diff --git a/admin_language/en-GB/en-GB.com_tjfields.ini b/admin_language/en-GB/en-GB.com_tjfields.ini index ce7d994c..09560a56 100755 --- a/admin_language/en-GB/en-GB.com_tjfields.ini +++ b/admin_language/en-GB/en-GB.com_tjfields.ini @@ -517,3 +517,4 @@ COM_TJFIELDS_PERMISSION_VIEW_OWN_FIELD_VALUE_DESC="Users in the group to view ow COM_TJFIELDS_FORM_OPTIONS_NAME_LABEL="Text" COM_TJFIELDS_FORM_OPTIONS_VALUE_LABEL="Value" COM_TJFIELDS_FORM_OPTIONS_OPTIONID_LABEL="Option Id" +COM_TJFIELDS_FILE_DELETE_SUCCESS="File deleted successfully." diff --git a/administrator/assets/js/tjfields.js b/administrator/assets/js/tjfields.js index 29feafa7..21ff6104 100644 --- a/administrator/assets/js/tjfields.js +++ b/administrator/assets/js/tjfields.js @@ -13,7 +13,7 @@ jQuery(document).ready(function(){ } jQuery.ajax({ - url: Joomla.getOptions('system.paths').base + "/index.php?option=com_tjfields&task=fields.deleteFile&format=json", + url: Joomla.getOptions('system.paths').base + "/index.php?option=com_tjfields&task=fields.deleteFile&format=json&" + Joomla.getOptions('csrf.token') + '=1', type: 'POST', data:{ fileName: fileName, diff --git a/administrator/controller.php b/administrator/controller.php index ce1434f8..f0c531de 100755 --- a/administrator/controller.php +++ b/administrator/controller.php @@ -9,14 +9,38 @@ // No direct access defined('_JEXEC') or die; +use Joomla\CMS\Table\Table; +use Joomla\CMS\Factory; +use Joomla\CMS\MVC\Model\BaseDatabaseModel; +use Joomla\CMS\Language\Text; +use Joomla\CMS\MVC\Controller\BaseController; +use Joomla\CMS\Uri\Uri; /** * TJ Fields Controller * * @since 2.5 */ -class TjfieldsController extends JControllerLegacy +class TjfieldsController extends BaseController { + /** + * The return URL. + * + * @var mixed + */ + protected $returnURL; + + /** + * Constructor + * + */ + public function __construct() + { + $this->returnURL = Uri::base(); + + parent::__construct(); + } + /** * Method to display a view. * @@ -31,11 +55,96 @@ public function display($cachable = false, $urlparams = false) { require_once JPATH_COMPONENT . '/helpers/tjfields.php'; - $view = JFactory::getApplication()->input->getCmd('view', 'fields'); - JFactory::getApplication()->input->set('view', $view); + $view = Factory::getApplication()->input->getCmd('view', 'fields'); + Factory::getApplication()->input->set('view', $view); parent::display($cachable, $urlparams); return $this; } + + /** + * Fuction to get download media file + * + * @return object + */ + public function getMediaFile() + { + (JSession::checkToken() or JSession::checkToken('get')) or jexit(JText::_('JINVALID_TOKEN')); + JLoader::import("/techjoomla/media/storage/local", JPATH_LIBRARIES); + $app = Factory::getApplication(); + $jinput = $app->input; + $mediaLocal = TJMediaStorageLocal::getInstance(); + + // Here, fpht means file encoded name + $encodedFileName = $jinput->get('fpht', '', 'STRING'); + $decodedFileName = base64_decode($encodedFileName); + + // Subform File field Id for checking authorization for specific field under subform + $subformFileFieldId = $jinput->get('subFormFileFieldId', '', 'INT'); + + // Get media storage path + JLoader::import('components.com_tjfields.models.fields', JPATH_SITE); + $fieldsModel = BaseDatabaseModel::getInstance('Fields', 'TjfieldsModel', array('ignore_request' => true)); + $data = $fieldsModel->getMediaStoragePath($jinput->get('id', '', 'INT'), $subformFileFieldId); + + if ($data->tjFieldFieldTable->type == "file") + { + $extraFieldParams = json_decode($data->tjFieldFieldTable->params); + $storagePath = $extraFieldParams->uploadpath; + $decodedPath = $storagePath . '/' . $decodedFileName; + } + else + { + $fieldType = $data->tjFieldFieldTable->type; + $decodedPath = JPATH_SITE . '/' . $fieldType . 's/tjmedia/' . str_replace(".", "/", $data->tjFieldFieldTable->client) . '/' . $decodedFileName; + } + + if ($data->tjFieldFieldTable->fieldValueId) + { + $user = Factory::getUser(); + + if ($subformFileFieldId) + { + $canView = $user->authorise('core.field.viewfieldvalue', 'com_tjfields.field.' . $subformFileFieldId); + } + else + { + $canView = $user->authorise('core.field.viewfieldvalue', 'com_tjfields.field.' . $data->tjFieldFieldTable->field_id); + } + + $canDownload = 0; + + // Allow to view own data + if ($data->tjFieldFieldTable->user_id != null && ($user->id == $data->tjFieldFieldTable->user_id)) + { + $canDownload = true; + } + + if ($canView || $canDownload) + { + $down_status = $mediaLocal->downloadMedia($decodedPath, '', '', 0); + + if ($down_status === 2) + { + $app->enqueueMessage(Text::_('COM_TJFIELDS_FILE_NOT_FOUND'), 'error'); + $app->redirect($this->returnURL); + } + + return; + } + else + { + $app->enqueueMessage(Text::_('JERROR_ALERTNOAUTHOR'), 'error'); + $app->redirect($this->returnURL); + } + } + else + { + $app->enqueueMessage(Text::_('JERROR_ALERTNOAUTHOR'), 'error'); + $app->redirect($this->returnURL); + } + + jexit(); + } } diff --git a/administrator/controllers/fields.json.php b/administrator/controllers/fields.json.php index 60cb5a02..6964211b 100644 --- a/administrator/controllers/fields.json.php +++ b/administrator/controllers/fields.json.php @@ -12,6 +12,11 @@ jimport('joomla.filesystem.file'); use Joomla\CMS\MVC\Controller\FormController; +use Joomla\CMS\MVC\Model\BaseDatabaseModel; +use Joomla\CMS\Language\Text; +use Joomla\CMS\Response\JsonResponse; +use Joomla\CMS\Session\Session; +use Joomla\CMS\Factory; /** * Item controller class. @@ -31,29 +36,36 @@ class TjfieldsControllerFields extends FormController public function deleteFile() { // Check for request forgeries. - JSession::checkToken() or jexit(JText::_('JINVALID_TOKEN')); - $app = JFactory::getApplication(); + Session::checkToken('get') or Session::checkToken() or jexit(Text::_('JINVALID_TOKEN')); + $app = Factory::getApplication(); $jinput = $app->input; $data = array(); - - // Here, fpht means file encoded path - $data['filePath'] = base64_decode($jinput->get('filePath', '', 'BASE64')); + $data['fileName'] = base64_decode($jinput->get('fileName', '', 'BASE64')); $data['valueId'] = base64_decode($jinput->get('valueId', '', 'BASE64')); $data['subformFileFieldId'] = $jinput->get('subformFileFieldId'); $data['isSubformField'] = $jinput->get('isSubformField'); - $data['client'] = $jinput->get('client', '', 'STRING'); - $client = explode('.', $data['client']); + // Get media storage path + JLoader::import('components.com_tjfields.models.fields', JPATH_SITE); + $fieldsModel = BaseDatabaseModel::getInstance('Fields', 'TjfieldsModel', array('ignore_request' => true)); + $fieldData = $fieldsModel->getMediaStoragePath($data['valueId'], $data['subformFileFieldId']); + + $tjFieldFieldTableParamData = json_decode($fieldData->tjFieldFieldTable->params); + $client = $fieldData->tjFieldFieldTable->client; + $type = $fieldData->tjFieldFieldTable->type; + $uploadPath = isset($tjFieldFieldTableParamData->uploadpath) ? $tjFieldFieldTableParamData->uploadpath : ''; + $data['storagePath'] = ($uploadPath != '') ? $uploadPath : JPATH_SITE . '/' . $type . 's/tjmedia/' . str_replace(".", "/", $client . '/'); + $data['storagePath'] = str_replace('/', DIRECTORY_SEPARATOR, $data['storagePath']); + $data['client'] = $client; - $data['storagePath'] = '/media/' . $client[0] . '/' . $client[1]; require_once JPATH_ADMINISTRATOR . '/components/com_tjfields/helpers/tjfields.php'; $tjFieldsHelper = new TjfieldsHelper; $returnValue = $tjFieldsHelper->deleteFile($data); - $msg = $returnValue ? JText::_('COM_TJFIELDS_FILE_DELETE_SUCCESS') : JText::_('COM_TJFIELDS_FILE_DELETE_ERROR'); + $msg = $returnValue ? Text::_('COM_TJFIELDS_FILE_DELETE_SUCCESS') : Text::_('COM_TJFIELDS_FILE_DELETE_ERROR'); - echo new JResponseJson($returnValue, $msg); + echo new JsonResponse($returnValue, $msg); } /** @@ -66,9 +78,9 @@ public function deleteFile() public function getFields() { // Check for request forgeries. - (JSession::checkToken() or JSession::checkToken('get')) or jexit(JText::_('JINVALID_TOKEN')); + (Session::checkToken() or Session::checkToken('get')) or jexit(Text::_('JINVALID_TOKEN')); - $app = JFactory::getApplication('administrator'); + $app = Factory::getApplication('administrator'); $client = $app->input->get('client', '', 'STRING'); $fieldsModel = parent::getModel("Fields", "TjfieldsModel", array('ignore_request' => true)); @@ -82,6 +94,6 @@ public function getFields() $result = $fieldsModel->getItems(); - echo new JResponseJson($result); + echo new JsonResponse($result); } } diff --git a/administrator/helpers/tjfields.php b/administrator/helpers/tjfields.php index 5abdc72d..65349f08 100755 --- a/administrator/helpers/tjfields.php +++ b/administrator/helpers/tjfields.php @@ -12,6 +12,12 @@ // No direct access defined('_JEXEC') or die; use Joomla\String\StringHelper; +use Joomla\CMS\Helper\ContentHelper; +use Joomla\CMS\Factory; +use Joomla\CMS\Filesystem\Path; +use Joomla\CMS\Filesystem\File; +use Joomla\CMS\Language\Text; +use Joomla\CMS\Table\Table; /** * Helper class for tjfields @@ -20,7 +26,7 @@ * @subpackage com_tjfields * @since 2.2 */ -class TjfieldsHelper extends JHelperContent +class TjfieldsHelper extends ContentHelper { /** * Configure the Linkbar. @@ -31,14 +37,14 @@ class TjfieldsHelper extends JHelperContent */ public static function addSubmenu($view = '') { - $input = JFactory::getApplication()->input; + $input = Factory::getApplication()->input; $full_client = $input->get('client', '', 'STRING'); $full_client = explode('.', $full_client); // Eg com_jticketing $component = $full_client[0]; $eName = str_replace('com_', '', $component); - $file = JPath::clean(JPATH_ADMINISTRATOR . '/components/' . $component . '/helpers/' . $eName . '.php'); + $file = Path::clean(JPATH_ADMINISTRATOR . '/components/' . $component . '/helpers/' . $eName . '.php'); if (file_exists($file)) { @@ -51,12 +57,12 @@ public static function addSubmenu($view = '') { if (is_callable(array($cName, 'addSubmenu'))) { - $lang = JFactory::getLanguage(); + $lang = Factory::getLanguage(); // Loading language file from the administrator/language directory then // Loading language file from the administrator/components/*extension*/language directory $lang->load($component, JPATH_BASE, null, false, false) - || $lang->load($component, JPath::clean(JPATH_ADMINISTRATOR . '/components/' . $component), null, false, false) + || $lang->load($component, Path::clean(JPATH_ADMINISTRATOR . '/components/' . $component), null, false, false) || $lang->load($component, JPATH_BASE, $lang->getDefault(), false, false) || $lang->load($component, JPath::clean(JPATH_ADMINISTRATOR . '/components/' . $component), $lang->getDefault(), false, false); @@ -95,7 +101,7 @@ public static function getActions($component = 'com_tjfields', $section = '', $i */ public function checkIfUniqueName($data_unique_name) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select('count(name) FROM #__tjfields_fields'); $query->where('name="' . $data_unique_name . '"'); @@ -115,8 +121,8 @@ public function checkIfUniqueName($data_unique_name) */ public function changeNameIfNotUnique($data_same_name,$id) { - $app = JFactory::getApplication(); - $db = JFactory::getDbo(); + $app = Factory::getApplication(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->update('#__tjfields_fields'); $query->set('name="' . $data_same_name . '-' . $id . '"'); @@ -145,14 +151,14 @@ public function changeNameIfNotUnique($data_same_name,$id) public function generateXml($data) { $client = $data['client']; - $input = JFactory::getApplication()->input; + $input = Factory::getApplication()->input; $client = explode(".", $client); $extension = $client[0]; if (!empty($extension)) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = "SELECT DISTINCT id as category_id FROM #__categories where extension='" . $extension . "'"; $db->setQuery($query); @@ -160,7 +166,7 @@ public function generateXml($data) } // For unmapped categorys - start - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = 'SELECT f.*,g.name as group_name FROM #__tjfields_fields as f LEFT JOIN #__tjfields_groups as g @@ -186,14 +192,14 @@ public function generateXml($data) $extension . '/models/forms/' . $data['client_type'] . '_extra.xml'; - if (JFile::exists($filePathFrontend)) + if (File::exists($filePathFrontend)) { - JFile::delete($filePathFrontend); + File::delete($filePathFrontend); } - if (JFile::exists($filePathBackend)) + if (File::exists($filePathBackend)) { - JFile::delete($filePathBackend); + File::delete($filePathBackend); } } @@ -203,7 +209,7 @@ public function generateXml($data) foreach ($categorys as $category) { // Join - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = 'SELECT f.*,g.name as group_name FROM #__tjfields_fields as f LEFT JOIN #__tjfields_groups as g @@ -362,7 +368,7 @@ public function createXml($data, $fields, $category = null) if ($fieldAttribute->multiple != 'true' && !$fieldAttribute->multiple) { // Set Default blank Option - $option = $field->addChild('option', '- ' . JText::_('COM_TJFIELDS_SELECT_OPTION') . " " . $f->label . ' -'); + $option = $field->addChild('option', '- ' . Text::_('COM_TJFIELDS_SELECT_OPTION') . " " . $f->label . ' -'); $option->addAttribute('value', ''); } } @@ -375,9 +381,9 @@ public function createXml($data, $fields, $category = null) } } - if (!JFile::exists($filePathFrontend)) + if (!File::exists($filePathFrontend)) { - JFile::write($filePathFrontend, $content); + File::write($filePathFrontend, $content); } // ->asXML(); @@ -385,9 +391,9 @@ public function createXml($data, $fields, $category = null) $content = ''; - if (!JFile::exists($filePathBackend)) + if (!File::exists($filePathBackend)) { - JFile::write($filePathBackend, $content); + File::write($filePathBackend, $content); } // ->asXML(); @@ -396,14 +402,14 @@ public function createXml($data, $fields, $category = null) else { // Delete xml if no field present - if (JFile::exists($filePathFrontend)) + if (File::exists($filePathFrontend)) { - JFile::delete($filePathFrontend); + File::delete($filePathFrontend); } - if (JFile::exists($filePathBackend)) + if (File::exists($filePathBackend)) { - JFile::delete($filePathBackend); + File::delete($filePathBackend); } } } @@ -443,7 +449,7 @@ public function getOptionData($data) */ public function getFieldCategoryMapping($field_id) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select('category_id'); $query->from('#__tjfields_category_mapping AS cm'); @@ -463,7 +469,7 @@ public function getFieldCategoryMapping($field_id) */ public function getOptions($field_id) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select('id,options,value FROM #__tjfields_options'); $query->where('field_id=' . $field_id); @@ -506,7 +512,7 @@ public function getJsArray($jsarray) */ public static function getLanguageConstant() { - JText::script('COM_TJFIELDS_LABEL_WHITESPACES_NOT_ALLOWED'); + Text::script('COM_TJFIELDS_LABEL_WHITESPACES_NOT_ALLOWED'); } /** @@ -520,58 +526,38 @@ public static function getLanguageConstant() */ public function deleteFile($data) { - $user = JFactory::getUser(); + $user = Factory::getUser(); if (!$user->id) { return false; } - JTable::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_tjfields/tables'); - $fieldsValueTable = JTable::getInstance('Fieldsvalue', 'TjfieldsTable'); - - $fieldsValueTable->load(array('id' => $data['valueId'])); + Table::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_tjfields/tables'); + $fieldValueTable = Table::getInstance('Fieldsvalue', 'TjfieldsTable'); + $fieldValueTable->load(array('id' => $data['valueId'])); $subData = new stdClass; $fieldId = 0; if ($data['isSubformField'] == 1) { - $subData = json_decode($fieldsValueTable->value); - - foreach ($subData as $value) - { - $subformData = (array) $value; - - if (in_array($data['filePath'], $subformData)) - { - $fileUser = $fieldsValueTable->user_id; - } - } - - // Check for file field is of subform or ucmsubform - if ($data['subformFileFieldId']) - { - $fieldId = $data['subformFileFieldId']; - } - else - { - $fieldId = $fieldsValueTable->field_id; - } + $fileUser = $fieldValueTable->user_id; + $fieldId = $fieldValueTable->field_id; } else { - if ($data['filePath'] === $fieldsValueTable->value) + if ($data['fileName'] === $fieldValueTable->value) { - $fileUser = $fieldsValueTable->user_id; - $fieldId = $fieldsValueTable->field_id; + $fileUser = $fieldValueTable->user_id; + $fieldId = $fieldValueTable->field_id; } } - $fileExtension = StringHelper::strtolower(StringHelper::substr(strrchr($data['filePath'], "."), 1)); + $file_extension = strtolower(substr(strrchr($data['fileName'], "."), 1)); $localGetMime = TJMediaStorageLocal::getInstance(); - $ctype = $localGetMime->getMime($fileExtension); + $ctype = $localGetMime->getMime($file_extension); if (!empty($fileUser)) { @@ -586,68 +572,31 @@ public function deleteFile($data) if ($type[0] === 'image') { $deleteData = array(); - $deleteData[] = JPATH_ROOT . $data['storagePath'] . '/' . $type[0] . '/' . $data['filePath']; - - $deleteData[] = JPATH_ROOT . $data['storagePath'] . '/' . $type[0] . '/S_' . $data['filePath']; - $deleteData[] = JPATH_ROOT . $data['storagePath'] . '/' . $type[0] . '/M_' . $data['filePath']; - $deleteData[] = JPATH_ROOT . $data['storagePath'] . '/' . $type[0] . '/L_' . $data['filePath']; + $deleteData[] = $data['storagePath'] . '/' . $data['fileName']; + $deleteData[] = $data['storagePath'] . '/S_' . $data['fileName']; + $deleteData[] = $data['storagePath'] . '/M_' . $data['fileName']; + $deleteData[] = $data['storagePath'] . '/L_' . $data['fileName']; foreach ($deleteData as $image) { - if (JFile::exists($image)) + if (File::exists($image)) { - JFile::delete($image); + if (!File::delete($image)) + { + return false; + } } } - - $deleted = 1; } else { - if (!JFile::delete(JPATH_ROOT . $data['storagePath'] . '/' . $type[0] . '/' . $data['filePath'])) + if (!File::delete($data['storagePath'] . '/' . $data['fileName'])) { return false; } - else - { - $deleted = 1; - } - } - - if ($deleted == 1) - { - $db = JFactory::getDbo(); - $fields_obj = new stdClass; - - // Making value object if the field is under subform form subfrom - if ($data['isSubformField'] == 1) - { - foreach ($subData as $subformName => $value) - { - foreach ($value as $k => $v) - { - // Finding the particular index and making it null - if ($v === $data['filePath']) - { - $subData->$subformName->$k = ''; - } - } - } - - $fields_obj->value = json_encode($subData); - } - else - { - $fields_obj->value = ''; - } - - $fields_obj->id = $fieldsValueTable->id; - $db->updateObject('#__tjfields_fields_value', $fields_obj, 'id'); - - return true; } - return false; + return $fieldValueTable->delete(); } return false; diff --git a/administrator/models/fields/ucmsubform.php b/administrator/models/fields/ucmsubform.php index 843a4aa0..5dc228a2 100644 --- a/administrator/models/fields/ucmsubform.php +++ b/administrator/models/fields/ucmsubform.php @@ -11,8 +11,7 @@ jimport('joomla.filesystem.path'); - -JLoader::register('JFormFieldSubform', JPATH_BASE . '/libraries/joomla/form/fields/subform.php'); +JLoader::register('JFormFieldSubform', JPATH_SITE . '/libraries/joomla/form/fields/subform.php'); /** * The Field to load the form inside current form diff --git a/site/controller.php b/site/controller.php index 6c3429c1..f8935c50 100644 --- a/site/controller.php +++ b/site/controller.php @@ -53,6 +53,7 @@ public function __construct() */ public function getMediaFile() { + (JSession::checkToken() or JSession::checkToken('get')) or jexit(JText::_('JINVALID_TOKEN')); JLoader::import("/techjoomla/media/storage/local", JPATH_LIBRARIES); $app = Factory::getApplication(); $jinput = $app->input; diff --git a/site/controllers/fields.json.php b/site/controllers/fields.json.php index 7dfbac45..5452e803 100644 --- a/site/controllers/fields.json.php +++ b/site/controllers/fields.json.php @@ -14,6 +14,9 @@ use Joomla\CMS\Language\Text; use Joomla\CMS\HTML\HTMLHelper; use Joomla\CMS\Session\Session; +use Joomla\CMS\MVC\Controller\FormController; +use Joomla\CMS\MVC\Model\BaseDatabaseModel; +use Joomla\CMS\Response\JsonResponse; jimport('joomla.filesystem.file'); @@ -24,7 +27,7 @@ * * @since 1.4 */ -class TjfieldsControllerFields extends JControllerForm +class TjfieldsControllerFields extends FormController { /** * Delete File . @@ -37,8 +40,8 @@ class TjfieldsControllerFields extends JControllerForm public function deleteFile() { // Check for request forgeries. - JSession::checkToken() or jexit(JText::_('JINVALID_TOKEN')); - $app = JFactory::getApplication(); + Session::checkToken('get') or Session::checkToken() or jexit(Text::_('JINVALID_TOKEN')); + $app = Factory::getApplication(); $jinput = $app->input; $data = array(); @@ -49,7 +52,7 @@ public function deleteFile() // Get media storage path JLoader::import('components.com_tjfields.models.fields', JPATH_SITE); - $fieldsModel = JModelLegacy::getInstance('Fields', 'TjfieldsModel', array('ignore_request' => true)); + $fieldsModel = BaseDatabaseModel::getInstance('Fields', 'TjfieldsModel', array('ignore_request' => true)); $fieldData = $fieldsModel->getMediaStoragePath($data['valueId'], $data['subformFileFieldId']); $tjFieldFieldTableParamData = json_decode($fieldData->tjFieldFieldTable->params); @@ -64,9 +67,9 @@ public function deleteFile() $tjFieldsHelper = new TjfieldsHelper; $returnValue = $tjFieldsHelper->deleteFile($data); - $msg = $returnValue ? JText::_('COM_TJFIELDS_FILE_DELETE_SUCCESS') : JText::_('COM_TJFIELDS_FILE_DELETE_ERROR'); + $msg = $returnValue ? Text::_('COM_TJFIELDS_FILE_DELETE_SUCCESS') : Text::_('COM_TJFIELDS_FILE_DELETE_ERROR'); - echo new JResponseJson($returnValue, $msg); + echo new JsonResponse($returnValue, $msg); } /** @@ -86,8 +89,8 @@ public function getAllUsers() // Initialize array to store dropdown options $userOptions[] = HTMLHelper::_('select.option', "", Text::_('COM_TJFIELDS_OWNERSHIP_USER')); - JModelLegacy::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_users/models'); - $userModel = JModelLegacy::getInstance('Users', 'UsersModel', array('ignore_request' => true)); + BaseDatabaseModel::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_users/models'); + $userModel = BaseDatabaseModel::getInstance('Users', 'UsersModel', array('ignore_request' => true)); $userModel->setState('filter.state', 0); $allUsers = $userModel->getItems(); @@ -100,7 +103,7 @@ public function getAllUsers() } } - echo new JResponseJson($userOptions); + echo new JsonResponse($userOptions); jexit(); } } diff --git a/site/helpers/tjfields.php b/site/helpers/tjfields.php index 7de16977..5e1f2117 100644 --- a/site/helpers/tjfields.php +++ b/site/helpers/tjfields.php @@ -10,6 +10,14 @@ defined('_JEXEC') or die; JLoader::import("/techjoomla/media/storage/local", JPATH_LIBRARIES); use Joomla\Registry\Registry; +use Joomla\CMS\Factory; +use Joomla\CMS\MVC\Model\BaseDatabaseModel; +use Joomla\CMS\Table\Table; +use Joomla\CMS\Filesystem\Folder; +use Joomla\CMS\Filesystem\File; +use Joomla\CMS\Uri\Uri; +use Joomla\CMS\Router\Route; +use Joomla\CMS\Language\Text; /** * Helper class for tjfields @@ -46,7 +54,7 @@ public function FetchDatavalue($data) $client = $data['client']; $query_user_string = ''; - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select('fv.field_id, fv.user_id, f.type, fv.value, f.params, f.name, f.label'); $query->from($db->qn('#__tjfields_fields_value', 'fv')); @@ -134,7 +142,7 @@ public function FetchDatavalue($data) */ public function getFieldData($fname = '', $fid = '') { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select($db->quoteName(array('id', 'type', 'name', 'label', 'params'))); $query->from($db->quoteName('#__tjfields_fields')); @@ -183,17 +191,17 @@ public function saveFieldsValue($data) } // Get user object - $user = JFactory::getUser(); + $user = Factory::getUser(); // Get all the fields of the specified client JLoader::import('components.com_tjfields.models.fields', JPATH_ADMINISTRATOR); - $tjFieldsFieldsModel = JModelLegacy::getInstance('Fields', 'TjfieldsModel', array('ignore_request' => true)); + $tjFieldsFieldsModel = BaseDatabaseModel::getInstance('Fields', 'TjfieldsModel', array('ignore_request' => true)); $tjFieldsFieldsModel->setState('filter.client', $data['client']); $tjFieldsFieldsModel->setState('filter.state', 1); $fields = $tjFieldsFieldsModel->getItems(); // Get previously stored details in the record - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select('*'); $query->from($db->quoteName('#__tjfields_fields_value')); @@ -320,7 +328,7 @@ public function saveFieldsValue($data) $ucmSubFormData['content_id'] = $ucmSubFormContentId; $ucmSubFormData['client'] = $ucmSubformClient; $ucmSubFormData['fieldsvalue'] = $ucmSubformValue; - $ucmSubFormData['created_by'] = JFactory::getUser()->id; + $ucmSubFormData['created_by'] = Factory::getUser()->id; $this->saveFieldsValue($ucmSubFormData); } } @@ -488,7 +496,7 @@ private function saveSingleValuedFieldData($fieldValue, $client, $contentId, $fi $fieldOptionTable = JTable::getInstance('Option', 'TjfieldsTable', array('dbo', JFactory::getDbo())); // Set currently logged in users id as user_id - $fieldsValueTable->user_id = JFactory::getUser()->id; + $fieldsValueTable->user_id = Factory::getUser()->id; // If field value already exists then update the value else insert the field value if (isset($fieldStoredValues[0]) || !empty($fieldStoredValues[0])) @@ -561,7 +569,7 @@ private function saveMultiValuedFieldData($fieldValue, $client, $contentId, $fie return false; } - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $previouslyStoredValues = array(); if (!empty($fieldStoredValues)) @@ -641,10 +649,10 @@ private function saveMediaFieldData($fieldValue, $client, $contentId, $fieldId, } JLoader::import('components.com_tjfields.tables.fieldsvalue', JPATH_ADMINISTRATOR); - $fieldsValueTable = JTable::getInstance('FieldsValue', 'TjfieldsTable', array('dbo', JFactory::getDbo())); + $fieldsValueTable = Table::getInstance('FieldsValue', 'TjfieldsTable', array('dbo', Factory::getDbo())); JLoader::import('components.com_tjfields.tables.field', JPATH_ADMINISTRATOR); - $fieldTable = JTable::getInstance('Field', 'TjfieldsTable', array('dbo', JFactory::getDbo())); + $fieldTable = Table::getInstance('Field', 'TjfieldsTable', array('dbo', Factory::getDbo())); $fieldTable->load($fieldId); $fieldParams = new Registry($fieldTable->params); @@ -704,7 +712,7 @@ private function saveMediaFieldData($fieldValue, $client, $contentId, $fieldId, { foreach ($errors as $error) { - JFactory::getApplication()->enqueueMessage($error, 'error'); + Factory::getApplication()->enqueueMessage($error, 'error'); } return false; @@ -723,11 +731,11 @@ private function saveMediaFieldData($fieldValue, $client, $contentId, $fieldId, // If the destination directory doesn't exist we need to create it jimport('joomla.filesystem.file'); - if (!JFile::exists($htaccessFile)) + if (!File::exists($htaccessFile)) { jimport('joomla.filesystem.folder'); - JFolder::create(dirname($htaccessFile)); - JFile::write($htaccessFile, $htaccessFileContent); + Folder::create(dirname($htaccessFile)); + File::write($htaccessFile, $htaccessFileContent); } } @@ -751,7 +759,7 @@ public function saveFieldsValueTOBEDELETED($data) return false; } - $app = JFactory::getApplication(); + $app = Factory::getApplication(); // Get field Id and field type. $insert_obj = new stdClass; @@ -831,7 +839,7 @@ public function saveFieldsValueTOBEDELETED($data) } // Field Data - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select('*'); $query->from($db->quoteName('#__tjfields_fields')); @@ -852,9 +860,9 @@ public function saveFieldsValueTOBEDELETED($data) { if ($singleFile['error'] != 4) { - JTable::addIncludePath(JPATH_ADMINISTRATOR . "/components/com_tjfields/tables"); - JModelLegacy::addIncludePath(JPATH_ADMINISTRATOR . "/components/com_tjfields/models"); - $fieldModel = JModelLegacy::getInstance('Field', 'TjfieldsModel', array("ignore_request" => 1)); + Table::addIncludePath(JPATH_ADMINISTRATOR . "/components/com_tjfields/tables"); + BaseDatabaseModel::addIncludePath(JPATH_ADMINISTRATOR . "/components/com_tjfields/models"); + $fieldModel = BaseDatabaseModel::getInstance('Field', 'TjfieldsModel', array("ignore_request" => 1)); $fieldId = (int) $file_field_data->id; $fieldItems = $fieldModel->getItem($fieldId); @@ -909,7 +917,7 @@ public function saveFieldsValueTOBEDELETED($data) $config['allowedExtension'] = $allowedTypes; } - $user = JFactory::getUser(); + $user = Factory::getUser(); $config['uploadPath'] = $mediaPath; $config['size'] = $acceptSize; $config['saveData'] = '0'; @@ -933,11 +941,11 @@ public function saveFieldsValueTOBEDELETED($data) // If the destination directory doesn't exist we need to create it jimport('joomla.filesystem.file'); - if (!JFile::exists($htaccessFile)) + if (!File::exists($htaccessFile)) { jimport('joomla.filesystem.folder'); - JFolder::create(dirname($htaccessFile)); - JFile::write($htaccessFile, $this->htaccessFileContent); + Folder::create(dirname($htaccessFile)); + File::write($htaccessFile, $this->htaccessFileContent); } } @@ -1040,7 +1048,7 @@ public function saveFieldsValueTOBEDELETED($data) // Delete Values of unsubmitted fields foreach ($unsubmittedFields as $unsubmittedField) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); // Delete entry if field is deselected $conditions = array( @@ -1072,7 +1080,7 @@ public function getUnsubmittedFields($content_id, $client, $fieldsSubmitted) if (!empty($content_id) && !empty($client)) { // Field Data - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select($db->quoteName('field_id')); $query->from($db->quoteName('#__tjfields_fields_value')); @@ -1104,7 +1112,7 @@ public function getUnsubmittedFields($content_id, $client, $fieldsSubmitted) public function saveSingleSelectFieldValue($postFieldData, $fieldName, $field_data, $updateId = 0) { $currentFieldValue = $postFieldData['fieldsvalue'][$fieldName]; - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select("id") @@ -1150,8 +1158,8 @@ public function saveSingleSelectFieldValue($postFieldData, $fieldName, $field_da public function saveSubformData($postFieldData, $subformFname, $field_data) { // Select all entries for __tjfields_fields_value - $app = JFactory::getApplication(); - $db = JFactory::getDbo(); + $app = Factory::getApplication(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select('*'); $query->from('#__tjfields_fields_value'); @@ -1165,9 +1173,9 @@ public function saveSubformData($postFieldData, $subformFname, $field_data) $subformField = $newFields[$subformFname]; // Params from getting subform max size - JTable::addIncludePath(JPATH_ADMINISTRATOR . "/components/com_tjfields/tables"); - JModelLegacy::addIncludePath(JPATH_ADMINISTRATOR . "/components/com_tjfields/models"); - $fieldModel = JModelLegacy::getInstance('Field', 'TjfieldsModel', array("ignore_request" => 1)); + Table::addIncludePath(JPATH_ADMINISTRATOR . "/components/com_tjfields/tables"); + BaseDatabaseModel::addIncludePath(JPATH_ADMINISTRATOR . "/components/com_tjfields/models"); + $fieldModel = BaseDatabaseModel::getInstance('Field', 'TjfieldsModel', array("ignore_request" => 1)); $fieldId = (int) $field_data->id; $fieldItems = $fieldModel->getItem($fieldId); @@ -1192,8 +1200,8 @@ public function saveSubformData($postFieldData, $subformFname, $field_data) if (!empty($file_field_data)) { - JModelLegacy::addIncludePath(JPATH_ADMINISTRATOR . "/components/com_tjfields/models"); - $fieldModel = JModelLegacy::getInstance('Field', 'TjfieldsModel', array("ignore_request" => 1)); + BaseDatabaseModel::addIncludePath(JPATH_ADMINISTRATOR . "/components/com_tjfields/models"); + $fieldModel = BaseDatabaseModel::getInstance('Field', 'TjfieldsModel', array("ignore_request" => 1)); $fieldId = (int) $file_field_data->id; $fieldItems = $fieldModel->getItem($fieldId); $client = $fieldItems->client; @@ -1247,7 +1255,7 @@ public function saveSubformData($postFieldData, $subformFname, $field_data) $config['allowedExtension'] = $allowedTypes; } - $user = JFactory::getUser(); + $user = Factory::getUser(); $config['uploadPath'] = $mediaPath; $config['size'] = $acceptSize; $config['saveData'] = '0'; @@ -1275,11 +1283,11 @@ public function saveSubformData($postFieldData, $subformFname, $field_data) // If the destination directory doesn't exist we need to create it jimport('joomla.filesystem.file'); - if (!JFile::exists($htaccessFile)) + if (!File::exists($htaccessFile)) { jimport('joomla.filesystem.folder'); - JFolder::create(dirname($htaccessFile)); - JFile::write($htaccessFile, $this->htaccessFileContent); + Folder::create(dirname($htaccessFile)); + File::write($htaccessFile, $this->htaccessFileContent); } } @@ -1298,7 +1306,7 @@ public function saveSubformData($postFieldData, $subformFname, $field_data) $obj->content_id = $postFieldData['content_id']; $obj->value = json_encode($subformField); $obj->client = $postFieldData['client']; - $obj->user_id = JFactory::getUser()->id; + $obj->user_id = Factory::getUser()->id; $obj->id = $dbFieldValue[0]->id; $db->updateObject('#__tjfields_fields_value', $obj, 'id'); @@ -1311,9 +1319,9 @@ public function saveSubformData($postFieldData, $subformFname, $field_data) $obj->content_id = $postFieldData['content_id']; $obj->value = json_encode($subformField); $obj->client = $postFieldData['client']; - $obj->user_id = JFactory::getUser()->id; + $obj->user_id = Factory::getUser()->id; - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $db->insertObject('#__tjfields_fields_value', $obj, 'id'); } @@ -1332,7 +1340,7 @@ public function saveSubformData($postFieldData, $subformFname, $field_data) public function saveMultiselectOptions($postFieldData, $multiselectFname, $field_data) { // Select all entries for __tjfields_fields_value - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select('*'); $query->from('#__tjfields_fields_value'); @@ -1352,7 +1360,7 @@ public function saveMultiselectOptions($postFieldData, $multiselectFname, $field if ($tjListParams->multiple && $tjListParams->other) { - $otherValKey = array_search(JText::_('COM_TJFIELDS_TJLIST_OTHER_OPTION_VALUE'), $multiselectField); + $otherValKey = array_search(Text::_('COM_TJFIELDS_TJLIST_OTHER_OPTION_VALUE'), $multiselectField); if (is_numeric($otherValKey)) { @@ -1402,7 +1410,7 @@ public function saveMultiselectOptions($postFieldData, $multiselectFname, $field $obj->content_id = $postFieldData['content_id']; $obj->value = $fieldValue; $obj->client = $postFieldData['client']; - $obj->user_id = JFactory::getUser()->id; + $obj->user_id = Factory::getUser()->id; $this->addFieldValueEntry($obj); } @@ -1418,7 +1426,7 @@ public function saveMultiselectOptions($postFieldData, $multiselectFname, $field $obj->content_id = $postFieldData['content_id']; $obj->value = $fieldValue; $obj->client = $postFieldData['client']; - $obj->user_id = JFactory::getUser()->id; + $obj->user_id = Factory::getUser()->id; $this->addFieldValueEntry($obj); } @@ -1438,7 +1446,7 @@ public function addFieldValueEntry($insert_obj) { if (!empty($insert_obj)) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select($db->quoteName('id')) @@ -1453,7 +1461,7 @@ public function addFieldValueEntry($insert_obj) if (!empty($insert_obj->option_id) || $fieldData->type == 'related' || $fieldData->type == 'tjlist') { // Insert into db - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $db->insertObject('#__tjfields_fields_value', $insert_obj, 'id'); } } @@ -1468,7 +1476,7 @@ public function addFieldValueEntry($insert_obj) */ public function buildSafeInClause($filterString) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); // Check if $filterString is comma separated string. if ((strpos($filterString, ',') !== false)) @@ -1508,7 +1516,7 @@ public function deleteFieldValueEntry($fieldValueEntryId) { if (!empty($fieldValueEntryId)) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); @@ -1538,7 +1546,7 @@ public function checkRecordExistence($data, $field_id) $content_id = (int) $data['content_id']; $client = $data['client']; - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select($db->quoteName('id')); @@ -1569,7 +1577,7 @@ public function getOptions($field_id, $option_value = '') { if ($option_value != '') { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select($db->quoteName(array('options','value'))); @@ -1668,7 +1676,7 @@ public function getUniversalFields($client) if (!empty($client)) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select('DISTINCT * FROM #__tjfields_fields AS f'); $query->where('NOT EXISTS (select * FROM #__tjfields_category_mapping AS cm where f.id=cm.field_id)'); @@ -1690,7 +1698,7 @@ public function getUniversalFields($client) */ public function getCategorys($client) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select('*'); @@ -1718,7 +1726,7 @@ public function getFilterableFields($client, $category_id = '') if (!empty($client)) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select('DISTINCT fv.option_id, f.id,f.name, f.label,fv.value,fo.options'); $query->FROM("#__tjfields_fields AS f"); @@ -1745,7 +1753,7 @@ public function getFilterableFields($client, $category_id = '') // If category related field present if (!empty($category_id) && is_int($category_id)) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $queryCat = $db->getQuery(true); $queryCat->select('DISTINCT fv.option_id, f.id,f.name, f.label,fv.value,fo.options'); $queryCat->FROM("#__tjfields_fields AS f"); @@ -1790,7 +1798,7 @@ public function getFilterableFields($client, $category_id = '') */ public static function buildFilterModuleQuery() { - $jinput = JFactory::getApplication()->input; + $jinput = Factory::getApplication()->input; $client = $jinput->get("client"); // Get parameter name in which you are sending category id @@ -1803,7 +1811,7 @@ public static function buildFilterModuleQuery() $fields_value_str = implode(',', $fields_value_str); } - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); // Selected field value @@ -1898,7 +1906,7 @@ public function getFieldAndFieldOptionsList($options) if (!empty($options)) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select('field_id, GROUP_CONCAT( id ) AS optionsStr '); $query->FROM('#__tjfields_options as fo'); @@ -1919,8 +1927,8 @@ public function getFieldAndFieldOptionsList($options) */ public function getFilterResults() { - $db = JFactory::getDbo(); - $jinput = JFactory::getApplication()->input; + $db = Factory::getDbo(); + $jinput = Factory::getApplication()->input; // Function will return -1 when no content found according to selected fields in filter $tjfieldIitem_ids = "-1"; @@ -1958,7 +1966,7 @@ public function getClientFields($client) { if (!empty($client)) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select('name'); $query->from('#__tjfields_fields'); @@ -1985,7 +1993,7 @@ public function getFileIdFromFilePath($filePath) { if (!empty($filePath)) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select($db->quoteName('id')); $query->from($db->quoteName('#__tjfields_fields_value')); @@ -2012,7 +2020,7 @@ public function getMediaPathFromId($mediaId) { if (!empty($mediaId)) { - $db = JFactory::getDbo(); + $db = Factory::getDbo(); $query = $db->getQuery(true); $query->select($db->quoteName('value')); $query->from($db->quoteName('#__tjfields_fields_value')); @@ -2051,8 +2059,8 @@ public function getMediaUrl($fileName, $extraUrlParamsArray = '') // Get client & add extraURL params which are needed to download the media $data = new stdClass; - JTable::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_tjfields/tables'); - $data->fields_value_table = JTable::getInstance('Fieldsvalue', 'TjfieldsTable'); + Table::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_tjfields/tables'); + $data->fields_value_table = Table::getInstance('Fieldsvalue', 'TjfieldsTable'); if (isset($extraUrlParamsArray['subFormFileFieldId'])) { @@ -2063,7 +2071,10 @@ public function getMediaUrl($fileName, $extraUrlParamsArray = '') // Here, fpht means file encoded path $encodedFileName = base64_encode($fileName); $basePathLink = 'index.php?option=com_tjfields&task=getMediaFile&fpht='; - $mediaURLlink = JUri::root() . substr(JRoute::_($basePathLink . $encodedFileName . $extraUrlParams), strlen(JUri::base(true)) + 1); + $mediaURL = Uri::base() . substr(Route::_($basePathLink . $encodedFileName . $extraUrlParams), strlen(Uri::base(true)) + 1); + + $csrf = JSession::getFormToken() . '=1'; + $mediaURLlink = $mediaURL . '&' . $csrf; return $mediaURLlink; } @@ -2108,15 +2119,15 @@ public function formatSizeUnits($mb) */ public function deleteFile($data) { - $user = JFactory::getUser(); + $user = Factory::getUser(); if (!$user->id) { return false; } - JTable::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_tjfields/tables'); - $fieldValueTable = JTable::getInstance('Fieldsvalue', 'TjfieldsTable'); + Table::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_tjfields/tables'); + $fieldValueTable = Table::getInstance('Fieldsvalue', 'TjfieldsTable'); $fieldValueTable->load(array('id' => $data['valueId'])); $subData = new stdClass; @@ -2161,9 +2172,9 @@ public function deleteFile($data) foreach ($deleteData as $image) { - if (JFile::exists($image)) + if (File::exists($image)) { - if (!JFile::delete($image)) + if (!File::delete($image)) { return false; } @@ -2172,7 +2183,7 @@ public function deleteFile($data) } else { - if (!JFile::delete($data['storagePath'] . '/' . $data['fileName'])) + if (!File::delete($data['storagePath'] . '/' . $data['fileName'])) { return false; } @@ -2195,7 +2206,7 @@ public function deleteFile($data) */ public static function getLanguageConstantForJs() { - JText::script('COM_TJFIELDS_FILE_DELETE_CONFIRM'); - JText::script('COM_TJFIELDS_FILE_ERROR_MAX_SIZE'); + Text::script('COM_TJFIELDS_FILE_DELETE_CONFIRM'); + Text::script('COM_TJFIELDS_FILE_ERROR_MAX_SIZE'); } }