<?php
// no direct access
defined('_JEXEC') or die;

use Joomla\CMS\Plugin\CMSPlugin;
use Joomla\CMS\Factory;
use Joomla\CMS\Helper\ModuleHelper;
use Joomla\CMS\HTML\HTMLHelper;
use Joomla\CMS\Plugin\PluginHelper;

class plgContentLMArtPlug extends CMSPlugin {
	
	function __construct( &$subject, $params )
	{
		parent::__construct( $subject, $params );
		$this->loadLanguage();
	}

	/*
	 * Insertion avant contenu article
	 */
  	public function onContentBeforeDisplay($context, &$article, &$params)
	{
		$app = Factory::getApplication();
		if($app->isClient('administrator') || $this->params->get('lmap_content_before','') == ''){
			return '';
		}
		return $this->getContent($article, 'lmap_content_before');
	}
	
	/*
	 * Insertion après contenu article
	 */
	public function onContentAfterDisplay($context, &$article, &$params)
	{
		$app = Factory::getApplication();
		if($app->isClient('administrator') || $this->params->get('lmap_content_after','') == ''){
			return '';
		}
		return $this->getContent($article, 'lmap_content_after');
	}

	/*
	 * Insertion avant contenu article
	 */
	private function getContent($article, $position)
	{
		$app = Factory::getApplication();
		
		// == Selon categories
		// lmap_cat_inclus : 0-exclus, 1-inclus
		// lmap_cat_niv    : 0-aucun,  1-un sous-niveau
		// lmap_catid      : id(s) des catégories
		
		$lmap_catid = $this->params->get('lmap_catid', array());
		if (in_array('all', $lmap_catid)) {
			if (!$this->params->get('lmap_cat_inclus',1)) {return;}
		} else {
			$ok = in_array($article->catid, $lmap_catid)
			     || ($this->params->get('lmap_cat_niv',1) && in_array($article->parent_id, $lmap_catid));
			if ($ok XOR $this->params->get('lmap_cat_inclus', 1)) {return;}
		}
		
		//=== Actif selon niveau d'access
		$user = Factory::getUser();
		if (!$this->params->get('lmap_access_guest',1) && $user->guest) {
			return;
		}

		//=== selon homepage
		// méthode classique qui ne distingue pas le blog
		// $menu = $app->getMenu();
		// $homepage = ($menu->getActive() == $menu->getDefault());
		$root_link = str_replace('index.php','',JUri::root());
		$current_link = preg_replace('/index.php/','',JUri::current());
		$homepage = ($current_link == $root_link);
	
		switch ($this->params->get('lmap_homepage','always')) { 
			case 'always': $ok = true; break;
			case 'only'	 : $ok = $homepage; break;
			case 'except': $ok = !$homepage; break;
		}

		if (!$ok) {return;}

		//=== selon type vue
		// tous, en vue article, en vue blog (categorie et vedette)
		$view_article = (Factory::getApplication()->input->getCmd('view', '') == 'article');
		switch ($this->params->get('lmap_view', 'all')) { 
			case 'all': $ok = true; break;
			case 'article': $ok = $view_article; break;
			case 'blog': $ok = !$view_article; break;
		}
		if (!$ok) {return;}

		//=== Actif selon device
		// dump($this->isMobile(),'IsMobile');
		switch ($this->params->get('lmap_filterMobile','always')) { 
			case 'always': $ok = true; break;
			case 'mobile': $ok = $this->isMobile(); break;
			case 'desktop': $ok = !$this->isMobile(); break;
		}
		if (!$ok) {return;}

		//=== Texte à insérer
		$contents = $this->params->get($position, '');

		//-- Recherche code PHP
		$regexp = '/(.*?)<\?php\s+(.*?)\?>(.*)/s';
		$found = preg_match($regexp, $contents, $matches);
		while ($found) {
			$phpcode = $matches[2];
			global $errmsg;
			if ($this->check_php($phpcode)) {
				ob_start();
				eval($phpcode);
				$output = ob_get_contents();
				ob_end_clean();
			} else {
				$output = "command not allowed: <b>$errmsg</b>";
			}
			$contents = $matches[1] . $output . $matches[3];
			$found = preg_match($regexp, $contents, $matches);
		}

		//-- Recherche loadposition (merci lefabdu51)
		$regexp = '#{loadposition (.*)}#i';
		$found = preg_match($regexp, $contents, $matches);
		$output = '';
		while ($found) {
			$modules = ModuleHelper::getModules($matches[1]);
			foreach ($modules as $module) {
				$output .= ModuleHelper::renderModule($module);
			}
			$contents = str_replace($matches[0], $output, $contents);
			$found = preg_match($regexp, $contents, $matches);
		}
		
		//-- Code à insérer
					PluginHelper::importPlugin('content');
			$contents = HTMLHelper::_('content.prepare', $contents);

		return '<div class="LMArtPlug">'.$contents.'</div>';
	}

	/**
	 * Retourne vrai si execution sur mobile
	 **/
    function isMobile() {
		return preg_match("/(avantgo|blackberry|bolt|boost|cricket|docomo|fone|hiptop|mini|mobi|palm|phone|pie|tablet|up\.browser|up\.link|webos|wos)/i", $_SERVER["HTTP_USER_AGENT"]);
	}

	/**
	 * test les commandes interdites en PHP (merci DirectPHP)
	 **/
	function check_php($code) {
		global $errmsg;
		$block_list = explode(' ','basename chgrp chmod chown clearstatcache copy delete dirname disk_free_space disk_total_space diskfreespace fclose feof fflush fgetc fgetcsv fgets fgetss file_exists file_get_contents file_put_contents file fileatime filectime filegroup fileinode filemtime fileowner fileperms filesize filetype flock fnmatch fopen fpassthru fputcsv fputs fread fscanf fseek fstat ftell ftruncate fwrite glob lchgrp lchown link linkinfo lstat move_uploaded_file opendir parse_ini_file pathinfo pclose popen readfile readdir readllink realpath rename rewind rmdir set_file_buffer stat symlink tempnam tmpfile touch umask unlink fsockopen system exec passthru escapeshellcmd pcntl_exec proc_open proc_close mkdir rmdir');

		$status = 1;

		$function_list = array();
		if (preg_match_all('/([a-zA-Z0-9_]+)\s*[(|"|\']/s', $code, $matches)) {
			$function_list = $matches[1];
		}
		if (preg_match('/`(.*?)`/s', $code)) {
			$status = 0;
			$errmsg = 'backticks (``)';
			return $status;
		}
		if (preg_match('/\$database\s*->\s*([a-zA-Z0-9_]+)\s*[(|"|\']/s', $code, $matches)) {
			$status = 0;
			$errmsg = 'database->'.$matches[1];
			return $status;
		}
		foreach($function_list as $command) {
			if (in_array($command, $block_list)) {
				$status = 0;
				$errmsg = $command;
				break;
			}
		}
		return $status;
	}
	
}
?>