/**
* Deletes tabs and private fields of plugin id
*
* @param int $id id of plugin
*/
function deleteTabAndFieldsOfPlugin($id)
{
global $_CB_database;
//Find all tabs related to this plugin
$_CB_database->setQuery("SELECT `tabid`, `fields` FROM #__comprofiler_tabs WHERE pluginid=" . (int) $id);
$tabs = $_CB_database->loadObjectList();
if (count($tabs) > 0) {
$rowTab = new moscomprofilerTabs($_CB_database);
foreach ($tabs as $tab) {
//Find all fields related to the tab
$_CB_database->setQuery("SELECT `fieldid`, `name` FROM #__comprofiler_fields WHERE `tabid`=" . (int) $tab->tabid . " AND `pluginid`=" . (int) $id);
$fields = $_CB_database->loadObjectList();
$rowField = new moscomprofilerFields($_CB_database);
//Delete fields and fieldValues, but not data content itself in the comprofilier table so they stay on reinstall
if (count($fields) > 0) {
//delete each field related to a tab and all field value related to a field, but not the content
foreach ($fields as $field) {
//Now delete the field itself without deleting the user data, preserving it for reinstall
//$rowField->deleteColumn('#__comprofiler',$field->name); // this would delete the user data
$rowField->delete($field->fieldid);
}
}
$fcount = 0;
if ($tab->fields) {
$_CB_database->setQuery("SELECT COUNT(*) FROM #__comprofiler_fields WHERE tabid=" . (int) $tab->tabid);
$fcount = $_CB_database->loadResult();
if ($fcount > 0) {
$_CB_database->setQuery("UPDATE #__comprofiler_tabs SET `pluginclass`=null, `pluginid`=null WHERE `tabid`=" . (int) $tab->tabid);
$_CB_database->query();
} else {
//delete each tab
$rowTab->delete($tab->tabid);
}
} else {
//delete each tab
$rowTab->delete($tab->tabid);
}
}
}
//Find all fields related to this plugin which are in other tabs, are calculated and delete them as they are of no use anymore:
$_CB_database->setQuery("SELECT `fieldid`, `name` FROM #__comprofiler_fields WHERE `calculated`=1 AND `sys`=0 AND `pluginid`=" . (int) $id);
$fields = $_CB_database->loadObjectList();
$rowField = new moscomprofilerFields($_CB_database);
if (count($fields) > 0) {
foreach ($fields as $field) {
//Now delete the field itself:
$rowField->delete($field->fieldid);
}
}
//Find all fields related to this plugin and set to NULL the now uninstalled plugin.
$_CB_database->setQuery("SELECT COUNT(*) FROM #__comprofiler_fields WHERE pluginid=" . (int) $id);
$fieldsNumber = $_CB_database->loadResult();
if ($fieldsNumber > 0) {
$_CB_database->setQuery("UPDATE #__comprofiler_fields SET pluginid = NULL WHERE pluginid=" . (int) $id);
$_CB_database->query();
}
}
function saveTab( $option ) {
global $_CB_database, $_CB_framework, $_POST;
$this->_importNeeded();
$this->_importNeededSave();
if ( isset( $_POST['params'] ) ) {
$_POST['params'] = cbParamsEditorController::getRawParamsMagicgpcEscaped( $_POST['params'] );
} else {
$_POST['params'] = '';
}
if ( ! isset( $_POST['tabid'] ) || ( count( $_POST ) == 0 ) ) {
echo "<script type=\"text/javascript\"> alert('" . addslashes( CBTxt::T('Missing post values') ) . "'); window.history.go(-2); </script>\n";
exit();
}
if ( $_POST['tabid'] ) {
$oldrow = new moscomprofilerTabs( $_CB_database );
if ( $oldrow->load( (int) $_POST['tabid'] )
&& ( ! in_array( $oldrow->useraccessgroupid, getChildGIDS( userGID( $_CB_framework->myId() ) ) ) ) ) {
echo "<script type=\"text/javascript\"> alert('" . addslashes( CBTxt::T('Unauthorized Access') ) . "'); window.history.go(-1);</script>\n";
exit;
}
}
$row = new moscomprofilerTabs( $_CB_database );
if (!$row->bind( $_POST )) {
echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-1); </script>\n";
exit();
}
if ( ! $row->ordering_register ) {
$row->ordering_register = 10;
}
$row->description = cleanEditorsTranslationJunk( trim( $row->description ) );
if (!$row->check()) {
echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-2); </script>\n";
exit();
}
$row->tabid = (int) cbGetParam( $_POST, 'tabid', 0 );
if ( ! $row->store() ) {
echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-2); </script>\n";
exit();
}
$row->checkin();
cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=showTab" ), CBTxt::T('Successfully Saved Tab') . ": ". $row->title );
}
function saveField($option, $task)
{
global $_CB_database, $_CB_framework, $_POST, $_PLUGINS;
if ($task == 'showField' || !(isset($_POST['oldtabid']) && isset($_POST['fieldid']))) {
cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task={$task}"));
return;
}
$this->_importNeeded();
$this->_importNeededSave();
$fieldOldTab = new moscomprofilerTabs($_CB_database);
if (isset($_POST['oldtabid']) && $_POST['oldtabid']) {
$fieldOldTab->load((int) $_POST['oldtabid']);
// Check if user is a super user:
if (!$_CB_framework->acl->amIaSuperAdmin()) {
// Check if user belongs to useraccessgroupid:
if (!in_array($fieldOldTab->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
// Check if user belongs to viewaccesslevel:
if (!in_array($fieldOldTab->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
}
}
$fid = (int) $_POST['fieldid'];
$row = new moscomprofilerFields($_CB_database);
if ($fid) {
// load the row from the db table
if (!$row->load((int) $fid)) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Innexistant field')) . "'); window.history.go(-1);</script>\n";
exit;
}
$fieldTab = new moscomprofilerTabs($_CB_database);
// load the row from the db table
$fieldTab->load((int) $row->tabid);
// Check if user is a super user:
if (!$_CB_framework->acl->amIaSuperAdmin()) {
// Check if user belongs to useraccessgroupid:
if (!in_array($fieldTab->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
// Check if user belongs to viewaccesslevel:
if (!in_array($fieldTab->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
}
}
$oldrow = new moscomprofilerFields($_CB_database);
foreach (array_keys(get_object_vars($row)) as $k) {
if (substr($k, 0, 1) != '_') {
$oldrow->{$k} = $row->{$k};
}
}
$_PLUGINS->loadPluginGroup('user');
if (!$this->_prov_bind_CB_field($row, $fid)) {
echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
// Set defaults if nothing is found
// Also check if oldrow value to use its current value or default otherwise
// This prevents a tab from storing to database with null values when some inputs are set disabled:
if ($row->tabid == '') {
$row->tabid = $oldrow->tabid != '' ? $oldrow->tabid : 11;
}
if ($row->profile == '') {
$row->profile = $oldrow->profile != '' ? $oldrow->profile : 1;
}
if ($row->registration == '') {
$row->registration = $oldrow->registration != '' ? $oldrow->registration : 1;
}
if ($row->published == '') {
$row->published = $oldrow->published != '' ? $oldrow->published : 1;
}
if ($row->required == '') {
$row->required = $oldrow->required != '' ? $oldrow->required : 0;
}
if ($row->readonly == '') {
$row->readonly = $oldrow->readonly != '' ? $oldrow->readonly : 0;
}
if ($row->tablecolumns != '' && !in_array($row->type, array('password', 'userparams'))) {
$searchable_default = 1;
} else {
$searchable_default = 0;
}
if ($row->searchable == '') {
$row->searchable = $oldrow->searchable != '' ? $oldrow->searchable : $searchable_default;
}
// If the input is disabled we need to apply the default if the tabid isn't in POST:
if (!isset($_POST['tabid'])) {
$_POST['tabid'] = $row->tabid;
}
// Moved above check here just encase it ends up being empty:
if ($task == 'showField' || !isset($_POST['tabid'])) {
cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task={$task}"));
return;
}
// in case the above changed perms.... really ?
$fieldTab = new moscomprofilerTabs($_CB_database);
$fieldTab->load((int) $row->tabid);
// Check if user is a super user:
if (!$_CB_framework->acl->amIaSuperAdmin()) {
// Check if user belongs to useraccessgroupid:
if (!in_array($fieldTab->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
// Check if user belongs to viewaccesslevel:
if (!in_array($fieldTab->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
}
if ($row->type == 'webaddress') {
$row->rows = $_POST['webaddresstypes'];
if (!($row->rows == 0 || $row->rows == 2)) {
$row->rows = 0;
}
}
if ($_POST['oldtabid'] != $_POST['tabid']) {
if ($_POST['oldtabid'] !== '') {
//Re-order old tab
$sql = "UPDATE #__comprofiler_fields SET ordering = ordering-1 WHERE ordering > " . (int) $_POST['ordering'] . " AND tabid = " . (int) $_POST['oldtabid'];
$_CB_database->setQuery($sql);
$_CB_database->query();
}
//Select Last Order in New Tab
$sql = "SELECT MAX(ordering) FROM #__comprofiler_fields WHERE tabid=" . (int) $_POST['tabid'];
$_CB_database->SetQuery($sql);
$max = $_CB_database->LoadResult();
$row->ordering = max($max + 1, 1);
}
if (cbStartOfStringMatch($row->name, 'cb_')) {
$row->name = str_replace(" ", "", strtolower($row->name));
}
if (!$row->check()) {
echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
exit;
}
// Check if user is a super user:
if (!$_CB_framework->acl->amIaSuperAdmin()) {
$canEditState = CBuser::getMyInstance()->authoriseAction('core.edit.state');
// Check if user belongs to useraccessgroupid
if ($fieldTab->useraccessgroupid != '' && !in_array($fieldTab->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
// Check if user belongs to viewaccesslevel
if ($fieldTab->viewaccesslevel != '' && !in_array($fieldTab->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
// Check if user can edit status (and if not, that status are as expected):
if (!$canEditState) {
$failed = false;
// Check if row exists and if tabid is different from existing row
// Check if row doesn't exist and if tabid is different from default
// Check if user can edit status:
if ($oldrow->fieldid && ($row->tabid != '' && $oldrow->tabid != $row->tabid) || !$oldrow->fieldid && ($row->tabid != '' && $row->tabid != 11)) {
$failed = true;
}
// Check if row exists and if profile is different from existing row
// Check if row doesn't exist and if profile is different from default
// Check if user can edit status:
if ($oldrow->fieldid && ($row->profile != '' && $oldrow->profile != $row->profile) || !$oldrow->fieldid && ($row->profile != '' && $row->profile != 1)) {
$failed = true;
}
// Check if row exists and if registration is different from existing row
// Check if row doesn't exist and if registration is different from default
// Check if user can edit status:
if ($oldrow->fieldid && ($row->registration != '' && $oldrow->registration != $row->registration) || !$oldrow->fieldid && ($row->registration != '' && $row->registration != 1)) {
$failed = true;
}
// Check if row exists and if published is different from existing row
// Check if row doesn't exist and if published is different from default
// Check if user can edit status:
if ($oldrow->fieldid && ($row->published != '' && $oldrow->published != $row->published) || !$oldrow->fieldid && ($row->published != '' && $row->published != 1)) {
$failed = true;
}
// Check if row exists and if required is different from existing row
// Check if row doesn't exist and if required is different from default
// Check if user can edit status:
if ($oldrow->fieldid && ($row->required != '' && $oldrow->required != $row->required) || !$oldrow->fieldid && ($row->required != '' && $row->required != 0)) {
$failed = true;
}
// Check if row exists and if readonly is different from existing row
// Check if row doesn't exist and if readonly is different from default
// Check if user can edit status:
if ($oldrow->fieldid && ($row->readonly != '' && $oldrow->readonly != $row->readonly) || !$oldrow->fieldid && ($row->readonly != '' && $row->readonly != 0)) {
$failed = true;
}
// Check if row exists and if searchable is different from existing row
// Check if row doesn't exist and if searchable is different from default
// Check if user can edit status:
if ($oldrow->fieldid && ($row->searchable != '' && $oldrow->searchable != $row->searchable) || !$oldrow->fieldid && ($row->searchable != '' && $row->searchable != $searchable_default)) {
$failed = true;
}
if ($failed) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
}
}
if (!$row->store((int) $fid)) {
echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
exit;
}
$fieldNames = $_POST['vNames'];
$j = 1;
if ($row->fieldid > 0) {
$_CB_database->setQuery("DELETE FROM #__comprofiler_field_values" . " WHERE fieldid = " . (int) $row->fieldid);
if ($_CB_database->query() === false) {
echo $_CB_database->getErrorMsg();
}
} else {
$_CB_database->setQuery("SELECT MAX(fieldid) FROM #__comprofiler_fields");
$maxID = $_CB_database->loadResult();
$row->fieldid = $maxID;
echo $_CB_database->getErrorMsg();
}
//for($i=0, $n=count( $fieldNames ); $i < $n; $i++) {
foreach ($fieldNames as $fieldName) {
if (trim($fieldName) != null || trim($fieldName) != '') {
$_CB_database->setQuery("INSERT INTO #__comprofiler_field_values (fieldid,fieldtitle,ordering)" . " VALUES( " . (int) $row->fieldid . ",'" . cbGetEscaped(trim($fieldName)) . "', " . (int) $j . ")");
if ($_CB_database->query() === false) {
echo $_CB_database->getErrorMsg();
}
$j++;
}
}
switch ($task) {
case 'applyField':
$msg = CBTxt::T('Successfully Saved changes to Field') . ': ' . $row->name;
cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=editField&cid={$row->fieldid}"), $msg);
break;
case 'saveField':
default:
$msg = CBTxt::T('Successfully Saved Field') . ': ' . $row->name;
cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=showField"), $msg);
break;
}
}
function orderTabs($tid, $inc, $option)
{
global $_CB_database, $_CB_framework;
$row = new moscomprofilerTabs($_CB_database);
$row->load((int) $tid);
if (!$_CB_framework->acl->amIaSuperAdmin()) {
if (!in_array($row->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
}
$row->move($inc, "position='{$row->position}' AND ordering > -10000 AND ordering < 10000 ");
cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=showTab"));
}
function orderTabs( $tid, $inc, $option ) {
global $_CB_database, $_CB_framework;
$row = new moscomprofilerTabs( $_CB_database );
$row->load( (int) $tid );
if ( ! in_array( $row->useraccessgroupid, getChildGIDS( userGID( $_CB_framework->myId() ) ) ) ) {
echo "<script type=\"text/javascript\"> alert('" . addslashes( CBTxt::T('Unauthorized Access') ) . "'); window.history.go(-1);</script>\n";
exit;
}
$row->move( $inc, "position='$row->position' AND ordering > -10000 AND ordering < 10000 " );
cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=showTab" ) );
}
function saveField( $option, $task ) {
global $_CB_database, $_CB_framework, $_POST, $_PLUGINS;
if ( ( $task == 'showField' ) || ! ( isset( $_POST['oldtabid'] ) && isset( $_POST['tabid'] ) && isset( $_POST['fieldid'] ) ) ) {
cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=$task" ) );
return;
}
$this->_importNeeded();
$this->_importNeededSave();
$fid = (int) $_POST['fieldid'];
$row = new moscomprofilerFields( $_CB_database );
if ( $fid ) {
// load the row from the db table
if ( ! $row->load( (int) $fid ) ) {
echo "<script type=\"text/javascript\"> alert('" . addslashes( CBTxt::T('Innexistant field') ) . "'); window.history.go(-1);</script>\n";
exit;
}
$fieldTab = new moscomprofilerTabs( $_CB_database );
// load the row from the db table
$fieldTab->load( (int) $row->tabid );
if ( ! in_array( $fieldTab->useraccessgroupid, getChildGIDS( userGID( $_CB_framework->myId() ) ) ) ) {
echo "<script type=\"text/javascript\"> alert('" . addslashes( CBTxt::T('Unauthorized Access') ) ."'); window.history.go(-1);</script>\n";
exit;
}
}
$_PLUGINS->loadPluginGroup( 'user' );
if ( ! $this->_prov_bind_CB_field( $row, $fid ) ) {
echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit();
}
// in case the above changed perms.... really ?
$fieldTab = new moscomprofilerTabs( $_CB_database );
$fieldTab->load( (int) $row->tabid );
if ( ! in_array( $fieldTab->useraccessgroupid, getChildGIDS( userGID( $_CB_framework->myId() ) ) ) ) {
echo "<script type=\"text/javascript\"> alert('" . addslashes( CBTxt::T('Unauthorized Access') ) . "'); window.history.go(-1);</script>\n";
exit;
}
if ($row->type == 'webaddress') {
$row->rows = $_POST['webaddresstypes'];
if ( !(($row->rows == 0) || ($row->rows == 2)) ) {
$row->rows = 0;
}
}
if ( $_POST['oldtabid'] != $_POST['tabid'] ) {
if ( $_POST['oldtabid'] !== '' ) {
//Re-order old tab
$sql = "UPDATE #__comprofiler_fields SET ordering = ordering-1 WHERE ordering > ".(int) $_POST['ordering']." AND tabid = ".(int) $_POST['oldtabid'];
$_CB_database->setQuery($sql);
$_CB_database->query();
}
//Select Last Order in New Tab
$sql = "SELECT MAX(ordering) FROM #__comprofiler_fields WHERE tabid=".(int) $_POST['tabid'];
$_CB_database->SetQuery($sql);
$max = $_CB_database->LoadResult();
$row->ordering = max( $max + 1, 1 );
}
if ( cbStartOfStringMatch( $row->name, 'cb_' ) ) {
$row->name = str_replace(" ", "", strtolower($row->name));
}
if ( ! $row->check() ) {
echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-2); </script>\n";
exit();
}
if ( ! $row->store( (int) $fid ) ) {
echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-2); </script>\n";
exit();
}
$fieldNames = $_POST['vNames'];
$j = 1;
if( $row->fieldid > 0 ) {
$_CB_database->setQuery( "DELETE FROM #__comprofiler_field_values"
. " WHERE fieldid = " . (int) $row->fieldid );
if( $_CB_database->query() === false ) {
echo $_CB_database->getErrorMsg();
}
} else {
$_CB_database->setQuery( "SELECT MAX(fieldid) FROM #__comprofiler_fields");
$maxID = $_CB_database->loadResult();
$row->fieldid = $maxID;
echo $_CB_database->getErrorMsg();
}
//for($i=0, $n=count( $fieldNames ); $i < $n; $i++) {
foreach ($fieldNames as $fieldName) {
if(trim($fieldName)!=null || trim($fieldName)!='') {
$_CB_database->setQuery( "INSERT INTO #__comprofiler_field_values (fieldid,fieldtitle,ordering)"
. " VALUES( " . (int) $row->fieldid . ",'".cbGetEscaped(trim($fieldName))."', " . (int) $j . ")"
);
if ( $_CB_database->query() === false ) {
echo $_CB_database->getErrorMsg();
}
$j++;
}
}
switch ( $task ) {
case 'applyField':
$msg = CBTxt::T('Successfully Saved changes to Field') . ': '. $row->name;
cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=editField&cid=$row->fieldid" ), $msg );
break;
case 'saveField':
default:
$msg = CBTxt::T('Successfully Saved Field') . ': '. $row->name;
cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=showField" ), $msg );
break;
}
}
function saveTab($option)
{
global $_CB_database, $_CB_framework, $_POST;
$this->_importNeeded();
$this->_importNeededSave();
if (isset($_POST['params'])) {
$_POST['params'] = cbParamsEditorController::getRawParamsMagicgpcEscaped($_POST['params']);
} else {
$_POST['params'] = '';
}
if (!isset($_POST['tabid']) || count($_POST) == 0) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Missing post values')) . "'); window.history.go(-2); </script>\n";
exit;
}
$oldrow = new moscomprofilerTabs($_CB_database);
if (isset($_POST['tabid']) && $_POST['tabid']) {
$oldrow->load((int) $_POST['tabid']);
// Check if user is a super user:
if (!$_CB_framework->acl->amIaSuperAdmin()) {
// Check if user belongs to useraccessgroupid:
if (!in_array($oldrow->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
// Check if user belongs to viewaccesslevel:
if (!in_array($oldrow->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
}
}
$row = new moscomprofilerTabs($_CB_database);
if (!$row->bind($_POST)) {
echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
// Set defaults if nothing is found
// Also check if oldrow value to use its current value or default otherwise
// This prevents a tab from storing to database with null values when some inputs are set disabled:
if ($row->useraccessgroupid == '') {
$row->useraccessgroupid = $oldrow->useraccessgroupid != '' ? $oldrow->useraccessgroupid : -2;
}
if ($row->viewaccesslevel == '') {
$row->viewaccesslevel = $oldrow->viewaccesslevel != '' ? $oldrow->viewaccesslevel : 1;
}
if ($row->ordering == '') {
$row->ordering = $oldrow->ordering != '' ? $oldrow->ordering : 999;
}
if ($row->ordering_register == '') {
$row->ordering_register = $oldrow->ordering_register != '' ? $oldrow->ordering_register : 10;
}
if ($row->enabled == '') {
$row->enabled = $oldrow->enabled != '' ? $oldrow->enabled : 1;
}
$row->description = cleanEditorsTranslationJunk(trim($row->description));
if (!$row->check()) {
echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
exit;
}
$row->tabid = (int) cbGetParam($_POST, 'tabid', 0);
// Check if user is a super user:
if (!$_CB_framework->acl->amIaSuperAdmin()) {
$canEditState = CBuser::getMyInstance()->authoriseAction('core.edit.state');
// Check if user belongs to useraccessgroupid
if ($row->useraccessgroupid != '' && !in_array($row->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
// Check if user belongs to viewaccesslevel
if ($row->viewaccesslevel != '' && !in_array($row->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
// Check if user can edit status (and if not, that status are as expected):
if (!$canEditState) {
$failed = false;
// Check if row exists and if useraccessgroupid is different from existing row
// Check if row doesn't exist and if useraccessgroupid is different from default
if ($oldrow->tabid && ($row->useraccessgroupid != '' && $oldrow->useraccessgroupid != $row->useraccessgroupid) || !$oldrow->tabid && ($row->useraccessgroupid != '' && $row->useraccessgroupid != -2)) {
$failed = true;
}
// Check if row exists and if viewaccesslevel is different from existing row
// Check if row doesn't exist and if viewaccesslevel is different from default
// Check if user can edit status:
if ($oldrow->tabid && ($row->viewaccesslevel != '' && $oldrow->viewaccesslevel != $row->viewaccesslevel) || !$oldrow->tabid && ($row->viewaccesslevel != '' && $row->viewaccesslevel != 1)) {
$failed = true;
}
// Check if row exists and if ordering is different from existing row
// Check if row doesn't exist and if ordering is different from default
// Check if user can edit status:
if ($oldrow->tabid && ($row->ordering != '' && $oldrow->ordering != $row->ordering) || !$oldrow->tabid && ($row->ordering != '' && $row->ordering != 999)) {
$failed = true;
}
// Check if row exists and if ordering_register is different from existing row
// Check if row doesn't exist and if ordering_register is different from default
// Check if user can edit status:
if ($oldrow->tabid && ($row->ordering_register != '' && $oldrow->ordering_register != $row->ordering_register) || !$oldrow->tabid && ($row->ordering_register != '' && $row->ordering_register != 10)) {
$failed = true;
}
// Check if row exists and if publish is different from existing row
// Check if row doesn't exist and if publish is different from default
// Check if user can edit status:
if ($oldrow->tabid && ($row->enabled != '' && $oldrow->enabled != $row->enabled) || !$oldrow->tabid && ($row->enabled != '' && $row->enabled != 1)) {
$failed = true;
}
if ($failed) {
echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
exit;
}
}
}
if (!$row->store()) {
echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
exit;
}
$row->checkin();
cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=showTab"), CBTxt::T('Successfully Saved Tab') . ": " . $row->title);
}