/** * Change the customers' password * * If no customer is logged in, redirects to the login page. * Returns true only after the password has been updated successfully. * @return boolean True on success, false otherwise */ static function _changepass() { global $_ARRAYLANG; if (!self::$objCustomer) { \Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'login') . '?redirect=' . base64_encode(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'changepass'))); } if (isset($_POST['shopNewPassword'])) { if (empty($_POST['shopCurrentPassword'])) { return \Message::error($_ARRAYLANG['TXT_SHOP_ENTER_CURRENT_PASSWORD']); } $password_old = contrexx_input2raw($_POST['shopCurrentPassword']); if (md5($password_old) != self::$objCustomer->password()) { return \Message::error($_ARRAYLANG['TXT_SHOP_WRONG_CURRENT_PASSWORD']); } $password = contrexx_input2raw($_POST['shopNewPassword']); if (empty($password)) { return \Message::error($_ARRAYLANG['TXT_SHOP_SPECIFY_NEW_PASSWORD']); } if (empty($_POST['shopConfirmPassword'])) { return \Message::error($_ARRAYLANG['TXT_SHOP_PASSWORD_NOT_CONFIRMED']); } $password_confirm = contrexx_input2raw($_POST['shopConfirmPassword']); if ($password != $password_confirm) { return \Message::error($_ARRAYLANG['TXT_SHOP_PASSWORD_NOT_CONFIRMED']); } if (strlen($password) < 6) { return \Message::error($_ARRAYLANG['TXT_PASSWORD_MIN_CHARS']); } if (!self::$objCustomer->password($password)) { return \Message::error($_ARRAYLANG['TXT_SHOP_PASSWORD_INVALID']); } if (!self::$objCustomer->store()) { return \Message::error($_ARRAYLANG['TXT_SHOP_PASSWORD_ERROR_UPDATING']); } return \Message::ok($_ARRAYLANG['TXT_SHOP_PASSWORD_CHANGED_SUCCESSFULLY']); } self::$objTemplate->setVariable(array('SHOP_PASSWORD_CURRENT' => $_ARRAYLANG['SHOP_PASSWORD_CURRENT'], 'SHOP_PASSWORD_NEW' => $_ARRAYLANG['SHOP_PASSWORD_NEW'], 'SHOP_PASSWORD_CONFIRM' => $_ARRAYLANG['SHOP_PASSWORD_CONFIRM'], 'SHOP_PASSWORD_CHANGE' => $_ARRAYLANG['SHOP_PASSWORD_CHANGE'])); return false; }
/** * Updates the Order status with parameter values from the GET request * @return boolean True on success, false on failure, * or null (on NOOP) * @todo Should definitely use POST instead. */ static function updateStatusFromGet() { global $objDatabase, $_ARRAYLANG; // Update the order status if valid if (!isset($_GET['changeOrderStatus']) || empty($_GET['order_id'])) { return null; } $status = intval($_GET['changeOrderStatus']); $order_id = intval($_GET['order_id']); if ($status < Order::STATUS_PENDING || $status >= Order::STATUS_MAX || $order_id <= 0) { \Message::error($_ARRAYLANG['TXT_SHOP_ORDER_ERROR_UPDATING_STATUS']); \Cx\Core\Csrf\Controller\Csrf::redirect('index.php?cmd=Shop&act=orders'); } $objUser = \FWUser::getFWUserObject()->objUser; $query = "\n UPDATE `" . DBPREFIX . "module_shop" . MODULE_INDEX . "_orders`\n SET `status`={$status},\n `modified_by`='" . addslashes($objUser->getUsername()) . "',\n `modified_on`='" . date('Y-m-d H:i:s') . "'\n WHERE `id`={$order_id}"; if (!$objDatabase->Execute($query)) { \Message::error($_ARRAYLANG['TXT_SHOP_ORDER_ERROR_UPDATING_STATUS']); \Cx\Core\Csrf\Controller\Csrf::redirect('index.php?cmd=Shop&act=orders'); } // Send an email to the customer if (!empty($_GET['sendMail']) && !empty($_GET['order_id'])) { // TODO: It might be useful to move this to its own method: $hasMail = false; $result = null; switch ($status) { case Order::STATUS_CONFIRMED: $result = ShopLibrary::sendConfirmationMail($_GET['order_id']); $hasMail = true; break; case Order::STATUS_COMPLETED: $result = ShopManager::sendProcessedMail($_GET['order_id']); $hasMail = true; break; } if ($hasMail) { if (!empty($result)) { \Message::ok(sprintf($_ARRAYLANG['TXT_EMAIL_SEND_SUCCESSFULLY'], $result)); } else { \Message::error($_ARRAYLANG['TXT_MESSAGE_SEND_ERROR']); } } } \Cx\Core\Csrf\Controller\Csrf::redirect('index.php?cmd=Shop&act=orders'); }
/** * Check out the payment processor associated with the payment processor * selected by {@link initProcessor()}. * * If the page is redirected, or has already been handled, returns the empty * string. * In the other cases, returns HTML code for the payment form and to insert * a picture representing the payment method. * @return string Empty string, or HTML code * @static */ static function checkOut() { global $_ARRAYLANG; if (!is_array(self::$arrPaymentProcessor)) { self::init(); } $return = ''; // @since 3.0.5: Names are now lowercase, i.e. "internal" instead of "Internal" switch (self::getPaymentProcessorName()) { case 'internal': \Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop' . MODULE_INDEX, 'success', '', array('result' => 1, 'handler' => 'internal'))); case 'internal_lsv': \Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop' . MODULE_INDEX, 'success', '', array('result' => 1, 'handler' => 'internal'))); case 'internal_creditcard': // Not implemented \Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop' . MODULE_INDEX, 'success', '', array('result' => 1, 'handler' => 'internal'))); case 'internal_debit': // Not implemented \Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop' . MODULE_INDEX, 'success', '', array('result' => 1, 'handler' => 'internal'))); case 'saferpay': case 'saferpay_all_cards': case 'saferpay_mastercard_multipay_car': // Obsolete // Obsolete case 'saferpay_visa_multipay_car': // Obsolete $return = self::_SaferpayProcessor(); break; case 'yellowpay': // was: 'PostFinance_DebitDirect' $return = self::_YellowpayProcessor(); break; case 'payrexx': $return = self::_PayrexxProcessor(); break; // Added 20100222 -- Reto Kohli // Added 20100222 -- Reto Kohli case 'mobilesolutions': $return = \PostfinanceMobile::getForm(intval(bcmul($_SESSION['shop']['grand_total_price'], 100, 0)), $_SESSION['shop']['order_id']); if ($return) { //DBG::log("Postfinance Mobile getForm() returned:"); //DBG::log($return); } else { \DBG::log("PaymentProcessing::checkOut(): ERROR: Postfinance Mobile getForm() failed"); \DBG::log("Postfinance Mobile error messages:"); foreach (\PostfinanceMobile::getErrors() as $error) { \DBG::log($error); } } break; // Added 20081117 -- Reto Kohli // Added 20081117 -- Reto Kohli case 'datatrans': $return = self::getDatatransForm(Currency::getActiveCurrencyCode()); break; case 'paypal': $order_id = $_SESSION['shop']['order_id']; $account_email = \Cx\Core\Setting\Controller\Setting::getValue('paypal_account_email', 'Shop'); $item_name = $_ARRAYLANG['TXT_SHOP_PAYPAL_ITEM_NAME']; $currency_code = Currency::getCodeById($_SESSION['shop']['currencyId']); $amount = $_SESSION['shop']['grand_total_price']; $return = \PayPal::getForm($account_email, $order_id, $currency_code, $amount, $item_name); break; case 'paymill_cc': case 'paymill_elv': case 'paymill_iban': $return = self::_PaymillProcessor(self::getPaymentProcessorName()); break; case 'dummy': $return = \Dummy::getForm(); break; } // shows the payment picture $return .= self::_getPictureCode(); return $return; }
/** * Sets the placeholders used for the event * * @param object $objTpl Template object * @param integer $eventId Event Id * @param integer $eventStartDate Description * * @return null */ function showEvent($objTpl, $eventId, $eventStartDate) { global $objInit, $_ARRAYLANG, $_LANGID, $_CONFIG; $this->getSettings(); if ($objInit->mode == 'frontend' && ($eventId != null && $eventStartDate != null)) { $objEvent = $this->eventList[0]; if (empty($objEvent)) { \Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd($this->moduleName, '')); return; } if (!$objEvent->status) { \Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd($this->moduleName, '')); return; } if ($objEvent->access == 1 && !\FWUser::getFWUserObject()->objUser->login()) { $link = base64_encode(CONTREXX_SCRIPT_PATH . '?' . $_SERVER['QUERY_STRING']); \Cx\Core\Csrf\Controller\Csrf::redirect(CONTREXX_SCRIPT_PATH . "?section=Login&redirect=" . $link); return; } $objCategory = new \Cx\Modules\Calendar\Controller\CalendarCategory($objEvent->catId); list($priority, $priorityImg) = $this->getPriorityImage($objEvent); $plainDescription = contrexx_html2plaintext($objEvent->description); if (strlen($plainDescription) > 100) { $points = '...'; } else { $points = ''; } $parts = explode("\n", wordwrap($plainDescription, 100, "\n")); $attachNamePos = strrpos($objEvent->attach, '/'); $attachNamelength = strlen($objEvent->attach); $attachName = substr($objEvent->attach, $attachNamePos + 1, $attachNamelength); $hostUri = ''; $hostTarget = ''; if ($objEvent->external) { $objHost = new \Cx\Modules\Calendar\Controller\CalendarHost($objEvent->hostId); if (substr($objHost->uri, -1) != '/') { $hostUri = $objHost->uri . '/'; } else { $hostUri = $objHost->uri; } if (substr($hostUri, 0, 7) != 'http://') { $hostUri = "http://" . $hostUri; } $hostTarget = 'target="_blank"'; } if ($this->arrSettings['showEventsOnlyInActiveLanguage'] == 2) { $_LANGID = $objEvent->availableLang; } $picThumb = file_exists(\Env::get('cx')->getWebsitePath() . $objEvent->pic . ".thumb") ? $objEvent->pic . ".thumb" : $objEvent->pic; $startDate = $objEvent->startDate; $endDate = $objEvent->endDate; if ($objEvent->numSubscriber) { $freeSeats = \FWValidator::isEmpty($objEvent->getFreePlaces()) ? '0 (' . $_ARRAYLANG['TXT_CALENDAR_SAVE_IN_WAITLIST'] . ')' : $objEvent->getFreePlaces(); } else { $freeSeats = $_ARRAYLANG['TXT_CALENDAR_YES']; } if (in_array($objEvent->registration, array(CalendarEvent::EVENT_REGISTRATION_NONE, CalendarEvent::EVENT_REGISTRATION_EXTERNAL))) { $freeSeats = $_ARRAYLANG['TXT_CALENDAR_NOT_SPECIFIED']; } $objTpl->setVariable(array($this->moduleLangVar . '_EVENT_ID' => $objEvent->id, $this->moduleLangVar . '_EVENT_START' => $this->format2userDateTime($startDate), $this->moduleLangVar . '_EVENT_START_DATE' => $this->format2userDate($startDate), $this->moduleLangVar . '_EVENT_START_TIME' => $this->format2userTime($startDate), $this->moduleLangVar . '_EVENT_END' => $this->format2userDateTime($endDate), $this->moduleLangVar . '_EVENT_END_DATE' => $this->format2userDate($endDate), $this->moduleLangVar . '_EVENT_END_TIME' => $this->format2userTime($endDate), $this->moduleLangVar . '_EVENT_TITLE' => $objEvent->title, $this->moduleLangVar . '_EVENT_TEASER' => $objEvent->teaser, $this->moduleLangVar . '_EVENT_ATTACHMENT' => $objEvent->attach != '' ? '<a href="' . $hostUri . $objEvent->attach . '" target="_blank" >' . $attachName . '</a>' : '', $this->moduleLangVar . '_EVENT_ATTACHMENT_SOURCE' => $objEvent->attach, $this->moduleLangVar . '_EVENT_PICTURE' => $objEvent->pic != '' ? '<img src="' . $hostUri . $objEvent->pic . '" alt="' . $objEvent->title . '" title="' . $objEvent->title . '" />' : '', $this->moduleLangVar . '_EVENT_PICTURE_SOURCE' => $objEvent->pic, $this->moduleLangVar . '_EVENT_THUMBNAIL' => $picThumb != '' ? '<img src="' . $hostUri . $picThumb . '" alt="' . $objEvent->title . '" title="' . $objEvent->title . '" />' : '', $this->moduleLangVar . '_EVENT_DESCRIPTION' => $objEvent->description, $this->moduleLangVar . '_EVENT_SHORT_DESCRIPTION' => $parts[0] . $points, $this->moduleLangVar . '_EVENT_LINK' => $objEvent->link ? "<a href='" . $objEvent->link . "' target='_blank' >" . $objEvent->link . "</a>" : "", $this->moduleLangVar . '_EVENT_LINK_SOURCE' => $objEvent->link, $this->moduleLangVar . '_EVENT_PRIORITY' => $priority, $this->moduleLangVar . '_EVENT_PRIORITY_IMG' => $priorityImg, $this->moduleLangVar . '_EVENT_CATEGORY' => $objCategory->name, $this->moduleLangVar . '_EVENT_EXPORT_LINK' => $hostUri . 'index.php?section=' . $this->moduleName . '&export=' . $objEvent->id, $this->moduleLangVar . '_EVENT_EXPORT_ICON' => '<a href="' . $hostUri . 'index.php?section=' . $this->moduleName . '&export=' . $objEvent->id . '"><img src="modules/Calendar/View/Media/ical_export.gif" border="0" title="' . $_ARRAYLANG['TXT_CALENDAR_EXPORT_ICAL_EVENT'] . '" alt="' . $_ARRAYLANG['TXT_CALENDAR_EXPORT_ICAL_EVENT'] . '" /></a>', $this->moduleLangVar . '_EVENT_PRICE' => $this->arrSettings['paymentCurrency'] . ' ' . $objEvent->price, $this->moduleLangVar . '_EVENT_FREE_PLACES' => $freeSeats, $this->moduleLangVar . '_EVENT_ACCESS' => $_ARRAYLANG['TXT_CALENDAR_EVENT_ACCESS_' . $objEvent->access], $this->moduleLangVar . '_REGISTRATIONS_SUBSCRIBER' => $objEvent->numSubscriber)); //show date and time by user settings if ($objTpl->blockExists('calendarDateDetail')) { $showStartDateDetail = $objEvent->useCustomDateDisplay ? $objEvent->showStartDateDetail : $this->arrSettings['showStartDateDetail'] == 1; $showEndDateDetail = $objEvent->useCustomDateDisplay ? $objEvent->showEndDateDetail : $this->arrSettings['showEndDateDetail'] == 1; $showStartTimeDetail = $objEvent->all_day ? false : ($objEvent->useCustomDateDisplay ? $objEvent->showStartTimeDetail : $this->arrSettings['showStartTimeDetail'] == 1); $showEndTimeDetail = $objEvent->all_day ? false : ($objEvent->useCustomDateDisplay ? $objEvent->showEndTimeDetail : $this->arrSettings['showEndTimeDetail'] == 1); $showTimeTypeDetail = $objEvent->useCustomDateDisplay ? $objEvent->showTimeTypeDetail : 1; // get date for several days format > show starttime with startdate and endtime with enddate > only if several days event and all values (dates/times) are displayed if ($this->format2userDate($startDate) != $this->format2userDate($endDate) && ($showStartDateDetail && $showEndDateDetail && $showStartTimeDetail && $showEndTimeDetail)) { //part 1 $part = 1; $this->getMultiDateBlock($objEvent, $this->arrSettings['separatorDateTimeDetail'], $this->arrSettings['separatorSeveralDaysDetail'], $this->arrSettings['showClockDetail'] == 1, $part); $objTpl->setVariable(array($this->moduleLangVar . '_DATE_DETAIL' => $this->date, $this->moduleLangVar . '_SEP_DATE_TIME_DETAIL' => $this->sepDateTime, $this->moduleLangVar . '_TIME_DETAIL' => $this->time, 'TXT_' . $this->moduleLangVar . '_CLOCK_DETAIL' => $this->clock)); $objTpl->parse('calendarDateDetail'); //part 2 $part = 2; $this->getMultiDateBlock($objEvent, $this->arrSettings['separatorDateTimeDetail'], $this->arrSettings['separatorSeveralDaysDetail'], $this->arrSettings['showClockDetail'] == 1, $part); $objTpl->setVariable(array($this->moduleLangVar . '_DATE_DETAIL' => $this->date, $this->moduleLangVar . '_SEP_DATE_TIME_DETAIL' => $this->sepDateTime, $this->moduleLangVar . '_TIME_DETAIL' => $this->time, 'TXT_' . $this->moduleLangVar . '_CLOCK_DETAIL' => $this->clock)); $objTpl->parse('calendarDateDetail'); } else { // get date for single day format $this->getSingleDateBlock($objEvent, $showStartDateDetail, $showEndDateDetail, $this->arrSettings['separatorDateDetail'], $showTimeTypeDetail, $showStartTimeDetail, $showEndTimeDetail, $this->arrSettings['separatorDateTimeDetail'], $this->arrSettings['separatorTimeDetail'], $this->arrSettings['showClockDetail'] == 1); $objTpl->setVariable(array($this->moduleLangVar . '_DATE_DETAIL' => $this->date, $this->moduleLangVar . '_SEP_DATE_TIME_DETAIL' => $this->sepDateTime, $this->moduleLangVar . '_TIME_DETAIL' => $this->time, 'TXT_' . $this->moduleLangVar . '_CLOCK_DETAIL' => $this->clock)); $objTpl->parse('calendarDateDetail'); } } if ($this->arrSettings['placeData'] == 1 && $objEvent->place == '' && $objEvent->place_street == '' && $objEvent->place_zip == '' && $objEvent->place_city == '' && $objEvent->place_country == '' && $objEvent->place_website == '' && $objEvent->place_phone == '') { $objTpl->hideBlock('calendarEventAddress'); } else { if ($objEvent->google) { // TODO: implement with new Google Maps Embed API. see https://developers.google.com/maps/documentation/embed/guide /*$googleCoordinates = self::_getCoorinates($objEvent->place_street, $objEvent->place_zip, $objEvent->place_city); if($googleCoordinates != false) { $lat = $googleCoordinates[0]; $lon = $googleCoordinates[1]; $objGoogleMap = new googleMap(); $objGoogleMap->setMapId($this->moduleName.'GoogleMap'); $objGoogleMap->setMapStyleClass('mapLarge'); $objGoogleMap->setMapType(0); $objGoogleMap->setMapZoom(12); $objGoogleMap->setMapCenter($lon, $lat); $strValueClick = 'marker'.$objEvent->id.'.openInfoWindowHtml(info'.$objEvent->id.');'; $objGoogleMap->addMapMarker($objEvent->id, $lon, $lat, "<b>".$objEvent->place."</b><br />".$objEvent->place_street."<br />".$objEvent->place_zip." ".$objEvent->place_city."<br />".$objEvent->place_country,true, null, true, $strValueClick, null, null); $googleMap = $objGoogleMap->getMap(); } else {*/ //} $googleMapLink = '<a href="http://maps.google.ch/maps?q=' . $objEvent->place_street . '+' . $objEvent->place_zip . '+' . $objEvent->place_city . '&z=15" target="_blank">' . $_ARRAYLANG['TXT_CALENDAR_MAP'] . '</a>'; } else { $googleMapLink = ''; } //place map $hasPlaceMap = !empty($objEvent->place_map) && file_exists(\Env::get('cx')->getWebsitePath() . $objEvent->place_map); if ($hasPlaceMap) { $arrInfo = getimagesize(\Env::get('cx')->getWebsitePath() . $objEvent->place_map); $picWidth = $arrInfo[0] + 20; $picHeight = $arrInfo[1] + 20; } $map_thumb_name = file_exists(\Env::get('cx')->getWebsitePath() . $objEvent->place_map . ".thumb") ? $objEvent->place_map . ".thumb" : $objEvent->place_map; $placeWebsite = $objEvent->place_website != '' ? "<a href='" . $objEvent->place_website . "' target='_blank' >" . $objEvent->place_website . "</a>" : ""; $placeWebsiteSource = $objEvent->place_website; $placeLink = $objEvent->place_link != '' ? "<a href='" . $objEvent->place_link . "' target='_blank' >" . $objEvent->place_link . "</a>" : ""; $placeLinkSource = $objEvent->place_link; if ($this->arrSettings['placeData'] > 1 && $objEvent->locationType == 2) { $objEvent->loadPlaceFromMediadir($objEvent->place_mediadir_id, 'place'); list($placeLink, $placeLinkSource) = $objEvent->loadPlaceLinkFromMediadir($objEvent->place_mediadir_id, 'place'); } $objTpl->setVariable(array($this->moduleLangVar . '_EVENT_PLACE' => $objEvent->place, $this->moduleLangVar . '_EVENT_LOCATION_PLACE' => $objEvent->place, $this->moduleLangVar . '_EVENT_LOCATION_ADDRESS' => $objEvent->place_street, $this->moduleLangVar . '_EVENT_LOCATION_ZIP' => $objEvent->place_zip, $this->moduleLangVar . '_EVENT_LOCATION_CITY' => $objEvent->place_city, $this->moduleLangVar . '_EVENT_LOCATION_COUNTRY' => $objEvent->place_country, $this->moduleLangVar . '_EVENT_LOCATION_WEBSITE' => $placeWebsite, $this->moduleLangVar . '_EVENT_LOCATION_WEBSITE_SOURCE' => $placeWebsiteSource, $this->moduleLangVar . '_EVENT_LOCATION_LINK' => $placeLink, $this->moduleLangVar . '_EVENT_LOCATION_LINK_SOURCE' => $placeLinkSource, $this->moduleLangVar . '_EVENT_LOCATION_PHONE' => $objEvent->place_phone, $this->moduleLangVar . '_EVENT_LOCATION_MAP_LINK' => $hasPlaceMap ? '<a href="' . $objEvent->place_map . '" onClick="window.open(this.href,\'\',\'resizable=no,location=no,menubar=no,scrollbars=no,status=no,toolbar=no,fullscreen=no,dependent=no,width=' . $picWidth . ',height=' . $picHeight . ',status\'); return false">' . $_ARRAYLANG['TXT_CALENDAR_MAP'] . '</a>' : "", $this->moduleLangVar . '_EVENT_LOCATION_MAP_THUMBNAIL' => $hasPlaceMap ? '<a href="' . $objEvent->place_map . '" onClick="window.open(this.href,\'\',\'resizable=no,location=no,menubar=no,scrollbars=no,status=no,toolbar=no,fullscreen=no,dependent=no,width=' . $picWidth . ',height=' . $picHeight . ',status\'); return false"><img src="' . $map_thumb_name . '" border="0" alt="' . $objEvent->place_map . '" /></a>' : "", $this->moduleLangVar . '_EVENT_LOCATION_MAP_SOURCE' => $hasPlaceMap ? $objEvent->place_map : '', $this->moduleLangVar . '_EVENT_LOCATION_GOOGLE_MAP_LINK' => $googleMapLink)); if ($objTpl->blockExists('calendarEventAddressWebsite')) { if (empty($placeWebsite)) { $objTpl->hideBlock('calendarEventAddressWebsite'); } else { $objTpl->touchBlock('calendarEventAddressWebsite'); } } if ($objTpl->blockExists('calendarEventAddressLink')) { if (empty($placeLink)) { $objTpl->hideBlock('calendarEventAddressLink'); } else { $objTpl->touchBlock('calendarEventAddressLink'); } } if ($objTpl->blockExists('calendarEventAddressPhone')) { if (empty($objEvent->place_phone)) { $objTpl->hideBlock('calendarEventAddressPhone'); } else { $objTpl->touchBlock('calendarEventAddressPhone'); } } if ($objTpl->blockExists('calendarEventAddressMap')) { if ($hasPlaceMap) { $objTpl->touchBlock('calendarEventAddressMap'); } else { $objTpl->hideBlock('calendarEventAddressMap'); } } $objTpl->parse('calendarEventAddress'); } $hostWebsite = $objEvent->org_website != '' ? "<a href='" . $objEvent->org_website . "' target='_blank' >" . $objEvent->org_website . "</a>" : ""; $hostWebsiteSource = $objEvent->org_website; $hostLink = $objEvent->org_link != '' ? "<a href='" . $objEvent->org_link . "' target='_blank' >" . $objEvent->org_link . "</a>" : ""; $hostLinkSource = $objEvent->org_link; if ($this->arrSettings['placeDataHost'] > 1 && $objEvent->hostType == 2) { $objEvent->loadPlaceFromMediadir($objEvent->host_mediadir_id, 'host'); list($hostLink, $hostLinkSource) = $objEvent->loadPlaceLinkFromMediadir($objEvent->host_mediadir_id, 'host'); } if ($this->arrSettings['placeDataHost'] == 1 && $objEvent->org_name == '' && $objEvent->org_street == '' && $objEvent->org_zip == '' && $objEvent->org_city == '' && $objEvent->org_country == '' && $objEvent->org_website == '' && $objEvent->org_phone == '') { $objTpl->hideBlock('calendarEventHost'); } else { $objTpl->setVariable(array($this->moduleLangVar . '_EVENT_HOST' => $objEvent->org_name, $this->moduleLangVar . '_EVENT_HOST_ADDRESS' => $objEvent->org_street, $this->moduleLangVar . '_EVENT_HOST_ZIP' => $objEvent->org_zip, $this->moduleLangVar . '_EVENT_HOST_CITY' => $objEvent->org_city, $this->moduleLangVar . '_EVENT_HOST_COUNTRY' => $objEvent->org_country, $this->moduleLangVar . '_EVENT_HOST_WEBSITE' => $hostWebsite, $this->moduleLangVar . '_EVENT_HOST_WEBSITE_SOURCE' => $hostWebsiteSource, $this->moduleLangVar . '_EVENT_HOST_LINK' => $hostLink, $this->moduleLangVar . '_EVENT_HOST_LINK_SOURCE' => $hostLinkSource, $this->moduleLangVar . '_EVENT_HOST_PHONE' => $objEvent->org_phone, $this->moduleLangVar . '_EVENT_HOST_EMAIL' => $objEvent->org_email != '' ? "<a href='mailto:" . $objEvent->org_email . "' >" . $objEvent->org_email . "</a>" : "", $this->moduleLangVar . '_EVENT_HOST_EMAIL_SOURCE' => $objEvent->org_email)); if ($objTpl->blockExists('calendarEventHostWebsite')) { if (empty($hostWebsite)) { $objTpl->hideBlock('calendarEventHostWebsite'); } else { $objTpl->touchBlock('calendarEventHostWebsite'); } } if ($objTpl->blockExists('calendarEventHostLink')) { if (empty($hostLink)) { $objTpl->hideBlock('calendarEventHostLink'); } else { $objTpl->touchBlock('calendarEventHostLink'); } } if ($objTpl->blockExists('calendarEventHostPhone')) { if (empty($objEvent->org_phone)) { $objTpl->hideBlock('calendarEventHostPhone'); } else { $objTpl->touchBlock('calendarEventHostPhone'); } } if ($objTpl->blockExists('calendarEventHostEmail')) { if (empty($objEvent->org_email)) { $objTpl->hideBlock('calendarEventHostEmail'); } else { $objTpl->touchBlock('calendarEventHostEmail'); } } $objTpl->parse('calendarEventHost'); } $this->parseRegistrationPlaceholders($objTpl, $objEvent, $hostUri, $hostTarget); if ($objTpl->placeholderExists('CALENDAR_EVENT_MONTH_BOX')) { $objTpl->setVariable('CALENDAR_EVENT_MONTH_BOX', $this->getDetailMonthBox($objEvent)); } } }
/** * Return the page depending on the $_GET-params * * @global $objPerm * @global $objTemplate * @global $_ARRAYLANG */ function getPage() { global $objPerm, $objTemplate, $_ARRAYLANG; $_GET['tpl'] = !empty($_GET['tpl']) ? contrexx_input2raw($_GET['tpl']) : ''; $_GET['act'] = !empty($_GET['act']) ? contrexx_input2raw($_GET['act']) : ''; switch ($_GET['act']) { // The categories case 'categories': switch ($_GET['tpl']) { case 'add': \Permission::checkAccess(ACCESS_ID_EDIT_CATEGORIES, 'static'); $content = $this->editCategory(true); $active = "add"; break; case 'edit': \Permission::checkAccess(ACCESS_ID_EDIT_CATEGORIES, 'static'); $content = $this->editCategory(); $active = ""; break; case 'update': \Permission::checkAccess(ACCESS_ID_EDIT_CATEGORIES, 'static'); $id = $this->updateCategory(); \Cx\Core\Csrf\Controller\Csrf::redirect('index.php?cmd=Knowledge' . MODULE_INDEX . '&act=categories&tpl=overview&highlight=' . $id); break; case 'insert': \Permission::checkAccess(ACCESS_ID_EDIT_CATEGORIES, 'static'); $id = $this->insertCategory(); \Cx\Core\Csrf\Controller\Csrf::redirect('index.php?cmd=Knowledge' . MODULE_INDEX . '&act=categories&tpl=overview&highlight=' . $id); break; case 'delete': \Permission::checkAccess(ACCESS_ID_EDIT_CATEGORIES, 'static'); $this->deleteCategory(); break; case 'switchState': $this->checkAjaxAccess(ACCESS_ID_EDIT_CATEGORIES); $this->switchCategoryState(); break; case 'sort': $this->checkAjaxAccess(ACCESS_ID_EDIT_CATEGORIES); $this->sortCategory(); break; case 'overview': default: \Permission::checkAccess(ACCESS_ID_CATEGORIES, 'static'); $content = $this->categoriesOverview(); $active = "overview"; break; } $this->categories($content, $active); break; // The articles // The articles case 'articles': switch ($_GET['tpl']) { case 'add': \Permission::checkAccess(ACCESS_ID_EDIT_ARTICLES, 'static'); $content = $this->editArticle(true); $active = "add"; break; case 'edit': \Permission::checkAccess(ACCESS_ID_EDIT_ARTICLES, 'static'); $content = $this->editArticle(); $active = ""; break; case 'insert': \Permission::checkAccess(ACCESS_ID_EDIT_ARTICLES, 'static'); $id = $this->insertArticle(); $content = $this->articleOverview(); $active = "overview"; break; case 'update': \Permission::checkAccess(ACCESS_ID_EDIT_ARTICLES, 'static'); $id = $this->updateArticle(); $content = $this->articleOverview(); \Cx\Core\Csrf\Controller\Csrf::redirect('index.php?cmd=Knowledge' . MODULE_INDEX . '&act=articles&tpl=edit&id=' . $id . '&updated=true'); break; case 'getArticles': \Permission::checkAccess(ACCESS_ID_OVERVIEW, 'static'); $this->getArticles(); break; case 'sort': $this->checkAjaxAccess(ACCESS_ID_EDIT_ARTICLES); $this->sortArticles(); break; case 'switchState': $this->checkAjaxAccess(ACCESS_ID_EDIT_ARTICLES); $this->switchArticleState(); break; case 'getTags': \Permission::checkAccess(ACCESS_ID_OVERVIEW, 'static'); $this->getTags(); break; case 'delete': $this->checkAjaxAccess(ACCESS_ID_EDIT_ARTICLES); $this->deleteArticle(); break; case 'overview': default: \Permission::checkAccess(ACCESS_ID_OVERVIEW, 'static'); $content = $this->articleOverview(); $active = "overview"; break; } $this->articles($content, $active); break; case 'settings': \Permission::checkAccess(ACCESS_ID_SETTINGS, 'static'); switch ($_GET['tpl']) { case 'tidyTags': $this->tidyTags(); break; case 'resetVotes': $this->resetVotes(); break; case 'placeholders': $content = $this->settingsPlaceholders(); $active = "placeholders"; break; case 'update': $this->updateSettings(); try { $this->settings->readSettings(); } catch (DatabaseError $e) { $this->errorMessage = $_ARRAYLANG['TXT_KNOWLEDGE_ERROR_OVERVIEW']; $this->errorMessage .= $e->formatted(); } $content = $this->settingsOverview(); $active = "settings"; break; case 'show': default: $content = $this->settingsOverview(); $active = "settings"; break; } $this->settings($content, $active); break; default: \Cx\Core\Csrf\Controller\Csrf::redirect('index.php?cmd=Knowledge' . MODULE_INDEX . '&act=articles'); } $objTemplate->setVariable(array('CONTENT_TITLE' => $this->pageTitle, 'CONTENT_OK_MESSAGE' => $this->okMessage, 'CONTENT_STATUS_MESSAGE' => $this->errorMessage, 'ADMIN_CONTENT' => $this->tpl->get())); $this->act = $_REQUEST['act']; $this->setNavigation(); }
/** * Redirect to content manager (open site) * * @param integer The page with this id will be shown in content manager. */ protected function redirectPage($intPageId) { // This is not really a nice way to generate this URL! $baseUrl = \Cx\Core\Routing\Url::fromDocumentRoot(); $baseUrl->setMode(\Cx\Core\Core\Controller\Cx::MODE_BACKEND); \Cx\Core\Csrf\Controller\Csrf::redirect($baseUrl . 'cadmin/ContentManager?page=' . $intPageId . '&tab=content'); }
/** * Restores the Cart from the Order ID given * * Redirects to the login when nobody is logged in. * Redirects to the history overview when the Order cannot be loaded, * or when it does not belong to the current Customer. * When $editable is true, redirects to the detail view of the first * Item for editing. Editing will be disabled otherwise. * @global array $_ARRAYLANG * @param integer $order_id The Order ID * @param boolean $editable Items in the Cart are editable iff true */ static function from_order($order_id, $editable = false) { global $_ARRAYLANG; $objCustomer = Shop::customer(); if (!$objCustomer) { \Message::information($_ARRAYLANG['TXT_SHOP_ORDER_LOGIN_TO_REPEAT']); \Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'login') . '?redirect=' . base64_encode(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'cart') . '?order_id=' . $order_id)); } $customer_id = $objCustomer->getId(); $order = Order::getById($order_id); if (!$order || $order->customer_id() != $customer_id) { \Message::warning($_ARRAYLANG['TXT_SHOP_ORDER_INVALID_ID']); \Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'history')); } // Optional! self::destroy(); $_SESSION['shop']['shipperId'] = $order->shipment_id(); $_SESSION['shop']['paymentId'] = $order->payment_id(); $order_attributes = $order->getOptionArray(); $count = null; $arrAttributes = Attributes::getArray($count, 0, -1, null, array()); // Find an Attribute and option IDs for the reprint type $attribute_id_reprint = $option_id_reprint = NULL; if (!$editable) { //DBG::log("Cart::from_order(): Checking for reprint..."); foreach ($arrAttributes as $attribute_id => $objAttribute) { if ($objAttribute->getType() == Attribute::TYPE_EZS_REPRINT) { //DBG::log("Cart::from_order(): TYPE reprint"); $options = $objAttribute->getOptionArray(); if ($options) { $option_id_reprint = current(array_keys($options)); $attribute_id_reprint = $attribute_id; //DBG::log("Cart::from_order(): Found reprint Attribute $attribute_id_reprint, option $option_id_reprint"); break; } } } } foreach ($order->getItems() as $item) { $item_id = $item['item_id']; $attributes = $order_attributes[$item_id]; $options = array(); foreach ($attributes as $attribute_id => $attribute) { // foreach (array_keys($attribute['options']) as $option_id) { foreach ($attribute['options'] as $option_id => $option) { //DBG::log("Cart::from_order(): Option: ".var_export($option, true)); switch ($arrAttributes[$attribute_id]->getType()) { case Attribute::TYPE_TEXT_OPTIONAL: case Attribute::TYPE_TEXT_MANDATORY: case Attribute::TYPE_TEXTAREA_OPTIONAL: case Attribute::TYPE_TEXTAREA_MANDATORY: case Attribute::TYPE_EMAIL_OPTIONAL: case Attribute::TYPE_EMAIL_MANDATORY: case Attribute::TYPE_URL_OPTIONAL: case Attribute::TYPE_URL_MANDATORY: case Attribute::TYPE_DATE_OPTIONAL: case Attribute::TYPE_DATE_MANDATORY: case Attribute::TYPE_NUMBER_INT_OPTIONAL: case Attribute::TYPE_NUMBER_INT_MANDATORY: case Attribute::TYPE_NUMBER_FLOAT_OPTIONAL: case Attribute::TYPE_NUMBER_FLOAT_MANDATORY: case Attribute::TYPE_EZS_ACCOUNT_3: case Attribute::TYPE_EZS_ACCOUNT_4: case Attribute::TYPE_EZS_IBAN: case Attribute::TYPE_EZS_IN_FAVOR_OF: case Attribute::TYPE_EZS_REFERENCE: case Attribute::TYPE_EZS_CLEARING: case Attribute::TYPE_EZS_DEPOSIT_FOR_6: case Attribute::TYPE_EZS_DEPOSIT_FOR_2L: case Attribute::TYPE_EZS_DEPOSIT_FOR_2H: case Attribute::TYPE_EZS_PURPOSE_35: case Attribute::TYPE_EZS_PURPOSE_50: $options[$attribute_id][] = $option['name']; break; case Attribute::TYPE_EZS_REDPLATE: case Attribute::TYPE_EZS_CONFIRMATION: if (!$attribute_id_reprint) { //DBG::log("Cart::from_order(): No reprint, adding option {$option['name']}"); $options[$attribute_id][] = $option_id; } break; case Attribute::TYPE_EZS_REPRINT: // Automatically added below when appropriate break; default: // case Attribute::TYPE_EZS_ZEWOLOGO: // case Attribute::TYPE_EZS_EXPRESS: // case Attribute::TYPE_EZS_PURPOSE_BOLD: $options[$attribute_id][] = $option_id; break; } //DBG::log("Cart::from_order(): Added option: ".var_export($options, true)); } } if ($attribute_id_reprint) { $options[$attribute_id_reprint][] = $option_id_reprint; //DBG::log("Cart::from_order(): Item has reprint Attribute, added $attribute_id_reprint => ($option_id_reprint)"); } self::add_product(array('id' => $item['product_id'], 'quantity' => $item['quantity'], 'options' => $options)); } if ($attribute_id_reprint) { // Mark the Cart as being unchanged since the restore, so the // additional cost for some Attributes won't be added again. self::restored_order_id($order_id); } \Message::information($_ARRAYLANG['TXT_SHOP_ORDER_RESTORED']); // Enable for production \Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'cart')); }
/** * Redirect to the page by requested redirect url */ public function handleRedirect() { if (empty($_REQUEST['redirect'])) { return; } $redirect = \FWUser::getRedirectUrl(urlencode(base64_decode(urldecode($_REQUEST['redirect'])))); \Cx\Core\Csrf\Controller\Csrf::redirect($redirect); exit; }
/** * @param int $id */ protected function modifyCategory($id = null) { global $objDatabase, $_ARRAYLANG; $manageCategoriesLink = 'index.php?cmd=News&act=newscat'; // cast input id to integer and check whether the id is zero or not $id = intval($id); if ($id == 0) { \Cx\Core\Csrf\Controller\Csrf::redirect($manageCategoriesLink); exit; } // check whether the category exists or not $objResult = $objDatabase->SelectLimit("SELECT `catid`, `parent_id` FROM `" . DBPREFIX . "module_news_categories` WHERE `catid` = " . $id); if ($objResult->RecordCount() == 0) { \Cx\Core\Csrf\Controller\Csrf::redirect($manageCategoriesLink); exit; } // load template $this->_objTpl->loadTemplateFile('module_news_category_modify.html', true, true); $this->pageTitle = $_ARRAYLANG['TXT_EDIT_CATEGORY']; // validate form inputs and save the changes if (isset($_POST['submit'])) { if (!isset($_POST['newsCatParentId']) || $_POST['newsCatParentId'] == $id) { } else { $catParentId = intval($_POST['newsCatParentId']); if ($catParentId == 0) { $catParentId = $this->nestedSetRootId; } if ($this->objNestedSet->getParent($id)->id != $catParentId) { // move the node under the parent node id $this->objNestedSet->moveTree($id, $catParentId, NESE_MOVE_BELOW); } } // write the new locale data to database $status = $this->storeCategoriesLocales($_POST['newsCatName']); if (!$status) { \Message::error($_ARRAYLANG['TXT_DATABASE_QUERY_ERROR']); } else { \Message::ok($_ARRAYLANG['TXT_DATA_RECORD_UPDATED_SUCCESSFUL']); } } // get language data from categories $categories = $this->getCategoriesLangData(); $categoryLangData = $categories[$id]; // get languages which are active $arrLanguages = \FWLanguage::getActiveFrontendLanguages(); // parse category name list for each activated frontend language foreach ($arrLanguages as $langId => $languageName) { $this->_objTpl->setVariable(array('NEWS_CAT_LANG_ID' => $langId, 'NEWS_CAT_NAME_VALUE' => contrexx_raw2xhtml($categoryLangData[$langId]), 'NEWS_CAT_LANG_NAME' => $languageName['name'])); $this->_objTpl->parse('category_name_list'); } // get parent category from this category $parentCategoryNode = $this->objNestedSet->getParent($id); // set global variables $this->_objTpl->setGlobalVariable(array('NEWS_CAT_ID' => $id, 'NEWS_CAT_NAME' => $categoryLangData[FRONTEND_LANG_ID])); // set variables $childrenNodes = $this->objNestedSet->getChildren($id, true); $childrenNodeIds = array(); foreach ($childrenNodes as $childrenNode) { $childrenNodeIds[] = $childrenNode['id']; } $this->_objTpl->setVariable(array('NEWS_CAT_CATEGORIES' => $this->getCategoryMenu($this->nestedSetRootId, array($parentCategoryNode->id), array_merge(array($id), $childrenNodeIds)))); // set language variables $this->_objTpl->setVariable(array('TXT_SAVE' => $_ARRAYLANG['TXT_SAVE'], 'TXT_NAME' => $_ARRAYLANG['TXT_NAME'], 'TXT_EDIT_CATEGORY' => $_ARRAYLANG['TXT_EDIT_CATEGORY'], 'TXT_NEWS_EXTENDED' => $_ARRAYLANG['TXT_NEWS_EXTENDED'], 'TXT_NEWS_PARENT_CATEGORY' => $_ARRAYLANG['TXT_NEWS_PARENT_CATEGORY'], 'TXT_NEWS_NEW_MAIN_CATEGORY' => $_ARRAYLANG['TXT_NEWS_NEW_MAIN_CATEGORY'])); }
/** * Checks the access level for the given action * * It checks the access level for the given action * and return's null if access is granted otherwise it redirect the action * to the respective fallback pages. * * @param string $strAction possible values are add_event, * edit_event, my_events * * @return null */ function checkAccess($strAction) { global $objInit; if ($objInit->mode == 'backend') { //backend access } else { //frontend access $strStatus = ''; $objFWUser = \FWUser::getFWUserObject(); //get user attributes $objUser = $objFWUser->objUser; $intUserId = intval($objUser->getId()); $intUserName = $objUser->getUsername(); $bolUserLogin = $objUser->login(); $intUserIsAdmin = $objUser->getAdminStatus(); $accessId = 0; //used to remember which access id the user needs to have. this is passed to Permission::checkAccess() later. $intUserIsAdmin = false; if (!$intUserIsAdmin) { self::getSettings(); switch ($strAction) { case 'add_event': if ($this->arrSettings['addEventsFrontend'] == 1 || $this->arrSettings['addEventsFrontend'] == 2) { if ($this->arrSettings['addEventsFrontend'] == 2) { if ($bolUserLogin) { $bolAdd = true; } else { $bolAdd = false; } } else { $bolAdd = true; } if ($bolAdd) { //get groups attributes $arrUserGroups = array(); $objGroup = $objFWUser->objGroup->getGroups($filter = array('is_active' => true, 'type' => 'frontend')); while (!$objGroup->EOF) { if (in_array($objGroup->getId(), $objUser->getAssociatedGroupIds())) { $arrUserGroups[] = $objGroup->getId(); } $objGroup->next(); } } else { $strStatus = 'login'; } } else { $strStatus = 'redirect'; } break; case 'edit_event': if ($this->arrSettings['addEventsFrontend'] == 1 || $this->arrSettings['addEventsFrontend'] == 2) { if ($bolUserLogin) { if (isset($_POST['submitFormModifyEvent'])) { $eventId = intval($_POST['id']); } else { $eventId = intval($_GET['id']); } $objEvent = new \Cx\Modules\Calendar\Controller\CalendarEvent($eventId); if ($objEvent->author != $intUserId) { $strStatus = 'no_access'; } } else { $strStatus = 'login'; } } else { $strStatus = 'redirect'; } break; case 'my_events': if ($this->arrSettings['addEventsFrontend'] == 1 || $this->arrSettings['addEventsFrontend'] == 2) { if (!$bolUserLogin) { $strStatus = 'login'; } } else { $strStatus = 'redirect'; } break; } switch ($strStatus) { case 'no_access': \Cx\Core\Csrf\Controller\Csrf::redirect(CONTREXX_SCRIPT_PATH . '?section=Login&cmd=noaccess'); exit; break; case 'login': $link = base64_encode(CONTREXX_SCRIPT_PATH . '?' . $_SERVER['QUERY_STRING']); \Cx\Core\Csrf\Controller\Csrf::redirect(CONTREXX_SCRIPT_PATH . "?section=Login&redirect=" . $link); exit; break; case 'redirect': \Cx\Core\Csrf\Controller\Csrf::redirect(CONTREXX_SCRIPT_PATH . '?section=' . $this->moduleName); exit; break; } } } }
/** * Add / Edit registration * * @param integer $eventId Event id * @param integer $regId Rgistration id */ function modifyRegistration($eventId, $regId) { global $objDatabase, $_ARRAYLANG; $this->_objTpl->loadTemplateFile('module_calendar_modify_registration.html'); if (isset($_POST['submitModifyRegistration'])) { $objRegistration = new \Cx\Modules\Calendar\Controller\CalendarRegistration(intval($_POST['form'])); if ($objRegistration->save($_POST)) { switch ($_POST['registrationType']) { case 0: $tpl = 'd'; break; case 1: default: $tpl = 'r'; break; case 2: $tpl = 'w'; break; } $tpl = !empty($_POST['regtpl']) ? $_POST['regtpl'] : $tpl; $this->okMessage = $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_SUCCESSFULLY_SAVED']; \Cx\Core\Csrf\Controller\Csrf::redirect('index.php?cmd=' . $this->moduleName . '&act=event_registrations&tpl=' . $tpl . '&id=' . $eventId); } else { $this->errMessage = $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_CORRUPT_SAVED']; } } $objFWUser = \FWUser::getFWUserObject(); $objUser = $objFWUser->objUser; $userId = intval($objUser->getId()); $objEvent = new \Cx\Modules\Calendar\Controller\CalendarEvent($eventId); if ($regId != 0) { $this->_pageTitle = $_ARRAYLANG['TXT_CALENDAR_EVENT_EDIT_REGISTRATION']; $objRegistration = new \Cx\Modules\Calendar\Controller\CalendarRegistration($objEvent->registrationForm, $regId); } else { $this->_pageTitle = $_ARRAYLANG['TXT_CALENDAR_EVENT_INSERT_REGISTRATION']; $objRegistration = new \Cx\Modules\Calendar\Controller\CalendarRegistration($objEvent->registrationForm); } $objRegistrationManager = new \Cx\Modules\Calendar\Controller\CalendarRegistrationManager($objEvent, true, true, true); $objRegistrationManager->showRegistrationInputfields($this->_objTpl, $regId); $this->getSettings(); if ($this->arrSettings['paymentStatus'] == '1' && ($this->arrSettings['paymentBillStatus'] == '1' || $this->arrSettings['paymentYellowpayStatus'] == '1')) { $selectedBill = $objRegistration->paymentMethod == 1 ? 'selected="selected"' : ''; $selectedYellowpay = $objRegistration->paymentMethod == 2 ? 'selected="selected"' : ''; $paymentMethods = '<select style="width: 204px;" class="calendarSelect" name="paymentMethod">'; $paymentMethods .= $this->arrSettings['paymentBillStatus'] == '1' ? '<option value="1" ' . $selectedBill . '>' . $_ARRAYLANG['TXT_CALENDAR_PAYMENT_BILL'] . '</option>' : ''; $paymentMethods .= $this->arrSettings['paymentYellowpayStatus'] == '1' ? '<option value="2" ' . $selectedYellowpay . '>' . $_ARRAYLANG['TXT_CALENDAR_PAYMENT_YELLOWPAY'] . '</option>' : ''; $paymentMethods .= '</select>'; $this->_objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_PAYMENT_METHOD' => $_ARRAYLANG['TXT_CALENDAR_PAYMENT_METHOD'], 'TXT_' . $this->moduleLangVar . '_PAID' => $_ARRAYLANG['TXT_PAYMENT_COMPLETED'], $this->moduleLangVar . '_PAYMENT_METHODS' => $paymentMethods, $this->moduleLangVar . '_PAID' => $objRegistration->paid == true ? " checked='checked'" : "")); $this->_objTpl->parse('calendarRegistrationPayment'); } else { $this->_objTpl->hideBlock('calendarRegistrationPayment'); } $this->_objTpl->setGlobalVariable(array('TXT_' . $this->moduleLangVar . '_REGISTRATION_TITLE' => $this->_pageTitle, 'TXT_' . $this->moduleLangVar . '_SAVE' => $_ARRAYLANG['TXT_CALENDAR_SAVE'], 'TXT_' . $this->moduleLangVar . '_BACK' => $_ARRAYLANG['TXT_CALENDAR_BACK'], $this->moduleLangVar . '_EVENT_ID' => $eventId, $this->moduleLangVar . '_REGISTRATION_TPL' => $_GET['tpl'], $this->moduleLangVar . '_REGISTRATION_ID' => $regId, $this->moduleLangVar . '_REGISTRATION_TYPE' => $objRegistration->type, $this->moduleLangVar . '_FORM_ID' => $objEvent->registrationForm, $this->moduleLangVar . '_EVENT_DATE' => $objEvent->startDate->getTimestamp(), $this->moduleLangVar . '_USER_ID' => $userId)); \Cx\Core\Core\Controller\Cx::instanciate()->getComponent('Cache')->deleteComponentFiles('Calendar'); }
/** * Performs the Event details page * * @return null */ function showEvent() { global $_ARRAYLANG, $_CORELANG, $_LANGID; if (empty($this->objEventManager->eventList)) { \Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd($this->moduleName)); exit; } $this->_objTpl->setTemplate($this->pageContent, true, true); $this->pageTitle = html_entity_decode($this->objEventManager->eventList[0]->title, ENT_QUOTES, CONTREXX_CHARSET); $this->_objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_ATTACHMENT' => $_ARRAYLANG['TXT_CALENDAR_ATTACHMENT'], 'TXT_' . $this->moduleLangVar . '_THUMBNAIL' => $_ARRAYLANG['TXT_CALENDAR_THUMBNAIL'], 'TXT_' . $this->moduleLangVar . '_OPTIONS' => $_ARRAYLANG['TXT_CALENDAR_OPTIONS'], 'TXT_' . $this->moduleLangVar . '_CATEGORY' => $_ARRAYLANG['TXT_CALENDAR_CAT'], 'TXT_' . $this->moduleLangVar . '_PLACE' => $_ARRAYLANG['TXT_CALENDAR_PLACE'], 'TXT_' . $this->moduleLangVar . '_EVENT_HOST' => $_ARRAYLANG['TXT_CALENDAR_EVENT_HOST'], 'TXT_' . $this->moduleLangVar . '_PRIORITY' => $_ARRAYLANG['TXT_CALENDAR_PRIORITY'], 'TXT_' . $this->moduleLangVar . '_START' => $_ARRAYLANG['TXT_CALENDAR_START'], 'TXT_' . $this->moduleLangVar . '_END' => $_ARRAYLANG['TXT_CALENDAR_END'], 'TXT_' . $this->moduleLangVar . '_COMMENT' => $_ARRAYLANG['TXT_CALENDAR_COMMENT'], 'TXT_' . $this->moduleLangVar . '_OCLOCK' => $_ARRAYLANG['TXT_CALENDAR_OCLOCK'], 'TXT_' . $this->moduleLangVar . '_EXPORT' => $_ARRAYLANG['TXT_CALENDAR_EXPORT'], 'TXT_' . $this->moduleLangVar . '_EVENT_PRICE' => $_ARRAYLANG['TXT_CALENDAR_EVENT_PRICE'], 'TXT_' . $this->moduleLangVar . '_EVENT_FREE_PLACES' => $_ARRAYLANG['TXT_CALENDAR_EVENT_FREE_PLACES'], 'TXT_' . $this->moduleLangVar . '_DATE' => $_CORELANG['TXT_DATE'], 'TXT_' . $this->moduleLangVar . '_NAME' => $_ARRAYLANG['TXT_CALENDAR_EVENT_NAME'], 'TXT_' . $this->moduleLangVar . '_LINK' => $_ARRAYLANG['TXT_CALENDAR_EVENT_LINK'], 'TXT_' . $this->moduleLangVar . '_EVENT' => $_ARRAYLANG['TXT_CALENDAR_EVENT'], 'TXT_' . $this->moduleLangVar . '_STREET' => $_ARRAYLANG['TXT_CALENDAR_EVENT_STREET'], 'TXT_' . $this->moduleLangVar . '_ZIP' => $_ARRAYLANG['TXT_CALENDAR_EVENT_ZIP'], 'TXT_' . $this->moduleLangVar . '_MAP' => $_ARRAYLANG['TXT_CALENDAR_EVENT_MAP'], 'TXT_' . $this->moduleLangVar . '_HOST' => $_ARRAYLANG['TXT_CALENDAR_HOST'], 'TXT_' . $this->moduleLangVar . '_MAIL' => $_ARRAYLANG['TXT_CALENDAR_EVENT_EMAIL'], 'TXT_' . $this->moduleLangVar . '_HOST_NAME' => $_ARRAYLANG['TXT_CALENDAR_EVENT_NAME'], 'TXT_' . $this->moduleLangVar . '_TITLE' => $_ARRAYLANG['TXT_CALENDAR_TITLE'], 'TXT_' . $this->moduleLangVar . '_ACCESS' => $_ARRAYLANG['TXT_CALENDAR_ACCESS'], 'TXT_' . $this->moduleLangVar . '_REGISTRATION' => $_ARRAYLANG['TXT_CALENDAR_REGISTRATION'], 'TXT_' . $this->moduleLangVar . '_REGISTRATION_INFO' => $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_INFO'])); $this->objEventManager->showEvent($this->_objTpl, intval($_GET['id']), intval($_GET['date'])); }
/** * create skin folder * @access public */ private function createdir() { global $_ARRAYLANG; \Permission::checkAccess(47, 'static'); $themeName = !empty($_POST['dbName']) && !stristr($_POST['dbName'], '..') ? contrexx_input2raw($_POST['dbName']) : null; $copyFromTheme = !empty($_POST['fromTheme']) && !stristr($_POST['fromTheme'], '..') ? contrexx_input2raw($_POST['fromTheme']) : null; $createFromDatabase = !empty($_POST['fromDB']) && !stristr($_POST['fromDB'], '..') ? contrexx_input2raw($_POST['fromDB']) : null; $dirName = !empty($_POST['dirName']) && !stristr($_POST['dirName'], '..') ? contrexx_input2raw($_POST['dirName']) : null; $dirName = \Cx\Lib\FileSystem\FileSystem::replaceCharacters($dirName); if (!$themeName) { $this->strErrMessage = $_ARRAYLANG['TXT_STATUS_CHECK_INPUTS']; $this->newdir(); return; } $this->validateThemeName($themeName); if (!empty($dirName)) { // ensure that we're creating a new directory and not trying to overwrite an existing one $suffix = ''; while (file_exists($this->path . $dirName . $suffix)) { $suffix++; } $dirName .= $suffix; $theme = new \Cx\Core\View\Model\Entity\Theme(); $theme->setThemesname($themeName); $theme->setFoldername($dirName); switch (true) { case empty($copyFromTheme) && empty($createFromDatabase): // Create new empty theme if (\Cx\Lib\FileSystem\FileSystem::make_folder($this->path . $theme->getFoldername())) { if ($this->createDefaultFiles($theme) && $this->insertSkinIntoDb($theme)) { \Message::add(contrexx_raw2xhtml($themeName) . ' ' . $_ARRAYLANG['TXT_STATUS_SUCCESSFULLY_CREATE']); } else { \Message::add($_ARRAYLANG['TXT_MSG_ERROR_NEW_DIR'], \Message::CLASS_ERROR); $this->newdir(); return; } } break; case !empty($copyFromTheme) && empty($createFromDatabase): //check Whether the folder exists in both codebase if ($this->codeBaseThemesPath != $this->websiteThemesPath && file_exists($this->codeBaseThemesPath . $copyFromTheme)) { if (!\Cx\Lib\FileSystem\FileSystem::copy_folder($this->codeBaseThemesPath . $copyFromTheme, $this->websiteThemesPath . $dirName, true)) { \Message::add($_ARRAYLANG['TXT_MSG_ERROR_NEW_DIR'], \Message::CLASS_ERROR); $this->newdir(); return; } } //check Whether the folder exists in website data repository if (file_exists($this->websiteThemesPath . $copyFromTheme)) { if (!\Cx\Lib\FileSystem\FileSystem::copy_folder($this->websiteThemesPath . $copyFromTheme, $this->websiteThemesPath . $dirName, true)) { \Message::add($_ARRAYLANG['TXT_MSG_ERROR_NEW_DIR'], \Message::CLASS_ERROR); $this->newdir(); return; } } $this->replaceThemeName($copyFromTheme, $dirName, $this->websiteThemesPath . $dirName); //convert theme to component try { $this->themeRepository->loadComponentData($theme); if (!$theme->isComponent()) { // create a new one if no component.yml exists try { $this->themeRepository->convertThemeToComponent($theme); } catch (\Exception $ex) { \DBG::log($ex->getMessage()); \DBG::log($theme->getThemesname() . ' : Unable to convert theme to component'); } $this->themeRepository->loadComponentData($theme); } // change the theme name in component data $themeInformation = $theme->getComponentData(); if ($themeInformation) { $themeInformation['name'] = $theme->getThemesname(); $theme->setComponentData($themeInformation); $this->themeRepository->saveComponentData($theme); } } catch (\Cx\Lib\FileSystem\FileSystemException $e) { \Message::add('Error in coverting component file', \Message::CLASS_ERROR); } if ($this->insertSkinIntoDb($theme)) { \Message::add(contrexx_raw2xhtml($themeName) . ' ' . $_ARRAYLANG['TXT_STATUS_SUCCESSFULLY_CREATE']); } break; case empty($copyFromTheme) && !empty($createFromDatabase): // TODO: remove this function -> migrate all pending themes in the update process // Create new theme from database (migrate existing theme from database to filesystem) if (\Cx\Lib\FileSystem\FileSystem::make_folder($this->path . $dirName)) { $this->insertIntoDb($theme, $createFromDatabase); $this->createFilesFromDB($dirName, intval($createFromDatabase)); } break; default: break; } // Theme build successfully \Cx\Core\Csrf\Controller\Csrf::redirect('index.php?cmd=ViewManager&act=templates&themes=' . $theme->getFoldername()); } else { $this->strErrMessage = $_ARRAYLANG['TXT_STATUS_CHECK_INPUTS']; $this->newdir(); } }
/** * Toggles the active state of a Customer * * The Customer ID may be present in $_REQUEST['toggle_customer_id']. * If it's not, returns NULL immediately. * Otherwise, will add a message indicating success or failure, * and redirect back to the customer overview. * @global array $_ARRAYLANG * @return boolean Null on noop */ function toggleCustomer() { global $_ARRAYLANG; if (empty($_REQUEST['toggle_customer_id'])) { return NULL; } $customer_id = intval($_REQUEST['toggle_customer_id']); $result = Customers::toggleStatusById($customer_id); if (is_null($result)) { // NOOP return; } if ($result) { \Message::ok($_ARRAYLANG['TXT_SHOP_CUSTOMER_UPDATED_SUCCESSFULLY']); } else { \Message::error(sprintf($_ARRAYLANG['TXT_SHOP_ERROR_CUSTOMER_UPDATING'], $customer_id)); } \Cx\Core\Csrf\Controller\Csrf::redirect('index.php?cmd=Shop&act=customers'); }
/** * Display the success page * * @return null */ function showSuccessPage() { $this->_objTpl->setTemplate($this->pageContent, true, true); if ($_REQUEST["handler"] == "yellowpay") { $orderId = \Yellowpay::getOrderId(); $this->getSettings(); if (\Yellowpay::checkin($this->arrSettings["paymentYellowpayShaOut"])) { switch (abs($_REQUEST["result"])) { case 2: // fehler aufgetreten $objRegistration = new \Cx\Modules\Calendar\Controller\CalendarRegistration(null); $objRegistration->delete($orderId); $this->_objTpl->touchBlock("cancelMessage"); break; case 1: // erfolgreich $objRegistration = new \Cx\Modules\Calendar\Controller\CalendarRegistration(null); $objRegistration->get($orderId); $objRegistration->setPaid(1); $this->_objTpl->touchBlock("successMessage"); break; case 0: // abgebrochen $objRegistration = new \Cx\Modules\Calendar\Controller\CalendarRegistration(null); $objRegistration->delete($orderId); $this->_objTpl->touchBlock("cancelMessage"); break; default: \Cx\Core\Csrf\Controller\Csrf::redirect("index.php?section=" . $this->moduleName); break; } } else { \Cx\Core\Csrf\Controller\Csrf::redirect("index.php?section=" . $this->moduleName); return; } } else { \Cx\Core\Csrf\Controller\Csrf::redirect("index.php?section=" . $this->moduleName); return; } }
/** * Returns the unregistered Customer with the given e-mail address * * Note the implicit contradiction. Even unregistered Customers * are stored in the database and retrieved when they visit the Shop * again. However, such Users are always inactive, and thus cannot * log in. They are identified by their e-mail address and updated with * the current data. That information is needed for processing the order * and sending confirmation e-mails. * Note that this kind of Customer is limited to the group of final * customers. This implies that no reseller prices are available to * unregistered Customers. * @param string $email The e-mail address * @return User The Customer on success, null otherwise * @todo Add the Customer Usergroup to the filter and test that */ static function getUnregisteredByEmail($email) { global $_ARRAYLANG; // Only final customers may be unregistered $usergroup_id = \Cx\Core\Setting\Controller\Setting::getValue('usergroup_id_customer', 'Shop'); if (!$usergroup_id) { \Message::error($_ARRAYLANG['TXT_SHOP_ERROR_USERGROUP_INVALID']); \Cx\Core\Csrf\Controller\Csrf::redirect(CONTREXX_DIRECTORY_INDEX . '?section=Shop'); } $objUser = \FWUser::getFWUserObject()->objUser; $objUser = $objUser->getUsers(array('email' => $email, 'active' => false)); if (!$objUser) { //DBG::log("Customer::getUnregisteredByEmail($email): Found no such unregistered User"); return null; } //DBG::log("Customer::getUnregisteredByEmail($email): Found unregistered User ID ".$objUser->getId()." (".$objUser->getEmail().")"); return self::getById($objUser->getId()); }
/** * This function is used to delete an entry * * @param string $entityWithNS class name including namespace * @access protected * @global array $_ARRAYLANG array containing the language variables * @throws \Doctrine\ORM\OptimisticLockException * @throws \Doctrine\ORM\TransactionRequiredException * @throws \Exception */ protected function removeEntry($entityWithNS) { global $_ARRAYLANG; $cx = \Cx\Core\Core\Controller\Cx::instanciate(); $em = $cx->getDb()->getEntityManager(); $deleteId = !empty($_GET['deleteid']) ? contrexx_input2raw($_GET['deleteid']) : ''; $entityObject = $this->object->getEntry($deleteId); if (empty($entityObject)) { \Message::add($_ARRAYLANG['TXT_CORE_RECORD_NO_SUCH_ENTRY'], \Message::CLASS_ERROR); return; } $entityObj = $em->getClassMetadata($entityWithNS); $id = $entityObject[$entityObj->getSingleIdentifierFieldName()]; //get primary key value // delete all n associated entries, because the are not longer used and we can delete the main entry only if we // have no more n associated entries $pageRepo = $em->getRepository($entityWithNS); $associationMappings = $entityObj->getAssociationMappings(); foreach ($associationMappings as $mapping => $value) { // we only need to delete the n associated values, the single associated will be handled by doctrine itself if (!$entityObj->isCollectionValuedAssociation($mapping)) { continue; } $mainEntity = $pageRepo->find($id); $associatedEntities = $mainEntity->{'get' . preg_replace('/_([a-z])/', '\\1', ucfirst($mapping))}(); foreach ($associatedEntities as $associatedEntity) { $em->remove($associatedEntity); } } if (!empty($id)) { $entityObj = $em->getRepository($entityWithNS)->find($id); if (!empty($entityObj)) { if ($entityObj instanceof \Cx\Core\Model\Model\Entity\YamlEntity) { $ymlRepo = $em->getRepository($entityWithNS); $ymlRepo->remove($entityObj); $ymlRepo->flush(); } else { $em->remove($entityObj); $em->flush(); } \Message::add($_ARRAYLANG['TXT_CORE_RECORD_DELETED_SUCCESSFUL']); } } $actionUrl = clone $cx->getRequest()->getUrl(); $actionUrl->setParam('deleteid', null); \Cx\Core\Csrf\Controller\Csrf::redirect($actionUrl); }
/** * * @param mixed $object Array, instance of DataSet, instance of EntityBase, object * @param $options is functions array * @throws ViewGeneratorException */ public function __construct($object, $options = array()) { global $_ARRAYLANG; $this->number = static::$increment++; try { $this->options = $options; $entityNS = null; if (is_array($object)) { $object = new \Cx\Core_Modules\Listing\Model\Entity\DataSet($object); } \JS::registerCSS(\Env::get('cx')->getCoreFolderName() . '/Html/View/Style/Backend.css'); if ($object instanceof \Cx\Core_Modules\Listing\Model\Entity\DataSet) { // render table if no parameter is set $this->object = $object; $entityNS = $this->object->getDataType(); } else { if (!is_object($object)) { $entityClassName = $object; $entityRepository = \Env::get('em')->getRepository($entityClassName); $entities = $entityRepository->findAll(); if (empty($entities)) { $this->object = new $entityClassName(); $entityNS = $entityClassName; } else { $this->object = new \Cx\Core_Modules\Listing\Model\Entity\DataSet($entities); $entityNS = $this->object->getDataType(); } } else { // render form $this->object = $object; $entityNS = get_class($this->object); } } if ((!isset($_POST['vg_increment_number']) || $_POST['vg_increment_number'] != $this->number) && (!isset($_GET['vg_increment_number']) || $_GET['vg_increment_number'] != $this->number)) { $vgIncrementNo = 'empty'; if (isset($_POST['vg_increment_number'])) { $vgIncrementNo = '#' . $_POST['vg_increment_number']; } else { if (isset($_GET['vg_increment_number'])) { $vgIncrementNo = '#' . $_GET['vg_increment_number']; } } // do not make any changes to entities of other view generator instances! \DBG::msg('Omitting changes, my ID is #' . $this->number . ', supplied number was ' . $vgIncrementNo); return; } /** * postSave event * execute save if entry is a doctrine entity (or execute callback if specified in configuration) */ $add = !empty($_GET['add']) ? contrexx_input2raw($_GET['add']) : null; if (!empty($add) && (!empty($this->options['functions']['add']) && $this->options['functions']['add'] != false) || !empty($this->options['functions']['allowAdd']) && $this->options['functions']['allowAdd'] != false) { $this->renderFormForEntry(null); $form = $this->formGenerator; if ($form === false) { // cannot save, no such entry \Message::add('Cannot save, no such entry', \Message::CLASS_ERROR); return; } if (!$form->isValid() || isset($this->options['validate']) && !$this->options['validate']($form)) { // data validation failed, stay in add view \Message::add('Cannot save, validation failed', \Message::CLASS_ERROR); return; } if (!empty($_POST)) { $post = $_POST; unset($post['csrf']); $blankPost = true; if (!empty($post)) { foreach ($post as $value) { if ($value) { $blankPost = false; } } } if ($blankPost) { \Message::add('Cannot save, You should fill any one field!', \Message::CLASS_ERROR); return; } $entityObject = \Env::get('em')->getClassMetadata($entityNS); $primaryKeyName = $entityObject->getSingleIdentifierFieldName(); //get primary key name $entityColumnNames = $entityObject->getColumnNames(); //get all field names // create new entity without calling the constructor // TODO: this might break certain entities! $entityObj = $entityObject->newInstance(); foreach ($entityColumnNames as $column) { $field = $entityObject->getFieldName($column); if (isset($this->options['fields']) && isset($this->options['fields'][$field]) && isset($this->options['fields'][$field]['storecallback']) && is_callable($this->options['fields'][$field]['storecallback'])) { $storecallback = $this->options['fields'][$field]['storecallback']; $postedValue = null; if (isset($_POST['field'])) { $postedValue = contrexx_input2raw($_POST[$field]); } $_POST[$field] = $storecallback($postedValue); } if (isset($_POST[$field]) && $field != $primaryKeyName) { $fieldDefinition = $entityObject->getFieldMapping($field); if ($fieldDefinition['type'] == 'datetime') { $newValue = new \DateTime($_POST[$field]); } elseif ($fieldDefinition['type'] == 'array') { $newValue = unserialize($_POST[$field]); // verify that the value is actually an array -> prevent to store other php data if (!is_array($newValue)) { $newValue = array(); } } else { $newValue = contrexx_input2raw($_POST[$field]); } $entityObj->{'set' . preg_replace('/_([a-z])/', '\\1', ucfirst($field))}($newValue); } } // store single-valued-associations $associationMappings = \Env::get('em')->getClassMetadata($entityNS)->getAssociationMappings(); $classMethods = get_class_methods($entityObj); foreach ($associationMappings as $field => $associationMapping) { if (!empty($_POST[$field]) && \Env::get('em')->getClassMetadata($entityNS)->isSingleValuedAssociation($field) && in_array('set' . ucfirst($field), $classMethods)) { $col = $associationMapping['joinColumns'][0]['referencedColumnName']; $association = \Env::get('em')->getRepository($associationMapping['targetEntity'])->findOneBy(array($col => $_POST[$field])); $entityObj->{'set' . ucfirst($field)}($association); } } if ($entityObj instanceof \Cx\Core\Model\Model\Entity\YamlEntity) { $entityRepository = \Env::get('em')->getRepository($entityNS); $entityRepository->add($entityObj); $entityRepository->flush(); } else { if (!$entityObj instanceof \Cx\Model\Base\EntityBase) { \DBG::msg('Unkown entity model ' . get_class($entityObj) . '! Trying to persist using entity manager...'); } \Env::get('em')->persist($entityObj); \Env::get('em')->flush(); } \Message::add($_ARRAYLANG['TXT_CORE_RECORD_ADDED_SUCCESSFUL']); $actionUrl = clone \Env::get('cx')->getRequest()->getUrl(); $actionUrl->setParam('add', null); \Cx\Core\Csrf\Controller\Csrf::redirect($actionUrl); } } /** * postEdit event * execute edit if entry is a doctrine entity (or execute callback if specified in configuration) */ if ($this->isInEditMode() && (!empty($this->options['functions']['edit']) && $this->options['functions']['edit'] != false || !empty($this->options['functions']['allowEdit']) && $this->options['functions']['allowEdit'] != false)) { $entityId = contrexx_input2raw($this->isInEditMode()); // render form for editid $this->renderFormForEntry($entityId); $form = $this->formGenerator; if ($form === false) { // cannot save, no such entry \Message::add('Cannot save, no such entry', \Message::CLASS_ERROR); return; } if (!$form->isValid() || isset($this->options['validate']) && !$this->options['validate']($form)) { // data validation failed, stay in edit view \Message::add('Cannot save, validation failed', \Message::CLASS_ERROR); return; } $entityObject = array(); if ($this->object->entryExists($entityId)) { $entityObject = $this->object->getEntry($entityId); } if (empty($entityObject)) { \Message::add('Cannot save, Invalid entry', \Message::CLASS_ERROR); return; } $updateArray = array(); $entityObj = \Env::get('em')->getClassMetadata($entityNS); $primaryKeyName = $entityObj->getSingleIdentifierFieldName(); //get primary key name $associationMappings = \Env::get('em')->getClassMetadata($entityNS)->getAssociationMappings(); $classMethods = get_class_methods($entityObj->newInstance()); foreach ($entityObject as $name => $value) { if (!isset($_POST[$name])) { continue; } $methodName = 'set' . str_replace(' ', '', ucwords(str_replace('_', ' ', $name))); if (\Env::get('em')->getClassMetadata($entityNS)->isSingleValuedAssociation($name) && in_array($methodName, $classMethods)) { // store single-valued-associations $col = $associationMappings[$name]['joinColumns'][0]['referencedColumnName']; $association = \Env::get('em')->getRepository($associationMappings[$name]['targetEntity'])->findOneBy(array($col => $_POST[$name])); $updateArray[$methodName] = $association; } elseif ($_POST[$name] != $value && in_array($methodName, $classMethods)) { $fieldDefinition = $entityObj->getFieldMapping($name); if (isset($this->options['fields']) && isset($this->options['fields'][$name]) && isset($this->options['fields'][$name]['storecallback']) && is_callable($this->options['fields'][$name]['storecallback'])) { $storecallback = $this->options['fields'][$name]['storecallback']; $newValue = $storecallback(contrexx_input2raw($_POST[$name])); } else { if ($fieldDefinition['type'] == 'datetime') { if (empty($_POST[$name])) { $newValue = null; } else { $newValue = new \DateTime($_POST[$name]); } } elseif ($fieldDefinition['type'] == 'array') { $newValue = unserialize($_POST[$name]); // verify that the value is actually an array -> prevent to store other php data if (!is_array($newValue)) { $newValue = array(); } } else { $newValue = contrexx_input2raw($_POST[$name]); } } $updateArray[$methodName] = $newValue; } } $id = $entityObject[$primaryKeyName]; //get primary key value if (!empty($updateArray) && !empty($id)) { $entityObj = \Env::get('em')->getRepository($entityNS)->find($id); if (!empty($entityObj)) { foreach ($updateArray as $key => $value) { $entityObj->{$key}($value); } if ($entityObj instanceof \Cx\Core\Model\Model\Entity\YamlEntity) { \Env::get('em')->getRepository($entityNS)->flush(); } else { \Env::get('em')->flush(); } \Message::add($_ARRAYLANG['TXT_CORE_RECORD_UPDATED_SUCCESSFUL']); } else { \Message::add('Cannot save, Invalid argument!', \Message::CLASS_ERROR); } } $actionUrl = clone \Env::get('cx')->getRequest()->getUrl(); $actionUrl->setParam('editid', null); \Cx\Core\Csrf\Controller\Csrf::redirect($actionUrl); } /** * trigger pre- and postRemove event * execute remove if entry is a doctrine entity (or execute callback if specified in configuration) */ $deleteId = !empty($_GET['deleteid']) ? contrexx_input2raw($_GET['deleteid']) : ''; if ($deleteId != '' && (!empty($this->options['functions']['delete']) && $this->options['functions']['delete'] != false || !empty($this->options['functions']['allowDelete']) && $this->options['functions']['allowDelete'] != false)) { $entityObject = $this->object->getEntry($deleteId); if (empty($entityObject)) { \Message::add('Cannot save, Invalid entry', \Message::CLASS_ERROR); return; } $entityObj = \Env::get('em')->getClassMetadata($entityNS); $primaryKeyName = $entityObj->getSingleIdentifierFieldName(); //get primary key name $id = $entityObject[$primaryKeyName]; //get primary key value if (!empty($id)) { $entityObj = \Env::get('em')->getRepository($entityNS)->find($id); if (!empty($entityObj)) { if ($entityObj instanceof \Cx\Core\Model\Model\Entity\YamlEntity) { $ymlRepo = \Env::get('em')->getRepository($entityNS); $ymlRepo->remove($entityObj); $ymlRepo->flush(); } else { \Env::get('em')->remove($entityObj); \Env::get('em')->flush(); } \Message::add($_ARRAYLANG['TXT_CORE_RECORD_DELETED_SUCCESSFUL']); } } $actionUrl = clone \Env::get('cx')->getRequest()->getUrl(); $actionUrl->setParam('deleteid', null); \Cx\Core\Csrf\Controller\Csrf::redirect($actionUrl); } } catch (\Exception $e) { \Message::add($e->getMessage()); return; } }