示例#1
0
    if (!Guardian::happy(1) && Guardian::get('author') !== $post->author) {
        Shield::abort();
    }
    Config::set(array('page_title' => $speak->deleting . ': ' . $post->title . $config->title_separator . $config->manager->title, 'page' => $post, 'cargo' => 'kill.post.php'));
    $G = array('data' => Mecha::A($post));
    if ($request = Request::post()) {
        Guardian::checkToken($request['token']);
        File::open($post->path)->delete();
        // Deleting response(s) ...
        if ($responses = call_user_func('Get::' . $response . 's', 'DESC', 'post:' . $id, 'txt,hold')) {
            foreach ($responses as $v) {
                File::open($v)->delete();
            }
        }
        $P = array('data' => $request);
        include __DIR__ . DS . 'task.kill.substance.php';
        // Deleting custom CSS and JavaScript file of post ...
        File::open(CUSTOM . DS . Date::slug($id) . '.txt')->delete();
        File::open(CUSTOM . DS . Date::slug($id) . '.draft')->delete();
        Weapon::fire(array('on_custom_update', 'on_custom_destruct'), array($G, $P));
        // Deleting custom PHP file of post ...
        File::open(File::D($post->path) . DS . $post->slug . '.php')->delete();
        Notify::success(Config::speak('notify_success_deleted', $post->title));
        Weapon::fire(array('on_' . $segment . '_update', 'on_' . $segment . '_destruct'), array($G, $G));
        Guardian::kick($config->manager->slug . '/' . $segment);
    } else {
        Notify::warning(Config::speak('notify_confirm_delete_', '<strong>' . $post->title . '</strong>'));
        Notify::warning(Config::speak('notify_confirm_delete_page', strtolower($speak->{$segment}), strtolower($speak->{$response . 's'})));
    }
    Shield::lot(array('segment' => $segment))->attach('manager');
});
示例#2
0
 /**
  * Remove one or more entries
  *
  * @return  void
  */
 public function removeTask()
 {
     // Check for request forgeries
     Request::checkToken();
     $ids = Request::getVar('id', array());
     $ids = !is_array($ids) ? array($ids) : $ids;
     // Make sure we have an ID
     if (empty($ids)) {
         Notify::warning(Lang::txt('COM_GROUPS_ERROR_NO_ITEMS_SELECTED'));
         return $this->cancelTask();
     }
     $i = 0;
     foreach ($ids as $id) {
         // Remove the entry
         $model = Role::oneOrFail(intval($id));
         if (!$model->destroy()) {
             Notify::error($model->getError());
             continue;
         }
         $i++;
     }
     if ($i) {
         Notify::success(Lang::txt('COM_GROUPS_ROLE_REMOVED'));
     }
     $this->cancelTask();
 }
示例#3
0
 /**
  * Unapprove a group
  *
  * @return  void
  */
 public function unapproveTask()
 {
     // Incoming
     $ids = Request::getVar('id', array());
     // Get the single ID we're working with
     if (!is_array($ids)) {
         $ids = array($ids);
     }
     // Do we have any IDs?
     if (!empty($ids)) {
         // foreach group id passed in
         foreach ($ids as $id) {
             // Load the group page
             $group = new Group();
             $group->read($id);
             // Ensure we found the group info
             if (!$group) {
                 continue;
             }
             // Set the group to be published and update
             $group->set('approved', 0);
             $group->update();
             // log publishing
             Log::log(array('gidNumber' => $group->get('gidNumber'), 'action' => 'group_unapproved', 'comments' => 'unapproved by administrator'));
         }
         Notify::success(Lang::txt('COM_GROUPS_UNAPPROVED'));
     }
     // Output messsage and redirect
     App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false));
 }
示例#4
0
        } else {
            $deletes = array($name);
        }
    }
    Config::set(array('page_title' => $speak->deleting . ': ' . (count($deletes) === 1 ? File::B($name) : $speak->assets) . $config->title_separator . $config->manager->title, 'files' => $deletes, 'cargo' => DECK . DS . 'workers' . DS . 'kill.asset.php'));
    if ($request = Request::post()) {
        Guardian::checkToken($request['token']);
        $info_path = array();
        $is_folder_or_file = count($deletes) === 1 && is_dir(ASSET . DS . $deletes[0]) ? 'folder' : 'file';
        foreach ($deletes as $file_to_delete) {
            $_path = ASSET . DS . $file_to_delete;
            $info_path[] = $_path;
            File::open($_path)->delete();
        }
        $P = array('data' => array('files' => $info_path));
        Notify::success(Config::speak('notify_' . $is_folder_or_file . '_deleted', '<code>' . implode('</code>, <code>', $deletes) . '</code>'));
        Weapon::fire('on_asset_update', array($P, $P));
        Weapon::fire('on_asset_destruct', array($P, $P));
        Guardian::kick($config->manager->slug . '/asset/1' . $p);
    } else {
        Notify::warning(count($deletes) === 1 ? Config::speak('notify_confirm_delete_', '<code>' . File::path($name) . '</code>') : $speak->notify_confirm_delete);
    }
    Shield::lot('segment', 'asset')->attach('manager', false);
});
/**
 * Multiple Asset Killer
 * ---------------------
 */
Route::accept($config->manager->slug . '/asset/kill', function ($path = "") use($config, $speak) {
    if ($request = Request::post()) {
        Guardian::checkToken($request['token']);
示例#5
0
<?php

/**
 * Shortcode Manager
 * -----------------
 */
Route::accept($config->manager->slug . '/shortcode', function () use($config, $speak) {
    if (!Guardian::happy(1)) {
        Shield::abort();
    }
    $shortcodes = Get::state_shortcode(null, array(), false);
    $G = array('data' => $shortcodes);
    Config::set(array('page_title' => $speak->shortcodes . $config->title_separator . $config->manager->title, 'cargo' => 'cargo.shortcode.php'));
    if ($request = Request::post()) {
        $request = Filter::apply('request:__shortcode', $request);
        Guardian::checkToken($request['token']);
        $data = array();
        for ($i = 0, $keys = $request['key'], $count = count($keys); $i < $count; ++$i) {
            if (trim($keys[$i]) !== "") {
                $data[$keys[$i]] = $request['value'][$i];
            }
        }
        $P = array('data' => $data);
        File::serialize($data)->saveTo(STATE . DS . 'shortcode.txt', 0600);
        Notify::success(Config::speak('notify_success_updated', $speak->shortcode));
        Weapon::fire('on_shortcode_update', array($G, $P));
        Guardian::kick($config->url_current);
    }
    Shield::lot(array('segment' => 'shortcode', 'files' => Mecha::O($shortcodes)))->attach('manager');
});
示例#6
0
            return Extend::where('key', '=', $str)->where('type', '=', $input['type'])->where('id', '<>', $id)->count() == 0;
        });
        $validator->check('key')->is_max(1, __('extend.key_missing'))->is_valid_key(__('extend.key_exists'));
        $validator->check('label')->is_max(1, __('extend.label_missing'));
        if ($errors = $validator->errors()) {
            Input::flash();
            Notify::error($errors);
            return Response::redirect('admin/extend/fields/edit/' . $id);
        }
        if ($input['field'] == 'image') {
            $attributes = Json::encode($input['attributes']);
        } elseif ($input['field'] == 'file') {
            $attributes = Json::encode(array('attributes' => array('type' => $input['attributes']['type'])));
        } else {
            $attributes = '';
        }
        Extend::update($id, array('type' => $input['type'], 'pagetype' => $input['pagetype'], 'field' => $input['field'], 'key' => $input['key'], 'label' => $input['label'], 'attributes' => $attributes));
        Notify::success(__('extend.field_updated'));
        return Response::redirect('admin/extend/fields/edit/' . $id);
    });
    /*
        Delete Field
    */
    Route::get('admin/extend/fields/delete/(:num)', function ($id) {
        $field = Extend::find($id);
        Query::table(Base::table($field->type . '_meta'))->where('extend', '=', $field->id)->delete();
        $field->delete();
        Notify::success(__('extend.field_deleted'));
        return Response::redirect('admin/extend/fields');
    });
});
示例#7
0
<?php

foreach ($field as $k => $v) {
    $f = $v['type'] === 'file' || $v['type'] === 'f';
    // Remove asset field value and data
    if (isset($v['remove']) && $f) {
        File::open(SUBSTANCE . DS . $v['remove'])->delete();
        Weapon::fire(array('on_substance_update', 'on_substance_destruct'), array($G, $P));
        Notify::success(Config::speak('notify_file_deleted', '<code>' . $v['remove'] . '</code>'));
        unset($field[$k]);
    }
    // Remove empty field value
    if (!isset($v['value']) || $v['value'] === "") {
        unset($field[$k]);
    } else {
        $e = File::E($v['value']);
        if (!file_exists(SUBSTANCE . DS . $e . DS . $v['value']) && $f) {
            unset($field[$k]);
        } else {
            $field[$k] = $v['value'];
        }
    }
}
示例#8
0
<?php

/**
 * Menu Manager
 * ------------
 */
Route::accept($config->manager->slug . '/menu', function () use($config, $speak) {
    if (Guardian::get('status') !== 'pilot') {
        Shield::abort();
    }
    $menus = Get::state_menu();
    Config::set(array('page_title' => $speak->menus . $config->title_separator . $config->manager->title, 'cargo' => DECK . DS . 'workers' . DS . 'cargo.menu.php'));
    $G = array('data' => array('content' => $menus));
    if ($request = Request::post()) {
        Guardian::checkToken($request['token']);
        // Check for invalid input
        if (preg_match('#(^|\\n)(\\t| {1,3})(?:[^ ])#', $request['content'])) {
            Notify::error($speak->notify_invalid_indent_character);
            Guardian::memorize($request);
        }
        $P = array('data' => $request);
        if (!Notify::errors()) {
            File::write($request['content'])->saveTo(STATE . DS . 'menu.txt', 0600);
            Notify::success(Config::speak('notify_success_updated', $speak->menu));
            Weapon::fire('on_menu_update', array($G, $P));
            Guardian::kick($config->url_current);
        }
    }
    Shield::lot(array('segment' => 'menu', 'the_content' => $menus))->attach('manager', false);
});
示例#9
0
 public function update_permissions()
 {
     //return Input::all();
     //
     // create the validation rules ------------------------
     $rules = array('group_name' => 'required', 'permissions' => 'required');
     $messages = array('required' => 'The :attribute required.', 'permissions.required' => 'permissions.required');
     // do the validation ----------------------------------
     // validate against the inputs from our form
     $validator = Validator::make(Input::all(), $rules, $messages);
     // check if the validator failed -----------------------
     if ($validator->fails()) {
         // get the error messages from the validator
         $messages = $validator->messages();
         // redirect our user back to the form with the errors from the validator
         return Redirect::to('settings/user-management/user-groups')->withErrors($validator)->withInput();
     } else {
         // validation successful ---------------------------
         $permissionArray = array();
         // Creating permission array
         foreach (Input::get('permissions') as $permission) {
             $permissionArray[$permission] = 1;
         }
         $is_group_exists = DB::table('groups')->where('name', '=', urldecode(Input::get('group_name')))->get();
         if ($is_group_exists) {
             $sucsess = DB::table('groups')->where('name', '=', urldecode(Input::get('group_name')))->update(array('permissions' => json_encode($permissionArray)));
             if ($sucsess == 1) {
                 Notify::success('Permissions Successfully Updated');
                 return Redirect::to('settings/user-management/user-groups');
             }
         } else {
             try {
                 // Create the group
                 $group = Sentry::createGroup(array('name' => Input::get('group_name'), 'permissions' => $permissionArray));
             } catch (Cartalyst\Sentry\Groups\NameRequiredException $e) {
                 echo 'Name field is required';
             } catch (Cartalyst\Sentry\Groups\GroupExistsException $e) {
                 //echo 'Group already exists';
                 Notify::error('Group already exists');
                 return Redirect::to('settings/user-management/user-groups')->withErrors('Group already exists');
             }
         }
         // redirect ----------------------------------------
         return Redirect::to('settings/user-management/user-groups');
     }
 }
示例#10
0
 $id = (int) time();
 $parent = Request::post('parent');
 $P = array('data' => $request);
 $name = strip_tags($request['name']);
 $email = Text::parse($request['email'], '->broken_entity');
 $url = isset($request['url']) ? $request['url'] : false;
 $parser = strip_tags(Request::post('content_type', $config->html_parser));
 $message = $request['message'];
 $field = Request::post('fields', array());
 include DECK . DS . 'workers' . DS . 'task.field.1.php';
 // Temporarily disallow image(s) in comment to prevent XSS
 $message = strip_tags($message, '<br><img>' . ($parser === 'HTML' ? '<a><abbr><b><blockquote><code><del><dfn><em><i><ins><p><pre><span><strong><sub><sup><time><u><var>' : ""));
 $message = preg_replace('#(\\!\\[.*?\\]\\(.*?\\))#', '`$1`', $message);
 $message = preg_replace('#<img(\\s[^<>]*?)>#', '&lt;img$1&gt;', $message);
 Page::header(array('Name' => $name, 'Email' => $email, 'URL' => $url, 'Status' => Guardian::happy() ? 'pilot' : 'passenger', 'Content Type' => $parser, 'Fields' => !empty($field) ? Text::parse($field, '->encoded_json') : false, 'UA' => Get::UA(), 'IP' => Get::IP()))->content($message)->saveTo(RESPONSE . DS . $post . '_' . Date::format($id, 'Y-m-d-H-i-s') . '_' . ($parent ? Date::format($parent, 'Y-m-d-H-i-s') : '0000-00-00-00-00-00') . $extension);
 Notify::success(Config::speak('notify_success_submitted', $speak->comment));
 if ($extension === '.hold') {
     Notify::info($speak->notify_info_comment_moderation);
 }
 Weapon::fire('on_comment_update', array($P, $P));
 Weapon::fire('on_comment_construct', array($P, $P));
 if ($config->comment_notification_email) {
     $mail = '<p>' . Config::speak('comment_notification', $article->url . '#' . sprintf($comment_id, Date::format($id, 'U'))) . '</p>';
     $mail .= '<p><strong>' . $name . ':</strong></p>';
     $mail .= $parser !== 'HTML' ? Text::parse($message, '->html') : $message;
     $mail .= '<p>' . Date::format($id, 'Y/m/d H:i:s') . '</p>';
     // Sending email notification ...
     if (!Guardian::happy()) {
         if (Notify::send($request['email'], $config->author_email, $speak->comment_notification_subject, $mail, 'comment:')) {
             Weapon::fire('on_comment_notification_construct', array($request, $config->author_email, $speak->comment_notification_subject, $mail));
         }
示例#11
0
 * Login Page
 * ----------
 *
 * [1]. manager/login
 *
 */
Route::accept($config->manager->slug . '/login', function () use($config, $speak) {
    if (!File::exist(File::D(__DIR__) . DS . 'launch.php')) {
        Shield::abort('404-manager');
    }
    if (Guardian::happy()) {
        Guardian::kick($config->manager->slug . '/article');
    }
    Config::set(array('page_title' => $speak->log_in . $config->title_separator . $config->title, 'cargo' => 'cargo.login.php'));
    include __DIR__ . DS . 'cargo.php';
    if ($request = Request::post()) {
        Guardian::authorize()->kick(isset($request['kick']) ? $request['kick'] : $config->manager->slug . '/article');
    }
    Shield::attach('manager-login');
}, 20);
/**
 * Logout Page
 * -----------
 *
 * [1]. manager/logout
 *
 */
Route::accept($config->manager->slug . '/logout', function () use($config, $speak) {
    Notify::success(ucfirst(strtolower($speak->logged_out)) . '.');
    Guardian::reject()->kick($config->manager->slug . '/login');
}, 21);
            return Page::where('slug', '=', $str)->count() == 0;
        });
        $validator->check('title')->is_max(3, __('pages.title_missing'));
        $validator->check('slug')->is_max(3, __('pages.slug_missing'))->is_duplicate(__('pages.slug_duplicate'))->not_regex('#^[0-9_-]+$#', __('pages.slug_invalid'));
        if ($input['redirect']) {
            $validator->check('redirect')->is_url(__('pages.redirect_missing'));
        }
        if ($errors = $validator->errors()) {
            Input::flash();
            Notify::error($errors);
            return Response::redirect('admin/pages/add');
        }
        if (empty($input['name'])) {
            $input['name'] = $input['title'];
        }
        $input['show_in_menu'] = is_null($input['show_in_menu']) ? 0 : 1;
        $page = Page::create($input);
        Extend::process('page', $page->id);
        Notify::success(__('pages.created'));
        return Response::redirect('admin/pages');
    });
    /*
    	Delete Page
    */
    Route::get('admin/pages/delete/(:num)', function ($id) {
        Page::find($id)->delete();
        Query::table(Base::table('page_meta'))->where('page', '=', $id)->delete();
        Notify::success(__('pages.deleted'));
        return Response::redirect('admin/pages');
    });
});
示例#13
0
 /**
  * Sets the state of one or more entries
  *
  * @return  void
  */
 public function stateTask()
 {
     // Check for request forgeries
     Request::checkToken('get');
     $id = Request::getInt('id', 0, 'get');
     switch ($this->_task) {
         case 'publish':
         case 'unpublish':
             $publish = $this->_task == 'publish' ? 1 : 0;
             // Check for an ID
             if (!$id) {
                 App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_STORE_ALERT_SELECT_ITEM') . ' ' . ($publish == 1 ? 'published' : 'unpublished'), 'error');
                 return;
             }
             // Update record(s)
             $obj = new Store($this->database);
             $obj->load($id);
             $obj->published = $publish;
             if (!$obj->store()) {
                 throw new Exception($obj->getError(), 500);
             }
             // Set message
             if ($publish == '1') {
                 Notify::success(Lang::txt('COM_STORE_MSG_ITEM_ADDED'));
             } else {
                 if ($publish == '0') {
                     Notify::success(Lang::txt('COM_STORE_MSG_ITEM_DELETED'));
                 }
             }
             break;
         case 'available':
         case 'unavailable':
             $avail = $this->_task == 'available' ? 1 : 0;
             // Check for an ID
             if (!$id) {
                 App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_STORE_ALERT_SELECT_ITEM') . ' ' . ($avail == 1 ? 'available' : 'unavailable'), 'error');
                 return;
             }
             // Update record(s)
             $obj = new Store($this->database);
             $obj->load($id);
             $obj->available = $avail;
             if (!$obj->store()) {
                 throw new Exception($obj->getError(), 500);
             }
             // Set message
             if ($avail == '1') {
                 Notify::success(Lang::txt('COM_STORE_MSG_ITEM_AVAIL'));
             } else {
                 if ($avail == '0') {
                     Notify::success(Lang::txt('COM_STORE_MSG_ITEM_UNAVAIL'));
                 }
             }
             break;
     }
     App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false));
 }
示例#14
0
 /**
  * Update the associated resource page for this tool
  *
  * @param      integer $rid       Resource ID
  * @param      array   $status    Fields to update
  * @param      integer $published Published state
  * @param      integer $newtool   Updating for a new tool?
  * @return     boolean True if no errors
  */
 public function updatePage($rid, $status = array(), $published = 0, $newtool = 0)
 {
     if ($rid === NULL) {
         return false;
     }
     $resource = new \Components\Resources\Tables\Resource($this->database);
     $resource->load($rid);
     if (count($status) > 0) {
         $resource->fulltxt = addslashes($status['fulltxt']);
         $resource->introtext = $status['description'];
         $resource->title = preg_replace('/\\s+/', ' ', $status['title']);
         $resource->modified = Date::toSql();
         $resource->modified_by = User::get('id');
     }
     if ($published) {
         $resource->published = $published;
     }
     if ($newtool && $published == 1) {
         $resource->publish_up = Date::toSql();
     }
     if (!$resource->store()) {
         $this->setError($row->getError());
         return false;
     } else {
         if ($newtool) {
             \Notify::success(Lang::txt('COM_TOOLS_NOTICE_RES_PUBLISHED'), 'tools');
         } else {
             \Notify::success(Lang::txt('COM_TOOLS_NOTICE_RES_UPDATED'), 'tools');
         }
     }
     return true;
 }
示例#15
0
<?php

// The `__launch.php` file will be included only in the backend
Route::accept($config->manager->slug . '/plugin/' . File::B(__DIR__) . '/update', function () use($config, $speak) {
    if ($request = Request::post()) {
        Guardian::checkToken($request['token']);
        // [2]
        File::write('test!')->saveTo(__DIR__ . DS . 'states' . DS . 'config.txt', 0600);
        Notify::success(Config::speak('notify_success_updated', $speak->plugin));
        // [3]
        Guardian::kick(File::D($config->url_current));
        // [4]
    }
});
示例#16
0
        $input = Input::get(array('key', 'value'));
        $input['key'] = slug($input['key'], '_');
        $validator = new Validator($input);
        $validator->add('valid_key', function ($str) use($key) {
            // no change
            if ($str == $key) {
                return true;
            }
            // check the new key $str is available
            return Query::table(Base::table('pagetypes'))->where('key', '=', $str)->count() == 0;
        });
        $validator->check('key')->is_max(2, __('extend.key_missing'))->is_valid_key(__('extend.key_exists'));
        $validator->check('value')->is_max(1, __('extend.name_missing'));
        if ($errors = $validator->errors()) {
            Input::flash();
            Notify::error($errors);
            return Response::redirect('admin/extend/pagetypes/edit/' . $key);
        }
        Query::table(Base::table('pagetypes'))->where('key', '=', $key)->update($input);
        Notify::success(__('extend.pagetype_updated'));
        return Response::redirect('admin/extend/pagetypes');
    });
    /*
        Delete Var
    */
    Route::get('admin/extend/pagetypes/delete/(:any)', function ($key) {
        Query::table(Base::table('pagetypes'))->where('key', '=', $key)->delete();
        Notify::success(__('extend.pagetype_deleted'));
        return Response::redirect('admin/extend/pagetypes');
    });
});
示例#17
0
            $input['comments'] = 0;
        }
        if (empty($input['html'])) {
            $input['status'] = 'draft';
        }
        $post = Post::create($input);
        Extend::process('post', $post->id);
        Notify::success(__('posts.created'));
        return Response::redirect('admin/posts');
    });
    /*
    	Preview post
    */
    Route::post('admin/posts/preview', function () {
        $html = Input::get('html');
        // apply markdown processing
        $md = new Markdown();
        $output = Json::encode(array('html' => $md->transform($html)));
        return Response::create($output, 200, array('content-type' => 'application/json'));
    });
    /*
    	Delete post
    */
    Route::get('admin/posts/delete/(:num)', function ($id) {
        Post::find($id)->delete();
        Comment::where('post', '=', $id)->delete();
        Query::table(Base::table('post_meta'))->where('post', '=', $id)->delete();
        Notify::success(__('posts.deleted'));
        return Response::redirect('admin/posts');
    });
});
示例#18
0
        $vars['themes'] = Themes::all();
        return View::create('extend/metadata/edit', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer');
    });
    /*
        Update Metadata
    */
    Route::post('admin/extend/metadata', function () {
        $input = Input::get(array('sitename', 'description', 'home_page', 'posts_page', 'posts_per_page', 'auto_published_comments', 'theme', 'comment_notifications', 'comment_moderation_keys', 'show_all_posts', 'dashboard_page'));
        foreach ($input as $key => $value) {
            $input[$key] = eq($value);
        }
        $validator = new Validator($input);
        $validator->check('sitename')->is_max(3, __('metadata.sitename_missing'));
        $validator->check('description')->is_max(3, __('metadata.sitedescription_missing'));
        $validator->check('posts_per_page')->is_regex('#^[0-9]+$#', __('metadata.missing_posts_per_page', 'Please enter a number for posts per page'));
        if ($errors = $validator->errors()) {
            Input::flash();
            Notify::error($errors);
            return Response::redirect('admin/extend/metadata');
        }
        // convert double quotes so we dont break html
        $input['sitename'] = e($input['sitename'], ENT_COMPAT);
        $input['description'] = e($input['description'], ENT_COMPAT);
        foreach ($input as $key => $v) {
            $v = is_null($v) ? 0 : $v;
            Query::table(Base::table('meta'))->where('key', '=', $key)->update(array('value' => $v));
        }
        Notify::success(__('metadata.updated'));
        return Response::redirect('admin/extend/metadata');
    });
});
示例#19
0
 public static function upload($file, $destination = ROOT, $callback = null)
 {
     $config = Config::get();
     $speak = Config::speak();
     $destination = self::path($destination);
     $errors = Mecha::A($speak->notify_file);
     // Create a safe file name
     $file['name'] = Text::parse($file['name'], '->safe_file_name');
     $extension = self::E($file['name']);
     // Something goes wrong
     if ($file['error'] > 0 && isset($errors[$file['error']])) {
         Notify::error($errors[$file['error']]);
     } else {
         // Destination not found
         if (!file_exists($destination)) {
             self::pocket($destination);
         }
         // Unknown file type
         if (!isset($file['type']) || empty($file['type'])) {
             Notify::error($speak->notify_error_file_type_unknown);
         }
         // Bad file extension
         $extension_allow = ',' . implode(',', self::$config['file_extension_allow']) . ',';
         if (strpos($extension_allow, ',' . $extension . ',') === false) {
             Notify::error(Config::speak('notify_error_file_extension', $extension));
         }
         // Too small
         if ($file['size'] < self::$config['file_size_min_allow']) {
             Notify::error(Config::speak('notify_error_file_size_min', self::size(self::$config['file_size_min_allow'], 'KB')));
         }
         // Too large
         if ($file['size'] > self::$config['file_size_max_allow']) {
             Notify::error(Config::speak('notify_error_file_size_max', self::size(self::$config['file_size_max_allow'], 'KB')));
         }
     }
     if (!Notify::errors()) {
         // Move the uploaded file to the destination folder
         if (!file_exists($destination . DS . $file['name'])) {
             move_uploaded_file($file['tmp_name'], $destination . DS . $file['name']);
         } else {
             Notify::error(Config::speak('notify_file_exist', '<code>' . $file['name'] . '</code>'));
         }
         if (!Notify::errors()) {
             // Create public asset link to show on file uploaded
             $link = self::url($destination) . '/' . $file['name'];
             Notify::success(Config::speak('notify_file_uploaded', '<code>' . $file['name'] . '</code>'));
             self::$open = $destination . DS . $file['name'];
             if (is_callable($callback)) {
                 call_user_func($callback, $file['name'], $file['type'], $file['size'], $link);
             }
         }
         return new static();
     }
     return false;
 }
示例#20
0
 /**
  * Process import selections
  *
  * @return  void
  */
 private function processAction()
 {
     // Check if they're logged in
     if (User::isGuest()) {
         return $this->loginAction();
     }
     if (!$this->params->get('access-manage')) {
         throw new Exception(Lang::txt('PLG_MEMBERS_CITATIONS_NOT_AUTHORIZED'), 403);
     }
     Request::checkToken();
     $cites_require_attention = $this->importer->readRequiresAttention();
     $cites_require_no_attention = $this->importer->readRequiresNoAttention();
     // action for citations needing attention
     $citations_action_attention = Request::getVar('citation_action_attention', array());
     // action for citations needing no attention
     $citations_action_no_attention = Request::getVar('citation_action_no_attention', array());
     // check to make sure we have citations
     if (!$cites_require_attention && !$cites_require_no_attention) {
         App::redirect(Route::url($this->member->getLink() . '&active=' . $this->_name . '&action=import'), Lang::txt('PLG_MEMBERS_CITATIONS_IMPORT_MISSING_FILE_CONTINUE'), 'error');
         return;
     }
     // vars
     $allow_tags = "yes";
     $allow_badges = "yes";
     $this->importer->set('user', User::get('id'));
     $this->importer->setTags($allow_tags == 'yes');
     $this->importer->setBadges($allow_badges == 'yes');
     $this->importer->set('scope_id', $this->member->get('uidNumber'));
     $this->importer->set('scope', 'member');
     // Process
     $results = $this->importer->process($citations_action_attention, $citations_action_no_attention);
     // success message a redirect
     Notify::success(Lang::txt('PLG_MEMBERS_CITATIONS_IMPORT_RESULTS_SAVED', count($results['saved'])), 'plg_citations');
     // if we have citations not getting saved
     if (count($results['not_saved']) > 0) {
         Notify::warning(Lang::txt('PLG_MEMBERS_CITATIONS_IMPORT_RESULTS_NOT_SAVED', count($results['not_saved'])), 'plg_citations');
     }
     if (count($results['error']) > 0) {
         Notify::error(Lang::txt('PLG_MEMBERS_CITATIONS_IMPORT_RESULTS_SAVE_ERROR', count($results['error'])), 'plg_citations');
     }
     //get the session object
     $session = App::get('session');
     //ids of sessions saved and not saved
     $session->set('citations_saved', $results['saved']);
     $session->set('citations_not_saved', $results['not_saved']);
     $session->set('citations_error', $results['error']);
     //delete the temp files that hold citation data
     $this->importer->cleanup(true);
     //redirect
     App::redirect(Route::url($this->member->getLink() . '&active=' . $this->_name . '&action=saved'));
 }
示例#21
0
 /**
  * Method to save the form data.
  *
  * @param	array	The form data.
  * @return	boolean	True on success.
  */
 public function save($data)
 {
     // Detect disabled extension
     $extension = JTable::getInstance('Extension');
     if ($extension->load(array('enabled' => 0, 'type' => 'template', 'element' => $data['template'], 'client_id' => $data['client_id']))) {
         $this->setError(Lang::txt('COM_TEMPLATES_ERROR_SAVE_DISABLED_TEMPLATE'));
         return false;
     }
     // Initialise variables;
     $table = $this->getTable();
     $pk = !empty($data['id']) ? $data['id'] : (int) $this->getState('style.id');
     $isNew = true;
     // Load the row if saving an existing record.
     if ($pk > 0) {
         $table->load($pk);
         $isNew = false;
     }
     if (Request::getVar('task') == 'save2copy') {
         $data['title'] = $this->generateNewTitle(null, null, $data['title']);
         $data['home'] = 0;
         $data['assigned'] = '';
     }
     // Bind the data.
     if (!$table->bind($data)) {
         $this->setError($table->getError());
         return false;
     }
     // Prepare the row for saving
     $this->prepareTable($table);
     // Check the data.
     if (!$table->check()) {
         $this->setError($table->getError());
         return false;
     }
     // Trigger the onExtensionBeforeSave event.
     $result = Event::trigger('extension.onExtensionBeforeSave', array('com_templates.style', &$table, $isNew));
     if (in_array(false, $result, true)) {
         $this->setError($table->getError());
         return false;
     }
     // Store the data.
     if (!$table->store()) {
         $this->setError($table->getError());
         return false;
     }
     if (User::authorise('core.edit', 'com_menus') && $table->client_id == 0) {
         $n = 0;
         $db = App::get('db');
         if (!empty($data['assigned']) && is_array($data['assigned'])) {
             \Hubzero\Utility\Arr::toInteger($data['assigned']);
             // Update the mapping for menu items that this style IS assigned to.
             $query = $db->getQuery(true);
             $query->update('#__menu');
             $query->set('template_style_id=' . (int) $table->id);
             $query->where('id IN (' . implode(',', $data['assigned']) . ')');
             $query->where('template_style_id!=' . (int) $table->id);
             $query->where('checked_out in (0,' . (int) User::get('id') . ')');
             $db->setQuery($query);
             $db->query();
             $n += $db->getAffectedRows();
         }
         // Remove style mappings for menu items this style is NOT assigned to.
         // If unassigned then all existing maps will be removed.
         $query = $db->getQuery(true);
         $query->update('#__menu');
         $query->set('template_style_id=0');
         if (!empty($data['assigned'])) {
             $query->where('id NOT IN (' . implode(',', $data['assigned']) . ')');
         }
         $query->where('template_style_id=' . (int) $table->id);
         $query->where('checked_out in (0,' . (int) User::get('id') . ')');
         $db->setQuery($query);
         $db->query();
         $n += $db->getAffectedRows();
         if ($n > 0) {
             Notify::success(Lang::txts('COM_TEMPLATES_MENU_CHANGED', $n));
         }
     }
     // Clean the cache.
     $this->cleanCache();
     // Trigger the onExtensionAfterSave event.
     Event::trigger('extension.onExtensionAfterSave', array('com_templates.style', &$table, $isNew));
     $this->setState('style.id', $table->id);
     return true;
 }
示例#22
0
 /**
  * Vote on a comment
  *
  * @return  void
  */
 protected function _vote()
 {
     // Ensure the user is logged in
     if (User::isGuest()) {
         return $this->_login();
     }
     $no_html = Request::getInt('no_html', 0);
     // Record the vote
     if ($item_id = Request::getInt('voteup', 0)) {
         $how = 1;
     } else {
         if ($item_id = Request::getInt('votedown', 0)) {
             $how = -1;
         }
     }
     $item = \Plugins\Hubzero\Comments\Models\Comment::oneOrFail($item_id);
     if (!$item->vote($how)) {
         $this->setError($item->getError());
     }
     if (!$no_html) {
         if ($this->getError()) {
             Notify::error($this->getError());
         } else {
             Notify::success(Lang::txt('PLG_HUBZERO_COMMENTS_VOTE_SAVED'));
         }
         App::redirect($this->url);
     }
     $item->set('vote', $how);
     $this->view->setLayout('vote');
     $this->view->set('item', $item);
     $this->view->setErrors($this->getErrors());
     // Ugly brute force method of cleaning output
     ob_clean();
     echo $this->view->loadTemplate();
     exit;
 }
示例#23
0
            Notify::error($errors);
            return Response::redirect('admin/categories/add');
        }
        if (empty($input['slug'])) {
            $input['slug'] = $input['title'];
        }
        $input['slug'] = slug($input['slug']);
        $category = Category::create($input);
        Extend::process('category', $category->id);
        Notify::success(__('categories.created'));
        return Response::redirect('admin/categories');
    });
    /*
        Delete Category
    */
    Route::get('admin/categories/delete/(:num)', function ($id) {
        $total = Category::count();
        if ($total == 1) {
            Notify::error(__('categories.delete_error'));
            return Response::redirect('admin/categories/edit/' . $id);
        }
        // move posts
        $category = Category::where('id', '<>', $id)->fetch();
        // delete selected
        Category::find($id)->delete();
        // update posts
        Post::where('category', '=', $id)->update(array('category' => $category->id));
        Notify::success(__('categories.deleted'));
        return Response::redirect('admin/categories');
    });
});
示例#24
0
 function do_comment_construct()
 {
     $config = Config::get();
     $speak = Config::speak();
     if ($config->page_type === 'article') {
         $comment_id = 'comment-%d';
         // Your comment ID
         $comment_form_id = 'comment-form';
         // Your comment form ID
         $article = isset($config->article->path) ? $config->article : false;
         $G = array('data' => array('article' => Mecha::A($article), 'comment_id' => $comment_id, 'comment_form_id' => $comment_form_id));
         if ($article !== false && ($request = Request::post())) {
             if ($task = File::exist(SHIELD . DS . $config->shield . DS . 'workers' . DS . 'task.comment.php')) {
                 require $task;
                 // Custom comment constructor
             } else {
                 // Check token
                 Guardian::checkToken($request['token'], $article->url . '#' . $comment_form_id);
                 $extension = $config->comments->moderation && !Guardian::happy() ? '.hold' : '.txt';
                 // Check name
                 if (trim($request['name']) === "") {
                     Notify::error(Config::speak('notify_error_empty_field', $speak->name));
                 }
                 // Check email
                 if (trim($request['email']) !== "") {
                     if (!Guardian::check($request['email'], '->email')) {
                         Notify::error($speak->notify_invalid_email);
                     } else {
                         // Disallow passenger(s) from entering your email address in the comment email field
                         if (!Guardian::happy() && $request['email'] === $config->author->email) {
                             Notify::warning(Config::speak('notify_warning_forbidden_input', array('<em>' . $request['email'] . '</em>', strtolower($speak->email))));
                         }
                     }
                 } else {
                     Notify::error(Config::speak('notify_error_empty_field', $speak->email));
                 }
                 // Check URL
                 if (trim($request['url']) !== "" && !Guardian::check($request['url'], '->url')) {
                     Notify::error($speak->notify_invalid_url);
                 }
                 // Check message
                 if (trim($request['message']) === "") {
                     Notify::error(Config::speak('notify_error_empty_field', $speak->message));
                 }
                 // Check challenge
                 if (!Guardian::checkMath($request['math'])) {
                     Notify::error($speak->notify_invalid_math_answer);
                 }
                 // Check name length
                 if (Guardian::check($request['name'], '->too_long', 100)) {
                     Notify::error(Config::speak('notify_error_too_long', $speak->name));
                 }
                 // Check email length
                 if (Guardian::check($request['email'], '->too_long', 100)) {
                     Notify::error(Config::speak('notify_error_too_long', $speak->email));
                 }
                 // Check URL length
                 if (Guardian::check($request['url'], '->too_long', 100)) {
                     Notify::error(Config::speak('notify_error_too_long', $speak->url));
                 }
                 // Check message length
                 if (Guardian::check($request['message'], '->too_long', 1700)) {
                     Notify::error(Config::speak('notify_error_too_long', $speak->message));
                 }
                 // Check for spam keyword(s) in comment
                 $fucking_words = explode(',', $config->keywords_spam);
                 foreach ($fucking_words as $spam) {
                     if ($f**k = trim($spam)) {
                         if ($request['email'] === $f**k || strpos(strtolower($request['message']), strtolower($f**k)) !== false) {
                             Notify::warning($speak->notify_warning_intruder_detected . ' <strong class="text-error pull-right">' . $f**k . '</strong>');
                             break;
                         }
                     }
                 }
                 if (!Notify::errors()) {
                     $post = Date::slug($article->time);
                     $id = (int) time();
                     $parent = Request::post('parent');
                     $P = array('data' => $request);
                     $P['data']['id'] = $id;
                     $name = strip_tags($request['name']);
                     $email = Text::parse($request['email'], '->broken_entity');
                     $url = isset($request['url']) && trim($request['url']) !== "" ? $request['url'] : false;
                     $parser = strip_tags(Request::post('content_type', $config->html_parser->active));
                     $message = Text::parse($request['message'], '->text', WISE_CELL . '<img>', false);
                     $field = Request::post('fields', array());
                     include File::D(__DIR__, 2) . DS . 'task.fields.php';
                     // Temporarily disallow image(s) in comment to prevent XSS
                     $message = preg_replace('#<img(\\s[^<>]*?)>#i', '&lt;img$1&gt;', $message);
                     Page::header(array('Name' => $name, 'Email' => $email, 'URL' => $url, 'Status' => Guardian::happy() ? 1 : 2, 'Content Type' => $parser, 'Fields' => !empty($field) ? Text::parse($field, '->encoded_json') : false))->content($message)->saveTo(COMMENT . DS . $post . '_' . Date::slug($id) . '_' . ($parent ? Date::slug($parent) : '0000-00-00-00-00-00') . $extension);
                     Notify::success(Config::speak('notify_success_submitted', $speak->comment));
                     if ($extension === '.hold') {
                         Notify::info($speak->notify_info_comment_moderation);
                     }
                     Weapon::fire(array('on_comment_update', 'on_comment_construct'), array($G, $P));
                     Guardian::kick($config->url_current . $config->ur_query . (!Guardian::happy() && $config->comments->moderation ? '#' . $comment_form_id : '#' . sprintf($comment_id, Date::format($id, 'U'))));
                 } else {
                     Guardian::kick($config->url_current . $config->url_query . '#' . $comment_form_id);
                 }
             }
         }
     }
 }
示例#25
0
<?php

/**
 * Error Log
 * ---------
 */
Route::accept($config->manager->slug . '/error', function () use($config, $speak) {
    Config::set(array('page_title' => $speak->errors . $config->title_separator . $config->manager->title, 'cargo' => 'cargo.error.php'));
    Shield::lot(array('segment' => 'error', 'content' => File::open(ini_get('error_log'))->read(false)))->attach('manager');
});
/**
 * Error Log Killer
 * ----------------
 */
Route::accept($config->manager->slug . '/error/kill', function () use($config, $speak) {
    if (!Guardian::happy(1)) {
        Shield::abort();
    }
    $errors = LOG . DS . 'errors.log';
    $G = array('data' => array('content' => File::open($errors)->read()));
    File::open($errors)->delete();
    Weapon::fire('on_error_destruct', array($G, $G));
    Notify::success(Config::speak('notify_success_deleted', $speak->file));
    Guardian::kick(File::D($config->url_current));
});
    if ($errors = $validator->errors()) {
        Input::flash();
        Notify::error($errors);
        return Response::redirect($posts_page->slug . '/' . $slug . '#comment');
    }
    $input['post'] = Post::slug($slug)->id;
    $input['date'] = Date::mysql('now');
    $input['status'] = Config::meta('auto_published_comments') ? 'approved' : 'pending';
    // remove bad tags
    $input['text'] = strip_tags($input['text'], '<a>,<b>,<blockquote>,<code>,<em>,<i>,<p>,<pre>');
    // check if the comment is possibly spam
    if ($spam = Comment::spam($input)) {
        $input['status'] = 'spam';
    }
    $comment = Comment::create($input);
    Notify::success(__('comments.created'));
    // dont notify if we have marked as spam
    if (!$spam and Config::meta('comment_notifications')) {
        $comment->notify();
    }
    return Response::redirect($posts_page->slug . '/' . $slug . '#comment');
});
/**
 * Rss feed
 */
Route::get(array('rss', 'feeds/rss'), function () {
    $uri = 'http://' . $_SERVER['HTTP_HOST'];
    $rss = new Rss(Config::meta('sitename'), Config::meta('description'), $uri, Config::app('language'));
    $query = Post::where('status', '=', 'published')->sort(Base::table('posts.created'), 'desc');
    foreach ($query->get() as $article) {
        $rss->item($article->title, Uri::full(Registry::get('posts_page')->slug . '/' . $article->slug), $article->description, $article->created);
示例#27
0
    } else {
        Notify::warning(Config::speak('notify_confirm_delete_', $path ? '<code>' . File::path($path) . '</code>' : '<strong>' . $info['title'] . '</strong>'));
    }
    Shield::lot(array('segment' => 'shield', 'the_shield' => $folder, 'the_name' => $path, 'the_info' => $info))->attach('manager', false);
});
/**
 * Shield Attacher
 * ---------------
 */
Route::accept($config->manager->slug . '/shield/(attach|eject)/id:(:any)', function ($path = "", $slug = "") use($config, $speak) {
    $new_config = Get::state_config();
    $new_config['shield'] = $path === 'attach' ? $slug : 'normal';
    File::serialize($new_config)->saveTo(STATE . DS . 'config.txt', 0600);
    $G = array('data' => array('id' => $slug, 'action' => $path));
    $mode = $path === 'eject' ? 'eject' : 'mount';
    Notify::success(Config::speak('notify_success_updated', $speak->shield));
    Weapon::fire('on_shield_update', array($G, $G));
    Weapon::fire('on_shield_' . $mode, array($G, $G));
    Weapon::fire('on_shield_' . md5($slug) . '_update', array($G, $G));
    Weapon::fire('on_shield_' . md5($slug) . '_' . $mode, array($G, $G));
    foreach (glob(SYSTEM . DS . 'log' . DS . 'asset.*.log', GLOB_NOSORT) as $asset_cache) {
        File::open($asset_cache)->delete();
    }
    Guardian::kick($config->manager->slug . '/shield/' . $slug);
});
/**
 * Shield Backup
 * -------------
 */
Route::accept($config->manager->slug . '/shield/backup/id:(:any)', function ($folder = "") use($config, $speak) {
    $name = $folder . '.zip';
    if (trim($request['name']) === "") {
        $request['name'] = $id . '.txt';
        // empty file name
    }
    $_path = Text::parse(sprintf($request['name'], $id), '->safe_path_name');
    $e = File::E($_path, false);
    if ($e !== 'txt' && $e !== 'php') {
        $e = 'txt';
        $_path .= '.txt';
    }
    $_path_ = File::path($_path);
    $file = ASSET . DS . '__snippet' . DS . $e . DS . $_path;
    if (File::exist($file)) {
        // file already exists
        Notify::error(Config::speak('notify_file_exist', '<code>' . $_path_ . '</code>'));
    }
    if (trim($request['content']) === "") {
        // empty file content
        Notify::error($speak->notify_error_content_empty);
    }
    if (!Notify::errors()) {
        $recent = array_slice(File::open(CACHE . DS . 'plugin.snippet.cache')->unserialize(), 0, $config->per_page);
        File::serialize(array_merge(array($_path), $recent))->saveTo(CACHE . DS . 'plugin.snippet.cache', 0600);
        $url = $config->manager->slug . '/asset/repair/file:__snippet/' . $e . '/' . File::url($_path) . '?path=' . urlencode(rtrim('__snippet/' . $e . '/' . File::D(File::url($_path)), '/'));
        File::write($request['content'])->saveTo($file, 0600);
        Notify::success(Config::speak('notify_file_created', '<code>' . $_path_ . '</code>' . (!isset($request['redirect']) ? ' <a class="pull-right" href="' . $config->url . '/' . $url . '" target="_blank">' . Jot::icon('pencil') . ' ' . $speak->edit . '</a>' : "")));
        Notify::info('<strong>' . $speak->shortcode . ':</strong> <code>{{' . ($e === 'php' ? 'include' : 'print') . ':' . str_replace('.' . $e . X, "", File::url($_path) . X) . '}}</code>');
        Guardian::kick(isset($request['redirect']) ? $url : File::D($config->url_current));
    }
    Guardian::kick(File::D($config->url_current));
});
示例#29
0
    });
    Route::post('admin/users/add', function () {
        $input = Input::get(array('username', 'email', 'real_name', 'password', 'bio', 'status', 'role'));
        $validator = new Validator($input);
        $validator->check('username')->is_max(3, __('users.username_missing', 2));
        $validator->check('email')->is_email(__('users.email_missing'));
        $validator->check('password')->is_max(6, __('users.password_too_short', 6));
        if ($errors = $validator->errors()) {
            Input::flash();
            Notify::error($errors);
            return Response::redirect('admin/users/add');
        }
        $input['password'] = Hash::make($input['password']);
        User::create($input);
        Notify::success(__('users.created'));
        return Response::redirect('admin/users');
    });
    /*
    	Delete user
    */
    Route::get('admin/users/delete/(:num)', function ($id) {
        $self = Auth::user();
        if ($self->id == $id) {
            Notify::error(__('users.delete_error'));
            return Response::redirect('admin/users/edit/' . $id);
        }
        User::where('id', '=', $id)->delete();
        Notify::success(__('users.deleted'));
        return Response::redirect('admin/users');
    });
});
示例#30
0
 /**
  * Delete Import
  *
  * @return  void
  */
 public function removeTask()
 {
     // check token
     Session::checkToken();
     // get request vars
     $ids = Request::getVar('id', array());
     $ids = !is_array($ids) ? array($ids) : $ids;
     // loop through all ids posted
     $i = 0;
     foreach ($ids as $id) {
         // make sure we have an object
         $import = Import::oneOrFail($id);
         if (!$import->get('id')) {
             continue;
         }
         // attempt to delete import
         if (!$import->destroy()) {
             Notify::error($import->getError());
             continue;
         }
         $i++;
     }
     if ($i) {
         Notify::success(Lang::txt('COM_MEMBERS_IMPORT_REMOVED'));
     }
     //inform user & redirect
     $this->cancelTask();
 }