/libraries/legacy/component/helper.php

https://bitbucket.org/eternaware/joomus · PHP · 414 lines · 238 code · 51 blank · 125 comment · 31 complexity · c7018c8e843d7569e4d5c2ffbed7e41f MD5 · raw file

  1. <?php
  2. /**
  3. * @package Joomla.Legacy
  4. * @subpackage Component
  5. *
  6. * @copyright Copyright (C) 2005 - 2012 Open Source Matters, Inc. All rights reserved.
  7. * @license GNU General Public License version 2 or later; see LICENSE
  8. */
  9. defined('JPATH_PLATFORM') or die;
  10. /**
  11. * Component helper class
  12. *
  13. * @package Joomla.Legacy
  14. * @subpackage Component
  15. * @since 11.1
  16. */
  17. class JComponentHelper
  18. {
  19. /**
  20. * The component list cache
  21. *
  22. * @var array
  23. * @since 11.1
  24. */
  25. protected static $components = array();
  26. /**
  27. * Get the component information.
  28. *
  29. * @param string $option The component option.
  30. * @param boolean $strict If set and the component does not exist, the enabled attribute will be set to false.
  31. *
  32. * @return object An object with the information for the component.
  33. *
  34. * @since 11.1
  35. */
  36. public static function getComponent($option, $strict = false)
  37. {
  38. if (!isset(self::$components[$option]))
  39. {
  40. if (self::_load($option))
  41. {
  42. $result = self::$components[$option];
  43. }
  44. else
  45. {
  46. $result = new stdClass;
  47. $result->enabled = $strict ? false : true;
  48. $result->params = new JRegistry;
  49. }
  50. }
  51. else
  52. {
  53. $result = self::$components[$option];
  54. }
  55. return $result;
  56. }
  57. /**
  58. * Checks if the component is enabled
  59. *
  60. * @param string $option The component option.
  61. *
  62. * @return boolean
  63. *
  64. * @since 11.1
  65. */
  66. public static function isEnabled($option)
  67. {
  68. $result = self::getComponent($option, true);
  69. return $result->enabled;
  70. }
  71. /**
  72. * Gets the parameter object for the component
  73. *
  74. * @param string $option The option for the component.
  75. * @param boolean $strict If set and the component does not exist, false will be returned
  76. *
  77. * @return JRegistry A JRegistry object.
  78. *
  79. * @see JRegistry
  80. * @since 11.1
  81. */
  82. public static function getParams($option, $strict = false)
  83. {
  84. $component = self::getComponent($option, $strict);
  85. return $component->params;
  86. }
  87. /**
  88. * Applies the global text filters to arbitrary text as per settings for current user groups
  89. *
  90. * @param string $text The string to filter
  91. *
  92. * @return string The filtered string
  93. *
  94. * @since 11.4
  95. */
  96. public static function filterText($text)
  97. {
  98. // Filter settings
  99. $config = self::getParams('com_config');
  100. $user = JFactory::getUser();
  101. $userGroups = JAccess::getGroupsByUser($user->get('id'));
  102. $filters = $config->get('filters');
  103. $blackListTags = array();
  104. $blackListAttributes = array();
  105. $customListTags = array();
  106. $customListAttributes = array();
  107. $whiteListTags = array();
  108. $whiteListAttributes = array();
  109. $noHtml = false;
  110. $whiteList = false;
  111. $blackList = false;
  112. $customList = false;
  113. $unfiltered = false;
  114. // Cycle through each of the user groups the user is in.
  115. // Remember they are included in the Public group as well.
  116. foreach ($userGroups as $groupId)
  117. {
  118. // May have added a group by not saved the filters.
  119. if (!isset($filters->$groupId))
  120. {
  121. continue;
  122. }
  123. // Each group the user is in could have different filtering properties.
  124. $filterData = $filters->$groupId;
  125. $filterType = strtoupper($filterData->filter_type);
  126. if ($filterType == 'NH')
  127. {
  128. // Maximum HTML filtering.
  129. $noHtml = true;
  130. }
  131. elseif ($filterType == 'NONE')
  132. {
  133. // No HTML filtering.
  134. $unfiltered = true;
  135. }
  136. else
  137. {
  138. // Black or white list.
  139. // Preprocess the tags and attributes.
  140. $tags = explode(',', $filterData->filter_tags);
  141. $attributes = explode(',', $filterData->filter_attributes);
  142. $tempTags = array();
  143. $tempAttributes = array();
  144. foreach ($tags as $tag)
  145. {
  146. $tag = trim($tag);
  147. if ($tag)
  148. {
  149. $tempTags[] = $tag;
  150. }
  151. }
  152. foreach ($attributes as $attribute)
  153. {
  154. $attribute = trim($attribute);
  155. if ($attribute)
  156. {
  157. $tempAttributes[] = $attribute;
  158. }
  159. }
  160. // Collect the black or white list tags and attributes.
  161. // Each list is cummulative.
  162. if ($filterType == 'BL')
  163. {
  164. $blackList = true;
  165. $blackListTags = array_merge($blackListTags, $tempTags);
  166. $blackListAttributes = array_merge($blackListAttributes, $tempAttributes);
  167. }
  168. elseif ($filterType == 'CBL')
  169. {
  170. // Only set to true if Tags or Attributes were added
  171. if ($tempTags || $tempAttributes)
  172. {
  173. $customList = true;
  174. $customListTags = array_merge($customListTags, $tempTags);
  175. $customListAttributes = array_merge($customListAttributes, $tempAttributes);
  176. }
  177. }
  178. elseif ($filterType == 'WL')
  179. {
  180. $whiteList = true;
  181. $whiteListTags = array_merge($whiteListTags, $tempTags);
  182. $whiteListAttributes = array_merge($whiteListAttributes, $tempAttributes);
  183. }
  184. }
  185. }
  186. // Remove duplicates before processing (because the black list uses both sets of arrays).
  187. $blackListTags = array_unique($blackListTags);
  188. $blackListAttributes = array_unique($blackListAttributes);
  189. $customListTags = array_unique($customListTags);
  190. $customListAttributes = array_unique($customListAttributes);
  191. $whiteListTags = array_unique($whiteListTags);
  192. $whiteListAttributes = array_unique($whiteListAttributes);
  193. // Unfiltered assumes first priority.
  194. if ($unfiltered)
  195. {
  196. // Dont apply filtering.
  197. }
  198. else
  199. {
  200. // Custom blacklist precedes Default blacklist
  201. if ($customList)
  202. {
  203. $filter = JFilterInput::getInstance(array(), array(), 1, 1);
  204. // Override filter's default blacklist tags and attributes
  205. if ($customListTags)
  206. {
  207. $filter->tagBlacklist = $customListTags;
  208. }
  209. if ($customListAttributes)
  210. {
  211. $filter->attrBlacklist = $customListAttributes;
  212. }
  213. }
  214. // Black lists take second precedence.
  215. elseif ($blackList)
  216. {
  217. // Remove the white-listed tags and attributes from the black-list.
  218. $blackListTags = array_diff($blackListTags, $whiteListTags);
  219. $blackListAttributes = array_diff($blackListAttributes, $whiteListAttributes);
  220. $filter = JFilterInput::getInstance($blackListTags, $blackListAttributes, 1, 1);
  221. // Remove white listed tags from filter's default blacklist
  222. if ($whiteListTags)
  223. {
  224. $filter->tagBlacklist = array_diff($filter->tagBlacklist, $whiteListTags);
  225. }
  226. // Remove white listed attributes from filter's default blacklist
  227. if ($whiteListAttributes)
  228. {
  229. $filter->attrBlacklist = array_diff($filter->attrBlacklist);
  230. }
  231. }
  232. // White lists take third precedence.
  233. elseif ($whiteList)
  234. {
  235. // Turn off XSS auto clean
  236. $filter = JFilterInput::getInstance($whiteListTags, $whiteListAttributes, 0, 0, 0);
  237. }
  238. // No HTML takes last place.
  239. else
  240. {
  241. $filter = JFilterInput::getInstance();
  242. }
  243. $text = $filter->clean($text, 'html');
  244. }
  245. return $text;
  246. }
  247. /**
  248. * Render the component.
  249. *
  250. * @param string $option The component option.
  251. * @param array $params The component parameters
  252. *
  253. * @return object
  254. *
  255. * @since 11.1
  256. * @throws Exception
  257. */
  258. public static function renderComponent($option, $params = array())
  259. {
  260. $app = JFactory::getApplication();
  261. // Load template language files.
  262. $template = $app->getTemplate(true)->template;
  263. $lang = JFactory::getLanguage();
  264. $lang->load('tpl_' . $template, JPATH_BASE, null, false, false)
  265. || $lang->load('tpl_' . $template, JPATH_THEMES . "/$template", null, false, false)
  266. || $lang->load('tpl_' . $template, JPATH_BASE, $lang->getDefault(), false, false)
  267. || $lang->load('tpl_' . $template, JPATH_THEMES . "/$template", $lang->getDefault(), false, false);
  268. if (empty($option))
  269. {
  270. throw new Exception(JText::_('JLIB_APPLICATION_ERROR_COMPONENT_NOT_FOUND'), 404);
  271. }
  272. // Record the scope
  273. $scope = $app->scope;
  274. // Set scope to component name
  275. $app->scope = $option;
  276. // Build the component path.
  277. $option = preg_replace('/[^A-Z0-9_\.-]/i', '', $option);
  278. $file = substr($option, 4);
  279. // Define component path.
  280. define('JPATH_COMPONENT', JPATH_BASE . '/components/' . $option);
  281. define('JPATH_COMPONENT_SITE', JPATH_SITE . '/components/' . $option);
  282. define('JPATH_COMPONENT_ADMINISTRATOR', JPATH_ADMINISTRATOR . '/components/' . $option);
  283. $path = JPATH_COMPONENT . '/' . $file . '.php';
  284. // If component is disabled throw error
  285. if (!self::isEnabled($option) || !file_exists($path))
  286. {
  287. throw new Exception(JText::_('JLIB_APPLICATION_ERROR_COMPONENT_NOT_FOUND'), 404);
  288. }
  289. $task = $app->input->getString('task');
  290. // Load common and local language files.
  291. $lang->load($option, JPATH_BASE, null, false, false) || $lang->load($option, JPATH_COMPONENT, null, false, false)
  292. || $lang->load($option, JPATH_BASE, $lang->getDefault(), false, false)
  293. || $lang->load($option, JPATH_COMPONENT, $lang->getDefault(), false, false);
  294. // Handle template preview outlining.
  295. $contents = null;
  296. // Execute the component.
  297. $contents = self::executeComponent($path);
  298. // Revert the scope
  299. $app->scope = $scope;
  300. return $contents;
  301. }
  302. /**
  303. * Execute the component.
  304. *
  305. * @param string $path The component path.
  306. *
  307. * @return string The component output
  308. *
  309. * @since 11.3
  310. */
  311. protected static function executeComponent($path)
  312. {
  313. ob_start();
  314. require_once $path;
  315. $contents = ob_get_contents();
  316. ob_end_clean();
  317. return $contents;
  318. }
  319. /**
  320. * Load the installed components into the components property.
  321. *
  322. * @param string $option The element value for the extension
  323. *
  324. * @return boolean True on success
  325. *
  326. * @since 11.1
  327. */
  328. protected static function _load($option)
  329. {
  330. $db = JFactory::getDbo();
  331. $query = $db->getQuery(true);
  332. $query->select('extension_id AS id, element AS "option", params, enabled');
  333. $query->from('#__extensions');
  334. $query->where($query->qn('type') . ' = ' . $db->quote('component'));
  335. $query->where($query->qn('element') . ' = ' . $db->quote($option));
  336. $db->setQuery($query);
  337. $cache = JFactory::getCache('_system', 'callback');
  338. try
  339. {
  340. self::$components[$option] = $cache->get(array($db, 'loadObject'), null, $option, false);
  341. }
  342. catch (RuntimeException $e)
  343. {
  344. // Fatal error.
  345. JLog::add(JText::sprintf('JLIB_APPLICATION_ERROR_COMPONENT_NOT_LOADING', $option, $error), JLog::WARNING, 'jerror');
  346. return false;
  347. }
  348. if (empty(self::$components[$option]))
  349. {
  350. // Fatal error.
  351. JLog::add(JText::sprintf('JLIB_APPLICATION_ERROR_COMPONENT_NOT_LOADING', $option, $error), JLog::WARNING, 'jerror');
  352. return false;
  353. }
  354. // Convert the params to an object.
  355. if (is_string(self::$components[$option]->params))
  356. {
  357. $temp = new JRegistry;
  358. $temp->loadString(self::$components[$option]->params);
  359. self::$components[$option]->params = $temp;
  360. }
  361. return true;
  362. }
  363. }