/** * Map Child Resources * * @return void */ private function _mapChildData() { // do we have an array of child resources? if (isset($this->raw->children) && is_array($this->raw->children)) { // loop through each child resource and bind as a resource object foreach ($this->raw->children as $child) { $childResource = new Tables\Resource($this->_database); $childResource->bind($child); // add this child to array_push($this->record->children, $childResource); } } }
/** * Process the compose step * * @return void */ public function step_compose_process() { // Initiate extended database class $row = new Resource($this->database); $row->load(Request::getInt('id', 0)); if (!$row->bind($_POST)) { throw new Exception($row->getError(), 500); } $isNew = $row->id < 1 || substr($row->id, 0, 4) == '9999'; $row->created = $row->created ? $row->created : Date::toSql(); $row->created_by = $row->created_by ? $row->created_by : User::get('id'); // Set status to "composing" if ($isNew) { $row->published = 2; } else { $row->published = $row->published ?: 2; } $row->publish_up = $row->publish_up && $row->publish_up != '0000-00-00 00:00:00' ? $row->publish_up : Date::toSql(); $row->publish_down = $row->publish_down && $row->publish_down != '0000-00-00 00:00:00' ? $row->publish_down : '0000-00-00 00:00:00'; $row->modified = Date::toSql(); $row->modified_by = User::get('id'); $row->access = $row->access ?: 0; $row->fulltxt = trim(preg_replace('/\\\\/', "%5C", $row->fulltxt)); $row->introtext = String::truncate(strip_tags($row->fulltxt), 500); //$row->fulltxt = $this->_txtAutoP($row->fulltxt, 1); // Get custom areas, add wrapper tags, and compile into fulltxt $type = new Type($this->database); $type->load($row->type); include_once PATH_CORE . DS . 'components' . DS . 'com_resources' . DS . 'models' . DS . 'elements.php'; $elements = new Elements(array(), $type->customFields); $schema = $elements->getSchema(); $fields = array(); if (is_object($schema)) { foreach ($schema->fields as $field) { $fields[$field->name] = $field; } } $nbtag = isset($_POST['nbtag']) ? $_POST['nbtag'] : array(); $found = array(); foreach ($nbtag as $tagname => $tagcontent) { $f = ''; $row->fulltxt .= "\n" . '<nb:' . $tagname . '>'; if (is_array($tagcontent)) { $c = count($tagcontent); $num = 0; foreach ($tagcontent as $key => $val) { if (trim($val)) { $num++; } $row->fulltxt .= '<' . $key . '>' . trim($val) . '</' . $key . '>'; } if ($c == $num) { $f = 'found'; } } else { $f = trim($tagcontent); if ($f) { $row->fulltxt .= trim($tagcontent); //(isset($fields[$tagname]) && $fields[$tagname]->type == 'textarea') ? $this->_txtAutoP(trim($tagcontent), 1) : trim($tagcontent); } } $row->fulltxt .= '</nb:' . $tagname . '>' . "\n"; if (!$f && isset($fields[$tagname]) && $fields[$tagname]->required) { $this->setError(Lang::txt('COM_CONTRIBUTE_REQUIRED_FIELD_CHECK', $fields[$tagname]->label)); } $found[] = $tagname; } foreach ($fields as $field) { if (!in_array($field->name, $found) && $field->required) { $found[] = $field->name; $this->setError(Lang::txt('COM_CONTRIBUTE_REQUIRED_FIELD_CHECK', $field->label)); } } $row->title = preg_replace('/\\s+/', ' ', $row->title); $row->title = $this->_txtClean($row->title); // Strip any scripting there may be if (trim($row->fulltxt)) { $row->fulltxt = \Components\Resources\Helpers\Html::stripStyles($row->fulltxt); $row->fulltxt = $this->_txtClean($row->fulltxt); //$row->fulltxt = $this->_txtAutoP($row->fulltxt, 1); $row->footertext = $this->_txtClean($row->footertext); } // Check content if (!$row->check()) { $this->setError($row->getError()); } // Fall back to step if any errors found if ($this->getError()) { $this->step--; $this->view->step = $this->step; $this->view->setLayout('compose'); $this->step_compose($row); return; } // reset id if ($isNew) { $row->id = null; } // Store new content if (!$row->store()) { $this->setError(Lang::txt('Error: Failed to store changes.')); $this->step--; $this->view->step = $this->step; $this->view->setLayout('compose'); $this->step_compose($row); return; } // build path to temp upload folder and future permanent folder $session = App::get('session'); $created = Date::format('Y-m-d 00:00:00'); $oldPath = PATH_APP . DS . trim($this->config->get('uploadpath', '/site/resources'), DS) . Html::build_path($created, $session->get('resources_temp_id'), ''); $newPath = PATH_APP . DS . trim($this->config->get('uploadpath', '/site/resources'), DS) . Html::build_path($row->created, $row->id, ''); // if we have a temp dir, move it to permanent location if (is_dir($oldPath)) { \Filesystem::move($oldPath, $newPath); $old = DS . $session->get('resources_temp_id') . DS; $new = DS . $row->id . DS; // update all images in abstract $row->introtext = str_replace($old, $new, $row->introtext); $row->fulltxt = str_replace($old, $new, $row->fulltxt); $row->store(); // clear temp id $session->clear('resources_temp_id'); } // Checkin the resource $row->checkin(); // Is it a new resource? if ($isNew) { // Get the resource ID if (!$row->id) { $row->id = $row->insertid(); } // Automatically attach this user as the first author Request::setVar('pid', $row->id); Request::setVar('id', $row->id); Request::setVar('authid', User::get('id')); include_once __DIR__ . DS . 'authors.php'; $authors = new Authors(); $authors->saveTask(0); } }
/** * Checks in a checked-out resource and redirects * * @return void */ public function cancelTask() { // Check for request forgeries Request::checkToken(); // Incoming $id = Request::getInt('id', 0); $pid = Request::getInt('pid', 0); // Checkin the resource $row = new Resource($this->database); $row->bind($_POST); $row->checkin(); // Redirect App::redirect($this->buildRedirectURL($pid)); }
/** * Save an attachment * * @return void */ public function saveTask() { if (Request::getVar('no_html', 0)) { return $this->ajaxUploadTask(); } // Incoming $pid = Request::getInt('pid', 0); if (!$pid) { $this->setError(Lang::txt('CONTRIBUTE_NO_ID')); $this->displayTask($pid); return; } // Incoming file $file = Request::getVar('upload', '', 'files', 'array'); if (!$file['name']) { $this->setError(Lang::txt('CONTRIBUTE_NO_FILE')); $this->displayTask($pid); return; } // Make the filename safe $file['name'] = \Filesystem::clean($file['name']); // Ensure file names fit. $ext = \Filesystem::extension($file['name']); $file['name'] = str_replace(' ', '_', $file['name']); if (strlen($file['name']) > 230) { $file['name'] = substr($file['name'], 0, 230); $file['name'] .= '.' . $ext; } // Instantiate a new resource object $row = new Resource($this->database); if (!$row->bind($_POST)) { $this->setError($row->getError()); $this->displayTask($pid); return; } $row->title = $row->title ? $row->title : $file['name']; $row->introtext = $row->title; $row->created = Date::toSql(); $row->created_by = User::get('id'); $row->published = 1; $row->publish_up = Date::toSql(); $row->publish_down = '0000-00-00 00:00:00'; $row->standalone = 0; $row->path = ''; // make sure no path is specified just yet // Check content if (!$row->check()) { $this->setError($row->getError()); $this->displayTask($pid); return; } // File already exists if ($row->loadByFile($file['name'], $pid)) { $this->setError(Lang::txt('A file with this name and type appears to already exist.')); $this->displayTask($pid); return; } // Store new content if (!$row->store()) { $this->setError($row->getError()); $this->displayTask($pid); return; } if (!$row->id) { $row->id = $row->insertid(); } // Build the path $listdir = $this->_buildPathFromDate($row->created, $row->id, ''); $path = $this->_buildUploadPath($listdir, ''); // Make sure the upload path exist if (!is_dir($path)) { if (!\Filesystem::makeDirectory($path)) { $this->setError(Lang::txt('COM_CONTRIBUTE_UNABLE_TO_CREATE_UPLOAD_PATH')); $this->displayTask($pid); return; } } // Perform the upload if (!\Filesystem::upload($file['tmp_name'], $path . DS . $file['name'])) { $this->setError(Lang::txt('COM_CONTRIBUTE_ERROR_UPLOADING')); } else { // File was uploaded // Check the file type $row->type = $this->_getChildType($file['name']); // If it's a package (ZIP, etc) ... /* Breeze presentations haven't been used for some time. Completely unnecessary code? if ($row->type == 38) { require_once(PATH_CORE . DS . 'includes' . DS . 'pcl' . DS . 'pclzip.lib.php'); if (!extension_loaded('zlib')) { $this->setError(Lang::txt('COM_CONTRIBUTE_ZLIB_PACKAGE_REQUIRED')); } else { // Check the table of contents and look for a Breeze viewer.swf file $isbreeze = 0; $zip = new PclZip($path . DS . $file['name']); $file_to_unzip = preg_replace('/(.+)\..*$/', '$1', $path . DS . $file['name']); if (($list = $zip->listContent()) == 0) { die('Error: '.$zip->errorInfo(true)); } for ($i=0; $i<sizeof($list); $i++) { if (substr($list[$i]['filename'], strlen($list[$i]['filename']) - 10, strlen($list[$i]['filename'])) == 'viewer.swf') { $isbreeze = $list[$i]['filename']; break; } //$this->setError(substr($list[$i]['filename'], strlen($list[$i]['filename']), -4).' '.substr($file['name'], strlen($file['name']), -4)); } if (!$isbreeze) { for ($i=0; $i<sizeof($list); $i++) { if (strtolower(substr($list[$i]['filename'], -3)) == 'swf' && substr($list[$i]['filename'], strlen($list[$i]['filename']), -4) == substr($file['name'], strlen($file['name']), -4)) { $isbreeze = $list[$i]['filename']; break; } //$this->setError(substr($list[$i]['filename'], strlen($list[$i]['filename']), -4).' '.substr($file['name'], strlen($file['name']), -4)); } } // It IS a breeze presentation if ($isbreeze) { // unzip the file $do = $zip->extract($path); if (!$do) { $this->setError(Lang::txt('COM_CONTRIBUTE_UNABLE_TO_EXTRACT_PACKAGE')); } else { $row->path = $listdir . DS . $isbreeze; @unlink($path . DS . $file['name']); } $row->type = $this->_getChildType($row->path); $row->title = $isbreeze; } } }*/ } // Scan for viruses $fpath = $path . DS . $file['name']; if (!\Filesystem::isSafe($fpath)) { if (\Filesystem::delete($fpath)) { // Delete associations to the resource $row->deleteExistence(); // Delete resource $row->delete(); } $this->setError(Lang::txt('File rejected because the anti-virus scan failed.')); $this->displayTask($pid); return; } if (!$row->path) { $row->path = $listdir . DS . $file['name']; } $row->path = ltrim($row->path, DS); // Store new content if (!$row->store()) { $this->setError($row->getError()); $this->displayTask($pid); return; } // Instantiate a Resources Assoc object $assoc = new Assoc($this->database); // Get the last child in the ordering $assoc->ordering = $assoc->getLastOrder($pid); $assoc->ordering = $assoc->ordering ? $assoc->ordering : 0; // Increase the ordering - new items are always last $assoc->ordering++; // Create new parent/child association $assoc->parent_id = $pid; $assoc->child_id = $row->id; $assoc->grouping = 0; if (!$assoc->check()) { $this->setError($assoc->getError()); } if (!$assoc->store(true)) { $this->setError($assoc->getError()); } else { if (is_readable($path . DS . $file['name'])) { $hash = @sha1_file($path . DS . $file['name']); if (!empty($hash)) { $this->database->setQuery('SELECT id FROM `#__document_text_data` WHERE hash = \'' . $hash . '\''); if (!($doc_id = $this->database->loadResult())) { $this->database->execute('INSERT INTO `#__document_text_data` (hash) VALUES (\'' . $hash . '\')'); $doc_id = $this->database->insertId(); } $this->database->execute('INSERT IGNORE INTO `#__document_resource_rel` (document_id, resource_id) VALUES (' . (int) $doc_id . ', ' . (int) $row->id . ')'); system('/usr/bin/textifier ' . escapeshellarg($path . DS . $file['name']) . ' >/dev/null'); } } } // Push through to the attachments view $this->displayTask($pid); }