PluginProbe ʕ •ᴥ•ʔ
VikAppointments Services Booking Calendar / trunk
VikAppointments Services Booking Calendar vtrunk
trunk 1.2.17 1.2.18 1.2.19
vikappointments / admin / controllers / state.php
vikappointments / admin / controllers Last commit date
analytics.php 4 years ago apiban.php 4 years ago apilog.php 4 years ago apiplugin.php 4 years ago apiuser.php 4 years ago backup.php 4 years ago calendar.php 4 years ago city.php 4 years ago closure.php 1 month ago configapp.php 4 years ago configcldays.php 2 years ago configcron.php 4 years ago configemp.php 4 years ago configsmsapi.php 4 years ago configuration.php 1 month ago conversion.php 1 year ago country.php 4 years ago coupon.php 4 years ago coupongroup.php 4 years ago cronjob.php 2 years ago cronjoblog.php 4 years ago customer.php 4 months ago customf.php 1 year ago dashboard.php 4 years ago emplocwdays.php 4 years ago employee.php 1 year ago emprates.php 4 years ago export.php 4 years ago exportres.php 4 years ago file.php 4 months ago findreservation.php 1 month ago group.php 4 years ago import.php 4 years ago index.html 4 years ago invoice.php 1 month ago langcustomf.php 4 years ago langemployee.php 4 years ago langgroup.php 4 years ago langmedia.php 4 years ago langoption.php 4 years ago langoptiongroup.php 4 years ago langpackage.php 4 years ago langpackgroup.php 4 years ago langpayment.php 4 years ago langservice.php 4 years ago langstatuscode.php 4 years ago langsubscr.php 4 years ago langtax.php 4 years ago location.php 4 years ago mailtext.php 2 years ago makerecurrence.php 1 month ago media.php 4 years ago multiorder.php 4 years ago option.php 4 months ago optiongroup.php 4 years ago package.php 2 years ago packgroup.php 4 years ago packorder.php 1 year ago payment.php 4 years ago rate.php 4 years ago reportsemp.php 4 years ago reportsser.php 4 years ago reservation.php 1 month ago restriction.php 4 years ago review.php 4 years ago service.php 1 year ago serworkday.php 4 months ago state.php 4 years ago statuscode.php 4 years ago subscription.php 4 years ago subscrorder.php 4 years ago tag.php 4 years ago tax.php 4 years ago usernote.php 4 years ago waitinglist.php 4 years ago webhook.php 4 years ago wizard.php 1 year ago
state.php
384 lines
1 <?php
2 /**
3 * @package VikAppointments
4 * @subpackage core
5 * @author E4J s.r.l.
6 * @copyright Copyright (C) 2021 E4J s.r.l. All Rights Reserved.
7 * @license http://www.gnu.org/licenses/gpl-2.0.html GNU/GPL
8 * @link https://vikwp.com
9 */
10
11 // No direct access
12 defined('ABSPATH') or die('No script kiddies please!');
13
14 VAPLoader::import('libraries.mvc.controllers.admin');
15
16 /**
17 * VikAppointments state controller.
18 *
19 * @since 1.7
20 */
21 class VikAppointmentsControllerState extends VAPControllerAdmin
22 {
23 /**
24 * Task used to access the creation page of a new record.
25 *
26 * @return boolean
27 */
28 public function add()
29 {
30 $app = JFactory::getApplication();
31 $user = JFactory::getUser();
32
33 // unset user state for being recovered again
34 $app->setUserState('vap.state.data', array());
35
36 // check user permissions
37 if (!$user->authorise('core.create', 'com_vikappointments') || !$user->authorise('core.access.countries', 'com_vikappointments'))
38 {
39 // back to main list, not authorised to create records
40 $app->enqueueMessage(JText::translate('JERROR_ALERTNOAUTHOR'), 'error');
41 $this->cancel();
42
43 return false;
44 }
45
46 $id_country = $app->input->get('id_country', 0, 'uint');
47
48 $url = 'index.php?option=com_vikappointments&view=managestate&id_country=' . $id_country;
49
50 if ($tmpl = $app->input->get('tmpl'))
51 {
52 // propagate specified tmpl
53 $url .= '&tmpl=' . $tmpl;
54 }
55
56 $this->setRedirect($url);
57
58 return true;
59 }
60
61 /**
62 * Task used to access the management page of an existing record.
63 *
64 * @return boolean
65 */
66 public function edit()
67 {
68 $app = JFactory::getApplication();
69 $user = JFactory::getUser();
70
71 // unset user state for being recovered again
72 $app->setUserState('vap.state.data', array());
73
74 // check user permissions
75 if (!$user->authorise('core.edit', 'com_vikappointments') || !$user->authorise('core.access.countries', 'com_vikappointments'))
76 {
77 // back to main list, not authorised to edit records
78 $app->enqueueMessage(JText::translate('JERROR_ALERTNOAUTHOR'), 'error');
79 $this->cancel();
80
81 return false;
82 }
83
84 $cid = $app->input->getUint('cid', array(0));
85
86 $url = 'index.php?option=com_vikappointments&view=managestate&cid[]=' . $cid[0];
87
88 if ($tmpl = $app->input->get('tmpl'))
89 {
90 // propagate specified tmpl
91 $url .= '&tmpl=' . $tmpl;
92 }
93
94 $this->setRedirect($url);
95
96 return true;
97 }
98
99 /**
100 * Task used to save the record data set in the request.
101 * After saving, the user is redirected to the main list.
102 *
103 * @return void
104 */
105 public function saveclose()
106 {
107 if ($this->save())
108 {
109 $this->cancel();
110 }
111 }
112
113 /**
114 * Task used to save the record data set in the request.
115 * After saving, the user is redirected to the creation
116 * page of a new record.
117 *
118 * @return void
119 */
120 public function savenew()
121 {
122 if ($this->save())
123 {
124 $app = JFactory::getApplication();
125
126 $id_country = $app->input->get('id_country', 0, 'uint');
127
128 $this->setRedirect('index.php?option=com_vikappointments&task=state.add&id_country=' . $id_country);
129 }
130 }
131
132 /**
133 * Task used to save the record data set in the request.
134 * After saving, the user is redirected to the management
135 * page of the record that has been saved.
136 *
137 * @param boolean $copy True to save the record as a copy.
138 *
139 * @return boolean
140 */
141 public function save($copy = false)
142 {
143 $app = JFactory::getApplication();
144 $input = $app->input;
145 $user = JFactory::getUser();
146
147 /**
148 * Added token validation.
149 *
150 * @since 1.7
151 */
152 if (!JSession::checkToken())
153 {
154 // back to main list, missing CSRF-proof token
155 $app->enqueueMessage(JText::translate('JINVALID_TOKEN'), 'error');
156 $this->cancel();
157
158 return false;
159 }
160
161 $args = array();
162 $args['state_name'] = $input->getString('state_name');
163 $args['state_2_code'] = $input->getString('state_2_code');
164 $args['state_3_code'] = $input->getString('state_3_code');
165 $args['published'] = $input->getUint('published', 0);
166 $args['id_country'] = $input->getUint('id_country', 0);
167 $args['id'] = $input->getUint('id', 0);
168
169 $rule = 'core.' . ($args['id'] > 0 ? 'edit' : 'create');
170
171 // check user permissions
172 if (!$user->authorise($rule, 'com_vikappointments') || !$user->authorise('core.access.countries', 'com_vikappointments'))
173 {
174 // back to main list, not authorised to create/edit records
175 $app->enqueueMessage(JText::translate('JERROR_ALERTNOAUTHOR'), 'error');
176 $this->cancel();
177
178 return false;
179 }
180
181 $tmpl = $input->get('tmpl');
182
183 // get state model
184 $state = $this->getModel();
185
186 // try to save arguments
187 $id = $state->save($args);
188
189 if (!$id)
190 {
191 // get string error
192 $error = $state->getError(null, true);
193
194 // display error message
195 $app->enqueueMessage(JText::sprintf('JLIB_APPLICATION_ERROR_SAVE_FAILED', $error), 'error');
196
197 $url = 'index.php?option=com_vikappointments&view=managestate';
198
199 if ($args['id'])
200 {
201 $url .= '&cid[]=' . $args['id'];
202 }
203 else
204 {
205 $url .= '&id_country=' . $args['id_country'];
206 }
207
208 if ($tmpl)
209 {
210 // propagate specified tmpl
211 $url .= '&tmpl=' . $tmpl;
212 }
213
214 // redirect to new/edit page
215 $this->setRedirect($url);
216
217 return false;
218 }
219
220 $url = 'index.php?option=com_vikappointments&task=state.edit&cid[]=' . $id;
221
222 if ($tmpl)
223 {
224 // propagate specified tmpl
225 $url .= '&tmpl=' . $tmpl;
226 }
227
228 // display generic successful message
229 $app->enqueueMessage(JText::translate('JLIB_APPLICATION_SAVE_SUCCESS'));
230
231 // redirect to edit page
232 $this->setRedirect($url);
233
234 return true;
235 }
236
237 /**
238 * Deletes a list of records set in the request.
239 *
240 * @return boolean
241 */
242 public function delete()
243 {
244 $app = JFactory::getApplication();
245 $user = JFactory::getUser();
246
247 /**
248 * Added token validation.
249 * Both GET and POST are supported.
250 *
251 * @since 1.7
252 */
253 if (!JSession::checkToken() && !JSession::checkToken('get'))
254 {
255 // back to main list, missing CSRF-proof token
256 $app->enqueueMessage(JText::translate('JINVALID_TOKEN'), 'error');
257 $this->cancel();
258
259 return false;
260 }
261
262 $cid = $app->input->get('cid', array(), 'uint');
263
264 // check user permissions
265 if (!$user->authorise('core.delete', 'com_vikappointments') || !$user->authorise('core.access.countries', 'com_vikappointments'))
266 {
267 // back to main list, not authorised to delete records
268 $app->enqueueMessage(JText::translate('JERROR_ALERTNOAUTHOR'), 'error');
269 $this->cancel();
270
271 return false;
272 }
273
274 // delete selected records
275 $this->getModel()->delete($cid);
276
277 // back to main list
278 $this->cancel();
279
280 return true;
281 }
282
283 /**
284 * Publishes the selected records.
285 *
286 * @return boolean
287 */
288 public function publish()
289 {
290 $app = JFactory::getApplication();
291 $user = JFactory::getUser();
292
293 /**
294 * Added token validation.
295 * Both GET and POST are supported.
296 *
297 * @since 1.7
298 */
299 if (!JSession::checkToken() && !JSession::checkToken('get'))
300 {
301 // back to main list, missing CSRF-proof token
302 $app->enqueueMessage(JText::translate('JINVALID_TOKEN'), 'error');
303 $this->cancel();
304
305 return false;
306 }
307
308 $cid = $app->input->get('cid', array(), 'uint');
309 $task = $app->input->get('task', null);
310
311 $state = $task == 'unpublish' ? 0 : 1;
312
313 // check user permissions
314 if (!$user->authorise('core.edit.state', 'com_vikappointments') || !$user->authorise('core.access.countries', 'com_vikappointments'))
315 {
316 // back to main list, not authorised to edit records
317 $app->enqueueMessage(JText::translate('JERROR_ALERTNOAUTHOR'), 'error');
318 $this->cancel();
319
320 return false;
321 }
322
323 // change state of selected records
324 $this->getModel()->publish($cid, $state);
325
326 // back to main list
327 $this->cancel();
328
329 return true;
330 }
331
332 /**
333 * Redirects the users to the main records list.
334 *
335 * @return void
336 */
337 public function cancel()
338 {
339 $input = JFactory::getApplication()->input;
340
341 $id_country = $input->get('id_country', 0, 'uint');
342
343 $url = 'index.php?option=com_vikappointments&view=states&id_country=' . $id_country;
344
345 if ($tmpl = $input->get('tmpl'))
346 {
347 // propagate specified tmpl
348 $url .= '&tmpl=' . $tmpl;
349 }
350
351 $this->setRedirect($url);
352 }
353
354 /**
355 * AJAX end-point used to obtain all the cities assigned to the given state.
356 * The task expects the following parameters to be set in request.
357 *
358 * @param integer id_state The state ID.
359 *
360 * @return void
361 */
362 function citiesajax()
363 {
364 $input = JFactory::getApplication()->input;
365
366 /**
367 * Added token validation.
368 *
369 * @since 1.7
370 */
371 if (!JSession::checkToken())
372 {
373 // missing CSRF-proof token
374 UIErrorFactory::raiseError(403, JText::translate('JINVALID_TOKEN'));
375 }
376
377 $id_state = $input->getUint('id_state', 0);
378 $cities = VAPLocations::getCities($id_state, 'city_name');
379
380 // send cities to caller
381 $this->sendJSON($cities);
382 }
383 }
384