/** * output file * * @param bool $preview * @param int $id * @param UserTable $user */ private function outputFile( $preview, $id, $user ) { global $_CB_framework; $row = CBGroupJiveFile::getFile( (int) $id ); $returnUrl = $_CB_framework->pluginClassUrl( $this->_gjPlugin->element, false, array( 'action' => 'groups', 'func' => 'show', 'id' => (int) $row->get( 'group' ) ) ); if ( $row->get( 'id' ) ) { if ( ! CBGroupJive::canAccessGroup( $row->group(), $user ) ) { cbRedirect( $returnUrl, CBTxt::T( 'Group does not exist.' ), 'error' ); } elseif ( ! CBGroupJive::isModerator( $user->get( 'id' ) ) ) { if ( ( $row->get( 'published' ) != 1 ) && ( CBGroupJive::getGroupStatus( $user, $row->group() ) < 2 ) ) { cbRedirect( $returnUrl, CBTxt::T( 'You do not have access to this file.' ), 'error' ); } } } else { cbRedirect( $returnUrl, CBTxt::T( 'File does not exist.' ), 'error' ); } if ( $preview ) { $row->preview(); } else { $row->download(); } }
/** * prepare frontend files render * * @param string $return * @param GroupTable $group * @param string $users * @param string $invites * @param array $counters * @param array $buttons * @param array $menu * @param cbTabs $tabs * @param UserTable $user * @return array|null */ public function showFiles( &$return, &$group, &$users, &$invites, &$counters, &$buttons, &$menu, &$tabs, $user ) { global $_CB_framework, $_CB_database; CBGroupJive::getTemplate( 'files', true, true, $this->element ); $canModerate = ( CBGroupJive::isModerator( $user->get( 'id' ) ) || ( CBGroupJive::getGroupStatus( $user, $group ) >= 2 ) ); $limit = (int) $this->params->get( 'groups_file_limit', 15 ); $limitstart = $_CB_framework->getUserStateFromRequest( 'gj_group_file_limitstart{com_comprofiler}', 'gj_group_file_limitstart' ); $search = $_CB_framework->getUserStateFromRequest( 'gj_group_file_search{com_comprofiler}', 'gj_group_file_search' ); $where = null; if ( $search && $this->params->get( 'groups_file_search', 1 ) ) { $where .= "\n AND ( f." . $_CB_database->NameQuote( 'title' ) . " LIKE " . $_CB_database->Quote( '%' . $_CB_database->getEscaped( $search, true ) . '%', false ) . " OR f." . $_CB_database->NameQuote( 'filename' ) . " LIKE " . $_CB_database->Quote( '%' . $_CB_database->getEscaped( $search, true ) . '%', false ) . " OR f." . $_CB_database->NameQuote( 'description' ) . " LIKE " . $_CB_database->Quote( '%' . $_CB_database->getEscaped( $search, true ) . '%', false ) . " )"; } $searching = ( $where ? true : false ); $query = 'SELECT COUNT(*)' . "\n FROM " . $_CB_database->NameQuote( '#__groupjive_plugin_file' ) . " AS f" . "\n LEFT JOIN " . $_CB_database->NameQuote( '#__comprofiler' ) . " AS cb" . ' ON cb.' . $_CB_database->NameQuote( 'id' ) . ' = f.' . $_CB_database->NameQuote( 'user_id' ) . "\n LEFT JOIN " . $_CB_database->NameQuote( '#__users' ) . " AS j" . ' ON j.' . $_CB_database->NameQuote( 'id' ) . ' = cb.' . $_CB_database->NameQuote( 'id' ) . "\n WHERE f." . $_CB_database->NameQuote( 'group' ) . " = " . (int) $group->get( 'id' ) . "\n AND cb." . $_CB_database->NameQuote( 'approved' ) . " = 1" . "\n AND cb." . $_CB_database->NameQuote( 'confirmed' ) . " = 1" . "\n AND j." . $_CB_database->NameQuote( 'block' ) . " = 0"; if ( ! $canModerate ) { $query .= "\n AND ( f." . $_CB_database->NameQuote( 'user_id' ) . " = " . (int) $user->get( 'id' ) . ' OR f.' . $_CB_database->NameQuote( 'published' ) . ' = 1 )'; } $query .= $where; $_CB_database->setQuery( $query ); $total = (int) $_CB_database->loadResult(); if ( ( ! $total ) && ( ! $searching ) && ( ! CBGroupJive::canCreateGroupContent( $user, $group, 'file' ) ) ) { return null; } $pageNav = new cbPageNav( $total, $limitstart, $limit ); $pageNav->setInputNamePrefix( 'gj_group_file_' ); switch( (int) $this->params->get( 'groups_file_orderby', 2 ) ) { case 1: $orderBy = 'f.' . $_CB_database->NameQuote( 'date' ) . ' ASC'; break; case 3: $orderBy = 'f.' . $_CB_database->NameQuote( 'filename' ) . ' ASC'; break; case 4: $orderBy = 'f.' . $_CB_database->NameQuote( 'filename' ) . ' DESC'; break; case 2: default: $orderBy = 'f.' . $_CB_database->NameQuote( 'date' ) . ' DESC'; break; } $query = 'SELECT f.*' . "\n FROM " . $_CB_database->NameQuote( '#__groupjive_plugin_file' ) . " AS f" . "\n LEFT JOIN " . $_CB_database->NameQuote( '#__comprofiler' ) . " AS cb" . ' ON cb.' . $_CB_database->NameQuote( 'id' ) . ' = f.' . $_CB_database->NameQuote( 'user_id' ) . "\n LEFT JOIN " . $_CB_database->NameQuote( '#__users' ) . " AS j" . ' ON j.' . $_CB_database->NameQuote( 'id' ) . ' = cb.' . $_CB_database->NameQuote( 'id' ) . "\n WHERE f." . $_CB_database->NameQuote( 'group' ) . " = " . (int) $group->get( 'id' ) . "\n AND cb." . $_CB_database->NameQuote( 'approved' ) . " = 1" . "\n AND cb." . $_CB_database->NameQuote( 'confirmed' ) . " = 1" . "\n AND j." . $_CB_database->NameQuote( 'block' ) . " = 0"; if ( ! $canModerate ) { $query .= "\n AND ( f." . $_CB_database->NameQuote( 'user_id' ) . " = " . (int) $user->get( 'id' ) . ' OR f.' . $_CB_database->NameQuote( 'published' ) . ' = 1 )'; } $query .= $where . "\n ORDER BY " . $orderBy; if ( $this->params->get( 'groups_file_paging', 1 ) ) { $_CB_database->setQuery( $query, $pageNav->limitstart, $pageNav->limit ); } else { $_CB_database->setQuery( $query ); } $rows = $_CB_database->loadObjectList( null, '\CB\Plugin\GroupJiveFile\Table\FileTable', array( $_CB_database ) ); $input = array(); $input['search'] = '<input type="text" name="gj_group_file_search" value="' . htmlspecialchars( $search ) . '" onchange="document.gjGroupFileForm.submit();" placeholder="' . htmlspecialchars( CBTxt::T( 'Search Files...' ) ) . '" class="form-control" />'; CBGroupJiveFile::getFile( $rows ); CBGroupJive::preFetchUsers( $rows ); $group->set( '_files', $pageNav->total ); return array( 'id' => 'file', 'title' => CBTxt::T( 'Files' ), 'content' => HTML_groupjiveFile::showFiles( $rows, $pageNav, $searching, $input, $counters, $group, $user, $this ) ); }