PluginProbe ʕ •ᴥ•ʔ
VikAppointments Services Booking Calendar / trunk
VikAppointments Services Booking Calendar vtrunk
trunk 1.2.17 1.2.18 1.2.19
vikappointments / admin / controllers / option.php
vikappointments / admin / controllers Last commit date
analytics.php 4 years ago apiban.php 4 years ago apilog.php 4 years ago apiplugin.php 4 years ago apiuser.php 4 years ago backup.php 4 years ago calendar.php 4 years ago city.php 4 years ago closure.php 1 month ago configapp.php 4 years ago configcldays.php 2 years ago configcron.php 4 years ago configemp.php 4 years ago configsmsapi.php 4 years ago configuration.php 1 month ago conversion.php 1 year ago country.php 4 years ago coupon.php 4 years ago coupongroup.php 4 years ago cronjob.php 2 years ago cronjoblog.php 4 years ago customer.php 4 months ago customf.php 1 year ago dashboard.php 4 years ago emplocwdays.php 4 years ago employee.php 1 year ago emprates.php 4 years ago export.php 4 years ago exportres.php 4 years ago file.php 4 months ago findreservation.php 1 month ago group.php 4 years ago import.php 4 years ago index.html 4 years ago invoice.php 1 month ago langcustomf.php 4 years ago langemployee.php 4 years ago langgroup.php 4 years ago langmedia.php 4 years ago langoption.php 4 years ago langoptiongroup.php 4 years ago langpackage.php 4 years ago langpackgroup.php 4 years ago langpayment.php 4 years ago langservice.php 4 years ago langstatuscode.php 4 years ago langsubscr.php 4 years ago langtax.php 4 years ago location.php 4 years ago mailtext.php 2 years ago makerecurrence.php 1 month ago media.php 4 years ago multiorder.php 4 years ago option.php 4 months ago optiongroup.php 4 years ago package.php 2 years ago packgroup.php 4 years ago packorder.php 1 year ago payment.php 4 years ago rate.php 4 years ago reportsemp.php 4 years ago reportsser.php 4 years ago reservation.php 1 month ago restriction.php 4 years ago review.php 4 years ago service.php 1 year ago serworkday.php 4 months ago state.php 4 years ago statuscode.php 4 years ago subscription.php 4 years ago subscrorder.php 4 years ago tag.php 4 years ago tax.php 4 years ago usernote.php 4 years ago waitinglist.php 4 years ago webhook.php 4 years ago wizard.php 1 year ago
option.php
577 lines
1 <?php
2 /**
3 * @package VikAppointments
4 * @subpackage core
5 * @author E4J s.r.l.
6 * @copyright Copyright (C) 2021 E4J s.r.l. All Rights Reserved.
7 * @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPL
8 * @link https://vikwp.com
9 */
10
11 // No direct access
12 defined('ABSPATH') or die('No script kiddies please!');
13
14 VAPLoader::import('libraries.mvc.controllers.admin');
15
16 /**
17 * VikAppointments option controller.
18 *
19 * @since 1.7
20 */
21 class VikAppointmentsControllerOption extends VAPControllerAdmin
22 {
23 /**
24 * Task used to access the creation page of a new record.
25 *
26 * @return boolean
27 */
28 public function add()
29 {
30 $app = JFactory::getApplication();
31 $user = JFactory::getUser();
32
33 $data = array();
34 $id_group = $app->input->getInt('id_group', 0);
35
36 if ($id_group > 0)
37 {
38 $data['id_group'] = $id_group;
39 }
40
41 // unset user state for being recovered again
42 $app->setUserState('vap.option.data', $data);
43
44 // check user permissions
45 if (!$user->authorise('core.create', 'com_vikappointments') || !$user->authorise('core.access.options', 'com_vikappointments'))
46 {
47 // back to main list, not authorised to create records
48 $app->enqueueMessage(JText::translate('JERROR_ALERTNOAUTHOR'), 'error');
49 $this->cancel();
50
51 return false;
52 }
53
54 $this->setRedirect('index.php?option=com_vikappointments&view=manageoption');
55
56 return true;
57 }
58
59 /**
60 * Task used to access the management page of an existing record.
61 *
62 * @return boolean
63 */
64 public function edit()
65 {
66 $app = JFactory::getApplication();
67 $user = JFactory::getUser();
68
69 // unset user state for being recovered again
70 $app->setUserState('vap.option.data', array());
71
72 // check user permissions
73 if (!$user->authorise('core.edit', 'com_vikappointments') || !$user->authorise('core.access.options', 'com_vikappointments'))
74 {
75 // back to main list, not authorised to edit records
76 $app->enqueueMessage(JText::translate('JERROR_ALERTNOAUTHOR'), 'error');
77 $this->cancel();
78
79 return false;
80 }
81
82 $cid = $app->input->getUint('cid', array(0));
83
84 $this->setRedirect('index.php?option=com_vikappointments&view=manageoption&cid[]=' . $cid[0]);
85
86 return true;
87 }
88
89 /**
90 * Task used to save the record data set in the request.
91 * After saving, the user is redirected to the main list.
92 *
93 * @return void
94 */
95 public function saveclose()
96 {
97 if ($this->save())
98 {
99 $this->cancel();
100 }
101 }
102
103 /**
104 * Task used to save the record data set in the request.
105 * After saving, the user is redirected to the creation
106 * page of a new record.
107 *
108 * @return void
109 */
110 public function savenew()
111 {
112 if ($this->save())
113 {
114 $this->setRedirect('index.php?option=com_vikappointments&task=option.add');
115 }
116 }
117
118 /**
119 * Task used to save the record data as a copy of the current item.
120 * After saving, the user is redirected to the management
121 * page of the record that has been saved.
122 *
123 * @return void
124 */
125 public function savecopy()
126 {
127 $this->save(true);
128 }
129
130 /**
131 * Task used to save the record data set in the request.
132 * After saving, the user is redirected to the management
133 * page of the record that has been saved.
134 *
135 * @param boolean $copy True to save the record as a copy.
136 *
137 * @return boolean
138 */
139 public function save($copy = false)
140 {
141 $app = JFactory::getApplication();
142 $input = $app->input;
143 $user = JFactory::getUser();
144
145 /**
146 * Added token validation.
147 *
148 * @since 1.7
149 */
150 if (!JSession::checkToken())
151 {
152 // back to main list, missing CSRF-proof token
153 $app->enqueueMessage(JText::translate('JINVALID_TOKEN'), 'error');
154 $this->cancel();
155
156 return false;
157 }
158
159 $args = array();
160 $args['name'] = $input->getString('name', '');
161 $args['description'] = JComponentHelper::filterText($input->getRaw('description', ''));
162 $args['price'] = $input->getFloat('price', 0.0);
163 $args['id_tax'] = $input->getUint('id_tax', 0);
164 $args['published'] = $input->getUint('published', 0);
165 $args['single'] = $input->getUint('single', 0);
166 $args['maxq'] = $input->getUint('maxq', 1);
167 $args['maxqpeople'] = $input->getUint('maxqpeople', 0);
168 $args['shared'] = $input->getUint('shared', 0);
169 $args['required'] = $input->getUint('required', 0);
170 $args['duration'] = $input->getUint('duration', 0);
171 $args['image'] = $input->getString('image', '');
172 $args['displaymode'] = $input->getUint('displaymode', 0);
173 $args['stock'] = $input->getUint('stock', 0);
174 $args['units'] = $input->getInt('units', 0);
175 $args['notify_below'] = $input->getUint('notify_below', 0);
176 $args['level'] = $input->getUint('level', 0);
177 $args['id_group'] = $input->getUint('id_group', 0);
178 $args['id'] = $input->getUint('id', 0);
179
180 if ($copy)
181 {
182 // unset ID to create a copy
183 $args['id'] = 0;
184 }
185
186 $rule = 'core.' . ($args['id'] > 0 ? 'edit' : 'create');
187
188 // check user permissions
189 if (!$user->authorise($rule, 'com_vikappointments') || !$user->authorise('core.access.options', 'com_vikappointments'))
190 {
191 // back to main list, not authorised to create/edit records
192 $app->enqueueMessage(JText::translate('JERROR_ALERTNOAUTHOR'), 'error');
193 $this->cancel();
194
195 return false;
196 }
197
198 /**
199 * Try to auto-create a new group before saving the option.
200 *
201 * @since 1.7
202 */
203 if ($args['id_group'] == 0 && ($group_name = $input->getString('group_name')))
204 {
205 // make sure the user is authorised
206 if ($user->authorise('core.create', 'com_vikappointments'))
207 {
208 $group = $this->getModel('optiongroup');
209
210 // attempt to save group
211 $id_group = $group->save(array('name' => $group_name));
212
213 if ($id_group)
214 {
215 // overwrite the group ID
216 $args['id_group'] = $id_group;
217 }
218 }
219 }
220
221 // get option model
222 $option = $this->getModel();
223
224 // try to save arguments
225 $id = $option->save($args);
226
227 if (!$id)
228 {
229 // get string error
230 $error = $option->getError(null, true);
231
232 // display error message
233 $app->enqueueMessage(JText::sprintf('JLIB_APPLICATION_ERROR_SAVE_FAILED', $error), 'error');
234
235 $url = 'index.php?option=com_vikappointments&view=manageoption';
236
237 if ($args['id'])
238 {
239 $url .= '&cid[]=' . $args['id'];
240 }
241
242 // redirect to new/edit page
243 $this->setRedirect($url);
244
245 return false;
246 }
247
248 // get option variation model
249 $varModel = $this->getModel('optionvar');
250
251 // delete variations only if we are not saving as copy
252 if (!$copy)
253 {
254 // load deleted variations
255 $var_deleted = $input->get('var_deleted', array(), 'uint');
256
257 // delete variations before save the other ones
258 $varModel->delete($var_deleted);
259 }
260
261 // load variations details
262 $var_json = $input->get('var_json', array(), 'array');
263
264 foreach ($var_json as $i => $json)
265 {
266 // decode the variation data
267 $src = json_decode($json, true);
268
269 if ($copy)
270 {
271 // unset ID to create a copy
272 $src['id'] = 0;
273 }
274
275 // always specify the option ID
276 $src['id_option'] = $id;
277 // set up the ordering
278 $src['ordering'] = $i + 1;
279
280 // attempt to save the variation
281 $varModel->save($src);
282 }
283
284 // display generic successful message
285 $app->enqueueMessage(JText::translate('JLIB_APPLICATION_SAVE_SUCCESS'));
286
287 // redirect to edit page
288 $this->setRedirect('index.php?option=com_vikappointments&task=option.edit&cid[]=' . $id);
289
290 return true;
291 }
292
293 /**
294 * Deletes a list of records set in the request.
295 *
296 * @return boolean
297 */
298 public function delete()
299 {
300 $app = JFactory::getApplication();
301 $user = JFactory::getUser();
302
303 /**
304 * Added token validation.
305 * Both GET and POST are supported.
306 *
307 * @since 1.7
308 */
309 if (!JSession::checkToken() && !JSession::checkToken('get'))
310 {
311 // back to main list, missing CSRF-proof token
312 $app->enqueueMessage(JText::translate('JINVALID_TOKEN'), 'error');
313 $this->cancel();
314
315 return false;
316 }
317
318 $cid = $app->input->get('cid', array(), 'uint');
319
320 // check user permissions
321 if (!$user->authorise('core.delete', 'com_vikappointments') || !$user->authorise('core.access.options', 'com_vikappointments'))
322 {
323 // back to main list, not authorised to delete records
324 $app->enqueueMessage(JText::translate('JERROR_ALERTNOAUTHOR'), 'error');
325 $this->cancel();
326
327 return false;
328 }
329
330 // delete selected records
331 $this->getModel()->delete($cid);
332
333 // back to main list
334 $this->cancel();
335
336 return true;
337 }
338
339 /**
340 * Publishes the selected records.
341 *
342 * @return boolean
343 */
344 public function publish()
345 {
346 $app = JFactory::getApplication();
347 $user = JFactory::getUser();
348
349 /**
350 * Added token validation.
351 * Both GET and POST are supported.
352 *
353 * @since 1.7
354 */
355 if (!JSession::checkToken() && !JSession::checkToken('get'))
356 {
357 // back to main list, missing CSRF-proof token
358 $app->enqueueMessage(JText::translate('JINVALID_TOKEN'), 'error');
359 $this->cancel();
360
361 return false;
362 }
363
364 $cid = $app->input->get('cid', array(), 'uint');
365 $task = $app->input->get('task', null);
366
367 $state = $task == 'unpublish' ? 0 : 1;
368
369 // check user permissions
370 if (!$user->authorise('core.edit.state', 'com_vikappointments') || !$user->authorise('core.access.options', 'com_vikappointments'))
371 {
372 // back to main list, not authorised to edit records
373 $app->enqueueMessage(JText::translate('JERROR_ALERTNOAUTHOR'), 'error');
374 $this->cancel();
375
376 return false;
377 }
378
379 // change state of selected records
380 $this->getModel()->publish($cid, $state);
381
382 // back to main list
383 $this->cancel();
384
385 return true;
386 }
387
388 /**
389 * Toggles the multi-selection status of an option.
390 *
391 * @return boolean
392 */
393 public function single()
394 {
395 $app = JFactory::getApplication();
396 $user = JFactory::getUser();
397
398 /**
399 * Added token validation.
400 * Both GET and POST are supported.
401 *
402 * @since 1.7
403 */
404 if (!JSession::checkToken() && !JSession::checkToken('get'))
405 {
406 // back to main list, missing CSRF-proof token
407 $app->enqueueMessage(JText::translate('JINVALID_TOKEN'), 'error');
408 $this->cancel();
409
410 return false;
411 }
412
413 $cid = $app->input->get('cid', array(), 'uint');
414 $task = $app->input->get('task', null);
415
416 $state = $app->input->get('state', 0, 'uint');
417
418 // check user permissions
419 if (!$user->authorise('core.edit.state', 'com_vikappointments') || !$user->authorise('core.access.options', 'com_vikappointments'))
420 {
421 // back to main list, not authorised to edit records
422 $app->enqueueMessage(JText::translate('JERROR_ALERTNOAUTHOR'), 'error');
423 $this->cancel();
424
425 return false;
426 }
427
428 // change state of selected records
429 $this->getModel()->publish($cid, $state, 'single');
430
431 // back to main list
432 $this->cancel();
433
434 return true;
435 }
436
437 /**
438 * Toggles the required/optional status of an option.
439 *
440 * @return boolean
441 */
442 public function required()
443 {
444 $app = JFactory::getApplication();
445 $user = JFactory::getUser();
446
447 /**
448 * Added token validation.
449 * Both GET and POST are supported.
450 *
451 * @since 1.7
452 */
453 if (!JSession::checkToken() && !JSession::checkToken('get'))
454 {
455 // back to main list, missing CSRF-proof token
456 $app->enqueueMessage(JText::translate('JINVALID_TOKEN'), 'error');
457 $this->cancel();
458
459 return false;
460 }
461
462 $cid = $app->input->get('cid', array(), 'uint');
463 $task = $app->input->get('task', null);
464
465 $state = $app->input->get('state', 0, 'uint');
466
467 // check user permissions
468 if (!$user->authorise('core.edit.state', 'com_vikappointments') || !$user->authorise('core.access.options', 'com_vikappointments'))
469 {
470 // back to main list, not authorised to edit records
471 $app->enqueueMessage(JText::translate('JERROR_ALERTNOAUTHOR'), 'error');
472 $this->cancel();
473
474 return false;
475 }
476
477 // change state of selected records
478 $this->getModel()->publish($cid, $state, 'required');
479
480 // back to main list
481 $this->cancel();
482
483 return true;
484 }
485
486 /**
487 * Redirects the users to the main records list.
488 *
489 * @return void
490 */
491 public function cancel()
492 {
493 $this->setRedirect('index.php?option=com_vikappointments&view=options');
494 }
495
496 /**
497 * AJAX end-point used to load the option details.
498 * The task expects the following parameters to be set in request.
499 *
500 * @param integer id_opt The option ID.
501 *
502 * @return void
503 */
504 public function detailsajax()
505 {
506 $input = JFactory::getApplication()->input;
507
508 /**
509 * Added token validation.
510 *
511 * @since 1.7
512 */
513 if (!JSession::checkToken())
514 {
515 // missing CSRF-proof token
516 UIErrorFactory::raiseError(403, JText::translate('JINVALID_TOKEN'));
517 }
518
519 $id = $input->getUint('id_opt', 0);
520
521 // get option model
522 $model = $this->getModel();
523 // attempt to load option
524 $option = $model->getItem($id);
525
526 if (!$option)
527 {
528 // option not found, raise error
529 UIErrorFactory::raiseError(404, JText::translate('JGLOBAL_NO_MATCHING_RESULTS'));
530 }
531
532 // send option to caller
533 $this->sendJSON($option);
534 }
535
536 /**
537 * Checks whether there are enough units in stock for the specified option.
538 *
539 * @return void
540 *
541 * @since 1.7.7
542 */
543 public function checkstock()
544 {
545 $app = JFactory::getApplication();
546
547 if (!JSession::checkToken())
548 {
549 // missing CSRF-proof token
550 UIErrorFactory::raiseError(403, JText::translate('JINVALID_TOKEN'));
551 }
552
553 $idOption = $app->input->getUint('id_option', 0);
554 $idVariation = $app->input->getUint('id_variation', 0);
555 $idIndex = $app->input->getUint('index', 0);
556 $units = max(1, $app->input->getUint('units', 1));
557
558 // calculate remaining number of units
559 $remainingUnits = $this->getModel()->getStock($idOption, $idVariation, $idIndex);
560
561 if ($remainingUnits === false)
562 {
563 // stock unused for this option
564 $app->close();
565 }
566
567 if (($remainingUnits - $units) < 0)
568 {
569 // units not available, raise error
570 UIErrorFactory::raiseError(400, JText::plural('VAP_OPTION_STOCK_N_ERR', $remainingUnits));
571 }
572
573 // units available
574 $app->close();
575 }
576 }
577