Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€

Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€ - Ð ÐµÐ´Ð°ÐºÑ‚Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ - /var/www/html/Controller.zip

ÐÐ°Ð·Ð°Ð´
PK��!��`�Y��Y��DisplayController.phpnu��[��<?php /** * @package Joomla.Administrator * @subpackage com_templates * * @copyright (C) 2006 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Templates\Administrator\Controller; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\Router\Route; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Templates manager display controller. * * @since 1.6 / class DisplayController extends BaseController { /* * @var string The default view. * @since 1.6 / protected $default_view = 'styles'; /* * Method to display a view. * * @param boolean $cachable If true, the view output will be cached * @param boolean $urlparams An array of safe URL parameters and their variable types. * @see \Joomla\CMS\Filter\InputFilter::clean() for valid values. * * @return static\|boolean This object to support chaining or false on failure. * * @since 1.5 / public function display($cachable = false, $urlparams = false) { $view = $this->input->get('view', 'styles'); $layout = $this->input->get('layout', 'default'); $id = $this->input->getInt('id'); // For JSON requests if ($this->app->getDocument()->getType() == 'json') { return parent::display(); } // Check for edit form. if ($view == 'style' && $layout == 'edit' && !$this->checkEditId('com_templates.edit.style', $id)) { // Somehow the person just went to the form - we don't allow that. if (!\count($this->app->getMessageQueue())) { $this->setMessage(Text::sprintf('JLIB_APPLICATION_ERROR_UNHELD_ID', $id), 'error'); } $this->setRedirect(Route::_('index.php?option=com_templates&view=styles', false)); return false; } return parent::display(); } } PK��!��=� �� TagsController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_tags * * @copyright (C) 2013 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Tags\Administrator\Controller; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\AdminController; use Joomla\CMS\Response\JsonResponse; use Joomla\CMS\Router\Route; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * The Tags List Controller * * @since 3.1 / class TagsController extends AdminController { /* * Proxy for getModel * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config An optional associative array of configuration settings. * * @return \Joomla\CMS\MVC\Model\BaseDatabaseModel The model. * * @since 3.1 / public function getModel($name = 'Tag', $prefix = 'Administrator', $config = ['ignore_request' => true]) { return parent::getModel($name, $prefix, $config); } /* * Rebuild the nested set tree. * * @return boolean False on failure or error, true on success. * * @since 3.1 / public function rebuild() { $this->checkToken(); $this->setRedirect(Route::_('index.php?option=com_tags&view=tags', false)); /* @var \Joomla\Component\Tags\Administrator\Model\TagModel $model / $model = $this->getModel(); if ($model->rebuild()) { // Rebuild succeeded. $this->setMessage(Text::_('COM_TAGS_REBUILD_SUCCESS')); return true; } // Rebuild failed. $this->setMessage(Text::_('COM_TAGS_REBUILD_FAILURE')); return false; } /* * Method to get the JSON-encoded amount of published tags for quickicons * * @return void * * @since 4.1.0 / public function getQuickiconContent() { $model = $this->getModel('tags'); $model->setState('filter.published', 1); $amount = (int) $model->getTotal(); $result = []; $result['amount'] = $amount; $result['sronly'] = Text::plural('COM_TAGS_N_QUICKICON_SRONLY', $amount); $result['name'] = Text::plural('COM_TAGS_N_QUICKICON', $amount); echo new JsonResponse($result); } } PK��!�� '��CategoriesController.phpnu��[��<?php /* * @package Joomla.API * @subpackage com_categories * * @copyright (C) 2019 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Categories\Api\Controller; use Joomla\CMS\Filter\InputFilter; use Joomla\CMS\MVC\Controller\ApiController; use Joomla\CMS\Table\Category; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * The categories controller * * @since 4.0.0 / class CategoriesController extends ApiController { /* * The content type of the item. * * @var string * @since 4.0.0 / protected $contentType = 'categories'; /* * The default view for the display method. * * @var string * @since 3.0 / protected $default_view = 'categories'; /* * Method to allow extended classes to manipulate the data to be saved for an extension. * * @param array $data An array of input data. * * @return array * * @since 4.0.0 / protected function preprocessSaveData(array $data): array { $extension = $this->getExtensionFromInput(); $data['extension'] = $extension; // @todo: This is a hack to drop the extension into the global input object - to satisfy how state is built // we should be able to improve this in the future $this->input->set('extension', $extension); return $data; } /* * Method to save a record. * * @param integer $recordKey The primary key of the item (if exists) * * @return integer The record ID on success, false on failure * * @since 4.0.6 / protected function save($recordKey = null) { $recordId = parent::save($recordKey); if (!$recordId) { return $recordId; } $data = $this->input->get('data', json_decode($this->input->json->getRaw(), true), 'array'); if (empty($data['location'])) { return $recordId; } /* @var Category $category / $category = $this->getModel('Category')->getTable('Category'); $category->load((int) $recordId); $reference = $category->parent_id; if (!empty($data['location_reference'])) { $reference = (int) $data['location_reference']; } $category->setLocation($reference, $data['location']); $category->store(); return $recordId; } /* * Basic display of an item view * * @param integer $id The primary key to display. Leave empty if you want to retrieve data from the request * * @return static A \JControllerLegacy object to support chaining. * * @since 4.0.0 / public function displayItem($id = null) { $this->modelState->set('filter.extension', $this->getExtensionFromInput()); return parent::displayItem($id); } /* * Basic display of a list view * * @return static A \JControllerLegacy object to support chaining. * * @since 4.0.0 / public function displayList() { $apiFilterInfo = $this->input->get('filter', [], 'array'); $filter = InputFilter::getInstance(); if (\array_key_exists('search', $apiFilterInfo)) { $this->modelState->set('filter.search', $filter->clean($apiFilterInfo['search'], 'STRING')); } $this->modelState->set('filter.extension', $this->getExtensionFromInput()); return parent::displayList(); } /* * Get extension from input * * @return string * * @since 4.0.0 / private function getExtensionFromInput() { return $this->input->exists('extension') ? $this->input->get('extension') : $this->input->post->get('extension'); } } PK��!�IKA �� RequestsController.phpnu��[��<?php /* * @package Joomla.API * @subpackage com_privacy * * @copyright (C) 2019 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Privacy\Api\Controller; use Joomla\CMS\MVC\Controller\ApiController; use Joomla\Component\Privacy\Api\View\Requests\JsonapiView; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * The requests controller * * @since 4.0.0 / class RequestsController extends ApiController { /* * The content type of the item. * * @var string * @since 4.0.0 / protected $contentType = 'requests'; /* * The default view for the display method. * * @var string * @since 3.0 / protected $default_view = 'requests'; /* * Export request data * * @param integer $id The primary key to display. Leave empty if you want to retrieve data from the request * * @return static A \JControllerLegacy object to support chaining. * * @since 4.0.0 / public function export($id = null) { if ($id === null) { $id = $this->input->get('id', 0, 'int'); } $viewType = $this->app->getDocument()->getType(); $viewName = $this->input->get('view', $this->default_view); $viewLayout = $this->input->get('layout', 'default', 'string'); try { /* @var JsonapiView $view / $view = $this->getView( $viewName, $viewType, '', ['base_path' => $this->basePath, 'layout' => $viewLayout, 'contentType' => $this->contentType] ); } catch (\Exception $e) { throw new \RuntimeException($e->getMessage()); } $model = $this->getModel('export'); try { $modelName = $model->getName(); } catch (\Exception $e) { throw new \RuntimeException($e->getMessage()); } $model->setState($modelName . '.request_id', $id); $view->setModel($model, true); $view->document = $this->app->getDocument(); $view->export(); return $this; } } PK��!��"#�[��[��ConsentsController.phpnu��[��<?php /* * @package Joomla.API * @subpackage com_privacy * * @copyright (C) 2019 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Privacy\Api\Controller; use Joomla\CMS\MVC\Controller\ApiController; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * The consents controller * * @since 4.0.0 / class ConsentsController extends ApiController { /* * The content type of the item. * * @var string * @since 4.0.0 / protected $contentType = 'consents'; /* * The default view for the display method. * * @var string * @since 3.0 / protected $default_view = 'consents'; /* * Basic display of an item view * * @param integer $id The primary key to display. Leave empty if you want to retrieve data from the request * * @return static A \JControllerLegacy object to support chaining. * * @since 4.0.0 / public function displayItem($id = null) { if ($id === null) { $id = $this->input->get('id', 0, 'int'); } $this->input->set('model', $this->contentType); return parent::displayItem($id); } } PK��!�/��AjaxserverController.phpnu��[��<?php namespace JExtstore\Component\JChat\Administrator\Controller; /* * @package JCHAT::AJAXSERVER::components::com_jchat * @subpackage controllers * @author Joomla! Extensions Store * @copyright (C)2014 Joomla! Extensions Store * @license GNU/GPLv2 http://www.gnu.org/licenses/gpl-2.0.html / defined ( '_JEXEC' ) or die ( 'Restricted access' ); use Joomla\CMS\MVC\Model\BaseDatabaseModel; use JExtstore\Component\JChat\Administrator\Framework\Controller as JChatController; /* * Controller for tasks logic API ENDPOINT purpouse * @package JCHAT::AJAXSERVER::components::com_jchat * @subpackage controllers * @since 2.9 / class AjaxserverController extends JChatController { /* * AS SMVC entity here we treat HTTP request and identifier map * @access public * @param $cachable string * the view output will be cached * @return void / function display($cachable = false, $urlparams = false) { // Id entit� risposta ajax che identifica il subtask da eseguire in questo caso $params = json_decode($this->app->input->getString('data', null)); // Load additional models and make Dependency Injection thanks to JS controls $DIModels = @$params->DIModels; $models = array(); if(!empty($DIModels)) { foreach ($DIModels as $DIModel) { if($DIModel->modelside != $this->app->getClientId()) { // Add extra include paths BaseDatabaseModel::addIncludePath(JPATH_COMPONENT . 'Model/'); } $models[$DIModel->modelname] = $this->getModel ($DIModel->modelname); } } // This model maps Remote Procedure Call $model = $this->getModel (); $userData = $model->loadAjaxEntity ($params->idtask, $params->param, $models); // Format response for JS client as requested $document = $this->app->getDocument(); $viewType = $document->getType (); $coreName = $this->getName (); $view = $this->getView ( $coreName, $viewType, '', array ('base_path' => $this->basePath ) ); $view->display ($userData); } }PK��!�PRN]� �� CpanelController.phpnu��[��<?php namespace JExtstore\Component\JChat\Administrator\Controller; /* * @package JCHAT::CPANEL::administrator::components::com_jchat * @subpackage controllers * @author Joomla! Extensions Store * @Copyright (C) 2015 - Joomla! Extensions Store * @license GNU/GPLv2 http://www.gnu.org/licenses/gpl-2.0.html / defined ( '_JEXEC' ) or die ( 'Restricted access' ); use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use JExtstore\Component\JChat\Administrator\Framework\Controller as JChatController; use JExtstore\Component\JChat\Administrator\Framework\Http; /* * CPanel controller * * @package JCHAT::CPANEL::administrator::components::com_jchat * @subpackage controllers * @since 1.0 / class CpanelController extends JChatController { /* * Show Control Panel * @access public * @return void / function display($cachable = false, $urlparams = false) { $view = $this->getView('cpanel', 'html', '', array('base_path' => $this->basePath, 'layout' => 'default')); // Dependency injection setter on view/model $HTTPClient = new Http(); $view->set('httpclient', $HTTPClient); // No operations parent::display ($cachable); } /* * Purge file and db cache * @access public * @return void / public function purgeCaches() { $option = $this->option; //Load model $model = $this->getModel (); $result = $model->{$this->task}(); if(!$result) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelException = $model->getError(null, false); $this->app->enqueueMessage($modelException->getMessage(), $modelException->getErrorLevel()); $this->setRedirect ( "index.php?option=$option&task=cpanel.display", Text::_('COM_JCHAT_ERROR_DELETE_CACHE')); return false; } $this->setRedirect ( "index.php?option=$option&task=cpanel.display", Text::_('COM_JCHAT_SUCCESS_DELETE_CACHE') ); } /* * Class Constructor * * @access public * @return Object& / public function __construct($config = array(), MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); // Register Extra tasks $this->registerTask ( 'purgeFileCache', 'purgeCaches' ); $this->registerTask ( 'purgeDbCache', 'purgeCaches' ); } } ?>PK��!��NL��MessagesController.phpnu��[��<?php namespace JExtstore\Component\JChat\Administrator\Controller; /* * * @package JCHAT::MESSAGES::administrator::components::com_jchat * @subpackage controllers * @author Joomla! Extensions Store * @Copyright (C) 2015 - Joomla! Extensions Store * @license GNU/GPLv2 http://www.gnu.org/licenses/gpl-2.0.html / defined ( '_JEXEC' ) or die ( 'Restricted access' ); use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Component\ComponentHelper; use JExtstore\Component\JChat\Administrator\Framework\Controller as JChatController; /* * User messages concrete implementation * * @package JCHAT::MESSAGES::administrator::components::com_jchat * @subpackage controllers * @since 1.0 / class MessagesController extends JChatController { /* * Setta il model state a partire dallo userstate di sessione * @access protected * @param string $scope * @param boolean $ordering * @return object / protected function setModelState($scope = 'default', $ordering = true): object { $option = $this->option; $fromPeriod = $this->getUserStateFromRequest( "$option.$scope.fromperiod", 'fromperiod'); $toPeriod = $this->getUserStateFromRequest( "$option.$scope.toperiod", 'toperiod'); $msgType = $this->getUserStateFromRequest( "$option.$scope.msg_type", 'msg_type'); $msgStatus = $this->getUserStateFromRequest( "$option.$scope.msg_status", 'msg_status'); $roomsFilter = $this->getUserStateFromRequest( "$option.$scope.rooms_filter", 'rooms_filter'); $filter_order = $this->getUserStateFromRequest("$option.$scope.filter_order", 'filter_order', 'a.sent', 'cmd'); $filter_order_Dir = $this->getUserStateFromRequest("$option.$scope.filter_order_Dir", 'filter_order_Dir', 'desc', 'word'); $defaultModel = parent::setModelState('messages'); // Set model state $defaultModel->setState('fromPeriod', $fromPeriod); $defaultModel->setState('toPeriod', $toPeriod); $defaultModel->setState('msgType', $msgType); $defaultModel->setState('msgStatus', $msgStatus); $defaultModel->setState('roomsFilter', $roomsFilter); $defaultModel->setState('order', $filter_order); $defaultModel->setState('order_dir', $filter_order_Dir); return $defaultModel; } /* * Default listEntities * * @access public * @return void / public function display($cachable = false, $urlparams = false) { // Set model state $defaultModel = $this->setModelState('messages'); // Parent construction and view display parent::display($cachable); } /* * Mostra il dettaglio dell'entity * * @access public * @return void / public function showEntity() { $cid = $this->app->input->get ( 'cid', array ( 0 ), 'array' ); $idEntity = (int) $cid[0]; $model = $this->getModel(); $model->setState('option', $this->option); // Try to load record from model if(!$record = $model->loadEntity($idEntity)) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelExceptions = $model->getErrors(); foreach ($modelExceptions as $exception) { $this->app->enqueueMessage($exception->getMessage(), $exception->getErrorLevel()); } $this->setRedirect ( 'index.php?option=' . $this->option . '&task=messages.display'); return false; } // Get view and pushing model $viewType = $this->document->getType(); $viewName = $this->input->get('view', $this->default_view); $viewLayout = $this->input->get('layout', 'default', 'string'); $view = $this->getView($viewName, $viewType, '', array('base_path' => $this->basePath, 'layout' => $viewLayout)); $view->setModel ( $model, true ); $view->showEntity($record); } /* * Delete a db table entity * * @access public * @return bool / public function deleteEntity(): bool { $cids = $this->app->input->get ( 'cid', array (), 'array' ); $option = $this->option; // Load della model e checkin before exit $model = $this->getModel (); $oldest = $this->task == 'deleteOldestEntities' ? true : false; if ($this->task == 'deleteEntity') { $result = $model->deleteEntity ( $cids ); } elseif (in_array ( $this->task, array ( 'deleteEntities', 'deleteOldestEntities' ) )) { $result = $model->deleteEntities ( $oldest ); } if (! $result) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelException = $model->getError ( null, false ); $this->app->enqueueMessage ( $modelException->getMessage (), $modelException->getErrorLevel () ); $this->setRedirect ( "index.php?option=$option&task=messages.display", Text::_ ( 'COM_JCHAT_ERROR_DELETE' ) ); return false; } $this->setRedirect ( "index.php?option=$option&task=messages.display", Text::_ ( 'COM_JCHAT_SUCCESS_DELETE' ) ); return true; } /* * Avvia il processo di esportazione records * * @access public * @return void / public function exportMessages() { // Set model state $this->setModelState(); // Mapping fields to load to column header $fieldsToLoadArray = array( 'a.actualfrom AS sender_name'=>Text::_('COM_JCHAT_SENDER_NAME'), 'a.actualto AS receiver_name'=>Text::_('COM_JCHAT_RECEIVER_NAME'), 'a.message'=>Text::_('COM_JCHAT_MESSAGE'), 'a.sent'=>Text::_('COM_JCHAT_SENT'), 'a.read'=>Text::_('COM_JCHAT_READ'), 'a.type'=>Text::_('COM_JCHAT_TYPE'), 'a.ipaddress'=>Text::_('COM_JCHAT_IPADDRESS')); $fieldsFunctionTransformation = array(); $model = $this->getModel(); $model->setState('cparams', ComponentHelper::getParams('com_jchat')); $data = $model->exportMessages($fieldsToLoadArray, $fieldsFunctionTransformation); if(!$data) { $this->setRedirect('index.php?option=' . $this->option . '&task=messages.display', Text::_('COM_JCHAT_NODATA_EXPORT')); return false; } // Get view $viewType = $this->document->getType(); $viewName = $this->input->get('view', $this->default_view); $viewLayout = $this->input->get('layout', 'default', 'string'); $view = $this->getView($viewName, $viewType, '', array('base_path' => $this->basePath, 'layout' => $viewLayout)); $view->setModel($model, true); $view->sendCSVMessages($data, $fieldsFunctionTransformation); } /* * Constructor. * * @access protected * @param * array An optional associative array of configuration settings. * Recognized key values include 'name', 'default_task', * 'model_path', and * 'view_path' (this list is not meant to be comprehensive). * @since 1.5 / public function __construct($config = array(), MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); $this->registerTask('deleteEntities', 'deleteEntity'); $this->registerTask('deleteOldestEntities', 'deleteEntity'); } }PK��!��X̠��ConfigController.phpnu��[��<?php namespace JExtstore\Component\JChat\Administrator\Controller; /* * * @package JCHAT::CONFIG::administrator::components::com_jchat * @subpackage controllers * @author Joomla! Extensions Store * @Copyright (C) 2015 - Joomla! Extensions Store * @license GNU/GPLv2 http://www.gnu.org/licenses/gpl-2.0.html / defined ( '_JEXEC' ) or die ( 'Restricted access' ); use Joomla\CMS\Language\Text; use JExtstore\Component\JChat\Administrator\Framework\Controller as JChatController; /* * Config controller concrete implementation * * @package JCHAT::CPANEL::administrator::components::com_jchat * @subpackage controllers * @since 1.0 / class ConfigController extends JChatController { /* * Show configuration * @access public * @return void / public function display($cachable = false, $urlparams = false) { parent::display($cachable); } /* * Save config entity * @access public * @return bool / public function saveEntity(): bool { $model = $this->getModel(); $option = $this->option; if(!$model->storeEntity()) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelException = $model->getError(null, false); $this->app->enqueueMessage($modelException->getMessage(), $modelException->getErrorLevel()); $this->setRedirect ( "index.php?option=$option&task=config.display", Text::_('COM_JCHAT_ERROR_SAVING_PARAMS')); return false; } $this->setRedirect( "index.php?option=$option&task=config.display", Text::_('COM_JCHAT_SAVED_PARAMS')); return true; } }PK��!��MeetingsController.phpnu��[��<?php namespace JExtstore\Component\JChat\Administrator\Controller; /* * @package JCHAT::MEETINGS::administrator::components::com_jchat * @subpackage controllers * @author Joomla! Extensions Store * @Copyright (C) 2015 - Joomla! Extensions Store * @license GNU/GPLv2 http://www.gnu.org/licenses/gpl-2.0.html / defined ( '_JEXEC' ) or die ( 'Restricted access' ); use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use JExtstore\Component\JChat\Administrator\Framework\Controller as JChatController; /* * Main controller * @package JCHAT::MEETINGS::administrator::components::com_jchat * @subpackage controllers * @since 2.44 / class MeetingsController extends JChatController { /* * Set model state from session userstate * @access protected * @param string $scope * @return void / protected function setModelState($scope = 'default', $ordering = true): object { $option = $this->option; // Get default model $defaultModel = $this->getModel(); $filter_state = $this->getUserStateFromRequest ( "$option.$scope.filterstate", 'filter_state', null ); parent::setModelState($scope); // Set model state $defaultModel->setState('state', $filter_state); return $defaultModel; } /* * Default listEntities * * @access public * @param $cachable string * the view output will be cached * @return void / public function display($cachable = false, $urlparams = false) { // Set model state $defaultModel = $this->setModelState('meetings'); // Parent construction and view display parent::display($cachable); } /* * Class Constructor * * @access public * @return Object& / public function __construct($config = array(), MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); // Register Extra tasks $this->registerTask ( 'moveorder_up', 'moveOrder' ); $this->registerTask ( 'moveorder_down', 'moveOrder' ); $this->registerTask ( 'applyEntity', 'saveEntity' ); $this->registerTask ( 'saveEntity2New', 'saveEntity' ); $this->registerTask ( 'unpublish', 'publishEntities' ); $this->registerTask ( 'publish', 'publishEntities' ); } }PK��!�<ȱ�� RoomsController.phpnu��[��<?php namespace JExtstore\Component\JChat\Administrator\Controller; /* * @package JCHAT::ROOMS::administrator::components::com_jchat * @subpackage controllers * @author Joomla! Extensions Store * @Copyright (C) 2015 - Joomla! Extensions Store * @license GNU/GPLv2 http://www.gnu.org/licenses/gpl-2.0.html / defined ( '_JEXEC' ) or die ( 'Restricted access' ); use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use JExtstore\Component\JChat\Administrator\Framework\Controller as JChatController; /* * Main controller * @package JCHAT::ROOMS::administrator::components::com_jchat * @subpackage controllers * @since 1.0 / class RoomsController extends JChatController { /* * Set model state from session userstate * @access protected * @param string $scope * @return object / protected function setModelState($scope = 'default', $ordering = true): object { $option = $this->option; // Get default model $defaultModel = $this->getModel(); $filter_state = $this->getUserStateFromRequest ( "$option.$scope.filterstate", 'filter_state', null ); $filter_catid = $this->getUserStateFromRequest ( "$option.$scope.filtercatid", 'filter_catid', null ); parent::setModelState($scope); // Set model state $defaultModel->setState('state', $filter_state); $defaultModel->setState('catid', $filter_catid); return $defaultModel; } /* * Default listEntities * * @access public * @param $cachable string * the view output will be cached * @return void / public function display($cachable = false, $urlparams = false) { // Set model state $defaultModel = $this->setModelState('rooms'); // Parent construction and view display parent::display($cachable); } /* * Class Constructor * * @access public * @return Object& / public function __construct($config = array(), MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); // Register Extra tasks $this->registerTask ( 'moveorder_up', 'moveOrder' ); $this->registerTask ( 'moveorder_down', 'moveOrder' ); $this->registerTask ( 'applyEntity', 'saveEntity' ); $this->registerTask ( 'saveEntity2New', 'saveEntity' ); $this->registerTask ( 'unpublish', 'publishEntities' ); $this->registerTask ( 'publish', 'publishEntities' ); } }PK��!��V�� index.htmlnu��[��<!DOCTYPE html><title></title> PK��!� ��LamessagesController.phpnu��[��<?php namespace JExtstore\Component\JChat\Administrator\Controller; /* * @package JCHAT::LAMESSAGES::administrator::components::com_jchat * @subpackage controllers * @author Joomla! Extensions Store * @Copyright (C) 2015 - Joomla! Extensions Store * @license GNU/GPLv2 http://www.gnu.org/licenses/gpl-2.0.html / defined ( '_JEXEC' ) or die ( 'Restricted access' ); use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use JExtstore\Component\JChat\Administrator\Framework\Helpers\Mailer as JChatHelpersMailer; use JExtstore\Component\JChat\Administrator\Framework\Controller as JChatController; /* * Main controller leaved messages * @package JCHAT::LAMESSAGES::administrator::components::com_jchat * @subpackage controllers * @since 1.0 / class LamessagesController extends JChatController { /* * Setta il model state a partire dallo userstate di sessione * @access protected * @return object / protected function setModelState($scope = 'default', $ordering = true): object { // User state specific $option= $this->option; // Get default model $defaultModel = $this->getModel(); $filter_order = $this->getUserStateFromRequest( "$option.$scope.filter_order", 'filter_order', 'a.sentdate', 'cmd' ); $filter_order_Dir = $this->getUserStateFromRequest ( "$option.$scope.filter_order_Dir", 'filter_order_Dir', 'desc', 'word' ); $fromPeriod = $this->getUserStateFromRequest( "$option.$scope.fromperiod", 'fromperiod'); $toPeriod = $this->getUserStateFromRequest( "$option.$scope.toperiod", 'toperiod'); $worked = $this->getUserStateFromRequest( "$option.$scope.workedfilter", 'workedfilter'); $closed = $this->getUserStateFromRequest( "$option.$scope.closedfilter", 'closedfilter'); parent::setModelState($scope); // Set model state $defaultModel->setState('order', $filter_order); $defaultModel->setState('order_dir', $filter_order_Dir ); $defaultModel->setState('fromPeriod', $fromPeriod); $defaultModel->setState('toPeriod', $toPeriod); $defaultModel->setState('workedfilter', $worked); $defaultModel->setState('closedfilter', $closed); return $defaultModel; } /* * Default listEntities * * @access public * @param $cachable string * the view output will be cached * @return void / public function display($cachable = false, $urlparams = false) { // Set model state $defaultModel = $this->setModelState('lamessages'); // Parent construction and view display parent::display($cachable); } /* * Avvia il processo di esportazione records * * @access public * @return void / public function exportMessages() { // Set model state $this->setModelState(); // Mapping fields to load to column header $fieldsToLoadArray = array( 'a.name'=>Text::_('COM_JCHAT_LAMESSAGE_NAME'), 'a.email'=>Text::_('COM_JCHAT_LAMESSAGE_EMAIL'), 'a.phonenumber'=>Text::_('COM_JCHAT_LAMESSAGE_PHONENUMBER'), 'a.message'=>Text::_('COM_JCHAT_MESSAGE'), 'a.sentdate'=>Text::_('COM_JCHAT_SENT'), 'a.worked'=>Text::_('COM_JCHAT_WORKED_STATE'), 'a.closed_ticket'=>Text::_('COM_JCHAT_CLOSED_TICKET'), 'u.name AS username_logged'=>Text::_('COM_JCHAT_USERID'), 'a.id AS msg_id'=>Text::_('ID'), 'a.responses'=>Text::_('COM_JCHAT_TICKET_RESPONSES')); $fieldsFunctionTransformation = array(); $model = $this->getModel(); // Additional phone number field if(!$model->getComponentParams()->get('tickets_form_include_phonenumber', 0)) { unset($fieldsToLoadArray['a.phonenumber']); } $data = $model->exportMessages($fieldsToLoadArray, $fieldsFunctionTransformation); if(!$data) { $this->setRedirect('index.php?option=' . $this->option . '&task=lamessages.display', Text::_('COM_JCHAT_NODATA_EXPORT')); return false; } // Get view $viewType = $this->document->getType(); $viewName = $this->input->get('view', $this->default_view); $viewLayout = $this->input->get('layout', 'default', 'string'); $view = $this->getView($viewName, $viewType, '', array('base_path' => $this->basePath, 'layout' => $viewLayout)); $view->sendCSVMessages($data, $fieldsFunctionTransformation); } /* * Manage answered worked state for the ticket * * @access public / public function stateFlags() { // Access check if (! $this->allowEditState ( $this->option )) { $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_ERROR_ALERT_NOACCESS' ), 'notice' ); return false; } $cid = $this->app->input->get ( 'cid', array ( 0 ), 'array' ); $idEntity = ( int ) $cid [0]; $model = $this->getModel (); if (! $model->changeTicketState($idEntity, $this->task)) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelException = $model->getError ( null, false ); $this->app->enqueueMessage ( $modelException->getMessage (), $modelException->getErrorLevel () ); $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_ERROR_STATE_CHANGE' ) ); return false; } $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_LAMESSAGE_STATE_CHANGED' ) ); } /* * Risponde all'email del richiedente con il messaggio inserito dall'agente * richiedendo la serializzazione delle risposte nell'apposito db field * * @access public * @return void / public function responseMessage() { $task = $this->app->input->get('task', 'responseMessage'); $responseSubject = $this->app->input->getString('email_subject'); $responseText = $this->app->input->getRaw('response', ''); $idEntity = $this->app->input->getInt('id'); // Response text vuota validazione lato server con return false if(!trim($responseSubject)) { $controllerTask = 'editEntity&cid[]=' . $idEntity; $this->setRedirect ( "index.php?option=" . $this->option . "&task=lamessages.$controllerTask", Text::_('COM_JCHAT_VALIDATION_ERROR')); return false; } $model = $this->getModel(); // Root controller -> dependency injection $mailer = JChatHelpersMailer::getInstance('Joomla'); if (! $model->sendResponseStore($mailer, $idEntity, $responseSubject, $responseText)) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelException = $model->getError ( null, false ); $this->app->enqueueMessage ( $modelException->getMessage (), $modelException->getErrorLevel () ); $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".editEntity&cid[]=" . $this->app->input->get ( 'id' ), Text::_ ( 'COM_JCHAT_ERROR_SEND_MESSAGE' ) ); return false; } $controllerTask = 'editEntity&cid[]=' . $idEntity; $this->setRedirect ( "index.php?option=" . $this->option . "&task=lamessages.$controllerTask", Text::_('COM_JCHAT_SUCCESS_SEND_MESSAGE')); } /* * Class constructor * @return Object& / public function __construct($config = array(), MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); // Registering alias task $this->registerTask('applyEntity', 'saveEntity'); $this->registerTask('workedFlagOff', 'stateFlags'); $this->registerTask('workedFlagOn', 'stateFlags'); $this->registerTask('closedFlagOff', 'stateFlags'); $this->registerTask('closedFlagOn', 'stateFlags'); } }PK��!��!��UsersController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_users * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Users\Administrator\Controller; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Input\Input; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\AdminController; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Response\JsonResponse; use Joomla\Utilities\ArrayHelper; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Users list controller class. * * @since 1.6 / class UsersController extends AdminController { /* * @var string The prefix to use with controller messages. * @since 1.6 / protected $text_prefix = 'COM_USERS_USERS'; /* * Constructor. * * @param array $config An optional associative array of configuration settings. * @param ?MVCFactoryInterface $factory The factory. * @param ?CMSApplication $app The CMSApplication for the dispatcher * @param ?Input $input Input * * @since 1.6 * @see BaseController * @throws \Exception / public function __construct($config = [], ?MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); $this->registerTask('block', 'changeBlock'); $this->registerTask('unblock', 'changeBlock'); } /* * Proxy for getModel. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config Configuration array for model. Optional. * * @return object The model. * * @since 1.6 / public function getModel($name = 'User', $prefix = 'Administrator', $config = ['ignore_request' => true]) { return parent::getModel($name, $prefix, $config); } /* * Method to change the block status on a record. * * @return void * * @since 1.6 / public function changeBlock() { // Check for request forgeries. $this->checkToken(); $ids = (array) $this->input->get('cid', [], 'int'); $values = ['block' => 1, 'unblock' => 0]; $task = $this->getTask(); $value = ArrayHelper::getValue($values, $task, 0, 'int'); // Remove zero values resulting from input filter $ids = array_filter($ids); if (empty($ids)) { $this->setMessage(Text::_('COM_USERS_USERS_NO_ITEM_SELECTED'), 'warning'); } else { // Get the model. $model = $this->getModel(); // Change the state of the records. if (!$model->block($ids, $value)) { $this->setMessage($model->getError(), 'error'); } else { if ($value == 1) { $this->setMessage(Text::plural('COM_USERS_N_USERS_BLOCKED', \count($ids))); } elseif ($value == 0) { $this->setMessage(Text::plural('COM_USERS_N_USERS_UNBLOCKED', \count($ids))); } } } $this->setRedirect('index.php?option=com_users&view=users'); } /* * Method to activate a record. * * @return void * * @since 1.6 / public function activate() { // Check for request forgeries. $this->checkToken(); $ids = (array) $this->input->get('cid', [], 'int'); // Remove zero values resulting from input filter $ids = array_filter($ids); if (empty($ids)) { $this->setMessage(Text::_('COM_USERS_USERS_NO_ITEM_SELECTED'), 'error'); } else { // Get the model. $model = $this->getModel(); // Change the state of the records. if (!$model->activate($ids)) { $this->setMessage($model->getError(), 'error'); } else { $this->setMessage(Text::plural('COM_USERS_N_USERS_ACTIVATED', \count($ids))); } } $this->setRedirect('index.php?option=com_users&view=users'); } /* * Method to get the number of active users * * @return void * * @since 4.0.0 / public function getQuickiconContent() { $model = $this->getModel('Users'); $model->setState('filter.state', 0); $amount = (int) $model->getTotal(); $result = []; $result['amount'] = $amount; $result['sronly'] = Text::plural('COM_USERS_N_QUICKICON_SRONLY', $amount); $result['name'] = Text::plural('COM_USERS_N_QUICKICON', $amount); echo new JsonResponse($result); } } PK��!��-��-��RecorderController.phpnu��[��<?php namespace JExtstore\Component\JChat\Administrator\Controller; /* * @package JCHAT::RECORDER::administrator::components::com_jchat * @subpackage controllers * @author Joomla! Extensions Store * @Copyright (C) 2015 - Joomla! Extensions Store * @license GNU/GPLv2 http://www.gnu.org/licenses/gpl-2.0.html / defined ( '_JEXEC' ) or die ( 'Restricted access' ); use Joomla\CMS\Language\Text; use JExtstore\Component\JChat\Administrator\Framework\Controller as JChatController; /* * User messages concrete implementation * * @package JCHAT::RECORDER::administrator::components::com_jchat * @subpackage controllers * @since 2.9 / class RecorderController extends JChatController { /* * Setta il model state a partire dallo userstate di sessione * @access protected * @param string $scope * @param boolean $ordering * @return object / protected function setModelState($scope = 'default', $ordering = true): object { $option = $this->option; $fromPeriod = $this->getUserStateFromRequest( "$option.$scope.fromperiod", 'fromperiod'); $toPeriod = $this->getUserStateFromRequest( "$option.$scope.toperiod", 'toperiod'); $filter_order = $this->getUserStateFromRequest("$option.$scope.filter_order", 'filter_order', 'a.timerecord', 'cmd'); $filter_order_Dir = $this->getUserStateFromRequest("$option.$scope.filter_order_Dir", 'filter_order_Dir', 'desc', 'word'); $defaultModel = parent::setModelState($scope); // Set model state $defaultModel->setState('fromPeriod', $fromPeriod); $defaultModel->setState('toPeriod', $toPeriod); $defaultModel->setState('order', $filter_order); $defaultModel->setState('order_dir', $filter_order_Dir); return $defaultModel; } /* * Default listEntities * * @access public * @return void / public function display($cachable = false, $urlparams = false) { // Set model state $defaultModel = $this->setModelState('recorder'); // Parent construction and view display parent::display($cachable); } /* * Download video medias * * @access public * @return void / public function downloadEntity() { $cids = $this->app->input->get ( 'cid', array (), 'array' ); // Load della model e checkin before exit $model = $this->getModel (); if (! $model->downloadEntity ( $cids )) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelException = $model->getError ( null, false ); $this->app->enqueueMessage ( $modelException->getMessage (), $modelException->getErrorLevel () ); $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_ERROR_DOWNLOADING' ) ); return false; } } }PK��!��.�9v��v��EmoticonsController.phpnu��[��<?php namespace JExtstore\Component\JChat\Administrator\Controller; /* * @package JCHAT::EMOTICONS::administrator::components::com_jchat * @subpackage controllers * @author Joomla! Extensions Store * @copyright (C) 2015 - Joomla! Extensions Store * @license GNU/GPLv2 http://www.gnu.org/licenses/gpl-2.0.html / defined ( '_JEXEC' ) or die ( 'Restricted access' ); use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Filter\InputFilter; use Joomla\String\StringHelper; use JExtstore\Component\JChat\Administrator\Framework\Controller as JChatController; /* * Main emoticons controller manager * @package JCHAT::EMOTICONS::administrator::components::com_jchat * @subpackage controllers * @since 3.2 / class EmoticonsController extends JChatController { /* * Set model state from session userstate * * @access protected * @param string $scope * @return object / protected function setModelState($scope = 'default', $ordering = true): object { $option = $this->option; $filter_order = $this->getUserStateFromRequest("$option.$scope.filter_order", 'filter_order', 'ordering', 'cmd'); $filter_order_Dir = $this->getUserStateFromRequest("$option.$scope.filter_order_Dir", 'filter_order_Dir', 'asc', 'word'); $filter_state = $this->getUserStateFromRequest ( "$option.$scope.filterstate", 'filter_state', null ); $defaultModel = parent::setModelState($scope); // Set model state $defaultModel->setState('order', $filter_order); $defaultModel->setState('order_dir', $filter_order_Dir); $defaultModel->setState('state', $filter_state ); return $defaultModel; } /* * Default listEntities * * @access public * @param $cachable string * the view output will be cached * @return void / function display($cachable = false, $urlparams = false) { // Set model state $defaultModel = $this->setModelState('emoticons'); // Parent construction and view display parent::display($cachable, $urlparams = false); } /* * AS SMVC entity here we treat HTTP request and identifier map * @access public * @return void / function storeEmoticon() { // Id entit� risposta ajax che identifica il subtask da eseguire in questo caso $params = json_decode($this->app->input->getString('data', null)); $userData = new \stdClass(); // This model maps Remote Procedure Call $model = $this->getModel (); if(method_exists($model, $params->idtask)) { $filter = InputFilter::getInstance(); if(isset($params->param->linkurl)) { $params->param->linkurl = $filter->clean($params->param->linkurl, 'path'); } if(isset($params->param->keycode)) { $params->param->keycode = $filter->clean(strip_tags($params->param->keycode), 'username'); $params->param->keycode = StringHelper::str_ireplace(array('/'), '', $params->param->keycode); } $userData = $model->{$params->idtask} ($params->param); } // Format response for JS client as requested $document = $this->app->getDocument(); $viewType = $document->getType (); $coreName = $this->getName (); $view = $this->getView ( $coreName, $viewType, '', array ('base_path' => $this->basePath ) ); $view->display ($userData); } /* * Class Constructor * * @access public * @return Object& / public function __construct($config = array(), MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); $this->registerTask ( 'moveorder_up', 'moveOrder' ); $this->registerTask ( 'moveorder_down', 'moveOrder' ); } }PK��!��1?w��w��PluginController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_media * * @copyright (C) 2017 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Media\Administrator\Controller; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\Plugin\PluginHelper; use Joomla\CMS\Router\Route; use Joomla\Component\Media\Administrator\Event\OAuthCallbackEvent; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Plugin Controller for OAuth2.0 callbacks * * This controller handles OAuth2 Callbacks * * @since 4.0.0 / class PluginController extends BaseController { /* * Handles an OAuth Callback request for a specified plugin. * * URLs containing [sitename]/administrator/index.php?option=com_media&task=plugin.oauthcallback * &plugin=[plugin_name] * * will be handled by this endpoint. * It will select the plugin specified by plugin_name and pass all the data received from the provider * * @return void * * @since 4.0.0 / public function oauthcallback() { try { // Load plugin names $pluginName = $this->input->getString('plugin', null); $plugins = PluginHelper::getPlugin('filesystem'); // If plugin name was not found in parameters redirect back to control panel if (!$pluginName \|\| !$this->containsPlugin($plugins, $pluginName)) { throw new \Exception('Plugin not found!'); } // Check if the plugin is disabled, if so redirect to control panel if (!PluginHelper::isEnabled('filesystem', $pluginName)) { throw new \Exception('Plugin ' . $pluginName . ' is disabled.'); } // Only import our required plugin, not entire group PluginHelper::importPlugin('filesystem', $pluginName); // Event parameters $eventParameters = ['context' => $pluginName, 'input' => $this->input]; $event = new OAuthCallbackEvent('onFileSystemOAuthCallback', $eventParameters); // Get results from event $eventResults = (array) $this->app->triggerEvent('onFileSystemOAuthCallback', $event); // If event was not triggered in the selected Plugin, raise a warning and fallback to Control Panel if (!$eventResults) { throw new \Exception( 'Plugin ' . $pluginName . ' should have implemented onFileSystemOAuthCallback method' ); } $action = $eventResults['action'] ?? null; // If there are any messages display them if (isset($eventResults['message'])) { $message = $eventResults['message']; $messageType = ($eventResults['message_type'] ?? ''); $this->app->enqueueMessage($message, $messageType); } /* * Execute actions defined by the plugin * Supported actions * - close : Closes the current window, use this only for windows opened by javascript * - redirect : Redirect to a URI defined in 'redirect_uri' parameter, if not fallback to control panel * - media-manager : Redirect to Media Manager * - control-panel : Redirect to Control Panel / switch ($action) { case 'close': /* * Close a window opened by developer * Use this for close New Windows opened for OAuth Process / $this->setRedirect(Route::_('index.php?option=com_media&view=plugin&action=close', false)); break; case 'redirect': // Redirect browser to any page specified by the user if (!isset($eventResults['redirect_uri'])) { throw new \Exception("Redirect URI must be set in the plugin"); } $this->setRedirect($eventResults['redirect_uri']); break; case 'control-panel': // Redirect browser to Control Panel $this->setRedirect(Route::_('index.php', false)); break; case 'media-manager': default: // Redirect browser to Media Manager $this->setRedirect(Route::_('index.php?option=com_media&view=media', false)); } } catch (\Exception $e) { // Display any error $this->app->enqueueMessage($e->getMessage(), 'error'); $this->setRedirect(Route::_('index.php', false)); } // Redirect $this->redirect(); } /* * Check whether a plugin exists in given plugin array. * * @param array $plugins Array of plugin names * @param string $pluginName Plugin name to look up * * @return bool * * @since 4.0.0 / private function containsPlugin($plugins, $pluginName) { foreach ($plugins as $plugin) { if ($plugin->name == $pluginName) { return true; } } return false; } } PK��!��7�H3��H3��ApiController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_media * * @copyright (C) 2017 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Media\Administrator\Controller; use Joomla\CMS\Component\ComponentHelper; use Joomla\CMS\HTML\HTMLHelper; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\MVC\Model\BaseModel; use Joomla\CMS\Response\JsonResponse; use Joomla\CMS\Router\Route; use Joomla\CMS\Session\Session; use Joomla\Component\Media\Administrator\Exception\FileExistsException; use Joomla\Component\Media\Administrator\Exception\FileNotFoundException; use Joomla\Component\Media\Administrator\Exception\InvalidPathException; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Api Media Controller * * This is NO public api controller, it is internal for the com_media component only! * * @since 4.0.0 / class ApiController extends BaseController { /* * Execute a task by triggering a method in the derived class. * * @param string $task The task to perform. If no matching task is found, the '__default' task is executed, if defined. * * @return void * * @since 4.0.0 * @throws \Exception / public function execute($task) { $method = $this->input->getMethod(); $this->task = $task; try { // Check token for requests which do modify files (all except get requests) if ($method !== 'GET' && !Session::checkToken('json')) { throw new \InvalidArgumentException(Text::_('JINVALID_TOKEN_NOTICE'), 403); } $doTask = strtolower($method) . ucfirst($task); // Record the actual task being fired $this->doTask = $doTask; if (!\in_array($this->doTask, $this->taskMap)) { throw new \Exception(Text::sprintf('JLIB_APPLICATION_ERROR_TASK_NOT_FOUND', $task), 405); } $data = $this->$doTask(); // Return the data $this->sendResponse($data); } catch (FileNotFoundException $e) { $this->sendResponse($e, 404); } catch (FileExistsException $e) { $this->sendResponse($e, 409); } catch (InvalidPathException $e) { $this->sendResponse($e, 400); } catch (\Exception $e) { $errorCode = 500; if ($e->getCode() > 0) { $errorCode = $e->getCode(); } $this->sendResponse($e, $errorCode); } } /* * Files Get Method * * Examples: * * - GET a list of folders below the root: * index.php?option=com_media&task=api.files * /api/files * - GET a list of files and subfolders of a given folder: * index.php?option=com_media&task=api.files&format=json&path=/sampledata/cassiopeia * /api/files/sampledata/cassiopeia * - GET a list of files and subfolders of a given folder for a given search term: * use recursive=1 to search recursively in the working directory * index.php?option=com_media&task=api.files&format=json&path=/sampledata/cassiopeia&search=nasa5 * /api/files/sampledata/cassiopeia?search=nasa5 * To look up in same working directory set flag recursive=0 * index.php?option=com_media&task=api.files&format=json&path=/sampledata/cassiopeia&search=nasa5&recursive=0 * /api/files/sampledata/cassiopeia?search=nasa5&recursive=0 * - GET file information for a specific file: * index.php?option=com_media&task=api.files&format=json&path=/sampledata/cassiopeia/test.jpg * /api/files/sampledata/cassiopeia/test.jpg * - GET a temporary URL to a given file * index.php?option=com_media&task=api.files&format=json&path=/sampledata/cassiopeia/test.jpg&url=1&temp=1 * /api/files/sampledata/cassiopeia/test.jpg&url=1&temp=1 * - GET a temporary URL to a given file * index.php?option=com_media&task=api.files&format=json&path=/sampledata/cassiopeia/test.jpg&url=1 * /api/files/sampledata/cassiopeia/test.jpg&url=1 * * @return array The data to send with the response * * @since 4.0.0 * @throws \Exception / public function getFiles() { // Grab options $options = []; $options['url'] = $this->input->getBool('url', false); $options['search'] = $this->input->getString('search', ''); $options['recursive'] = $this->input->getBool('recursive', true); $options['content'] = $this->input->getBool('content', false); return $this->getModel()->getFiles($this->getAdapter(), $this->getPath(), $options); } /* * Files delete Method * * Examples: * * - DELETE an existing folder in a specific folder: * index.php?option=com_media&task=api.files&format=json&path=/sampledata/cassiopeia/test * /api/files/sampledata/cassiopeia/test * - DELETE an existing file in a specific folder: * index.php?option=com_media&task=api.files&path=/sampledata/cassiopeia/test.jpg * /api/files/sampledata/cassiopeia/test.jpg * * @return null * * @since 4.0.0 * @throws \Exception / public function deleteFiles() { if (!$this->app->getIdentity()->authorise('core.delete', 'com_media')) { throw new \Exception(Text::_('JLIB_APPLICATION_ERROR_DELETE_NOT_PERMITTED'), 403); } $this->getModel()->delete($this->getAdapter(), $this->getPath()); return null; } /* * Files Post Method * * Examples: * * - POST a new file or folder into a specific folder, the file or folder information is returned: * index.php?option=com_media&task=api.files&format=json&path=/sampledata/cassiopeia * /api/files/sampledata/cassiopeia * * New file body: * { * "name": "test.jpg", * "content":"base64 encoded image" * } * New folder body: * { * "name": "test", * } * * @return array The data to send with the response * * @since 4.0.0 * @throws \Exception / public function postFiles() { if (!$this->app->getIdentity()->authorise('core.create', 'com_media')) { throw new \Exception(Text::_('JLIB_APPLICATION_ERROR_CREATE_RECORD_NOT_PERMITTED'), 403); } $adapter = $this->getAdapter(); $path = $this->getPath(); $content = $this->input->json; $name = $content->getString('name'); $mediaContent = base64_decode($content->get('content', '', 'raw')); $override = $content->get('override', false); if ($mediaContent) { $this->checkFileSize(\strlen($mediaContent)); // A file needs to be created $name = $this->getModel()->createFile($adapter, $name, $path, $mediaContent, $override); } else { // A folder needs to be created $name = $this->getModel()->createFolder($adapter, $name, $path, $override); } $options = []; $options['url'] = $this->input->getBool('url', false); return $this->getModel()->getFile($adapter, $path . '/' . $name, $options); } /* * Files Put method * * Examples: * * - PUT a media file, the file or folder information is returned: * index.php?option=com_media&task=api.files&format=json&path=/sampledata/cassiopeia/test.jpg * /api/files/sampledata/cassiopeia/test.jpg * * Update file body: * { * "content":"base64 encoded image" * } * * - PUT move a file, folder to another one * path : will be taken as the source * index.php?option=com_media&task=api.files&format=json&path=/sampledata/cassiopeia/test.jpg * /api/files/sampledata/cassiopeia/test.jpg * * JSON body: * { * "newPath" : "/path/to/destination", * "move" : "1" * } * * - PUT copy a file, folder to another one * path : will be taken as the source * index.php?option=com_media&task=api.files&format=json&path=/sampledata/cassiopeia/test.jpg * /api/files/sampledata/cassiopeia/test.jpg * * JSON body: * { * "newPath" : "/path/to/destination", * "move" : "0" * } * * @return array The data to send with the response * * @since 4.0.0 * @throws \Exception / public function putFiles() { if (!$this->app->getIdentity()->authorise('core.edit', 'com_media')) { throw new \Exception(Text::_('JLIB_APPLICATION_ERROR_EDIT_NOT_PERMITTED'), 403); } $adapter = $this->getAdapter(); $path = $this->getPath(); $content = $this->input->json; $name = basename($path); $mediaContent = base64_decode($content->get('content', '', 'raw')); $newPath = $content->getString('newPath', null); $move = $content->get('move', true); if ($mediaContent != null) { $this->checkFileSize(\strlen($mediaContent)); $this->getModel()->updateFile($adapter, $name, str_replace($name, '', $path), $mediaContent); } if ($newPath != null && $newPath !== $adapter . ':' . $path) { [$destinationAdapter, $destinationPath] = explode(':', $newPath, 2); if ($move) { $destinationPath = $this->getModel()->move($adapter, $path, $destinationPath, false); } else { $destinationPath = $this->getModel()->copy($adapter, $path, $destinationPath, false); } $path = $destinationPath; } return $this->getModel()->getFile($adapter, $path); } /* * Send the given data as JSON response in the following format: * * {"success":true,"message":"ok","messages":null,"data":[{"type":"dir","name":"banners","path":"//"}]} * * @param mixed $data The data to send * @param integer $responseCode The response code * * @return void * * @since 4.0.0 / private function sendResponse($data = null, int $responseCode = 200) { // Set the correct content type $this->app->setHeader('Content-Type', 'application/json'); // Set the status code for the response $this->app->setHeader('status', $responseCode); // Send headers before sending the data $this->app->sendHeaders(); // Send the data echo new JsonResponse($data); $this->app->close(); } /* * Method to get a model object, loading it if required. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config Configuration array for model. Optional. * * @return BaseModel\|boolean Model object on success; otherwise false on failure. * * @since 4.0.0 / public function getModel($name = 'Api', $prefix = 'Administrator', $config = []) { return parent::getModel($name, $prefix, $config); } /* * Performs file size checks if it is allowed to be saved. * * @param integer $fileSize The size of submitted file * * @return void * * @since 4.4.9 * @throws \Exception / private function checkFileSize(int $fileSize) { $params = ComponentHelper::getParams('com_media'); $paramsUploadMaxsize = $params->get('upload_maxsize', 0) 1024 * 1024; if ($paramsUploadMaxsize > 0 && $fileSize > $paramsUploadMaxsize) { $link = 'index.php?option=com_config&view=component&component=com_media'; $output = HTMLHelper::_('link', Route::_($link), Text::_('JOPTIONS')); throw new \Exception(Text::sprintf('COM_MEDIA_ERROR_WARNFILETOOLARGE', $output), 403); } } /** * Get the Adapter. * * @return string * * @since 4.0.0 / private function getAdapter() { $parts = explode(':', $this->input->getString('path', ''), 2); if (\count($parts) < 1) { return null; } return $parts[0]; } /* * Get the Path. * * @return string * * @since 4.0.0 / private function getPath() { $parts = explode(':', $this->input->getString('path', ''), 2); if (\count($parts) < 2) { return null; } return $parts[1]; } } PK��!��N��NewsfeedController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_newsfeeds * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Newsfeeds\Administrator\Controller; use Joomla\CMS\MVC\Controller\FormController; use Joomla\CMS\MVC\Model\BaseDatabaseModel; use Joomla\CMS\Router\Route; use Joomla\CMS\Versioning\VersionableControllerTrait; use Joomla\Utilities\ArrayHelper; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Newsfeed controller class. * * @since 1.6 / class NewsfeedController extends FormController { use VersionableControllerTrait; /* * Method override to check if you can add a new record. * * @param array $data An array of input data. * * @return boolean * * @since 1.6 / protected function allowAdd($data = []) { $categoryId = ArrayHelper::getValue($data, 'catid', $this->input->getInt('filter_category_id'), 'int'); $allow = null; if ($categoryId) { // If the category has been passed in the URL check it. $allow = $this->app->getIdentity()->authorise('core.create', $this->option . '.category.' . $categoryId); } if ($allow === null) { // In the absence of better information, revert to the component permissions. return parent::allowAdd($data); } return $allow; } /* * Method to check if you can edit a record. * * @param array $data An array of input data. * @param string $key The name of the key for the primary key. * * @return boolean * * @since 1.6 / protected function allowEdit($data = [], $key = 'id') { $recordId = isset($data[$key]) ? (int) $data[$key] : 0; // Since there is no asset tracking, fallback to the component permissions. if (!$recordId) { return parent::allowEdit($data, $key); } // Get the item. $item = $this->getModel()->getItem($recordId); // Since there is no item, return false. if (empty($item)) { return false; } $user = $this->app->getIdentity(); // Check if can edit own core.edit.own. $canEditOwn = $user->authorise('core.edit.own', $this->option . '.category.' . (int) $item->catid) && $item->created_by == $user->id; // Check the category core.edit permissions. return $canEditOwn \|\| $user->authorise('core.edit', $this->option . '.category.' . (int) $item->catid); } /* * Method to run batch operations. * * @param object $model The model. * * @return boolean True if successful, false otherwise and internal error is set. * * @since 2.5 / public function batch($model = null) { $this->checkToken(); // Set the model $model = $this->getModel('Newsfeed', '', []); // Preset the redirect $this->setRedirect(Route::_('index.php?option=com_newsfeeds&view=newsfeeds' . $this->getRedirectToListAppend(), false)); return parent::batch($model); } /* * Method to cancel an edit. * * @param string $key The name of the primary key of the URL variable. * * @return boolean True if access level checks pass, false otherwise. * * @since 5.1.0 / public function cancel($key = null) { $result = parent::cancel($key); // When editing in modal then redirect to modalreturn layout if ($result && $this->input->get('layout') === 'modal') { $id = $this->input->get('id'); $return = 'index.php?option=' . $this->option . '&view=' . $this->view_item . $this->getRedirectToItemAppend($id) . '&layout=modalreturn&from-task=cancel'; $this->setRedirect(Route::_($return, false)); } return $result; } /* * Function that allows child controller access to model data * after the data has been saved. * * @param BaseDatabaseModel $model The data model object. * @param array $validData The validated data. * * @return void * * @since 5.1.0 / protected function postSaveHook(BaseDatabaseModel $model, $validData = []) { // When editing in modal then redirect to modalreturn layout if ($this->input->get('layout') === 'modal' && $this->task === 'save') { $id = $model->getState('newsfeed.id', ''); $return = 'index.php?option=' . $this->option . '&view=' . $this->view_item . $this->getRedirectToItemAppend($id) . '&layout=modalreturn&from-task=save'; $this->setRedirect(Route::_($return, false)); } } } PK��!�5aǂ��AjaxController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_contact * * @copyright (C) 2005 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Contact\Administrator\Controller; use Joomla\CMS\Language\Associations; use Joomla\CMS\Language\LanguageHelper; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\Response\JsonResponse; use Joomla\CMS\Session\Session; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * The contact controller for ajax requests * * @since 3.9.0 / class AjaxController extends BaseController { /* * Method to fetch associations of a contact * * The method assumes that the following http parameters are passed in an Ajax Get request: * token: the form token * assocId: the id of the contact whose associations are to be returned * excludeLang: the association for this language is to be excluded * * @return void * * @since 3.9.0 / public function fetchAssociations() { if (!Session::checkToken('get')) { echo new JsonResponse(null, Text::_('JINVALID_TOKEN'), true); } else { $assocId = $this->input->getInt('assocId', 0); if ($assocId == 0) { echo new JsonResponse(null, Text::sprintf('JLIB_FORM_VALIDATE_FIELD_INVALID', 'assocId'), true); return; } $excludeLang = $this->input->get('excludeLang', '', 'STRING'); $associations = Associations::getAssociations('com_contact', '#__contact_details', 'com_contact.item', (int) $assocId); unset($associations[$excludeLang]); // Add the title to each of the associated records $contactTable = $this->factory->createTable('Contact', 'Administrator'); foreach ($associations as $association) { $contactTable->load($association->id); $association->title = $contactTable->name; } $countContentLanguages = \count(LanguageHelper::getContentLanguages([0, 1], false)); if (\count($associations) == 0) { $message = Text::_('JGLOBAL_ASSOCIATIONS_PROPAGATE_MESSAGE_NONE'); } elseif ($countContentLanguages > \count($associations) + 2) { $tags = implode(', ', array_keys($associations)); $message = Text::sprintf('JGLOBAL_ASSOCIATIONS_PROPAGATE_MESSAGE_SOME', $tags); } else { $message = Text::_('JGLOBAL_ASSOCIATIONS_PROPAGATE_MESSAGE_ALL'); } echo new JsonResponse($associations, $message); } } } PK��!�?f�E��NewsfeedsController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_newsfeeds * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Newsfeeds\Administrator\Controller; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\AdminController; use Joomla\CMS\Response\JsonResponse; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Newsfeeds list controller class. * * @since 1.6 / class NewsfeedsController extends AdminController { /* * Method to get a model object, loading it if required. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config Configuration array for model. Optional. * * @return object The model. * * @since 1.6 / public function getModel($name = 'Newsfeed', $prefix = 'Administrator', $config = ['ignore_request' => true]) { return parent::getModel($name, $prefix, $config); } /* * Method to get the number of published newsfeeds for quickicons * * @return void * * @since 4.3.0 / public function getQuickiconContent() { $model = $this->getModel('newsfeeds'); $model->setState('filter.published', 1); $amount = (int) $model->getTotal(); $result = []; $result['amount'] = $amount; $result['sronly'] = Text::plural('COM_NEWSFEEDS_N_QUICKICON_SRONLY', $amount); $result['name'] = Text::plural('COM_NEWSFEEDS_N_QUICKICON', $amount); echo new JsonResponse($result); } } PK��!��7dd`��`��GroupsController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_users * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Users\Administrator\Controller; use Joomla\CMS\Access\Exception\NotAllowed; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\AdminController; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * User groups list controller class. * * @since 1.6 / class GroupsController extends AdminController { /* * @var string The prefix to use with controller messages. * @since 1.6 / protected $text_prefix = 'COM_USERS_GROUPS'; /* * Proxy for getModel. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config Configuration array for model. Optional. * * @return object The model. * * @since 1.6 / public function getModel($name = 'Group', $prefix = 'Administrator', $config = ['ignore_request' => true]) { return parent::getModel($name, $prefix, $config); } /* * Removes an item. * * Overrides Joomla\CMS\MVC\Controller\AdminController::delete to check the core.admin permission. * * @return void * * @since 1.6 / public function delete() { if (!$this->app->getIdentity()->authorise('core.admin', $this->option)) { throw new NotAllowed(Text::_('JERROR_ALERTNOAUTHOR'), 403); } parent::delete(); } /* * Method to publish a list of records. * * Overrides Joomla\CMS\MVC\Controller\AdminController::publish to check the core.admin permission. * * @return void * * @since 1.6 / public function publish() { if (!$this->app->getIdentity()->authorise('core.admin', $this->option)) { throw new NotAllowed(Text::_('JERROR_ALERTNOAUTHOR'), 403); } parent::publish(); } /* * Changes the order of one or more records. * * Overrides Joomla\CMS\MVC\Controller\AdminController::reorder to check the core.admin permission. * * @return boolean True on success * * @since 1.6 / public function reorder() { if (!$this->app->getIdentity()->authorise('core.admin', $this->option)) { throw new NotAllowed(Text::_('JERROR_ALERTNOAUTHOR'), 403); } return parent::reorder(); } /* * Method to save the submitted ordering values for records. * * Overrides Joomla\CMS\MVC\Controller\AdminController::saveorder to check the core.admin permission. * * @return boolean True on success * * @since 1.6 / public function saveorder() { if (!$this->app->getIdentity()->authorise('core.admin', $this->option)) { throw new NotAllowed(Text::_('JERROR_ALERTNOAUTHOR'), 403); } return parent::saveorder(); } /* * Check in of one or more records. * * Overrides Joomla\CMS\MVC\Controller\AdminController::checkin to check the core.admin permission. * * @return boolean True on success * * @since 1.6 / public function checkin() { if (!$this->app->getIdentity()->authorise('core.admin', $this->option)) { throw new NotAllowed(Text::_('JERROR_ALERTNOAUTHOR'), 403); } return parent::checkin(); } } PK��!��9� �� GroupController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_users * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Users\Administrator\Controller; use Joomla\CMS\Access\Access; use Joomla\CMS\MVC\Controller\FormController; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * User view level controller class. * * @since 1.6 / class GroupController extends FormController { /* * @var string The prefix to use with controller messages. * @since 1.6 / protected $text_prefix = 'COM_USERS_GROUP'; /* * Method to check if you can save a new or existing record. * * Overrides Joomla\CMS\MVC\Controller\FormController::allowSave to check the core.admin permission. * * @param array $data An array of input data. * @param string $key The name of the key for the primary key. * * @return boolean * * @since 1.6 / protected function allowSave($data, $key = 'id') { return $this->app->getIdentity()->authorise('core.admin', $this->option) && parent::allowSave($data, $key); } /* * Overrides Joomla\CMS\MVC\Controller\FormController::allowEdit * * Checks that non-Super Admins are not editing Super Admins. * * @param array $data An array of input data. * @param string $key The name of the key for the primary key. * * @return boolean * * @since 1.6 / protected function allowEdit($data = [], $key = 'id') { // Check if this group is a Super Admin if (Access::checkGroup($data[$key], 'core.admin')) { // If I'm not a Super Admin, then disallow the edit. if (!$this->app->getIdentity()->authorise('core.admin')) { return false; } } return parent::allowEdit($data, $key); } } PK��!��Rg1��1��FieldController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_fields * * @copyright (C) 2016 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Fields\Administrator\Controller; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\MVC\Controller\FormController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\MVC\Model\BaseDatabaseModel; use Joomla\Component\Fields\Administrator\Helper\FieldsHelper; use Joomla\Input\Input; use Joomla\Registry\Registry; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * The Field controller * * @since 3.7.0 / class FieldController extends FormController { /* * @var string / private $internalContext; /* * @var string / private $component; /* * The prefix to use with controller messages. * * @var string * @since 3.7.0 / protected $text_prefix = 'COM_FIELDS_FIELD'; /* * Constructor. * * @param array $config An optional associative array of configuration settings. * Recognized key values include 'name', 'default_task', 'model_path', and * 'view_path' (this list is not meant to be comprehensive). * @param ?MVCFactoryInterface $factory The factory. * @param ?CMSApplication $app The Application for the dispatcher * @param ?Input $input Input * * @since 3.7.0 / public function __construct($config = [], ?MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); $this->internalContext = $this->app->getUserStateFromRequest('com_fields.fields.context', 'context', 'com_content.article', 'CMD'); $parts = FieldsHelper::extract($this->internalContext); $this->component = $parts ? $parts[0] : null; } /* * Method override to check if you can add a new record. * * @param array $data An array of input data. * * @return boolean * * @since 3.7.0 / protected function allowAdd($data = []) { return $this->app->getIdentity()->authorise('core.create', $this->component); } /* * Method override to check if you can edit an existing record. * * @param array $data An array of input data. * @param string $key The name of the key for the primary key. * * @return boolean * * @since 3.7.0 / protected function allowEdit($data = [], $key = 'id') { $recordId = isset($data[$key]) ? (int) $data[$key] : 0; $user = $this->app->getIdentity(); // Zero record (id:0), return component edit permission by calling parent controller method if (!$recordId) { return parent::allowEdit($data, $key); } // Check edit on the record asset (explicit or inherited) if ($user->authorise('core.edit', $this->component . '.field.' . $recordId)) { return true; } // Check edit own on the record asset (explicit or inherited) if ($user->authorise('core.edit.own', $this->component . '.field.' . $recordId)) { // Existing record already has an owner, get it $record = $this->getModel()->getItem($recordId); if (empty($record)) { return false; } // Grant if current user is owner of the record return $user->id == $record->created_user_id; } return false; } /* * Method to run batch operations. * * @param object $model The model. * * @return boolean True if successful, false otherwise and internal error is set. * * @since 3.7.0 / public function batch($model = null) { $this->checkToken(); // Set the model $model = $this->getModel('Field'); // Preset the redirect $this->setRedirect('index.php?option=com_fields&view=fields&context=' . $this->internalContext); return parent::batch($model); } /* * Gets the URL arguments to append to an item redirect. * * @param integer $recordId The primary key id for the item. * @param string $urlVar The name of the URL variable for the id. * * @return string The arguments to append to the redirect URL. * * @since 3.7.0 / protected function getRedirectToItemAppend($recordId = null, $urlVar = 'id') { return parent::getRedirectToItemAppend($recordId) . '&context=' . $this->internalContext; } /* * Gets the URL arguments to append to a list redirect. * * @return string The arguments to append to the redirect URL. * * @since 3.7.0 / protected function getRedirectToListAppend() { return parent::getRedirectToListAppend() . '&context=' . $this->internalContext; } /* * Function that allows child controller access to model data after the data has been saved. * * @param BaseDatabaseModel $model The data model object. * @param array $validData The validated data. * * @return void * * @since 3.7.0 / protected function postSaveHook(BaseDatabaseModel $model, $validData = []) { $item = $model->getItem(); if (isset($item->params) && \is_array($item->params)) { $registry = new Registry(); $registry->loadArray($item->params); $item->params = (string) $registry; } } } PK��!�{��6��FieldsController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_fields * * @copyright (C) 2016 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Fields\Administrator\Controller; use Joomla\CMS\MVC\Controller\AdminController; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Fields list controller class. * * @since 3.7.0 / class FieldsController extends AdminController { /* * The prefix to use with controller messages. * * @var string * * @since 3.7.0 / protected $text_prefix = 'COM_FIELDS_FIELD'; /* * Proxy for getModel. * * @param string $name The name of the model. * @param string $prefix The prefix for the PHP class name. * @param array $config Array of configuration parameters. * * @return \Joomla\CMS\MVC\Model\BaseDatabaseModel * * @since 3.7.0 / public function getModel($name = 'Field', $prefix = 'Administrator', $config = ['ignore_request' => true]) { return parent::getModel($name, $prefix, $config); } /* * Append context variable to list redirect so that parent menu item stays open after an * admin action like publish, un-publish... fields * * @return string The arguments to append to the redirect URL. * * @since 4.2.9 / protected function getRedirectToListAppend() { $append = parent::getRedirectToListAppend(); $context = $this->input->getString('context'); if ($context) { $append .= '&context=' . $context; } return $append; } } PK��!��q&��&��RequestController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_config * * @copyright (C) 2017 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Config\Administrator\Controller; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Requests from the frontend * * @since 4.0.0 / class RequestController extends BaseController { /* * Execute the controller. * * @return mixed A rendered view or false * * @since 3.2 / public function getJson() { $componentFolder = $this->input->getWord('option', 'com_config'); if ($this->app->isClient('administrator')) { $viewName = $this->input->getWord('view', 'application'); } else { $viewName = $this->input->getWord('view', 'config'); } // Register the layout paths for the view $paths = new \SplPriorityQueue(); if ($this->app->isClient('administrator')) { $paths->insert(JPATH_ADMINISTRATOR . '/components/' . $componentFolder . '/view/' . $viewName . '/tmpl', 1); } else { $paths->insert(JPATH_BASE . '/components/' . $componentFolder . '/view/' . $viewName . '/tmpl', 1); } $model = new \Joomla\Component\Config\Administrator\Model\ApplicationModel(); $component = $model->getState()->get('component.option'); // Access check. if ( !$this->app->getIdentity()->authorise('core.admin', $component) && !$this->app->getIdentity()->authorise('core.options', $component) ) { $this->app->enqueueMessage(Text::_('JERROR_ALERTNOAUTHOR'), 'error'); return false; } try { $data = $model->getData(); } catch (\Exception $e) { $this->app->enqueueMessage($e->getMessage(), 'error'); return false; } // Required data $requiredData = [ 'sitename' => null, 'offline' => null, 'access' => null, 'list_limit' => null, 'MetaDesc' => null, 'MetaRights' => null, 'sef' => null, 'sitename_pagetitles' => null, 'debug' => null, 'debug_lang' => null, 'error_reporting' => null, 'mailfrom' => null, 'fromname' => null, ]; $data = array_intersect_key($data, $requiredData); return json_encode($data); } } PK��!��6~��~��ComponentController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_config * * @copyright (C) 2017 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Config\Administrator\Controller; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\FormController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Router\Route; use Joomla\CMS\Uri\Uri; use Joomla\Input\Input; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Note: this view is intended only to be opened in a popup * * @since 1.5 / class ComponentController extends FormController { /* * Constructor. * * @param array $config An optional associative array of configuration settings. * Recognized key values include 'name', 'default_task', 'model_path', and * 'view_path' (this list is not meant to be comprehensive). * @param ?MVCFactoryInterface $factory The factory. * @param ?CMSApplication $app The Application for the dispatcher * @param ?Input $input Input * * @since 3.0 / public function __construct($config = [], ?MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); // Map the apply task to the save method. $this->registerTask('apply', 'save'); } /* * Method to save component configuration. * * @param string $key The name of the primary key of the URL variable. * @param string $urlVar The name of the URL variable if different from the primary key (sometimes required to avoid router collisions). * * @return boolean * * @since 3.2 / public function save($key = null, $urlVar = null) { // Check for request forgeries. $this->checkToken(); $data = $this->input->get('jform', [], 'ARRAY'); $id = $this->input->get('id', null, 'INT'); $option = $this->input->get('component'); $user = $this->app->getIdentity(); $context = "$this->option.edit.$this->context.$option"; /* @var \Joomla\Component\Config\Administrator\Model\ComponentModel $model / $model = $this->getModel('Component', 'Administrator'); $model->setState('component.option', $option); $form = $model->getForm(); // Make sure com_joomlaupdate and com_privacy can only be accessed by SuperUser if (\in_array(strtolower($option), ['com_joomlaupdate', 'com_privacy'], true) && !$user->authorise('core.admin')) { $this->setRedirect(Route::_('index.php', false), Text::_('JERROR_ALERTNOAUTHOR'), 'error'); } // Check if the user is authorised to do this. if (!$user->authorise('core.admin', $option) && !$user->authorise('core.options', $option)) { $this->setRedirect(Route::_('index.php', false), Text::_('JERROR_ALERTNOAUTHOR'), 'error'); } // Remove the permissions rules data if user isn't allowed to edit them. if (!$user->authorise('core.admin', $option) && isset($data['params']['rules'])) { unset($data['params']['rules']); } $returnUri = $this->input->post->get('return', null, 'base64'); $redirect = ''; if (!empty($returnUri)) { $redirect = '&return=' . urlencode($returnUri); } // Validate the posted data. $return = $model->validate($form, $data); // Check for validation errors. if ($return === false) { // Save the data in the session. $this->app->setUserState($context . '.data', $data); // Redirect back to the edit screen. $this->setRedirect( Route::_('index.php?option=com_config&view=component&component=' . $option . $redirect, false), $model->getError(), 'error' ); return false; } // Attempt to save the configuration. $data = [ 'params' => $return, 'id' => $id, 'option' => $option, ]; try { $model->save($data); } catch (\RuntimeException $e) { // Save the data in the session. $this->app->setUserState($context . '.data', $data); // Save failed, go back to the screen and display a notice. $this->setRedirect( Route::_('index.php?option=com_config&view=component&component=' . $option . $redirect, false), Text::_('JERROR_SAVE_FAILED', $e->getMessage()), 'error' ); return false; } // Clear session data. $this->app->setUserState($context . '.data', null); // Set the redirect based on the task. switch ($this->input->get('task')) { case 'apply': $this->setRedirect( Route::_('index.php?option=com_config&view=component&component=' . $option . $redirect, false), Text::_('COM_CONFIG_SAVE_SUCCESS'), 'message' ); break; case 'save': $this->setMessage(Text::_('COM_CONFIG_SAVE_SUCCESS'), 'message'); // No break default: $redirect = 'index.php?option=' . $option; if (!empty($returnUri)) { $redirect = base64_decode($returnUri); } // Don't redirect to an external URL. if (!Uri::isInternal($redirect)) { $redirect = Uri::base(); } $this->setRedirect(Route::_($redirect, false)); } return true; } /* * Method to cancel global configuration component. * * @param string $key The name of the primary key of the URL variable. * * @return boolean * * @since 3.2 / public function cancel($key = null) { $component = $this->input->get('component'); // Clear session data. $this->app->setUserState("$this->option.edit.$this->context.$component.data", null); // Calculate redirect URL $returnUri = $this->input->post->get('return', null, 'base64'); $redirect = 'index.php?option=' . $component; if (!empty($returnUri)) { $redirect = base64_decode($returnUri); } // Don't redirect to an external URL. if (!Uri::isInternal($redirect)) { $redirect = Uri::base(); } $this->setRedirect(Route::_($redirect, false)); return true; } } PK��!��zx[%��[%��ApplicationController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_config * * @copyright (C) 2017 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Config\Administrator\Controller; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Application\CMSWebApplicationInterface; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Response\JsonResponse; use Joomla\CMS\Router\Route; use Joomla\CMS\Session\Session; use Joomla\Input\Input; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Controller for global configuration * * @since 1.5 / class ApplicationController extends BaseController { /* * Constructor. * * @param array $config An optional associative array of configuration settings. * Recognized key values include 'name', 'default_task', 'model_path', and * 'view_path' (this list is not meant to be comprehensive). * @param ?MVCFactoryInterface $factory The factory. * @param ?CMSApplication $app The Application for the dispatcher * @param ?Input $input Input * * @since 3.0 / public function __construct($config = [], ?MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); // Map the apply task to the save method. $this->registerTask('apply', 'save'); } /* * Cancel operation. * * @return void * * @since 3.0.0 / public function cancel() { $this->setRedirect(Route::_('index.php?option=com_cpanel')); } /* * Saves the form * * @return void\|boolean Void on success. Boolean false on fail. * * @since 4.0.0 / public function save() { // Check for request forgeries. $this->checkToken(); // Check if the user is authorized to do this. if (!$this->app->getIdentity()->authorise('core.admin')) { $this->setRedirect('index.php', Text::_('JERROR_ALERTNOAUTHOR'), 'error'); return false; } $this->app->setUserState('com_config.config.global.data', null); /* @var \Joomla\Component\Config\Administrator\Model\ApplicationModel $model / $model = $this->getModel('Application', 'Administrator'); $data = $this->input->post->get('jform', [], 'array'); // Complete data array if needed $oldData = $model->getData(); $data = array_replace($oldData, $data); // Get request type $saveFormat = $this->app->getDocument()->getType(); // Handle service requests if ($saveFormat == 'json') { $form = $model->getForm(); $return = $model->validate($form, $data); if ($return === false) { $this->app->setHeader('Status', 422, true); return false; } return $model->save($return); } // Must load after serving service-requests $form = $model->getForm(); // Validate the posted data. $return = $model->validate($form, $data); // Check for validation errors. if ($return === false) { // Get the validation messages. $errors = $model->getErrors(); // Push up to three validation messages out to the user. for ($i = 0, $n = \count($errors); $i < $n && $i < 3; $i++) { if ($errors[$i] instanceof \Exception) { $this->app->enqueueMessage($errors[$i]->getMessage(), CMSWebApplicationInterface::MSG_ERROR); } else { $this->app->enqueueMessage($errors[$i], CMSWebApplicationInterface::MSG_ERROR); } } // Save the posted data in the session. $this->app->setUserState('com_config.config.global.data', $data); // Redirect back to the edit screen. $this->setRedirect(Route::_('index.php?option=com_config', false)); return false; } // Validate database connection data. $data = $return; $return = $model->validateDbConnection($data); // Check for validation errors. if ($return === false) { / * The validateDbConnection method enqueued all messages for us. / // Save the posted data in the session. $this->app->setUserState('com_config.config.global.data', $data); // Redirect back to the edit screen. $this->setRedirect(Route::_('index.php?option=com_config', false)); return false; } // Save the validated data in the session. $this->app->setUserState('com_config.config.global.data', $return); // Attempt to save the configuration. $data = $return; $return = $model->save($data); // Check the return value. if ($return === false) { / * The save method enqueued all messages for us, so we just need to redirect back. / // Save failed, go back to the screen and display a notice. $this->setRedirect(Route::_('index.php?option=com_config', false)); return false; } // Set the success message. $this->app->enqueueMessage(Text::_('COM_CONFIG_SAVE_SUCCESS'), 'message'); // Set the redirect based on the task. switch ($this->input->getCmd('task')) { case 'apply': $this->setRedirect(Route::_('index.php?option=com_config', false)); break; case 'save': default: $this->setRedirect(Route::_('index.php', false)); break; } } /* * Method to remove root in global configuration. * * @return boolean * * @since 3.2 / public function removeroot() { // Check for request forgeries. if (!Session::checkToken('get')) { $this->setRedirect('index.php', Text::_('JINVALID_TOKEN'), 'error'); return false; } // Check if the user is authorized to do this. if (!$this->app->getIdentity()->authorise('core.admin')) { $this->setRedirect('index.php', Text::_('JERROR_ALERTNOAUTHOR'), 'error'); return false; } // Initialise model. /* @var \Joomla\Component\Config\Administrator\Model\ApplicationModel $model / $model = $this->getModel('Application', 'Administrator'); // Attempt to save the configuration and remove root. try { $model->removeroot(); } catch (\RuntimeException $e) { // Save failed, go back to the screen and display a notice. $this->setRedirect('index.php', Text::_('JERROR_SAVE_FAILED', $e->getMessage()), 'error'); return false; } // Set the redirect based on the task. $this->setRedirect(Route::_('index.php'), Text::_('COM_CONFIG_SAVE_SUCCESS')); return true; } /* * Method to send the test mail. * * @return void * * @since 3.5 / public function sendtestmail() { // Send json mime type. $this->app->mimeType = 'application/json'; $this->app->setHeader('Content-Type', $this->app->mimeType . '; charset=' . $this->app->charSet); $this->app->sendHeaders(); // Check if user token is valid. if (!Session::checkToken()) { $this->app->enqueueMessage(Text::_('JINVALID_TOKEN'), 'error'); echo new JsonResponse(); $this->app->close(); } // Check if the user is authorized to do this. if (!$this->app->getIdentity()->authorise('core.admin')) { $this->app->enqueueMessage(Text::_('JERROR_ALERTNOAUTHOR'), 'error'); echo new JsonResponse(); $this->app->close(); } /* @var \Joomla\Component\Config\Administrator\Model\ApplicationModel $model / $model = $this->getModel('Application', 'Administrator'); echo new JsonResponse($model->sendTestMail()); $this->app->close(); } /* * Method to GET permission value and give it to the model for storing in the database. * * @return void * * @since 3.5 / public function store() { // Send json mime type. $this->app->mimeType = 'application/json'; $this->app->setHeader('Content-Type', $this->app->mimeType . '; charset=' . $this->app->charSet); $this->app->sendHeaders(); // Check if user token is valid. if (!Session::checkToken('get')) { $this->app->enqueueMessage(Text::_('JINVALID_TOKEN'), 'error'); echo new JsonResponse(); $this->app->close(); } /* @var \Joomla\Component\Config\Administrator\Model\ApplicationModel $model / $model = $this->getModel('Application', 'Administrator'); echo new JsonResponse($model->storePermissions()); $this->app->close(); } } PK��!�Ǿ8f��f��UpdatesController.phpnu��[��<?php /* * @package Joomla.API * @subpackage com_joomlaupdate * * @copyright (C) 2025 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Joomlaupdate\Api\Controller; use Joomla\CMS\Language\Text; use Joomla\Component\Joomlaupdate\Api\View\Updates\JsonapiView; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * The updates controller * * @since 5.4.0 / class UpdatesController extends BaseController { /* * The content type of the item. * * @var string * @since 5.4.0 / protected $contentType = 'updates'; /* * The default view for the display method. * * @var string * @since 5.4.0 / protected $default_view = 'updates'; /* * Get the latest update version for the auto updater * * @return UpdateController For chaining / public function getUpdate() { $this->validateUpdateToken(); $view = $this->prepareView(); $view->getUpdate(); return $this; } /* * Prepare the update and output the update information * * @return UpdatesController * * @since 5.4.0 / public function prepareUpdate() { $this->validateUpdateToken(); /* * @var UpdateModel $model / $model = $this->getModel('Update'); $latestVersion = $model->getAutoUpdateVersion(); $targetVersion = $this->input->json->getString('targetVersion'); if (!$latestVersion \|\| $latestVersion !== $targetVersion) { throw new \Exception(Text::_('COM_JOOMLAUPDATE_VIEW_UPDATE_VERSION_WRONG'), 410); } $view = $this->prepareView(); $view->prepareUpdate($targetVersion); return $this; } /* * Finalize the update * * @return UpdateController For chaining / public function finalizeUpdate() { $this->validateUpdateToken(); $fromVersion = $this->input->json->getString('fromVersion', ''); $updateFileName = $this->input->json->getString('updateFileName', ''); // Sanitize provided file name $updateFileName = pathinfo($updateFileName, PATHINFO_BASENAME); $view = $this->prepareView(); $view->finalizeUpdate($fromVersion, $updateFileName); return $this; } /* * Generic method to prepare the view * * @return JsonapiView The prepared view / protected function prepareView() { $viewType = $this->app->getDocument()->getType(); $viewName = $this->input->get('view', $this->default_view); $viewLayout = $this->input->get('layout', 'default', 'string'); try { /* @var JsonApiView $view / $view = $this->getView( $viewName, $viewType, '', ['base_path' => $this->basePath, 'layout' => $viewLayout, 'contentType' => $this->contentType] ); } catch (\Exception $e) { throw new \RuntimeException($e->getMessage()); } /* @var UpdateModel $model / $model = $this->getModel('Update', 'Administrator', ['ignore_request' => true, 'state' => $this->modelState]); if (!$model) { throw new \RuntimeException(Text::_('JLIB_APPLICATION_ERROR_MODEL_CREATE')); } // Push the model into the view (as default) $view->setModel($model, true); $view->setDocument($this->app->getDocument()); return $view; } /* * Basic display of an item view. We don't allow this * * @param integer $id The primary key to display. Leave empty if you want to retrieve data from the request * * @return static A \JControllerLegacy object to support chaining. * * @since 5.4.0 / public function displayItem($id = null) { throw new \RuntimeException('Not implemented', 501); } /* * List view amended to add filtering of data. We don't allow this * * @return static A BaseController object to support chaining. * * @since 5.4.0 / public function displayList() { throw new \RuntimeException('Not implemented', 501); } /* * Removes an item. * * @param integer $id The primary key to delete item. * * @return void * * @since 5.4.0 / public function delete($id = null) { throw new \RuntimeException('Not implemented', 501); } /* * Method to check if you can edit an existing record. * * We don't allow editing from API (yet?) * * @param array $data An array of input data. * @param string $key The name of the key for the primary key; default is id. * * @return boolean * * @since 5.4.0 / protected function allowEdit($data = [], $key = 'id') { return false; } /* * Method to check if you can add a new record. * * We don't allow adding from API * * @param array $data An array of input data. * * @return boolean * * @since 5.4.0 / protected function allowAdd($data = []) { return false; } } PK��!��^l��BaseController.phpnu��[��<?php /* * @package Joomla.API * @subpackage com_joomlaupdate * * @copyright (C) 2025 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Joomlaupdate\Api\Controller; use Joomla\CMS\Component\ComponentHelper; use Joomla\CMS\MVC\Controller\ApiController; use Joomla\CMS\MVC\Controller\Exception\ResourceNotFound; use Tobscure\JsonApi\Exception\InvalidParameterException; abstract class BaseController extends ApiController { /* * Validate if the update token is correct and auto update is enabled * * @return void * * @since 5.4.0 * * @throws \Exception / protected function validateUpdateToken(): void { $config = ComponentHelper::getParams('com_joomlaupdate'); if ($config->get('updatesource') !== 'default' \|\| (int) $config->get('minimum_stability') !== 4 \|\| !$config->get('autoupdate')) { throw new ResourceNotFound('Auto update is disabled', 404); } $token = $this->input->server->get('HTTP_X_JUPDATE_TOKEN', '', 'STRING'); if (empty($token)) { throw new InvalidParameterException('Token is required', 403, null, 'token'); } if ($config->get('update_token') !== $token) { throw new InvalidParameterException('Invalid token', 403, null, 'token'); } } } PK��!�C^=��=��NotificationController.phpnu��[��<?php /* * @package Joomla.API * @subpackage com_joomlaupdate * * @copyright (C) 2025 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Joomlaupdate\Api\Controller; use Joomla\CMS\Language\Text; use Joomla\Component\Joomlaupdate\Administrator\Model\NotificationModel; use Joomla\Component\Joomlaupdate\Api\View\Updates\JsonapiView; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * The updates controller * * @since 5.4.0 / class NotificationController extends BaseController { /* * The content type of the item. * * @var string * @since 5.4.0 / protected $contentType = 'notification'; /* * The default view for the display method. * * @var string * @since 5.4.0 / protected $default_view = 'notification'; /* * Send fail notification to configured super users * * @return NotificationController For chaining / public function failed() { $this->validateUpdateToken(); $fromVersion = $this->input->json->getString('fromVersion', null); $toVersion = $this->input->json->getString('toVersion', null); $view = $this->prepareView(); $view->notification('failed', $fromVersion, $toVersion); return $this; } /* * Send success notification to configured super users * * @return NotificationController * * @since 5.4.0 / public function success() { $this->validateUpdateToken(); $fromVersion = $this->input->json->getString('fromVersion', null); $toVersion = $this->input->json->getString('toVersion', null); $view = $this->prepareView(); $view->notification('success', $fromVersion, $toVersion); return $this; } /* * Generic method to prepare the view * * @return JsonapiView The prepared view / protected function prepareView() { $viewType = $this->app->getDocument()->getType(); $viewName = $this->input->get('view', $this->default_view); $viewLayout = $this->input->get('layout', 'default', 'string'); try { /* @var JsonApiView $view / $view = $this->getView( $viewName, $viewType, '', ['base_path' => $this->basePath, 'layout' => $viewLayout, 'contentType' => $this->contentType] ); } catch (\Exception $e) { throw new \RuntimeException($e->getMessage()); } /* @var NotificationModel $model / $model = $this->getModel('Notification', 'Administrator', ['ignore_request' => true, 'state' => $this->modelState]); if (!$model) { throw new \RuntimeException(Text::_('JLIB_APPLICATION_ERROR_MODEL_CREATE')); } // Push the model into the view (as default) $view->setModel($model, true); $view->setDocument($this->app->getDocument()); return $view; } /* * Basic display of an item view. We don't allow this * * @param integer $id The primary key to display. Leave empty if you want to retrieve data from the request * * @return static A \JControllerLegacy object to support chaining. * * @since 5.4.0 / public function displayItem($id = null) { throw new \RuntimeException('Not implemented', 501); } /* * List view amended to add filtering of data. We don't allow this * * @return static A BaseController object to support chaining. * * @since 5.4.0 / public function displayList() { throw new \RuntimeException('Not implemented', 501); } /* * Removes an item. * * @param integer $id The primary key to delete item. * * @return void * * @since 5.4.0 / public function delete($id = null) { throw new \RuntimeException('Not implemented', 501); } /* * Method to check if you can edit an existing record. * * We don't allow editing from API (yet?) * * @param array $data An array of input data. * @param string $key The name of the key for the primary key; default is id. * * @return boolean * * @since 5.4.0 / protected function allowEdit($data = [], $key = 'id') { return false; } /* * Method to check if you can add a new record. * * We don't allow adding from API * * @param array $data An array of input data. * * @return boolean * * @since 5.4.0 / protected function allowAdd($data = []) { return false; } } PK��!� ��HealthcheckController.phpnu��[��<?php /* * @package Joomla.API * @subpackage com_joomlaupdate * * @copyright (C) 2025 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Joomlaupdate\Api\Controller; use Joomla\CMS\Language\Text; use Joomla\Component\Joomlaupdate\Administrator\Model\UpdateModel; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * The healthcheck controller * * @since 5.4.0 / class HealthcheckController extends BaseController { /* * The content type of the item. * * @var string * @since 5.4.0 / protected $contentType = 'healthcheck'; /* * The default view for the display method. * * @var string * @since 5.4.0 / protected $default_view = 'healthcheck'; /* * Show the healthcheck information * * @return HealthcheckController * * @since 5.4.0 / public function show() { $this->validateUpdateToken(); $viewType = $this->app->getDocument()->getType(); $viewName = $this->input->get('view', $this->default_view); $viewLayout = $this->input->get('layout', 'default', 'string'); try { /* @var JsonApiView $view / $view = $this->getView( $viewName, $viewType, '', ['base_path' => $this->basePath, 'layout' => $viewLayout, 'contentType' => $this->contentType] ); } catch (\Exception $e) { throw new \RuntimeException($e->getMessage()); } /* @var UpdateModel $model / $model = $this->getModel('Update', 'Administrator', ['ignore_request' => true, 'state' => $this->modelState]); if (!$model) { throw new \RuntimeException(Text::_('JLIB_APPLICATION_ERROR_MODEL_CREATE')); } // Push the model into the view (as default) $view->setModel($model, true); $view->setDocument($this->app->getDocument()); $view->healthCheck(); // If we reach this point, healthcheck was successful, so update the date in the config $model->updateLastHealthCheck(); return $this; } /* * Basic display of an item view. We don't allow this * * @param integer $id The primary key to display. Leave empty if you want to retrieve data from the request * * @return static A \JControllerLegacy object to support chaining. * * @since 5.4.0 / public function displayItem($id = null) { throw new \RuntimeException('Not implemented', 501); } /* * List view amended to add filtering of data. We don't allow this * * @return static A BaseController object to support chaining. * * @since 5.4.0 / public function displayList() { throw new \RuntimeException('Not implemented', 501); } /* * Removes an item. * * @param integer $id The primary key to delete item. * * @return void * * @since 5.4.0 / public function delete($id = null) { throw new \RuntimeException('Not implemented', 501); } /* * Method to check if you can edit an existing record. * * We don't allow editing from API (yet?) * * @param array $data An array of input data. * @param string $key The name of the key for the primary key; default is id. * * @return boolean * * @since 5.4.0 / protected function allowEdit($data = [], $key = 'id') { return false; } /* * Method to check if you can add a new record. * * We don't allow adding from API * * @param array $data An array of input data. * * @return boolean * * @since 5.4.0 / protected function allowAdd($data = []) { return false; } } PK��!�7��MessageController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_postinstall * * @copyright (C) 2013 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Postinstall\Administrator\Controller; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\Component\Postinstall\Administrator\Helper\PostinstallHelper; use Joomla\Component\Postinstall\Administrator\Model\MessagesModel; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Postinstall message controller. * * @since 3.2 / class MessageController extends BaseController { /* * Resets all post-installation messages of the specified extension. * * @return void * * @since 3.2 / public function reset() { $this->checkToken('get'); /* @var MessagesModel $model / $model = $this->getModel('Messages', '', ['ignore_request' => true]); $eid = $this->input->getInt('eid'); if (empty($eid)) { $eid = $model->getJoomlaFilesExtensionId(); } $model->resetMessages($eid); $this->setRedirect('index.php?option=com_postinstall&eid=' . $eid); } /* * Unpublishes post-installation message of the specified extension. * * @return void * * @since 3.2 / public function unpublish() { $this->checkToken('get'); $model = $this->getModel('Messages', '', ['ignore_request' => true]); $id = $this->input->get('id'); $eid = (int) $model->getState('eid', $model->getJoomlaFilesExtensionId()); if (empty($eid)) { $eid = $model->getJoomlaFilesExtensionId(); } $model->setState('published', 0); $model->unpublishMessage($id); $this->setRedirect('index.php?option=com_postinstall&eid=' . $eid); } /* * Re-Publishes an archived post-installation message of the specified extension. * * @return void * * @since 4.2.0 / public function republish() { $this->checkToken('get'); $model = $this->getModel('Messages', '', ['ignore_request' => true]); $id = $this->input->get('id'); $eid = (int) $model->getState('eid', $model->getJoomlaFilesExtensionId()); if (empty($eid)) { $eid = $model->getJoomlaFilesExtensionId(); } $model->setState('published', 1); $model->republishMessage($id); $this->setRedirect('index.php?option=com_postinstall&eid=' . $eid); } /* * Archives a published post-installation message of the specified extension. * * @return void * * @since 4.2.0 / public function archive() { $this->checkToken('get'); $model = $this->getModel('Messages', '', ['ignore_request' => true]); $id = $this->input->get('id'); $eid = (int) $model->getState('eid', $model->getJoomlaFilesExtensionId()); if (empty($eid)) { $eid = $model->getJoomlaFilesExtensionId(); } $model->setState('published', 2); $model->archiveMessage($id); $this->setRedirect('index.php?option=com_postinstall&eid=' . $eid); } /* * Executes the action associated with an item. * * @return void * * @since 3.2 / public function action() { $this->checkToken('get'); $model = $this->getModel('Messages', '', ['ignore_request' => true]); $id = $this->input->get('id'); $item = $model->getItem($id); switch ($item->type) { case 'link': $this->setRedirect($item->action); return; case 'action': $helper = new PostinstallHelper(); $file = $helper->parsePath($item->action_file); if (is_file($file)) { require_once $file; \call_user_func($item->action); } break; } $this->setRedirect('index.php?option=com_postinstall'); } /* * Hides all post-installation messages of the specified extension. * * @return void * * @since 3.8.7 / public function hideAll() { $this->checkToken(); /* @var MessagesModel $model / $model = $this->getModel('Messages', '', ['ignore_request' => true]); $eid = $this->input->getInt('eid'); if (empty($eid)) { $eid = $model->getJoomlaFilesExtensionId(); } $model->hideMessages($eid); $this->setRedirect('index.php?option=com_postinstall&eid=' . $eid); } } PK��!�g��S ��S ��InstallController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_installer * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Installer\Administrator\Controller; use Joomla\CMS\Access\Exception\NotAllowed; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\Response\JsonResponse; use Joomla\CMS\Router\Route; use Joomla\CMS\Session\Session; use Joomla\CMS\Uri\Uri; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Installer controller for Joomla! installer class. * * @since 1.5 / class InstallController extends BaseController { /* * Install an extension. * * @return mixed * * @since 1.5 / public function install() { // Check for request forgeries. $this->checkToken(); if (!$this->app->getIdentity()->authorise('core.admin')) { throw new NotAllowed(Text::_('JERROR_ALERTNOAUTHOR'), 403); } /* @var \Joomla\Component\Installer\Administrator\Model\InstallModel $model / $model = $this->getModel('install'); // @todo: Reset the users acl here as well to kill off any missing bits. $result = $model->install(); $app = $this->app; $redirect_url = $app->getUserState('com_installer.redirect_url'); $return = $this->input->getBase64('return'); if (!$redirect_url && $return) { $redirect_url = base64_decode($return); } // Don't redirect to an external URL. if ($redirect_url && !Uri::isInternal($redirect_url)) { $redirect_url = ''; } if (empty($redirect_url)) { $redirect_url = Route::_('index.php?option=com_installer&view=install', false); } else { // Wipe out the user state when we're going to redirect. $app->setUserState('com_installer.redirect_url', ''); $app->setUserState('com_installer.message', ''); $app->setUserState('com_installer.extension_message', ''); } $this->setRedirect($redirect_url); return $result; } /* * Install an extension from drag & drop ajax upload. * * @return void * * @since 3.7.0 / public function ajax_upload() { // Check for request forgeries. Session::checkToken() or jexit(Text::_('JINVALID_TOKEN')); if (!$this->app->getIdentity()->authorise('core.admin')) { throw new NotAllowed(Text::_('JERROR_ALERTNOAUTHOR'), 403); } $message = $this->app->getUserState('com_installer.message'); // Do install $result = $this->install(); // Get redirect URL $redirect = $this->redirect; // Push message queue to session because we will redirect page by \Javascript, not $app->redirect(). // The "application.queue" is only set in redirect() method, so we must manually store it. $this->app->getSession()->set('application.queue', $this->app->getMessageQueue()); header('Content-Type: application/json'); echo new JsonResponse(['redirect' => $redirect], $message, !$result); $this->app->close(); } } PK��!�A�v��UpdateController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_installer * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Installer\Administrator\Controller; use Joomla\CMS\Component\ComponentHelper; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\Response\JsonResponse; use Joomla\CMS\Router\Route; use Joomla\CMS\Session\Session; use Joomla\CMS\Updater\Updater; use Joomla\CMS\Uri\Uri; use Joomla\Component\Installer\Administrator\Model\UpdateModel; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Installer Update Controller * * @since 1.6 / class UpdateController extends BaseController { /* * Update a set of extensions. * * @return void * * @since 1.6 / public function update() { // Check for request forgeries. $this->checkToken(); /* @var UpdateModel $model / $model = $this->getModel('update'); $uid = (array) $this->input->get('cid', [], 'int'); // Remove zero values resulting from input filter $uid = array_filter($uid); // Get the minimum stability. $params = ComponentHelper::getComponent('com_installer')->getParams(); $minimum_stability = (int) $params->get('minimum_stability', Updater::STABILITY_STABLE); $model->update($uid, $minimum_stability); $app = $this->app; $redirect_url = $app->getUserState('com_installer.redirect_url'); // Don't redirect to an external URL. if ($redirect_url && !Uri::isInternal($redirect_url)) { $redirect_url = ''; } if (empty($redirect_url)) { $redirect_url = Route::_('index.php?option=com_installer&view=update', false); } else { // Wipe out the user state when we're going to redirect. $app->setUserState('com_installer.redirect_url', ''); $app->setUserState('com_installer.message', ''); $app->setUserState('com_installer.extension_message', ''); } $this->setRedirect($redirect_url); } /* * Find new updates. * * @return void * * @since 1.6 / public function find() { $this->checkToken('request'); // Get the caching duration. $params = ComponentHelper::getComponent('com_installer')->getParams(); $cache_timeout = (int) $params->get('cachetimeout', 6); $cache_timeout = 3600 $cache_timeout; // Get the minimum stability. $minimum_stability = (int) $params->get('minimum_stability', Updater::STABILITY_STABLE); // Find updates. /** @var UpdateModel $model / $model = $this->getModel('update'); // Purge the table before checking again $model->purge(); $disabledUpdateSites = $model->getDisabledUpdateSites(); if ($disabledUpdateSites) { $updateSitesUrl = Route::_('index.php?option=com_installer&view=updatesites'); $this->app->enqueueMessage(Text::sprintf('COM_INSTALLER_MSG_UPDATE_SITES_COUNT_CHECK', $updateSitesUrl), 'warning'); } $model->findUpdates(0, $cache_timeout, $minimum_stability); if (0 === $model->getTotal()) { $this->app->enqueueMessage(Text::_('COM_INSTALLER_MSG_UPDATE_NOUPDATES'), 'info'); } $this->setRedirect(Route::_('index.php?option=com_installer&view=update', false)); } /* * Fetch and report updates in \JSON format, for AJAX requests * * @return void * * @since 2.5 / public function ajax() { $app = $this->app; if (!Session::checkToken('get')) { $app->setHeader('status', 403, true); $app->sendHeaders(); echo Text::_('JINVALID_TOKEN_NOTICE'); $app->close(); } // Close the session before we make a long running request $app->getSession()->abort(); $eid = $this->input->getInt('eid', 0); $skip = $this->input->get('skip', [], 'array'); $cache_timeout = $this->input->getInt('cache_timeout', 0); $minimum_stability = $this->input->getInt('minimum_stability', -1); $params = ComponentHelper::getComponent('com_installer')->getParams(); if ($cache_timeout == 0) { $cache_timeout = (int) $params->get('cachetimeout', 6); $cache_timeout = 3600 $cache_timeout; } if ($minimum_stability < 0) { $minimum_stability = (int) $params->get('minimum_stability', Updater::STABILITY_STABLE); } /** @var UpdateModel $model / $model = $this->getModel('update'); $model->findUpdates($eid, $cache_timeout, $minimum_stability); $model->setState('list.start', 0); $model->setState('list.limit', 0); if ($eid != 0) { $model->setState('filter.extension_id', $eid); } $updates = $model->getItems(); if (!empty($skip)) { $unfiltered_updates = $updates; $updates = []; foreach ($unfiltered_updates as $update) { if (!\in_array($update->extension_id, $skip)) { $updates[] = $update; } } } echo json_encode($updates); $app->close(); } /* * Provide the data for a badge in a menu item via JSON * * @return void * * @since 4.0.0 * @throws \Exception / public function getMenuBadgeData() { if (!$this->app->getIdentity()->authorise('core.manage', 'com_installer')) { throw new \Exception(Text::_('JGLOBAL_AUTH_ACCESS_DENIED')); } $model = $this->getModel('Update'); echo new JsonResponse($model->getTotal()); } } PK��!��fG�0��0��ManageController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') \|\| die; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerCustomACLTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerEventsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Model\StatisticModel; use Akeeba\Component\AkeebaBackup\Administrator\Model\StatisticsModel; use Akeeba\Engine\Factory; use Akeeba\Engine\Platform; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Component\ComponentHelper; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\AdminController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Uri\Uri; use Joomla\Input\Input; class ManageController extends AdminController { use ControllerEventsTrait; use ControllerCustomACLTrait; protected $text_prefix = 'COM_AKEEBABACKUP_BUADMIN'; private bool $noFlush = false; public function __construct( $config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null ) { parent::__construct($config, $factory, $app, $input); $this->noFlush = ComponentHelper::getParams('com_akeebabackup')->get('no_flush', 0) == 1; $this->registerTask('download', 'download'); $this->registerTask('remove', 'remove'); $this->registerTask('deletefiles', 'deletefiles'); $this->registerTask('hidemodal', 'hidemodal'); } public function getModel($name = '', $prefix = '', $config = []) { $name = $name ?: 'Statistic'; return parent::getModel($name, $prefix, $config); } public function display($cachable = false, $urlparams = []) { $document = $this->app->getDocument(); $viewType = $document->getType(); $viewName = $this->input->get('view', $this->default_view); $viewLayout = $this->input->get('layout', 'default', 'string'); $view = $this->getView($viewName, $viewType, '', ['base_path' => $this->basePath, 'layout' => $viewLayout]); // Push the models $view->setModel($this->getModel('Statistics', 'Administrator'), true); $view->setModel($this->getModel('Profiles', 'Administrator')); // Push the document $view->document = $document; // Display the view $view->display(); return $this; } /* * Downloads the backup archive of the specified backup record * * @return void / public function download() { $this->checkToken('get'); // Get items to publish from the request. $id = $this->input->getInt('id', 0); $part = $this->input->get('part', -1, 'int'); if ($id <= 0) { $this->setRedirect( Uri::base() . 'index.php?option=com_akeebabackup&view=Manage', Text::_('COM_AKEEBABACKUP_BUADMIN_ERROR_INVALIDID'), 'error' ); return; } $stat = Platform::getInstance()->get_statistics($id); $allFilenames = Factory::getStatistics()->get_all_filenames($stat); $filename = null; // Check single part files $countAllFilenames = $allFilenames === null ? 0 : count($allFilenames); if (($countAllFilenames == 1) && ($part == -1)) { $filename = array_shift($allFilenames); } elseif (($countAllFilenames > 0) && ($countAllFilenames > $part) && ($part >= 0)) { $filename = $allFilenames[$part]; } if (is_null($filename) \|\| empty($filename) \|\| !@file_exists($filename)) { $this->setRedirect( Uri::base() . 'index.php?option=com_akeebabackup&view=Manage', Text::_('COM_AKEEBABACKUP_BUADMIN_ERROR_INVALIDDOWNLOAD'), 'error' ); return; } $this->triggerEvent('onBeforeDownload', [$id, $part ?: 1]); // Remove php's time limit if (function_exists('ini_get') && function_exists('set_time_limit')) { if (!ini_get('safe_mode')) { @set_time_limit(0); } } $basename = @basename($filename); $filesize = @filesize($filename); $extension = strtolower(str_replace(".", "", strrchr($filename, "."))); /* @noinspection PhpStatementHasEmptyBodyInspection / while (@ob_end_clean()) { } @clearstatcache(); // Send MIME headers header('MIME-Version: 1.0'); header('Content-Disposition: attachment; filename="' . $basename . '"'); header('Content-Transfer-Encoding: binary'); header('Accept-Ranges: bytes'); switch ($extension) { case 'zip': // ZIP MIME type header('Content-Type: application/zip'); break; default: // Generic binary data MIME type header('Content-Type: application/octet-stream'); break; } // Notify of filesize, if this info is available if ($filesize > 0) { header('Content-Length: ' . @filesize($filename)); } // Disable caching header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Expires: 0"); header('Pragma: no-cache'); if (!$this->noFlush) { flush(); } if (!$filesize) { // If the filesize is not reported, hope that readfile works @readfile($filename); $this->app->close(); } // If the filesize is reported, use 1M chunks for echoing the data to the browser $blocksize = 1048576; //1M chunks $handle = @fopen($filename, "r"); // Now we need to loop through the file and echo out chunks of file data if ($handle !== false) { while (!@feof($handle)) { echo @fread($handle, $blocksize); @ob_flush(); if (!$this->noFlush) { flush(); } } } if ($handle !== false) { @fclose($handle); } $this->app->close(); } public function delete() { $this->checkToken(); // Get items to publish from the request. $ids = $this->input->get('cid', [], 'array'); if (empty($ids)) { $this->setRedirect( Uri::base() . 'index.php?option=com_akeebabackup&view=Manage', Text::_('COM_AKEEBABACKUP_BUADMIN_ERROR_INVALIDID'), 'error' ); return; } foreach ($ids as $id) { try { $msg = Text::_('COM_AKEEBABACKUP_BUADMIN_ERROR_INVALIDID'); $result = false; if ($id > 0) { /* @var StatisticModel $model / $model = $this->getModel('Statistic', 'Administrator'); $result = $model->delete($id); } } catch (\RuntimeException $e) { $result = false; $msg = $e->getMessage(); } if (!$result) { $this->setRedirect(Uri::base() . 'index.php?option=com_akeebabackup&view=Manage', $msg, 'error'); return; } } $this->setRedirect( Uri::base() . 'index.php?option=com_akeebabackup&view=Manage', Text::_('COM_AKEEBABACKUP_BUADMIN_MSG_DELETED') ); } public function deletefiles() { $this->checkToken(); // Get items to publish from the request. $ids = $this->input->get('cid', [], 'array'); if (empty($ids)) { $this->setRedirect( Uri::base() . 'index.php?option=com_akeebabackup&view=Manage', Text::_('COM_AKEEBABACKUP_BUADMIN_ERROR_INVALIDID'), 'error' ); return; } foreach ($ids as $id) { try { $msg = Text::_('COM_AKEEBABACKUP_BUADMIN_ERROR_INVALIDID'); $result = false; if ($id > 0) { /* @var StatisticModel $model / $model = $this->getModel('Statistic', 'Administrator'); $result = $model->deleteFiles($id); } } catch (\RuntimeException $e) { $result = false; $msg = $e->getMessage(); } if (!$result) { $this->setRedirect(Uri::base() . 'index.php?option=com_akeebabackup&view=Manage', $msg, 'error'); return; } } $this->setRedirect( Uri::base() . 'index.php?option=com_akeebabackup&view=Manage', Text::_('COM_AKEEBABACKUP_BUADMIN_MSG_DELETEDFILE') ); } public function hidemodal() { /* @var StatisticsModel $model / $model = $this->getModel('Statistics', 'Administrator'); $model->hideRestorationInstructionsModal( $this->app->bootComponent('com_akeebabackup')->getComponentParametersService() ); $this->setRedirect(Uri::base() . 'index.php?option=com_akeebabackup&view=Manage'); } }PK��!�1pǔT ��T ��DiscoverController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_installer * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Installer\Administrator\Controller; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\Response\JsonResponse; use Joomla\CMS\Router\Route; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Discover Installation Controller * * @since 1.6 / class DiscoverController extends BaseController { /* * Refreshes the cache of discovered extensions. * * @return void * * @since 1.6 / public function refresh() { $this->checkToken('request'); /* @var \Joomla\Component\Installer\Administrator\Model\DiscoverModel $model / $model = $this->getModel('discover'); $model->discover(); if (!$model->getTotal()) { $this->setMessage(Text::_('COM_INSTALLER_ERROR_NO_EXTENSIONS_DISCOVERED'), 'info'); } $this->setRedirect(Route::_('index.php?option=com_installer&view=discover', false)); } /* * Install a discovered extension. * * @return void * * @since 1.6 / public function install() { $this->checkToken(); /* @var \Joomla\Component\Installer\Administrator\Model\DiscoverModel $model / $model = $this->getModel('discover'); $model->discover_install(); $this->setRedirect(Route::_('index.php?option=com_installer&view=discover', false)); } /* * Clean out the discovered extension cache. * * @return void * * @since 1.6 / public function purge() { $this->checkToken('request'); /* @var \Joomla\Component\Installer\Administrator\Model\DiscoverModel $model / $model = $this->getModel('discover'); $model->purge(); $this->setRedirect(Route::_('index.php?option=com_installer&view=discover', false), $model->_message); } /* * Provide the data for a badge in a menu item via JSON * * @return void * * @since 4.0.0 / public function getMenuBadgeData() { if (!$this->app->getIdentity()->authorise('core.manage', 'com_installer')) { throw new \Exception(Text::_('JGLOBAL_AUTH_ACCESS_DENIED')); } $model = $this->getModel('Discover'); echo new JsonResponse($model->getTotal()); } } PK��!�� DatabaseController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_installer * * @copyright (C) 2011 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Installer\Administrator\Controller; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\Response\JsonResponse; use Joomla\CMS\Router\Route; use Joomla\Component\Installer\Administrator\Model\DatabaseModel; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Installer Database Controller * * @since 2.5 / class DatabaseController extends BaseController { /* * Tries to fix missing database updates * * @return void * * @throws \Exception * * @since 2.5 * @todo Purge updates has to be replaced with an events system / public function fix() { // Check for request forgeries. $this->checkToken(); // Get items to fix the database. $cid = (array) $this->input->get('cid', [], 'int'); // Remove zero values resulting from input filter $cid = array_filter($cid); if (empty($cid)) { $this->app->getLogger()->warning( Text::_( 'COM_INSTALLER_ERROR_NO_EXTENSIONS_SELECTED' ), ['category' => 'jerror'] ); } else { /* @var DatabaseModel $model / $model = $this->getModel('Database'); $model->fix($cid); /* @var \Joomla\Component\Joomlaupdate\Administrator\Model\UpdateModel $updateModel / $updateModel = $this->app->bootComponent('com_joomlaupdate') ->getMVCFactory()->createModel('Update', 'Administrator', ['ignore_request' => true]); $updateModel->purge(); // Refresh versionable assets cache $this->app->flushAssets(); } $this->setRedirect(Route::_('index.php?option=com_installer&view=database', false)); } /* * Provide the data for a badge in a menu item via JSON * * @return void * * @since 4.0.0 * @throws \Exception / public function getMenuBadgeData() { if (!$this->app->getIdentity()->authorise('core.manage', 'com_installer')) { throw new \Exception(Text::_('JGLOBAL_AUTH_ACCESS_DENIED')); } $model = $this->getModel('Database'); $changeSet = $model->getItems(); $changeSetCount = 0; foreach ($changeSet as $item) { $changeSetCount += $item['errorsCount']; } echo new JsonResponse($changeSetCount); } } PK��!��.�W��UpdatesitesController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_installer * * @copyright (C) 2014 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Installer\Administrator\Controller; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\AdminController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Router\Route; use Joomla\Input\Input; use Joomla\Utilities\ArrayHelper; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Installer Update Sites Controller * * @package Joomla.Administrator * @subpackage com_installer * @since 3.4 / class UpdatesitesController extends AdminController { /* * The prefix to use with controller messages. * * @var string * @since 4.0.0 / protected $text_prefix = 'COM_INSTALLER_UPDATESITES'; /* * Constructor. * * @param array $config An optional associative array of configuration settings. * @param ?MVCFactoryInterface $factory The factory. * @param ?CMSApplication $app The Application for the dispatcher * @param ?Input $input Input * * @since 1.6 / public function __construct($config = [], ?MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); $this->registerTask('unpublish', 'publish'); $this->registerTask('publish', 'publish'); $this->registerTask('delete', 'delete'); $this->registerTask('rebuild', 'rebuild'); } /* * Proxy for getModel. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config The array of possible config values. Optional. * * @return \Joomla\CMS\MVC\Model\BaseDatabaseModel * * @since 4.0.0 / public function getModel($name = 'Updatesite', $prefix = 'Administrator', $config = ['ignore_request' => true]) { return parent::getModel($name, $prefix, $config); } /* * Enable/Disable an extension (if supported). * * @return void * * @since 3.4 * * @throws \Exception on error / public function publish() { // Check for request forgeries. $this->checkToken(); $ids = (array) $this->input->get('cid', [], 'int'); $values = ['publish' => 1, 'unpublish' => 0]; $task = $this->getTask(); $value = ArrayHelper::getValue($values, $task, 0, 'int'); // Remove zero values resulting from input filter $ids = array_filter($ids); if (empty($ids)) { throw new \Exception(Text::_('COM_INSTALLER_ERROR_NO_UPDATESITES_SELECTED'), 500); } // Get the model. /* @var \Joomla\Component\Installer\Administrator\Model\UpdatesitesModel $model / $model = $this->getModel('Updatesites'); // Change the state of the records. if (!$model->publish($ids, $value)) { throw new \Exception(implode('<br>', $model->getErrors()), 500); } $ntext = ($value == 0) ? 'COM_INSTALLER_N_UPDATESITES_UNPUBLISHED' : 'COM_INSTALLER_N_UPDATESITES_PUBLISHED'; $this->setMessage(Text::plural($ntext, \count($ids))); $this->setRedirect(Route::_('index.php?option=com_installer&view=updatesites', false)); } /* * Deletes an update site (if supported). * * @return void * * @since 3.6 * * @throws \Exception on error / public function delete() { // Check for request forgeries. $this->checkToken(); $ids = (array) $this->input->get('cid', [], 'int'); // Remove zero values resulting from input filter $ids = array_filter($ids); if (empty($ids)) { throw new \Exception(Text::_('COM_INSTALLER_ERROR_NO_UPDATESITES_SELECTED'), 500); } // Delete the records. $this->getModel('Updatesites')->delete($ids); $this->setRedirect(Route::_('index.php?option=com_installer&view=updatesites', false)); } /* * Rebuild update sites tables. * * @return void * * @since 3.6 / public function rebuild() { // Check for request forgeries. $this->checkToken(); // Rebuild the update sites. $this->getModel('Updatesites')->rebuild(); $this->setRedirect(Route::_('index.php?option=com_installer&view=updatesites', false)); } } PK��!��D��D��UpdatesiteController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_installer * * @copyright (C) 2019 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Installer\Administrator\Controller; use Joomla\CMS\MVC\Controller\FormController; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Controller for a single update site * * @since 4.0.0 / class UpdatesiteController extends FormController { } PK��!��\��i��i��Controller.phpnu��[��<?php namespace JExtstore\Component\JChat\Administrator\Framework; /* * * @package JCHAT::administrator::components::com_jchat * @subpackage framework * @subpackage controller * @author Joomla! Extensions Store * @copyright (C) 2015 - Joomla! Extensions Store * @license GNU/GPLv2 http://www.gnu.org/licenses/gpl-2.0.html / defined ( '_JEXEC' ) or die ( 'Restricted access' ); use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\MVC\Controller\BaseController as JBaseController; use Joomla\CMS\Cache\Controller\ViewController; use Joomla\Utilities\ArrayHelper; use Joomla\CMS\Language\Text; use Joomla\CMS\Factory; use Joomla\CMS\Component\ComponentHelper; /* * Base controller class * * @package JCHAT::administrator::components::com_jchat * @subpackage framework * @subpackage controller * @since 1.0 / class Controller extends JBaseController { /* * Dispatch option * * @access protected * @var string / protected $option; /* * Main application reference * * @access protected * @var Object / protected $app; /* * User object for ACL authorise check * * @access protected * @var Object / protected $user; /* * Document object, needed by controllers to instantiate * the right view object based on document format * * @access protected * @var Object / protected $document; /* * Variables in request array * * @access protected * @var Object / protected $requestArray; /* * Method override to check if you can add a new record. * * @param array $data * An array of input data. * * @return bool / protected function allowDisplay(): bool { // Set a default value $allow = true; $cParams = ComponentHelper::getParams('com_jchat'); // Check for chat access level $chatAccessGids = array(); $chatAccessLevels = $cParams->get('chat_accesslevels', array('0')); if(is_array($chatAccessLevels) && !in_array(0, $chatAccessLevels, false)) { // Check for user groups current user belong to $userGroups = $this->user->getAuthorisedGroups(); $db =Factory::getContainer()->get('DatabaseDriver'); // Translate the chat access levels to Joomla users groups sum $query = $db->getQuery(true) ->select('rules') ->from($db->quoteName('#__viewlevels')) ->where('id IN (' . implode(',', $chatAccessLevels) . ')'); // Set the query for execution. $db->setQuery($query); // Build the view levels array. foreach ($db->loadColumn() as $levels) { $chatAccessGids = array_merge($chatAccessGids, (array) json_decode($levels)); } // Intersect to recognize chat admins $intersectResult = array_intersect($userGroups, $chatAccessGids); $allow = (bool)(count($intersectResult)); } // Check for menu exclusion $menu = $this->app->getMenu()->getActive(); if(is_object($menu)) { $menuItemid = $menu->id; $menuExcluded = $cParams->get('chat_exclusions'); if(is_array($menuExcluded) && !in_array(0, $menuExcluded, false) && in_array($menuItemid, $menuExcluded)) { $allow = false; } } // Check for IP multiple ranges exclusions if($cParams->get ( 'ipbanning', false)) { $ipAddressRegex = '/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/i'; $clientIP = $_SERVER ['REMOTE_ADDR']; $clientIpDec = ( float ) sprintf ( "%u", ip2long ( $clientIP ) ); $ipRanges = $cParams->get ( 'iprange_multiple', null); // Check if data are not null if($ipRanges) { // Try to load every range, one per row $explodeRows = explode(PHP_EOL, $ipRanges); if(!empty($explodeRows)) { foreach ($explodeRows as $singleRange) { // Try to detect single range $explodeRange = explode('-', $singleRange); if(!empty($explodeRange) && count($explodeRange) == 2) { $ipStart = trim($explodeRange[0]); $ipEnd = trim($explodeRange[1]); $validIpRangeStart = preg_match ( $ipAddressRegex, $ipStart ); $validIpRangeEnd = preg_match ( $ipAddressRegex, $ipEnd ); if ($validIpRangeStart && $validIpRangeEnd) { $lowerIpDec = ( float ) sprintf ( "%u", ip2long ( $ipStart ) ); $upperIpDec = ( float ) sprintf ( "%u", ip2long ( $ipEnd ) ); if (($clientIpDec >= $lowerIpDec) && ($clientIpDec <= $upperIpDec)) { $allow = false; break; } } } } } } } // Check for hours activation $startHour = $cParams->get('start_at_hour', null); $stopHour = $cParams->get('stop_at_hour', null); if($startHour && $stopHour) { $jTimeZone = $this->app->getConfig ()->get ( 'offset' ); $dateObject = Factory::getDate(); $dateObject->setTimezone(new \DateTimeZone($jTimeZone)); $currentHour = $dateObject->format('G', true); if($currentHour < $startHour \|\| $currentHour >= $stopHour) { $allow = false; } } // Check for day of the week activation $daysOfTheWeek = $cParams->get('days_of_the_week', null); if(is_array($daysOfTheWeek) && count($daysOfTheWeek) && !in_array('', $daysOfTheWeek, true)) { $jTimeZone = $this->app->getConfig ()->get ( 'offset' ); $dateObject = Factory::getDate(); $dateObject->setTimezone(new \DateTimeZone($jTimeZone)); $currentDay = $dateObject->format('w', true); if(!in_array($currentDay, $daysOfTheWeek)) { $allow = false; } } return $allow; } /* * Method override to check if you can add a new record. * * @param array $data * An array of input data. * * @return bool * * @since 1.6 / protected function allowAdmin($assetName): bool { // Initialise variables. $allow = $this->user->authorise ( 'core.admin', $assetName ); return $allow; } /* * Method override to check if you can add a new record. * * @param array $data * An array of input data. * * @return bool * * @since 1.6 / protected function allowAdd($assetName): bool { // Initialise variables. $allow = $this->user->authorise ( 'core.create', $assetName ); return $allow; } /* * Method override to check if you can edit an existing record. * * @param array $data * An array of input data. * @param string $key * The name of the key for the primary key. * * @return bool * * @since 1.6 / protected function allowEdit($assetName): bool { // Initialise variables. $allow = $this->user->authorise ( 'core.edit', $assetName ); return $allow; } /* * Method override to check if you can edit an existing record. * * @param array $data * An array of input data. * @param string $key * The name of the key for the primary key. * * @return bool * * @since 1.6 / protected function allowEditState($assetName): bool { // Initialise variables. $allow = $this->user->authorise ( 'core.edit.state', $assetName ); return $allow; } /* * Method override to check if you can edit an existing record. * * @param array $data * An array of input data. * @param string $key * The name of the key for the primary key. * * @return bool * * @since 1.6 / protected function allowDelete($assetName): bool { // Initialise variables. $allow = $this->user->authorise ( 'core.delete', $assetName ); return $allow; } /* * Detect if a user has permissions to access a feature based on user groups * * @access protected * @param string $param The parameter to check against * @param Object $params The parameters object with eventual overrides * @return bool / protected function hasGroupsPermissions($param, $params): bool { $hasPermission = true; // Check for live support mode active $paramGroups = $params->get($param, array('0')); // Live support active! if(is_array($paramGroups) && !in_array(0, $paramGroups, false)) { // Check for user groups current user belong to $userGroups = $this->user->getAuthorisedGroups(); // Intersect to recognize chat admins $intersectResult = array_intersect($userGroups, $paramGroups); $hasPermission = (bool)(count($intersectResult)); } return $hasPermission; } /* * Get a cache object specific for this extension models already configured and independant from global config * The cache handler is always view to cache the entire component view response * * @access protected * @return ViewController / protected function getExtensionCache(): ViewController { // Static cache instance static $cache; if (is_object ( $cache )) { return $cache; } $conf = $this->app->getConfig (); $componentParams = ComponentHelper::getParams ( $this->option ); // days to hours to minutes (core cache multiplies by 60 secs), default 1 day $lifeTimeMinutes = ( int ) $componentParams->get ( 'lifetime_view_cache', 1 ) 24 * 60; // Check for an RSS feed lifetime override $format = $this->app->input->get ( 'format', 'html' ); if ($format == 'rss') { $lifeTimeMinutes = ( int ) $componentParams->get ( 'rss_lifetime_view_cache', 60 ); } $options = array ( 'defaultgroup' => $this->option, 'cachebase' => $conf->get ( 'cache_path', JPATH_CACHE ), 'lifetime' => $lifeTimeMinutes, 'language' => $conf->get ( 'language', 'en-GB' ), 'storage' => $conf->get ( 'cache_handler', 'file' ) ); $cache = Factory::getContainer()->get(\Joomla\CMS\Cache\CacheControllerFactoryInterface::class)->createCacheController( 'view', $options ); $cache->setCaching ( $componentParams->get ( 'enable_view_cache', false ) ); return $cache; } /** * Setta il model state a partire dallo userstate di sessione * * @access protected * @param string $scope * @return object / protected function setModelState($scope = 'default', $ordering = true): object { $option = $this->option; $componentParams = ComponentHelper::getParams ( $this->option ); $search = $this->getUserStateFromRequest ( "$option.$scope.searchword", 'search', '' ); $limit = $this->getUserStateFromRequest ( "$option.$scope.limit", 'limit', $componentParams->get ( 'lists_limit_pagination', 10 ), 'int' ); $limitStart = $this->getUserStateFromRequest ( "$option.$scope.limitstart", 'limitstart', 0, 'int' ); // Round del limit al change proof $limitStart = ($limit != 0 ? (floor ( $limitStart / $limit ) $limit) : 0); // Check for ordering support if ($ordering) { $filter_order = $this->getUserStateFromRequest ( "$option.$scope.filter_order", 'filter_order', 's.ordering', 'cmd' ); $filter_order_Dir = $this->getUserStateFromRequest ( "$option.$scope.filter_order_Dir", 'filter_order_Dir', 'asc', 'word' ); } // Get default model $defaultModel = $this->getModel (); // Set model state $defaultModel->setState ( 'option', $option ); $defaultModel->setState ( 'limit', $limit ); $defaultModel->setState ( 'limitstart', $limitStart ); $defaultModel->setState ( 'searchword', $search ); // Check for ordering support if ($ordering) { $defaultModel->setState ( 'order', $filter_order ); $defaultModel->setState ( 'order_dir', $filter_order_Dir ); } return $defaultModel; } /** * Gets the value of a user state variable and sets it in the session * * This is the same as the method in JApplication except that this also can optionally * force you back to the first page when a filter has changed * * @param string $key * The key of the user state variable. * @param string $request * The name of the variable passed in a request. * @param string $default * The default value for the variable if not found. Optional. * @param string $type * Filter for the variable, for valid values see {@link \Joomla\CMS\Filter\InputFilter::clean()}. Optional. * @param boolean $resetPage * If true, the limitstart in request is set to zero * * @return The request user state. * @since 2.0 / protected function getUserStateFromRequest($key, $request, $default = null, $type = 'none', $resetPage = true) { $app = Factory::getApplication (); $old_state = $app->getUserState ( $key ); $cur_state = (! is_null ( $old_state )) ? $old_state : $default; $new_state = $this->app->input->get ( $request, null, $type ); if ($new_state && ($cur_state != $new_state) && ($resetPage)) { $this->app->input->set ( 'limitstart', 0 ); } // Save the new value only if it is set in this request. if ($new_state !== null) { $app->setUserState ( $key, $new_state ); } else { $new_state = $cur_state; } return $new_state; } /* * Method to get a model object, loading it if required. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config Configuration array for model. Optional. * * @return Model\|boolean Model object on success; otherwise false on failure. * * @since 3.0 / public function getModel($name = '', $prefix = '', $config = array()) { static $models = array (); if (empty($name)) { $name = $this->getName(); } if (array_key_exists ( $name, $models )) { return $models [$name]; } $model = parent::getModel($name, $prefix, $config); $models[$name] = $model; return $model; } /* * Edit entity * * @access public * @return bool / public function editEntity(): bool { $this->app->input->set ( 'hidemainmenu', 1 ); $cid = $this->app->input->get ( 'cid', array ( 0 ), 'array' ); $idEntity = ( int ) $cid [0]; $model = $this->getModel (); $model->setState ( 'option', $this->option ); // Try to load record from model if (! $record = $model->loadEntity ( $idEntity )) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelExceptions = $model->getErrors (); foreach ( $modelExceptions as $exception ) { $this->app->enqueueMessage ( $exception->getMessage (), $exception->getErrorLevel () ); } $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_ERROR_EDITING' ) ); return false; } // Additional model state setting $model->setState ( 'option', $this->option ); // Check out control on record if ($record->checked_out && $record->checked_out != $this->user->id) { $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_CHECKEDOUT_RECORD' ), 'notice' ); return false; } // Access check if ($record->id && ! $this->allowEdit ( $this->option )) { $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_ERROR_ALERT_NOACCESS' ), 'notice' ); return false; } if (! $record->id && ! $this->allowAdd ( $this->option )) { $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_ERROR_ALERT_NOACCESS' ), 'notice' ); return false; } // Check out del record if ($record->id) { $record->checkout ( $this->user->id ); } // Get view and pushing model $viewType = $this->document->getType(); $viewName = $this->input->get('view', $this->default_view); $viewLayout = $this->input->get('layout', 'default', 'string'); $view = $this->getView($viewName, $viewType, '', array('base_path' => $this->basePath, 'layout' => $viewLayout)); $view->setModel ( $model, true ); // Call edit view $view->editEntity ( $record ); return true; } /* * Manage entity apply/save after edit entity * * @access public * @return bool / public function saveEntity(): bool { $context = implode ( '.', array ( $this->option, strtolower ( $this->getName () ), 'errordataload' ) ); // Security layer for tags html outputted fields $sanitizedFields = array ( 'name', 'description' ); foreach ( $sanitizedFields as $field ) { $this->requestArray [$field] = strip_tags ( $this->requestArray [$field] ); } // Load della model e bind store $model = $this->getModel (); if (! $result = $model->storeEntity ()) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelException = $model->getError ( null, false ); $this->app->enqueueMessage ( $modelException->getMessage (), $modelException->getErrorLevel () ); // Store data for session recover $this->app->setUserState ( $context, $this->requestArray ); $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".editEntity&cid[]=" . $this->app->input->get ( 'id' ), Text::_ ( 'COM_JCHAT_ERROR_SAVING' ) ); return false; } // Security safe if not model record id detected if (! $id = $result->id) { $id = $this->app->input->get ( 'id' ); } // Redirects switcher switch ($this->task) { case 'saveEntity' : $redirects = array ( 'task' => 'display', 'msgsufix' => '_SAVING' ); break; case 'saveEntity2New' : $redirects = array ( 'task' => 'editEntity', 'msgsufix' => '_STORING' ); break; default : case 'applyEntity' : $redirects = array ( 'task' => 'editEntity&cid[]=' . $id, 'msgsufix' => '_APPLY' ); break; } $msg = 'COM_JCHAT_SUCCESS' . $redirects ['msgsufix']; $controllerTask = $redirects ['task']; $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . "." . $controllerTask, Text::_ ( $msg ) ); return true; } /* * Manage cancel edit for entity and unlock record checked out * * @access public * @return void / public function cancelEntity(): void { $id = $this->app->input->get ( 'id' ); // Load della model e checkin before exit $model = $this->getModel (); if (! $model->cancelEntity ( $id )) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelException = $model->getError ( null, false ); $this->app->enqueueMessage ( $modelException->getMessage (), $modelException->getErrorLevel () ); } $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_CANCELED_OPERATION' ) ); } /* * Copies one or more items * * @access public * @return bool / public function copyEntity(): bool { $cids = $this->app->input->get ( 'cid', array (), 'array' ); // Load della model e checkin before exit $model = $this->getModel (); if (! $model->copyEntity ( $cids )) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelException = $model->getError ( null, false ); $this->app->enqueueMessage ( $modelException->getMessage (), $modelException->getErrorLevel () ); $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_ERROR_DUPLICATING' ) ); return false; } $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_SUCCESS_DUPLICATING' ) ); return true; } /* * Delete a db table entity * * @access public * @return bool / public function deleteEntity(): bool { $cids = $this->app->input->get ( 'cid', array (), 'array' ); // Access check if (! $this->allowDelete ( $this->option )) { $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_ERROR_ALERT_NOACCESS' ), 'notice' ); return false; } // Load della model e checkin before exit $model = $this->getModel (); if (! $model->deleteEntity ( $cids )) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelException = $model->getError ( null, false ); $this->app->enqueueMessage ( $modelException->getMessage (), $modelException->getErrorLevel () ); $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_ERROR_DELETE' ) ); return false; } $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_SUCCESS_DELETE' ) ); return true; } /* * Moves the order of a record * * @access public * @param * integer The increment to reorder by * @return bool / public function moveOrder(): bool { // Set model state $this->setModelState ( $this->name ); // ID Entity $cid = $this->app->input->get ( 'cid', array ( 0 ), 'array' ); $idEntity = $cid [0]; // Task direction $model = $this->getModel (); $orderDir = $model->getState ( 'order_dir' ); switch ($orderDir) { case 'desc' : $orderUp = 1; $orderDown = - 1; break; case 'asc' : default : $orderUp = - 1; $orderDown = 1; break; } $direction = $this->task == 'moveorder_up' ? $orderUp : $orderDown; if (! $model->changeOrder ( $idEntity, $direction )) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelException = $model->getError ( null, false ); $this->app->enqueueMessage ( $modelException->getMessage (), $modelException->getErrorLevel () ); $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_ERROR_REORDER' ) ); return false; } $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_SUCCESS_REORDER' ) ); return true; } /* * Save ordering * * @access public * @return bool / public function saveOrder(): bool { $cids = $this->app->input->get ( 'cid', array (), 'array' ); $order = $this->app->input->get ( 'order', array (), 'array' ); $isAjax = $this->app->input->get ( 'ajax', null ); ArrayHelper::toInteger ( $cids ); ArrayHelper::toInteger ( $order ); $model = $this->getModel (); if (! $model->saveOrder ( $cids, $order )) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelException = $model->getError ( null, false ); $this->app->enqueueMessage ( $modelException->getMessage (), $modelException->getErrorLevel () ); $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_ERROR_REORDER' ) ); return false; } // Manage the ajax call without a redirect HTTP if ($isAjax) { echo "1"; $this->app->close (); } $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_SUCCESS_REORDER' ) ); return true; } /* * Publishing entities * * @access public * @return bool / public function publishEntities(): bool { // Access check if (! $this->allowEditState ( $this->option )) { $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_ERROR_ALERT_NOACCESS' ), 'notice' ); return false; } $cid = $this->app->input->get ( 'cid', array ( 0 ), 'array' ); $idEntity = ( int ) $cid [0]; $model = $this->getModel (); if (! $model->publishEntities ( $idEntity, $this->task )) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelException = $model->getError ( null, false ); $this->app->enqueueMessage ( $modelException->getMessage (), $modelException->getErrorLevel () ); $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_ERROR_STATE_CHANGE' ) ); return false; } $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_SUCCESS_STATE_CHANGE' ) ); return true; } /* * Checkin entities * * @access public * @return bool / public function checkin(): bool { // Access check if (! $this->user->authorise ( 'core.manage', 'com_checkin' )) { $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_ERROR_ALERT_NOACCESS' ), 'notice' ); return false; } $cid = $this->app->input->get ( 'cid', array ( 0 ), 'array' ); $id = ( int ) $cid [0]; // Load della model e checkin before exit $model = $this->getModel (); if (! $model->cancelEntity ( $id )) { // Model set exceptions for something gone wrong, so enqueue exceptions and levels on application object then set redirect and exit $modelException = $model->getError ( null, false ); $this->app->enqueueMessage ( $modelException->getMessage (), $modelException->getErrorLevel () ); } $this->setRedirect ( "index.php?option=" . $this->option . "&task=" . $this->name . ".display", Text::_ ( 'COM_JCHAT_CHECKEDIN_RECORD' ) ); return true; } /* * Constructor. * * @access protected * @param * array An optional associative array of configuration settings. * Recognized key values include 'name', 'default_task', * 'model_path', and * 'view_path' (this list is not meant to be comprehensive). * @since 1.5 / public function __construct($config = array(), MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); $this->user = $app->getIdentity (); $this->document = $app->getDocument (); $this->option = $this->app->input->get ( 'option' ); $this->requestArray = &$_POST; } }PK��!��/U��U��DatabasefiltersController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') \|\| die; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerAjaxTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerCustomACLTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerEventsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerProfileAccessTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerProfileRestrictionTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerReusableModelsTrait; use Joomla\CMS\MVC\Controller\BaseController; class DatabasefiltersController extends BaseController { use ControllerEventsTrait; use ControllerCustomACLTrait { ControllerCustomACLTrait::onBeforeExecute as onBeforeExecuteACL; } use ControllerProfileRestrictionTrait { ControllerProfileRestrictionTrait::onBeforeExecute as onBeforeExecuteRestrictedProfile; } use ControllerReusableModelsTrait; use ControllerAjaxTrait; use ControllerProfileAccessTrait; protected function onBeforeExecute(&$task) { $this->onBeforeExecuteACL($task); $this->onBeforeExecuteRestrictedProfile($task); } }PK��!��eEF��F��!��ConfigurationwizardController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') \|\| die; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerCustomACLTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerEventsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerRegisterTasksTrait; use Akeeba\Component\AkeebaBackup\Administrator\Model\ConfigurationwizardModel; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Component\ComponentHelper; use Joomla\CMS\Factory; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\Input\Input; class ConfigurationwizardController extends BaseController { use ControllerEventsTrait; use ControllerCustomACLTrait; use ControllerRegisterTasksTrait; private bool $noFlush = false; public function __construct( $config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null ) { parent::__construct($config, $factory, $app, $input); $this->noFlush = ComponentHelper::getParams('com_akeebabackup')->get('no_flush', 0) == 1; $this->registerControllerTasks('main'); } public function main($cachable = false, $urlparams = []) { $this->display($cachable, $urlparams); } public function ajax($cachable = false, $urlparams = []) { /* @var ConfigurationwizardModel $model / $model = $this->getModel('Configurationwizard', 'Administrator'); $model->setState('act', $this->input->getCmd('act', '')); $ret = $model->runAjax(); @ob_end_clean(); echo '###' . json_encode($ret) . '###'; if (!$this->noFlush) { flush(); } Factory::getApplication()->close(); } }PK��!��c�>��>��ProfileController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') \|\| die; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerEventsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Model\ProfileModel; use Akeeba\Engine\Factory; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Document\JsonDocument; use Joomla\CMS\Form\FormFactoryInterface; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\FormController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\Input\Input; use RuntimeException; class ProfileController extends FormController { use ControllerEventsTrait; protected $text_prefix = 'COM_AKEEBABACKUP_PROFILE'; public function __construct($config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null, ?FormFactoryInterface $formFactory = null) { parent::__construct($config, $factory, $app, $input, $formFactory); $this->registerTask('export', 'export'); } public function export($cachable = false, $urlparams = []) { $this->checkToken('request'); if (!$this->app->getIdentity()->authorise('akeebabackup.configure', 'com_akeebabackup')) { throw new RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } /* @var ProfileModel $model / $model = $this->getModel('Profile', 'Administrator'); $id = $this->input->getInt('id'); if (empty($id)) { throw new RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } $item = $model->getItem($id); if ($item === false) { throw new RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } if (substr($item->configuration, 0, 12) == '###AES128###') { // Load the server key file if necessary if (!defined('AKEEBA_SERVERKEY')) { $filename = JPATH_ADMINISTRATOR . '/components/com_akeebabackup/serverkey.php'; include_once $filename; } $key = Factory::getSecureSettings()->getKey(); $item->configuration = Factory::getSecureSettings()->decryptSettings($item->configuration, $key); } $this->triggerEvent('onBeforeExport', [$id]); $data = [ 'description' => $item->description, 'configuration' => $item->configuration, 'filters' => $item->filters, 'quickicon' => $item->quickicon, ]; $defaultName = $this->input->get('view', 'joomla', 'cmd'); $filename = $this->input->get('basename', $defaultName, 'cmd'); /* @var JsonDocument $document / $document = $this->app->getDocument(); $document->setName($filename); $document->setMimeEncoding('application/json'); $this->app->setHeader('Content-Disposition', 'attachment; filename="profile.json"'); echo json_encode($data, JSON_PRETTY_PRINT); } }PK��!�)�1m��m��BackupController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') \|\| die; use Akeeba\Component\AkeebaBackup\Administrator\Helper\Utils; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerCustomACLTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerEventsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerProfileAccessTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerRegisterTasksTrait; use Akeeba\Component\AkeebaBackup\Administrator\Model\BackupModel; use Akeeba\Engine\Platform; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Component\ComponentHelper; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\Input\Input; class BackupController extends BaseController { use ControllerEventsTrait; use ControllerCustomACLTrait; use ControllerRegisterTasksTrait; use ControllerProfileAccessTrait; private bool $noFlush = false; public function __construct( $config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null ) { parent::__construct($config, $factory, $app, $input); $this->noFlush = ComponentHelper::getParams('com_akeebabackup')->get('no_flush', 0) == 1; $this->registerControllerTasks(); } /* * This task handles the AJAX requests / public function ajax() { $profile_id = $this->input->get('profileid', Platform::getInstance()->get_active_profile(), 'int'); // Double check that the user is actually allowed to access this profile if (!$this->checkProfileAccess($profile_id)) { $ret_array = [ 'HasRun' => 0, 'Domain' => 'init', 'Step' => '', 'Substep' => '', 'Error' => Text::_('COM_AKEEBABACKUP_BACKUP_ERROR_PROFILE_NO_ACCESS'), 'Warnings' => [], 'Progress' => 0, ]; // We use this nasty trick to avoid broken 3PD plugins from barfing all over our output @ob_end_clean(); header('Content-type: text/plain'); header('Connection: close'); echo '###' . json_encode($ret_array) . '###'; if (!$this->noFlush) { flush(); } $this->app->close(); } /* @var BackupModel $model / $model = $this->getModel('Backup', 'Administrator'); // Push all necessary information to the model's state $model->setState('profile', $profile_id); $model->setState('ajax', $this->input->get('ajax', '', 'cmd')); $model->setState('description', $this->input->get('description', '', 'string')); $model->setState('comment', $this->input->get('comment', '', 'html')); $model->setState('jpskey', $this->input->get('jpskey', '', 'raw')); $model->setState('angiekey', $this->input->get('angiekey', '', 'raw')); $model->setState('backupid', $this->input->get('backupid', null, 'cmd')); $model->setState('tag', $this->input->get('tag', 'backend', 'cmd')); $model->setState('errorMessage', $this->input->getString('errorMessage', '')); // System Restore Point backup state variables (obsolete) $model->setState('type', strtolower($this->input->get('type', '', 'cmd'))); $model->setState('name', strtolower($this->input->get('name', '', 'cmd'))); $model->setState('group', strtolower($this->input->get('group', '', 'cmd'))); $model->setState('customdirs', $this->input->get('customdirs', [], 'array')); $model->setState('customfiles', $this->input->get('customfiles', [], 'array')); $model->setState('extraprefixes', $this->input->get('extraprefixes', [], 'array')); $model->setState('customtables', $this->input->get('customtables', [], 'array')); $model->setState('skiptables', $this->input->get('skiptables', [], 'array')); $model->setState('langfiles', $this->input->get('langfiles', [], 'array')); $model->setState('xmlname', $this->input->getString('xmlname', '')); // Set up the tag define('AKEEBA_BACKUP_ORIGIN', $this->input->get('tag', 'backend', 'cmd')); // Run the backup step $ret_array = $model->runBackup(); // We use this nasty trick to avoid broken 3PD plugins from barfing all over our output @ob_end_clean(); header('Content-type: text/plain'); header('Connection: close'); echo '###' . json_encode($ret_array) . '###'; if (!$this->noFlush) { flush(); } $this->app->close(); } /* * Default task; shows the initial page where the user selects a profile and enters description and comment / public function display($cachable = false, $urlparams = []) { $document = $this->app->getDocument(); $viewType = $document->getType(); $viewName = $this->input->get('view', $this->default_view); $viewLayout = $this->input->get('layout', 'default', 'string'); $view = $this->getView( $viewName, $viewType, '', [ 'base_path' => $this->basePath, 'layout' => $viewLayout, ] ); // Push the Control Panel model $controlPanelModel = $this->getModel('Controlpanel', 'Administrator'); $view->setModel($controlPanelModel, false); // Get/Create the default model /* @var BackupModel $model / $model = $this->getModel('Backup', 'Administrator'); $view->setModel($model, true); // Push the document $view->document = $document; // Did the user ask to switch the active profile? $newProfile = $this->input->get('profileid', -10, 'int'); $autostart = $this->input->get('autostart', 0, 'int'); if (is_numeric($newProfile) && ($newProfile > 0)) { /* * We have to remove CSRF protection due to the way the Joomla administrator menu manager works. Menu item * options are passed as URL parameters. However, we cannot pass dynamic parameters (like the token). This * means that a user can create a menu item with a specific backup profile ID. Normally this would cause a * 403 which is frustrating to the user because they might want to give their client the option to run a * backup with a specific profile AND let them enter a description and comment. Therefore we have to remove * the CSRF protection. * * NB! We do understand the potential risk involved. Between Joomla's BAD implementation of custom * administrator menus and user demands for features we have to (have these very vocal users and everyone * else) assume that (actually really small) risk. / // $this->checkToken(); $this->app->getSession()->set('akeebabackup.profile', $newProfile); /* * DO NOT REMOVE! * * The Model will only try to load the configuration after nuking the factory. This causes Profile 1 to be * loaded first. Then it figures out it needs to load a different profile and it does – but the protected keys * are NOT replaced, meaning that certain configuration parameters are not replaced. Most notably, the chain. * This causes backups to behave weirdly. So, DON'T REMOVE THIS UNLESS WE REFACTOR THE MODEL. / Platform::getInstance()->load_configuration($newProfile); } // Deactivate the menus $this->app->getInput()->set('hidemainmenu', 1); // Sanitize the return URL $returnUrl = $this->input->getRaw('returnurl', ''); $returnUrl = Utils::safeDecodeReturnUrl($returnUrl); // Push data to the model //var_dump($model->getState('profile')); $model->setState('profile', $this->input->get('profileid', -10, 'int')); $model->setState('description', $this->input->get('description', '', 'string')); $model->setState('comment', $this->input->get('comment', '', 'html')); $model->setState('ajax', $this->input->get('ajax', '', 'cmd')); $model->setState('autostart', $autostart); $model->setState('jpskey', $this->input->get('jpskey', '', 'raw')); $model->setState('angiekey', $this->input->get('angiekey', '', 'raw')); $model->setState('returnurl', $returnUrl); $model->setState('backupid', $this->input->get('backupid', null, 'cmd')); $view->display(); return $this; } }PK��!�`wW7��StatisticController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') \|\| die; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Form\FormFactoryInterface; use Joomla\CMS\MVC\Controller\FormController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\Input\Input; class StatisticController extends FormController { protected $text_prefix = 'COM_AKEEBABACKUP_BUADMIN'; public function __construct($config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null, ?FormFactoryInterface $formFactory = null) { parent::__construct($config, $factory, $app, $input, $formFactory); $this->view_list = 'Manage'; $this->view_item = 'Statistic'; } protected function allowAdd($data = []) { return false; } protected function allowEdit($data = [], $key = 'id') { return $this->app->getIdentity()->authorise('akeebabackup.download', $this->option); } protected function allowSave($data, $key = 'id') { return $this->app->getIdentity()->authorise('akeebabackup.download', $this->option); } }PK��!�AG��FilefiltersController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') \|\| die; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerAjaxTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerCustomACLTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerEventsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerReusableModelsTrait; class FilefiltersController extends DatabasefiltersController { use ControllerEventsTrait; use ControllerCustomACLTrait; use ControllerReusableModelsTrait; use ControllerAjaxTrait; }PK��!��m�~�$��$��ControlpanelController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') \|\| die; use Akeeba\Component\AkeebaBackup\Administrator\Helper\Utils; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerCustomACLTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerEventsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerRegisterTasksTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerReusableModelsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Model\BackupModel; use Akeeba\Component\AkeebaBackup\Administrator\Model\ConfigurationwizardModel; use Akeeba\Component\AkeebaBackup\Administrator\Model\ControlpanelModel; use Akeeba\Component\AkeebaBackup\Administrator\Model\IncludefoldersModel; use Akeeba\Component\AkeebaBackup\Administrator\Model\UpdatesModel; use Akeeba\Component\AkeebaBackup\Administrator\Model\UpgradeModel; use Akeeba\Engine\Factory; use Akeeba\Engine\Platform; use Akeeba\Engine\Util\RandomValue; use Exception; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Component\ComponentHelper; use Joomla\CMS\Factory as JoomlaFactory; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Uri\Uri; use Joomla\Input\Input; use RuntimeException; class ControlpanelController extends BaseController { use ControllerEventsTrait; use ControllerCustomACLTrait; use ControllerRegisterTasksTrait; use ControllerReusableModelsTrait; /* * The default view. * * @var string * @since 1.6 / protected $default_view = 'Controlpanel'; public function __construct($config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null) { parent::__construct($config, $factory, $app, $input); $this->registerControllerTasks('main'); } public function main($cachable = false, $urlparams = []) { /* @var ControlpanelModel $model / $model = $this->getModel('Controlpanel', 'Administrator'); // Invalidate stale backups $params = ComponentHelper::getParams('com_akeebabackup'); try { Factory::resetState([ 'global' => true, 'log' => false, 'maxrun' => $params->get('failure_timeout', 180), ]); } catch (Exception $e) { // This will die if the output directory is invalid. Let it die, then. } // Just in case the reset() loaded a stale configuration... Platform::getInstance()->load_configuration(); Platform::getInstance()->apply_quirk_definitions(); // Let's make sure the temporary and output directories are set correctly and writable... /* @var ConfigurationwizardModel $wizmodel / $wizmodel = $this->getModel('Configurationwizard', 'Administrator'); $wizmodel->autofixDirectories(); // Rebase Off-site Folder Inclusion filters to use site path variables /* @var IncludefoldersModel $incFoldersModel / $incFoldersModel = $this->getModel('Includefolders', 'Administrator'); if (is_object($incFoldersModel) && method_exists($incFoldersModel, 'rebaseFiltersToSiteDirs')) { $incFoldersModel->rebaseFiltersToSiteDirs(); } // Check if we need to toggle the settings encryption feature $model->checkSettingsEncryption(); $model->updateMagicParameters($this->app->bootComponent('com_akeebabackup')->getComponentParametersService()); // Convert existing log files to the new .log.php format /* @var BackupModel $backupModel / $backupModel = $this->getModel('Backup', 'Administrator'); $backupModel->convertLogFiles(); // Run the automatic update site refresh /* @var UpdatesModel $updateModel / $updateModel = $this->getModel('Updates', 'Administrator'); $updateModel->refreshUpdateSite(); // Push the update model to the HTML view $this->getView()->setModel($updateModel, false); // Make sure all of my extensions are assigned to my package. /* @var UpgradeModel $upgradeModel / $upgradeModel = $this->getModel('Upgrade', 'Administrator'); $upgradeModel->init(); $upgradeModel->adoptMyExtensions(); // Push the upgrade model to the HTML view $this->getView()->setModel($upgradeModel, false); // Push the usage statistics model into the HTML view $usagestatsModel = $this->getModel('Usagestats'); $this->getView()->setModel($usagestatsModel, false); // Push the Push model into the view $pushModel = $this->getModel('Push'); $this->getView()->setModel($pushModel, false); return parent::display($cachable, $urlparams); } public function SwitchProfile($cachable = false, $urlparams = []) { // CSRF prevention $this->checkToken('request'); $newProfile = $this->input->get('profileid', -10, 'int'); if (!is_numeric($newProfile) \|\| ($newProfile <= 0)) { $this->setRedirect(Uri::base() . 'index.php?option=com_akeebabackup', Text::_('COM_AKEEBABACKUP_CPANEL_PROFILE_SWITCH_ERROR'), 'error'); return; } JoomlaFactory::getApplication()->getSession()->set('akeebabackup.profile', $newProfile); $returnurl = $this->input->get('returnurl', '', 'base64'); $url = Utils::safeDecodeReturnUrl($returnurl); if (empty($url)) { $url = 'index.php?option=com_akeebabackup'; } if ((strpos($url, 'http://') === false) && (strpos($url, 'https://') === false)) { $url = Uri::base() . ltrim($url, '/'); } $this->setRedirect($url, Text::_('COM_AKEEBABACKUP_CPANEL_PROFILE_SWITCH_OK')); } /* * Reset the Secret Word for front-end and remote backup * * @return void / public function resetSecretWord($cachable = false, $urlparams = []) { // CSRF prevention $this->checkToken('request'); $newSecret = JoomlaFactory::getApplication()->getSession()->get('akeebabackup.cpanel.newSecretWord', null); if (empty($newSecret)) { $random = new RandomValue(); $newSecret = $random->generateString(32); JoomlaFactory::getApplication()->getSession()->set('akeebabackup.cpanel.newSecretWord', $newSecret); } $params = ComponentHelper::getParams('com_akeebabackup'); $params->set('frontend_secret_word', $newSecret); $this->app->bootComponent('com_akeebabackup') ->getComponentParametersService() ->save($params); JoomlaFactory::getApplication()->getSession()->set('akeebabackup.cpanel.newSecretWord', null); $msg = Text::sprintf('COM_AKEEBABACKUP_CPANEL_MSG_FESECRETWORD_RESET', $newSecret); $url = Uri::base() . 'index.php?option=com_akeebabackup'; $this->setRedirect($url, $msg); } /* * Check the security of the backup output directory and return the results for consumption through AJAX * * @return void * * @throws Exception * * @since 7.0.3 / public function checkOutputDirectory($cachable = false, $urlparams = []) { /* @var ControlpanelModel $model / $model = $this->getModel('Controlpanel', 'Administrator'); $outDir = $model->getOutputDirectory(); try { $result = $model->getOutputDirectoryWebAccessibleState($outDir); } catch (RuntimeException $e) { $result = [ 'readFile' => false, 'listFolder' => false, 'isSystem' => $model->isOutputDirectoryInSystemFolder(), 'hasRandom' => $model->backupFilenameHasRandom(), ]; } @ob_end_clean(); echo '###' . json_encode($result) . '###'; JoomlaFactory::getApplication()->close(); } /* * Add security files to the output directory of the currently configured backup profile * * @return void * * @throws Exception * * @since 7.0.3 / public function fixOutputDirectory($cachable = false, $urlparams = []) { // CSRF prevention $this->checkToken(); /* @var ControlpanelModel $model / $model = $this->getModel('Controlpanel', 'Administrator'); $outDir = $model->getOutputDirectory(); $fsUtils = Factory::getFilesystemTools(); $fsUtils->ensureNoAccess($outDir, true); $this->setRedirect(Uri::base() . 'index.php?option=com_akeebabackup'); } /* * Adds the [RANDOM] variable to the backup output filename, save the configuration and reload the Control Panel. * * @return void * * @throws Exception * * @since 7.0.3 / public function addRandomToFilename($cachable = false, $urlparams = []) { // CSRF prevention $this->checkToken(); $registry = Factory::getConfiguration(); $templateName = $registry->get('akeeba.basic.archive_name'); if (strpos($templateName, '[RANDOM]') === false) { $templateName .= '-[RANDOM]'; $registry->set('akeeba.basic.archive_name', $templateName); Platform::getInstance()->save_configuration(); } $this->setRedirect(Uri::base() . 'index.php?option=com_akeebabackup'); } /* * Dismisses the Core to Pro upsell for 15 days * * @return void / public function dismissUpsell($cachable = false, $urlparams = []) { $reset = $this->input->getBool('reset', false); $params = ComponentHelper::getParams('com_akeebabackup'); // Reset the flag so the updates could take place $params->set('lastUpsellDismiss', $reset ? 0 : time()); $this->app->bootComponent('com_akeebabackup') ->getComponentParametersService() ->save($params); $this->setRedirect(Uri::base() . 'index.php?option=com_akeebabackup'); } }PK��!��y��BrowserController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') or die; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerCustomACLTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerEventsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerRegisterTasksTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerReusableModelsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Model\BrowserModel; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\Input\Input; class BrowserController extends BaseController { use ControllerEventsTrait; use ControllerCustomACLTrait; use ControllerRegisterTasksTrait; use ControllerReusableModelsTrait; /* * The default view. * * @var string * @since 1.6 / protected $default_view = 'Browser'; public function __construct($config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null) { parent::__construct($config, $factory, $app, $input); $this->registerControllerTasks('main'); } public function onBeforeMain() { $folder = $this->input->get('folder', '', 'string'); $processFolder = $this->input->get('processfolder', 0, 'int'); /* @var BrowserModel $model / $model = $this->getModel('Browser', 'Administrator', ['base_path' => $this->basePath]); $model->setState('folder', $folder); $model->setState('processfolder', $processFolder); $model->makeListing(); } public function main() { $this->display(false); } }PK��!�G7��&��&��RemotefilesController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') \|\| die; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerCustomACLTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerEventsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerRegisterTasksTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerReusableModelsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Model\RemotefilesModel; use Akeeba\Engine\Factory; use Akeeba\Engine\Platform; use Exception; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Component\ComponentHelper; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Uri\Uri; use Joomla\Input\Input; use RuntimeException; class RemotefilesController extends BaseController { use ControllerEventsTrait; use ControllerCustomACLTrait; use ControllerRegisterTasksTrait; use ControllerReusableModelsTrait; private bool $noFlush = false; public function __construct( $config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null ) { parent::__construct($config, $factory, $app, $input); $this->noFlush = ComponentHelper::getParams('com_akeebabackup')->get('no_flush', 0) == 1; $this->registerControllerTasks('invalidTask'); } public function display($cachable = false, $urlparams = []) { $document = $this->app->getDocument(); $viewType = $document->getType(); $viewName = $this->input->get('view', $this->default_view); $viewLayout = $this->input->get('layout', 'default', 'string'); $view = $this->getView($viewName, $viewType, '', ['base_path' => $this->basePath, 'layout' => $viewLayout]); // Get/Create the model if ($model = $this->getModel($viewName, 'Administrator', ['base_path' => $this->basePath])) { // Push the model into the view (as default) $view->setModel($model, true); } $view->setDocument($document); $view->task = $this->task; $view->doTask = $this->doTask; // Display the view $view->display(); return $this; } /* * When someone calls this controller without a task we have to show an error message. This is implemented by * having this task throw a runtime exception and set it as the default task. * * @return void * * @noinspection PhpUnused / public function invalidTask() { throw new RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } /* * Lists the available remote storage actions for a specific backup entry * * @return void * @throws Exception / public function listactions() { // List available actions $id = $this->getAndCheckId(); /* @var RemotefilesModel $model / $model = $this->getModel('Remotefiles', 'Administrator'); $model->setState('id', $id); if ($id === false) { throw new RuntimeException(Text::_('JGLOBAL_RESOURCE_NOT_FOUND'), 404); } $this->display(false); } /* * Fetches a complete backup set from a remote storage location to the local (server) * storage so that the user can download or restore it. * * @return void * @throws Exception * * @noinspection PhpUnused / public function dltoserver() { $this->checkToken($this->input->getMethod()); // Get the parameters $id = $this->getAndCheckId(); $part = $this->input->get('part', -1, 'int'); $frag = $this->input->get('frag', -1, 'int'); // Check the ID if ($id === false) { $url = Uri::base() . 'index.php?option=com_akeebabackup&view=Remotefiles&tmpl=component&task=listactions&id=' . $id; $this->setRedirect($url, Text::_('COM_AKEEBABACKUP_REMOTEFILES_ERR_INVALIDID'), 'error'); return; } if (($part == -1) && ($frag == -1)) { $this->triggerEvent('onFetch', [$id]); } /* @var RemotefilesModel $model / $model = $this->getModel('Remotefiles', 'Administrator'); try { $result = $model->downloadToServer($id, $part, $frag); } catch (Exception $e) { $allErrors = $model->getErrorsFromExceptions($e); $url = Uri::base() . 'index.php?option=com_akeebabackup&view=Remotefiles&tmpl=component&task=listactions&id=' . $id; $this->setRedirect($url, implode('<br/>', $allErrors), 'error'); return; } if ($result === true) { $url = Uri::base() . 'index.php?option=com_akeebabackup&view=Remotefiles&tmpl=component&task=listactions&id=' . $id; $this->setRedirect($url, Text::_('COM_AKEEBABACKUP_REMOTEFILES_LBL_JUSTFINISHED')); return; } $this->display(false); } /* * Downloads a file from the remote storage to the user's browser * * @return void * * @noinspection PhpUnused / public function dlfromremote() { $id = $this->getAndCheckId(); $part = $this->input->get('part', 0, 'int'); if ($id === false) { $url = Uri::base() . 'index.php?option=com_akeebabackup&view=Remotefiles&tmpl=component&task=listactions&id=' . $id; $this->setRedirect($url, Text::_('COM_AKEEBABACKUP_REMOTEFILES_ERR_INVALIDID'), 'error'); return; } $stat = Platform::getInstance()->get_statistics($id); $remoteFilenameParts = explode('://', $stat['remote_filename']); $engine = Factory::getPostprocEngine($remoteFilenameParts[0]); $remote_filename = $remoteFilenameParts[1]; $basename = basename($remote_filename); $extension = strtolower(str_replace(".", "", strrchr($basename, "."))); $new_extension = $extension; if ($part > 0) { $new_extension = substr($extension, 0, 1) . sprintf('%02u', $part); } $this->triggerEvent('onDownload', [$id, $part + 1]); $filename = $basename . '.' . $new_extension; $remote_filename = substr($remote_filename, 0, -strlen($extension)) . $new_extension; if ($engine->doesInlineDownloadToBrowser()) { @ob_end_clean(); @clearstatcache(); // Send MIME headers header('MIME-Version: 1.0'); header('Content-Disposition: attachment; filename="' . $filename . '"'); header('Content-Transfer-Encoding: binary'); switch ($extension) { case 'zip': // ZIP MIME type header('Content-Type: application/zip'); break; default: // Generic binary data MIME type header('Content-Type: application/octet-stream'); break; } // Disable caching header('Expires: Mon, 20 Dec 1998 01:00:00 GMT'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); } try { $result = $engine->downloadToBrowser($remote_filename); } catch (Exception $e) { $result = null; // Failed to download. Get the messages from the engine. $errors = []; $parentException = $e; while ($parentException) { $errors[] = $e->getMessage(); $parentException = $e->getPrevious(); } // Redirect and convey the errors to the user $url = Uri::base() . 'index.php?option=com_akeebabackup&view=Remotefiles&tmpl=component&task=listactions&id=' . $id; $this->setRedirect($url, implode('<br/>', $errors), 'error'); } if (!is_null($result)) { // We have to redirect $result = str_replace('://%2F', '://', $result); @ob_end_clean(); header('Location: ' . $result); if (!$this->noFlush) { flush(); } $this->app->close(); } } /* * Deletes a file from the remote storage * * @return void / public function delete() { // Get the parameters $id = $this->getAndCheckId(); $part = $this->input->get('part', -1, 'int'); // Check the ID if ($id === false) { $url = Uri::base() . 'index.php?option=com_akeebabackup&view=Remotefiles&tmpl=component&task=listactions&id=' . $id; $this->setRedirect($url, Text::_('COM_AKEEBABACKUP_REMOTEFILES_ERR_INVALIDID'), 'error'); return; } if ($part == -1) { $this->triggerEvent('onDelete', [$id]); } /* @var RemotefilesModel $model / $model = $this->getModel('Remotefiles', 'Administrator'); $model->setState('id', $id); $model->setState('part', $part); try { $result = $model->deleteRemoteFiles($id, $part); } catch (Exception $e) { $allErrors = $model->getErrorsFromExceptions($e); $url = Uri::base() . 'index.php?option=com_akeebabackup&view=Remotefiles&tmpl=component&task=listactions&id=' . $id; $this->setRedirect($url, implode('<br/>', $allErrors), 'error'); return; } if ($result['finished']) { $url = Uri::base() . 'index.php?option=com_akeebabackup&view=Remotefiles&tmpl=component&task=listactions&id=' . $id; $this->setRedirect($url, Text::_('COM_AKEEBABACKUP_REMOTEFILES_LBL_JUSTFINISHEDELETING')); return; } $url = Uri::base() . 'index.php?option=com_akeebabackup&view=Remotefiles&tmpl=component&task=delete&id=' . $result['id'] . '&part=' . $result['part']; $this->setRedirect($url); } /* * Gets the stats record ID from the request and checks that it does exist * * @return bool\|int False if an invalid ID is found, the numeric ID if it's valid / private function getAndCheckId() { $id = $this->input->get('id', 0, 'int'); if ($id <= 0) { return false; } $backupRecord = Platform::getInstance()->get_statistics($id); if (empty($backupRecord) \|\| !is_array($backupRecord)) { return false; } // Load the correct backup profile. The post-processing engine could rely on the active profile (ie OneDrive). define('AKEEBA_PROFILE', $backupRecord['profile_id']); Platform::getInstance()->load_configuration($backupRecord['profile_id']); return $id; } }PK��!�� UpgradeController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') or die; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerCustomACLTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerEventsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerRegisterTasksTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerReusableModelsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Model\UpgradeModel; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\Uri\Uri; class UpgradeController extends BaseController { use ControllerEventsTrait; use ControllerCustomACLTrait; use ControllerRegisterTasksTrait; use ControllerReusableModelsTrait; public function main($cachable = false, $urlparams = []) { if (version_compare(JVERSION, '4.4.999999', 'gt')) { throw new \RuntimeException('Migration from Akeeba Backup 8 is not supported on Joomla! 5.0 and later versions.'); } /* @var UpgradeModel $model / $model = $this->getModel('Upgrade', 'Administrator'); $model->init(); $this->display($cachable, $urlparams); } public function migrate($cachable = false, $urlparams = []) { if (version_compare(JVERSION, '4.4.999999', 'gt')) { throw new \RuntimeException('Migration from Akeeba Backup 8 is not supported on Joomla! 5.0 and later versions.'); } $this->checkToken('get'); /* @var UpgradeModel $model / $model = $this->getModel('Upgrade', 'Administrator'); $model->init(); $results = $model->runCustomHandlerEvent('onMigrateSettings'); $success = in_array(true, $results, true); $redirect = Uri::base() . 'index.php?option=com_akeebabackup'; $message = Text::_('COM_AKEEBABACKUP_UPGRADE_LBL_' . ($success ? 'success' : 'fail')); $this->setRedirect($redirect, $message, $success ? 'success' : 'error'); } }PK��!��&mW��PushController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / /* * @package Akeeba\Component\AkeebaBackup\Administrator\Controller * @subpackage * * @copyright A copyright * @license A "Slug" license name e.g. GPL2 / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') \|\| die; use Akeeba\WebPush\NotificationOptions; use Akeeba\WebPush\WebPush\WebPush; use Akeeba\WebPush\WebPushControllerTrait; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; if (!class_exists(WebPush::class)) { require_once JPATH_ADMINISTRATOR . '/components/com_akeebabackup/vendor/autoload.php'; } /* * A controller to manage the Push API subscriptions * * @since 9.3.1 / class PushController extends BaseController { use WebPushControllerTrait; /* @inheritDoc / public function getModel($name = 'Push', $prefix = 'Administrator', $config = []) { return parent::getModel($name, $prefix, $config); } /* * Sends an example push notification on push subscription to let the user know everything works. * * @param object\|null $subscription The push subscription we just registered into the database * * @since 9.3.1 / protected function onAfterWebPushSaveSubscription(?object $subscription) { $siteName = $this->app->get('sitename'); $title = Text::sprintf('COM_AKEEBABACKUP_CONTROLPANEL_WEBPUSH_HELLO_TITLE', $siteName); $options = new NotificationOptions(); $options->body = Text::_('COM_AKEEBABACKUP_CONTROLPANEL_WEBPUSH_HELLO_BODY'); $this->getModel()->sendNotification( $title, $options->toArray(), null, $subscription ); } }PK��!��;K��K��ProfilesController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') \|\| die; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerCustomACLTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerEventsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Model\ProfileModel; use Akeeba\Component\AkeebaBackup\Administrator\Model\ProfilesModel; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\AdminController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Router\Route; use Joomla\CMS\Uri\Uri; use Joomla\Input\Input; use Joomla\Utilities\ArrayHelper; use RuntimeException; class ProfilesController extends AdminController { use ControllerEventsTrait; use ControllerCustomACLTrait; protected $text_prefix = 'COM_AKEEBABACKUP_PROFILES'; /* * Constructor. * * @param array $config An optional associative array of configuration settings. * Recognized key values include 'name', 'default_task', 'model_path', and * 'view_path' (this list is not meant to be comprehensive). * @param MVCFactoryInterface $factory The factory. * @param CMSApplication $app The JApplication for the dispatcher * @param Input $input Input * * @since 9.0.0 / public function __construct($config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null) { parent::__construct($config, $factory, $app, $input); $this->registerTask('import', 'import'); $this->registerTask('copy', 'copy'); $this->registerTask('reset', 'reset'); } /* * Method to get a model object, loading it if required. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config Configuration array for model. Optional. * * @return \Joomla\CMS\MVC\Model\BaseDatabaseModel\|ProfileModel The model. * * @since 9.0.0 / public function getModel($name = 'Profile', $prefix = 'Administrator', $config = ['ignore_request' => true]) { return parent::getModel($name, $prefix, $config); } /* * Imports an exported profile .json file / public function import() { $this->checkToken(); if (!$this->app->getIdentity()->authorise('akeebabackup.configure', 'com_akeebabackup')) { throw new RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } /* @var ProfilesModel $model / $model = $this->getModel('Profiles', 'Administrator'); // Get some data from the request $file = $this->input->files->get('importfile', [], 'array'); if (!isset($file['name'])) { $this->setRedirect(Uri::base() . 'index.php?option=com_akeebabackup&view=Profiles', Text::_('MSG_UPLOAD_INVALID_REQUEST'), 'error'); return; } // Load the file data $data = @file_get_contents($file['tmp_name']); @unlink($file['tmp_name']); // JSON decode $data = json_decode($data, true); // Import $message = Text::_('COM_AKEEBABACKUP_PROFILES_MSG_IMPORT_COMPLETE'); $messageType = null; try { $newProfileId = $model->import($data); } catch (RuntimeException $e) { $message = $e->getMessage(); $messageType = 'error'; } $this->triggerEvent('onAfterImport', [$newProfileId]); // Redirect back to the main page $this->setRedirect(Uri::base() . 'index.php?option=com_akeebabackup&view=Profiles', $message, $messageType); } public function copy() { // Check for request forgeries. $this->checkToken(); // Get the input $pks = $this->input->post->get('cid', [], 'array'); // Sanitize the input $pks = ArrayHelper::toInteger($pks); // Get the Profile model /* @var ProfileModel $model / $model = $this->getModel('Profile', 'Administrator'); $result = null; foreach ($pks as $pk) { $item = $model->getItem($pk); if ($item === false) { continue; } $data = (array) $item; unset($data['id']); try { $result = $model->save($data); $error = null; } catch (\Exception $e) { $result = false; $error = $e->getMessage(); } if ($result === false && $error === null) { /* @deprecated 10.1.0 Only for Joomla 4 b/c. Remove in 11. / /* @noinspection PhpDeprecationInspection / $error = $model->getError(); } if ($result === false) { break; } } $redirect = Route::_('index.php?option=com_akeebabackup&view=Profiles' . $this->getRedirectToListAppend(), false); if ($result === false) { // Reorder failed $message = Text::sprintf('JLIB_APPLICATION_ERROR_SAVE_FAILED', $error); $this->setRedirect($redirect, $message, 'error'); return false; } // Copying succeeded. $this->setMessage(Text::_('JLIB_APPLICATION_SUCCESS_BATCH')); $this->setRedirect($redirect); return true; } public function reset() { // Check for request forgeries. $this->checkToken(); // Get the input $pks = $this->input->post->get('cid', [], 'array'); // Sanitize the input $pks = ArrayHelper::toInteger($pks); // Get the Profile model /* @var ProfileModel $model / $model = $this->getModel('Profile', 'Administrator'); $result = null; $count = 0; foreach ($pks as $pk) { try { $result = $model->resetConfiguration($pk); $error = null; } catch (\Exception $e) { $result = false; $error = $e->getMessage(); } if ($result === false && $error === null) { /* @deprecated 10.1.0 Only for Joomla 4 b/c. Remove in 11. / /* @noinspection PhpDeprecationInspection / $error = $model->getError(); } if ($result === false) { break; } $count++; } $redirect = Route::_('index.php?option=com_akeebabackup&view=Profiles' . $this->getRedirectToListAppend(), false); if ($result === false) { // Reorder failed $message = Text::sprintf('COM_AKEEBABACKUP_PROFILES_ERROR_RESET_FAILED', $error); $this->setRedirect($redirect, $message, 'error'); return false; } // Copying succeeded. $this->setMessage(Text::plural('COM_AKEEBABACKUP_PROFILES_N_ITEMS_RESET', $count)); $this->setRedirect($redirect); return true; } }PK��!�j܊j)+��)+��ConfigurationController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') \|\| die; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerCustomACLTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerEventsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerProfileAccessTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerProfileRestrictionTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerRegisterTasksTrait; use Akeeba\Component\AkeebaBackup\Administrator\Model\ConfigurationModel; use Akeeba\Component\AkeebaBackup\Administrator\Model\ProfileModel; use Akeeba\Engine\Platform; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Component\ComponentHelper; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Uri\Uri; use Joomla\Input\Input; class ConfigurationController extends BaseController { use ControllerEventsTrait; use ControllerRegisterTasksTrait; use ControllerProfileAccessTrait; use ControllerCustomACLTrait { ControllerCustomACLTrait::onBeforeExecute as onBeforeExecuteACL; } use ControllerProfileRestrictionTrait { ControllerProfileRestrictionTrait::onBeforeExecute as onBeforeExecuteRestrictedProfile; } /* * The default view. * * @var string * @since 1.6 / protected $default_view = 'Configuration'; private bool $noFlush = false; public function __construct( $config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null ) { parent::__construct($config, $factory, $app, $input); $this->noFlush = ComponentHelper::getParams('com_akeebabackup')->get('no_flush', 0) == 1; $this->registerControllerTasks('main'); } /* * Handle the apply task which saves the configuration settings and shows the page again / public function apply($cachable = false, $urlparams = []) { // CSRF prevention $this->checkToken(); // Which input am I going to use? $jsonFormData = $this->input->getString('jsonForm', null); $jsonFormData = is_string($jsonFormData) ? @json_decode($jsonFormData, true) : $jsonFormData; if (empty($jsonFormData)) { $input = $this->input; } else { $rawData = []; foreach ($jsonFormData as $k => $v) { if (substr($k, 0, 4) !== 'var[') { $rawData[$k] = $v; continue; } $k = substr($k, 4, -1); $rawData['var'] ??= []; $rawData['var'][$k] = $v; } $input = new Input($rawData); } // Get the var array from the request $data = $input->get('var', [], 'raw'); $data['akeeba.flag.confwiz'] = 1; /* @var ConfigurationModel $model / $model = $this->getModel('Configuration', 'Administrator'); $model->setState('engineconfig', $data); $model->saveEngineConfig(); // Finally, save the profile description if it has changed $profileId = Platform::getInstance()->get_active_profile(); $this->triggerEvent('onAfterApply', [$profileId]); // Update the profile name and quick icon definition /* @var ProfileModel $profileModel / $profileModel = $this->getModel('Profile', 'Administrator'); /* @var object $profileRecord / $profileRecord = $profileModel->getItem($profileId); if ($profileRecord === false) { throw new \RuntimeException( 'Internal error: cannot load the profile you are configuring. Did you delete it before saving the Configuration page?!', 500 ); } $oldProfileName = $profileRecord->description; $oldQuickIcon = $profileRecord->quickicon; $profileName = $input->getString('profilename', null); $profileName = trim($profileName); $quickIconValue = $input->getCmd('quickicon', ''); $quickIcon = (int) !empty($quickIconValue); $mustSaveProfile = !empty($profileName) && ($profileName != $oldProfileName); $mustSaveProfile = $mustSaveProfile \|\| ($quickIcon != $oldQuickIcon); if ($mustSaveProfile) { $profileRecord->description = $profileName; $profileRecord->quickicon = $quickIcon; $profileModel->save((array) $profileRecord); } $this->setRedirect( Uri::base() . 'index.php?option=com_akeebabackup&view=Configuration', Text::_('COM_AKEEBABACKUP_CONFIG_SAVE_OK') ); } /* * Handle the cancel task which doesn't save anything and returns to the Control Panel page / public function cancel($cachable = false, $urlparams = []) { // CSRF prevention $this->checkToken(); $this->setRedirect(Uri::base() . 'index.php?option=com_akeebabackup'); } /* * Runs a custom API call against the selected data processing engine and returns the JSON encoded result / public function dpecustomapi($cachable = false, $urlparams = []) { /* @var ConfigurationModel $model / $model = $this->getModel('Configuration', 'Administrator'); $model->setState('engine', $this->input->get('engine', '', 'raw')); $model->setState('method', $this->input->get('method', '', 'raw')); $model->setState('params', $this->input->get('params', [], 'raw')); $result = $model->dpeCustomAPICall(); if (is_array($result) && $this->isNumericIndexedArray($result)) { $result = ['list' => $result]; } @ob_end_clean(); echo '###' . json_encode($result) . '###'; if (!$this->noFlush) { flush(); } $this->app->close(); } /* * Runs a custom API call against the selected data processing engine and returns the raw result / public function dpecustomapiraw($cachable = false, $urlparams = []) { /* @var ConfigurationModel $model / $model = $this->getModel('Configuration', 'Administrator'); $model->setState('engine', $this->input->get('engine', '', 'raw')); $model->setState('method', $this->input->get('method', '', 'raw')); $model->setState('params', $this->input->get('params', [], 'raw')); @ob_end_clean(); echo $model->dpeCustomAPICall(); if (!$this->noFlush) { flush(); } $this->app->close(); } /* * Opens an OAuth window for the selected data processing engine / public function dpeoauthopen($cachable = false, $urlparams = []) { /* @var ConfigurationModel $model / $model = $this->getModel('Configuration', 'Administrator'); $model->setState('engine', $this->input->get('engine', '', 'raw')); $model->setState('params', $this->input->get('params', [], 'raw')); @ob_end_clean(); $model->dpeOuthOpen(); if (!$this->noFlush) { flush(); } $this->app->close(); } public function main($cachable = false, $urlparams = []) { return parent::display($cachable, $urlparams); } protected function onBeforeExecute(&$task) { $this->onBeforeExecuteACL($task); $this->onBeforeExecuteRestrictedProfile($task); } /* * Handle the save task which saves the configuration settings and returns to the Control Panel page / public function save($cachable = false, $urlparams = []) { $this->apply(); $this->setRedirect( Uri::base() . 'index.php?option=com_akeebabackup', Text::_('COM_AKEEBABACKUP_CONFIG_SAVE_OK') ); } /* * Handle the save & new task which saves settings, creates a new backup profile, activates it and proceed to the * configuration page once more. / public function savenew($cachable = false, $urlparams = []) { $this->checkToken(); // Save the current profile $this->apply(); // Create a new profile $profileId = Platform::getInstance()->get_active_profile(); /* @var ProfileModel $profilesModel / $profilesModel = $this->getModel('Profile'); $profile = $profilesModel->getTable(); if (!$profile->load($profileId)) { throw new \RuntimeException(sprintf("Profile %u not found.", $profileId), 404); } // Must unset ID before save. The ID cannot be bound with bind()/save(), hence the need to do it the hard way. $profile->id = null; $profile ->save( [ 'description' => Text::_('COM_AKEEBABACKUP_CONFIG_SAVENEW_DEFAULT_PROFILE_NAME'), ] ); // Activate and edit the new profile $returnUrl = base64_encode($this->redirect); $token = $this->app->getFormToken(); $url = Uri::base() . 'index.php?option=com_akeebabackup&task=SwitchProfile&profileid=' . $profile->getId() . '&returnurl=' . $returnUrl . '&' . $token . '=1'; $this->setRedirect($url); } /* * Tests the validity of the FTP connection details / public function testftp($cachable = false, $urlparams = []) { /* @var ConfigurationModel $model / $model = $this->getModel('Configuration', 'Administrator'); $model->setState('isCurl', $this->input->get('isCurl', 0, 'int')); $model->setState('host', $this->input->get('host', '', 'raw')); $model->setState('port', $this->input->get('port', 21, 'int')); $model->setState('user', $this->input->get('user', '', 'raw')); $model->setState('pass', $this->input->get('pass', '', 'raw')); $model->setState('initdir', $this->input->get('initdir', '', 'raw')); $model->setState('usessl', (bool) $this->input->getInt('usessl', 0)); $model->setState('passive', (bool) $this->input->getInt('passive', 0)); $model->setState('passive_mode_workaround', (bool) $this->input->getInt('passive_mode_workaround', 0)); try { $model->testFTP(); $testResult = true; } catch (\RuntimeException $e) { $testResult = $e->getMessage(); } @ob_end_clean(); echo '###' . json_encode( [ 'status' => $testResult, ] ) . '###'; if (!$this->noFlush) { flush(); } $this->app->close(); } /* * Tests the validity of the SFTP connection details / public function testsftp($cachable = false, $urlparams = []) { /* @var ConfigurationModel $model / $model = $this->getModel('Configuration', 'Administrator'); $model->setState('isCurl', $this->input->get('isCurl', 0, 'int')); $model->setState('host', $this->input->get('host', '', 'raw')); $model->setState('port', $this->input->get('port', 21, 'int')); $model->setState('user', $this->input->get('user', '', 'raw')); $model->setState('pass', $this->input->get('pass', '', 'raw')); $model->setState('privkey', $this->input->get('privkey', '', 'path')); $model->setState('pubkey', $this->input->get('pubkey', '', 'path')); $model->setState('initdir', $this->input->get('initdir', '', 'raw')); try { $model->testSFTP(); $testResult = true; } catch (\RuntimeException $e) { $testResult = $e->getMessage(); } @ob_end_clean(); echo '###' . json_encode( [ 'status' => $testResult, ] ) . '###'; if (!$this->noFlush) { flush(); } $this->app->close(); } private function isNumericIndexedArray(array $result) { return array_reduce( array_keys($result), function (bool $carry, $key) { return $carry \|\| (is_numeric($key) && intval($key) == $key); }, false ); } }PK��!��L�\��LogController.phpnu��[��<?php /* * @package akeebabackup * @copyright Copyright 2006-2026 Nicholas K. Dionysopoulos / Akeeba Ltd * @license GNU General Public License version 3, or later / namespace Akeeba\Component\AkeebaBackup\Administrator\Controller; defined('_JEXEC') or die; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerCustomACLTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerEventsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerRegisterTasksTrait; use Akeeba\Component\AkeebaBackup\Administrator\Mixin\ControllerReusableModelsTrait; use Akeeba\Component\AkeebaBackup\Administrator\Model\LogModel; use Akeeba\Engine\Platform; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Component\ComponentHelper; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\Input\Input; class LogController extends BaseController { use ControllerEventsTrait; use ControllerCustomACLTrait { onBeforeExecute as onCustomACLBeforeExecute; } use ControllerRegisterTasksTrait; use ControllerReusableModelsTrait; private bool $noFlush = false; public function __construct( $config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null ) { parent::__construct($config, $factory, $app, $input); $this->noFlush = ComponentHelper::getParams('com_akeebabackup')->get('no_flush', 0) == 1; $this->registerControllerTasks('main'); } /* * Display the log page * * @return void / public function onBeforeMain() { $tag = $this->input->get('tag', null, 'cmd'); $latest = $this->input->get('latest', false, 'int'); if (empty($tag)) { $tag = null; } /* @var LogModel $model / $model = $this->getModel('Log', 'Administrator'); if ($latest) { $logFiles = $model->getLogFiles(); $tag = array_shift($logFiles); } $model->setState('tag', $tag); Platform::getInstance()->load_configuration(Platform::getInstance()->get_active_profile()); } /* * Renders the contents of the log, used inside the IFRAME of the log page * * @return void / public function iframe() { $tag = $this->input->get('tag', null, 'cmd'); if (empty($tag)) { $tag = null; } /* @var LogModel $model / $model = $this->getModel('Log', 'Administrator'); $model->setState('tag', $tag); Platform::getInstance()->load_configuration(Platform::getInstance()->get_active_profile()); $this->display(); } /* * Download the log file as a text file * * @return void / public function download() { Platform::getInstance()->load_configuration(Platform::getInstance()->get_active_profile()); $tag = $this->input->get('tag', null, 'cmd'); if (empty($tag)) { $tag = null; } $this->triggerEvent('onDownload', [$tag]); $asAttachment = $this->input->getBool('attachment', true); @ob_end_clean(); // In case some braindead plugin spits its own HTML header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past header("Content-Description: File Transfer"); header('Content-Type: text/plain'); if ($asAttachment) { header('Content-Disposition: attachment; filename="Akeeba Backup Debug Log.txt"'); } /* @var LogModel $model / $model = $this->getModel('Log', 'Administrator'); $model->setState('tag', $tag); $model->echoRawLog(); if (!$this->noFlush) { flush(); } $this->app->close(); } public function inlineRaw() { Platform::getInstance()->load_configuration(Platform::getInstance()->get_active_profile()); $tag = $this->input->get('tag', null, 'cmd'); if (empty($tag)) { $tag = null; } /* @var LogModel $model / $model = $this->getModel('Log', 'Administrator'); $model->setState('tag', $tag); echo "<pre>"; $model->echoRawLog(); echo "</pre>"; } protected function onBeforeExecute(&$task) { $this->akeebaBackupACLCheck($this->getName(), $task); $profileId = $this->input->getInt('profileid', null); if (!empty($profileId) && is_numeric($profileId) && ($profileId > 0)) { $this->app->getSession()->set('akeebabackup.profile', $profileId); } } }PK��!�\����TagController.phpnu��[��<?php /** * @package Joomla.Administrator * @subpackage com_tags * * @copyright (C) 2013 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Tags\Administrator\Controller; use Joomla\CMS\MVC\Controller\FormController; use Joomla\CMS\Versioning\VersionableControllerTrait; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * The Tag Controller * * @since 3.1 / class TagController extends FormController { use VersionableControllerTrait; /* * Method to check if you can add a new record. * * @param array $data An array of input data. * * @return boolean * * @since 3.1 / protected function allowAdd($data = []) { return $this->app->getIdentity()->authorise('core.create', 'com_tags'); } /* * Method to run batch operations. * * @param object $model The model. * * @return boolean True if successful, false otherwise and internal error is set. * * @since 3.1 / public function batch($model = null) { $this->checkToken(); // Set the model $model = $this->getModel('Tag'); // Preset the redirect $this->setRedirect('index.php?option=com_tags&view=tags'); return parent::batch($model); } } PK��!�1V�R{��{��ActionlogsController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_actionlogs * * @copyright (C) 2018 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Actionlogs\Administrator\Controller; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Component\ComponentHelper; use Joomla\CMS\Date\Date; use Joomla\CMS\Event\ActionLog\AfterLogExportEvent; use Joomla\CMS\Input\Input; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\AdminController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Router\Route; use Joomla\Component\Actionlogs\Administrator\Helper\ActionlogsHelper; use Joomla\Component\Actionlogs\Administrator\Model\ActionlogsModel; use Joomla\Utilities\ArrayHelper; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Actionlogs list controller class. * * @since 3.9.0 / class ActionlogsController extends AdminController { /* * Constructor. * * @param array $config An optional associative array of configuration settings. * Recognized key values include 'name', 'default_task', 'model_path', and * 'view_path' (this list is not meant to be comprehensive). * @param ?MVCFactoryInterface $factory The factory. * @param CMSApplication $app The Application for the dispatcher * @param Input $input Input * * @since 3.9.0 * * @throws \Exception / public function __construct($config = [], ?MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); $this->registerTask('exportSelectedLogs', 'exportLogs'); } /* * Method to export logs * * @return void * * @since 3.9.0 * * @throws \Exception / public function exportLogs() { // Check for request forgeries. $this->checkToken(); $task = $this->getTask(); $pks = []; if ($task == 'exportSelectedLogs') { // Get selected logs $pks = ArrayHelper::toInteger(explode(',', $this->input->post->getString('cids'))); } /* @var ActionlogsModel $model / $model = $this->getModel(); // Get the logs data $data = $model->getLogDataAsIterator($pks); if (\count($data)) { try { $rows = ActionlogsHelper::getCsvData($data); } catch (\InvalidArgumentException) { $this->setMessage(Text::_('COM_ACTIONLOGS_ERROR_COULD_NOT_EXPORT_DATA'), 'error'); $this->setRedirect(Route::_('index.php?option=com_actionlogs&view=actionlogs', false)); return; } // Destroy the iterator now unset($data); $date = new Date('now', new \DateTimeZone('UTC')); $filename = 'logs_' . $date->format('Y-m-d_His_T'); $csvDelimiter = ComponentHelper::getComponent('com_actionlogs')->getParams()->get('csv_delimiter', ','); $this->app->setHeader('Content-Type', 'application/csv', true) ->setHeader('Content-Disposition', 'attachment; filename="' . $filename . '.csv"', true) ->setHeader('Cache-Control', 'must-revalidate', true) ->sendHeaders(); $output = fopen("php://output", "w"); foreach ($rows as $row) { fputcsv($output, $row, $csvDelimiter, escape: ""); } fclose($output); $this->getDispatcher()->dispatch('onAfterLogExport', new AfterLogExportEvent('onAfterLogExport')); $this->app->close(); } else { $this->setMessage(Text::_('COM_ACTIONLOGS_NO_LOGS_TO_EXPORT')); $this->setRedirect(Route::_('index.php?option=com_actionlogs&view=actionlogs', false)); } } /* * Method to get a model object, loading it if required. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config Configuration array for model. Optional. * * @return object The model. * * @since 3.9.0 / public function getModel($name = 'Actionlogs', $prefix = 'Administrator', $config = ['ignore_request' => true]) { // Return the model return parent::getModel($name, $prefix, $config); } /* * Clean out the logs * * @return void * * @since 3.9.0 / public function purge() { // Check for request forgeries. $this->checkToken(); $model = $this->getModel(); if ($model->purge()) { $message = Text::_('COM_ACTIONLOGS_PURGE_SUCCESS'); } else { $message = Text::_('COM_ACTIONLOGS_PURGE_FAIL'); } $this->setRedirect(Route::_('index.php?option=com_actionlogs&view=actionlogs', false), $message); } } PK��!�Ƞ�C��C��FeedsController.phpnu��[��<?php /* * @package Joomla.API * @subpackage com_newsfeeds * * @copyright (C) 2019 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Newsfeeds\Api\Controller; use Joomla\CMS\MVC\Controller\ApiController; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * The feeds controller * * @since 4.0.0 / class FeedsController extends ApiController { /* * The content type of the item. * * @var string * @since 4.0.0 / protected $contentType = 'newsfeeds'; /* * The default view for the display method. * * @var string * @since 3.0 / protected $default_view = 'feeds'; } PK��!�]�2� �� SuggestionsController.phpnu��[��<?php /* * @package Joomla.Site * @subpackage com_finder * * @copyright (C) 2011 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Finder\Site\Controller; use Joomla\CMS\Component\ComponentHelper; use Joomla\CMS\MVC\Controller\BaseController; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Suggestions \JSON controller for Finder. * * @since 2.5 / class SuggestionsController extends BaseController { /* * Method to find search query suggestions. Uses awesomplete * * @return void * * @since 3.4 / public function suggest() { $app = $this->app; $app->mimeType = 'application/json'; // Ensure caching is disabled as it depends on the query param in the model $app->allowCache(false); $suggestions = $this->getSuggestions(); // Send the response. $app->setHeader('Content-Type', $app->mimeType . '; charset=' . $app->charSet); $app->sendHeaders(); echo '{ "suggestions": ' . json_encode($suggestions) . ' }'; } /* * Method to find search query suggestions for OpenSearch * * @return void * * @since 4.0.0 / public function opensearchsuggest() { $app = $this->app; $app->mimeType = 'application/json'; $result = []; $result[] = $app->getInput()->request->get('q', '', 'string'); $result[] = $this->getSuggestions(); // Ensure caching is disabled as it depends on the query param in the model $app->allowCache(false); // Send the response. $app->setHeader('Content-Type', $app->mimeType . '; charset=' . $app->charSet); $app->sendHeaders(); echo json_encode($result); } /* * Method to retrieve the data from the database * * @return array The suggested words * * @since 3.4 / protected function getSuggestions() { $return = []; $params = ComponentHelper::getParams('com_finder'); if ($params->get('show_autosuggest', 1)) { // Get the suggestions. $model = $this->getModel('Suggestions'); $return = $model->getItems(); } // Check the data. if (empty($return)) { $return = []; } return $return; } } PK��!��1>0��0��ClientController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_banners * * @copyright (C) 2006 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Banners\Administrator\Controller; use Joomla\CMS\MVC\Controller\FormController; use Joomla\CMS\Versioning\VersionableControllerTrait; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Client controller class. * * @since 1.6 / class ClientController extends FormController { use VersionableControllerTrait; /* * The prefix to use with controller messages. * * @var string * @since 1.6 / protected $text_prefix = 'COM_BANNERS_CLIENT'; } PK��!��$�s��ClientsController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_banners * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Banners\Administrator\Controller; use Joomla\CMS\MVC\Controller\AdminController; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Clients list controller class. * * @since 1.6 / class ClientsController extends AdminController { /* * The prefix to use with controller messages. * * @var string * @since 1.6 / protected $text_prefix = 'COM_BANNERS_CLIENTS'; /* * Method to get a model object, loading it if required. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config Configuration array for model. Optional. * * @return \Joomla\CMS\MVC\Model\BaseDatabaseModel The model. * * @since 1.6 / public function getModel($name = 'Client', $prefix = 'Administrator', $config = ['ignore_request' => true]) { return parent::getModel($name, $prefix, $config); } } PK��!��Q��TracksController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_banners * * @copyright (C) 2017 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Banners\Administrator\Controller; use Joomla\CMS\Application\ApplicationHelper; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Tracks list controller class. * * @since 1.6 / class TracksController extends BaseController { /* * The prefix to use with controller messages. * * @var string * @since 1.6 / protected $context = 'com_banners.tracks'; /* * Method to get a model object, loading it if required. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config Configuration array for model. Optional. * * @return \Joomla\CMS\MVC\Model\BaseDatabaseModel The model. * * @since 1.6 / public function getModel($name = 'Tracks', $prefix = 'Administrator', $config = ['ignore_request' => true]) { return parent::getModel($name, $prefix, $config); } /* * Method to remove a record. * * @return void * * @since 1.6 / public function delete() { // Check for request forgeries. $this->checkToken(); // Get the model. /* @var \Joomla\Component\Banners\Administrator\Model\TracksModel $model / $model = $this->getModel(); // Load the filter state. $model->setState('filter.type', $this->app->getUserState($this->context . '.filter.type')); $model->setState('filter.begin', $this->app->getUserState($this->context . '.filter.begin')); $model->setState('filter.end', $this->app->getUserState($this->context . '.filter.end')); $model->setState('filter.category_id', $this->app->getUserState($this->context . '.filter.category_id')); $model->setState('filter.client_id', $this->app->getUserState($this->context . '.filter.client_id')); $model->setState('list.limit', 0); $model->setState('list.start', 0); $count = $model->getTotal(); // Remove the items. if (!$model->delete()) { $this->app->enqueueMessage($model->getError(), 'warning'); } elseif ($count > 0) { $this->setMessage(Text::plural('COM_BANNERS_TRACKS_N_ITEMS_DELETED', $count)); } else { $this->setMessage(Text::_('COM_BANNERS_TRACKS_NO_ITEMS_DELETED')); } $this->setRedirect('index.php?option=com_banners&view=tracks'); } /* * Display method for the raw track data. * * @param boolean $cachable If true, the view output will be cached * @param array $urlparams An array of safe URL parameters and their variable types. * @see \Joomla\CMS\Filter\InputFilter::clean() for valid values. * * @return static This object to support chaining. * * @since 1.5 * @todo This should be done as a view, not here! / public function display($cachable = false, $urlparams = []) { // Get the document object. $vName = 'tracks'; // Get and render the view. if ($view = $this->getView($vName, 'raw')) { // Check for request forgeries. $this->checkToken('GET'); // Get the model for the view. /* @var \Joomla\Component\Banners\Administrator\Model\TracksModel $model / $model = $this->getModel($vName); // Load the filter state. $app = $this->app; $model->setState('filter.type', $app->getUserState($this->context . '.filter.type')); $model->setState('filter.begin', $app->getUserState($this->context . '.filter.begin')); $model->setState('filter.end', $app->getUserState($this->context . '.filter.end')); $model->setState('filter.category_id', $app->getUserState($this->context . '.filter.category_id')); $model->setState('filter.client_id', $app->getUserState($this->context . '.filter.client_id')); $model->setState('list.limit', 0); $model->setState('list.start', 0); $form = $this->input->get('jform', [], 'array'); $model->setState('basename', $form['basename']); $model->setState('compressed', $form['compressed']); // Create one year cookies. $cookieLifeTime = time() + 365 86400; $cookieDomain = $app->get('cookie_domain', ''); $cookiePath = $app->get('cookie_path', '/'); $isHttpsForced = $app->isHttpsForced(); $this->input->cookie->set( ApplicationHelper::getHash($this->context . '.basename'), $form['basename'], [ 'expires' => $cookieLifeTime, 'path' => $cookiePath, 'domain' => $cookieDomain, 'secure' => $isHttpsForced, 'httponly' => true, ] ); $this->input->cookie->set( ApplicationHelper::getHash($this->context . '.compressed'), $form['compressed'], [ 'expires' => $cookieLifeTime, 'path' => $cookiePath, 'domain' => $cookieDomain, 'secure' => $isHttpsForced, 'httponly' => true, ] ); // Push the model into the view (as default). $view->setModel($model, true); // Push document object into the view. $view->document = $this->app->getDocument(); $view->display(); } return $this; } } PK��!��A4�0��0��BannersController.phpnu��[��<?php /** * @package Joomla.Administrator * @subpackage com_banners * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Banners\Administrator\Controller; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\AdminController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Response\JsonResponse; use Joomla\Input\Input; use Joomla\Utilities\ArrayHelper; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Banners list controller class. * * @since 1.6 / class BannersController extends AdminController { /* * The prefix to use with controller messages. * * @var string * @since 1.6 / protected $text_prefix = 'COM_BANNERS_BANNERS'; /* * Constructor. * * @param array $config An optional associative array of configuration settings. * @param ?MVCFactoryInterface $factory The factory. * @param ?CMSApplication $app The Application for the dispatcher * @param ?Input $input Input * * @since 3.0 / public function __construct($config = [], ?MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); $this->registerTask('sticky_unpublish', 'sticky_publish'); } /* * Method to get a model object, loading it if required. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config Configuration array for model. Optional. * * @return \Joomla\CMS\MVC\Model\BaseDatabaseModel The model. * * @since 1.6 / public function getModel($name = 'Banner', $prefix = 'Administrator', $config = ['ignore_request' => true]) { return parent::getModel($name, $prefix, $config); } /* * Stick items * * @return void * * @since 1.6 / public function sticky_publish() { // Check for request forgeries. $this->checkToken(); $ids = (array) $this->input->get('cid', [], 'int'); $values = ['sticky_publish' => 1, 'sticky_unpublish' => 0]; $task = $this->getTask(); $value = ArrayHelper::getValue($values, $task, 0, 'int'); // Remove zero values resulting from input filter $ids = array_filter($ids); if (empty($ids)) { $this->app->enqueueMessage(Text::_('COM_BANNERS_NO_BANNERS_SELECTED'), 'warning'); } else { // Get the model. /* @var \Joomla\Component\Banners\Administrator\Model\BannerModel $model / $model = $this->getModel(); // Change the state of the records. if (!$model->stick($ids, $value)) { $this->app->enqueueMessage($model->getError(), 'warning'); } else { if ($value == 1) { $ntext = 'COM_BANNERS_N_BANNERS_STUCK'; } else { $ntext = 'COM_BANNERS_N_BANNERS_UNSTUCK'; } $this->setMessage(Text::plural($ntext, \count($ids))); } } $this->setRedirect('index.php?option=com_banners&view=banners'); } /* * Method to get the number of published banners for quickicons * * @return void * * @since 4.3.0 / public function getQuickiconContent() { $model = $this->getModel('banners'); $model->setState('filter.published', 1); $amount = (int) $model->getTotal(); $result = []; $result['amount'] = $amount; $result['sronly'] = Text::plural('COM_BANNERS_N_QUICKICON_SRONLY', $amount); $result['name'] = Text::plural('COM_BANNERS_N_QUICKICON', $amount); echo new JsonResponse($result); } } PK��!��5��BannerController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_banners * * @copyright (C) 2006 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Banners\Administrator\Controller; use Joomla\CMS\MVC\Controller\FormController; use Joomla\CMS\Router\Route; use Joomla\CMS\Versioning\VersionableControllerTrait; use Joomla\Utilities\ArrayHelper; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Banner controller class. * * @since 1.6 / class BannerController extends FormController { use VersionableControllerTrait; /* * The prefix to use with controller messages. * * @var string * @since 1.6 / protected $text_prefix = 'COM_BANNERS_BANNER'; /* * Method override to check if you can add a new record. * * @param array $data An array of input data. * * @return boolean * * @since 1.6 / protected function allowAdd($data = []) { $filter = $this->input->getInt('filter_category_id'); $categoryId = ArrayHelper::getValue($data, 'catid', $filter, 'int'); if ($categoryId) { // If the category has been passed in the URL check it. return $this->app->getIdentity()->authorise('core.create', $this->option . '.category.' . $categoryId); } // In the absence of better information, revert to the component permissions. return parent::allowAdd($data); } /* * Method override to check if you can edit an existing record. * * @param array $data An array of input data. * @param string $key The name of the key for the primary key. * * @return boolean * * @since 1.6 / protected function allowEdit($data = [], $key = 'id') { $recordId = isset($data[$key]) ? (int) $data[$key] : 0; $categoryId = 0; if ($recordId) { $categoryId = (int) $this->getModel()->getItem($recordId)->catid; } if ($categoryId) { // The category has been set. Check the category permissions. return $this->app->getIdentity()->authorise('core.edit', $this->option . '.category.' . $categoryId); } // Since there is no asset tracking, revert to the component permissions. return parent::allowEdit($data, $key); } /* * Method to run batch operations. * * @param string $model The model * * @return boolean True on success. * * @since 2.5 / public function batch($model = null) { $this->checkToken(); // Set the model $model = $this->getModel('Banner', '', []); // Preset the redirect $this->setRedirect(Route::_('index.php?option=com_banners&view=banners' . $this->getRedirectToListAppend(), false)); return parent::batch($model); } } PK��!�lS�=��=��ContactsController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_contact * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Contact\Administrator\Controller; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\AdminController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Response\JsonResponse; use Joomla\Input\Input; use Joomla\Utilities\ArrayHelper; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Contacts list controller class. * * @since 1.6 / class ContactsController extends AdminController { /* * Constructor. * * @param array $config An optional associative array of configuration settings. * Recognized key values include 'name', 'default_task', 'model_path', and * 'view_path' (this list is not meant to be comprehensive). * @param ?MVCFactoryInterface $factory The factory. * @param ?CMSApplication $app The Application for the dispatcher * @param ?Input $input Input * * @since 3.0 / public function __construct($config = [], ?MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); $this->registerTask('unfeatured', 'featured'); } /* * Method to toggle the featured setting of a list of contacts. * * @return void * * @since 1.6 / public function featured() { // Check for request forgeries $this->checkToken(); $ids = (array) $this->input->get('cid', [], 'int'); $values = ['featured' => 1, 'unfeatured' => 0]; $task = $this->getTask(); $value = ArrayHelper::getValue($values, $task, 0, 'int'); // Get the model. /* @var \Joomla\Component\Contact\Administrator\Model\ContactModel $model / $model = $this->getModel(); // Access checks. foreach ($ids as $i => $id) { // Remove zero value resulting from input filter if ($id === 0) { unset($ids[$i]); continue; } $item = $model->getItem($id); if (!$this->app->getIdentity()->authorise('core.edit.state', 'com_contact.category.' . (int) $item->catid)) { // Prune items that you can't change. unset($ids[$i]); $this->app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_EDITSTATE_NOT_PERMITTED'), 'notice'); } } if (empty($ids)) { $message = null; $this->app->enqueueMessage(Text::_('COM_CONTACT_NO_ITEM_SELECTED'), 'warning'); } else { // Publish the items. if (!$model->featured($ids, $value)) { $this->app->enqueueMessage($model->getError(), 'warning'); } if ($value == 1) { $message = Text::plural('COM_CONTACT_N_ITEMS_FEATURED', \count($ids)); } else { $message = Text::plural('COM_CONTACT_N_ITEMS_UNFEATURED', \count($ids)); } } $this->setRedirect('index.php?option=com_contact&view=contacts', $message); } /* * Proxy for getModel. * * @param string $name The name of the model. * @param string $prefix The prefix for the PHP class name. * @param array $config Array of configuration parameters. * * @return \Joomla\CMS\MVC\Model\BaseDatabaseModel * * @since 1.6 / public function getModel($name = 'Contact', $prefix = 'Administrator', $config = ['ignore_request' => true]) { return parent::getModel($name, $prefix, $config); } /* * Method to get the number of published contacts for quickicons * * @return void * * @since 4.3.0 / public function getQuickiconContent() { $model = $this->getModel('contacts'); $model->setState('filter.published', 1); $amount = (int) $model->getTotal(); $result = []; $result['amount'] = $amount; $result['sronly'] = Text::plural('COM_CONTACT_N_QUICKICON_SRONLY', $amount); $result['name'] = Text::plural('COM_CONTACT_N_QUICKICON', $amount); echo new JsonResponse($result); } } PK��!�!� ,��ContactController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_contact * * @copyright (C) 2008 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Contact\Administrator\Controller; use Joomla\CMS\MVC\Controller\FormController; use Joomla\CMS\MVC\Model\BaseDatabaseModel; use Joomla\CMS\Router\Route; use Joomla\CMS\Versioning\VersionableControllerTrait; use Joomla\Utilities\ArrayHelper; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Controller for a single contact * * @since 1.6 / class ContactController extends FormController { use VersionableControllerTrait; /* * Method override to check if you can add a new record. * * @param array $data An array of input data. * * @return boolean * * @since 1.6 / protected function allowAdd($data = []) { $categoryId = ArrayHelper::getValue($data, 'catid', $this->input->getInt('filter_category_id'), 'int'); if ($categoryId) { // If the category has been passed in the URL check it. return $this->app->getIdentity()->authorise('core.create', $this->option . '.category.' . $categoryId); } // In the absence of better information, revert to the component permissions. return parent::allowAdd($data); } /* * Method override to check if you can edit an existing record. * * @param array $data An array of input data. * @param string $key The name of the key for the primary key. * * @return boolean * * @since 1.6 / protected function allowEdit($data = [], $key = 'id') { $recordId = isset($data[$key]) ? (int) $data[$key] : 0; // Since there is no asset tracking, fallback to the component permissions. if (!$recordId) { return parent::allowEdit($data, $key); } // Get the item. $item = $this->getModel()->getItem($recordId); // Since there is no item, return false. if (empty($item)) { return false; } $user = $this->app->getIdentity(); // Check if can edit own core.edit.own. $canEditOwn = $user->authorise('core.edit.own', $this->option . '.category.' . (int) $item->catid) && $item->created_by == $user->id; // Check the category core.edit permissions. return $canEditOwn \|\| $user->authorise('core.edit', $this->option . '.category.' . (int) $item->catid); } /* * Method to run batch operations. * * @param object $model The model. * * @return boolean True if successful, false otherwise and internal error is set. * * @since 2.5 / public function batch($model = null) { $this->checkToken(); // Set the model /* @var \Joomla\Component\Contact\Administrator\Model\ContactModel $model / $model = $this->getModel('Contact', 'Administrator', []); // Preset the redirect $this->setRedirect(Route::_('index.php?option=com_contact&view=contacts' . $this->getRedirectToListAppend(), false)); return parent::batch($model); } /* * Function that allows child controller access to model data * after the data has been saved. * * @param BaseDatabaseModel $model The data model object. * @param array $validData The validated data. * * @return void * * @since 4.1.0 / protected function postSaveHook(BaseDatabaseModel $model, $validData = []) { if ($this->getTask() === 'save2menu') { $editState = []; $id = $model->getState('contact.id'); $link = 'index.php?option=com_contact&view=contact'; $type = 'component'; $editState['link'] = $link; $editState['title'] = $model->getItem($id)->name; $editState['type'] = $type; $editState['request']['id'] = $id; $this->app->setUserState( 'com_menus.edit.item', [ 'data' => $editState, 'type' => $type, 'link' => $link, ] ); $this->setRedirect(Route::_('index.php?option=com_menus&view=item&client_id=0&menutype=mainmenu&layout=edit', false)); } elseif ($this->input->get('layout') === 'modal' && $this->task === 'save') { // When editing in modal then redirect to modalreturn layout $id = $model->getState('contact.id', ''); $return = 'index.php?option=' . $this->option . '&view=' . $this->view_item . $this->getRedirectToItemAppend($id) . '&layout=modalreturn&from-task=save'; $this->setRedirect(Route::_($return, false)); } } /* * Method to cancel an edit. * * @param string $key The name of the primary key of the URL variable. * * @return boolean True if access level checks pass, false otherwise. * * @since 5.1.0 / public function cancel($key = null) { $result = parent::cancel($key); // When editing in modal then redirect to modalreturn layout if ($result && $this->input->get('layout') === 'modal') { $id = $this->input->get('id'); $return = 'index.php?option=' . $this->option . '&view=' . $this->view_item . $this->getRedirectToItemAppend($id) . '&layout=modalreturn&from-task=cancel'; $this->setRedirect(Route::_($return, false)); } return $result; } } PK��!� ^RB�>��>��MethodController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_users * * @copyright (C) 2022 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Users\Administrator\Controller; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Event\MultiFactor\NotifyActionLog; use Joomla\CMS\Event\MultiFactor\SaveSetup; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController as BaseControllerAlias; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Router\Route; use Joomla\CMS\Uri\Uri; use Joomla\CMS\User\User; use Joomla\CMS\User\UserFactoryAwareInterface; use Joomla\CMS\User\UserFactoryAwareTrait; use Joomla\CMS\User\UserHelper; use Joomla\Component\Users\Administrator\Helper\Mfa as MfaHelper; use Joomla\Component\Users\Administrator\Model\BackupcodesModel; use Joomla\Component\Users\Administrator\Model\MethodModel; use Joomla\Component\Users\Administrator\Table\MfaTable; use Joomla\Input\Input; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Multi-factor Authentication method controller * * @since 4.2.0 / class MethodController extends BaseControllerAlias implements UserFactoryAwareInterface { use UserFactoryAwareTrait; /* * Public constructor * * @param array $config Plugin configuration * @param ?MVCFactoryInterface $factory MVC Factory for the com_users component * @param ?CMSApplication $app CMS application object * @param ?Input $input Joomla CMS input object * * @since 4.2.0 / public function __construct(array $config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null) { // We have to tell Joomla what is the name of the view, otherwise it defaults to the name of the component. $config['default_view'] = 'method'; $config['default_task'] = 'add'; parent::__construct($config, $factory, $app, $input); } /* * Execute a task by triggering a Method in the derived class. * * @param string $task The task to perform. If no matching task is found, the '__default' task is executed, if * defined. * * @return mixed The value returned by the called Method. * * @throws \Exception * @since 4.2.0 / public function execute($task) { if (empty($task) \|\| $task === 'display') { $task = 'add'; } return parent::execute($task); } /* * Add a new MFA Method * * @param boolean $cachable Ignored. This page is never cached. * @param boolean\|array $urlparams Ignored. This page is never cached. * * @return void * @throws \Exception * @since 4.2.0 / public function add($cachable = false, $urlparams = []): void { $this->assertLoggedInUser(); // Make sure I am allowed to edit the specified user $userId = $this->input->getInt('user_id', null); $user = $this->getUserFactory()->loadUserById($userId); $this->assertCanEdit($user); // Also make sure the Method really does exist $method = $this->input->getCmd('method'); $this->assertMethodExists($method); /* @var MethodModel $model / $model = $this->getModel('Method'); $model->setState('method', $method); // Pass the return URL to the view $returnURL = $this->input->getBase64('returnurl'); $viewLayout = $this->input->get('layout', 'default', 'string'); $view = $this->getView('Method', 'html'); $view->setLayout($viewLayout); $view->returnURL = $returnURL; $view->user = $user; $view->document = $this->app->getDocument(); $view->setModel($model, true); $event = new NotifyActionLog('onComUsersControllerMethodBeforeAdd', [$user, $method]); $this->app->getDispatcher()->dispatch($event->getName(), $event); $view->display(); } /* * Edit an existing MFA Method * * @param boolean $cachable Ignored. This page is never cached. * @param boolean\|array $urlparams Ignored. This page is never cached. * * @return void * @throws \Exception * @since 4.2.0 / public function edit($cachable = false, $urlparams = []): void { $this->assertLoggedInUser(); // Make sure I am allowed to edit the specified user $userId = $this->input->getInt('user_id', null); $user = $this->getUserFactory()->loadUserById($userId); $this->assertCanEdit($user); // Also make sure the Method really does exist $id = $this->input->getInt('id'); $record = $this->assertValidRecordId($id, $user); if ($id <= 0) { throw new \RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } /* @var MethodModel $model / $model = $this->getModel('Method'); $model->setState('id', $id); // Pass the return URL to the view $returnURL = $this->input->getBase64('returnurl'); $viewLayout = $this->input->get('layout', 'default', 'string'); $view = $this->getView('Method', 'html'); $view->setLayout($viewLayout); $view->returnURL = $returnURL; $view->user = $user; $view->document = $this->app->getDocument(); $view->setModel($model, true); $event = new NotifyActionLog('onComUsersControllerMethodBeforeEdit', [$id, $user]); $this->app->getDispatcher()->dispatch($event->getName(), $event); $view->display(); } /* * Regenerate backup codes * * @param boolean $cachable Ignored. This page is never cached. * @param boolean\|array $urlparams Ignored. This page is never cached. * * @return void * @throws \Exception * @since 4.2.0 / public function regenerateBackupCodes($cachable = false, $urlparams = []): void { $this->assertLoggedInUser(); $this->checkToken($this->input->getMethod()); // Make sure I am allowed to edit the specified user $userId = $this->input->getInt('user_id', null); $user = $this->getUserFactory()->loadUserById($userId); $this->assertCanEdit($user); /* @var BackupcodesModel $model / $model = $this->getModel('Backupcodes'); $model->regenerateBackupCodes($user); $backupCodesRecord = $model->getBackupCodesRecord($user); // Redirect $redirectUrl = 'index.php?option=com_users&task=method.edit&user_id=' . $userId . '&id=' . $backupCodesRecord->id; $returnURL = $this->input->getBase64('returnurl'); if (!empty($returnURL) && Uri::isInternal(base64_decode($returnURL))) { $redirectUrl .= '&returnurl=' . $returnURL; } $this->setRedirect(Route::_($redirectUrl, false)); $event = new NotifyActionLog('onComUsersControllerMethodAfterRegenerateBackupCodes'); $this->app->getDispatcher()->dispatch($event->getName(), $event); } /* * Delete an existing MFA Method * * @param boolean $cachable Ignored. This page is never cached. * @param boolean\|array $urlparams Ignored. This page is never cached. * * @return void * @since 4.2.0 / public function delete($cachable = false, $urlparams = []): void { $this->assertLoggedInUser(); $this->checkToken($this->input->getMethod()); // Make sure I am allowed to edit the specified user $userId = $this->input->getInt('user_id', null); $user = $this->getUserFactory()->loadUserById($userId); $this->assertCanDelete($user); // Also make sure the Method really does exist $id = $this->input->getInt('id'); $record = $this->assertValidRecordId($id, $user); if ($id <= 0) { throw new \RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } $type = null; $message = null; $event = new NotifyActionLog('onComUsersControllerMethodBeforeDelete', [$id, $user]); $this->app->getDispatcher()->dispatch($event->getName(), $event); try { $record->delete(); } catch (\Exception $e) { $message = $e->getMessage(); $type = 'error'; } // Redirect $url = Route::_('index.php?option=com_users&task=methods.display&user_id=' . $userId, false); $returnURL = $this->input->getBase64('returnurl'); if (!empty($returnURL) && Uri::isInternal(base64_decode($returnURL))) { $url = base64_decode($returnURL); } $this->setRedirect($url, $message, $type); } /* * Save the MFA Method * * @param boolean $cachable Ignored. This page is never cached. * @param boolean\|array $urlparams Ignored. This page is never cached. * * @return void * @since 4.2.0 / public function save($cachable = false, $urlparams = []): void { $this->assertLoggedInUser(); $this->checkToken($this->input->getMethod()); // Make sure I am allowed to edit the specified user $userId = $this->input->getInt('user_id', null); $user = $this->getUserFactory()->loadUserById($userId); $this->assertCanEdit($user); // Redirect $url = Route::_('index.php?option=com_users&task=methods.display&user_id=' . $userId, false); $returnURL = $this->input->getBase64('returnurl'); if (!empty($returnURL) && Uri::isInternal(base64_decode($returnURL))) { $url = base64_decode($returnURL); } // The record must either be new (ID zero) or exist $id = $this->input->getInt('id', 0); $record = $this->assertValidRecordId($id, $user); // If it's a new record we need to read the Method from the request and update the (not yet created) record. if ($record->id == 0) { $methodName = $this->input->getCmd('method'); $this->assertMethodExists($methodName); $record->method = $methodName; } /* @var MethodModel $model / $model = $this->getModel('Method'); // Ask the plugin to validate the input by calling onUserMultifactorSaveSetup $result = []; $input = $this->app->getInput(); $event = new NotifyActionLog('onComUsersControllerMethodBeforeSave', [$id, $user]); $this->app->getDispatcher()->dispatch($event->getName(), $event); try { $event = new SaveSetup($record, $input); $pluginResults = $this->app ->getDispatcher() ->dispatch($event->getName(), $event) ->getArgument('result', []); foreach ($pluginResults as $pluginResult) { $result = array_merge($result, $pluginResult); } } catch (\RuntimeException $e) { // Go back to the edit page $nonSefUrl = 'index.php?option=com_users&task=method.'; if ($id) { $nonSefUrl .= 'edit&id=' . (int) $id; } else { $nonSefUrl .= 'add&method=' . $record->method; } $nonSefUrl .= '&user_id=' . $userId; if (!empty($returnURL)) { $nonSefUrl .= '&returnurl=' . urlencode($returnURL); } $url = Route::_($nonSefUrl, false); $this->setRedirect($url, $e->getMessage(), 'error'); return; } // Update the record's options with the plugin response $title = $this->input->getString('title', null); $title = trim($title); if (empty($title)) { $method = $model->getMethod($record->method); $title = $method['display']; } // Update the record's "default" flag $default = $this->input->getBool('default', false); $record->title = $title; $record->options = $result; $record->default = $default ? 1 : 0; // Ask the model to save the record $saved = $record->store(); if (!$saved) { // Go back to the edit page $nonSefUrl = 'index.php?option=com_users&task=method.'; if ($id) { $nonSefUrl .= 'edit&id=' . (int) $id; } else { $nonSefUrl .= 'add'; } $nonSefUrl .= '&user_id=' . $userId; if (!empty($returnURL)) { $nonSefUrl .= '&returnurl=' . urlencode($returnURL); } $url = Route::_($nonSefUrl, false); $this->setRedirect($url, $record->getError(), 'error'); return; } // Method updated, destroy other active sessions UserHelper::destroyUserSessions($userId, true); $this->setRedirect($url); } /* * Assert that the provided ID is a valid record identified for the given user * * @param int $id Record ID to check * @param User\|null $user User record. Null to use current user. * * @return MfaTable The loaded record * @since 4.2.0 / private function assertValidRecordId($id, ?User $user = null): MfaTable { if (\is_null($user)) { $user = $this->app->getIdentity() ?: $this->getUserFactory()->loadUserById(0); } /* @var MethodModel $model / $model = $this->getModel('Method'); $model->setState('id', $id); $record = $model->getRecord($user); if (\is_null($record) \|\| ($record->id != $id) \|\| ($record->user_id != $user->id)) { throw new \RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } return $record; } /* * Assert that the user can add / edit MFA methods. * * @param User\|null $user User record. Null to use current user. * * @return void * @throws \RuntimeException\|\Exception * @since 4.2.0 / private function assertCanEdit(?User $user = null): void { if (!MfaHelper::canAddEditMethod($user)) { throw new \RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } } /* * Assert that the user can delete MFA records / disable MFA. * * @param User\|null $user User record. Null to use current user. * * @return void * @throws \RuntimeException\|\Exception * @since 4.2.0 / private function assertCanDelete(?User $user = null): void { if (!MfaHelper::canDeleteMethod($user)) { throw new \RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } } /* * Assert that the specified MFA Method exists, is activated and enabled for the current user * * @param string\|null $method The Method to check * * @return void * @since 4.2.0 / private function assertMethodExists(?string $method): void { /* @var MethodModel $model / $model = $this->getModel('Method'); if (empty($method) \|\| !$model->methodExists($method)) { throw new \RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } } /* * Assert that there is a logged in user. * * @return void * @since 4.2.0 / private function assertLoggedInUser(): void { $user = $this->app->getIdentity() ?: $this->getUserFactory()->loadUserById(0); if ($user->guest) { throw new \RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } } } PK��!�&��T��NoteController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_users * * @copyright (C) 2011 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Users\Administrator\Controller; use Joomla\CMS\MVC\Controller\FormController; use Joomla\CMS\Versioning\VersionableControllerTrait; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * User note controller class. * * @since 2.5 / class NoteController extends FormController { use VersionableControllerTrait; /* * The prefix to use with controller messages. * * @var string * @since 2.5 / protected $text_prefix = 'COM_USERS_NOTE'; /* * Gets the URL arguments to append to an item redirect. * * @param integer $recordId The primary key id for the item. * @param string $key The name of the primary key variable. * * @return string The arguments to append to the redirect URL. * * @since 2.5 / protected function getRedirectToItemAppend($recordId = null, $key = 'id') { $append = parent::getRedirectToItemAppend($recordId, $key); $userId = $this->input->get('u_id', 0, 'int'); if ($userId) { $append .= '&u_id=' . $userId; } return $append; } } PK��!�@�_q��q��MailController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_users * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Users\Administrator\Controller; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\Router\Route; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Users mail controller. * * @since 1.6 / class MailController extends BaseController { /* * Send the mail * * @return void * * @since 1.6 / public function send() { // Redirect to admin index if mass mailer disabled in conf if ($this->app->get('massmailoff', 0) == 1) { $this->app->redirect(Route::_('index.php', false)); } // Check for request forgeries. $this->checkToken('request'); $model = $this->getModel('Mail'); if ($model->send()) { $type = 'message'; } else { $type = 'error'; } $msg = $model->getError(); $this->setRedirect('index.php?option=com_users&view=mail', $msg, $type); } /* * Cancel the mail * * @return void * * @since 1.6 / public function cancel() { // Check for request forgeries. $this->checkToken('request'); // Clear data from session. $this->app->setUserState('com_users.display.mail.data', null); $this->setRedirect('index.php?option=com_users&view=users'); } } PK��!�nm��NotesController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_users * * @copyright (C) 2011 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Users\Administrator\Controller; use Joomla\CMS\MVC\Controller\AdminController; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * User notes controller class. * * @since 2.5 / class NotesController extends AdminController { /* * The prefix to use with controller messages. * * @var string * @since 2.5 / protected $text_prefix = 'COM_USERS_NOTES'; /* * Method to get a model object, loading it if required. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config Configuration array for model. Optional. * * @return \Joomla\CMS\MVC\Model\BaseDatabaseModel The model. * * @since 2.5 / public function getModel($name = 'Note', $prefix = 'Administrator', $config = ['ignore_request' => true]) { return parent::getModel($name, $prefix, $config); } } PK��!��N�;��LevelsController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_users * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Users\Administrator\Controller; use Joomla\CMS\MVC\Controller\AdminController; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * User view levels list controller class. * * @since 1.6 / class LevelsController extends AdminController { /* * @var string The prefix to use with controller messages. * @since 1.6 / protected $text_prefix = 'COM_USERS_LEVELS'; /* * Proxy for getModel. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config Configuration array for model. Optional. * * @return \Joomla\CMS\MVC\Model\BaseDatabaseModel The model. * * @since 1.6 / public function getModel($name = 'Level', $prefix = 'Administrator', $config = ['ignore_request' => true]) { return parent::getModel($name, $prefix, $config); } } PK��!��5-1��MethodsController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_users * * @copyright (C) 2022 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Users\Administrator\Controller; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Event\MultiFactor\NotifyActionLog; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Router\Route; use Joomla\CMS\Uri\Uri; use Joomla\CMS\User\UserFactoryAwareInterface; use Joomla\CMS\User\UserFactoryAwareTrait; use Joomla\Component\Users\Administrator\Helper\Mfa as MfaHelper; use Joomla\Component\Users\Administrator\Model\MethodsModel; use Joomla\Input\Input; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Multi-factor Authentication methods selection and management controller * * @since 4.2.0 / class MethodsController extends BaseController implements UserFactoryAwareInterface { use UserFactoryAwareTrait; /* * Public constructor * * @param array $config Plugin configuration * @param ?MVCFactoryInterface $factory MVC Factory for the com_users component * @param ?CMSApplication $app CMS application object * @param ?Input $input Joomla CMS input object * * @since 4.2.0 / public function __construct($config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null) { // We have to tell Joomla what is the name of the view, otherwise it defaults to the name of the component. $config['default_view'] = 'Methods'; parent::__construct($config, $factory, $app, $input); } /* * Disable Multi-factor Authentication for the current user * * @param bool $cachable Can this view be cached * @param array $urlparams An array of safe url parameters and their variable types. * @see \Joomla\CMS\Filter\InputFilter::clean() for valid values. * * @return void * @since 4.2.0 / public function disable($cachable = false, $urlparams = []): void { $this->assertLoggedInUser(); $this->checkToken($this->input->getMethod()); // Make sure I am allowed to edit the specified user $userId = $this->input->getInt('user_id', null); $user = ($userId === null) ? $this->app->getIdentity() : $this->getUserFactory()->loadUserById($userId); $user ??= $this->getUserFactory()->loadUserById(0); if (!MfaHelper::canDeleteMethod($user)) { throw new \RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } // Delete all MFA Methods for the user /* @var MethodsModel $model / $model = $this->getModel('Methods'); $type = null; $message = null; $event = new NotifyActionLog('onComUsersControllerMethodsBeforeDisable', [$user]); $this->app->getDispatcher()->dispatch($event->getName(), $event); try { $model->deleteAll($user); } catch (\Exception $e) { $message = $e->getMessage(); $type = 'error'; } // Redirect $url = Route::_('index.php?option=com_users&task=methods.display&user_id=' . $userId, false); $returnURL = $this->input->getBase64('returnurl'); if (!empty($returnURL) && Uri::isInternal(base64_decode($returnURL))) { $url = base64_decode($returnURL); } $this->setRedirect($url, $message, $type); } /* * List all available Multi-factor Authentication Methods available and guide the user to setting them up * * @param bool $cachable Can this view be cached * @param array $urlparams An array of safe url parameters and their variable types. * @see \Joomla\CMS\Filter\InputFilter::clean() for valid values. * * @return void * @since 4.2.0 / public function display($cachable = false, $urlparams = []): void { $this->assertLoggedInUser(); // Make sure I am allowed to edit the specified user $userId = $this->input->getInt('user_id', null); $user = ($userId === null) ? $this->app->getIdentity() : $this->getUserFactory()->loadUserById($userId); $user ??= $this->getUserFactory()->loadUserById(0); if (!MfaHelper::canShowConfigurationInterface($user)) { throw new \RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } $returnURL = $this->input->getBase64('returnurl'); $viewLayout = $this->input->get('layout', 'default', 'string'); $view = $this->getView('Methods', 'html'); $view->setLayout($viewLayout); $view->returnURL = $returnURL; $view->user = $user; $view->document = $this->app->getDocument(); $methodsModel = $this->getModel('Methods'); $view->setModel($methodsModel, true); $backupCodesModel = $this->getModel('Backupcodes'); $view->setModel($backupCodesModel, false); $view->display(); } /* * Disable Multi-factor Authentication for the current user * * @param bool $cachable Can this view be cached * @param array $urlparams An array of safe url parameters and their variable types. * @see \Joomla\CMS\Filter\InputFilter::clean() for valid values. * * @return void * @since 4.2.0 / public function doNotShowThisAgain($cachable = false, $urlparams = []): void { $this->assertLoggedInUser(); $this->checkToken($this->input->getMethod()); // Make sure I am allowed to edit the specified user $userId = $this->input->getInt('user_id', null); $user = ($userId === null) ? $this->app->getIdentity() : $this->getUserFactory()->loadUserById($userId); $user ??= $this->getUserFactory()->loadUserById(0); if (!MfaHelper::canAddEditMethod($user)) { throw new \RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } $event = new NotifyActionLog('onComUsersControllerMethodsBeforeDoNotShowThisAgain', [$user]); $this->app->getDispatcher()->dispatch($event->getName(), $event); /* @var MethodsModel $model / $model = $this->getModel('Methods'); $model->setFlag($user, true); // Redirect $url = Uri::base(); $returnURL = $this->input->getBase64('returnurl'); if (!empty($returnURL) && Uri::isInternal(base64_decode($returnURL))) { $url = base64_decode($returnURL); } $this->setRedirect($url); } /* * Assert that there is a user currently logged in * * @return void * @since 4.2.0 / private function assertLoggedInUser(): void { $user = $this->app->getIdentity() ?: $this->getUserFactory()->loadUserById(0); if ($user->guest) { throw new \RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } } } PK��!��X ��X ��CallbackController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_users * * @copyright (C) 2022 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Users\Administrator\Controller; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Event\MultiFactor\Callback; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Plugin\PluginHelper; use Joomla\Input\Input; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Multi-factor Authentication plugins' AJAX callback controller * * @since 4.2.0 / class CallbackController extends BaseController { /* * Public constructor * * @param array $config Plugin configuration * @param ?MVCFactoryInterface $factory MVC Factory for the com_users component * @param ?CMSApplication $app CMS application object * @param ?Input $input Joomla CMS input object * * @since 4.2.0 / public function __construct(array $config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null) { parent::__construct($config, $factory, $app, $input); $this->registerDefaultTask('callback'); } /* * Implement a callback feature, typically used for OAuth2 authentication * * @param bool $cachable Can this view be cached * @param array\|bool $urlparams An array of safe url parameters and their variable types. * @see \Joomla\CMS\Filter\InputFilter::clean() for valid values. * * @return void * @since 4.2.0 / public function callback($cachable = false, $urlparams = false): void { // Get the Method and make sure it's non-empty $method = $this->input->getCmd('method', ''); if (empty($method)) { throw new \RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } PluginHelper::importPlugin('multifactorauth'); $event = new Callback($method); $this->app->getDispatcher()->dispatch($event->getName(), $event); /* * The first plugin to handle the request should either redirect or close the application. If we are still here * no plugin handled the request successfully. Show an error. / throw new \RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } } PK��!��kq��LevelController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_users * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Users\Administrator\Controller; use Joomla\CMS\Access\Access; use Joomla\CMS\Access\Exception\NotAllowed; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\FormController; use Joomla\CMS\Router\Route; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * User view level controller class. * * @since 1.6 / class LevelController extends FormController { /* * @var string The prefix to use with controller messages. * @since 1.6 / protected $text_prefix = 'COM_USERS_LEVEL'; /* * Method to check if you can save a new or existing record. * * Overrides Joomla\CMS\MVC\Controller\FormController::allowSave to check the core.admin permission. * * @param array $data An array of input data. * @param string $key The name of the key for the primary key. * * @return boolean * * @since 1.6 / protected function allowSave($data, $key = 'id') { return $this->app->getIdentity()->authorise('core.admin', $this->option) && parent::allowSave($data, $key); } /* * Overrides JControllerForm::allowEdit * * Checks that non-Super Admins are not editing Super Admins. * * @param array $data An array of input data. * @param string $key The name of the key for the primary key. * * @return boolean * * @since 3.8.8 / protected function allowEdit($data = [], $key = 'id') { // Check for if Super Admin can edit $viewLevel = $this->getModel('Level', 'Administrator')->getItem((int) $data['id']); // If this group is super admin and this user is not super admin, canEdit is false if (!$this->app->getIdentity()->authorise('core.admin') && $viewLevel->rules && Access::checkGroup($viewLevel->rules[0], 'core.admin')) { $this->setMessage(Text::_('JLIB_APPLICATION_ERROR_EDIT_NOT_PERMITTED'), 'error'); $this->setRedirect( Route::_( 'index.php?option=' . $this->option . '&view=' . $this->view_list . $this->getRedirectToListAppend(), false ) ); return false; } return parent::allowEdit($data, $key); } /* * Removes an item. * * Overrides Joomla\CMS\MVC\Controller\FormController::delete to check the core.admin permission. * * @return void * * @since 1.6 / public function delete() { // Check for request forgeries. $this->checkToken(); $ids = (array) $this->input->get('cid', [], 'int'); // Remove zero values resulting from input filter $ids = array_filter($ids); if (!$this->app->getIdentity()->authorise('core.admin', $this->option)) { throw new NotAllowed(Text::_('JERROR_ALERTNOAUTHOR'), 403); } if (empty($ids)) { $this->setMessage(Text::_('COM_USERS_NO_LEVELS_SELECTED'), 'warning'); } else { // Get the model. $model = $this->getModel(); // Remove the items. if ($model->delete($ids)) { $this->setMessage(Text::plural('COM_USERS_N_LEVELS_DELETED', \count($ids))); } } $this->setRedirect('index.php?option=com_users&view=levels'); } } PK��!��#��#��CaptiveController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_users * * @copyright (C) 2022 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Users\Administrator\Controller; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Date\Date; use Joomla\CMS\Event\MultiFactor\NotifyActionLog; use Joomla\CMS\Event\MultiFactor\Validate; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Router\Route; use Joomla\CMS\Uri\Uri; use Joomla\CMS\User\UserFactoryAwareInterface; use Joomla\CMS\User\UserFactoryAwareTrait; use Joomla\Component\Users\Administrator\Model\BackupcodesModel; use Joomla\Component\Users\Administrator\Model\CaptiveModel; use Joomla\Input\Input; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Captive Multi-factor Authentication page controller * * @since 4.2.0 / class CaptiveController extends BaseController implements UserFactoryAwareInterface { use UserFactoryAwareTrait; /* * Public constructor * * @param array $config Plugin configuration * @param ?MVCFactoryInterface $factory MVC Factory for the com_users component * @param ?CMSApplication $app CMS application object * @param ?Input $input Joomla CMS input object * * @since 4.2.0 / public function __construct(array $config = [], ?MVCFactoryInterface $factory = null, ?CMSApplication $app = null, ?Input $input = null) { parent::__construct($config, $factory, $app, $input); $this->registerTask('captive', 'display'); } /* * Displays the captive login page * * @param boolean $cachable Ignored. This page is never cached. * @param boolean\|array $urlparams Ignored. This page is never cached. * * @return void * @throws \Exception * @since 4.2.0 / public function display($cachable = false, $urlparams = false): void { $user = $this->app->getIdentity() ?: $this->getUserFactory()->loadUserById(0); // Only allow logged in Users if ($user->guest) { throw new \RuntimeException(Text::_('JERROR_ALERTNOAUTHOR'), 403); } // Get the view object $viewLayout = $this->input->get('layout', 'default', 'string'); $view = $this->getView( 'Captive', 'html', '', [ 'base_path' => $this->basePath, 'layout' => $viewLayout, ] ); $view->document = $this->app->getDocument(); // If we're already logged in go to the site's home page if ((int) $this->app->getSession()->get('com_users.mfa_checked', 0) === 1) { $url = Route::_('index.php?option=com_users&task=methods.display', false); $this->setRedirect($url); } // Pass the model to the view /* @var CaptiveModel $model / $model = $this->getModel('Captive'); $view->setModel($model, true); /* @var BackupcodesModel $codesModel / $codesModel = $this->getModel('Backupcodes'); $view->setModel($codesModel, false); try { // Suppress all modules on the page except those explicitly allowed $model->suppressAllModules(); } catch (\Exception) { // If we can't kill the modules we can still survive. } // Pass the MFA record ID to the model $recordId = $this->input->getInt('record_id', null); $model->setState('record_id', $recordId); // Do not go through $this->display() because it overrides the model. $view->display(); } /* * Validate the MFA code entered by the user * * @param bool $cachable Ignored. This page is never cached. * @param array $urlparameters Ignored. This page is never cached. * * @return void * @throws \Exception * @since 4.2.0 / public function validate($cachable = false, $urlparameters = []) { // CSRF Check $this->checkToken($this->input->getMethod()); // Get the MFA parameters from the request $recordId = $this->input->getInt('record_id', null); $code = $this->input->get('code', null, 'raw'); /* @var CaptiveModel $model / $model = $this->getModel('Captive'); // Validate the MFA record $model->setState('record_id', $recordId); $record = $model->getRecord(); if (empty($record)) { $event = new NotifyActionLog('onComUsersCaptiveValidateInvalidMethod'); $this->app->getDispatcher()->dispatch($event->getName(), $event); throw new \RuntimeException(Text::_('COM_USERS_MFA_INVALID_METHOD'), 500); } if (!$model->checkTryLimit($record)) { // The try limit is reached, show error and return $captiveURL = Route::_('index.php?option=com_users&view=captive&task=select', false); $message = Text::_('COM_USERS_MFA_TRY_LIMIT_REACHED'); $this->setRedirect($captiveURL, $message, 'error'); $event = new NotifyActionLog('onComUsersCaptiveValidateTryLimitReached'); $this->app->getDispatcher()->dispatch($event->getName(), $event); return; } // Validate the code $user = $this->app->getIdentity() ?: $this->getUserFactory()->loadUserById(0); $event = new Validate($record, $user, $code); $results = $this->app ->getDispatcher() ->dispatch($event->getName(), $event) ->getArgument('result', []); $isValidCode = false; if ($record->method === 'backupcodes') { /* @var BackupcodesModel $codesModel / $codesModel = $this->getModel('Backupcodes'); $results = [$codesModel->isBackupCode($code, $user)]; /* * This is required! Do not remove! * * There is a store() call below. It saves the in-memory MFA record to the database. That includes the * options key which contains the configuration of the Method. For backup codes, these are the actual codes * you can use. When we check for a backup code validity we also "burn" it, i.e. we remove it from the * options table and save that to the database. However, this DOES NOT update the $record here. Therefore * the call to saveRecord() would overwrite the database contents with a record that _includes_ the backup * code we had just burned. As a result the single use backup codes end up being multiple use. * * By doing a getRecord() here, right after we have "burned" any correct backup codes, we resolve this * issue. The loaded record will reflect the database contents where the options DO NOT include the code we * just used. Therefore the call to store() will result in the correct database state, i.e. the used backup * code being removed. / $record = $model->getRecord(); } $isValidCode = array_reduce( $results, function (bool $carry, $result) { return $carry \|\| \boolval($result); }, false ); if (!$isValidCode) { // The code is wrong. Display an error and go back. $captiveURL = Route::_('index.php?option=com_users&view=captive&record_id=' . $recordId, false); $message = Text::_('COM_USERS_MFA_INVALID_CODE'); $this->setRedirect($captiveURL, $message, 'error'); $event = new NotifyActionLog('onComUsersCaptiveValidateFailed', [$record->title]); $this->app->getDispatcher()->dispatch($event->getName(), $event); return; } // Update the Last Used, UA and IP columns $jNow = Date::getInstance(); $record->last_used = $jNow->toSql(); $record->tries = 0; $record->last_try = null; $record->store(); // Flag the user as fully logged in $session = $this->app->getSession(); $session->set('com_users.mfa_checked', 1); $session->set('com_users.mandatory_mfa_setup', 0); // Get the return URL stored by the plugin in the session $returnUrl = $session->get('com_users.return_url', ''); // If the return URL is not set or not internal to this site redirect to the site's front page if (empty($returnUrl) \|\| !Uri::isInternal($returnUrl)) { $returnUrl = Uri::base(); } $this->setRedirect($returnUrl); $event = new NotifyActionLog('onComUsersCaptiveValidateSuccess', [$record->title]); $this->app->getDispatcher()->dispatch($event->getName(), $event); } } PK��!�\|W�/��/��UserController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_users * * @copyright (C) 2007 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Users\Administrator\Controller; use Joomla\CMS\Access\Access; use Joomla\CMS\MVC\Controller\FormController; use Joomla\CMS\MVC\Model\BaseDatabaseModel; use Joomla\CMS\Router\Route; use Joomla\CMS\Uri\Uri; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * User controller class. * * @since 1.6 / class UserController extends FormController { /* * @var string The prefix to use with controller messages. * @since 1.6 / protected $text_prefix = 'COM_USERS_USER'; /* * Overrides Joomla\CMS\MVC\Controller\FormController::allowEdit * * Checks that non-Super Admins are not editing Super Admins. * * @param array $data An array of input data. * @param string $key The name of the key for the primary key. * * @return boolean True if allowed, false otherwise. * * @since 1.6 / protected function allowEdit($data = [], $key = 'id') { // Check if this person is a Super Admin if (Access::check($data[$key], 'core.admin')) { // If I'm not a Super Admin, then disallow the edit. if (!$this->app->getIdentity()->authorise('core.admin')) { return false; } } // Allow users to edit their own account if (isset($data[$key]) && (int) $this->app->getIdentity()->id === (int) $data[$key]) { return true; } return parent::allowEdit($data, $key); } /* * Override parent cancel to redirect when using status edit account. * * @param string $key The name of the primary key of the URL variable. * * @return boolean True if access level checks pass, false otherwise. * * @since 4.0.0 / public function cancel($key = null) { $result = parent::cancel(); if ($return = $this->input->get('return', '', 'BASE64')) { $return = base64_decode($return); // Don't redirect to an external URL. if (!Uri::isInternal($return)) { $return = Uri::base(); } $this->app->redirect($return); } return $result; } /* * Override parent save to redirect when using status edit account. * * @param string $key The name of the primary key of the URL variable. * @param string $urlVar The name of the URL variable if different from the primary key (sometimes required to avoid router collisions). * * @return boolean True if successful, false otherwise. * * @since 4.0.0 / public function save($key = null, $urlVar = null) { $result = parent::save($key, $urlVar); $task = $this->getTask(); if ($task === 'save' && $return = $this->input->get('return', '', 'BASE64')) { $return = base64_decode($return); // Don't redirect to an external URL. if (!Uri::isInternal($return)) { $return = Uri::base(); } $this->setRedirect($return); } // If a user has to renew a password but has no permission for users if ($task === 'save' && !$this->app->getIdentity()->authorise('core.manage', 'com_users')) { $this->setRedirect(Uri::base()); } return $result; } /* * Method to run batch operations. * * @param object $model The model. * * @return boolean True on success, false on failure * * @since 2.5 / public function batch($model = null) { $this->checkToken(); // Set the model $model = $this->getModel('User', 'Administrator', []); // Preset the redirect $this->setRedirect(Route::_('index.php?option=com_users&view=users' . $this->getRedirectToListAppend(), false)); return parent::batch($model); } /* * Function that allows child controller access to model data after the data has been saved. * * @param BaseDatabaseModel $model The data model object. * @param array $validData The validated data. * * @return void * * @since 3.1 / protected function postSaveHook(BaseDatabaseModel $model, $validData = []) { } } PK��!�2�l��StyleController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_templates * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Templates\Administrator\Controller; use Joomla\CMS\Application\CMSWebApplicationInterface; use Joomla\CMS\Form\Form; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\FormController; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Template style controller class. * * @since 1.6 / class StyleController extends FormController { /* * The prefix to use with controller messages. * * @var string * @since 1.6 / protected $text_prefix = 'COM_TEMPLATES_STYLE'; /* * Method to save a template style. * * @param string $key The name of the primary key of the URL variable. * @param string $urlVar The name of the URL variable if different from the primary key (sometimes required to avoid router collisions). * * @return boolean True if successful, false otherwise. * * @since 1.6 / public function save($key = null, $urlVar = null) { $this->checkToken(); if ($this->app->getDocument()->getType() === 'json') { $model = $this->getModel('Style', 'Administrator'); $table = $model->getTable(); $data = $this->input->post->get('params', [], 'array'); $checkin = $table->hasField('checked_out'); $context = $this->option . '.edit.' . $this->context; $item = $model->getItem($this->app->getTemplate(true)->id); // Setting received params $item->set('params', $data); $data = $item->getProperties(); unset($data['xml']); $key = $table->getKeyName(); // Access check. if (!$this->allowSave($data, $key)) { $this->app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return false; } Form::addFormPath(JPATH_ADMINISTRATOR . '/components/com_templates/forms'); // Validate the posted data. // Sometimes the form needs some posted data, such as for plugins and modules. $form = $model->getForm($data, false); if (!$form) { $this->app->enqueueMessage($model->getError(), 'error'); return false; } // Test whether the data is valid. $validData = $model->validate($form, $data); if ($validData === false) { // Get the validation messages. $errors = $model->getErrors(); // Push up to three validation messages out to the user. for ($i = 0, $n = \count($errors); $i < $n && $i < 3; $i++) { if ($errors[$i] instanceof \Exception) { $this->app->enqueueMessage($errors[$i]->getMessage(), CMSWebApplicationInterface::MSG_ERROR); } else { $this->app->enqueueMessage($errors[$i], CMSWebApplicationInterface::MSG_ERROR); } } // Save the data in the session. $this->app->setUserState($context . '.data', $data); return false; } if (!isset($validData['tags'])) { $validData['tags'] = null; } // Attempt to save the data. if (!$model->save($validData)) { // Save the data in the session. $this->app->setUserState($context . '.data', $validData); $this->app->enqueueMessage(Text::sprintf('JLIB_APPLICATION_ERROR_SAVE_FAILED', $model->getError()), 'error'); return false; } // Save succeeded, so check-in the record. if ($checkin && $model->checkin($validData[$key]) === false) { // Save the data in the session. $this->app->setUserState($context . '.data', $validData); // Check-in failed, so go back to the record and display a notice. $this->app->enqueueMessage(Text::sprintf('JLIB_APPLICATION_ERROR_CHECKIN_FAILED', $model->getError()), 'error'); return false; } // Redirect the user and adjust session state // Set the record data in the session. $recordId = $model->getState($this->context . '.id'); $this->holdEditId($context, $recordId); $this->app->setUserState($context . '.data', null); $model->checkout($recordId); // Invoke the postSave method to allow for the child class to access the model. $this->postSaveHook($model, $validData); return true; } return parent::save($key, $urlVar); } } PK��!��U�Iߓ��ߓ��TemplateController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_templates * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Templates\Administrator\Controller; use Joomla\CMS\Application\CMSApplication; use Joomla\CMS\Application\CMSWebApplicationInterface; use Joomla\CMS\Filter\InputFilter; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\BaseController; use Joomla\CMS\MVC\Factory\MVCFactoryInterface; use Joomla\CMS\Plugin\PluginHelper; use Joomla\CMS\Router\Route; use Joomla\CMS\Session\Session; use Joomla\Filesystem\Path; use Joomla\Input\Input; use Joomla\Utilities\ArrayHelper; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Template style controller class. * * @since 1.6 / class TemplateController extends BaseController { /* * Constructor. * * @param array $config An optional associative array of configuration settings. * @param ?MVCFactoryInterface $factory The factory. * @param ?CMSApplication $app The Application for the dispatcher * @param ?Input $input Input * * @since 1.6 * @see BaseController / public function __construct($config = [], ?MVCFactoryInterface $factory = null, $app = null, $input = null) { parent::__construct($config, $factory, $app, $input); $this->registerTask('apply', 'save'); $this->registerTask('unpublish', 'publish'); $this->registerTask('publish', 'publish'); $this->registerTask('deleteOverrideHistory', 'publish'); } /* * Method for closing the template. * * @return void * * @since 3.2 / public function cancel() { $this->setRedirect(Route::_('index.php?option=com_templates&view=templates', false)); } /* * Method for closing a file. * * @return void * * @since 3.2 / public function close() { $file = base64_encode('home'); $id = (int) $this->input->get('id', 0, 'int'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } /* * Marked as Checked/Unchecked of override history. * * @return void * * @since 4.0.0 / public function publish() { // Check for request forgeries. $this->checkToken(); $file = $this->input->get('file'); $id = $this->input->get('id'); $ids = (array) $this->input->get('cid', [], 'string'); $values = ['publish' => 1, 'unpublish' => 0, 'deleteOverrideHistory' => -3]; $task = $this->getTask(); $value = ArrayHelper::getValue($values, $task, 0, 'int'); if (empty($ids)) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_NO_FILE_SELECTED'), 'warning'); } else { / @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel(); // Change the state of the records. if (!$model->publish($ids, $value, $id)) { $this->setMessage(implode('<br>', $model->getErrors()), 'warning'); } else { if ($value === 1) { $ntext = 'COM_TEMPLATES_N_OVERRIDE_CHECKED'; } elseif ($value === 0) { $ntext = 'COM_TEMPLATES_N_OVERRIDE_UNCHECKED'; } elseif ($value === -3) { $ntext = 'COM_TEMPLATES_N_OVERRIDE_DELETED'; } $this->setMessage(Text::plural($ntext, \count($ids))); } } $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } /* * Method for copying the template. * * @return boolean true on success, false otherwise * * @since 3.2 / public function copy() { // Check for request forgeries $this->checkToken(); $app = $this->app; $this->input->set('installtype', 'folder'); $newNameRaw = $this->input->get('new_name', null, 'string'); // Only accept letters, numbers and underscore for template name $newName = preg_replace('/[^a-zA-Z0-9_]/', '', $newNameRaw); $templateID = (int) $this->input->getInt('id', 0); $file = (string) $this->input->get('file', '', 'cmd'); // Access check. if (!$this->allowEdit()) { $app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return false; } $this->setRedirect('index.php?option=com_templates&view=template&id=' . $templateID . '&file=' . $file); / @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel('Template', 'Administrator'); $model->setState('new_name', $newName); $model->setState('tmp_prefix', uniqid('template_copy_')); $model->setState('to_path', $app->get('tmp_path') . '/' . $model->getState('tmp_prefix')); // Process only if we have a new name entered if (\strlen($newName) > 0) { if (!$this->app->getIdentity()->authorise('core.create', 'com_templates')) { // User is not authorised to delete $this->setMessage(Text::_('COM_TEMPLATES_ERROR_CREATE_NOT_PERMITTED'), 'error'); return false; } // Check that new name is valid if (($newNameRaw !== null) && ($newName !== $newNameRaw)) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_INVALID_TEMPLATE_NAME'), 'error'); return false; } // Check that new name doesn't already exist if (!$model->checkNewName()) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_DUPLICATE_TEMPLATE_NAME'), 'error'); return false; } // Check that from name does exist and get the folder name $fromName = $model->getFromName(); if (!$fromName) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_INVALID_FROM_NAME'), 'error'); return false; } // Call model's copy method if (!$model->copy()) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_COULD_NOT_COPY'), 'error'); return false; } // Call installation model $this->input->set('install_directory', $app->get('tmp_path') . '/' . $model->getState('tmp_prefix')); /* @var \Joomla\Component\Installer\Administrator\Model\InstallModel $installModel / $installModel = $this->app->bootComponent('com_installer') ->getMVCFactory()->createModel('Install', 'Administrator'); $this->app->getLanguage()->load('com_installer'); if (!$installModel->install()) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_COULD_NOT_INSTALL'), 'error'); return false; } $this->setMessage(Text::sprintf('COM_TEMPLATES_COPY_SUCCESS', $newName)); $model->cleanup(); return true; } $this->setMessage(Text::sprintf('COM_TEMPLATES_ERROR_INVALID_TEMPLATE_NAME'), 'error'); return false; } /* * Method to get a model object, loading it if required. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config Configuration array for model. Optional (note, the empty array is atypical compared to other models). * * @return \Joomla\CMS\MVC\Model\BaseDatabaseModel The model. * * @since 3.2 / public function getModel($name = 'Template', $prefix = 'Administrator', $config = []) { return parent::getModel($name, $prefix, $config); } /* * Method to check if you can add a new record. * * @return boolean * * @since 3.2 / protected function allowEdit() { return $this->app->getIdentity()->authorise('core.admin'); } /* * Saves a template source file. * * @return void * * @since 3.2 / public function save() { // Check for request forgeries. $this->checkToken(); $data = $this->input->post->get('jform', [], 'array'); $task = $this->getTask(); /* @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel(); $fileName = (string) $this->input->getCmd('file', ''); $explodeArray = explode(':', str_replace('//', '/', base64_decode($fileName))); // Access check. if (!$this->allowEdit()) { $this->setMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return; } // Match the stored id's with the submitted. if (empty($data['extension_id']) \|\| empty($data['filename'])) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_SOURCE_ID_FILENAME_MISMATCH'), 'error'); return; } if ($data['extension_id'] != $model->getState('extension.id')) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_SOURCE_ID_FILENAME_MISMATCH'), 'error'); return; } if (str_ends_with(end($explodeArray), Path::clean($data['filename'], '/'))) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_SOURCE_ID_FILENAME_MISMATCH'), 'error'); return; } // Validate the posted data. $form = $model->getForm(); if (!$form) { $this->setMessage($model->getError(), 'error'); return; } $data = $model->validate($form, $data); // Check for validation errors. if ($data === false) { // Get the validation messages. $errors = $model->getErrors(); // Push up to three validation messages out to the user. for ($i = 0, $n = \count($errors); $i < $n && $i < 3; $i++) { if ($errors[$i] instanceof \Exception) { $this->app->enqueueMessage($errors[$i]->getMessage(), CMSWebApplicationInterface::MSG_ERROR); } else { $this->app->enqueueMessage($errors[$i], CMSWebApplicationInterface::MSG_ERROR); } } // Redirect back to the edit screen. $url = 'index.php?option=com_templates&view=template&id=' . $model->getState('extension.id') . '&file=' . $fileName . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); return; } // Attempt to save the data. if (!$model->save($data)) { // Redirect back to the edit screen. $this->setMessage(Text::sprintf('JERROR_SAVE_FAILED', $model->getError()), 'warning'); $url = 'index.php?option=com_templates&view=template&id=' . $model->getState('extension.id') . '&file=' . $fileName . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); return; } $this->setMessage(Text::_('COM_TEMPLATES_FILE_SAVE_SUCCESS')); // Redirect the user based on the chosen task. switch ($task) { case 'apply': // Redirect back to the edit screen. $url = 'index.php?option=com_templates&view=template&id=' . $model->getState('extension.id') . '&file=' . $fileName . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); break; default: // Redirect to the list screen. $file = base64_encode('home'); $id = (int) $this->input->get('id', 0, 'int'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); break; } } /* * Method for creating override. * * @return void * * @since 3.2 / public function overrides() { // Check for request forgeries. $this->checkToken('get'); / @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel(); $file = (string) $this->input->getCmd('file', ''); $override = (string) InputFilter::getInstance( [], [], InputFilter::ONLY_BLOCK_DEFINED_TAGS, InputFilter::ONLY_BLOCK_DEFINED_ATTRIBUTES ) ->clean(base64_decode($this->input->getBase64('folder', '')), 'path'); $id = (int) $this->input->get('id', 0, 'int'); // Access check. if (!$this->allowEdit()) { $this->app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return; } $model->createOverride($override); // Redirect back to the edit screen. $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } /* * Method for deleting a file. * * @return void * * @since 3.2 / public function delete() { // Check for request forgeries $this->checkToken(); / @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel(); $id = (int) $this->input->get('id', 0, 'int'); $file = (string) $this->input->getCmd('file', ''); // Access check. if (!$this->allowEdit()) { $this->app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return; } if (base64_decode(urldecode($file)) == '/index.php') { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_INDEX_DELETE'), 'warning'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } elseif (base64_decode(urldecode($file)) == '/joomla.asset.json') { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_ASSET_FILE_DELETE'), 'warning'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } elseif ($model->deleteFile($file)) { $this->setMessage(Text::_('COM_TEMPLATES_FILE_DELETE_SUCCESS')); $file = base64_encode('home'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } else { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_FILE_DELETE'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } } /* * Method for creating a new file. * * @return void * * @since 3.2 / public function createFile() { // Check for request forgeries $this->checkToken(); / @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel(); $id = (int) $this->input->get('id', 0, 'int'); $file = (string) $this->input->get('file', '', 'cmd'); $name = (string) $this->input->get('name', '', 'cmd'); $location = (string) InputFilter::getInstance( [], [], InputFilter::ONLY_BLOCK_DEFINED_TAGS, InputFilter::ONLY_BLOCK_DEFINED_ATTRIBUTES ) ->clean(base64_decode($this->input->getBase64('address', '')), 'path'); $type = (string) $this->input->get('type', '', 'cmd'); // Access check. if (!$this->allowEdit()) { $this->app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return; } if ($type == 'null') { $this->setMessage(Text::_('COM_TEMPLATES_INVALID_FILE_TYPE'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } elseif (!preg_match('/^(?!\.)(?!.\.$)(?!.\.\.)[a-zA-Z0-9_.-]+$/', $name)) { $this->setMessage(Text::_('COM_TEMPLATES_INVALID_FILE_NAME'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } elseif ($model->createFile($name, $type, $location)) { $this->setMessage(Text::_('COM_TEMPLATES_FILE_CREATE_SUCCESS')); $file = urlencode(base64_encode($location . '/' . $name . '.' . $type)); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } else { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_FILE_CREATE'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } } /* * Method for uploading a file. * * @return void * * @since 3.2 / public function uploadFile() { // Check for request forgeries $this->checkToken(); / @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel(); $id = (int) $this->input->get('id', 0, 'int'); $file = (string) $this->input->getCmd('file', ''); $upload = $this->input->files->get('files'); $location = (string) InputFilter::getInstance( [], [], InputFilter::ONLY_BLOCK_DEFINED_TAGS, InputFilter::ONLY_BLOCK_DEFINED_ATTRIBUTES ) ->clean(base64_decode($this->input->getBase64('address', '')), 'path'); // Access check. if (!$this->allowEdit()) { $this->app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return; } if ($return = $model->uploadFile($upload, $location)) { $this->setMessage(Text::sprintf('COM_TEMPLATES_FILE_UPLOAD_SUCCESS', $upload['name'])); $redirect = base64_encode($return); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $redirect . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } else { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_FILE_UPLOAD'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } } /* * Method for creating a new folder. * * @return void * * @since 3.2 / public function createFolder() { // Check for request forgeries $this->checkToken(); /* @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel(); $id = (int) $this->input->get('id', 0, 'int'); $file = (string) $this->input->getCmd('file', ''); $name = $this->input->get('name'); $location = (string) InputFilter::getInstance( [], [], InputFilter::ONLY_BLOCK_DEFINED_TAGS, InputFilter::ONLY_BLOCK_DEFINED_ATTRIBUTES ) ->clean(base64_decode($this->input->getBase64('address', '')), 'path'); // Access check. if (!$this->allowEdit()) { $this->app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return; } if (!preg_match('/^[a-zA-Z0-9-_.]+$/', $name)) { $this->setMessage(Text::_('COM_TEMPLATES_INVALID_FOLDER_NAME'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } elseif ($model->createFolder($name, $location)) { $this->setMessage(Text::_('COM_TEMPLATES_FOLDER_CREATE_SUCCESS')); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } else { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_FOLDER_CREATE'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } } /* * Method for deleting a folder. * * @return void * * @since 3.2 / public function deleteFolder() { // Check for request forgeries $this->checkToken(); /* @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel(); $id = (int) $this->input->get('id', 0, 'int'); $isMedia = (int) $this->input->get('isMedia', 0, 'int'); $file = (string) $this->input->getCmd('file', ''); $location = (string) InputFilter::getInstance( [], [], InputFilter::ONLY_BLOCK_DEFINED_TAGS, InputFilter::ONLY_BLOCK_DEFINED_ATTRIBUTES ) ->clean(base64_decode($this->input->getBase64('address', '')), 'path'); // Access check. if (!$this->allowEdit()) { $this->app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return; } if (empty($location)) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_ROOT_DELETE'), 'warning'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $isMedia; $this->setRedirect(Route::_($url, false)); } elseif ($model->deleteFolder($location)) { $this->setMessage(Text::_('COM_TEMPLATES_FOLDER_DELETE_SUCCESS')); if (stristr(base64_decode($file), $location)) { $file = base64_encode('home'); } $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $isMedia; $this->setRedirect(Route::_($url, false)); } else { $this->setMessage(Text::_('COM_TEMPLATES_FOLDER_DELETE_ERROR'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $isMedia; $this->setRedirect(Route::_($url, false)); } } /* * Method for renaming a file. * * @return void * * @since 3.2 / public function renameFile() { // Check for request forgeries $this->checkToken(); /* @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel(); $id = (int) $this->input->get('id', 0, 'int'); $isMedia = (int) $this->input->get('isMedia', 0, 'int'); $file = (string) $this->input->getCmd('file', ''); $newName = $this->input->get('new_name'); // Access check. if (!$this->allowEdit()) { $this->app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return; } if (base64_decode(urldecode($file)) == '/index.php') { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_RENAME_INDEX'), 'warning'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $isMedia; $this->setRedirect(Route::_($url, false)); } elseif (base64_decode(urldecode($file)) == '/joomla.asset.json') { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_RENAME_ASSET_FILE'), 'warning'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $isMedia; $this->setRedirect(Route::_($url, false)); } elseif (!preg_match('/^(?!\.)(?!.\.$)(?!.\.\.)[a-zA-Z0-9_.-]+$/', $newName)) { $this->setMessage(Text::_('COM_TEMPLATES_INVALID_FILE_NAME'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $isMedia; $this->setRedirect(Route::_($url, false)); } elseif ($rename = $model->renameFile($file, $newName)) { $this->setMessage(Text::_('COM_TEMPLATES_FILE_RENAME_SUCCESS')); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $rename . '&isMedia=' . $isMedia; $this->setRedirect(Route::_($url, false)); } else { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_FILE_RENAME'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $isMedia; $this->setRedirect(Route::_($url, false)); } } /* * Method for cropping an image. * * @return void * * @since 3.2 / public function cropImage() { // Check for request forgeries $this->checkToken(); $id = (int) $this->input->get('id', 0, 'int'); $file = (string) $this->input->get('file', '', 'cmd'); $x = $this->input->get('x'); $y = $this->input->get('y'); $w = $this->input->get('w'); $h = $this->input->get('h'); /* @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel(); // Access check. if (!$this->allowEdit()) { $this->app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return; } if (empty($w) && empty($h) && empty($x) && empty($y)) { $this->setMessage(Text::_('COM_TEMPLATES_CROP_AREA_ERROR'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } elseif ($model->cropImage($file, $w, $h, $x, $y)) { $this->setMessage(Text::_('COM_TEMPLATES_FILE_CROP_SUCCESS')); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } else { $this->setMessage(Text::_('COM_TEMPLATES_FILE_CROP_ERROR'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } } /* * Method for resizing an image. * * @return void * * @since 3.2 / public function resizeImage() { // Check for request forgeries $this->checkToken(); $id = (int) $this->input->get('id', 0, 'int'); $file = (string) $this->input->getCmd('file', ''); $width = $this->input->get('width'); $height = $this->input->get('height'); /* @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel(); // Access check. if (!$this->allowEdit()) { $this->app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return; } if ($model->resizeImage($file, $width, $height)) { $this->setMessage(Text::_('COM_TEMPLATES_FILE_RESIZE_SUCCESS')); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } else { $this->setMessage(Text::_('COM_TEMPLATES_FILE_RESIZE_ERROR'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } } /* * Method for copying a file. * * @return void * * @since 3.2 / public function copyFile() { // Check for request forgeries $this->checkToken(); $id = (int) $this->input->get('id', 0, 'int'); $file = (string) $this->input->getCmd('file', ''); $newName = $this->input->get('new_name'); $location = (string) InputFilter::getInstance( [], [], InputFilter::ONLY_BLOCK_DEFINED_TAGS, InputFilter::ONLY_BLOCK_DEFINED_ATTRIBUTES ) ->clean(base64_decode($this->input->getBase64('address', '')), 'path'); /* @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel(); // Access check. if (!$this->allowEdit()) { $this->app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return; } if (!preg_match('/^[a-zA-Z0-9-_]+$/', $newName)) { $this->setMessage(Text::_('COM_TEMPLATES_INVALID_FILE_NAME'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } elseif ($model->copyFile($newName, $location, $file)) { $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } else { $this->setMessage(Text::_('COM_TEMPLATES_FILE_COPY_FAIL'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file . '&isMedia=' . $this->input->getInt('isMedia', 0); $this->setRedirect(Route::_($url, false)); } } /* * Method for extracting an archive file. * * @return void * * @since 3.2 / public function extractArchive() { // Check for request forgeries $this->checkToken(); $id = (int) $this->input->get('id', 0, 'int'); $file = (string) $this->input->getCmd('file', ''); /* @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel(); // Access check. if (!$this->allowEdit()) { $this->app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return; } if ($model->extractArchive($file)) { $this->setMessage(Text::_('COM_TEMPLATES_FILE_ARCHIVE_EXTRACT_SUCCESS')); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file; $this->setRedirect(Route::_($url, false)); } else { $this->setMessage(Text::_('COM_TEMPLATES_FILE_ARCHIVE_EXTRACT_FAIL'), 'error'); $url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file; $this->setRedirect(Route::_($url, false)); } } /* * Fetch and report updates in \JSON format, for AJAX requests * * @return void * * @since 4.0.0 / public function ajax() { $app = $this->app; if (!Session::checkToken('get')) { $app->setHeader('status', 403, true); $app->sendHeaders(); echo Text::_('JINVALID_TOKEN_NOTICE'); $app->close(); } // Checks status of installer override plugin. if (!PluginHelper::isEnabled('installer', 'override')) { $error = ['installerOverride' => 'disabled']; echo json_encode($error); $app->close(); } /* @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel(); $result = $model->getUpdatedList(true, true); echo json_encode($result); $app->close(); } /* * Method for creating a child template. * * @return boolean true on success, false otherwise * * @since 4.1.0 / public function child() { // Check for request forgeries $this->checkToken(); // Access check. if (!$this->allowEdit()) { $this->app->enqueueMessage(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'), 'error'); return false; } $this->input->set('installtype', 'folder'); $newNameRaw = $this->input->get('new_name', null, 'string'); // Only accept letters, numbers and underscore for template name $newName = preg_replace('/[^a-zA-Z0-9_]/', '', $newNameRaw); $templateID = (int) $this->input->getInt('id', 0); $file = (string) $this->input->get('file', '', 'cmd'); $extraStyles = (array) $this->input->get('style_ids', [], 'array'); $this->setRedirect('index.php?option=com_templates&view=template&id=' . $templateID . '&file=' . $file); / @var \Joomla\Component\Templates\Administrator\Model\TemplateModel $model / $model = $this->getModel('Template', 'Administrator'); $model->setState('new_name', $newName); $model->setState('tmp_prefix', uniqid('template_child_')); $model->setState('to_path', $this->app->get('tmp_path') . '/' . $model->getState('tmp_prefix')); // Process only if we have a new name entered if (!\strlen($newName)) { $this->setMessage(Text::sprintf('COM_TEMPLATES_ERROR_INVALID_TEMPLATE_NAME'), 'error'); return false; } // Process only if user is allowed to create child template if (!$this->app->getIdentity()->authorise('core.create', 'com_templates')) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_CREATE_NOT_PERMITTED'), 'error'); return false; } // Check that new name is valid if (($newNameRaw !== null) && ($newName !== $newNameRaw)) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_INVALID_TEMPLATE_NAME'), 'error'); return false; } // Check that new name doesn't already exist if (!$model->checkNewName()) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_DUPLICATE_TEMPLATE_NAME'), 'error'); return false; } // Check that from name does exist and get the folder name $fromName = $model->getFromName(); if (!$fromName) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_INVALID_FROM_NAME'), 'error'); return false; } // Call model's copy method if (!$model->child()) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_COULD_NOT_COPY'), 'error'); return false; } // Call installation model $this->input->set('install_directory', $this->app->get('tmp_path') . '/' . $model->getState('tmp_prefix')); /* @var \Joomla\Component\Installer\Administrator\Model\InstallModel $installModel / $installModel = $this->app->bootComponent('com_installer') ->getMVCFactory()->createModel('Install', 'Administrator'); $this->app->getLanguage()->load('com_installer'); if (!$installModel->install()) { $this->setMessage(Text::_('COM_TEMPLATES_ERROR_COULD_NOT_INSTALL'), 'error'); return false; } $this->setMessage(Text::sprintf('COM_TEMPLATES_CHILD_SUCCESS', $newName)); $model->cleanup(); if (\count($extraStyles) > 0) { $model->setState('stylesToCopy', $extraStyles); $model->copyStyles(); } return true; } } PK��!��StylesController.phpnu��[��<?php /* * @package Joomla.Administrator * @subpackage com_templates * * @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\Component\Templates\Administrator\Controller; use Joomla\CMS\Language\Text; use Joomla\CMS\MVC\Controller\AdminController; use Joomla\CMS\MVC\Model\BaseDatabaseModel; // phpcs:disable PSR1.Files.SideEffects \defined('_JEXEC') or die; // phpcs:enable PSR1.Files.SideEffects /* * Template styles list controller class. * * @since 1.6 / class StylesController extends AdminController { /* * Method to clone and existing template style. * * @return void / public function duplicate() { // Check for request forgeries $this->checkToken(); $pks = (array) $this->input->post->get('cid', [], 'int'); // Remove zero values resulting from input filter $pks = array_filter($pks); try { if (empty($pks)) { throw new \Exception(Text::_('COM_TEMPLATES_NO_TEMPLATE_SELECTED')); } $model = $this->getModel(); $model->duplicate($pks); $this->setMessage(Text::_('COM_TEMPLATES_SUCCESS_DUPLICATED')); } catch (\Exception $e) { $this->app->enqueueMessage($e->getMessage(), 'error'); } $this->setRedirect('index.php?option=com_templates&view=styles'); } /* * Proxy for getModel. * * @param string $name The model name. Optional. * @param string $prefix The class prefix. Optional. * @param array $config Configuration array for model. Optional. * * @return BaseDatabaseModel * * @since 1.6 / public function getModel($name = 'Style', $prefix = 'Administrator', $config = []) { return parent::getModel($name, $prefix, ['ignore_request' => true]); } /* * Method to set the home template for a client. * * @return void * * @since 1.6 / public function setDefault() { // Check for request forgeries $this->checkToken(); $pks = (array) $this->input->post->get('cid', [], 'int'); // Remove zero values resulting from input filter $pks = array_filter($pks); try { if (empty($pks)) { throw new \Exception(Text::_('COM_TEMPLATES_NO_TEMPLATE_SELECTED')); } // Pop off the first element. $id = array_shift($pks); /* @var \Joomla\Component\Templates\Administrator\Model\StyleModel $model / $model = $this->getModel(); $model->setHome($id); $this->setMessage(Text::_('COM_TEMPLATES_SUCCESS_HOME_SET')); } catch (\Exception $e) { $this->setMessage($e->getMessage(), 'warning'); } $this->setRedirect('index.php?option=com_templates&view=styles'); } /* * Method to unset the default template for a client and for a language * * @return void * * @since 1.6 / public function unsetDefault() { // Check for request forgeries $this->checkToken('request'); $pks = (array) $this->input->get->get('cid', [], 'int'); // Remove zero values resulting from input filter $pks = array_filter($pks); try { if (empty($pks)) { throw new \Exception(Text::_('COM_TEMPLATES_NO_TEMPLATE_SELECTED')); } // Pop off the first element. $id = array_shift($pks); /* @var \Joomla\Component\Templates\Administrator\Model\StyleModel $model / $model = $this->getModel(); $model->unsetHome($id); $this->setMessage(Text::_('COM_TEMPLATES_SUCCESS_HOME_UNSET')); } catch (\Exception $e) { $this->setMessage($e->getMessage(), 'warning'); } $this->setRedirect('index.php?option=com_templates&view=styles'); } } PK��!��`�Y��Y��DisplayController.phpnu��[��PK��!��=� �� TagsController.phpnu��[��PK��!�� '��CategoriesController.phpnu��[��PK��!�IKA �� "��RequestsController.phpnu��[��PK��!��"#�[��[��+��ConsentsController.phpnu��[��PK��!�/��1��AjaxserverController.phpnu��[��PK��!�PRN]� �� 9��CpanelController.phpnu��[��PK��!��NL��C��MessagesController.phpnu��[��PK��!��X̠��`��ConfigController.phpnu��[��PK��!��f��MeetingsController.phpnu��[��PK��!�<ȱ�� p��RoomsController.phpnu��[��PK��!��V�� y��index.htmlnu��[��PK��!� ��z��LamessagesController.phpnu��[��PK��!��!��UsersController.phpnu��[��PK��!��-��-��RecorderController.phpnu��[��PK��!��.�9v��v��v��EmoticonsController.phpnu��[��PK��!��1?w��w��3��PluginController.phpnu��[��PK��!��7�H3��H3��ApiController.phpnu��[��PK��!��N��w�NewsfeedController.phpnu��[��PK��!�5aǂ��K$�AjaxController.phpnu��[��PK��!�?f�E��/�NewsfeedsController.phpnu��[��PK��!��7dd`��`��6�GroupsController.phpnu��[��PK��!��9� �� E�GroupController.phpnu��[��PK��!��Rg1��1��M�FieldController.phpnu��[��PK��!�{��6��We�FieldsController.phpnu��[��PK��!��q&��&��l�RequestController.phpnu��[��PK��!��6~��~��x�ComponentController.phpnu��[��PK��!��zx[%��[%��֓�ApplicationController.phpnu��[��PK��!�Ǿ8f��f��z��UpdatesController.phpnu��[��PK��!��^l��%��BaseController.phpnu��[��PK��!�C^=��=�� NotificationController.phpnu��[��PK��!� ��HealthcheckController.phpnu��[��PK��!�7��MessageController.phpnu��[��PK��!�g��S ��S ��InstallController.phpnu��[��PK��!�A�v��UpdateController.phpnu��[��PK��!��fG�0��0��1�ManageController.phpnu��[��PK��!�1pǔT ��T ��?Q�DiscoverController.phpnu��[��PK��!�� [�DatabaseController.phpnu��[��PK��!��.�W��g�UpdatesitesController.phpnu��[��PK��!��D��D��-z�UpdatesiteController.phpnu��[��PK��!��\��i��i��\|�Controller.phpnu��[��PK��!��/U��U�� DatabasefiltersController.phpnu��[��PK��!��eEF��F��!��ConfigurationwizardController.phpnu��[��PK��!��c�>��>��F��ProfileController.phpnu��[��PK��!�)�1m��m��BackupController.phpnu��[��PK��!�`wW7��z�StatisticController.phpnu��[��PK��!�AG��#�FilefiltersController.phpnu��[��PK��!��m�~�$��$��&�ControlpanelController.phpnu��[��PK��!��y��K�BrowserController.phpnu��[��PK��!�G7��&��&��8S�RemotefilesController.phpnu��[��PK��!�� z�UpgradeController.phpnu��[��PK��!��&mW��y��PushController.phpnu��[��PK��!��;K��K��ProfilesController.phpnu��[��PK��!�j܊j)+��)+��5��ConfigurationController.phpnu��[��PK��!��L�\��LogController.phpnu��[��PK��!�\��*��TagController.phpnu��[��PK��!�1V�R{��{��ActionlogsController.phpnu��[��PK��!�Ƞ�C��C��F��FeedsController.phpnu��[��PK��!�]�2� �� SuggestionsController.phpnu��[��PK��!��1>0��0��ClientController.phpnu��[��PK��!��$�s��ClientsController.phpnu��[��PK��!��Q��TracksController.phpnu��[��PK��!��A4�0��0��)�BannersController.phpnu��[��PK��!��5��}9�BannerController.phpnu��[��PK��!�lS�=��=��E�ContactsController.phpnu��[��PK��!�!� ,��AX�ContactController.phpnu��[��PK��!� ^RB�>��>��\o�MethodController.phpnu��[��PK��!�&��T��NoteController.phpnu��[��PK��!�@�_q��q��q��MailController.phpnu��[��PK��!�nm��$��NotesController.phpnu��[��PK��!��N�;��k��LevelsController.phpnu��[��PK��!��5-1��MethodsController.phpnu��[��PK��!��X ��X ��CallbackController.phpnu��[��PK��!��kq��p��LevelController.phpnu��[��PK��!��#��#��=��CaptiveController.phpnu��[��PK��!�\|W�/��/��^ �UserController.phpnu��[��PK��!�2�l��2�StyleController.phpnu��[��PK��!��U�Iߓ��ߓ��F�TemplateController.phpnu��[��PK��!��StylesController.phpnu��[��PK��O�O�I��q��

| ver. 1.1 | | . | PHP 8.4.18 | Ð“ÐµÐ½ÐµÑ€Ð°Ñ†Ð¸Ñ ÑÑ‚Ñ€Ð°Ð½Ð¸Ñ†Ñ‹: 0.04 | proxy | phpinfo | ÐÐ°ÑÑ‚Ñ€Ð¾Ð¹ÐºÐ°