File Manager

Current Directory: /home/astoriaah/www/administrator/components/com_gdpr/models
Viewing File: /home/astoriaah/www/administrator/components/com_gdpr/models/config.php
<?php // namespace administrator\components\com_gdpr\models; /** * * @package GDPR::CONFIG::administrator::components::com_gdpr * @subpackage models * @author Joomla! Extensions Store * @copyright (C) 2018 - Joomla! Extensions Store * @license GNU/GPLv2 http://www.gnu.org/licenses/gpl-2.0.html */ defined ( '_JEXEC' ) or die ( 'Restricted access' ); jimport('joomla.application.component.modelform'); /** * Config model responsibilities * * @package GDPR::CONFIG::administrator::components::com_gdpr * @subpackage models * @since 1.6 */ interface IConfigModel { /** * Ottiene i dati di configurazione da db params field record component * * @access public * @return Object */ public function &getData(); /** * Effettua lo store dell'entity config * * @access public * @return boolean */ public function storeEntity(); /** * Reset all consents for #__user_profiles table to request a new privacy policy update greement * * @access public * @param boolean $yearlyReset * @return boolean */ public function resetAllConsents($yearlyReset); } /** * Config model concrete implementation * * @package GDPR::CONFIG::administrator::components::com_gdpr * @subpackage models * @since 1.6 */ class GdprModelConfig extends JModelForm implements IConfigModel { /** * Variables in request array * * @access protected * @var Object */ protected $requestArray; /** * Clean the cache * @param string $group The cache group * @param integer $client_id The ID of the client * @return void * @since 11.1 */ private function cleanComponentCache($group = null, $client_id = 0) { // Initialise variables; $conf = JFactory::getConfig(); $dispatcher = JDispatcher::getInstance(); $options = array( 'defaultgroup' => ($group) ? $group : $this->app->input->get('option'), 'cachebase' => ($client_id) ? JPATH_ADMINISTRATOR . '/cache' : $conf->get('cache_path', JPATH_SITE . '/cache')); $cache = JCache::getInstance('callback', $options); $cache->clean(); // Trigger the onContentCleanCache event. $dispatcher->trigger('onContentCleanCache', $options); } /** * Ottiene i dati di configurazione da db params field record component * * @access public * @return Object */ private function &getConfigData() { $instance = JComponentHelper::getParams('com_gdpr'); return $instance; } /** * Effettua lo storing dell'asset delle permissions sul component level * * @access protected * @return boolean */ protected function storePermissionsAsset($data) { // Save the rules. if (isset ( $data ['params'] ) && isset ( $data ['params'] ['rules'] )) { $form = $this->getForm ( $data ); // Validate the posted data. $postedRules = $this->validate ( $form, $data ['params'] ); $rules = new JAccessRules ( $postedRules ['rules'] ); $asset = JTable::getInstance ( 'asset' ); if (! $asset->loadByName ( $data ['option'] )) { $root = JTable::getInstance ( 'asset' ); $root->loadByName ( 'root.1' ); $asset->name = $data ['option']; $asset->title = $data ['option']; $asset->setLocation ( $root->id, 'last-child' ); } $asset->rules = ( string ) $rules; if (! $asset->check () || ! $asset->store ()) { $this->setError ( $asset->getError () ); return false; } } return true; } /** * Kill CB redirection to avoid redirect loop * * @access protected * @return boolean */ protected function killCBRedirectionPlugin() { if($cbPlugin = JPluginHelper::getPlugin('system', 'communitybuilder')) { $cbParams = json_decode($cbPlugin->params); $cbParams->redirect_urls = 0; $cbParams->rewrite_urls = 0; $updatedParams = json_encode($cbParams); $query = "UPDATE " . $this->_db->quoteName('#__extensions') . "\n SET " . $this->_db->quoteName('params') . " = " . $this->_db->quote($updatedParams) . "\n WHERE " . $this->_db->quoteName('type') . " = " . $this->_db->quote('plugin') . "\n AND " . $this->_db->quoteName('folder') . " = " . $this->_db->quote('system') . "\n AND " . $this->_db->quoteName('element') . " = " . $this->_db->quote('communitybuilder'); try { $this->_db->setQuery($query)->execute(); } catch (Exception $e) { // No errors go on } } return true; } /** * Method to get a form object. * * @param array $data Data for the form. * @param boolean $loadData True if the form is to load its own data (default case), false if not. * * @return mixed A JForm object on success, false on failure * @since 1.6 */ public function getForm($data = array(), $loadData = true) { jimport ( 'joomla.form.form' ); JForm::addFormPath ( JPATH_ADMINISTRATOR . '/components/com_gdpr' ); // Get the form. $form = $this->loadForm ( 'com_gdpr.component', 'config', array ('control' => 'params', 'load_data' => $loadData ), false, '/config' ); if (empty ( $form )) { return false; } return $form; } /** * Ottiene i dati di configurazione del componente * * @access public * @return Object */ public function &getData() { return $this->getConfigData (); } /** * Effettua lo store dell'entity config * * @access public * @return boolean */ public function storeEntity() { $table = JTable::getInstance('extension'); try { // Found as installed extension if (!$extensionID = $table->find(array('element' => 'com_gdpr'))) { throw new GdprException($table->getError (), 'error'); } $table->load($extensionID); // Translate posted jform array to params for ORM table binding $post = $this->app->input->post; // Check if block users has been enabled and if CB is installed and redirecting if((int)@$this->requestArray['params']['block_privacypolicy'] == 1) { $currentParams = json_decode($table->params); $blockPrivacyPolicyCurrentStatus = $currentParams->block_privacypolicy; if(!$blockPrivacyPolicyCurrentStatus) { // Kill CB redirection plugin if any $this->killCBRedirectionPlugin(); } } if (!$table->bind ($post->getArray($this->requestArray))) { throw new GdprException($table->getError (), 'error'); } // Unserialize and replace offline_message param as RAW no filter - textareas $unserializedParams = json_decode($table->params); $unserializedParams->checkbox_template_container = strip_tags($this->requestArray['params']['checkbox_template_container'], '<div><span><p><dt><dd>'); $unserializedParams->checkbox_template_label = strip_tags($this->requestArray['params']['checkbox_template_label'], '<div><span><p><a><dt><dd>'); $unserializedParams->checkbox_template_controls = strip_tags($this->requestArray['params']['checkbox_template_controls'], '<div><span><p><dt><dd>'); $unserializedParams->placeholder_blocked_resources_text = strip_tags($this->requestArray['params']['placeholder_blocked_resources_text'], '<div><span><p><dt><dd>'); $unserializedParams->placeholder_invididual_blocked_resources_text = strip_tags($this->requestArray['params']['placeholder_invididual_blocked_resources_text'], '<div><span><p><dt><dd>'); $unserializedParams->cookie_policy_revocable_tab_text = strip_tags($this->requestArray['params']['cookie_policy_revocable_tab_text'], '<div><span><p><dt><dd><img><i>'); // Editors parameters, sanitize multilanguage strings if detected $unserializedParams->header = $this->requestArray['params']['header']; if(JString::strpos($unserializedParams->header, 'COM_GDPR_') !== false) { $unserializedParams->header = strip_tags($unserializedParams->header); } $unserializedParams->message = $this->requestArray['params']['message']; if(JString::strpos($unserializedParams->message, 'COM_GDPR_') !== false) { $unserializedParams->message = strip_tags($unserializedParams->message); } $unserializedParams->deny_message = $this->requestArray['params']['deny_message']; if(JString::strpos($unserializedParams->deny_message, 'COM_GDPR_') !== false) { $unserializedParams->deny_message = strip_tags($unserializedParams->deny_message); } $unserializedParams->databreach_email_content = $this->requestArray['params']['databreach_email_content']; if(JString::strpos($unserializedParams->databreach_email_content, 'COM_GDPR_') !== false) { $unserializedParams->databreach_email_content = strip_tags($unserializedParams->databreach_email_content); } $unserializedParams->databreach_garante_email_content = $this->requestArray['params']['databreach_garante_email_content']; if(JString::strpos($unserializedParams->databreach_garante_email_content, 'COM_GDPR_') !== false) { $unserializedParams->databreach_garante_email_content = strip_tags($unserializedParams->databreach_garante_email_content); } $unserializedParams->cookie_policy_contents = $this->requestArray['params']['cookie_policy_contents']; if(JString::strpos($unserializedParams->cookie_policy_contents, 'COM_GDPR_') !== false) { $unserializedParams->cookie_policy_contents = strip_tags($unserializedParams->cookie_policy_contents); } $unserializedParams->privacy_policy_contents = $this->requestArray['params']['privacy_policy_contents']; if(JString::strpos($unserializedParams->privacy_policy_contents, 'COM_GDPR_') !== false) { $unserializedParams->privacy_policy_contents = strip_tags($unserializedParams->privacy_policy_contents); } $unserializedParams->checkbox_contents = $this->requestArray['params']['checkbox_contents']; if(JString::strpos($unserializedParams->checkbox_contents, 'COM_GDPR_') !== false) { $unserializedParams->checkbox_contents = strip_tags($unserializedParams->checkbox_contents); } $unserializedParams->cookie_category1_description = $this->requestArray['params']['cookie_category1_description']; if(JString::strpos($unserializedParams->cookie_category1_description, 'COM_GDPR_') !== false) { $unserializedParams->cookie_category1_description = strip_tags($unserializedParams->cookie_category1_description); } $unserializedParams->cookie_category2_description = $this->requestArray['params']['cookie_category2_description']; if(JString::strpos($unserializedParams->cookie_category2_description, 'COM_GDPR_') !== false) { $unserializedParams->cookie_category2_description = strip_tags($unserializedParams->cookie_category2_description); } $unserializedParams->cookie_category3_description = $this->requestArray['params']['cookie_category3_description']; if(JString::strpos($unserializedParams->cookie_category3_description, 'COM_GDPR_') !== false) { $unserializedParams->cookie_category3_description = strip_tags($unserializedParams->cookie_category3_description); } $unserializedParams->cookie_category4_description = $this->requestArray['params']['cookie_category4_description']; if(JString::strpos($unserializedParams->cookie_category4_description, 'COM_GDPR_') !== false) { $unserializedParams->cookie_category4_description = strip_tags($unserializedParams->cookie_category4_description); } $table->params = json_encode($unserializedParams); // Check for security safe no TEXT field exceed if(JString::strlen($table->params) >= 65536) { throw new GdprException(JText::_('COM_GDPR_MAX_CHARACTER_LIMIT_EXCEED'), 'error'); } // pre-save checks if (!$table->check()) { throw new GdprException($table->getError (), 'error'); } // save the changes if (!$table->store()) { throw new GdprException($table->getError (), 'error'); } // save the changes if (! $this->storePermissionsAsset ( $post->getArray ( $this->requestArray ) )) { throw new GdprException ( JText::_ ( 'COM_GDPR_ERROR_STORING_PERMISSIONS' ), 'error' ); } } catch (GdprException $e) { $this->setError($e); return false; } catch (Exception $e) { $gdprException = new GdprException($e->getMessage(), 'error'); $this->setError($gdprException); return false; } // Clean the cache. $this->cleanComponentCache('_system', 0); $this->cleanComponentCache('_system', 1); return true; } /** * Reset all consents for #__user_profiles table to request a new privacy policy update greement * * @access public * @param boolean $yearlyReset * @return boolean */ public function resetAllConsents($yearlyReset){ $cParams = JComponentHelper::getParams('com_gdpr'); try { $userIDsToPurge = null; // Recover user IDs that have consented more than 1 year ago and reset only those consents if($yearlyReset) { $foundUserIDs = array(); $query = "SELECT" . "\n MAX(" . $this->_db->quotename('change_date') . ") AS " . $this->_db->quotename('changedate') . "," . "\n " . $this->_db->quotename('user_id') . "\n FROM " . $this->_db->quotename('#__gdpr_logs') . "\n WHERE " . $this->_db->quotename('changes_structure') . " = " . $this->_db->quote('{"changes":[]}') . "\n AND " . $this->_db->quotename('privacy_policy') . " = 1" . "\n GROUP BY " . $this->_db->quotename('user_id'); $userIDs = $this->_db->setQuery($query)->loadObjectList(); if(!empty($userIDs)) { foreach ($userIDs as $userIDToEvaluate) { if(strtotime($userIDToEvaluate->changedate) < strtotime("-1 year", time())) { $foundUserIDs[] = $userIDToEvaluate->user_id; } } } if(count($foundUserIDs)) { $userIDsToPurge = "\n AND " . $this->_db->quoteName('user_id') . " IN(" . implode(',', $foundUserIDs) . ")"; } else { return true; } } $queryReset = "UPDATE " . $this->_db->quoteName('#__user_profiles') . "\n SET " . $this->_db->quoteName('profile_value') . " = 0" . "\n WHERE " . $this->_db->quoteName('profile_key') . " = " . $this->_db->quote('gdpr_consent_status') . "\n AND " . $this->_db->quoteName('profile_value') . " = 1" . $userIDsToPurge; $this->_db->setQuery($queryReset); $this->_db->execute(); if($cParams->get('log_usernote_privacypolicy', 1)) { $query = "DELETE FROM " . $this->_db->quotename('#__user_notes') . "\n WHERE " . $this->_db->quotename('catid') . " = " .(int) $cParams->get('log_usernote_privacypolicy_category', 0) . "\n AND " . $this->_db->quotename('subject') . " = " . $this->_db->quote(JText::_('COM_GDPR_PRIVACY_ACCEPTED_SUBJECT')) . $userIDsToPurge; $this->_db->setQuery($query)->execute(); } if(version_compare(JVERSION, '3.9', '>=') && $cParams->get('log_userconsent_privacypolicy', 1)) { $query = "UPDATE " . $this->_db->quotename('#__privacy_consents') . "\n SET " . $this->_db->quotename('state') . " = -1" . "\n WHERE " . $this->_db->quotename('subject') . " = " . $this->_db->quote('COM_GDPR_PRIVACY_GDPR_ACCEPTED_SUBJECT') . "\n AND " . $this->_db->quotename('state') . " = 1" . $userIDsToPurge; $this->_db->setQuery($query)->execute(); } } catch (GdprException $e) { $this->setError($e); return false; } catch (Exception $e) { $gdprException = new GdprException($e->getMessage(), 'error'); $this->setError($gdprException); return false; } return true; } /** * Class contructor * * @access public * @return Object& */ public function __construct($config = array()) { parent::__construct($config); // App reference $this->app = JFactory::getApplication(); $this->requestArray = &$_POST; } }