function check() { // Not typed in a category name? if (trim($this->name) == '') { $this->_error = JText::_('COM_REDEVENT_ADD_GROUP_NAME'); RedeventError::raiseWarning('REDEVENT_GENERIC_ERROR', $this->_error); return false; } /** check for existing name */ $query = 'SELECT id FROM #__redevent_groups WHERE name = ' . $this->_db->Quote($this->name); $this->_db->setQuery($query); $xid = intval($this->_db->loadResult()); if ($xid && $xid != intval($this->id)) { JError::raiseWarning('REDEVENT_GENERIC_ERROR', JText::sprintf('COM_REDEVENT_GROUP_NAME_S_ALREADY_EXISTS', $this->name)); return false; } /** check it's the only with default set to 1 **/ if ($this->isdefault) { /** check for existing name */ $query = 'SELECT id FROM #__redevent_groups WHERE isdefault = 1'; $this->_db->setQuery($query); $xid = intval($this->_db->loadResult()); if ($xid && $xid != intval($this->id)) { JError::raiseWarning('REDEVENT_GENERIC_ERROR', JText::_('COM_REDEVENT_THERE_IS_ALREADY_A_DEFAULT_GROUP')); return false; } } return true; }
/** * Save the configuration */ function store() { $table =& JTable::getInstance('component'); $parampost['params'] = JRequest::getVar('params'); $parampost['option'] = 'com_redform'; $table->loadByOption('com_redform'); $table->bind($parampost); // save the changes if (!$table->store()) { RedeventError::raiseWarning(500, $table->getError()); return false; } return true; }
function check() { if (!$this->group_id) { $this->_error = JText::_('COM_REDEVENT_GROUP_REQUIRED'); RedeventError::raiseWarning('REDEVENT_GENERIC_ERROR', $this->_error); return false; } if (!$this->category_id) { $this->_error = JText::_('COM_REDEVENT_CATEGORY_REQUIRED'); RedeventError::raiseWarning('REDEVENT_GENERIC_ERROR', $this->_error); return false; } /** check for existing relationship */ $query = ' SELECT id FROM #__redevent_groups_categories ' . ' WHERE group_id = ' . $this->_db->Quote($this->group_id) . ' AND category_id = ' . $this->_db->Quote($this->category_id); $this->_db->setQuery($query); $xid = intval($this->_db->loadResult()); if ($xid && $xid != intval($this->id)) { JError::raiseWarning('REDEVENT_GENERIC_ERROR', JText::_('COM_REDEVENT_GROUP_CATEGORY_RELATIONSHIP_ALREADY_EXISTS')); return false; } return true; }
/** * Method to get categories item data * * @access public * @return array */ function getData() { $app =& JFactory::getApplication(); $contents = ''; $file = $app->getCfg('log_path') . DS . 'com_redevent.log'; if (file_exists($file)) { $handle = fopen($file, "r"); if (!$handle) { RedeventError::raiseWarning('0', 'error opening: ' . $file); } $contents = ''; while (!feof($handle)) { $contents .= fread($handle, 8192); } fclose($handle); } if (empty($contents)) { $contents = array(JText::_('COM_REDEVENT_No_log')); } else { $contents = explode("\n", $contents); array_shift($contents); } return $contents; }
/** * Cleanes and saves the submitted event to the database * * TODO: Check if the user is allowed to post events assigned to this category/venue * * @since 0.4 */ function saveevent() { // Check for request forgeries JRequest::checkToken() or die('Invalid Token'); //get image $file = JRequest::getVar('userfile', '', 'files', 'array'); $post = JRequest::get('post', 4); $isNew = $post['id'] ? false : true; $model = $this->getModel('editevent'); $this->addModelPath(JPATH_BASE . DS . 'administrator' . DS . 'components' . DS . 'com_redevent' . DS . 'models'); $model_wait = $this->getModel('waitinglist'); if ($row = $model->store($post, $file)) { JPluginHelper::importPlugin('redevent'); $dispatcher =& JDispatcher::getInstance(); $res = $dispatcher->trigger('onEventEdited', array($row->id, $isNew)); $cache =& JFactory::getCache('com_redevent'); $cache->clean(); $msg = 'saved'; // $link = JRequest::getString('referer', RedeventHelperRoute::getMyeventsRoute(), 'post'); } else { $msg = $model->getError(); // $link = JRequest::getString('referer', RedeventHelperRoute::getMyeventsRoute(), 'post'); RedeventError::raiseWarning(0, $model->getError()); } $model->checkin(); switch (JRequest::getWord('referer')) { case 'myevents': $link = JRoute::_(RedeventHelperRoute::getMyeventsRoute(), false); break; default: if ($row && $row->published) { $link = JRoute::_(RedeventHelperRoute::getDetailsRoute($row->id, $row->xref ? $row->xref : null), false); } else { $link = JRoute::_(RedeventHelperRoute::getMyeventsRoute(), false); } } $this->setRedirect($link, $msg); }
/** * Logic to delete text library element * * @access public * @return void * @since 2.0 */ function remove() { $option = JRequest::getCmd('option'); $cid = JRequest::getVar('cid', array(0), 'post', 'array'); if (!is_array($cid) || count($cid) < 1) { JError::raiseError(500, JText::_('COM_REDEVENT_Select_an_item_to_delete')); } $model = $this->getModel('textlibrary'); if ($model->delete($cid)) { $msg = count($cid) . ' ' . JText::_('COM_REDEVENT_TAGS_DELETED'); } else { $msg = JText::_('COM_REDEVENT_ERROR_REMOVE_TAG_FAILED' . ': ' . $model->getError()); RedeventError::raiseWarning(1, $msg); } $cache =& JFactory::getCache('com_redevent'); $cache->clean(); $this->setRedirect('index.php?option=' . $option . '&view=textlibrary', $msg); }
/** * Send the signup email */ public function getSendFormalOfferEmail($tags) { /* Initialise the mailer */ $this->Mailer(); /* Load the details for this course */ $db = JFactory::getDBO(); $q = "SELECT * \n\t\t\tFROM #__redevent_event_venue_xref x\n\t\t\tLEFT JOIN #__redevent_events e\n\t\t\tON e.id = x.eventid\n\t\t\tLEFT JOIN #__redevent_venues v\n\t\t\tON v.id = x.venueid\n\t\t\tWHERE x.id = " . JRequest::getInt('xref'); $db->setQuery($q); $details = $db->loadObject(); /* Add the recipient */ $this->mailer->AddAddress(JRequest::getVar('subemailaddress'), JRequest::getVar('subemailname')); /* Set the subject */ $this->mailer->setSubject($tags->ReplaceTags($details->submission_type_formal_offer_subject)); /* Add the body to the mail */ /* Read the template */ $message = $tags->ReplaceTags($details->submission_type_formal_offer_body); // convert urls $message = REOutput::ImgRelAbs($message); $this->mailer->setBody($message); /* Sent out the mail */ if (!$this->mailer->Send()) { RedeventError::raiseWarning(0, JText::_('COM_REDEVENT_NO_MAIL_SEND') . ' ' . $this->mailer->error); return false; } /* Clear the mail details */ $this->mailer->ClearAddresses(); return true; }
/** * Tests if the event is checked out * * @access public * @param int A user id * @return boolean True if checked out * @since 0.9 */ function isCheckedOut($uid = 0) { if ($this->_loadData()) { if ($uid) { return $this->_data->checked_out && $this->_data->checked_out != $uid; } else { return $this->_data->checked_out; } } elseif ($this->_id < 1) { return false; } else { RedeventError::raiseWarning(0, 'Unable to Load Data'); return false; } }
/** * Method to get the registered users * * @access public * @return object * @since 2.0 * @todo Complete CB integration */ function getRegisters($all_fields = false, $admin = false) { // make sure the init is done $session = $this->getSession(); if (!$session->registra && !$admin) { return null; } $db = JFactory::getDBO(); // first, get all submissions $query = ' SELECT r.*, r.waitinglist, r.confirmed, r.confirmdate, r.submit_key ' . ' FROM #__redevent_register AS r ' . ' LEFT JOIN #__users AS u ON r.uid = u.id ' . ' WHERE r.xref = ' . $this->_xref . ' AND r.confirmed = 1' . ' AND r.cancelled = 0 '; $db->setQuery($query); $submitters = $db->loadObjectList('submit_key'); if ($submitters === null) { $msg = JText::_('COM_REDEVENT_ERROR_GETTING_ATTENDEES'); $this->setError($msg); RedeventError::raiseWarning(5, $msg); return null; } else { if (empty($submitters)) { // no submitters return null; } } /* At least 1 redFORM field must be selected to show the user data from */ if ((!empty($session->showfields) || $admin) && $session->redform_id > 0) { $fields = $this->getFormFields($all_fields); if (!$fields) { RedeventError::raiseWarning('error', JText::_('COM_REDEVENT_Cannot_load_fields') . $db->getErrorMsg()); return null; } if (count($fields)) { $table_fields = array(); $fields_names = array(); foreach ($fields as $key => $field) { $table_fields[] = 'a.field_' . $field->id; $fields_names['field_' . $field->id] = $field->field_header; } $query = ' SELECT ' . implode(', ', $table_fields) . ' , s.submit_key, s.id ' . ' FROM #__redevent_register AS r ' . ' INNER JOIN #__rwf_submitters AS s ON r.sid = s.id ' . ' INNER JOIN #__rwf_forms_' . $fields[0]->form_id . ' AS a ON s.answer_id = a.id ' . ' WHERE r.xref = ' . $this->_xref . ' AND r.confirmed = 1' . ' AND r.cancelled = 0 '; $filter_order = $this->getState('filter_order'); $filter_order_Dir = $this->getState('filter_order_Dir'); if (!empty($filter_order) && !empty($filter_order_Dir)) { $query .= ' ORDER BY ' . $filter_order . ' ' . $filter_order_Dir; } else { $query .= ' ORDER BY r.id ASC'; } $db->setQuery($query); if (!$db->query()) { RedeventError::raiseWarning('error', JText::_('COM_REDEVENT_Cannot_load_registered_users') . ' ' . $db->getErrorMsg()); return null; } $answers = $db->loadObjectList(); } else { $answers = array(); } // add the answers to submitters list $registers = array(); foreach ($answers as $answer) { if (!isset($submitters[$answer->submit_key])) { $msg = JText::_('COM_REDEVENT_ERROR_REGISTRATION_WITHOUT_SUBMITTER') . ': ' . $answer->id; $this->setError($msg); RedeventError::raiseWarning(10, $msg); return null; } // build the object $register = new stdclass(); $register->id = $answer->id; $register->attendee_id = $submitters[$answer->submit_key]->id; $register->submitter = $submitters[$answer->submit_key]; $register->answers = $answer; $register->fields = $fields_names; unset($register->answers->id); // just the fields unset($register->answers->submit_key); // just the fields $registers[] = $register; } return $registers; } return null; }
/** * perform integrity fix on db * * @return bool true if no problem */ function fixdb() { // all the redevent_register records in redevent without an associated record in redform submitters can be deleted $q = ' SELECT r.id FROM #__redevent_register AS r ' . ' LEFT JOIN #__rwf_submitters AS s ON s.id = r.sid ' . ' WHERE s.id IS NULL '; $this->_db->setQuery($q); $register_ids = $this->_db->loadResultArray(); if (!empty($register_ids)) { $q = ' DELETE r.* FROM #__redevent_register AS r ' . ' LEFT JOIN #__rwf_submitters AS s ON s.id = r.sid ' . ' WHERE s.id IS NULL '; $this->_db->setQuery($q); if (!$this->_db->query()) { RedeventError::raiseWarning(0, JText::_("COM_REDEVENT_CANT_DELETE_REGISTRATIONS") . ': ' . $this->_db->getErrorMsg()); $this->setError(JText::_("COM_REDEVENT_CANT_DELETE_REGISTRATIONS") . ': ' . $this->_db->getErrorMsg()); return false; } } return true; }
function check() { // Not typed in a category name? if (trim($this->catname) == '') { $this->_error = JText::_('COM_REDEVENT_ADD_NAME_CATEGORY'); RedeventError::raiseWarning('REDEVENT_GENERIC_ERROR', $this->_error); return false; } $alias = JFilterOutput::stringURLSafe($this->catname); if (empty($this->alias) || $this->alias === $alias) { $this->alias = $alias; } return true; }
/** * logic to mass delete images * * @access public * @return void * @since 0.9 */ function delete() { $mainframe =& JFactory::getApplication(); // Set FTP credentials, if given jimport('joomla.client.helper'); JClientHelper::setCredentialsFromRequest('ftp'); // Get some data from the request $images = JRequest::getVar('rm', array(), '', 'array'); $folder = JRequest::getVar('folder'); if (count($images)) { foreach ($images as $image) { if ($image !== JFilterInput::clean($image, 'path')) { RedeventError::raiseWarning(100, JText::_('COM_REDEVENT_UNABLE_TO_DELETE') . ' ' . htmlspecialchars($image, ENT_COMPAT, 'UTF-8')); continue; } $fullPath = JPath::clean(JPATH_SITE . DS . 'images' . DS . 'redevent' . DS . $folder . DS . $image); $fullPaththumb = JPath::clean(JPATH_SITE . DS . 'images' . DS . 'redevent' . DS . $folder . DS . 'small' . DS . $image); if (is_file($fullPath)) { JFile::delete($fullPath); if (JFile::exists($fullPaththumb)) { JFile::delete($fullPaththumb); } } } } switch ($folder) { case 'events': $task = 'selecteventimg'; break; case 'venues': $task = 'selectvenueimg'; break; case 'categories': $task = 'selectcategoryimg'; break; } $mainframe->redirect('index.php?option=com_redevent&view=imagehandler&task=' . $task . '&tmpl=component'); }
public static function check($file, $elsettings) { jimport('joomla.filesystem.file'); $sizelimit = $elsettings->get('sizelimit', '100') * 1024; //size limit in kb $imagesize = $file['size']; //check if the upload is an image...getimagesize will return false if not if (!getimagesize($file['tmp_name'])) { JError::raiseWarning(100, JText::_('COM_REDEVENT_UPLOAD_FAILED_NOT_AN_IMAGE') . ': ' . htmlspecialchars($file['name'], ENT_COMPAT, 'UTF-8')); return false; } //check if the imagefiletype is valid $fileext = strtolower(JFile::getExt($file['name'])); $allowable = array('gif', 'jpg', 'png'); if (!in_array($fileext, $allowable)) { JError::raiseWarning(100, JText::_('COM_REDEVENT_WRONG_IMAGE_FILE_TYPE') . ': ' . htmlspecialchars($file['name'], ENT_COMPAT, 'UTF-8')); return false; } //Check filesize if ($imagesize > $sizelimit) { JError::raiseWarning(100, JText::_('COM_REDEVENT_IMAGE_FILE_SIZE') . ': ' . htmlspecialchars($file['name'], ENT_COMPAT, 'UTF-8')); return false; } //XSS check $xss_check = JFile::read($file['tmp_name'], false, 256); $html_tags = array('abbr', 'acronym', 'address', 'applet', 'area', 'audioscope', 'base', 'basefont', 'bdo', 'bgsound', 'big', 'blackface', 'blink', 'blockquote', 'body', 'bq', 'br', 'button', 'caption', 'center', 'cite', 'code', 'col', 'colgroup', 'comment', 'custom', 'dd', 'del', 'dfn', 'dir', 'div', 'dl', 'dt', 'em', 'embed', 'fieldset', 'fn', 'font', 'form', 'frame', 'frameset', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'head', 'hr', 'html', 'iframe', 'ilayer', 'img', 'input', 'ins', 'isindex', 'keygen', 'kbd', 'label', 'layer', 'legend', 'li', 'limittext', 'link', 'listing', 'map', 'marquee', 'menu', 'meta', 'multicol', 'nobr', 'noembed', 'noframes', 'noscript', 'nosmartquotes', 'object', 'ol', 'optgroup', 'option', 'param', 'plaintext', 'pre', 'rt', 'ruby', 's', 'samp', 'script', 'select', 'server', 'shadow', 'sidebar', 'small', 'spacer', 'span', 'strike', 'strong', 'style', 'sub', 'sup', 'table', 'tbody', 'td', 'textarea', 'tfoot', 'th', 'thead', 'title', 'tr', 'tt', 'ul', 'var', 'wbr', 'xml', 'xmp', '!DOCTYPE', '!--'); foreach ($html_tags as $tag) { // A tag is '<tagname ', so we need to add < and a space or '<tagname>' if (stristr($xss_check, '<' . $tag . ' ') || stristr($xss_check, '<' . $tag . '>')) { RedeventError::raiseWarning(100, JText::_('COM_REDEVENT_WARN_IE_XSS')); return false; } } return true; }
/** * create user from posted data * * @param int $sid redform submission id * @return object|false created user */ function _createUser($sid) { // require_once(JPATH_SITE.DS.'components'.DS.'com_user'.DS.'controller.php'); jimport('joomla.user.helper'); $db =& JFactory::getDBO(); $rfcore = new redformCore(); $answers = $rfcore->getSidContactEmails($sid); if (!$answers) { throw new Exception(JText::_('COM_REDEVENT_NO_ANSWERS_FOUND_FOR_SID') . ' ' . $sid); } $details = current($answers); if (!$details['email']) { //throw new Exception(JText::_('COM_REDEVENT_NEED_MISSING_EMAIL_TO_CREATE_USER')); RedeventError::raiseWarning('', JText::_('COM_REDEVENT_NEED_MISSING_EMAIL_TO_CREATE_USER')); return false; } if ($uid = $this->_getUserIdFromEmail($details['email'])) { return JFactory::getUser($uid); } if (!$details['username'] && !$details['fullname']) { $username = '******' . $sid; $details['fullname'] = $username; } else { $username = $details['username'] ? $details['username'] : $details['fullname']; $details['fullname'] = $details['fullname'] ? $details['fullname'] : $username; } // check unicity $i = 2; while (true) { $query = 'SELECT id FROM #__users WHERE username = '******'username'] . '_' . $i++; } else { break; } } jimport('joomla.application.component.helper'); // Get required system objects $user = clone JFactory::getUser(0); $usersParams =& JComponentHelper::getParams('com_users'); // load the Params $password = JUserHelper::genRandomPassword(); $config = JComponentHelper::getParams('com_users'); // Default to Registered. $defaultUserGroup = $config->get('new_usertype', 2); // Set some initial user values $user->set('id', 0); $user->set('name', $details['fullname']); $user->set('username', $username); $user->set('email', $details['email']); $user->set('groups', array($defaultUserGroup)); $user->set('password', md5($password)); if (!$user->save()) { RedeventError::raiseWarning('', JText::_($user->getError())); return false; } // send email using juser controller $this->_sendUserCreatedMail($user, $password); return $user; }