple... are we logged in? $cfg = JEVConfig::getInstance(); $joomlaconf = JFactory::getConfig(); $useCache = intval($cfg->get('com_cache', 0)) && $joomlaconf->get('caching', 1); $user = JFactory::getUser(); if ($user->get('id') || !$useCache) { $this->view->display(); } else { $cache = JFactory::getCache(JEV_COM_COMPONENT, 'view'); $cache->get($this->view, 'display'); } }
/** * override store function to force rrule to save too! * * @param unknown_type $updateNulls */ function store($updateNulls = false, $overwriteCreator = false) { $user =& JFactory::getUser(); if ($this->ev_id == 0) { $date =& JevDate::getDate(); $this->created = $date->toMySQL(); } if (!isset($this->created_by) || is_null($this->created_by) || $this->created_by == 0) { $this->created_by = $user->id; } $this->modified_by = $user->id; if (!isset($this->created_by_alias) || is_null($this->created_by_alias) || $this->created_by_alias == "") { $this->created_by_alias = ""; } // make sure I update existing detail $matchingDetail = $this->matchingEventDetails(); if (isset($matchingDetail) && isset($matchingDetail->evdet_id)) { $this->_detail->evdet_id = $matchingDetail->evdet_id; } // if existing row preserve created by - unless being overwritten by authorised user // If user is jevents can deleteall or has backend access then allow them to specify the creator $jevuser = JEVHelper::getAuthorisedUser(); $creatorid = JRequest::getInt("jev_creatorid", 0); $access = false; if ($user->get('id') > 0) { if (JVersion::isCompatible("1.6.0")) { //$access = JAccess::check($user->id, "core.deleteall","com_jevents"); $access = $user->authorise('core.deleteall', 'com_jevents'); } else { // does this logged in have backend access // Get an ACL object $acl =& JFactory::getACL(); $grp = $acl->getAroGroup($user->get('id')); // if no valid group (e.g. anon user) then skip this. if (!$grp) { return; } $access = $acl->is_group_child_of($grp->name, 'Public Backend'); } } if (!($jevuser && $jevuser->candeleteall || $access) || $creatorid == 0) { if (!is_null($this->ev_id) || $this->ev_id > 0) { // we can overwrite the creator if refreshing/saving an ical with specified creator if (isset($matchingDetail) && $matchingDetail->created_by > 0 && !$overwriteCreator) { $this->created_by = $matchingDetail->created_by; } } } $db =& JFactory::getDBO(); $detailid = $this->_detail->store($updateNulls); if (!$detailid) { JError::raiseError(104, JText::_('PROBLEMS_STORING_EVENT_DETAIL')); echo $db->getErroMsg() . "<br/>"; return false; } $this->detail_id = $detailid; if (!parent::store($updateNulls)) { JError::raiseError(105, JText::_('PROBLEMS_STORING_EVENT')); echo $db->getErrorMsg() . "<br/>"; return false; } // I also need to store custom data - when we need the event itself and not just the detail $dispatcher =& JDispatcher::getInstance(); // just incase we don't have jevents plugins registered yet JPluginHelper::importPlugin("jevents"); $res = $dispatcher->trigger('onStoreCustomEvent', array(&$this)); if (isset($this->rrule)) { $this->rrule->eventid = $this->ev_id; if ($id = $this->rrule->isDuplicate()) { $this->rrule->rr_id = $id; } $this->rrule->store($updateNulls); echo $db->getErrorMsg() . "<br/>"; } return true; }
/** * Test to see if user can delete event * * @param unknown_type $row * @param unknown_type $user * @return unknown */ public static function canDeleteEvent($row, $user = null) { // store in static to save repeated database calls static $authdata_coredeleteall = array(); // TODO make this call a plugin if ($user == null) { $user = JFactory::getUser(); } // are we authorised to do anything with this category or calendar $jevuser = JEVHelper::getAuthorisedUser(); if ($row->_icsid > 0 && $jevuser && $jevuser->calendars != "" && $jevuser->calendars != "all") { $allowedcals = explode("|", $jevuser->calendars); if (!in_array($row->_icsid, $allowedcals)) { return false; } } if ($row->_catid > 0 && $jevuser && $jevuser->categories != "" && $jevuser->categories != "all") { $allowedcats = explode("|", $jevuser->categories); if (!in_array($row->_catid, $allowedcats)) { return false; } // check multi cats too if (JEVHelper::rowCatids($row)) { if (count(array_diff(JEVHelper::rowCatids($row), $allowedcats))) { return false; } } } $params = JComponentHelper::getParams(JEV_COM_COMPONENT); $authorisedonly = $params->get("authorisedonly", 1); if ($authorisedonly) { if (!$jevuser) { return false; } if (!is_null($jevuser) && $jevuser->candeleteall) { return true; } else { if (!is_null($jevuser) && $jevuser->candeleteown && $row->created_by() == $user->id) { return true; } } return false; } // This involes TOO many database queries in Joomla - one per category which can be a LOT /* $cats = JEVHelper::getAuthorisedCategories($user,'com_jevents', 'core.deleteall'); if (in_array($row->_catid, $cats)) return true; */ $key = $row->catids() ? json_encode($row->catids()) : json_encode(intval($row->catid())); if (!isset($authdata_coredeleteall[$key])) { $authdata_coredeleteall[$key] = JEVHelper::authoriseCategories('core.deleteall', $key, $user); } if ($authdata_coredeleteall[$key]) { return $authdata_coredeleteall[$key]; } // can delete all? if (JEVHelper::isEventDeletor(true)) { // any category restrictions on this? // This involes TOO many database queries in Joomla - one per category which can be a LOT /* $cats = JEVHelper::getAuthorisedCategories($user,'com_jevents', 'core.deleteall'); if (in_array($row->_catid, $cats)) return true; */ $key = $row->catids() ? json_encode($row->catids()) : json_encode(intval($row->catid())); if (!isset($authdata_coredeleteall[$key])) { $authdata_coredeleteall[$key] = JEVHelper::authoriseCategories('core.deleteall', $key, $user); } if ($authdata_coredeleteall[$key]) { return $authdata_coredeleteall[$key]; } } // There seems to be a problem with category permissions - sometimes Joomla ACL set to yes in category but result is false! // fall back to being able to delete own events if a publisher if ($row->created_by() == $user->id) { $jevuser = JEVHelper::getAuthorisedUser(); if (!is_null($jevuser)) { return $jevuser->candeleteown; } // if a user can publish their own then cal delete their own too $params = JComponentHelper::getParams(JEV_COM_COMPONENT); $authorisedonly = $params->get("authorisedonly", 1); $publishown = $params->get("jevpublishown", 0); if (!$authorisedonly && ($publishown || JEVHelper::canPublishEvent($row, $user))) { return true; } } return false; }
/** * override store function to force rrule to save too! * * @param unknown_type $updateNulls */ function store($updateNulls = false, $overwriteCreator = false) { $user = JFactory::getUser(); if ($this->ev_id == 0) { $date = JevDate::getDate("+0 seconds"); $this->created = $date->toMySQL(); } if (!isset($this->created_by) || is_null($this->created_by) || $this->created_by == 0) { $this->created_by = $user->id; } $this->modified_by = $user->id; if (!isset($this->created_by_alias) || is_null($this->created_by_alias) || $this->created_by_alias == "") { $this->created_by_alias = ""; } // make sure I update existing detail $matchingDetail = $this->matchingEventDetails(); if (isset($matchingDetail) && isset($matchingDetail->evdet_id)) { $this->_detail->evdet_id = $matchingDetail->evdet_id; } // if existing row preserve created by - unless being overwritten by authorised user // If user is jevents can deleteall or has backend access then allow them to specify the creator $jevuser = JEVHelper::getAuthorisedUser(); $creatorid = JRequest::getInt("jev_creatorid", 0); $access = false; if ($user->get('id') > 0) { //$access = JAccess::check($user->id, "core.deleteall","com_jevents"); $access = $user->authorise('core.deleteall', 'com_jevents'); } if (!($jevuser && $jevuser->candeleteall || $access) || $creatorid == 0) { if (!is_null($this->ev_id) || $this->ev_id > 0) { // we can overwrite the creator if refreshing/saving an ical with specified creator if (isset($matchingDetail) && $matchingDetail->created_by > 0 && !$overwriteCreator) { $this->created_by = $matchingDetail->created_by; } } } // place private reference to created_by in event detail in case needed by plugins $this->_detail->_created_by = $this->created_by; $db = JFactory::getDBO(); $detailid = $this->_detail->store($updateNulls); if (!$detailid) { JError::raiseError(104, JText::_('PROBLEMS_STORING_EVENT_DETAIL')); echo $db->getErrorMsg() . "<br/>"; return false; } $this->detail_id = $detailid; // Keep the multiple catids for storing after this $catids = false; if (is_array($this->catid)) { $catids = $this->catid; $this->catid = $this->catid[0]; } if (!parent::store($updateNulls)) { JError::raiseError(105, JText::_('PROBLEMS_STORING_EVENT')); echo $db->getErrorMsg() . "<br/>"; return false; } if ($catids) { $pairs = array(); $order = 0; foreach ($catids as $catid) { if ($catid == "") { $catid = -1; } else { $pairs[] = "({$this->ev_id},{$catid}, {$order})"; $order++; } } $db->setQuery("DELETE FROM #__jevents_catmap where evid = " . $this->ev_id . " AND catid NOT IN (" . implode(",", $catids) . ")"); $sql = $db->getQuery(); $success = $db->query(); if (count($pairs) > 0) { $db->setQuery("Replace into #__jevents_catmap (evid, catid, ordering) VALUES " . implode(",", $pairs)); $sql = $db->getQuery(); $success = $db->query(); } } // I also need to store custom data - when we need the event itself and not just the detail $dispatcher = JDispatcher::getInstance(); // just incase we don't have jevents plugins registered yet JPluginHelper::importPlugin("jevents"); $res = $dispatcher->trigger('onStoreCustomEvent', array(&$this)); if (isset($this->rrule)) { $this->rrule->eventid = $this->ev_id; if ($id = $this->rrule->isDuplicate()) { $this->rrule->rr_id = $id; } $this->rrule->store($updateNulls); echo $db->getErrorMsg() . "<br/>"; } return true; }
/** * Build HTML selection list of categories * * @param int $catid Selected catid * @param string $args Additional HTML attributes for the <select> tag * @param string $catidList Restriction list of categories * @param boolean $with_unpublished Set true to build list with unpublished categories * @param boolean $require_sel First entry: true = Choose one category, false = All categories * @param int $catidtop Top level category ancestor */ function buildCategorySelect($catid, $args, $catidList = null, $with_unpublished = false, $require_sel = false, $catidtop = 0, $fieldname = "catid", $sectionname = JEV_COM_COMPONENT, $excludeid = false, $order = "ordering", $eventediting = false) { if (JVersion::isCompatible("1.6.0")) { // need to declare this because of bug in Joomla JHtml::_('select.options', on content pages - it loade the WRONG CLASS! include_once JPATH_SITE . "/libraries/joomla/html/html/category.php"; ob_start(); $t_first_entry = $require_sel ? JText::_('JEV_EVENT_CHOOSE_CATEG') : JText::_('JEV_EVENT_ALLCAT'); $options = JHtml::_('category.options', $sectionname); if ($catidList != null) { $cats = explode(',', $catidList); $count = count($options); for ($o = 0; $o < $count; $o++) { if (!in_array($options[$o]->value, $cats)) { unset($options[$o]); } } $options = array_values($options); } // Thanks to ssobada // when editing events we restrict the available list! $jevtask = JRequest::getString("jevtask"); if (strpos($jevtask, "icalevent.edit") !== false || strpos($jevtask, "icalrepeat.edit") !== false) { $user = JFactory::getUser(); $params = JComponentHelper::getParams(JEV_COM_COMPONENT); $authorisedonly = $params->get("authorisedonly", 0); if ($authorisedonly) { $jevuser = JEVHelper::getAuthorisedUser(); if ($jevuser) { if ($jevuser->categories == "all") { $cats = array(); foreach ($options as $opt) { $cats[] = $opt->value; } } else { if ($jevuser->categories != "") { $cats = explode("|", $jevuser->categories); } else { if (JRequest::getInt("evid", 0) > 0) { // TODO - this should check the creator of the event $action = 'core.edit'; $cats = $user->getAuthorisedCategories('com_jevents', $action); $action = 'core.edit.own'; $cats = array_merge($cats, $user->getAuthorisedCategories('com_jevents', $action)); } else { $action = 'core.create'; $cats = $user->getAuthorisedCategories('com_jevents', $action); } } } } else { if (JRequest::getInt("evid", 0) > 0) { // TODO - this should check the creator of the event $action = 'core.edit'; $cats = $user->getAuthorisedCategories('com_jevents', $action); $action = 'core.edit.own'; $cats = array_merge($cats, $user->getAuthorisedCategories('com_jevents', $action)); } else { $action = 'core.create'; $cats = $user->getAuthorisedCategories('com_jevents', $action); } } } else { if (JRequest::getInt("evid", 0) > 0) { // TODO - this should check the creator of the event $action = 'core.edit'; $cats = $user->getAuthorisedCategories('com_jevents', $action); $action = 'core.edit.own'; $cats = array_merge($cats, $user->getAuthorisedCategories('com_jevents', $action)); } else { $action = 'core.create'; $cats = $user->getAuthorisedCategories('com_jevents', $action); } } $dispatcher =& JDispatcher::getInstance(); $dispatcher->trigger('onGetAccessibleCategoriesForEditing', array(&$cats)); // allow anon-user event creation through if (isset($user->id)) { $count = count($options); for ($o = 0; $o < $count; $o++) { if (!in_array($options[$o]->value, $cats)) { unset($options[$o]); } } $options = array_values($options); } } else { } // if only one category then preselect it if (count($options) == 1) { $catid = current($options)->value; } // should we offer multi-choice categories? // do not use jev_com_component incase we call this from locations etc. $params = JComponentHelper::getParams(JRequest::getCmd("option")); if ($eventediting && $params->get("multicategory", 0)) { $size = count($options) > 6 ? 6 : count($options) + 1; ?> <select name="<?php echo $fieldname; ?> []" <?php echo $args; ?> multiple="multiple" size="<?php echo $size; ?> "> <?php } else { ?> <select name="<?php echo $fieldname; ?> " <?php echo $args; ?> > <option value="0"><?php echo $t_first_entry; ?> </option> <?php } ?> <?php echo JHtml::_('select.options', $options, 'value', 'text', $catid); ?> </select> <?php return ob_get_clean(); } $user = JFactory::getUser(); $db = JFactory::getDBO(); $catsql = 'SELECT c.id, c.published, c.title as ctitle,p.title as ptitle, gp.title as gptitle, ggp.title as ggptitle ' . (JVersion::isCompatible("1.6.0") ? ", c.lft as ordering " : ", c.ordering as ordering") . ' , p.id as pid, gp.id as gpid, ggp.id as ggpid ' . ' FROM #__categories AS c' . ' LEFT JOIN #__categories AS p ON p.id=c.parent_id' . ' LEFT JOIN #__categories AS gp ON gp.id=p.parent_id ' . ' LEFT JOIN #__categories AS ggp ON ggp.id=gp.parent_id ' . "WHERE c.access " . (version_compare(JVERSION, '1.6.0', '>=') ? ' IN (' . JEVHelper::getAid($user) . ')' : ' <= ' . JEVHelper::getAid($user)); if (JVersion::isCompatible("1.6.0")) { $catsql .= ' AND c.extension = ' . $db->Quote($sectionname); } else { $catsql .= ' AND c.section = ' . $db->Quote($sectionname); } if ($with_unpublished) { $catsql .= ' AND c.published >= 0'; } else { $catsql .= ' AND c.published = 1'; } if ($excludeid) { $catsql .= ' AND c.id NOT IN (' . $excludeid . ')'; } if (is_string($catidList) && strlen(trim($catidList))) { $catsql .= ' AND c.id IN (' . trim($catidList) . ')'; } if (JVersion::isCompatible("1.6.0")) { $catsql .= " ORDER BY c.lft"; } else { $catsql .= " ORDER BY c.ordering"; } $db->setQuery($catsql); //echo $db->_sql; $rows = $db->loadObjectList('id'); $dispatcher =& JDispatcher::getInstance(); $dispatcher->trigger('onGetCategoryData', array(&$rows)); foreach ($rows as $key => $option) { if (JVersion::isCompatible("1.6.0") && $option->pid == 1) { $option->pid = 0; $option->ptitle = null; } $title = $option->ctitle; if (!is_null($option->ptitle)) { // this doesn't; work in Joomfish //$title = $option->ptitle."=>".$title; if (array_key_exists($option->pid, $rows)) { $title = $rows[$option->pid]->ctitle . "=>" . $title; } else { $title = $option->ptitle . "=>" . $title; } } if (!is_null($option->gptitle)) { // this doesn't; work in Joomfish //$title = $option->gptitle."=>".$title; if (array_key_exists($option->gpid, $rows)) { $title = $rows[$option->gpid]->ctitle . "=>" . $title; } else { $title = $option->gptitle . "=>" . $title; } } if (!is_null($option->ggptitle)) { // this doesn't; work in Joomfish //$title = $option->ggptitle."=>".$title; if (array_key_exists($option->ggpid, $rows)) { $title = $rows[$option->ggpid]->ctitle . "=>" . $title; } else { $title = $option->ggptitle . "=>" . $title; } } /* if (!is_null($option->gggptitle)){ $title = $option->gggptitle."=>".$title; } */ $rows[$key]->name = $title; } JArrayHelper::sortObjects($rows, $order); $t_first_entry = $require_sel ? JText::_('JEV_EVENT_CHOOSE_CATEG') : JText::_('JEV_EVENT_ALLCAT'); //$categories[] = JHTML::_('select.option', '0', JText::_('JEV_EVENT_CHOOSE_CATEG'), 'id', 'name' ); $categories[] = JHTML::_('select.option', '0', $t_first_entry, 'id', 'name'); if ($with_unpublished) { for ($i = 0; $i < count($rows); $i++) { if ($rows[$i]->published == 0) { $rows[$i]->name = $rows[$i]->name . '(' . JText::_('JEV_NOT_PUBLISHED') . ')'; } } } $categories = array_merge($categories, $rows); // if only one category then preselect it if (count($categories) == 2) { $catid = $categories[1]->id; } $clist = JHTML::_('select.genericlist', $categories, $fieldname, $args, 'id', 'name', $catid); return $clist; }
/** * Test to see if user can delete event * * @param unknown_type $row * @param unknown_type $user * @return unknown */ function canDeleteEvent($row, $user = null) { // TODO make this call a plugin if ($user == null) { $user =& JFactory::getUser(); } // are we authorised to do anything with this category or calendar $jevuser =& JEVHelper::getAuthorisedUser(); if ($row->_icsid > 0 && $jevuser && $jevuser->calendars != "" && $jevuser->calendars != "all") { $allowedcals = explode("|", $jevuser->calendars); if (!in_array($row->_icsid, $allowedcals)) { return false; } } if ($row->_catid > 0 && $jevuser && $jevuser->categories != "" && $jevuser->categories != "all") { $allowedcats = explode("|", $jevuser->categories); if (!in_array($row->_catid, $allowedcats)) { return false; } } if (JVersion::isCompatible("1.6.0")) { $cats = $user->getAuthorisedCategories('com_jevents', 'core.edit.state'); if (in_array($row->_catid, $cats)) { return true; } } // can publish all? if (JEVHelper::isEventDeletor(true)) { return true; } else { if ($row->created_by() == $user->id) { $jevuser =& JEVHelper::getAuthorisedUser(); if (!is_null($jevuser)) { return $jevuser->candeleteown; } // if a user can publish their own then cal delete their own too $params = JComponentHelper::getParams(JEV_COM_COMPONENT); $authorisedonly = $params->get("authorisedonly", 1); $publishown = $params->get("jevpublishown", 0); if (!$authorisedonly && $publishown) { return true; } } } return false; }
/** * @copyright Copyright (C) 2015-2015 GWE Systems Ltd. All rights reserved. * @license By negoriation with author via http://www.gwesystems.com */ function ProcessJsonRequest(&$requestObject, $returnData) { $returnData->titles = array(); $returnData->exactmatch = false; ini_set("display_errors", 0); include_once JPATH_SITE . "/components/com_jevents/jevents.defines.php"; $token = JSession::getFormToken(); if (isset($requestObject->token) && $requestObject->token != $token || JFactory::getApplication()->input->get('token', '', 'string') != $token) { PlgSystemGwejson::throwerror("There was an error - bad token. Please refresh the page and try again."); } $user = JFactory::getUser(); if ($user->id == 0) { PlgSystemGwejson::throwerror("There was an error"); } // If user is jevents can deleteall or has backend access then allow them to specify the creator $jevuser = JEVHelper::getAuthorisedUser(); $user = JFactory::getUser(); //$access = JAccess::check($user->id, "core.deleteall", "com_jevents"); $access = $user->authorise('core.admin', 'com_jevents') || $user->authorise('core.deleteall', 'com_jevents'); $db = JFactory::getDBO(); if (!($jevuser && $jevuser->candeleteall) && !$access) { PlgSystemGwejson::throwerror("There was an error - no access"); } if ($requestObject->error) { return "Error"; } if (isset($requestObject->typeahead) && trim($requestObject->typeahead) !== "") { $returnData->result = "title is " . $requestObject->typeahead; } else { PlgSystemGwejson::throwerror("There was an error - no valid argument"); } $db = JFactory::getDBO(); $title = JFilterInput::getInstance()->clean($requestObject->typeahead, "string"); $text = $db->Quote('%' . $db->escape($title, true) . '%', false); // Remove any dodgy characters from fields // Only allow a to z , 0 to 9, ', " space (\\040), hyphen (\\-), underscore (\\_) /* $regex = '/[^a-zA-Z0-9_\'\"\'\\40\\-\\_]/'; $title = preg_replace($regex, "", $title); $title = JString::substr($title." ",0,4); */ if (trim($title) == "" && trim($title) == "") { PlgSystemGwejson::throwerror("There was an error - no valid argument"); } $params = JComponentHelper::getParams(JEV_COM_COMPONENT); $authorisedonly = $params->get("authorisedonly", 0); // if authorised only then load from database if ($authorisedonly) { $sql = "SELECT ju.* FROM #__jev_users AS tl "; $sql .= " LEFT JOIN #__users as ju ON tl.user_id=ju.id "; $sql .= " WHERE tl.cancreate=1 and ju.username LIKE ({$text}) OR ju.name LIKE ({$text}) "; $sql .= " ORDER BY ju.name ASC"; $sql .= " LIMIT 500"; $db->setQuery($sql); $matches = $db->loadObjectList(); } else { $rules = JAccess::getAssetRules("com_jevents", true); $creatorgroups = $rules->getData(); // need to merge the arrays because of stupid way Joomla checks super user permissions //$creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups["core.create"]->getData()); // use union orf arrays sincee getData no longer has string keys in the resultant array //$creatorgroups = $creatorgroups["core.admin"]->getData()+ $creatorgroups["core.create"]->getData(); // use union orf arrays sincee getData no longer has string keys in the resultant array $creatorgroupsdata = $creatorgroups["core.admin"]->getData(); // take the higher permission setting foreach ($creatorgroups["core.create"]->getData() as $creatorgroup => $permission) { if ($permission) { $creatorgroupsdata[$creatorgroup] = $permission; } } $userids = array(0); foreach ($creatorgroupsdata as $creatorgroup => $permission) { if ($permission == 1) { $userids = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $userids); } } $sql = "SELECT * FROM #__users " . "where id IN (" . implode(",", array_values($userids)) . ") and username LIKE ({$text}) OR name LIKE ({$text}) and block=0 " . "ORDER BY name asc LIMIT 500"; $db->setQuery($sql); $matches = $db->loadObjectList(); } if (count($matches) == 0) { $returnData = array(); } else { $returnData = array(); foreach ($matches as $match) { $result = new stdClass(); $result->title = $match->name . " (" . $match->username . ")"; $result->creator_id = $match->id; $returnData[] = $result; } } return $returnData; }
/** * Method to get the field input markup. * * @return string The field input markup. * @since 1.6 */ protected function getInput() { $maxDirectNumber = 50; JLoader::register('JEVHelper', JPATH_SITE . "/components/com_jevents/libraries/helper.php"); JEVHelper::ConditionalFields($this->element, $this->form->getName()); $creator = intval($this->value) > 0 ? intval($this->value) : (isset($user) ? $user->id : 0); // If user is jevents can deleteall or has backend access then allow them to specify the creator $jevuser = JEVHelper::getAuthorisedUser(); $user = JFactory::getUser(); //$access = JAccess::check($user->id, "core.deleteall", "com_jevents"); $access = $user->authorise('core.admin', 'com_jevents') || $user->authorise('core.deleteall', 'com_jevents'); $db = JFactory::getDBO(); if ($jevuser && $jevuser->candeleteall || $access) { $params = JComponentHelper::getParams(JEV_COM_COMPONENT); $authorisedonly = $params->get("authorisedonly", 0); // if authorised only then load from database if ($authorisedonly) { $sql = "SELECT count(tl.id) FROM #__jev_users AS tl "; $sql .= " LEFT JOIN #__users as ju ON tl.user_id=ju.id "; $sql .= " WHERE tl.cancreate=1"; $sql .= " ORDER BY ju.name ASC"; $db->setQuery($sql); $userCount = $db->loadResult(); if ($userCount <= $maxDirectNumber) { $sql = "SELECT tl.*, ju.* FROM #__jev_users AS tl "; $sql .= " LEFT JOIN #__users as ju ON tl.user_id=ju.id "; $sql .= " WHERE tl.cancreate=1"; $sql .= " ORDER BY ju.name ASC"; $db->setQuery($sql); $users = $db->loadObjectList(); } } else { $rules = JAccess::getAssetRules("com_jevents", true); $creatorgroups = $rules->getData(); // need to merge the arrays because of stupid way Joomla checks super user permissions //$creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups["core.create"]->getData()); // use union orf arrays sincee getData no longer has string keys in the resultant array //$creatorgroups = $creatorgroups["core.admin"]->getData()+ $creatorgroups["core.create"]->getData(); // use union orf arrays sincee getData no longer has string keys in the resultant array $creatorgroupsdata = $creatorgroups["core.admin"]->getData(); // take the higher permission setting foreach ($creatorgroups["core.create"]->getData() as $creatorgroup => $permission) { if ($permission) { $creatorgroupsdata[$creatorgroup] = $permission; } } $userids = array(0); foreach ($creatorgroupsdata as $creatorgroup => $permission) { if ($permission == 1) { $userids = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $userids); } } $sql = "SELECT count(id) FROM #__users where id IN (" . implode(",", array_values($userids)) . ") and block=0 ORDER BY name asc"; $db->setQuery($sql); $userCount = $db->loadResult(); if ($userCount <= $maxDirectNumber) { $sql = "SELECT * FROM #__users where id IN (" . implode(",", array_values($userids)) . ") and block=0 ORDER BY name asc"; $db->setQuery($sql); $users = $db->loadObjectList(); } } // get list of creators - if fewer than 200 if (!isset($users)) { // Use Typeahead instead if ($userCount > $maxDirectNumber) { $creatorname = ""; if ($creator > 0) { $sql = "SELECT * FROM #__users where id = {$creator}"; $db->setQuery($sql); $creatorData = $db->loadObject(); if ($creatorData) { $creatorname = $creatorData->name . " (" . $creatorData->username . ")"; } } ob_start(); ?> <input type="hidden" name='jev_creatorid' id='jev_creatorid' value="<?php echo $creator; ?> "/> <div id="scrollable-dropdown-menu" style="float:left"> <input name="creatorid_notused" id="ta_creatorid" class="jevtypeahead" placeholder="<?php echo $creatorname; ?> " type="text" autocomplete="off" size="50"> </div> <?php JLoader::register('JevTypeahead', JPATH_LIBRARIES . "/jevents/jevtypeahead/jevtypeahead.php"); $datapath = JRoute::_("index.php?option=com_jevents&ttoption=com_jevents&typeaheadtask=gwejson&file=findcreator", false); //$prefetchdatapath = JRoute::_("index.php?option=com_jevents&ttoption=com_jevents&typeaheadtask=gwejson&file=findcreator&prefetch=1", false); JevTypeahead::typeahead('#ta_creatorid', array('remote' => $datapath, 'data_value' => 'title', 'data_id' => 'creator_id', 'field_selector' => '#jev_creatorid', 'minLength' => 2, 'limit' => 10, 'scrollable' => 1)); return ob_get_clean(); } return ""; } $userOptions[] = JHTML::_('select.option', '-1', JText::_('SELECT_USER')); foreach ($users as $user) { if ($user->id == 0) { continue; } $userOptions[] = JHTML::_('select.option', $user->id, $user->name . " ( " . $user->username . " )"); } $userlist = JHTML::_('select.genericlist', $userOptions, 'jev_creatorid', 'class="inputbox" size="1" ', 'value', 'text', $creator); return $userlist; } return ""; }