JEMBOT MAWOT Bypass Shell
<?php
/**
* @package Joomla.Administrator
* @subpackage Weblinks
*
* @copyright Copyright (C) 2005 - 2017 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
defined('_JEXEC') or die;
use Joomla\Registry\Registry;
/**
* Weblinks model.
*
* @since 1.5
*/
class WeblinksModelWeblink extends JModelAdmin
{
/**
* The type alias for this content type.
*
* @var string
* @since 3.2
*/
public $typeAlias = 'com_weblinks.weblink';
/**
* The prefix to use with controller messages.
*
* @var string
* @since 1.6
*/
protected $text_prefix = 'COM_WEBLINKS';
/**
* Method to test whether a record can be deleted.
*
* @param object $record A record object.
*
* @return boolean True if allowed to delete the record. Defaults to the permission for the component.
*
* @since 1.6
*/
protected function canDelete($record)
{
if (!empty($record->id))
{
if ($record->state != -2)
{
return;
}
if ($record->catid)
{
return JFactory::getUser()->authorise('core.delete', 'com_weblinks.category.' . (int) $record->catid);
}
return parent::canDelete($record);
}
}
/**
* Method to test whether a record can be deleted.
*
* @param object $record A record object.
*
* @return boolean True if allowed to change the state of the record. Defaults to the permission for the component.
*
* @since 1.6
*/
protected function canEditState($record)
{
if (!empty($record->catid))
{
return JFactory::getUser()->authorise('core.edit.state', 'com_weblinks.category.' . (int) $record->catid);
}
return parent::canEditState($record);
}
/**
* Method to get a table object, load it if necessary.
*
* @param string $type The table name. Optional.
* @param string $prefix The class prefix. Optional.
* @param array $config Configuration array for model. Optional.
*
* @return JTable A JTable object
*
* @since 1.6
*/
public function getTable($type = 'Weblink', $prefix = 'WeblinksTable', $config = array())
{
return JTable::getInstance($type, $prefix, $config);
}
/**
* Abstract method for getting the form from the model.
*
* @param array $data Data for the form.
* @param boolean $loadData True if the form is to load its own data (default case), false if not.
*
* @return mixed A JForm object on success, false on failure
*
* @since 1.6
*/
public function getForm($data = array(), $loadData = true)
{
// Get the form.
$form = $this->loadForm('com_weblinks.weblink', 'weblink', array('control' => 'jform', 'load_data' => $loadData));
if (empty($form))
{
return false;
}
// Determine correct permissions to check.
if ($this->getState('weblink.id'))
{
// Existing record. Can only edit in selected categories.
$form->setFieldAttribute('catid', 'action', 'core.edit');
}
else
{
// New record. Can only create in selected categories.
$form->setFieldAttribute('catid', 'action', 'core.create');
}
// Modify the form based on access controls.
if (!$this->canEditState((object) $data))
{
// Disable fields for display.
$form->setFieldAttribute('ordering', 'disabled', 'true');
$form->setFieldAttribute('state', 'disabled', 'true');
$form->setFieldAttribute('publish_up', 'disabled', 'true');
$form->setFieldAttribute('publish_down', 'disabled', 'true');
// Disable fields while saving.
// The controller has already verified this is a record you can edit.
$form->setFieldAttribute('ordering', 'filter', 'unset');
$form->setFieldAttribute('state', 'filter', 'unset');
$form->setFieldAttribute('publish_up', 'filter', 'unset');
$form->setFieldAttribute('publish_down', 'filter', 'unset');
}
return $form;
}
/**
* Method to get the data that should be injected in the form.
*
* @return array The default data is an empty array.
*
* @since 1.6
*/
protected function loadFormData()
{
// Check the session for previously entered form data.
$data = JFactory::getApplication()->getUserState('com_weblinks.edit.weblink.data', array());
if (empty($data))
{
$data = $this->getItem();
// Prime some default values.
if ($this->getState('weblink.id') == 0)
{
$app = JFactory::getApplication();
$data->set('catid', $app->input->get('catid', $app->getUserState('com_weblinks.weblinks.filter.category_id'), 'int'));
}
}
$this->preprocessData('com_weblinks.weblink', $data);
return $data;
}
/**
* Method to get a single record.
*
* @param integer $pk The id of the primary key.
*
* @return mixed Object on success, false on failure.
*
* @since 1.6
*/
public function getItem($pk = null)
{
if ($item = parent::getItem($pk))
{
// Convert the metadata field to an array.
$registry = new Registry;
$registry->loadString($item->metadata);
$item->metadata = $registry->toArray();
// Convert the images field to an array.
$registry = new Registry;
$registry->loadString($item->images);
$item->images = $registry->toArray();
if (!empty($item->id))
{
$item->tags = new JHelperTags;
$item->tags->getTagIds($item->id, 'com_weblinks.weblink');
$item->metadata['tags'] = $item->tags;
}
}
return $item;
}
/**
* Prepare and sanitise the table data prior to saving.
*
* @param JTable $table A reference to a JTable object.
*
* @return void
*
* @since 1.6
*/
protected function prepareTable($table)
{
$date = JFactory::getDate();
$user = JFactory::getUser();
$table->title = htmlspecialchars_decode($table->title, ENT_QUOTES);
$table->alias = JApplicationHelper::stringURLSafe($table->alias);
if (empty($table->alias))
{
$table->alias = JApplicationHelper::stringURLSafe($table->title);
}
if (empty($table->id))
{
// Set the values
// Set ordering to the last item if not set
if (empty($table->ordering))
{
$db = $this->getDbo();
$query = $db->getQuery(true)
->select('MAX(ordering)')
->from($db->quoteName('#__weblinks'));
$db->setQuery($query);
$max = $db->loadResult();
$table->ordering = $max + 1;
}
else
{
// Set the values
$table->modified = $date->toSql();
$table->modified_by = $user->id;
}
}
// Increment the weblink version number.
$table->version++;
}
/**
* A protected method to get a set of ordering conditions.
*
* @param JTable $table A JTable object.
*
* @return array An array of conditions to add to ordering queries.
*
* @since 1.6
*/
protected function getReorderConditions($table)
{
$condition = array();
$condition[] = 'catid = ' . (int) $table->catid;
return $condition;
}
/**
* Method to save the form data.
*
* @param array $data The form data.
*
* @return boolean True on success.
*
* @since 3.1
*/
public function save($data)
{
$app = JFactory::getApplication();
JLoader::register('CategoriesHelper', JPATH_ADMINISTRATOR . '/components/com_categories/helpers/categories.php');
// Cast catid to integer for comparison
$catid = (int) $data['catid'];
// Check if New Category exists
if ($catid > 0)
{
$catid = CategoriesHelper::validateCategoryId($data['catid'], 'com_weblinks');
}
// Save New Category
if ($catid == 0 && $this->canCreateCategory())
{
$table = array();
$table['title'] = $data['catid'];
$table['parent_id'] = 1;
$table['extension'] = 'com_weblinks';
$table['language'] = $data['language'];
$table['published'] = 1;
// Create new category and get catid back
$data['catid'] = CategoriesHelper::createCategory($table);
}
// Alter the title for save as copy
if ($app->input->get('task') == 'save2copy')
{
list($name, $alias) = $this->generateNewTitle($data['catid'], $data['alias'], $data['title']);
$data['title'] = $name;
$data['alias'] = $alias;
$data['state'] = 0;
}
return parent::save($data);
}
/**
* Method to change the title & alias.
*
* @param integer $category_id The id of the parent.
* @param string $alias The alias.
* @param string $name The title.
*
* @return array Contains the modified title and alias.
*
* @since 3.1
*/
protected function generateNewTitle($category_id, $alias, $name)
{
// Alter the title & alias
$table = $this->getTable();
while ($table->load(array('alias' => $alias, 'catid' => $category_id)))
{
if ($name == $table->title)
{
$name = JString::increment($name);
}
$alias = JString::increment($alias, 'dash');
}
return array($name, $alias);
}
/**
* Allows preprocessing of the JForm object.
*
* @param JForm $form The form object
* @param array $data The data to be merged into the form object
* @param string $group The plugin group to be executed
*
* @return void
*
* @since 3.6.0
*/
protected function preprocessForm(JForm $form, $data, $group = 'content')
{
if ($this->canCreateCategory())
{
$form->setFieldAttribute('catid', 'allowAdd', 'true');
}
parent::preprocessForm($form, $data, $group);
}
/**
* Is the user allowed to create an on the fly category?
*
* @return bool
*
* @since 3.6.0
*/
private function canCreateCategory()
{
return JFactory::getUser()->authorise('core.create', 'com_weblinks');
}
}
xxxxx1.0, XXX xxxx