function onContentPrepare($context, &$article, &$params, $limitstart = 0) { jimport('joomla.filesystem.file'); jimport('joomla.filesystem.folder'); if (!JFile::exists(JPATH_SITE . DS . 'administrator' . DS . 'components' . DS . 'com_contentbuilder' . DS . 'classes' . DS . 'contentbuilder.php')) { return true; } if (isset($article->id) && $article->id) { $frontend = true; if (JFactory::getApplication()->isAdmin()) { $frontend = false; } $db = JFactory::getDBO(); $db->setQuery("Select form.`reference_id`,article.`record_id`,article.`form_id`,form.`type`,form.`published_only`,form.`own_only`,form.`own_only_fe` From #__contentbuilder_articles As article, #__contentbuilder_forms As form Where form.`published` = 1 And form.id = article.`form_id` And article.`article_id` = " . $article->id); $data = $db->loadAssoc(); require_once JPATH_SITE . DS . 'administrator' . DS . 'components' . DS . 'com_contentbuilder' . DS . 'classes' . DS . 'contentbuilder.php'; $form = contentbuilder::getForm($data['type'], $data['reference_id']); if (!$form || !$form->exists) { return true; } if ($form && !(JRequest::getVar('option', '') == 'com_contentbuilder' && JRequest::getVar('controller', '') == 'edit')) { JFactory::getLanguage()->load('com_contentbuilder'); contentbuilder::setPermissions($data['form_id'], $data['record_id'], $frontend ? '_fe' : ''); if (JRequest::getCmd('view') == 'article') { contentbuilder::checkPermissions('view', JText::_('COM_CONTENTBUILDER_PERMISSIONS_VIEW_NOT_ALLOWED'), $frontend ? '_fe' : ''); } else { if ($frontend) { if (!contentbuilder::authorizeFe('view')) { $article->text = JText::_('COM_CONTENTBUILDER_PERMISSIONS_VIEW_NOT_ALLOWED'); } } else { if (!contentbuilder::authorize('view')) { $article->text = JText::_('COM_CONTENTBUILDER_PERMISSIONS_VIEW_NOT_ALLOWED'); } } } } } return true; }
function __construct() { if (class_exists('cbFeMarker') && JRequest::getInt('Itemid', 0)) { $option = 'com_contentbuilder'; // try menu item jimport('joomla.version'); $version = new JVersion(); if (version_compare($version->getShortVersion(), '1.6', '>=')) { $menu = JSite::getMenu(); $item = $menu->getActive(); if (is_object($item)) { if ($item->params->get('record_id', null) !== null) { JRequest::setVar('record_id', $item->params->get('record_id', null)); $this->_show_back_button = $item->params->get('show_back_button', null); } //if($item->params->get('show_page_heading', null) !== null){ // $this->_show_page_heading = $item->params->get('show_page_heading', null); //} } } else { $params = JComponentHelper::getParams($option); if ($params->get('record_id', null)) { JRequest::setVar('record_id', $params->get('record_id', null)); $this->_show_back_button = $params->get('show_back_button', null); } //if($params->get('show_page_heading', null) !== null){ // $this->_show_page_heading = $params->get('show_page_heading', null); //} } } if (JRequest::getWord('view', '') == 'latest') { $db = JFactory::getDBO(); $db->setQuery('Select `type`, `reference_id` From #__contentbuilder_forms Where id = ' . intval(JRequest::getInt('id', 0)) . ' And published = 1'); $form = $db->loadAssoc(); $form = contentbuilder::getForm($form['type'], $form['reference_id']); $labels = $form->getElementLabels(); $ids = array(); foreach ($labels as $reference_id => $label) { $ids[] = $db->Quote($reference_id); } if (count($ids)) { $db->setQuery("Select Distinct `label`, reference_id From #__contentbuilder_elements Where form_id = " . intval(JRequest::getInt('id', 0)) . " And reference_id In (" . implode(',', $ids) . ") And published = 1 Order By ordering"); $rows = $db->loadAssocList(); $ids = array(); foreach ($rows as $row) { $ids[] = $row['reference_id']; } } $rec = $form->getListRecords($ids, '', array(), 0, 1, '', array(), 'desc', 0, false, JFactory::getUser()->get('id', 0), 0, -1, -1, -1, -1, array(), true, null); if (count($rec) > 0) { $rec = $rec[0]; $rec2 = $form->getRecord($rec->colRecord, false, -1, true); $record_id = $rec->colRecord; JRequest::setVar('record_id', $record_id); } if (!JRequest::getCmd('record_id', '')) { JRequest::setVar('cbIsNew', 1); contentbuilder::setPermissions(JRequest::getInt('id', 0), 0, class_exists('cbFeMarker') ? '_fe' : ''); $auth = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('new') : contentbuilder::authorize('new'); if ($auth) { JFactory::getApplication()->redirect(JRoute::_('index.php?option=com_contentbuilder&controller=edit&latest=1&backtolist=' . JRequest::getInt('backtolist', 0) . '&id=' . JRequest::getInt('id', 0) . (JRequest::getVar('tmpl', '') != '' ? '&tmpl=' . JRequest::getVar('tmpl', '') : '') . (JRequest::getVar('layout', '') != '' ? '&layout=' . JRequest::getVar('layout', '') : '') . '&record_id=&limitstart=' . JRequest::getInt('limitstart', 0) . '&filter_order=' . JRequest::getVar('filter_order', ''), false)); } else { JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_ADD_ENTRY_FIRST')); JFactory::getApplication()->redirect('index.php', false); } } } contentbuilder::setPermissions(JRequest::getInt('id', 0), JRequest::getCmd('record_id', 0), class_exists('cbFeMarker') ? '_fe' : ''); parent::__construct(); }
function cbCheckPermissions() { // CONTENTBUILDER BEGIN jimport('joomla.filesystem.file'); $cbData = null; $cbForm = null; $cbRecord = null; $cbFrontend = true; $cbFull = false; if (JFile::exists(JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_contentbuilder' . DS . 'contentbuilder.xml')) { if (JFactory::getApplication()->isAdmin()) { $cbFrontend = false; } if ($cbFrontend) { JFactory::getLanguage()->load('com_contentbuilder'); } else { JFactory::getLanguage()->load('com_contentbuilder', JPATH_SITE . DS . 'administrator'); } $db = JFactory::getDBO(); require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_contentbuilder' . DS . 'classes' . DS . 'contentbuilder.php'; $db->setQuery("Select `id` From #__contentbuilder_forms Where `type` = 'com_breezingforms' And `reference_id` = " . intval($this->form) . " And published = 1"); jimport('joomla.version'); $version = new JVersion(); if (version_compare($version->getShortVersion(), '3.0', '<')) { $cbForms = $db->loadResultArray(); } else { $cbForms = $db->loadColumn(); } // if no BF form is associated with contentbuilder, we don't need no further checks if (!count($cbForms)) { return array('form' => $cbForm, 'record' => $cbRecord, 'frontend' => $cbFrontend, 'data' => $cbData, 'full' => $cbFull); } // test if there is any published contentbuilder view that allows to create new submissions if (!JRequest::getInt('cb_record_id', 0) || !JRequest::getInt('cb_form_id', 0)) { $cbAuth = false; foreach ($cbForms as $cbFormId) { contentbuilder::setPermissions($cbFormId, 0, $cbFrontend ? '_fe' : ''); if ($cbFrontend) { $cbAuth = contentbuilder::authorizeFe('new'); } else { $cbAuth = contentbuilder::authorize('new'); } if ($cbAuth) { break; } } if (count($cbForms) && !$cbAuth) { JError::raiseError(403, JText::_('COM_CONTENTBUILDER_PERMISSIONS_NEW_NOT_ALLOWED')); } } if (JRequest::getInt('cb_form_id', 0)) { // test the permissions of given record if (JRequest::getInt('cb_record_id', 0)) { contentbuilder::setPermissions(JRequest::getInt('cb_form_id', 0), JRequest::getInt('cb_record_id', 0), $cbFrontend ? '_fe' : ''); contentbuilder::checkPermissions('edit', JText::_('COM_CONTENTBUILDER_PERMISSIONS_EDIT_NOT_ALLOWED'), $cbFrontend ? '_fe' : ''); } else { contentbuilder::setPermissions(JRequest::getInt('cb_form_id', 0), 0, $cbFrontend ? '_fe' : ''); contentbuilder::checkPermissions('new', JText::_('COM_CONTENTBUILDER_PERMISSIONS_NEW_NOT_ALLOWED'), $cbFrontend ? '_fe' : ''); } $db->setQuery("Select * From #__contentbuilder_forms Where id = " . JRequest::getInt('cb_form_id', 0) . " And published = 1"); $cbData = $db->loadAssoc(); if (is_array($cbData)) { $cbFull = $cbFrontend ? contentbuilder::authorizeFe('fullarticle') : contentbuilder::authorize('fullarticle'); $cbForm = contentbuilder::getForm('com_breezingforms', $cbData['reference_id']); $cbRecord = $cbForm->getRecord(JRequest::getInt('cb_record_id', 0), $cbData['published_only'], $cbFrontend ? $cbData['own_only_fe'] ? JFactory::getUser()->get('id', 0) : -1 : ($cbData['own_only'] ? JFactory::getUser()->get('id', 0) : -1), $cbFrontend ? $cbData['show_all_languages_fe'] : true); if (!count($cbRecord) && !JRequest::getBool('cbIsNew')) { JError::raiseError(404, JText::_('COM_CONTENTBUILDER_RECORD_NOT_FOUND')); } } } } return array('form' => $cbForm, 'record' => $cbRecord, 'frontend' => $cbFrontend, 'data' => $cbData, 'full' => $cbFull); // CONTENTBUILDER END }
/** * Gets the currencies * @return array List of currencies */ function getData() { // Lets load the data if it doesn't already exist if (empty($this->_data)) { $query = $this->_buildQuery(); $this->_data = $this->_getList($query, 0, 1); if (!count($this->_data)) { JError::raiseError(404, JText::_('COM_CONTENTBUILDER_FORM_NOT_FOUND')); } foreach ($this->_data as $data) { if (!$this->frontend && $data->display_in == 0) { JError::raiseError(404, JText::_('COM_CONTENTBUILDER_RECORD_NOT_FOUND')); } else { if ($this->frontend && $data->display_in == 1) { JError::raiseError(404, JText::_('COM_CONTENTBUILDER_RECORD_NOT_FOUND')); } } $data->form_id = $this->_id; $data->record_id = $this->_record_id; if ($data->type && $data->reference_id) { $data->form = contentbuilder::getForm($data->type, $data->reference_id); $data->labels = $data->form->getElementLabels(); $ids = array(); foreach ($data->labels as $reference_id => $label) { $ids[] = $this->_db->Quote($reference_id); } if (count($ids)) { $this->_db->setQuery("Select Distinct `label`, reference_id From #__contentbuilder_elements Where form_id = " . intval($this->_id) . " And reference_id In (" . implode(',', $ids) . ") And published = 1 Order By ordering"); $rows = $this->_db->loadAssocList(); $ids = array(); foreach ($rows as $row) { $ids[] = $row['reference_id']; } } if ($this->_latest) { $rec = $data->form->getListRecords($ids, '', array(), 0, 1, '', array(), 'desc', 0, false, JFactory::getUser()->get('id', 0), 0, -1, -1, -1, -1, array(), true, null); if (count($rec) > 0) { $rec = $rec[0]; $rec2 = $data->form->getRecord($rec->colRecord, false, -1, true); $data->record_id = $rec->colRecord; JRequest::setVar('record_id', $data->record_id); $this->_record_id = $data->record_id; } else { JRequest::setVar('cbIsNew', 1); contentbuilder::setPermissions(JRequest::getInt('id', 0), 0, $this->frontend ? '_fe' : ''); $auth = $this->frontend ? contentbuilder::authorizeFe('new') : contentbuilder::authorize('new'); if ($auth) { JFactory::getApplication()->redirect(JRoute::_('index.php?option=com_contentbuilder&controller=edit&latest=1&backtolist=' . JRequest::getInt('backtolist', 0) . '&id=' . $this->_id . '&record_id=&limitstart=' . JRequest::getInt('limitstart', 0) . '&filter_order=' . JRequest::getVar('filter_order', ''), false)); } else { JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_ADD_ENTRY_FIRST')); JFactory::getApplication()->redirect('index.php', false); } } } $data->show_page_heading = $this->_show_page_heading; if (!$data->form->exists) { JError::raiseError(404, JText::_('COM_CONTENTBUILDER_FORM_NOT_FOUND')); } $data->page_title = ''; if (JRequest::getInt('cb_prefix_in_title', 1)) { if (!$this->_menu_item) { $data->page_title = $data->use_view_name_as_title ? $data->name : $data->form->getPageTitle(); } else { $data->page_title = $data->use_view_name_as_title ? $data->name : JFactory::getDocument()->getTitle(); } } if ($this->frontend) { $document = JFactory::getDocument(); $document->setTitle($data->page_title); } $data->show_back_button = $this->_show_back_button; if (isset($rec2) && count($rec2)) { $data->items = $rec2; } else { $data->items = $data->form->getRecord($this->_record_id, $data->published_only, $this->frontend ? $data->own_only_fe ? JFactory::getUser()->get('id', 0) : -1 : ($data->own_only ? JFactory::getUser()->get('id', 0) : -1), $this->frontend ? $data->show_all_languages_fe : true); } if (count($data->items)) { $user = null; if ($data->act_as_registration) { $meta = $data->form->getRecordMetadata($this->_record_id); $this->_db->setQuery("Select * From #__users Where id = " . $meta->created_id); $user = $this->_db->loadObject(); } $label = ''; foreach ($data->items as $rec) { if ($rec->recElementId == $data->title_field) { if ($data->act_as_registration && $user !== null) { if ($data->registration_name_field == $rec->recElementId) { $rec->recValue = $user->name; } else { if ($data->registration_username_field == $rec->recElementId) { $item->recValue = $user->username; } else { if ($data->registration_email_field == $item->recElementId) { $rec->recValue = $user->email; } else { if ($data->registration_email_repeat_field == $rec->recElementId) { $rec->recValue = $user->email; } } } } } $label = cbinternal($rec->recValue); break; } } $ordered_extra_title = ''; foreach ($this->_menu_filter_order as $order_key => $order) { if (isset($this->_menu_filter[$order_key])) { // range test $is_range = strstr(strtolower(implode(',', $this->_menu_filter[$order_key])), '@range') !== false; $is_match = strstr(strtolower(implode(',', $this->_menu_filter[$order_key])), '@match') !== false; if ($is_range) { $ex = explode('/', implode(', ', $this->_menu_filter[$order_key])); if (count($ex) == 3) { $ex2 = explode('to', trim($ex[2])); $out = ''; $val = $ex2[0]; $val2 = ''; if (isset($ex2[1])) { $val2 = $ex2[1]; } if (strtolower(trim($ex[1])) == 'date') { $val = JHTML::_('date', $ex2[0], JText::_('DATE_FORMAT_LC3')); if (isset($ex2[1])) { $val2 = JHTML::_('date', $ex2[1], JText::_('DATE_FORMAT_LC3')); } } if (count($ex2) == 2) { $out = (trim($ex2[0]) ? JText::_('COM_CONTENTBUILDER_FROM') . ' ' . trim($val) : '') . ' ' . JText::_('COM_CONTENTBUILDER_TO') . ' ' . trim($val2); } else { if (count($ex2) > 0) { $out = JText::_('COM_CONTENTBUILDER_FROM') . ' ' . trim($val); } } if ($out) { $this->_menu_filter[$order_key] = $ex; $ordered_extra_title .= ' » ' . htmlentities($data->labels[$order_key], ENT_QUOTES, 'UTF-8') . ': ' . htmlentities($out, ENT_QUOTES, 'UTF-8'); } } } else { if ($is_match) { $ex = explode('/', implode(', ', $this->_menu_filter[$order_key])); if (count($ex) == 2) { $ex2 = explode(';', trim($ex[1])); $out = ''; $size = count($ex2); $i = 0; foreach ($ex2 as $val) { if ($i + 1 < $size) { $out .= trim($val) . ' ' . JText::_('COM_CONTENTBUILDER_AND') . ' '; } else { $out .= trim($val); } $i++; } if ($out) { $this->_menu_filter[$order_key] = $ex; $ordered_extra_title .= ' » ' . htmlentities($data->labels[$order_key], ENT_QUOTES, 'UTF-8') . ': ' . htmlentities($out, ENT_QUOTES, 'UTF-8'); } } } else { $ordered_extra_title .= ' » ' . htmlentities($data->labels[$order_key], ENT_QUOTES, 'UTF-8') . ': ' . htmlentities(implode(', ', $this->_menu_filter[$order_key]), ENT_QUOTES, 'UTF-8'); } } } } $data->page_title .= $ordered_extra_title; // trying first element if no title field given if (!$label) { $label = cbinternal($data->items[0]->recValue); } // "buddy quaid hack", should be an option in future versions jimport('joomla.version'); $version = new JVersion(); if (version_compare($version->getShortVersion(), '1.6', '>=')) { if ($this->_show_page_heading && $this->_page_title != '' && $this->_page_heading != '' && $this->_page_title == $this->_page_heading) { $data->page_title = $this->_page_title; } else { $data->page_title .= $label ? (!$data->page_title ? '' : (!$ordered_extra_title ? ': ' : ' » ')) . $label : ''; } if ($this->frontend) { $document = JFactory::getDocument(); $document->setTitle(html_entity_decode($data->page_title, ENT_QUOTES, 'UTF-8')); } } else { if ($this->_show_page_heading && $this->_page_title != '' && !JRequest::getInt('cb_prefix_in_title', 1)) { $data->page_title = $this->_page_title; } else { $data->page_title .= $label ? (!$data->page_title ? '' : (!$ordered_extra_title ? ': ' : ' » ')) . $label : ''; } if ($this->frontend) { $document = JFactory::getDocument(); $document->setTitle(html_entity_decode($data->page_title, ENT_QUOTES, 'UTF-8')); } } $data->template = contentbuilder::getTemplate($this->_id, $this->_record_id, $data->items, $ids); $metadata = $data->form->getRecordMetadata($this->_record_id); if ($metadata instanceof stdClass && $data->metadata) { $data->created = $metadata->created ? $metadata->created : ''; $data->created_by = $metadata->created_by ? $metadata->created_by : ''; $data->modified = $metadata->modified ? $metadata->modified : ''; $data->modified_by = $metadata->modified_by ? $metadata->modified_by : ''; $data->metadesc = $metadata->metadesc; $data->metakey = $metadata->metakey; $data->author = $metadata->author; $data->rights = $metadata->rights; $data->robots = $metadata->robots; $data->xreference = $metadata->xreference; } else { $data->created = ''; $data->created_by = ''; $data->modified = ''; $data->modified_by = ''; $data->metadesc = ''; $data->metakey = ''; $data->author = ''; $data->rights = ''; $data->robots = ''; $data->xreference = ''; } } else { JError::raiseError(404, JText::_('COM_CONTENTBUILDER_RECORD_NOT_FOUND')); } } return $data; } } return null; }
function getPermissions() { $perms = array(); if ($this->show_permissions) { foreach ($this->items as $item) { contentbuilder::setPermissions($item->id, '', '_fe'); $view = contentbuilder::authorizeFe('view'); $new = contentbuilder::authorizeFe('new'); $edit = contentbuilder::authorizeFe('edit'); $perms[$item->id] = array('view' => $view, 'new' => $new, 'edit' => $edit); } } return $perms; }
function onContentPrepare($context, &$article, &$params, $limitstart = 0, $is_list = false, $form = null, $item = null) { $protect = false; $plugin = JPluginHelper::getPlugin('content', 'contentbuilder_rating'); jimport('joomla.html.parameter'); $pluginParams = CBCompat::getParams($plugin->params); jimport('joomla.filesystem.file'); jimport('joomla.filesystem.folder'); if (!JFile::exists(JPATH_SITE . DS . 'administrator' . DS . 'components' . DS . 'com_contentbuilder' . DS . 'classes' . DS . 'contentbuilder.php')) { return true; } require_once JPATH_SITE . DS . 'administrator' . DS . 'components' . DS . 'com_contentbuilder' . DS . 'classes' . DS . 'contentbuilder.php'; $lang = JFactory::getLanguage(); $lang->load('plg_content_contentbuilder_rating', JPATH_ADMINISTRATOR); /* * As of Joomla! 1.6 there is just the text passed if the article data is not passed in article context. * (for instance with categories). * But we need the article id, so we use the article id flag from content generation. */ if (is_object($article) && !isset($article->id) && !isset($article->cbrecord) && isset($article->text) && $article->text) { preg_match_all("/<!--\\(cbArticleId:(\\d{1,})\\)-->/si", $article->text, $matched_id); if (isset($matched_id[1]) && isset($matched_id[1][0])) { $article->id = intval($matched_id[1][0]); } } // if this content plugin has been called from within list context if ($is_list) { if (!trim($article->text)) { return true; } $article->cbrecord = $form; $article->cbrecord->items = array(); $article->cbrecord->items[0] = $item; $article->cbrecord->record_id = $item->colRecord; } if (!JFolder::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder')) { JFolder::create(JPATH_SITE . DS . 'media' . DS . 'contentbuilder'); } if (!JFile::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'index.html')) { JFile::write(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'index.html', $def = ''); } if (!JFolder::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins')) { JFolder::create(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins'); } if (!JFile::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'index.html')) { JFile::write(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'index.html', $def = ''); } if (isset($article->id) || isset($article->cbrecord)) { $db = JFactory::getDBO(); $matches = array(); preg_match_all("/\\{CBRating([^}]*)\\}/i", $article->text, $matches); if (isset($matches[0]) && is_array($matches[0]) && isset($matches[1]) && is_array($matches[1])) { $form_id = 0; $record_id = 0; $frontend = true; if (JFactory::getApplication()->isAdmin()) { $frontend = false; } if (isset($article->id) && $article->id && !isset($article->cbrecord)) { // try to obtain the record id if if this is just an article $db->setQuery("Select form.rating_slots,form.`title_field`,form.`protect_upload_directory`,form.`reference_id`,article.`record_id`,article.`form_id`,form.`type`,form.`published_only`,form.`own_only`,form.`own_only_fe` From #__contentbuilder_articles As article, #__contentbuilder_forms As form Where form.`published` = 1 And form.id = article.`form_id` And article.`article_id` = " . $article->id); $data = $db->loadAssoc(); require_once JPATH_SITE . DS . 'administrator' . DS . 'components' . DS . 'com_contentbuilder' . DS . 'classes' . DS . 'contentbuilder.php'; $form = contentbuilder::getForm($data['type'], $data['reference_id']); if (!$form || !$form->exists) { return true; } if ($form) { $form_id = $data['form_id']; $record_id = $data['record_id']; $rating_slots = $data['rating_slots']; } } else { if (isset($article->cbrecord) && isset($article->cbrecord->id) && $article->cbrecord->id) { $form = $article->cbrecord->form; $form_id = $article->cbrecord->id; $record_id = $article->cbrecord->record_id; $rating_slots = $article->cbrecord->rating_slots; } } $rating = 0; $rating_count = 0; $rating_sum = 0; if (!is_object($form)) { return true; } $record = $form->getRecord($record_id, false, -1, true); if (count($record)) { $rating = $record[0]->recRating; $rating_count = $record[0]->recRatingCount; $rating_sum = $record[0]->recRatingSum; } $rating_allowed = true; if (!$is_list) { contentbuilder::setPermissions($form_id, $record_id, $frontend ? '_fe' : ''); if ($frontend) { if (!contentbuilder::authorizeFe('rating')) { $rating_allowed = false; } } else { if (!contentbuilder::authorize('rating')) { $rating_allowed = false; } } } $i = 0; foreach ($matches[1] as $match) { $options = explode(';', trim($match)); foreach ($options as $option) { $keyval = explode(':', trim($option), 2); if (count($keyval) == 2) { $value = trim($keyval[1]); switch (strtolower(trim($keyval[0]))) { default: } } } $out = contentbuilder::getRating($form_id, $record_id, $rating, $rating_slots, JRequest::getCmd('lang', ''), $rating_allowed, $rating_count, $rating_sum); $article->text = str_replace($matches[0][$i], $out, $article->text); $i++; } } } return true; }
function onContentPrepare($context, &$article, &$params, $limitstart = 0, $is_list = false, $form = null, $item = null) { static $use_title; static $use_form; if (!extension_loaded('gd') || !function_exists('gd_info')) { return true; } $protect = false; $time_passed = 0; $start_time = $this->measureTime(); $max_exec_time = 15; if (function_exists('ini_get')) { $max_exec_time = @ini_get('max_execution_time'); } $max_time = !empty($max_exec_time) ? intval($max_exec_time) / 2 : 15; $plugin = JPluginHelper::getPlugin('content', 'contentbuilder_image_scale'); jimport('joomla.html.parameter'); $pluginParams = CBCompat::getParams($plugin->params); $max_filesize = 8 * 8 * 8 * 1024 * 2 * intval($pluginParams->def('max_filesize', 4)); // 4M default jimport('joomla.filesystem.file'); jimport('joomla.filesystem.folder'); if (!JFile::exists(JPATH_SITE . DS . 'administrator' . DS . 'components' . DS . 'com_contentbuilder' . DS . 'classes' . DS . 'contentbuilder.php')) { return true; } /* * As of Joomla! 1.6 there is just the text passed if the article data is not passed in article context. * (for instance with categories). * But we need the article id, so we use the article id flag from content generation. */ if (is_object($article) && !isset($article->id) && !isset($article->cbrecord) && isset($article->text) && $article->text) { preg_match_all("/<!--\\(cbArticleId:(\\d{1,})\\)-->/si", $article->text, $matched_id); if (isset($matched_id[1]) && isset($matched_id[1][0])) { $article->id = intval($matched_id[1][0]); } } // if this content plugin has been called from within list context if ($is_list) { if (!trim($article->text)) { return true; } $article->cbrecord = $form; $article->cbrecord->items = array(); $article->cbrecord->items[0] = $item; $article->cbrecord->record_id = $item->colRecord; } if (!JFolder::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder')) { JFolder::create(JPATH_SITE . DS . 'media' . DS . 'contentbuilder'); } if (!JFile::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'index.html')) { JFile::write(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'index.html', $def = ''); } if (!JFolder::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins')) { JFolder::create(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins'); } if (!JFile::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'index.html')) { JFile::write(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'index.html', $def = ''); } if (!JFolder::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale')) { JFolder::create(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale'); } if (isset($article->id) || isset($article->cbrecord)) { $db = JFactory::getDBO(); $matches = array(); preg_match_all("/\\{CBImageScale([^}]*)\\}/i", $article->text, $matches); if (isset($matches[0]) && is_array($matches[0]) && isset($matches[1]) && is_array($matches[1])) { $record = null; $default_title = ''; $protect = 0; $form_id = 0; $record_id = 0; $frontend = true; if (JFactory::getApplication()->isAdmin()) { $frontend = false; } if (isset($article->id) && $article->id && !isset($article->cbrecord)) { // try to obtain the record id if if this is just an article $db->setQuery("Select form.`title_field`,form.`protect_upload_directory`,form.`reference_id`,article.`record_id`,article.`form_id`,form.`type`,form.`published_only`,form.`own_only`,form.`own_only_fe` From #__contentbuilder_articles As article, #__contentbuilder_forms As form Where form.`published` = 1 And form.id = article.`form_id` And article.`article_id` = " . $article->id); $data = $db->loadAssoc(); require_once JPATH_SITE . DS . 'administrator' . DS . 'components' . DS . 'com_contentbuilder' . DS . 'classes' . DS . 'contentbuilder.php'; $form = contentbuilder::getForm($data['type'], $data['reference_id']); if (!$form || !$form->exists) { return true; } if ($form) { $protect = $data['protect_upload_directory']; $record = $form->getRecord($data['record_id'], $data['published_only'], $frontend ? $data['own_only_fe'] ? JFactory::getUser()->get('id', 0) : -1 : ($data['own_only'] ? JFactory::getUser()->get('id', 0) : -1), true); $default_title = $data['title_field']; $form_id = $data['form_id']; $record_id = $data['record_id']; $ref_id = $record_id = $data['reference_id']; $ref_type = $data['type']; $ref_published_only = $data['published_only']; $ref_own_only_fe = $data['own_only_fe']; $ref_own_only = $data['own_only']; } } else { if (isset($article->cbrecord) && isset($article->cbrecord->id) && $article->cbrecord->id) { $protect = $article->cbrecord->protect_upload_directory; $record = $article->cbrecord->items; $default_title = $article->cbrecord->title_field; $form_id = $article->cbrecord->id; $record_id = $article->cbrecord->record_id; $ref_id = $article->cbrecord->reference_id; $ref_type = $article->cbrecord->type; $ref_published_only = $article->cbrecord->published_only; $ref_own_only_fe = $article->cbrecord->own_only_fe; $ref_own_only = $article->cbrecord->own_only; } } if (!JFile::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'index.html')) { JFile::write(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'index.html', $def = ''); } if (!JFolder::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'cache')) { JFolder::create(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'cache'); } if (!JFile::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'cache' . DS . 'index.html')) { JFile::write(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'cache' . DS . 'index.html', $def = ''); } if (!JFolder::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'cache' . DS . $form_id)) { JFolder::create(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'cache' . DS . $form_id); } if (!JFile::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'cache' . DS . $form_id . DS . 'index.html')) { JFile::write(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'cache' . DS . $form_id . DS . 'index.html', $def = ''); } if ($protect) { if (!JFile::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'cache' . DS . $form_id . DS . '.htaccess')) { JFile::write(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'cache' . DS . $form_id . DS . '.htaccess', $def = 'deny from all'); } } else { if (JFile::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'cache' . DS . $form_id . DS . '.htaccess')) { JFile::delete(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'cache' . DS . $form_id . DS . '.htaccess'); } } $default_folder = JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'cache' . DS . $form_id; // if it is a list, permissions will be handled by the list if (!$is_list) { contentbuilder::setPermissions($form_id, $record_id, $frontend ? '_fe' : ''); if ($frontend) { if (!contentbuilder::authorizeFe('view')) { if (JRequest::getInt('contentbuilder_display', 0) || $protect && JRequest::getInt('contentbuilder_display_detail', 0)) { ob_end_clean(); die('No Access'); } else { return true; } } } else { if (!contentbuilder::authorize('view')) { if (JRequest::getInt('contentbuilder_display', 0) || $protect && JRequest::getInt('contentbuilder_display_detail', 0)) { ob_end_clean(); die('No Access'); } else { return true; } } } } if (!trim($default_title)) { $default_title = strtotime('now'); } $i = 0; foreach ($matches[1] as $match) { $alt = ''; $out = ''; $width = 0; $height = 0; $original_width = 0; $original_height = 0; $field = $is_list ? $article->cbrecord->items[0]->recName : ''; $folder = $default_folder; $bgcolor = null; $title = ''; $type = ''; $cache = 86400; $global_cache = 86400; $align = ''; $open = ''; $default_image = ''; $default_image_width = 50; $default_image_height = 50; $options = explode(';', trim($match)); foreach ($options as $option) { $keyval = explode(':', trim($option), 2); if (count($keyval) == 2) { $value = trim($keyval[1]); switch (strtolower(trim($keyval[0]))) { case 'width': $width = $value; break; case 'height': $height = $value; break; case 'original-width': $original_width = $value; break; case 'original-height': $original_height = $value; break; case 'field': $field = $is_list ? $article->items[0]->recName : $value; break; case 'background-color': $bgcolor = $value; break; case 'folder': $folder = $value; break; case 'alt': $alt = $value; break; case 'title': $title = $value; break; case 'type': $type = $value; break; case 'cache': $cache = $value; break; case 'global_cache': $global_cache = $value; break; case 'align': $align = $value; break; case 'open': $open = $value; break; case 'default-image': $default_image = $value; break; case 'default-image-width': $default_image_width = $value; break; case 'default-image-height': $default_image_height = $value; break; } } } if ($is_list && $alt == 'USE-TITLE') { if (!$use_form) { require_once JPATH_SITE . DS . 'administrator' . DS . 'components' . DS . 'com_contentbuilder' . DS . 'classes' . DS . 'contentbuilder.php'; $use_form = contentbuilder::getForm($ref_type, $ref_id); } if ($use_form && $use_form->exists) { if (!is_array($use_title) || !isset($use_title[intval($default_title)])) { $use_record = $use_form->getRecord($record_id, $ref_published_only, $frontend ? $ref_own_only_fe ? JFactory::getUser()->get('id', 0) : -1 : ($ref_own_only ? JFactory::getUser()->get('id', 0) : -1), true); foreach ($use_record as $use_item) { if ($default_title == $use_item->recElementId) { $default_title = cbinternal($item->recValue); if (!$is_list && $alt == 'USE-TITLE') { $alt = $default_title; $title = $default_title; } break; } } $use_title[intval($default_title)] = $db->loadResult(); } $alt = $use_title[intval($default_title)]; $title = $use_title[intval($default_title)]; } } else { if ($is_list && trim($alt) == '') { $alt = cbinternal($article->cbrecord->items[0]->recValue); $title = cbinternal($article->cbrecord->items[0]->recValue); } } $is_series = false; if ($field && ($width || $height)) { if ($record !== null) { if (isset($record) && is_array($record)) { foreach ($record as $item) { if ($default_title == $item->recElementId) { $default_title = cbinternal($item->recValue); if (!$is_list && $alt == 'USE-TITLE') { $alt = $default_title; $title = $default_title; } break; } } foreach ($record as $item) { if ($item->recName == $field) { if (trim($alt) == '') { $alt = cbinternal($item->recValue); $title = cbinternal($item->recValue); } $the_files = explode("\n", str_replace("\r", '', $item->recValue)); $the_files_size = count($the_files); if ($the_files_size > 0) { $is_series = true; } for ($fcnt = 0; $fcnt < $the_files_size; $fcnt++) { $the_value = str_replace(array('{CBSite}', '{cbsite}'), JPATH_SITE, trim($the_files[$fcnt])); if ($the_value && ($width || $height)) { $image = @getimagesize($the_value); if ($image !== false) { if ($type != 'simple') { if (!$width || $width < 0) { $width = $height; } if (!$height || $height < 0) { $height = $width; } } if ($width > 16384) { $width = 16384; } if ($height > 16384) { $height = 16384; } $exif_type = exif_imagetype($the_value); // displaying the original file on request if (JRequest::getInt('contentbuilder_display_detail', 0)) { if (JRequest::getVar('contentbuilder_detail_file', '', 'REQUEST', 'STRING', JREQUEST_ALLOWRAW) == sha1($field . $the_value)) { // clean up before displaying ob_end_clean(); switch ($exif_type) { case IMAGETYPE_JPEG2000: header('Content-Type: ' . @image_type_to_mime_type(IMAGETYPE_JPEG2000)); break; case IMAGETYPE_JPEG: header('Content-Type: ' . @image_type_to_mime_type(IMAGETYPE_JPEG)); break; case IMAGETYPE_GIF: header('Content-Type: ' . @image_type_to_mime_type(IMAGETYPE_GIF)); break; case IMAGETYPE_PNG: header('Content-Type: ' . @image_type_to_mime_type(IMAGETYPE_PNG)); break; } header('Content-Disposition: inline; filename="' . basename(JFilterOutput::stringURLSafe($title) . '_' . $the_value) . '"'); header('Content-Length: ' . @filesize($the_value)); @$this->readfile_chunked($the_value); exit; } } $filename = ''; $pathinfo = pathinfo($the_value); $basename = basename($the_value, '.' . $pathinfo['extension']) . '_' . $width . 'x' . $height . '_cbresized'; if ($folder && JFolder::exists($folder)) { $filename = $folder . DS . $basename . image_type_to_extension($exif_type); } else { $filename = $pathinfo['dirname'] . DS . $basename . image_type_to_extension($exif_type); $folder = $pathinfo['dirname']; } if (is_numeric($global_cache)) { $limit = intval($global_cache); $sourcePath = $folder . DS; if (@file_exists($sourcePath) && @is_readable($sourcePath) && @is_dir($sourcePath) && ($handle = @opendir($sourcePath))) { while (false !== ($file = @readdir($handle))) { if ($file != "." && $file != "..") { $parts = explode('_', $file); $exparts = explode('.', isset($parts[count($parts) - 1]) ? $parts[count($parts) - 1] : array()); if (isset($exparts[0]) && $exparts[0] == 'cbresized') { if (@JFile::exists($sourcePath . $file) && @is_readable($sourcePath . $file)) { $fileCreationTime = @filectime($sourcePath . $file); $fileAge = time() - $fileCreationTime; if ($fileAge >= $limit) { JFile::delete($sourcePath . $file); } } } } } @closedir($handle); } } $image_changed = false; $image_filesize = @filesize($filename); if ($image_filesize !== null) { $existing_image = @getimagesize($filename); if ($existing_image[0] != $width || $existing_image[1] != $height) { $image_changed = true; } } $create = false; switch ($cache) { case 'none': $create = true; break; default: if (is_numeric($cache) && JFile::exists($filename)) { $limit = intval($cache); $fileCreationTime = @filectime($filename); $fileAge = time() - $fileCreationTime; if ($fileAge >= $limit) { JFile::delete($filename); $create = true; } } } $max_ok = true; if (@filesize($the_value) > $max_filesize) { $max_ok = false; } if ($max_ok && ($create || $image_filesize === false || $image_changed)) { $col_ = $bgcolor; if ($bgcolor !== null) { $col = array(); $col[0] = intval(@hexdec(@substr($bgcolor, 1, 2))); $col[1] = intval(@hexdec(@substr($bgcolor, 3, 2))); $col[2] = intval(@hexdec(@substr($bgcolor, 5, 2))); $col_ = $col; } $resized = false; $resource = false; // try to prevent memory issues $memory = true; $imageInfo = $image; $MB = 1048576; $K64 = 65536; $TWEAKFACTOR = 1.5; $memoryNeeded = round(($imageInfo[0] * $imageInfo[1] * @$imageInfo['bits'] * (@$imageInfo['channels'] / 8) + $K64) * $TWEAKFACTOR); $ini = 8 * $MB; if (ini_get('memory_limit') !== false) { $ini = $this->returnBytes(ini_get('memory_limit')); } $memoryLimit = $ini; if (function_exists('memory_get_usage') && memory_get_usage() + $memoryNeeded > $memoryLimit) { $memory = false; } if ($memory) { switch ($exif_type) { case IMAGETYPE_JPEG2000: case IMAGETYPE_JPEG: $resource = @imagecreatefromjpeg($the_value); if ($resource) { $resized = @$this->resize_image($resource, $width, $height, $type == 'crop' ? 1 : ($type == 'simple' ? 3 : 2), $col_); if ($resized) { @imagejpeg($resized, $filename); } if ($resized) { @imagedestroy($resized); } if ($image[0] != $original_width && $image[1] != $original_height && ($original_width > 0 || $original_height > 0)) { if ($original_width != 0 && $original_height == 0) { $original_height = $original_width; } if ($original_width == 0 && $original_height != 0) { $original_width = $original_height; } $resized2 = @$this->resize_image($resource, $original_width, $original_height, $type == 'crop' ? 1 : ($type == 'simple' ? 3 : 2), $col_); if ($resized2) { @imagejpeg($resized2, $the_value); @imagedestroy($resized2); $image = @getimagesize($the_value); } } @imagedestroy($resource); } break; case IMAGETYPE_GIF: $resource = @imagecreatefromgif($the_value); if ($resource) { $resized = @$this->resize_image($resource, $width, $height, $type == 'crop' ? 1 : ($type == 'simple' ? 3 : 2), $col_); if ($resized) { @imagegif($resized, $filename); } if ($resized) { @imagedestroy($resized); } if ($image[0] != $original_width && $image[1] != $original_height && ($original_width > 0 || $original_height > 0)) { if ($original_width != 0 && $original_height == 0) { $original_height = $original_width; } if ($original_width == 0 && $original_height != 0) { $original_width = $original_height; } $resized2 = @$this->resize_image($resource, $original_width, $original_height, $type == 'crop' ? 1 : ($type == 'simple' ? 3 : 2), $col_); if ($resized2) { @imagegif($resized2, $the_value); @imagedestroy($resized2); $image = @getimagesize($the_value); } } @imagedestroy($resource); } break; case IMAGETYPE_PNG: $resource = @imagecreatefrompng($the_value); if ($resource) { $resized = @$this->resize_image($resource, $width, $height, $type == 'crop' ? 1 : ($type == 'simple' ? 3 : 2), $col_); if ($resized) { @imagepng($resized, $filename); } if ($resized) { @imagedestroy($resized); } if ($image[0] != $original_width && $image[1] != $original_height && ($original_width > 0 || $original_height > 0)) { if ($original_width != 0 && $original_height == 0) { $original_height = $original_width; } if ($original_width == 0 && $original_height != 0) { $original_width = $original_height; } $resized2 = @$this->resize_image($resource, $original_width, $original_height, $type == 'crop' ? 1 : ($type == 'simple' ? 3 : 2), $col_); if ($resized2) { @imagepng($resized2, $the_value); @imagedestroy($resized2); $image = @getimagesize($the_value); } } @imagedestroy($resource); } break; } } } if ($filename) { $the_image = @getimagesize($filename); if ($the_image !== false) { if (JRequest::getInt('contentbuilder_display', 0)) { if (JRequest::getVar('contentbuilder_field', '', 'REQUEST', 'STRING', JREQUEST_ALLOWRAW) == sha1($field . $filename)) { // clean up before displaying ob_end_clean(); switch ($exif_type) { case IMAGETYPE_JPEG2000: header('Content-Type: ' . @image_type_to_mime_type(IMAGETYPE_JPEG2000)); break; case IMAGETYPE_JPEG: header('Content-Type: ' . @image_type_to_mime_type(IMAGETYPE_JPEG)); break; case IMAGETYPE_GIF: header('Content-Type: ' . @image_type_to_mime_type(IMAGETYPE_GIF)); break; case IMAGETYPE_PNG: header('Content-Type: ' . @image_type_to_mime_type(IMAGETYPE_PNG)); break; } header('Content-Disposition: inline; filename="' . JFilterOutput::stringURLSafe($title) . '_' . basename($filename) . '"'); header('Content-Length: ' . @filesize($filename)); @$this->readfile_chunked($filename); exit; } } else { $align_ = $align; $open_ = ''; $close_ = ''; $url = JURI::getInstance()->toString(); if (trim($open) == 'true') { if ($protect) { $open_ = JRoute::_($url . (strstr($url, '?') !== false ? '&' : '?') . 'contentbuilder_display_detail=1&contentbuilder_detail_file=' . sha1($field . $the_value)); } else { $ex = explode(JPATH_SITE . DS, JPath::clean($the_value), 2); $open_ = JURI::root(true) . '/' . str_replace("\\", "/", $ex[count($ex) - 1]); } } if ($open_) { $inPopup = false; JHTML::_('behavior.modal'); if ($image[0] > 960) { $inPopup = true; } if ($image[1] > 720) { $inPopup = true; } $hrefalign = $align_ ? 'style="float: ' . $align_ . ';" ' : ''; if ($inPopup) { $open_ = '<a href="javascript:var win = window.open(\'' . $open_ . '\',\'ImageSizer\',\'height=' . $image[1] . ',width=' . $image[0] . ',scrollbars=1\');win.focus();void(0);" ' . $hrefalign . '>'; } else { $open_ = '<a href="' . $open_ . '" ' . $hrefalign . 'class="modal" rel="{handler:\'iframe\',size:{x:' . ($image[0] + 20) . ',y:' . ($image[1] + 20) . '}}">'; } $close_ = '</a>'; } if ($protect) { $src = JRoute::_($url . (strstr($url, '?') !== false ? '&' : '?') . 'contentbuilder_display=1&contentbuilder_field=' . sha1($field . $filename)); } else { $ex = explode(JPATH_SITE . DS, $filename, 2); $src = JURI::root(true) . '/' . str_replace("\\", "/", $ex[count($ex) - 1]); } $out .= $open_ . '<img border="0" ' . $the_image[3] . ' ' . ($align_ ? 'style="float: ' . $align_ . ';" ' : '') . 'alt="' . $alt . '" title="' . $title . '" src="' . $src . '"/>' . $close_; if ($is_series && $align_ && (strtolower($align_) == 'left' || strtolower($align_) == 'right')) { $out .= '<div style="float:' . strtolower($align_) . ';width: 5px;"> </div>'; } $align_ = ''; } } } } } $time_passed = $this->measureTime(); if ($time_passed - $start_time > $max_time) { break; } } } } } } } if (trim($out) == '' && JFile::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . basename($default_image))) { $out = '<img width="' . $default_image_width . '" height="' . $default_image_height . '" alt="" src="' . JURI::root(true) . '/media/contentbuilder/plugins/image_scale/' . basename($default_image) . '"/>'; } if ($is_series && $align && (strtolower($align) == 'left' || strtolower($align) == 'right')) { $out .= '<div style="clear:' . strtolower($align) . ';"></div>'; } $article->text = str_replace($matches[0][$i], $out, $article->text); $i++; } } } return true; }
function store() { JRequest::checkToken('default') or jexit(JText::_('JInvalid_Token')); JPluginHelper::importPlugin('contentbuilder_submit'); $submit_dispatcher = JDispatcher::getInstance(); JFactory::getSession()->clear('cb_failed_values', 'com_contentbuilder.' . $this->_id); JRequest::setVar('cb_submission_failed', 0); $query = $this->_buildQuery(); $this->_data = $this->_getList($query, 0, 1); if (!count($this->_data)) { JError::raiseError(404, JText::_('COM_CONTENTBUILDER_FORM_NOT_FOUND')); } foreach ($this->_data as $data) { if (!$this->frontend && $data->display_in == 0) { JError::raiseError(404, JText::_('COM_CONTENTBUILDER_RECORD_NOT_FOUND')); } else { if ($this->frontend && $data->display_in == 1) { JError::raiseError(404, JText::_('COM_CONTENTBUILDER_RECORD_NOT_FOUND')); } } $data->form_id = $this->_id; if ($data->type && $data->reference_id) { $values = array(); $data->form = contentbuilder::getForm($data->type, $data->reference_id); $meta = $data->form->getRecordMetadata($this->_record_id); if (!$data->edit_by_type) { $noneditable_fields = contentbuilder::getListNonEditableElements($this->_id); $names = $data->form->getElementNames(); $this->_db->setQuery("Select * From #__contentbuilder_elements Where form_id = " . $this->_id . " And published = 1 And editable = 1"); $fields = $this->_db->loadAssocList(); $the_fields = array(); $the_name_field = null; $the_username_field = null; $the_password_field = null; $the_password_repeat_field = null; $the_email_field = null; $the_email_repeat_field = null; $the_html_fields = array(); $the_upload_fields = array(); $the_captcha_field = null; $the_failed_registration_fields = array(); jimport('joomla.filesystem.file'); jimport('joomla.filesystem.folder'); foreach ($fields as $special_field) { switch ($special_field['type']) { case 'text': case 'upload': case 'captcha': case 'textarea': if ($special_field['type'] == 'upload') { $options = unserialize(base64_decode($special_field['options'])); $special_field['options'] = $options; $the_upload_fields[$special_field['reference_id']] = $special_field; } else { if ($special_field['type'] == 'captcha') { $options = unserialize(base64_decode($special_field['options'])); $special_field['options'] = $options; $the_captcha_field = $special_field; } else { if ($special_field['type'] == 'textarea') { $options = unserialize(base64_decode($special_field['options'])); $special_field['options'] = $options; if (isset($special_field['options']->allow_html) && $special_field['options']->allow_html) { $the_html_fields[$special_field['reference_id']] = $special_field; } else { $the_fields[$special_field['reference_id']] = $special_field; } } else { if ($special_field['type'] == 'text') { $options = unserialize(base64_decode($special_field['options'])); $special_field['options'] = $options; if ($data->act_as_registration && $data->registration_username_field == $special_field['reference_id']) { $the_username_field = $special_field; } else { if ($data->act_as_registration && $data->registration_name_field == $special_field['reference_id']) { $the_name_field = $special_field; } else { if ($data->act_as_registration && $data->registration_password_field == $special_field['reference_id']) { $the_password_field = $special_field; } else { if ($data->act_as_registration && $data->registration_password_repeat_field == $special_field['reference_id']) { $the_password_repeat_field = $special_field; } else { if ($data->act_as_registration && $data->registration_email_field == $special_field['reference_id']) { $the_email_field = $special_field; } else { if ($data->act_as_registration && $data->registration_email_repeat_field == $special_field['reference_id']) { $the_email_repeat_field = $special_field; } else { $the_fields[$special_field['reference_id']] = $special_field; } } } } } } } } } } break; default: $options = unserialize(base64_decode($special_field['options'])); $special_field['options'] = $options; $the_fields[$special_field['reference_id']] = $special_field; } } // we have defined a captcha, so let's test it if ($the_captcha_field !== null && !in_array($the_captcha_field['reference_id'], $noneditable_fields)) { if (!class_exists('Securimage')) { require_once JPATH_SITE . DS . 'components' . DS . 'com_contentbuilder' . DS . 'images' . DS . 'securimage' . DS . 'securimage.php'; } $securimage = new Securimage(); $cap_value = JRequest::getVar('cb_' . $the_captcha_field['reference_id'], null, 'POST'); if ($securimage->check($cap_value) == false) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_CAPTCHA_FAILED'), 'error'); } $values[$the_captcha_field['reference_id']] = $cap_value; $noneditable_fields[] = $the_captcha_field['reference_id']; } // now let us see if we have a registration // make sure to wait for previous errors if ($data->act_as_registration && $the_name_field !== null && $the_email_field !== null && $the_email_repeat_field !== null && $the_password_field !== null && $the_password_repeat_field !== null && $the_username_field !== null) { $pw1 = JRequest::getVar('cb_' . $the_password_field['reference_id'], '', 'POST', 'STRING', JREQUEST_NOTRIM | JREQUEST_ALLOWRAW); $pw2 = JRequest::getVar('cb_' . $the_password_repeat_field['reference_id'], '', 'POST', 'STRING', JREQUEST_NOTRIM | JREQUEST_ALLOWRAW); $email = JRequest::getVar('cb_' . $the_email_field['reference_id'], '', 'POST', 'STRING', JREQUEST_ALLOWRAW); $email2 = JRequest::getVar('cb_' . $the_email_repeat_field['reference_id'], '', 'POST', 'STRING', JREQUEST_ALLOWRAW); $name = JRequest::getVar('cb_' . $the_name_field['reference_id'], '', 'POST', 'STRING', JREQUEST_ALLOWRAW); $username = JRequest::getVar('cb_' . $the_username_field['reference_id'], '', 'POST', 'STRING', JREQUEST_NOTRIM | JREQUEST_ALLOWRAW); if (!JRequest::getVar('cb_submission_failed', 0)) { if (!trim($name)) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_NAME_EMPTY'), 'error'); } if (!trim($username)) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_USERNAME_EMPTY'), 'error'); } else { if (preg_match("#[<>\"'%;()&]#i", $username) || strlen(utf8_decode($username)) < 2) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_USERNAME_INVALID'), 'error'); } } if (!trim($email)) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_EMAIL_EMPTY'), 'error'); } else { if (!contentbuilder_is_email($email)) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_EMAIL_INVALID'), 'error'); } else { if ($email != $email2) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_EMAIL_MISMATCH'), 'error'); } } } if (!$meta->created_id && !JFactory::getUser()->get('id', 0)) { $this->_db->setQuery("Select count(id) From #__users Where `username` = " . $this->_db->Quote($username)); if ($this->_db->loadResult()) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_USERNAME_NOT_AVAILABLE'), 'error'); } $this->_db->setQuery("Select count(id) From #__users Where `email` = " . $this->_db->Quote($email)); if ($this->_db->loadResult()) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_EMAIL_NOT_AVAILABLE'), 'error'); } if ($pw1 != $pw2) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_PASSWORD_MISMATCH'), 'error'); JRequest::setVar('cb_' . $the_password_field['reference_id'], ''); JRequest::setVar('cb_' . $the_password_repeat_field['reference_id'], ''); } else { if (!trim($pw1)) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_PASSWORD_EMPTY'), 'error'); JRequest::setVar('cb_' . $the_password_field['reference_id'], ''); JRequest::setVar('cb_' . $the_password_repeat_field['reference_id'], ''); } } } else { if ($meta->created_id && $meta->created_id != JFactory::getUser()->get('id', 0)) { $this->_db->setQuery("Select count(id) From #__users Where id <> " . $this->_db->Quote($meta->created_id) . " And `username` = " . $this->_db->Quote($username)); if ($this->_db->loadResult()) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_USERNAME_NOT_AVAILABLE'), 'error'); } $this->_db->setQuery("Select count(id) From #__users Where id <> " . $this->_db->Quote($meta->created_id) . " And `email` = " . $this->_db->Quote($email)); if ($this->_db->loadResult()) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_EMAIL_NOT_AVAILABLE'), 'error'); } } else { $this->_db->setQuery("Select count(id) From #__users Where id <> " . $this->_db->Quote(JFactory::getUser()->get('id', 0)) . " And `username` = " . $this->_db->Quote($username)); if ($this->_db->loadResult()) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_USERNAME_NOT_AVAILABLE'), 'error'); } $this->_db->setQuery("Select count(id) From #__users Where id <> " . $this->_db->Quote(JFactory::getUser()->get('id', 0)) . " And `email` = " . $this->_db->Quote($email)); if ($this->_db->loadResult()) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_EMAIL_NOT_AVAILABLE'), 'error'); } } if (trim($pw1) != '' || trim($pw2) != '') { if ($pw1 != $pw2) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_PASSWORD_MISMATCH'), 'error'); JRequest::setVar('cb_' . $the_password_field['reference_id'], ''); JRequest::setVar('cb_' . $the_password_repeat_field['reference_id'], ''); } else { if (!trim($pw1)) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(JText::_('COM_CONTENTBUILDER_PASSWORD_EMPTY'), 'error'); JRequest::setVar('cb_' . $the_password_field['reference_id'], ''); JRequest::setVar('cb_' . $the_password_repeat_field['reference_id'], ''); } } } } if (!JRequest::getVar('cb_submission_failed', 0)) { //$noneditable_fields[] = $the_name_field['reference_id']; $noneditable_fields[] = $the_password_field['reference_id']; $noneditable_fields[] = $the_password_repeat_field['reference_id']; //$noneditable_fields[] = $the_email_field['reference_id']; $noneditable_fields[] = $the_email_repeat_field['reference_id']; //$noneditable_fields[] = $the_username_field['reference_id']; } else { $the_failed_registration_fields[$the_name_field['reference_id']] = $the_name_field; //$the_failed_registration_fields[$the_password_field['reference_id']] = $the_password_field; //$the_failed_registration_fields[$the_password_repeat_field['reference_id']] = $the_password_repeat_field; $the_failed_registration_fields[$the_email_field['reference_id']] = $the_email_field; $the_failed_registration_fields[$the_email_repeat_field['reference_id']] = $the_email_repeat_field; $the_failed_registration_fields[$the_username_field['reference_id']] = $the_username_field; } } else { $the_failed_registration_fields[$the_name_field['reference_id']] = $the_name_field; //$the_failed_registration_fields[$the_password_field['reference_id']] = $the_password_field; //$the_failed_registration_fields[$the_password_repeat_field['reference_id']] = $the_password_repeat_field; $the_failed_registration_fields[$the_email_field['reference_id']] = $the_email_field; $the_failed_registration_fields[$the_email_repeat_field['reference_id']] = $the_email_repeat_field; $the_failed_registration_fields[$the_username_field['reference_id']] = $the_username_field; } } $form_elements_objects = array(); $_items = $data->form->getRecord($this->_record_id, $data->published_only, $this->frontend ? $data->own_only_fe ? JFactory::getUser()->get('id', 0) : -1 : ($data->own_only ? JFactory::getUser()->get('id', 0) : -1), $this->frontend ? $data->show_all_languages_fe : true); // asigning the proper names first foreach ($names as $id => $name) { if (!in_array($id, $noneditable_fields)) { $value = ''; $is_array = 'STRING'; if (is_array(JRequest::getVar('cb_' . $id, ''))) { $is_array = 'ARRAY'; } if (isset($the_fields[$id]['options']->allow_raw) && $the_fields[$id]['options']->allow_raw) { $value = JRequest::getVar('cb_' . $id, '', 'POST', $is_array, JREQUEST_ALLOWRAW); } else { if (isset($the_fields[$id]['options']->allow_html) && $the_fields[$id]['options']->allow_html) { $value = JRequest::getVar('cb_' . $id, '', 'POST', $is_array, JREQUEST_ALLOWHTML); } else { $value = JRequest::getVar('cb_' . $id, '', 'POST', $is_array); } } if (isset($the_fields[$id]['options']->transfer_format)) { $value = contentbuilder_convert_date($value, $the_fields[$id]['options']->format, $the_fields[$id]['options']->transfer_format); } if (isset($the_html_fields[$id])) { $the_html_fields[$id]['name'] = $name; $the_html_fields[$id]['value'] = $value; } else { if (isset($the_failed_registration_fields[$id])) { $the_failed_registration_fields[$id]['name'] = $name; $the_failed_registration_fields[$id]['value'] = $value; } else { if (isset($the_upload_fields[$id])) { $the_upload_fields[$id]['name'] = $name; $the_upload_fields[$id]['value'] = ''; $the_upload_fields[$id]['orig_value'] = ''; if ($id == $the_upload_fields[$id]['reference_id']) { // delete if triggered if (JRequest::getInt('cb_delete_' . $id, 0) == 1 && isset($the_upload_fields[$id]['validations']) && $the_upload_fields[$id]['validations'] == '') { if (count($_items)) { foreach ($_items as $_item) { if ($_item->recElementId == $the_upload_fields[$id]['reference_id']) { $_value = $_item->recValue; $_files = explode("\n", str_replace("\r", '', $_value)); foreach ($_files as $_file) { if (strpos(strtolower($_file), '{cbsite}') === 0) { $_file = str_replace(array('{cbsite}', '{CBSite}'), array(JPATH_SITE, JPATH_SITE), $_file); } if (JFile::exists($_file)) { JFile::delete($_file); } $values[$id] = ''; } } } } } $file = JRequest::getVar('cb_' . $id, null, 'files', 'array'); if (trim(JFile::makeSafe($file['name'])) != '' && $file['size'] > 0) { $filename = trim(JFile::makeSafe($file['name'])); $infile = $filename; $src = $file['tmp_name']; $dest = ''; $tmp_dest = ''; $tmp_upload_field_dir = ''; $tmp_upload_dir = ''; if (isset($the_upload_fields[$id]['options']) && isset($the_upload_fields[$id]['options']->upload_directory) && $the_upload_fields[$id]['options']->upload_directory != '') { $tmp_upload_field_dir = $the_upload_fields[$id]['options']->upload_directory; $tmp_dest = $tmp_upload_field_dir; } else { if ($data->upload_directory != '') { $tmp_upload_dir = $data->upload_directory; $tmp_dest = $tmp_upload_dir; } } if (isset($the_upload_fields[$id]['options']) && isset($the_upload_fields[$id]['options']->upload_directory) && $the_upload_fields[$id]['options']->upload_directory != '') { $dest = str_replace(array('{CBSite}', '{cbsite}'), JPATH_SITE, $the_upload_fields[$id]['options']->upload_directory); } else { if ($data->upload_directory != '') { $dest = str_replace(array('{CBSite}', '{cbsite}'), JPATH_SITE, $data->upload_directory); } } // create dest path by tokens $dest = $this->createPathByTokens($dest, $names); $msg = ''; $uploaded = false; // FILE SIZE TEST if ($dest != '' && isset($the_upload_fields[$id]['options']) && isset($the_upload_fields[$id]['options']->max_filesize) && $the_upload_fields[$id]['options']->max_filesize > 0) { $val = $the_upload_fields[$id]['options']->max_filesize; $val = trim($val); $last = strtolower($val[strlen($val) - 1]); switch ($last) { case 'g': $val *= 1024; case 'm': $val *= 1024; case 'k': $val *= 1024; } if ($file['size'] > $val) { $msg = JText::_('COM_CONTENTBUILDER_FILESIZE_EXCEEDED') . ' ' . $the_upload_fields[$id]['options']->max_filesize . 'b'; } } // FILE EXT TEST if ($dest != '' && isset($the_upload_fields[$id]['options']) && isset($the_upload_fields[$id]['options']->allowed_file_extensions) && $the_upload_fields[$id]['options']->allowed_file_extensions != '') { $allowed = explode(',', str_replace(' ', '', strtolower($the_upload_fields[$id]['options']->allowed_file_extensions))); $ext = strtolower(JFile::getExt($filename)); if (!in_array($ext, $allowed)) { $msg = JText::_('COM_CONTENTBUILDER_FILE_EXTENSION_NOT_ALLOWED'); } } // UPLOAD if ($dest != '' && $msg == '') { // limit file's name size $ext = strtolower(JFile::getExt($filename)); $stripped = JFile::stripExt($filename); // in some apache configurations unknown file extensions could lead to security risks // because it will try to find an executable extensions within the chain of dots. So we simply remove them. $filename = str_replace(array(' ', '.'), '_', $stripped) . '.' . $ext; $maxnamesize = 100; if (function_exists('mb_strlen')) { if (mb_strlen($filename) > $maxnamesize) { $filename = mb_substr($filename, mb_strlen($filename) - $maxnamesize); } } else { if (strlen($filename) > $maxnamesize) { $filename = substr($filename, strlen($filename) - $maxnamesize); } } // take care of existing filenames if (JFile::exists($dest . DS . $filename)) { $filename = md5(mt_rand(0, mt_getrandmax()) . time()) . '_' . $filename; } // create pseudo security index.html if (!JFile::exists($dest . DS . 'index.html')) { JFile::write($dest . DS . 'index.html', $buffer = ''); } if (count($_items)) { $files_to_delete = array(); foreach ($_items as $_item) { if ($_item->recElementId == $the_upload_fields[$id]['reference_id']) { $_value = $_item->recValue; $_files = explode("\n", str_replace("\r", '', $_value)); foreach ($_files as $_file) { if (strpos(strtolower($_file), '{cbsite}') === 0) { $_file = str_replace(array('{cbsite}', '{CBSite}'), array(JPATH_SITE, JPATH_SITE), $_file); } $files_to_delete[] = $_file; } break; } } foreach ($files_to_delete as $file_to_delete) { if (JFile::exists($file_to_delete)) { JFile::delete($file_to_delete); } } } // final upload file moving $uploaded = JFile::upload($src, $dest . DS . $filename); if (!$uploaded) { $msg = JText::_('COM_CONTENTBUILDER_UPLOAD_FAILED'); } } if ($dest == '' || $uploaded !== true) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage($msg . ' (' . $infile . ')', 'error'); $the_upload_fields[$id]['value'] = ''; } else { if (strpos(strtolower($tmp_dest), '{cbsite}') === 0) { $dest = str_replace(array(JPATH_SITE, JPATH_SITE), array('{cbsite}', '{CBSite}'), $dest); } $values[$id] = $dest . DS . $filename; $the_upload_fields[$id]['value'] = $values[$id]; } $the_upload_fields[$id]['orig_value'] = JFile::makeSafe($file['name']); } if (trim($the_upload_fields[$id]['custom_validation_script'])) { $msg = self::customValidate(trim($the_upload_fields[$id]['custom_validation_script']), $the_upload_fields[$id], $merged = array_merge($the_upload_fields, $the_fields, $the_html_fields), JRequest::getCmd('record_id', ''), $data->form, isset($values[$id]) ? $values[$id] : ''); $msg = trim($msg); if (!empty($msg)) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(trim($msg), 'error'); } } $removables = array(); $validations = explode(',', $the_upload_fields[$id]['validations']); foreach ($validations as $validation) { $plgs = CBPluginHelper::importPlugin('contentbuilder_validation', $validation); $removables = array_merge($removables, $plgs); } $dispatcher = JDispatcher::getInstance(); $results = $dispatcher->trigger('onValidate', array($the_upload_fields[$id], $merged = array_merge($the_upload_fields, $the_fields, $the_html_fields), JRequest::getCmd('record_id', ''), $data->form, isset($values[$id]) ? $values[$id] : '')); foreach ($removables as $removable) { $dispatcher->detach($removable); } $all_errors = implode('', $results); if (!empty($all_errors)) { if (isset($values[$id]) && JFile::exists($values[$id])) { JFile::delete($values[$id]); } JRequest::setVar('cb_submission_failed', 1); foreach ($results as $result) { $result = trim($result); if (!empty($result)) { JFactory::getApplication()->enqueueMessage(trim($result), 'error'); } } } } } else { if (isset($the_fields[$id])) { $the_fields[$id]['name'] = $name; $the_fields[$id]['value'] = $value; } } } } } } foreach ($names as $id => $name) { if (!in_array($id, $noneditable_fields)) { if (isset($the_upload_fields[$id]) && $id == $the_upload_fields[$id]['reference_id']) { // nothing, done above already } else { $f = null; if (isset($the_html_fields[$id])) { $value = JRequest::getVar('cb_' . $id, '', 'POST', 'STRING', JREQUEST_ALLOWHTML); $f = $the_html_fields[$id]; $the_html_fields[$id]['value'] = $value; } if (isset($the_failed_registration_fields[$id])) { $value = JRequest::getVar('cb_' . $id, '', 'POST', 'STRING', JREQUEST_NOTRIM | JREQUEST_ALLOWRAW); $f = $the_failed_registration_fields[$id]; $the_failed_registration_fields[$id]['value'] = $value; } if (isset($the_fields[$id])) { $is_array = 'STRING'; if (is_array(JRequest::getVar('cb_' . $id, ''))) { $is_array = 'ARRAY'; } if (isset($the_fields[$id]['options']->allow_raw) && $the_fields[$id]['options']->allow_raw) { $value = JRequest::getVar('cb_' . $id, '', 'POST', $is_array, JREQUEST_ALLOWRAW); } else { if (isset($the_fields[$id]['options']->allow_html) && $the_fields[$id]['options']->allow_html) { $value = JRequest::getVar('cb_' . $id, '', 'POST', $is_array, JREQUEST_ALLOWHTML); } else { $value = JRequest::getVar('cb_' . $id, '', 'POST', $is_array); } } if (isset($the_fields[$id]['options']->transfer_format)) { $value = contentbuilder_convert_date($value, $the_fields[$id]['options']->format, $the_fields[$id]['options']->transfer_format); } $f = $the_fields[$id]; $the_fields[$id]['value'] = $value; } if ($f !== null) { if (trim($f['custom_validation_script'])) { $msg = self::customValidate(trim($f['custom_validation_script']), $f, $merged = array_merge($the_upload_fields, $the_fields, $the_html_fields), JRequest::getCmd('record_id', ''), $data->form, $value); $msg = trim($msg); if (!empty($msg)) { JRequest::setVar('cb_submission_failed', 1); JFactory::getApplication()->enqueueMessage(trim($msg), 'error'); } } $removables = array(); $validations = explode(',', $f['validations']); foreach ($validations as $validation) { $plgs = CBPluginHelper::importPlugin('contentbuilder_validation', $validation); $removables = array_merge($removables, $plgs); } $dispatcher = JDispatcher::getInstance(); $results = $dispatcher->trigger('onValidate', array($f, $merged = array_merge($the_upload_fields, $the_fields, $the_html_fields), JRequest::getCmd('record_id', ''), $data->form, $value)); foreach ($removables as $removable) { $dispatcher->detach($removable); } $all_errors = implode('', $results); $values[$id] = $value; if (!empty($all_errors)) { JRequest::setVar('cb_submission_failed', 1); foreach ($results as $result) { $result = trim($result); if (!empty($result)) { JFactory::getApplication()->enqueueMessage(trim($result), 'error'); } } } else { $removables = array(); $plgs = CBPluginHelper::importPlugin('contentbuilder_form_elements', $f['type']); $removables = array_merge($removables, $plgs); $dispatcher = JDispatcher::getInstance(); $plugin_validations = $dispatcher->trigger('onAfterValidationSuccess', array($f, $m = array_merge($the_upload_fields, $the_fields, $the_html_fields), JRequest::getCmd('record_id', ''), $data->form, $value)); if (count($plugin_validations)) { $form_elements_objects[] = $plugin_validations[0]; } foreach ($removables as $removable) { $dispatcher->detach($removable); } } } } } } $submit_before_result = $submit_dispatcher->trigger('onBeforeSubmit', array(JRequest::getCmd('record_id', ''), $data->form, $values)); if (JRequest::getVar('cb_submission_failed', 0)) { JFactory::getSession()->set('cb_failed_values', $values, 'com_contentbuilder.' . $this->_id); return JRequest::getCmd('record_id', ''); } $record_return = $data->form->saveRecord(JRequest::getCmd('record_id', ''), $values); foreach ($form_elements_objects as $form_elements_object) { if ($form_elements_object instanceof CBFormElementAfterValidation) { $form_elements_object->onSaveRecord($record_return); } } if ($data->act_as_registration && $record_return) { $meta = $data->form->getRecordMetadata($record_return); if (!$data->registration_bypass_plugin || $meta->created_id) { $user_id = $this->register('', '', '', $meta->created_id, JRequest::getVar('cb_' . $the_name_field['reference_id'], '', 'POST', 'STRING', JREQUEST_ALLOWRAW), JRequest::getVar('cb_' . $the_username_field['reference_id'], '', 'POST', 'STRING', JREQUEST_NOTRIM | JREQUEST_ALLOWRAW), JRequest::getVar('cb_' . $the_email_field['reference_id'], '', 'POST', 'STRING', JREQUEST_ALLOWRAW), JRequest::getVar('cb_' . $the_password_field['reference_id'], '', 'POST', 'STRING', JREQUEST_NOTRIM | JREQUEST_ALLOWRAW)); if (intval($user_id) > 0) { JFactory::getSession()->set('cb_last_record_user_id', $user_id, 'com_contentbuilder'); $data->form->saveRecordUserData($record_return, $user_id, JRequest::getVar('cb_' . $the_name_field['reference_id'], '', 'POST', 'STRING', JREQUEST_ALLOWRAW), JRequest::getVar('cb_' . $the_username_field['reference_id'], '', 'POST', 'STRING', JREQUEST_NOTRIM | JREQUEST_ALLOWRAW)); } } else { if (!$meta->created_id) { $bypass = new stdClass(); $verification_name = str_replace(array(';', '___', '|'), '-', trim($data->registration_bypass_verification_name) ? trim($data->registration_bypass_verification_name) : $data->title); $verify_view = trim($data->registration_bypass_verify_view) ? trim($data->registration_bypass_verify_view) : $data->id; $bypass->text = $orig_text = '{CBVerify plugin: ' . $data->registration_bypass_plugin . '; verification-name: ' . $verification_name . '; verify-view: ' . $verify_view . '; ' . str_replace(array("\r", "\n"), '', $data->registration_bypass_plugin_params) . '}'; $params = new stdClass(); JPluginHelper::importPlugin('content', 'contentbuilder_verify'); $bypass_dispatcher = JDispatcher::getInstance(); $bypass_result = $bypass_dispatcher->trigger('onPrepareContent', array(&$bypass, &$params)); $verification_id = ''; if ($bypass->text != $orig_text) { $verification_id = md5(uniqid(null, true) . mt_rand(0, mt_getrandmax()) . JFactory::getUser()->get('id', 0)); } $user_id = $this->register($data->registration_bypass_plugin, $verification_name, $verification_id, $meta->created_id, JRequest::getVar('cb_' . $the_name_field['reference_id'], '', 'POST', 'STRING', JREQUEST_ALLOWRAW), JRequest::getVar('cb_' . $the_username_field['reference_id'], '', 'POST', 'STRING', JREQUEST_NOTRIM | JREQUEST_ALLOWRAW), JRequest::getVar('cb_' . $the_email_field['reference_id'], '', 'POST', 'STRING', JREQUEST_ALLOWRAW), JRequest::getVar('cb_' . $the_password_field['reference_id'], '', 'POST', 'STRING', JREQUEST_NOTRIM | JREQUEST_ALLOWRAW)); if (intval($user_id) > 0) { JFactory::getSession()->set('cb_last_record_user_id', $user_id, 'com_contentbuilder'); $data->form->saveRecordUserData($record_return, $user_id, JRequest::getVar('cb_' . $the_name_field['reference_id'], '', 'POST', 'STRING', JREQUEST_ALLOWRAW), JRequest::getVar('cb_' . $the_username_field['reference_id'], '', 'POST', 'STRING', JREQUEST_NOTRIM | JREQUEST_ALLOWRAW)); } if ($bypass->text != $orig_text && intval($user_id) > 0) { $_now = JFactory::getDate(); $setup = JFactory::getSession()->get($data->registration_bypass_plugin . $verification_name, '', 'com_contentbuilder.verify.' . $data->registration_bypass_plugin . $verification_name); JFactory::getSession()->clear($data->registration_bypass_plugin . $verification_name, 'com_contentbuilder.verify.' . $data->registration_bypass_plugin . $verification_name); jimport('joomla.version'); $version = new JVersion(); if (version_compare($version->getShortVersion(), '3.0', '>=')) { $___now = $_now->toSql(); } else { $___now = $_now->toMySQL(); } $this->_db->setQuery("\n Insert Into #__contentbuilder_verifications\n (\n `verification_hash`,\n `start_date`,\n `verification_data`,\n `user_id`,\n `plugin`,\n `ip`,\n `setup`,\n `client`\n )\n Values\n (\n " . $this->_db->Quote($verification_id) . ",\n " . $this->_db->Quote($___now) . ",\n " . $this->_db->Quote('type=registration&') . ",\n " . $user_id . ",\n " . $this->_db->Quote($data->registration_bypass_plugin) . ",\n " . $this->_db->Quote($_SERVER['REMOTE_ADDR']) . ",\n " . $this->_db->Quote($setup) . ",\n " . intval(JFactory::getApplication()->isAdmin() ? 1 : 0) . "\n )\n "); $this->_db->query(); } } } } if ($this->frontend && !JRequest::getCmd('record_id', '') && $record_return && !JRequest::getVar('return', '')) { if ($data->force_login) { if (!JFactory::getUser()->get('id', 0)) { if (!$this->is15) { JRequest::setVar('return', base64_encode(JRoute::_('index.php?option=com_users&view=login&Itemid=' . JRequest::getInt('Itemid', 0), false))); } else { JRequest::setVar('return', base64_encode(JRoute::_('index.php?option=com_user&view=login&Itemid=' . JRequest::getInt('Itemid', 0), false))); } } else { if (!$this->is15) { JRequest::setVar('return', base64_encode(JRoute::_('index.php?option=com_users&view=profile&Itemid=' . JRequest::getInt('Itemid', 0), false))); } else { JRequest::setVar('return', base64_encode(JRoute::_('index.php?option=com_user&view=user&Itemid=' . JRequest::getInt('Itemid', 0), false))); } } } else { if (trim($data->force_url)) { JRequest::setVar('cbInternalCheck', 0); JRequest::setVar('return', base64_encode(trim($data->force_url))); } } } if ($record_return) { $sef = ''; $ignore_lang_code = '*'; if ($data->default_lang_code_ignore) { jimport('joomla.version'); $version = new JVersion(); if (version_compare($version->getShortVersion(), '1.6', '>=')) { $this->_db->setQuery("Select lang_code From #__languages Where published = 1 And sef = " . $this->_db->Quote(trim(JRequest::getCmd('lang', '')))); $ignore_lang_code = $this->_db->loadResult(); if (!$ignore_lang_code) { $ignore_lang_code = '*'; } } else { $codes = contentbuilder::getLanguageCodes(); foreach ($codes as $code) { if (strstr(strtolower($code), strtolower(trim(JRequest::getCmd('lang', '')))) !== false) { $ignore_lang_code = strtolower($code); break; } } } $sef = trim(JRequest::getCmd('lang', '')); if ($ignore_lang_code == '*') { $sef = ''; } } else { jimport('joomla.version'); $version = new JVersion(); if (version_compare($version->getShortVersion(), '1.6', '>=')) { $this->_db->setQuery("Select sef From #__languages Where published = 1 And lang_code = " . $this->_db->Quote($data->default_lang_code)); $sef = $this->_db->loadResult(); } else { $codes = contentbuilder::getLanguageCodes(); foreach ($codes as $code) { if ($code == $data->default_lang_code) { $sef = explode('-', $code); if (count($sef)) { $sef = strtolower($sef[0]); } break; } } } } $language = $data->default_lang_code_ignore ? $ignore_lang_code : $data->default_lang_code; $this->_db->setQuery("Select id, edited From #__contentbuilder_records Where `type` = " . $this->_db->Quote($data->type) . " And `reference_id` = " . $this->_db->Quote($data->form->getReferenceId()) . " And record_id = " . $this->_db->Quote($record_return)); $res = $this->_db->loadAssoc(); $last_update = JFactory::getDate(); jimport('joomla.version'); $version = new JVersion(); if (version_compare($version->getShortVersion(), '3.0', '>=')) { $last_update = $last_update->toSql(); } else { $last_update = $last_update->toMySQL(); } if (!is_array($res)) { $is_future = 0; $created_up = JFactory::getDate(); if (version_compare($version->getShortVersion(), '3.0', '>=')) { $created_up = $created_up->toSql(); } else { $created_up = $created_up->toMySQL(); } if (intval($data->default_publish_up_days) != 0) { $is_future = 1; $date = JFactory::getDate(strtotime('now +' . intval($data->default_publish_up_days) . ' days')); if (version_compare($version->getShortVersion(), '3.0', '>=')) { $created_up = $date->toSql(); } else { $created_up = $date->toMySQL(); } } $created_down = '0000-00-00 00:00:00'; if (intval($data->default_publish_down_days) != 0) { $date = JFactory::getDate(strtotime($created_up . ' +' . intval($data->default_publish_down_days) . ' days')); if (version_compare($version->getShortVersion(), '3.0', '>=')) { $created_down = $date->toSql(); } else { $created_down = $date->toMySQL(); } } $this->_db->setQuery("Insert Into #__contentbuilder_records (session_id,`type`,last_update,is_future,lang_code, sef, published, record_id, reference_id, publish_up, publish_down) Values ('" . JFactory::getSession()->getId() . "'," . $this->_db->Quote($data->type) . "," . $this->_db->Quote($last_update) . ",{$is_future}," . $this->_db->Quote($language) . "," . $this->_db->Quote(trim($sef)) . "," . $this->_db->Quote($data->auto_publish && !$is_future ? 1 : 0) . ", " . $this->_db->Quote($record_return) . ", " . $this->_db->Quote($data->form->getReferenceId()) . ", " . $this->_db->Quote($created_up) . ", " . $this->_db->Quote($created_down) . ")"); $this->_db->query(); } else { $this->_db->setQuery("Update #__contentbuilder_records Set last_update = " . $this->_db->Quote($last_update) . ",lang_code = " . $this->_db->Quote($language) . ", sef = " . $this->_db->Quote(trim($sef)) . ", edited = edited + 1 Where `type` = " . $this->_db->Quote($data->type) . " And `reference_id` = " . $this->_db->Quote($data->form->getReferenceId()) . " And record_id = " . $this->_db->Quote($record_return)); $this->_db->query(); } } } else { $record_return = JRequest::getCmd('record_id', ''); } $data->items = $data->form->getRecord($record_return, $data->published_only, $this->frontend ? $data->own_only_fe ? JFactory::getUser()->get('id', 0) : -1 : ($data->own_only ? JFactory::getUser()->get('id', 0) : -1), true); $data_email_items = $data->form->getRecord($record_return, false, -1, false); $data->labels = $data->form->getElementLabels(); $ids = array(); foreach ($data->labels as $reference_id => $label) { $ids[] = $this->_db->Quote($reference_id); } $data->labels = array(); if (count($ids)) { $this->_db->setQuery("Select Distinct `label`, reference_id From #__contentbuilder_elements Where form_id = " . intval($this->_id) . " And reference_id In (" . implode(',', $ids) . ") And published = 1 Order By ordering"); $rows = $this->_db->loadAssocList(); $ids = array(); foreach ($rows as $row) { $ids[] = $row['reference_id']; } } $article_id = 0; // creating the article if ($data->create_articles && count($data->items)) { $data->page_title = $data->use_view_name_as_title ? $data->name : $data->form->getPageTitle(); //if(!count($data->items)){ // JError::raiseError(404, JText::_('COM_CONTENTBUILDER_RECORD_NOT_FOUND')); //} $this->_db->setQuery("Select articles.`id` From #__contentbuilder_articles As articles, #__content As content Where content.id = articles.article_id And (content.state = 1 Or content.state = 0) And articles.form_id = " . intval($this->_id) . " And articles.record_id = " . $this->_db->Quote($record_return)); $article = $this->_db->loadResult(); $config = array(); if ($article) { if (!$this->is15) { $config = JRequest::getVar('jform', array()); } else { $config = array('ordering' => JRequest::getInt('ordering', 0), 'sectionid' => JRequest::getInt('sectionid', 0), 'catid' => JRequest::getInt('catid', 0), 'alias' => JRequest::getVar('alias', ''), 'frontpage' => JRequest::getInt('frontpage', 0), 'state' => JRequest::getInt('state', 0), 'details' => JRequest::getVar('details', array()), 'params' => JRequest::getVar('params', array()), 'meta' => JRequest::getVar('meta', array())); } } $full = $this->frontend ? contentbuilder::authorizeFe('fullarticle') : contentbuilder::authorize('fullarticle'); $article_id = contentbuilder::createArticle($this->_id, $record_return, $data->items, $ids, $data->title_field, $data->form->getRecordMetadata($record_return), $config, $full, $this->frontend ? $data->limited_article_options_fe : $data->limited_article_options, JRequest::getVar('cb_category_id', null)); if (isset($form_elements_objects)) { foreach ($form_elements_objects as $form_elements_object) { if ($form_elements_object instanceof CBFormElementAfterValidation) { $form_elements_object->onSaveArticle($article_id); } } } } // required to determine blocked users in system plugin if ($data->act_as_registration && isset($user_id) && intval($user_id) > 0) { $this->_db->setQuery("Insert Into #__contentbuilder_registered_users (user_id, form_id, record_id) Values (" . intval($user_id) . ", " . $this->_id . ", " . $this->_db->Quote($record_return) . ")"); $this->_db->query(); } if (!$data->edit_by_type) { $cleanedValues = array(); foreach ($values as $rawvalue) { if (is_array($rawvalue)) { if (isset($rawvalue[0]) && $rawvalue[0] == 'cbGroupMark') { unset($rawvalue[0]); $cleanedValues[] = array_values($rawvalue); } else { $cleanedValues[] = $rawvalue; } } else { $cleanedValues[] = $rawvalue; } } $submit_after_result = $submit_dispatcher->trigger('onAfterSubmit', array($record_return, $article_id, $data->form, $cleanedValues)); foreach ($fields as $actionField) { if (trim($actionField['custom_action_script'])) { self::customAction(trim($actionField['custom_action_script']), $record_return, $article_id, $data->form, $actionField, $fields, $cleanedValues); } } if (!JRequest::getCmd('record_id', '') && $data->email_notifications || JRequest::getCmd('record_id', '') && $data->email_update_notifications) { $from = $MailFrom = CBCompat::getJoomlaConfig('config.mailfrom'); $fromname = CBCompat::getJoomlaConfig('config.fromname'); $mailer = JFactory::getMailer(); $email_admin_template = ''; $email_template = ''; // admin email if (trim($data->email_admin_recipients)) { // sender if (trim($data->email_admin_alternative_from)) { foreach ($data->items as $item) { $data->email_admin_alternative_from = str_replace('{' . $item->recName . '}', cbinternal($item->recValue), $data->email_admin_alternative_from); } $from = $data->email_admin_alternative_from; } if (trim($data->email_admin_alternative_fromname)) { foreach ($data->items as $item) { $data->email_admin_alternative_fromname = str_replace('{' . $item->recName . '}', cbinternal($item->recValue), $data->email_admin_alternative_fromname); } $fromname = $data->email_admin_alternative_fromname; } $mailer->setSender(array(trim($MailFrom), trim($fromname))); $mailer->addReplyTo(array($from, $fromname)); // recipients foreach ($data->items as $item) { $data->email_admin_recipients = str_replace('{' . $item->recName . '}', cbinternal($item->recValue), $data->email_admin_recipients); } $recipients_checked_admin = array(); $recipients_admin = explode(';', $data->email_admin_recipients); foreach ($recipients_admin as $recipient_admin) { if (contentbuilder_is_email(trim($recipient_admin))) { $recipients_checked_admin[] = trim($recipient_admin); } } $mailer->addBCC($recipients_checked_admin); $email_admin_template = contentbuilder::getEmailTemplate($this->_id, $record_return, $data_email_items, $ids, true); // subject $subject_admin = JText::_('COM_CONTENTBUILDER_EMAIL_RECORD_RECEIVED'); if (trim($data->email_admin_subject)) { foreach ($data->items as $item) { $data->email_admin_subject = str_replace('{' . $item->recName . '}', cbinternal($item->recValue), $data->email_admin_subject); } $subject_admin = $data->email_admin_subject; $subject_admin = str_replace(array('{RECORD_ID}', '{record_id}'), $record_return, $subject_admin); $subject_admin = str_replace(array('{USER_ID}', '{user_id}'), JFactory::getUser()->get('id'), $subject_admin); $subject_admin = str_replace(array('{USERNAME}', '{username}'), JFactory::getUser()->get('username'), $subject_admin); $subject_admin = str_replace(array('{USER_FULL_NAME}', '{user_full_name}'), JFactory::getUser()->get('name'), $subject_admin); $subject_admin = str_replace(array('{EMAIL}', '{email}'), JFactory::getUser()->get('email'), $subject_admin); $subject_admin = str_replace(array('{VIEW_NAME}', '{view_name}'), $data->name, $subject_admin); $subject_admin = str_replace(array('{VIEW_ID}', '{view_id}'), $this->_id, $subject_admin); $subject_admin = str_replace(array('{IP}', '{ip}'), $_SERVER['REMOTE_ADDR'], $subject_admin); } $mailer->setSubject($subject_admin); // attachments foreach ($data->items as $item) { $data->email_admin_recipients_attach_uploads = str_replace('{' . $item->recName . '}', $item->recValue, $data->email_admin_recipients_attach_uploads); } $attachments_admin = explode(';', $data->email_admin_recipients_attach_uploads); $attached_admin = array(); foreach ($attachments_admin as $attachment_admin) { $attachment_admin = explode("\n", str_replace("\r", "", trim($attachment_admin))); foreach ($attachment_admin as $att_admin) { if (strpos(strtolower($att_admin), '{cbsite}') === 0) { $att_admin = str_replace(array('{cbsite}', '{CBSite}'), array(JPATH_SITE, JPATH_SITE), $att_admin); } if (JFile::exists(trim($att_admin))) { $attached_admin[] = trim($att_admin); } } } $mailer->addAttachment($attached_admin); $mailer->isHTML($data->email_admin_html); $mailer->setBody($email_admin_template); if (count($recipients_checked_admin)) { $send = $mailer->Send(); if ($send !== true) { JFactory::getApplication()->enqueueMessage('Error sending email: ' . $mailer->ErrorInfo, 'error'); } } $mailer->ClearAddresses(); $mailer->ClearAllRecipients(); $mailer->ClearAttachments(); } // public email if (trim($data->email_recipients)) { // sender if (trim($data->email_alternative_from)) { foreach ($data->items as $item) { $data->email_alternative_from = str_replace('{' . $item->recName . '}', cbinternal($item->recValue), $data->email_alternative_from); } $from = $data->email_alternative_from; } if (trim($data->email_alternative_fromname)) { foreach ($data->items as $item) { $data->email_alternative_fromname = str_replace('{' . $item->recName . '}', cbinternal($item->recValue), $data->email_alternative_fromname); } $fromname = $data->email_alternative_fromname; } $mailer->setSender(array(trim($MailFrom), trim($fromname))); $mailer->addReplyTo(array($from, $fromname)); // recipients foreach ($data->items as $item) { $data->email_recipients = str_replace('{' . $item->recName . '}', cbinternal($item->recValue), $data->email_recipients); } $recipients_checked = array(); $recipients = explode(';', $data->email_recipients); foreach ($recipients as $recipient) { if (contentbuilder_is_email($recipient)) { $recipients_checked[] = $recipient; } } $mailer->addBCC($recipients_checked); $email_template = contentbuilder::getEmailTemplate($this->_id, $record_return, $data_email_items, $ids, false); // subject $subject = JText::_('COM_CONTENTBUILDER_EMAIL_RECORD_RECEIVED'); if (trim($data->email_subject)) { foreach ($data->items as $item) { $data->email_subject = str_replace('{' . $item->recName . '}', cbinternal($item->recValue), $data->email_subject); } $subject = $data->email_subject; $subject = str_replace(array('{RECORD_ID}', '{record_id}'), $record_return, $subject); $subject = str_replace(array('{USER_ID}', '{user_id}'), JFactory::getUser()->get('id'), $subject); $subject = str_replace(array('{USERNAME}', '{username}'), JFactory::getUser()->get('username'), $subject); $subject = str_replace(array('{EMAIL}', '{email}'), JFactory::getUser()->get('email'), $subject); $subject = str_replace(array('{USER_FULL_NAME}', '{user_full_name}'), JFactory::getUser()->get('name'), $subject); $subject = str_replace(array('{VIEW_NAME}', '{view_name}'), $data->name, $subject); $subject = str_replace(array('{VIEW_ID}', '{view_id}'), $this->_id, $subject); $subject = str_replace(array('{IP}', '{ip}'), $_SERVER['REMOTE_ADDR'], $subject); } $mailer->setSubject($subject); // attachments foreach ($data->items as $item) { $data->email_recipients_attach_uploads = str_replace('{' . $item->recName . '}', $item->recValue, $data->email_recipients_attach_uploads); } $attachments = explode(';', $data->email_recipients_attach_uploads); $attached = array(); foreach ($attachments as $attachment) { $attachment = explode("\n", str_replace("\r", "", trim($attachment))); foreach ($attachment as $att) { if (strpos(strtolower($att), '{cbsite}') === 0) { $att = str_replace(array('{cbsite}', '{CBSite}'), array(JPATH_SITE, JPATH_SITE), $att); } if (JFile::exists(trim($att))) { $attached[] = trim($att); } } } $mailer->addAttachment($attached); $mailer->isHTML($data->email_html); $mailer->setBody($email_template); if (count($recipients_checked)) { $send = $mailer->Send(); if ($send !== true) { JFactory::getApplication()->enqueueMessage('Error sending email: ' . $mailer->ErrorInfo, 'error'); } } $mailer->ClearAddresses(); $mailer->ClearAllRecipients(); $mailer->ClearAttachments(); } } } return $record_return; } } if (!$this->is15) { $cache = JFactory::getCache('com_content'); $cache->clean(); $cache = JFactory::getCache('com_contentbuilder'); $cache->clean(); } else { $cache = JFactory::getCache('com_content'); $cache->clean(); $cache = JFactory::getCache('com_contentbuilder'); $cache->clean(); } return false; }
<?php /** * @package ContentBuilder * @author Markus Bopp * @link http://www.crosstec.de * @license GNU/GPL */ defined('_JEXEC') or die('Restricted access'); $edit_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('edit') : contentbuilder::authorize('edit'); $delete_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('delete') : contentbuilder::authorize('delete'); $view_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('view') : contentbuilder::authorize('view'); JFactory::getDocument()->addScript(JURI::root(true) . '/components/com_contentbuilder/assets/js/contentbuilder.js'); ?> <?php if ($this->author) { JFactory::getDocument()->setMetaData('author', $this->author); } if ($this->robots) { JFactory::getDocument()->setMetaData('robots', $this->robots); } if ($this->rights) { JFactory::getDocument()->setMetaData('rights', $this->rights); } if ($this->metakey) { JFactory::getDocument()->setMetaData('keywords', $this->metakey); } if ($this->metadesc) { JFactory::getDocument()->setMetaData('description', $this->metadesc); }
/** * @package ContentBuilder * @author Markus Bopp * @link http://www.crosstec.de * @license GNU/GPL */ defined('_JEXEC') or die('Restricted access'); require_once JPATH_COMPONENT_ADMINISTRATOR . DS . 'classes' . DS . 'contentbuilder_helpers.php'; $language_allowed = contentbuilder::authorizeFe('language'); $edit_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('edit') : contentbuilder::authorize('edit'); $delete_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('delete') : contentbuilder::authorize('delete'); $view_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('view') : contentbuilder::authorize('view'); $new_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('new') : contentbuilder::authorize('new'); $state_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('state') : contentbuilder::authorize('state'); $publish_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('publish') : contentbuilder::authorize('publish'); $rating_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('rating') : contentbuilder::authorize('rating'); JFactory::getDocument()->addScript(JURI::root(true) . '/components/com_contentbuilder/assets/js/contentbuilder.js'); jimport('joomla.version'); $version = new JVersion(); $th = 'td'; if (version_compare($version->getShortVersion(), '1.6', '>=')) { $th = 'th'; } $___getpost = 'get'; $___tableOrdering = "function tableOrdering"; if (version_compare($version->getShortVersion(), '3.0', '>=')) { $___getpost = 'post'; $___tableOrdering = "Joomla.tableOrdering = function"; } JFactory::getDocument()->addStyleDeclaration($this->theme_css); JFactory::getDocument()->addScriptDeclaration($this->theme_js);
<?php /** * @package ContentBuilder * @author Markus Bopp * @link http://www.crosstec.de * @license GNU/GPL */ defined('_JEXEC') or die('Restricted access'); $new_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('new') : contentbuilder::authorize('new'); $edit_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('edit') : contentbuilder::authorize('edit'); $delete_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('delete') : contentbuilder::authorize('delete'); $view_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('view') : contentbuilder::authorize('view'); $fullarticle_allowed = class_exists('cbFeMarker') ? contentbuilder::authorizeFe('fullarticle') : contentbuilder::authorize('fullarticle'); JFactory::getDocument()->addStyleDeclaration($this->theme_css); JFactory::getDocument()->addScriptDeclaration($this->theme_js); ?> <a name="article_up"></a> <script type="text/javascript"> <!-- function contentbuilder_delete(){ var confirmed = confirm('<?php echo JText::_('COM_CONTENTBUILDER_CONFIRM_DELETE_MESSAGE'); ?> '); if(confirmed){ location.href = '<?php echo 'index.php?option=com_contentbuilder&controller=edit&task=delete' . (JRequest::getVar('tmpl', '') != '' ? '&tmpl=' . JRequest::getVar('tmpl', '') : '') . (JRequest::getVar('layout', '') != '' ? '&layout=' . JRequest::getVar('layout', '') : '') . '&view=edit&id=' . JRequest::getInt('id', 0) . '&cid[]=' . JRequest::getCmd('record_id', 0) . '&Itemid=' . JRequest::getInt('Itemid', 0) . '&limitstart=' . JRequest::getInt('limitstart', 0) . '&filter_order=' . JRequest::getCmd('filter_order'); ?> '; }
function onContentPrepare($context, &$article, &$params, $limitstart = 0, $is_list = false, $form = null, $item = null) { $protect = false; $plugin = JPluginHelper::getPlugin('content', 'contentbuilder_download'); jimport('joomla.html.parameter'); $pluginParams = CBCompat::getParams($plugin->params); jimport('joomla.filesystem.file'); jimport('joomla.filesystem.folder'); if (!JFile::exists(JPATH_SITE . DS . 'administrator' . DS . 'components' . DS . 'com_contentbuilder' . DS . 'classes' . DS . 'contentbuilder.php')) { return true; } $lang = JFactory::getLanguage(); $lang->load('plg_content_contentbuilder_download', JPATH_ADMINISTRATOR); /* * As of Joomla! 1.6 there is just the text passed if the article data is not passed in article context. * (for instance with categories). * But we need the article id, so we use the article id flag from content generation. */ if (is_object($article) && !isset($article->id) && !isset($article->cbrecord) && isset($article->text) && $article->text) { preg_match_all("/<!--\\(cbArticleId:(\\d{1,})\\)-->/si", $article->text, $matched_id); if (isset($matched_id[1]) && isset($matched_id[1][0])) { $article->id = intval($matched_id[1][0]); } } // if this content plugin has been called from within list context if ($is_list) { if (!trim($article->text)) { return true; } $article->cbrecord = $form; $article->cbrecord->items = array(); $article->cbrecord->items[0] = $item; $article->cbrecord->record_id = $item->colRecord; } if (!JFolder::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder')) { JFolder::create(JPATH_SITE . DS . 'media' . DS . 'contentbuilder'); } if (!JFile::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'index.html')) { JFile::write(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'index.html', $def = ''); } if (!JFolder::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins')) { JFolder::create(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins'); } if (!JFile::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'index.html')) { JFile::write(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'index.html', $def = ''); } if (!JFolder::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'download')) { JFolder::create(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'download'); } if (!JFile::exists(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'download' . DS . 'index.html')) { JFile::write(JPATH_SITE . DS . 'media' . DS . 'contentbuilder' . DS . 'plugins' . DS . 'image_scale' . DS . 'index.html', $def = ''); } if (isset($article->id) || isset($article->cbrecord)) { $db = JFactory::getDBO(); $matches = array(); preg_match_all("/\\{CBDownload([^}]*)\\}/i", $article->text, $matches); if (isset($matches[0]) && is_array($matches[0]) && isset($matches[1]) && is_array($matches[1])) { $record = null; $default_title = ''; $protect = 0; $form_id = 0; $record_id = 0; $type = ''; $frontend = true; if (JFactory::getApplication()->isAdmin()) { $frontend = false; } if (isset($article->id) && $article->id && !isset($article->cbrecord)) { // try to obtain the record id if if this is just an article $db->setQuery("Select form.`title_field`,form.`protect_upload_directory`,form.`reference_id`,article.`record_id`,article.`form_id`,form.`type`,form.`published_only`,form.`own_only`,form.`own_only_fe` From #__contentbuilder_articles As article, #__contentbuilder_forms As form Where form.`published` = 1 And form.id = article.`form_id` And article.`article_id` = " . $article->id); $data = $db->loadAssoc(); require_once JPATH_SITE . DS . 'administrator' . DS . 'components' . DS . 'com_contentbuilder' . DS . 'classes' . DS . 'contentbuilder.php'; $form = contentbuilder::getForm($data['type'], $data['reference_id']); if (!$form || !$form->exists) { return true; } if ($form) { $protect = $data['protect_upload_directory']; $record = $form->getRecord($data['record_id'], $data['published_only'], $frontend ? $data['own_only_fe'] ? JFactory::getUser()->get('id', 0) : -1 : ($data['own_only'] ? JFactory::getUser()->get('id', 0) : -1), true); $default_title = $data['title_field']; $form_id = $data['form_id']; $record_id = $data['record_id']; $type = $data['type']; } } else { if (isset($article->cbrecord) && isset($article->cbrecord->id) && $article->cbrecord->id) { $protect = $article->cbrecord->protect_upload_directory; $record = $article->cbrecord->items; $default_title = $article->cbrecord->title_field; $form_id = $article->cbrecord->id; $record_id = $article->cbrecord->record_id; $type = $article->cbrecord->type; } } if (!$is_list) { contentbuilder::setPermissions($form_id, $record_id, $frontend ? '_fe' : ''); if ($frontend) { if (!contentbuilder::authorizeFe('view')) { if (JRequest::getVar('contentbuilder_download_file', '', 'GET', 'STRING', JREQUEST_ALLOWRAW)) { ob_end_clean(); die('No Access'); } else { return true; } } } else { if (!contentbuilder::authorize('view')) { if (JRequest::getVar('contentbuilder_download_file', '', 'GET', 'STRING', JREQUEST_ALLOWRAW)) { ob_end_clean(); die('No Access'); } else { return true; } } } } if (!trim($default_title)) { $default_title = strtotime('now'); } $i = 0; foreach ($matches[1] as $match) { $out = ''; $field = $is_list ? $article->cbrecord->items[0]->recName : ''; $box_style = 'border-width:thin::border-color:#000000::border-style:dashed::padding:5px::'; $info_style = ''; $align = ''; $info = true; $hide_filename = false; $hide_mime = false; $hide_size = false; $hide_downloads = false; $options = explode(';', trim($match)); foreach ($options as $option) { $keyval = explode(':', trim($option), 2); if (count($keyval) == 2) { $value = trim($keyval[1]); switch (strtolower(trim($keyval[0]))) { case 'field': $field = $value; break; case 'info-style': $info_style = $value; break; case 'box-style': $box_style = $value; break; case 'align': $align = $value; break; case 'info': $info = $value == 'true' ? true : false; break; case 'hide-filename': $hide_filename = $value == 'true' ? true : false; break; case 'hide-mime': $hide_mime = $value == 'true' ? true : false; break; case 'hide-size': $hide_size = $value == 'true' ? true : false; break; case 'hide-downloads': $hide_downloads = $value == 'true' ? true : false; break; } } } $is_series = false; if ($field && isset($record) && $record !== null && is_array($record)) { foreach ($record as $item) { if ($default_title == $item->recElementId) { $default_title = $item->recValue; break; } } foreach ($record as $item) { if ($item->recName == $field) { $the_files = explode("\n", str_replace("\r", '', $item->recValue)); $the_files_size = count($the_files); if ($the_files_size > 0) { $is_series = true; } for ($fcnt = 0; $fcnt < $the_files_size; $fcnt++) { $the_value = str_replace(array('{CBSite}', '{cbsite}'), JPATH_SITE, trim($the_files[$fcnt])); if ($the_value) { $exists = JFile::exists($the_value); if ($exists) { $phpversion = explode('-', phpversion()); $phpversion = $phpversion[0]; // because of mime_content_type deprecation if (version_compare($phpversion, '5.3', '<')) { if (function_exists('mime_content_type')) { $mime = mime_content_type($the_value); } else { // fallback if not even that one exists $mime = $this->mime_content_type($the_value); } } else { if (function_exists('finfo_open')) { $finfo = finfo_open(FILEINFO_MIME_TYPE); $mime = finfo_file($finfo, $the_value); finfo_close($finfo); } else { $mime = $this->mime_content_type($the_value); } } if (JRequest::getVar('contentbuilder_download_file', '', 'GET', 'STRING', JREQUEST_ALLOWRAW) == sha1($field . $the_value)) { $download_name = basename(JFilterOutput::stringURLSafe($default_title) . '_' . $the_value); $file_id = md5($type . $item->recElementId . $the_value); if (!JFactory::getSession()->get('downloaded' . $type . $item->recElementId . $file_id, false, 'com_contentbuilder.plugin.download')) { $db->setQuery("Select hits From #__contentbuilder_resource_access Where `type` = " . $db->Quote($type) . " And resource_id = '" . $file_id . "' And element_id = " . $db->Quote($item->recElementId)); if ($db->loadResult() === null) { $db->setQuery("Insert Into #__contentbuilder_resource_access (`type`, form_id, element_id, resource_id, hits) values (" . $db->Quote($type) . "," . intval($form_id) . ", " . $db->Quote($item->recElementId) . ", '" . $file_id . "',1)"); } else { $db->setQuery("Update #__contentbuilder_resource_access Set `type` = " . $db->Quote($type) . ", resource_id = '" . $file_id . "', form_id = " . intval($form_id) . ", element_id = " . $db->Quote($item->recElementId) . ", hits = hits + 1 Where `type` = " . $db->Quote($type) . " And resource_id = '" . $file_id . "' And element_id = " . $db->Quote($item->recElementId)); } $db->query(); } JFactory::getSession()->set('downloaded' . $type . $item->recElementId . $file_id, true, 'com_contentbuilder.plugin.download'); // clean up before displaying @ob_end_clean(); header('Content-Type: application/octet-stream; name="' . $download_name . '"'); header('Content-Disposition: inline; filename="' . $download_name . '"'); header('Content-Length: ' . @filesize($the_value)); // NOTE: if running IIS and CGI, raise the CGI timeout to serve large files @$this->readfile_chunked($the_value); exit; } $info_style_ = $info_style; $box_style_ = $box_style; $info_ = $info; $align_ = $align; $download_name = basename(JFilterOutput::stringURLSafe($default_title) . '_' . $the_value); $file_id = md5($type . $item->recElementId . $the_value); $db->setQuery("Select hits From #__contentbuilder_resource_access Where resource_id = '" . $file_id . "' And `type` = " . intval($type) . " And element_id = " . $db->Quote($item->recElementId)); $hits = $db->loadResult(); if (!$hits) { $hits = 0; } $size = @number_format(filesize($the_value) / (1024 * 1024), 2) . ' MB'; if (!floatval($size)) { $size = @number_format(filesize($the_value) / 1024, 2) . ' kb'; } $hide_filename_ = $hide_filename; $hide_mime_ = $hide_mime; $hide_size_ = $hide_size; $hide_downloads_ = $hide_downloads; $url = JURI::getInstance()->toString(); $open_ = JRoute::_($url . (strstr($url, '?') !== false ? '&' : '?') . 'contentbuilder_download_file=' . sha1($field . $the_value)); $out .= '<div style="' . ($align_ ? 'float: ' . $align_ . ';' : '') . str_replace('::', ';', $box_style_) . '"> <a href="' . $open_ . '">' . JText::_('COM_CONTENTBUILDER_PLUGIN_DOWNLOAD_DOWNLOAD') . '</a>' . ($info_ ? '<div style="' . str_replace('::', ';', $info_style_) . '"> ' . ($hide_filename_ ? '' : '<span class="cbPluginDownloadFilename">' . JText::_('COM_CONTENTBUILDER_PLUGIN_DOWNLOAD_FILENAME') . ':</span> ' . $download_name . '<br/>') . ' ' . ($hide_mime_ ? '' : '<span class="cbPluginDownloadMime">' . JText::_('COM_CONTENTBUILDER_PLUGIN_DOWNLOAD_MIME') . ':</span> ' . $mime . '<br/>') . ' ' . ($hide_size_ ? '' : '<span ' . ($hide_size_ ? ' style="display:none;" ' : '') . 'class="cbPluginDownloadSize">' . JText::_('COM_CONTENTBUILDER_PLUGIN_DOWNLOAD_SIZE') . ':</span> ' . $size . '<br/>') . ' ' . ($hide_downloads_ ? '' : '<span ' . ($hide_downloads_ ? ' style="display:none;" ' : '') . 'class="cbPluginDownloadDownloads">' . JText::_('COM_CONTENTBUILDER_PLUGIN_DOWNLOAD_DOWNLOADS') . ':</span> ' . $hits . '<br/>') . ' </div>' : '') . '</div>'; if ($is_series && $align_ && (strtolower($align_) == 'left' || strtolower($align_) == 'right')) { $out .= '<div style="float:' . strtolower($align_) . ';width: 5px;"> </div>'; } } } } } } } if ($is_series && $align && (strtolower($align) == 'left' || strtolower($align) == 'right')) { $out .= '<div style="clear:' . strtolower($align) . ';"></div>'; } $article->text = str_replace($matches[0][$i], $out, $article->text); $i++; } } } return true; }
function getData() { jimport('joomla.version'); $version = new JVersion(); switch ($this->_subject) { case 'get_unique_values': if ($this->frontend) { if (!contentbuilder::authorizeFe('listaccess')) { return Zend_Json::encode($a = array('code' => 1, 'msg' => JText::_('COM_CONTENTBUILDER_PERMISSIONS_VIEW_NOT_ALLOWED'))); } } else { if (!contentbuilder::authorize('listaccess')) { return Zend_Json::encode($a = array('code' => 1, 'msg' => JText::_('COM_CONTENTBUILDER_PERMISSIONS_VIEW_NOT_ALLOWED'))); } } $this->_db->setQuery("Select `type`, `reference_id`, `rating_slots` From #__contentbuilder_forms Where id = " . $this->_id); $result = $this->_db->loadAssoc(); $form = contentbuilder::getForm($result['type'], $result['reference_id']); if (!$form || !$form->exists) { return Zend_Json::encode($a = array('code' => 2, 'msg' => JText::_('COM_CONTENTBUILDER_FORM_ERROR'))); } $values = $form->getUniqueValues(JRequest::getCmd('field_reference_id', ''), JRequest::getCmd('where_field', ''), JRequest::getVar('where', '')); return Zend_Json::encode($a = array('code' => 0, 'field_reference_id' => JRequest::getCmd('field_reference_id', ''), 'msg' => $values)); break; case 'rating': if ($this->frontend) { if (!contentbuilder::authorizeFe('rating')) { return Zend_Json::encode($a = array('code' => 1, 'msg' => JText::_('COM_CONTENTBUILDER_RATING_NOT_ALLOWED'))); } } else { if (!contentbuilder::authorize('rating')) { return Zend_Json::encode($a = array('code' => 1, 'msg' => JText::_('COM_CONTENTBUILDER_RATING_NOT_ALLOWED'))); } } $this->_db->setQuery("Select `type`, `reference_id`, `rating_slots` From #__contentbuilder_forms Where id = " . $this->_id); $result = $this->_db->loadAssoc(); $form = contentbuilder::getForm($result['type'], $result['reference_id']); if (!$form || !$form->exists) { return Zend_Json::encode($a = array('code' => 2, 'msg' => JText::_('COM_CONTENTBUILDER_FORM_ERROR'))); } $rating = 0; switch ($result['rating_slots']) { case 1: $rating = 1; //$rating = 5; break; case 2: $rating = JRequest::getInt('rate', 5); if ($rating > 5) { $rating = 5; } if ($rating < 4) { $rating = 0; } //if($rating == 2) $rating = 5; break; case 3: $rating = JRequest::getInt('rate', 3); if ($rating > 3) { $rating = 3; } if ($rating < 1) { $rating = 1; } //if($rating == 2) $rating = 3; //if($rating == 3) $rating = 5; break; case 4: $rating = JRequest::getInt('rate', 4); if ($rating > 4) { $rating = 4; } if ($rating < 1) { $rating = 1; } //if($rating == 3) $rating = 4; //if($rating == 4) $rating = 5; break; case 5: $rating = JRequest::getInt('rate', 5); if ($rating > 5) { $rating = 5; } if ($rating < 1) { $rating = 1; } break; } if ($result['rating_slots'] == 2 || $rating) { $_now = JFactory::getDate(); // clear rating cache if (version_compare($version->getShortVersion(), '3.0', '<')) { $___now = $_now->toMySQL(); } else { $___now = $_now->toSql(); } $this->_db->setQuery("Delete From #__contentbuilder_rating_cache Where Datediff('" . $___now . "', `date`) >= 1"); $this->_db->query(); // test if already voted $this->_db->setQuery("Select `form_id` From #__contentbuilder_rating_cache Where `record_id` = " . $this->_db->Quote(JRequest::getCmd('record_id', '')) . " And `form_id` = " . $this->_id . " And `ip` = " . $this->_db->Quote($_SERVER['REMOTE_ADDR'])); $cached = $this->_db->loadResult(); $rated = JFactory::getSession()->get('rated' . $this->_id . JRequest::getCmd('record_id', ''), false, 'com_contentbuilder.rating'); if ($rated || $cached) { return Zend_Json::encode($a = array('code' => 1, 'msg' => JText::_('COM_CONTENTBUILDER_RATED_ALREADY'))); } else { JFactory::getSession()->set('rated' . $this->_id . JRequest::getCmd('record_id', ''), true, 'com_contentbuilder.rating'); } // adding vote $this->_db->setQuery("Update #__contentbuilder_records Set rating_count = rating_count + 1, rating_sum = rating_sum + " . $rating . ", lastip = " . $this->_db->Quote($_SERVER['REMOTE_ADDR']) . " Where `type` = " . $this->_db->Quote($result['type']) . " And `reference_id` = " . $this->_db->Quote($result['reference_id']) . " And `record_id` = " . $this->_db->Quote(JRequest::getCmd('record_id', ''))); $this->_db->query(); // adding vote to cache if (version_compare($version->getShortVersion(), '3.0', '<')) { $___now = $_now->toMySQL(); } else { $___now = $_now->toSql(); } $this->_db->setQuery("Insert Into #__contentbuilder_rating_cache (`record_id`,`form_id`,`ip`,`date`) Values (" . $this->_db->Quote(JRequest::getCmd('record_id', '')) . ", " . $this->_id . "," . $this->_db->Quote($_SERVER['REMOTE_ADDR']) . ",'" . $___now . "')"); $this->_db->query(); // updating article's votes if there is an article bound to the record & view $this->_db->setQuery("Select a.article_id From #__contentbuilder_articles As a, #__content As c Where c.id = a.article_id And (c.state = 1 Or c.state = 0) And a.form_id = " . $this->_id . " And a.record_id = " . $this->_db->Quote(JRequest::getCmd('record_id', ''))); $article_id = $this->_db->loadResult(); if ($article_id) { $this->_db->setQuery("Select content_id From #__content_rating Where content_id = " . $article_id); $exists = $this->_db->loadResult(); if ($exists) { $this->_db->setQuery("\n Update \n #__content_rating As cr, \n #__contentbuilder_records As cbr, \n #__contentbuilder_articles As cba\n Set\n cr.rating_count = cbr.rating_count,\n cr.rating_sum = cbr.rating_sum,\n cr.lastip = cbr.lastip\n Where\n cbr.record_id = " . $this->_db->Quote(JRequest::getCmd('record_id', '')) . "\n And\n cbr.record_id = cba.record_id\n And\n cbr.reference_id = " . $this->_db->Quote($result['reference_id']) . "\n And\n cbr.`type` = " . $this->_db->Quote($result['type']) . " \n And \n cba.form_id = " . $this->_id . "\n And\n cr.content_id = cba.article_id\n "); $this->_db->query(); } else { $this->_db->setQuery("\n Insert Into \n #__content_rating \n (\n content_id,\n rating_sum,\n rating_count,\n lastip\n ) \n Values\n (\n {$article_id},\n {$rating},\n 1,\n " . $this->_db->Quote($_SERVER['REMOTE_ADDR']) . "\n )"); $this->_db->query(); } } } return Zend_Json::encode($a = array('code' => 0, 'msg' => JText::_('COM_CONTENTBUILDER_THANK_YOU_FOR_RATING'))); break; } return null; }