PluginProbe ʕ •ᴥ•ʔ
VikAppointments Services Booking Calendar / trunk
VikAppointments Services Booking Calendar vtrunk
trunk 1.2.17 1.2.18 1.2.19
vikappointments / admin / controllers / file.php
vikappointments / admin / controllers Last commit date
analytics.php 4 years ago apiban.php 4 years ago apilog.php 4 years ago apiplugin.php 4 years ago apiuser.php 4 years ago backup.php 4 years ago calendar.php 4 years ago city.php 4 years ago closure.php 1 month ago configapp.php 4 years ago configcldays.php 2 years ago configcron.php 4 years ago configemp.php 4 years ago configsmsapi.php 4 years ago configuration.php 1 month ago conversion.php 1 year ago country.php 4 years ago coupon.php 4 years ago coupongroup.php 4 years ago cronjob.php 2 years ago cronjoblog.php 4 years ago customer.php 4 months ago customf.php 1 year ago dashboard.php 4 years ago emplocwdays.php 4 years ago employee.php 1 year ago emprates.php 4 years ago export.php 4 years ago exportres.php 4 years ago file.php 4 months ago findreservation.php 1 month ago group.php 4 years ago import.php 4 years ago index.html 4 years ago invoice.php 1 month ago langcustomf.php 4 years ago langemployee.php 4 years ago langgroup.php 4 years ago langmedia.php 4 years ago langoption.php 4 years ago langoptiongroup.php 4 years ago langpackage.php 4 years ago langpackgroup.php 4 years ago langpayment.php 4 years ago langservice.php 4 years ago langstatuscode.php 4 years ago langsubscr.php 4 years ago langtax.php 4 years ago location.php 4 years ago mailtext.php 2 years ago makerecurrence.php 1 month ago media.php 4 years ago multiorder.php 4 years ago option.php 4 months ago optiongroup.php 4 years ago package.php 2 years ago packgroup.php 4 years ago packorder.php 1 year ago payment.php 4 years ago rate.php 4 years ago reportsemp.php 4 years ago reportsser.php 4 years ago reservation.php 1 month ago restriction.php 4 years ago review.php 4 years ago service.php 1 year ago serworkday.php 4 months ago state.php 4 years ago statuscode.php 4 years ago subscription.php 4 years ago subscrorder.php 4 years ago tag.php 4 years ago tax.php 4 years ago usernote.php 4 years ago waitinglist.php 4 years ago webhook.php 4 years ago wizard.php 1 year ago
file.php
209 lines
1 <?php
2 /**
3 * @package VikAppointments
4 * @subpackage core
5 * @author E4J s.r.l.
6 * @copyright Copyright (C) 2021 E4J s.r.l. All Rights Reserved.
7 * @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPL
8 * @link https://vikwp.com
9 */
10
11 // No direct access
12 defined('ABSPATH') or die('No script kiddies please!');
13
14 VAPLoader::import('libraries.mvc.controllers.admin');
15
16 /**
17 * VikAppointments file controller.
18 *
19 * @since 1.7
20 */
21 class VikAppointmentsControllerFile extends VAPControllerAdmin
22 {
23 /**
24 * Task used to access the management page of an existing record.
25 *
26 * @return boolean
27 */
28 public function edit()
29 {
30 $app = JFactory::getApplication();
31 $user = JFactory::getUser();
32
33 // unset user state for being recovered again
34 $app->setUserState('vap.file.data', array());
35
36 // check user permissions
37 if (!$user->authorise('core.edit', 'com_vikappointments') || !$user->authorise('core.access.config', 'com_vikappointments'))
38 {
39 // back to main list, not authorised to edit records
40 $app->enqueueMessage(JText::translate('JERROR_ALERTNOAUTHOR'), 'error');
41 $this->cancel();
42
43 return false;
44 }
45
46 $cid = $app->input->getString('cid', array(''));
47
48 $url = 'index.php?option=com_vikappointments&view=managefile&cid[]=' . $cid[0];
49
50 if ($app->input->get('tmpl') == 'component')
51 {
52 $url .= '&tmpl=component';
53 }
54
55 $this->setRedirect($url);
56
57 return true;
58 }
59
60 /**
61 * Task used to save the record data set in the request.
62 * After saving, the user is redirected to the main list.
63 *
64 * @return void
65 */
66 public function saveclose()
67 {
68 if ($this->save())
69 {
70 $this->cancel();
71 }
72 }
73
74 /**
75 * Task used to save the record data as a copy of the current item.
76 * After saving, the user is redirected to the management
77 * page of the record that has been saved.
78 *
79 * @return void
80 */
81 public function savecopy()
82 {
83 $input = JFactory::getApplication()->input;
84
85 // get directory and file name from request
86 $directory = $input->getString('dir');
87 $filename = $input->getString('filename');
88
89 // check if directory exists
90 if (!is_dir($directory))
91 {
92 // try to decode from base64
93 $directory = base64_decode($directory);
94 }
95
96 // build final path
97 $file = rtrim($directory, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . $filename;
98
99 // inject file in request
100 $input->set('file', $file);
101
102 // launch save method
103 $this->save();
104 }
105
106 /**
107 * Task used to save the record data set in the request.
108 * After saving, the user is redirected to the management
109 * page of the record that has been saved.
110 *
111 * @return boolean
112 */
113 public function save()
114 {
115 $app = JFactory::getApplication();
116 $input = $app->input;
117 $user = JFactory::getUser();
118
119 /**
120 * Added token validation.
121 *
122 * @since 1.7
123 */
124 if (!JSession::checkToken())
125 {
126 // back to main list, missing CSRF-proof token
127 $app->enqueueMessage(JText::translate('JINVALID_TOKEN'), 'error');
128 $this->cancel();
129
130 return false;
131 }
132
133 $args = array();
134 $args['id'] = $input->get('file', '', 'string');
135 $args['content'] = $input->get('content', '', 'raw');
136
137 // check if blank layout
138 $tmpl = $input->get('tmpl') == 'component';
139
140 // check user permissions
141 if (!$user->authorise('core.access.config', 'com_vikappointments'))
142 {
143 if ($tmpl)
144 {
145 // throw exception in case of blank layout
146 throw new Exception(JText::translate('JERROR_ALERTNOAUTHOR'), 403);
147 }
148
149 // back to main list, not authorised to create/edit records
150 $app->enqueueMessage(JText::translate('JERROR_ALERTNOAUTHOR'), 'error');
151 $this->cancel();
152
153 return false;
154 }
155
156 // get file model
157 $model = $this->getModel();
158
159 // try to save arguments
160 $id = $model->save($args);
161
162 if (!$id)
163 {
164 // get string error
165 $error = $model->getError(null, true);
166
167 // display error message
168 $app->enqueueMessage(JText::sprintf('JLIB_APPLICATION_ERROR_SAVE_FAILED', $error), 'error');
169
170 $url = 'index.php?option=com_vikappointments&view=managefile&cid[]=' . base64_encode($args['id']);
171
172 if ($tmpl)
173 {
174 $url .= '&tmpl=component';
175 }
176
177 // redirect to new/edit page
178 $this->setRedirect($url);
179
180 return false;
181 }
182
183 // display generic successful message
184 $app->enqueueMessage(JText::translate('JLIB_APPLICATION_SAVE_SUCCESS'));
185
186 $url = 'index.php?option=com_vikappointments&task=file.edit&cid[]=' . base64_encode($id);
187
188 if ($tmpl)
189 {
190 $url .= '&tmpl=component';
191 }
192
193 // redirect to edit page
194 $this->setRedirect($url);
195
196 return true;
197 }
198
199 /**
200 * Redirects the users to the main records list.
201 *
202 * @return void
203 */
204 public function cancel()
205 {
206 $this->setRedirect('index.php?option=com_vikappointments&view=editconfig');
207 }
208 }
209