<?php /*--------------------------------------------------------------------------------------------------------| www.vdm.io |------/ __ __ _ _____ _ _ __ __ _ _ _ \ \ / / | | | __ \ | | | | | \/ | | | | | | | \ \ / /_ _ ___| |_ | | | | _____ _____| | ___ _ __ _ __ ___ ___ _ __ | |_ | \ / | ___| |_| |__ ___ __| | \ \/ / _` / __| __| | | | |/ _ \ \ / / _ \ |/ _ \| '_ \| '_ ` _ \ / _ \ '_ \| __| | |\/| |/ _ \ __| '_ \ / _ \ / _` | \ / (_| \__ \ |_ | |__| | __/\ V / __/ | (_) | |_) | | | | | | __/ | | | |_ | | | | __/ |_| | | | (_) | (_| | \/ \__,_|___/\__| |_____/ \___| \_/ \___|_|\___/| .__/|_| |_| |_|\___|_| |_|\__| |_| |_|\___|\__|_| |_|\___/ \__,_| | | |_| /-------------------------------------------------------------------------------------------------------------------------------/ @version 2.7.x @created 30th April, 2015 @package Component Builder @subpackage controller.php @author Llewellyn van der Merwe <http://joomlacomponentbuilder.com> @github Joomla Component Builder <https://github.com/vdm-io/Joomla-Component-Builder> @copyright Copyright (C) 2015. All Rights Reserved @license GNU/GPL Version 2 or later - http://www.gnu.org/licenses/gpl-2.0.html Builds Complex Joomla Components /-----------------------------------------------------------------------------------------------------------------------------*/ // No direct access to this file defined('_JEXEC') or die('Restricted access'); // import Joomla controller library jimport('joomla.application.component.controller'); /** * Componentbuilder Component Controller */ class ComponentbuilderController extends JControllerLegacy { /** * Method to display a view. * * @param boolean $cachable If true, the view output will be cached. * @param boolean $urlparams An array of safe URL parameters and their variable types, for valid values see {@link JFilterInput::clean()}. * * @return JController This object to support chaining. * */ function display($cachable = false, $urlparams = false) { // set default view if not set $view = $this->input->getCmd('view', ''); $this->input->set('view', $view); $isEdit = $this->checkEditView($view); $layout = $this->input->get('layout', null, 'WORD'); $id = $this->input->getInt('id'); // $cachable = true; (TODO) working on a fix [gh-238](https://github.com/vdm-io/Joomla-Component-Builder/issues/238) // insure that the view is not cashable if edit view or if user is logged in $user = JFactory::getUser(); if ($user->get('id') || $isEdit) { $cachable = false; } // Check for edit form. if($isEdit) { if ($layout == 'edit' && !$this->checkEditId('com_componentbuilder.edit.'.$view, $id)) { // Somehow the person just went to the form - we don't allow that. $this->setError(JText::sprintf('JLIB_APPLICATION_ERROR_UNHELD_ID', $id)); $this->setMessage($this->getError(), 'error'); // check if item was opend from other then its own list view $ref = $this->input->getCmd('ref', 0); $refid = $this->input->getInt('refid', 0); // set redirect if ($refid > 0 && ComponentbuilderHelper::checkString($ref)) { // redirect to item of ref $this->setRedirect(JRoute::_('index.php?option=com_componentbuilder&view='.(string)$ref.'&layout=edit&id='.(int)$refid, false)); } elseif (ComponentbuilderHelper::checkString($ref)) { // redirect to ref $this->setRedirect(JRoute::_('index.php?option=com_componentbuilder&view='.(string)$ref, false)); } else { // normal redirect back to the list default site view $this->setRedirect(JRoute::_('index.php?option=com_componentbuilder&view=', false)); } return false; } } // we may need to make this more dynamic in the future. (TODO) $safeurlparams = array( 'catid' => 'INT', 'id' => 'INT', 'cid' => 'ARRAY', 'year' => 'INT', 'month' => 'INT', 'limit' => 'UINT', 'limitstart' => 'UINT', 'showall' => 'INT', 'return' => 'BASE64', 'filter' => 'STRING', 'filter_order' => 'CMD', 'filter_order_Dir' => 'CMD', 'filter-search' => 'STRING', 'print' => 'BOOLEAN', 'lang' => 'CMD', 'Itemid' => 'INT'); // should these not merge? if (ComponentbuilderHelper::checkArray($urlparams)) { $safeurlparams = ComponentbuilderHelper::mergeArrays(array($urlparams, $safeurlparams)); } return parent::display($cachable, $safeurlparams); } protected function checkEditView($view) { if (ComponentbuilderHelper::checkString($view)) { $views = array( ); // check if this is a edit view if (in_array($view,$views)) { return true; } } return false; } }