Mambo > Projects > Mambo CMS > SVN

Diff of /mambo/branches/4.6/components/com_content/content.php

-revision 288, Wed Feb 15 17:18:43 2006 UTC
+revision 1756, Thu May 28 06:41:09 2009 UTC
 Line 1
  <?php
  /**
- * @version $Id: content.php,v 1.7 2005/11/24 04:28:51 csouza Exp $
  * @package Mambo
  * @subpackage Content
- * @copyright (C) 2000 - 2005 Miro International Pty Ltd
+ * @author Mambo Foundation Inc see README.php
- * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
+ * @copyright (C) 2000 - 2009 Mambo Foundation Inc.
- * Mambo is Free Software
+ * See COPYRIGHT.php for copyright notices and details.
+ * @license GNU/GPL Version 2, see LICENSE.php
+ *
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * Mambo is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; version 2 of the License.
  */
  /** ensure this file is being included by a parent file */
-Line 35
+Line 41
  // loads function for frontpage component
  if ( $option == 'com_frontpage' ) {
          //frontpage( $option, $gid, $pop, $now );
-         $cache->call( 'frontpage', $gid, $access, $pop, $now );
+         $cache->call( 'frontpage', $gid, $access, $pop, $limit, $limitstart);
          return;
  }
-Line 49
+Line 55
                  break;
          case 'section':
-                 $cache->call( 'showSection', $id, $gid, $access, $now );
+                 $cache->call( 'showSection', $id, $gid, $access );
                  break;
          case 'category':
-                 $cache->call( 'showCategory', $id, $gid, $access, $sectionid, $limit, $limitstart, $now );
+                 $cache->call( 'showCategory', $id, $gid, $access, $sectionid, $limit, $limitstart );
                  break;
          case 'blogsection':
-                 $cache->call('showBlogSection', $id, $gid, $access, $pop, $now );
+                 $cache->call('showBlogSection', $id, $gid, $access, $pop, $limit, $limitstart );
                  break;
          case 'blogcategorymulti':
          case 'blogcategory':
-                 $cache->call( 'showBlogCategory', $id, $gid, $access, $pop, $now );
+                 $cache->call( 'showBlogCategory', $id, $gid, $access, $pop, $limit, $limitstart );
                  break;
          case 'archivesection':
-Line 99
+Line 105
                  break;
          case 'vote':
-                 recordVote ( $url , $user_rating , $cid , $database);
+                 recordVote (  $user_rating , $cid , $database);
                  break;
          default:
-                 $cache->call('showBlogSection', 0, $gid, $access, $pop, $now );
+                 $cache->call('showBlogSection', 0, $gid, $access, $pop, $limit, $limitstart );
                  break;
  }
-Line 133
+Line 139
          }
  }
- function frontpage( $gid, &$access, $pop, $now ) {
+ function frontpage( $gid, &$access, $pop, $limit, $limitstart) {
          global $database, $mainframe, $my, $Itemid;
          global $mosConfig_offset;
-Line 145
+Line 151
          $params =& new mosParameters( $menu->params );
          $orderby_sec = $params->def( 'orderby_sec', '' );
          $orderby_pri = $params->def( 'orderby_pri', '' );
+         $header = $params->def( 'header', $menu->name );
+         $page_title = $params->def( 'page_title', 0 );
          // Ordering control
          $order_sec = _orderby_sec( $orderby_sec );
          $order_pri = _orderby_pri( $orderby_pri );
          $now = date( "Y-m-d H:i:s", time()+$mosConfig_offset*60*60 );
+         global $acl;
+         $viewAccess = ($gid >= $acl->get_group_id( 'Registered', 'ARO' ) ? 1 : 0) + ($gid >= $acl->get_group_id( 'Author', 'ARO' ) ? 1 : 0);
          // query records
          $query = "SELECT a.*, ROUND( v.rating_sum / v.rating_count ) AS rating, v.rating_count, u.name AS author, u.usertype, s.name AS section, cc.name AS category, g.name AS groups"
          . "\n FROM #__content AS a"
          . "\n INNER JOIN #__content_frontpage AS f ON f.content_id = a.id"
-         . "\n INNER JOIN #__categories AS cc ON cc.id = a.catid"
+         . "\n LEFT JOIN #__categories AS cc ON cc.id = a.catid"
-         . "\n INNER JOIN #__sections AS s ON s.id = a.sectionid"
+         . "\n LEFT JOIN #__sections AS s ON s.id = a.sectionid"
          . "\n LEFT JOIN #__users AS u ON u.id = a.created_by"
          . "\n LEFT JOIN #__content_rating AS v ON a.id = v.content_id"
          . "\n LEFT JOIN #__groups AS g ON a.access = g.id"
-Line 165
+Line 174
          . ( $noauth ? "\n AND a.access <= '". $my->gid ."'" : '' )
          . "\n AND ( publish_up = '0000-00-00 00:00:00' OR publish_up <= '$now'  )"
          . "\n AND ( publish_down = '0000-00-00 00:00:00' OR publish_down >= '$now' )"
+         . "\n AND a.access <= ". $viewAccess
          . "\n ORDER BY ". $order_pri . $order_sec
          ;
- //      $database->setQuery( $query );
- //      $rows = $database->loadObjectList();
          $rows = $database->doSQLget($query, 'mosExtendedContent');
          // Dynamic Page Title
-         $mainframe->SetPageTitle( $menu->name );
+         $mainframe->SetPageTitle( $header );
-         BlogOutput( $rows, $params, $gid, $access, $pop, $menu );
+         BlogOutput( $rows, $params, $gid, $access, $pop, $menu, null, $limit, $limitstart );
  }
- function showSection( $id, $gid, &$access, $now ) {
+ function showSection( $id, $gid, &$access ) {
          global $database, $mainframe, $mosConfig_offset, $Itemid;
          $noauth = !$mainframe->getCfg( 'shownoauth' );
+     $now = date( 'Y-m-d H:i:s', time() + $mosConfig_offset * 60 * 60 );
          // Paramters
          $params = new stdClass();
          if ( $Itemid ) {
-Line 191
+Line 199
                  $params =& new mosParameters( $menu->params );
          } else {
                  $menu = "";
-                 $params =& new mosEmpty();
+                 $params =& new mosParameters( $menu->params );
          }
          $orderby = $params->get( 'orderby', '' );
-Line 205
+Line 213
          $params->def( 'empty_cat', 0 );
          $params->def( 'cat_items', 1 );
          $params->def( 'cat_description', 1 );
+         $params->def( 'description', 1 );
+         $params->def( 'description-image', 1 );
          $params->def( 'back_button', $mainframe->getCfg( 'back_button' ) );
          $params->def( 'pageclass_sfx', '' );
-Line 265
+Line 275
  * @param int The number of items to dislpay
  * @param int The offset for pagination
  */
- function showCategory( $id, $gid, &$access, $sectionid, $limit, $limitstart, $now  ) {
+ function showCategory( $id, $gid, &$access, $sectionid, $limit, $limitstart ) {
          global $database, $mainframe, $Itemid, $mosConfig_offset, $mosConfig_list_limit;
          $noauth = !$mainframe->getCfg( 'shownoauth' );
          $selected = mosGetParam( $_POST, 'order', '' );
+     $now = date( 'Y-m-d H:i:s', time() + $mosConfig_offset * 60 * 60 );
          // Paramters
          $params = new stdClass();
          if ( $Itemid ) {
-Line 304
+Line 314
          $params->def( 'empty_cat', 0 );
          $params->def( 'cat_items', 1 );
          $params->def( 'cat_description', 0 );
+         $params->def( 'description', 1 );
+         $params->def( 'description-image', 1 );
          $params->def( 'back_button', $mainframe->getCfg( 'back_button' ) );
          $params->def( 'pageclass_sfx', '' );
          $params->def( 'headings', 1 );
-Line 365
+Line 377
          // get the total number of published items in the category
          // filter functionality
-         $and = '';
+         $_and = '';
          if ($filter = mosGetParam($_POST, 'filter', '')) {
                  $filter = strtolower( $filter );
                  $filter = $database->getEscaped($filter);
                  if ( $params->get( 'filter' ) ) {
                          switch ( $params->get( 'filter_type' ) ) {
                                  case 'title':
-                                         $and = "\n AND LOWER( a.title ) LIKE '%". $filter ."%'";
+                                         $_and = "\n AND LOWER( a.title ) LIKE '%". $filter ."%'";
                                          break;
                                  case 'author':
-                                         $and = "\n AND ( ( LOWER( u.name ) LIKE '%". $filter ."%' ) OR ( LOWER( a.created_by_alias ) LIKE '%". $filter ."%' ) )";
+                                         $_and = "\n AND ( ( LOWER( u.name ) LIKE '%". $filter ."%' ) OR ( LOWER( a.created_by_alias ) LIKE '%". $filter ."%' ) )";
                                          break;
                                  case 'hits':
-                                         $and = "\n AND a.hits LIKE '%". $filter ."%'";
+                                         $_and = "\n AND a.hits LIKE '%". $filter ."%'";
                                          break;
                          }
                  }
-Line 401
+Line 413
          . "\n WHERE a.catid='". $category->id ."' ". $xwhere
          . ( $noauth ? "\n AND a.access<='". $gid ."'" : '' )
          . "\n AND '". $category->access ."'<='". $gid ."'"
-         . $and
+         . $_and
          . "\n ORDER BY ". $orderby .""
          ;
          $database->setQuery( $query );
-Line 421
+Line 433
          . "\n WHERE a.catid='". $category->id ."' ". $xwhere
          . ( $noauth ? "\n AND a.access<='". $gid ."'" : '' )
          . "\n AND '". $category->access ."'<='". $gid ."'"
-         . $and
+         . $_and
          . "\n ORDER BY ". $orderby .""
          . "\n LIMIT ". $limitstart .", ". $limit
          ;
-Line 466
+Line 478
  } // showCategory
- function showBlogSection( $id=0, $gid, &$access, $pop, $now=NULL ) {
+ function showBlogSection( $id=0, $gid, &$access, $pop, $limit, $limitstart  ) {
-         global $database, $mainframe, $mosConfig_offset, $Itemid;
+         global $database, $mainframe, $mosConfig_offset, $Itemid, $option, $task;
          $noauth = !$mainframe->getCfg( 'shownoauth' );
+     $now = date( 'Y-m-d H:i:s', time() + $mosConfig_offset * 60 * 60 );
          // Parameters
-         $params = new stdClass();
+         $pageTitle = '';
          if ( $Itemid ) {
                  $menu = new mosMenu( $database );
                  $menu->load( $Itemid );
-                 $params =& new mosParameters( $menu->params );
+                 if ( strpos(strtolower($menu->link), 'blogsection') === false ) {
+                         $menu = '';
          } else {
-                 $menu = "";
+                         // only load params and set title if the menu item loaded is a blog section
-                 $params =& new mosParameters( '' );
+                         $pageTitle = $menu->name;
+                 $params =& new mosParameters( $menu->params );
+         }
          }
+         // no Itemid OR menu item loaded is not a blog section
+         // try to find a blog entry in the menu database
+         if (!$menu) {
+                 $database->setQuery("SELECT * FROM #__menu WHERE link LIKE '%blogsection%'");
+                 $rows = $database->loadObjectList();
+                 if (count($rows)) {
+                         $params =& new mosParameters( $rows[0]->params );
+                 }
+         }
+         // no menu item found and no params loaded so create a default params object
+         if (!$params) $params =& new mosParameters( $menu->params );
          // new blog multiple section handling
          if ( !$id ) {
                  $id             = $params->def( 'sectionid', 0 );
-Line 496
+Line 524
          $order_pri      = _orderby_pri( $orderby_pri );
          // Main data query
-         $query = "SELECT a.*, ROUND( v.rating_sum / v.rating_count ) AS rating, v.rating_count, u.name AS author, u.usertype, cc.name AS category, g.name AS groups"
+         $query = "SELECT a.*, ROUND( v.rating_sum / v.rating_count ) AS rating, v.rating_count, u.name AS author, u.usertype, cc.name AS category, g.name AS groups, s.title AS section"
          . "\n FROM #__content AS a"
          . "\n INNER JOIN #__categories AS cc ON cc.id = a.catid"
          . "\n LEFT JOIN #__users AS u ON u.id = a.created_by"
-Line 512
+Line 540
          $rows = $database->doSQLget($query, 'mosExtendedContent');
          // Dynamic Page Title
-         if ($menu) {
+         // do we have multiple sections?
-                 $mainframe->setPageTitle( $menu->name );
+         $multiple_sections = false;
+         if (count($rows)) {
+                 $temp = array();
+                 foreach($rows as $row) {
+                         $temp[$row->section] = '';
+                 }
+                 if (count($temp) > 1) {
+                         $multiple_sections = true;
+                 }
+                 unset($temp);
          }
+         if (!$pageTitle) {
+                 // set the page title
+                 if ($rows[0]->section && !$multiple_sections){
+                         $pageTitle = $rows[0]->section;
+                 } else {
+                         $pageTitle = T_('Blog');
+                 }
+                 // fudge the pathway
+                 $mainframe->appendPathway($pageTitle);
+         }
+         $mainframe->setPageTitle( $pageTitle );
-         BlogOutput( $rows, $params, $gid, $access, $pop, $menu );
+         // restore borrowed $row->section to null - IMPORTANT
+         if (count($rows)) {
+                 for($i=0; $i<count($rows); $i++) $rows[$i]->section = '';
  }
- function showBlogCategory( $id=0, $gid, &$access, $pop, $now ) {
+         BlogOutput( $rows, $params, $gid, $access, $pop, $menu, null, $limit, $limitstart  );
+ }
+ function showBlogCategory( $id=0, $gid, &$access, $pop, $limit, $limitstart ) {
          global $database, $mainframe, $mosConfig_offset, $Itemid;
          $noauth = !$mainframe->getCfg( 'shownoauth' );
+     $now = date( 'Y-m-d H:i:s', time() + $mosConfig_offset * 60 * 60 );
          // Paramters
          $params = new stdClass();
          if ( $Itemid ) {
-Line 567
+Line 620
          // Dynamic Page Title
          $mainframe->SetPageTitle( $menu->name );
-         BlogOutput( $rows, $params, $gid, $access, $pop, $menu );
+         BlogOutput( $rows, $params, $gid, $access, $pop, $menu, null, $limit, $limitstart );
  }
  function showArchiveSection( $id=NULL, $gid, &$access, $pop, $option ) {
-Line 576
+Line 629
          $noauth = !$mainframe->getCfg( 'shownoauth' );
-         // Paramters
+         // Parameters
          $year   = mosGetParam( $_REQUEST, 'year', date( 'Y' ) );
          $month  = mosGetParam( $_REQUEST, 'month', date( 'm' ) );
-Line 652
+Line 705
          echo '<input type="hidden" name="Itemid" value="'. $Itemid .'" />';
          echo '<input type="hidden" name="task" value="archivesection" />';
          echo '<input type="hidden" name="option" value="com_content" />';
+         echo '<input type="hidden" name="module" value="1" />';
          echo '</form>';
  }
-Line 733
+Line 787
          echo '<input type="hidden" name="Itemid" value="'. $Itemid .'" />';
          echo '<input type="hidden" name="task" value="archivecategory" />';
          echo '<input type="hidden" name="option" value="com_content" />';
+         echo '<input type="hidden" name="module" value="1" />';
          echo '</form>';
  }
- function BlogOutput ( &$rows, &$params, $gid, &$access, $pop, &$menu, $archive=NULL ) {
+ function BlogOutput ( &$rows, &$params, $gid, &$access, $pop, &$menu, $archive=NULL, $limit = 0, $limitstart = 0  ) {
          global $mainframe, $Itemid, $task, $id, $option, $database, $mosConfig_live_site;
          // parameters
-Line 768
+Line 823
          $total = count( $rows );
          // pagination support
+         if (!$limitstart){
          $limitstart = intval( mosGetParam( $_REQUEST, 'limitstart', 0 ) );
+     }
          $limit = $intro + $leading + $links;
          if ( $total <= $limit ) {
                  $limitstart = 0;
-Line 912
+Line 969
                          echo '<tr>';
                          echo '<td valign="top">';
                          echo '<div class="blog_more'. $params->get( 'pageclass_sfx' ) .'">';
-                         HTML_content::showLinks( $rows, $links, $total, $i, 1, $ItemidCount );
+                         HTML_content::showLinks( $rows, $links, $total, $i, 1 );
                          echo '</div>';
                          echo '</td>';
                          echo '</tr>';
-Line 982
+Line 1039
                  ;
          }
+         global $acl;
+         $viewAccess = ($gid >= $acl->get_group_id( 'Registered', 'ARO' ) ? 1 : 0) + ($gid >= $acl->get_group_id( 'Author', 'ARO' ) ? 1 : 0);
          $query = "SELECT a.*, ROUND(v.rating_sum/v.rating_count) AS rating, v.rating_count, u.name AS author, u.usertype, cc.name AS category, s.name AS section, g.name AS groups"
          . "\n FROM #__content AS a"
          . "\n LEFT JOIN #__categories AS cc ON cc.id = a.catid"
-Line 990
+Line 1049
          . "\n LEFT JOIN #__content_rating AS v ON a.id = v.content_id"
          . "\n LEFT JOIN #__groups AS g ON a.access = g.id"
          . "\n WHERE a.id='". $uid ."' ". $xwhere
-         . "\n AND a.access <= ". $gid
+         . "\n AND a.access <= ". $viewAccess
          ;
          $database->setQuery( $query );
- //      $row = NULL;
          $row = new mosExtendedContent();
          if ( $database->loadObject( $row ) ) {
-Line 1015
+Line 1073
                          . "\n WHERE a.catid = ". $row->catid.""
                          . "\n AND a.state = $row->state AND ordering < $row->ordering"
                          . ($access->canEdit ? "" : "\n AND a.access <= '". $gid ."'" )
+                         . "\n AND ( a.publish_up = '0000-00-00 00:00:00' OR a.publish_up <= '". $now ."' )"
+                         . "\n AND ( a.publish_down = '0000-00-00 00:00:00' OR a.publish_down >= '". $now ."' )"
                          . "\n ORDER BY a.ordering DESC"
                          . "\n LIMIT 1"
                          ;
-Line 1026
+Line 1086
                          . "\n WHERE a.catid = ". $row->catid.""
                          . "\n AND a.state = $row->state AND ordering > $row->ordering"
                          . ($access->canEdit ? "" : "\n AND a.access <= '". $gid ."'" )
+                         . "\n AND ( a.publish_up = '0000-00-00 00:00:00' OR a.publish_up <= '". $now ."' )"
+                         . "\n AND ( a.publish_down = '0000-00-00 00:00:00' OR a.publish_down >= '". $now ."' )"
                          . "\n ORDER BY a.ordering"
                          . "\n LIMIT 1"
                          ;
-Line 1052
+Line 1114
  function show( $row, $params, $gid, &$access, $pop, $option, $ItemidCount=NULL ) {
          global $database, $mainframe, $Itemid;
          global $mosConfig_live_site, $mosConfig_absolute_path;
-         global $options, $cache;
+         global $options, $task;
+         //$cache = mosCache::getCache('com_content','Output');
          $noauth = !$mainframe->getCfg( 'shownoauth' );
-Line 1105
+Line 1169
          if ( $params->get( 'section_link' ) ) {
                  $query =        "SELECT a.id"
                  . "\n FROM #__menu AS a"
-                 . "\n WHERE a.componentid = ". $row->sectionid.""
+                 . "\n WHERE a.componentid = '". $row->sectionid."'"
+                 . "\n AND a.type = 'content_section'"
+                 . "\n AND a.published = 1"
                  ;
                  $database->setQuery( $query );
                  $_Itemid = $database->loadResult();
+                 if (!intval($_Itemid))
+                 $_Itemid = intval($Itemid) ? intval($Itemid) : 1;
                  $link = sefRelToAbs( 'index.php?option=com_content&amp;task=section&amp;id='. $row->sectionid .'&amp;Itemid='.$_Itemid );
                  $row->section = '<a href="'. $link .'">'. $row->section .'</a>';
          }
-Line 1118
+Line 1186
                  $query =        "SELECT a.id"
                  . "\n FROM #__menu AS a"
                  . "\n WHERE a.componentid = ". $row->catid.""
+                 . "\n AND a.type = 'content_category'"
+                 . "\n AND a.published = 1"
                  ;
                  $database->setQuery( $query );
                  $_Itemid = $database->loadResult();
+                 if (!intval($_Itemid))
+                 $_Itemid = intval($Itemid) ? intval($Itemid) : 1;
+                 $link = sefRelToAbs( 'index.php?option=com_content&amp;task=section&amp;id='. $row->sectionid .'&amp;Itemid='.$_Itemid );
                  $link = sefRelToAbs( 'index.php?option=com_content&amp;task=category&amp;sectionid='. $row->sectionid .'&amp;id='. $row->catid .'&amp;Itemid='.$_Itemid );
                  $row->category = '<a href="'. $link .'">'. $row->category .'</a>';
          }
-Line 1149
+Line 1222
                  $obj = new mosContent( $database );
                  $obj->hit( $row->id );
          }
+     //if(!($cache->start($task.$row->id.$page,'com_content'))){
-         $cache->call( 'HTML_content::show', $row, $params, $access, $page, $option, $ItemidCount );
+         HTML_content::show( $row, $params, $access, $page, $option, $ItemidCount );
+     //    $cache->end();
+     //}
  }
-Line 1268
+Line 1343
          $lists['catid']                 = mosAdminMenus::ComponentCategory( 'catid', $sectionid, intval( $row->catid ) );
          // build the select list for the image positions
          $lists['_align']                = mosAdminMenus::Positions( '_align' );
+     // build the select list for the image caption alignment
+     $lists['_caption_align']     = mosAdminMenus::Positions( '_caption_align' );
          // build the html select list for the group access
          $lists['access']                = mosAdminMenus::Access( $row );
+         // build the select list for the image caption position
+         $pos[] = mosHTML::makeOption( 'bottom', _CMN_BOTTOM );
+         $pos[] = mosHTML::makeOption( 'top', _CMN_TOP );
+         $lists['_caption_position'] = mosHTML::selectList( $pos, '_caption_position', 'class="inputbox" size="1"', 'value', 'text' );
          HTML_content::editContent( $row, $section, $lists, $images, $access, $my->id, $sectionid, $task, $Itemid );
  }
-Line 1287
+Line 1369
                  echo "<script> alert('".$row->getError()."'); window.history.go(-1); </script>\n";
                  exit();
          }
+         // sanitize
+         $row->id = intval($row->id);
+         $row->catid = intval($row->catid);
+         $row->sectionid = intval($row->sectionid);
          $isNew = $row->id < 1;
          if ( $isNew ) {
                  // new record
-Line 1364
+Line 1450
          if ( $isNew ) {
                  // messaging for new items
                  require_once( $mosConfig_absolute_path .'/components/com_messages/messages.class.php' );
                  $database->setQuery( "SELECT id FROM #__users WHERE sendEmail = '1'" );
                  $users = $database->loadResultArray();
+                 if ($users) {
                  foreach ($users as $user_id) {
                          $msg = new mosMessage( $database );
                          $msg->send( $my->id, $user_id, T_("New Item"), sprintf( T_('A new content item has been submitted by [ %s ]  titled [ %s ]  from section [ %s ]  and category  [ %s ]'), $my->username, $row->title, $section, $category ) );
                  }
          }
+         }
          $Itemid         = mosGetParam( $_POST, 'Returnid', '0' );
          $msg    = $isNew ? T_('Thanks for your submission; it will be reviewed before being posted to the site.') : T_('Item saved successfully.');
-         mosRedirect( 'index.php', $msg );
+         $link = $isNew ? 'index.php' : sefRelToAbs( 'index.php?option=com_content&task=view&id='.$row->id.'&Itemid='.$Itemid );
+         mosRedirect( $link, $msg);
  }
-Line 1388
+Line 1476
          $row = new mosContent( $database );
          $row->bind( $_POST );
+         // sanitize
+         $row->id = intval($row->id);
          if ( $access->canEdit || ( $access->canEditOwn && $row->created_by == $my->id ) ) {
                  $row->checkin();
-Line 1395
+Line 1485
          $Itemid = mosGetParam( $_POST, 'Returnid', '0' );
-         mosRedirect( 'index.php' );
+         $link = sefRelToAbs( 'index.php?option=com_content&task=view&id='.$row->id.'&Itemid='.$Itemid );
+         mosRedirect( $link );
  }
  /**
-Line 1435
+Line 1526
          $subject_default = sprintf(T_('Item sent by %s'), $yourname);
          $subject = trim( mosGetParam( $_POST, 'subject', $subject_default ) );
+         mos_session_start();
          $form_check = mosGetParam( $_POST, 'form_check', '' );
      if (empty($_SESSION['_form_check_']['com_content']) || $form_check != $_SESSION['_form_check_']['com_content']) {
        // the form hasn't been generated by the server on this session
-Line 1452
+Line 1544
          // link sent in email
          $link = sefRelToAbs( $mosConfig_live_site .'/index.php?option=com_content&task=view&id='. $uid .'&Itemid='. $_Itemid );
          // message text
-         $msg = sprintf( T_(' The following page from the "%s" website has been sent to you by %s ( %s ).
+         $msg = sprintf( T_(' The following page from the \"%s\" website has been sent to you by %s ( %s ).\n\nYou can access it at the following url:\n%s'), $mosConfig_sitename, $yourname, $youremail, $link );
- You can access it at the following url:
- %s'), $mosConfig_sitename, $yourname, $youremail, $link );
          // mail function
          mosMail( $mosConfig_mailfrom, $mosConfig_fromname, $email, $subject, $msg );
-Line 1473
+Line 1562
  }
  function recordVote() {
-         global $database;
+     global $database, $mosConfig_live_site, $mosConfig_offset, $acl, $gid;
          $user_rating = mosGetParam( $_REQUEST, 'user_rating', 0 );
-         $url = mosGetParam( $_REQUEST, 'url', '' );
          $cid = mosGetParam( $_REQUEST, 'cid', 0 );
          $cid = intval( $cid );
+     $Itemid = mosGetParam( $_REQUEST, 'Itemid', 0 );
+     $Itemid = intval( $Itemid );
          $user_rating = intval( $user_rating );
+     $now = date( 'Y-m-d H:i:s', time() + $mosConfig_offset * 60 * 60 );
+     $viewAccess = ($gid >= $acl->get_group_id( 'Registered', 'ARO' ) ? 1 : 0) + ($gid >= $acl->get_group_id( 'Author', 'ARO' ) ? 1 : 0);
+     $url = sefReltoAbs("index.php?option=com_content&task=view&id={$cid}&Itemid={$Itemid}");
          if ( ( $user_rating >= 1 ) and ( $user_rating <= 5 ) ) {
                  $currip = getenv( 'REMOTE_ADDR' );
+         $query = "SELECT * FROM #__content as c WHERE id = $cid AND (c.state = '1' OR c.state = '-1')"
+         . "\n   AND (c.publish_up = '0000-00-00 00:00:00' OR c.publish_up <= '$now')"
+         . "\n   AND (c.publish_down = '0000-00-00 00:00:00' OR c.publish_down >= '$now')"
+         . "\n AND access <= ". $viewAccess;
+         ;
+         $database->setQuery( $query );
+         $database->loadObject( $row );
+         if ( $row != NULL){
                  $query = "SELECT * FROM #__content_rating WHERE content_id = $cid";
                  $database->setQuery( $query );
                  $votesdb = NULL;
-Line 1507
+Line 1608
                          }
                  }
                  mosRedirect ( $url, T_('Thanks for your vote!') );
+         } else {
+             mosRedirect ( $url, T_('The rating for this item is not allowed!') );
+         }
          }
  }
-Line 1621
+Line 1725
  }
  function sectionURL ($sectionid) {
-         global $Itemid;
+     $menuHandler = mosMenuHandler::getInstance();
+         $Itemid = $menuHandler->getSectionItemId($sectionid);
          return "index.php?option=com_content&task=section&id=$sectionid&Itemid=$Itemid";
  }
  function categoryURL ($sectionid, $catid) {
-         global $Itemid;
+     $menuHandler = mosMenuHandler::getInstance();
+         $Itemid = $menuHandler->getCategoryItemId($catid);
          return "index.php?option=com_content&task=category&sectionid=$sectionid&id=$catid&Itemid=$Itemid";
  }

 Legend:



Removed from v.288
 


changed lines


 
Added in v.1756
 Legend:



Removed from v.288
 


changed lines


 
Added in v.1756
-Removed from v.288
+Added in v.1756

	ViewVC Help
Powered by ViewVC 1.0.0

Web Hosting provided by Network Redux.

MyGforge Home

Mambo CMS

Diff of /mambo/branches/4.6/components/com_content/content.php