<?php/** * @version $Id: contact.php 13031 2009-10-02 21:54:22Z louis $ *

1. <?php
2. /**
3. * @version $Id: contact.php 13031 2009-10-02 21:54:22Z louis $
4. * @package Joomla.Site
5. * @subpackage Contact
6. * @copyright Copyright (C) 2005 - 2009 Open Source Matters, Inc. All rights reserved.
7. * @license GNU General Public License version 2 or later; see LICENSE.txt
8. */
9.  
10. // No direct access
11. defined('_JEXEC') or die;
12.  
13. jimport('joomla.application.component.modelitem');
14. jimport('joomla.database.query');
15.  
16. /**
17. * @package Joomla.Site
18. * @subpackage Contact
19. */
20. class ContactModelContact extends JModelItem
21. {
22. /**
23. * Model context string.
24. *
25. * @var string
26. */
27. protected $_context = 'com_contact.contact';
28.  
29. /**
30. * Method to auto-populate the model state.
31. *
32. * @return void
33. */
34. protected function _populateState()
35. {
36. $app = &JFactory::getApplication('site');
37.  
38. // Load state from the request.
39. $pk = JRequest::getInt('id');
40. $this->setState('contact.id', $pk);
41.  
42. $offset = JRequest::getInt('limitstart');
43. $this->setState('list.offset', $offset);
44.  
45. // Load the parameters.
46. ## $params = $app->getParams();
47. ## $this->setState('params', $params);
48.  
49. // TODO: Tune these values based on other permissions.
50. $this->setState('filter.published', 1);
51. $this->setState('filter.archived', -1);
52. $this->setState('filter.access', true);
53. }
54.  
55. /**
56. * Method to get contact data.
57. *
58. * @param integer The id of the article.
59. *
60. * @return mixed Menu item data object on success, false on failure.
61. */
62. public function &getItem($pk = null)
63. {
64. // Initialise variables.
65. $pk = (!empty($pk)) ? $pk : (int) $this->getState('contact.id');
66. if ($this->_item === null) {
67. $this->_item = array();
68. }
69.  
70. if (!isset($this->_item[$pk]))
71. {
72. try
73. {
74. $query = new JQuery;
75.  
76. $query->select($this->getState('item.select', 'a.*'));
77. $query->from('#__contact_details AS a');
78.  
79. // Join on category table.
80. $query->select('c.title AS category_title, c.alias AS category_alias, c.access AS category_access');
81. $query->join('LEFT', '#__categories AS c on c.id = a.catid');
82.  
83.  
84. $query->where('a.id = '.(int) $pk);
85.  
86. // Filter by published state.
87. $published = $this->getState('filter.published');
88. $archived = $this->getState('filter.archived');
89. if (is_numeric($published)) {
90. $query->where('(a.published = '.(int) $published.' OR a.published ='.(int) $archived.')');
91. }
92.  
93.  
94. // Filter by access level.
95. if ($access = $this->getState('filter.access'))
96. {
97. $user = &JFactory::getUser();
98. $groups = implode(',', $user->authorisedLevels());
99. $query->where('a.access IN ('.$groups.')');
100. $query->where('(c.access IS NULL OR c.access IN ('.$groups.'))');
101. }
102.  
103. $this->_db->setQuery($query);
104.  
105. $data = $this->_db->loadObject();
106.  
107. if ($error = $this->_db->getErrorMsg()) {
108. throw new Exception($error);
109. }
110.  
111. if (empty($data)) {
112. throw new Exception(JText::_('Contact_Error_Contact_not_found'), 404);
113. }
114.  
115. // Check for published state if filter set.
116. if (((is_numeric($published))||(is_numeric($archived))) &&
117. (($data->published != $published ) && ( $data->state != $archived )))
118. {
119. throw new Exception(JText::_('Contact_Error_Contact_not_found'), 404);
120. }
121. // Convert parameter fields to objects.
122. $registry = new JRegistry;
123. ## $registry->loadJSON($data->params);
124. ## $data->params = clone $this->getState('params');
125. ## $data->params->merge($registry);
126. ##
127. // Compute access permissions.
128. if ($access)
129. {
130. // If the access filter has been set, we already know this user can view.
131. $data->params->set('access-view', true);
132. }
133. else
134. {
135. // If no access filter is set, the layout takes some responsibility for display of limited information.
136. $user = &JFactory::getUser();
137. $groups = $user->authorisedLevels();
138.  
139. if ($data->catid == 0 || $data->category_access === null) {
140. $data->params->set('access-view', in_array($data->access, $groups));
141. }
142. else {
143. $data->params->set('access-view', in_array($data->access, $groups) && in_array($data->category_access, $groups));
144. }
145. }
146. // TODO: Type 2 permission checks?
147.  
148. $this->_item[$pk] = $data;
149. }
150. catch (Exception $e)
151. {
152. $this->setError($e);
153. $this->_item[$pk] = false;
154. }
155. }
156.  
157. return $this->_item[$pk];
158. }
159.  
160. /**
161. * Method to send an email to a contact
162. *
163. * @static
164. * @since 1.0
165. */
166. function submit()
167. {
168. // Check for request forgeries
169. JRequest::checkToken() or jexit(JText::_('JInvalid_Token'));
170.  
171. // Initialise some variables
172. $app = &JFactory::getApplication();
173. $db = & JFactory::getDbo();
174. $SiteName = $app->getCfg('sitename');
175.  
176. $default = JText::sprintf('MAILENQUIRY', $SiteName);
177. $contactId = JRequest::getInt('id', 0, 'post');
178. $name = JRequest::getVar('name', '', 'post');
179. $email = JRequest::getVar('email', '', 'post');
180. $subject = JRequest::getVar('subject', $default, 'post');
181. $body = JRequest::getVar('text', '', 'post');
182. $emailCopy = JRequest::getInt('email_copy', 0, 'post');
183.  
184. // load the contact details
185. $model = &$this->getModel('contact');
186.  
187. // query options
188. $qOptions['id'] = $contactId;
189. $contact = $model->getContact($qOptions);
190.  
191. if ($contact->email_to == '' && $contact->user_id != 0)
192. {
193. $contact_user = JUser::getInstance($contact->user_id);
194. $contact->email_to = $contact_user->get('email');
195. }
196.  
197. /*
198. * If there is no valid email address or message body then we throw an
199. * error and return false.
200. */
201. jimport('joomla.mail.helper');
202. if (!$email || !$body || (JMailHelper::isEmailAddress($email) == false))
203. {
204. $this->setError(JText::_('CONTACT_FORM_NC'));
205. $this->display();
206. return false;
207. }
208.  
209. // Contact plugins
210. JPluginHelper::importPlugin('contact');
211. $dispatcher = &JDispatcher::getInstance();
212.  
213. // Input validation
214. if (!$this->_validateInputs($contact, $email, $subject, $body)) {
215. JError::raiseWarning(0, $this->getError());
216. return false;
217. }
218.  
219. // Custom handlers
220. $post = JRequest::get('post');
221. $results = $dispatcher->trigger('onValidateContact', array(&$contact, &$post));
222.  
223. foreach ($results as $result)
224. {
225. if (JError::isError($result)) {
226. return false;
227. }
228. }
229.  
230. // Passed Validation: Process the contact plugins to integrate with other applications
231. $results = $dispatcher->trigger('onSubmitContact', array(&$contact, &$post));
232.  
233. ## $pparams = &$app->getParams('com_contact');
234. if (!$pparams->get('custom_reply'))
235. {
236. $MailFrom = $app->getCfg('mailfrom');
237. $FromName = $app->getCfg('fromname');
238.  
239. // Prepare email body
240. $prefix = JText::sprintf('ENQUIRY_TEXT', JURI::base());
241. $body = $prefix."\n".$name.' <'.$email.'>'."\r\n\r\n".stripslashes($body);
242.  
243. $mail = JFactory::getMailer();
244.  
245. $mail->addRecipient($contact->email_to);
246. $mail->setSender(array($email, $name));
247. $mail->setSubject($FromName.': '.$subject);
248. $mail->setBody($body);
249.  
250. $sent = $mail->Send();
251.  
252. /*
253. * If we are supposed to copy the admin, do so.
254. */
255. // parameter check
256. $params = new JParameter($contact->params);
257. $emailcopyCheck = $params->get('show_email_copy', 0);
258.  
259. // check whether email copy function activated
260. if ($emailCopy && $emailcopyCheck)
261. {
262. $copyText = JText::sprintf('Copy of:', $contact->name, $SiteName);
263. $copyText .= "\r\n\r\n".$body;
264. $copySubject = JText::_('Copy of:')." ".$subject;
265.  
266. $mail = JFactory::getMailer();
267.  
268. $mail->addRecipient($email);
269. $mail->setSender(array($MailFrom, $FromName));
270. $mail->setSubject($copySubject);
271. $mail->setBody($copyText);
272.  
273. $sent = $mail->Send();
274. }
275. }
276.  
277. $msg = JText::_('Com_Contact_Contact_Email_Thanks');
278. //redirect if it is set
279. if ($this->contact->params->$link)
280. {
281. $link=$contact->redirect;
282. }
283. else
284. {
285. // stay on the same contact page
286.  
287. $link = JRoute::_('index.php?option=com_contact&view=contact&id='.(int) $contact->id, false);
288. }
289. $this->setRedirect($link, $msg);
290. }
291. /**
292. * Checks $text for values contained in the array $array, and sets error message if true...
293. *
294. * @param String $text Text to search against
295. * @param String $list semicolon (;) seperated list of banned values
296. * @return Boolean
297. * @access protected
298. * @since 1.5.4
299. */
300. function _checkText($text, $list) {
301. if (empty($list) || empty($text)) return true;
302. $array = explode(';', $list);
303. foreach ($array as $value) {
304. $value = trim($value);
305. if (empty($value)) continue;
306. if (JString::stristr($text, $value) !== false) {
307. return false;
308. }
309. }
310. return true;
311. }
312.  
313. }