/**
* Encode a location into a latitude and longitude, caching the result.
*
* Works by triggering the 'geocode' 'location' plugin
* hook, and requires a geocoding plugin to be installed.
*
* @param string $location The location, e.g. "London", or "24 Foobar Street, Gotham City"
* @return string|false
*/
function elgg_geocode_location($location)
{
global $CONFIG;
if (is_array($location)) {
return false;
}
$location = sanitise_string($location);
// Look for cached version
$query = "SELECT * from {$CONFIG->dbprefix}geocode_cache WHERE location='{$location}'";
$cached_location = get_data_row($query);
if ($cached_location) {
return array('lat' => $cached_location->lat, 'long' => $cached_location->long);
}
// Trigger geocode event if not cached
$return = false;
$return = elgg_trigger_plugin_hook('geocode', 'location', array('location' => $location), $return);
// If returned, cache and return value
if ($return && is_array($return)) {
$lat = (double) $return['lat'];
$long = (double) $return['long'];
// Put into cache at the end of the page since we don't really care that much
$query = "INSERT DELAYED INTO {$CONFIG->dbprefix}geocode_cache " . " (location, lat, `long`) VALUES ('{$location}', '{$lat}', '{$long}')" . " ON DUPLICATE KEY UPDATE lat='{$lat}', `long`='{$long}'";
execute_delayed_write_query($query);
}
return $return;
}
/**
* Find an API User's details based on the provided public api key.
* These users are not users in the traditional sense.
*
* @param string $api_key The API Key
*
* @return mixed stdClass representing the database row or false.
*/
function get_api_user($api_key)
{
$dbprefix = elgg_get_config('dbprefix');
$api_key = sanitise_string($api_key);
$query = "SELECT * from {$dbprefix}api_users" . " where api_key='{$api_key}' and active=1";
return get_data_row($query);
}
/**
* Get access collection by its name from database
*
* @param string $name Collection name
* @return stdClass
*/
public function getCollectionIdByName($name)
{
$name = sanitize_string($name);
$query = "SELECT * FROM {$this->dbprefix}access_collections\n\t\t\t\t\tWHERE name = '{$name}'";
$collection = get_data_row($query);
return $collection ? $collection->id : 0;
}
/**
* Create or update the extras table for a given object.
* Call create_entity first.
*
* @param int $guid The guid of the entity you're creating (as obtained by create_entity)
* @param string $title The title of the object
* @param string $description The object's description
*
* @return bool
*/
function create_object_entity($guid, $title, $description)
{
global $CONFIG;
$guid = (int) $guid;
$title = sanitise_string($title);
$description = sanitise_string($description);
$row = get_entity_as_row($guid);
if ($row) {
// Core entities row exists and we have access to it
$query = "SELECT guid from {$CONFIG->dbprefix}objects_entity where guid = {$guid}";
if ($exists = get_data_row($query)) {
$query = "UPDATE {$CONFIG->dbprefix}objects_entity\n\t\t\t\tset title='{$title}', description='{$description}' where guid={$guid}";
$result = update_data($query);
if ($result != false) {
// Update succeeded, continue
$entity = get_entity($guid);
elgg_trigger_event('update', $entity->type, $entity);
return $guid;
}
} else {
// Update failed, attempt an insert.
$query = "INSERT into {$CONFIG->dbprefix}objects_entity\n\t\t\t\t(guid, title, description) values ({$guid}, '{$title}','{$description}')";
$result = insert_data($query);
if ($result !== false) {
$entity = get_entity($guid);
if (elgg_trigger_event('create', $entity->type, $entity)) {
return $guid;
} else {
$entity->delete();
}
}
}
}
return false;
}
/**
* Find an API User's details based on the provided public api key.
* These users are not users in the traditional sense.
*
* @param int $site_guid The GUID of the site.
* @param string $api_key The API Key
*
* @return mixed stdClass representing the database row or false.
*/
function get_api_user($site_guid, $api_key)
{
global $CONFIG;
$api_key = sanitise_string($api_key);
$site_guid = (int) $site_guid;
$query = "SELECT * from {$CONFIG->dbprefix}api_users" . " where api_key='{$api_key}' and site_guid={$site_guid} and active=1";
return get_data_row($query);
}
/**
* Find an API User's details based on the provided public api key.
* These users are not users in the traditional sense.
*
* @param string $api_key Pulic API key
* @return \hypeJunction\Graph\ApiUser|false
*/
public function get($api_key)
{
$api_key = sanitise_string($api_key);
$row = get_data_row("SELECT * FROM {$this->dbprefix}api_users\n\t\t\t\t\t\t\t\tWHERE api_key='{$api_key}' AND site_guid={$this->site_guid} AND active=1");
if (!$row) {
return false;
}
return new ApiUser($row);
}
/**
* Return the site via a url.
*
* @param string $url The URL of a site
*
* @return mixed
*/
function get_site_by_url($url)
{
global $CONFIG;
$url = sanitise_string($url);
$row = get_data_row("SELECT * from {$CONFIG->dbprefix}sites_entity where url='{$url}'");
if ($row) {
return get_entity($row->guid);
}
return false;
}
public function testCanGetDataRow()
{
$row1 = get_data_row("\n\t\t\tSELECT *\n\t\t\tFROM {$this->prefix}users_entity\n\t\t\tWHERE username = '******'\n\t\t");
$row2 = get_data_row("\n\t\t\tSELECT *\n\t\t\tFROM {$this->prefix}users_entity\n\t\t\tWHERE username = ?\n\t\t", null, [$this->user->username]);
$row3 = get_data_row("\n\t\t\tSELECT *\n\t\t\tFROM {$this->prefix}users_entity\n\t\t\tWHERE username = :username\n\t\t", null, [':username' => $this->user->username]);
$this->assertIsA($row1, 'stdClass');
$this->assertEqual($row1->username, $this->user->username);
$this->assertEqual($row1, $row2);
$this->assertEqual($row1, $row3);
}
/**
* Load a key
*
* @param string $key Name
* @param int $offset Offset
* @param int $limit Limit
*
* @return string
*/
public function load($key, $offset = 0, $limit = null)
{
$dbprefix = elgg_get_config('dbprefix');
$key = sanitise_string($key);
$row = get_data_row("SELECT * from {$dbprefix}hmac_cache where hmac='{$key}'");
if ($row) {
return $row->hmac;
}
return false;
}
/**
* Load a key
*
* @param string $key Name
* @param int $offset Offset
* @param int $limit Limit
*
* @return string
*/
public function load($key, $offset = 0, $limit = null)
{
global $CONFIG;
$key = sanitise_string($key);
$row = get_data_row("SELECT * from {$CONFIG->dbprefix}hmac_cache where hmac='{$key}'");
if ($row) {
return $row->hmac;
}
return false;
}
/**
* Loads a token from the DB
*
* @param string $token Token
* @return UserToken|false
*/
public static function load($token)
{
$dbprefix = elgg_get_config('dbprefix');
$token = sanitize_string($token);
$row = get_data_row("SELECT * FROM {$dbprefix}users_apisessions WHERE token='{$token}'");
if (!$row) {
return false;
}
return new UserToken($row);
}
/**
* Validate a token against a given site.
*
* A token registered with one site can not be used from a
* different apikey(site), so be aware of this during development.
*
* @param string $token The Token.
*
* @return mixed The user id attached to the token if not expired or false.
*/
function validate_user_token($token)
{
$dbprefix = elgg_get_config('dbprefix');
$token = sanitise_string($token);
$time = time();
$user = get_data_row("SELECT * from {$dbprefix}users_apisessions\n\t\twhere token='{$token}' and {$time} < expires");
if ($user) {
return $user->user_guid;
}
return false;
}
/**
* Return the number of users registered in the system.
*
* @param bool $show_deactivated
* @return int
*/
function get_number_users($show_deactivated = false)
{
global $CONFIG;
$access = "";
if (!$show_deactivated) {
$access = "and " . get_access_sql_suffix();
}
$result = get_data_row("SELECT count(*) as count from {$CONFIG->dbprefix}entities where type='user' {$access}");
if ($result) {
return $result->count;
}
return false;
}
/**
* Get scraped data
*
* @param string $url URL
* @return array|void
* @throws \InvalidArgumentException
*/
public function get($url)
{
if (!filter_var($url, FILTER_VALIDATE_URL)) {
throw new \InvalidArgumentException(__METHOD__ . ' expects a valid URL');
}
$data = $this->cache->get(sha1($url));
if ($data) {
return $data;
}
$dbprefix = elgg_get_config('dbprefix');
$row = get_data_row("\n\t\t\tSELECT * FROM {$dbprefix}scraper_data\n\t\t\tWHERE url = :url\n\t\t", null, [':url' => $url]);
return $row ? unserialize($row->data) : null;
}
/**
* Check that token exists and is valid
*
* @param string $token
* @return boolean
*/
public function validateToken($token)
{
$token = $this->db->sanitizeString($token);
$time = time();
$dbprefix = $this->db->getTablePrefix();
$site_guid = $this->config->site_guid;
$user = get_data_row("SELECT * from {$dbprefix}users_apisessions\n\t\t\twhere token='{$token}' and site_guid={$site_guid} and {$time} < expires");
if ($user) {
return true;
} else {
return false;
}
}
/**
* returns the ACL of the site
*
* Needs a custom query because of deadloop problems with get_private_setting
*
* @return int
*/
public function getACL()
{
if (!isset($this->subsite_acl_cache)) {
$this->subsite_acl_cache = false;
$query = "SELECT value";
$query .= " FROM " . get_config("dbprefix") . "private_settings";
$query .= " WHERE name = 'subsite_acl'";
$query .= " AND entity_guid = " . $this->getGUID();
if ($setting = get_data_row($query)) {
$this->subsite_acl_cache = $setting->value;
}
}
return $this->subsite_acl_cache;
}
/**
* Return the number of users registered in the system.
*
* @param bool $show_deactivated Count not enabled users?
*
* @return int
*/
function get_number_users($show_deactivated = false)
{
global $CONFIG;
$access = "";
if (!$show_deactivated) {
$access = "and " . _elgg_get_access_where_sql(array('table_alias' => ''));
}
$query = "SELECT count(*) as count\n\t\tfrom {$CONFIG->dbprefix}entities where type='user' {$access}";
$result = get_data_row($query);
if ($result) {
return $result->count;
}
return false;
}
public function testCanGetData()
{
$data = [['id' => 1, 'foo' => 'bar1'], ['id' => 2, 'foo' => 'bar2'], ['id' => 3, 'foo' => 'bar1']];
_elgg_services()->db->addQuerySpec(['sql' => 'SELECT FROM A WHERE foo = :foo', 'params' => [':foo' => 'bar1'], 'results' => function () use($data) {
$results = [];
foreach ($data as $elem) {
if ($elem['foo'] == 'bar1') {
$results[] = (object) $elem;
}
}
return $results;
}]);
$this->assertEquals([$data[0], $data[2]], get_data('SELECT FROM A WHERE foo = :foo', [$this, 'rowToArray'], [':foo' => 'bar1']));
$this->assertEquals($data[0], get_data_row('SELECT FROM A WHERE foo = :foo', [$this, 'rowToArray'], [':foo' => 'bar1']));
}
/**
* Validate a token against a given site.
*
* A token registered with one site can not be used from a
* different apikey(site), so be aware of this during development.
*
* @param string $token The Token.
* @param int $site_guid The ID of the site (default is current site)
*
* @return mixed The user id attached to the token if not expired or false.
*/
function validate_user_token($token, $site_guid)
{
global $CONFIG;
if (!isset($site_guid)) {
$site_guid = $CONFIG->site_id;
}
$site_guid = (int) $site_guid;
$token = sanitise_string($token);
$time = time();
$user = get_data_row("SELECT * from {$CONFIG->dbprefix}users_apisessions\n\t\twhere token='{$token}' and site_guid={$site_guid} and {$time} < expires");
if ($user) {
return $user->user_guid;
}
return false;
}
/**
* Create or update the entities table for a given group.
* Call create_entity first.
*
* @param int $guid GUID
* @param string $name Name
* @param string $description Description
*
* @return bool
*/
function create_group_entity($guid, $name, $description)
{
global $CONFIG;
$guid = (int) $guid;
$name = sanitise_string($name);
$description = sanitise_string($description);
$row = get_entity_as_row($guid);
if ($row) {
// Exists and you have access to it
$exists = get_data_row("SELECT guid from {$CONFIG->dbprefix}groups_entity WHERE guid = {$guid}");
if ($exists) {
} else {
}
}
return false;
}
public function testCreateGetDeleteACL()
{
$acl_name = 'test access collection';
$acl_id = create_access_collection($acl_name);
$this->assertTrue(is_int($acl_id));
$q = "SELECT * FROM {$this->dbPrefix}access_collections WHERE id = {$acl_id}";
$acl = get_data_row($q);
$this->assertEqual($acl->id, $acl_id);
if ($acl) {
$this->assertEqual($acl->name, $acl_name);
$result = delete_access_collection($acl_id);
$this->assertTrue($result);
$q = "SELECT * FROM {$this->dbPrefix}access_collections WHERE id = {$acl_id}";
$data = get_data($q);
$this->assertIdentical(array(), $data);
}
}
/**
* Gets a configuration value
*
* @param string $name The name of the config value
* @param int $site_guid Optionally, the GUID of the site (current site is assumed by default)
* @return mixed|false Depending on success
*/
function get_config($name, $site_guid = 0)
{
global $CONFIG;
if (isset($CONFIG->{$name})) {
return $CONFIG->{$name};
}
$name = mysql_real_escape_string($name);
$site_guid = (int) $site_guid;
if ($site_guid == 0) {
$site_guid = (int) $CONFIG->site_id;
}
if ($result = get_data_row("SELECT value from {$CONFIG->dbprefix}config where name = '{$name}' and site_guid = {$site_guid}")) {
$result = $result->value;
$result = unserialize($result->value);
$CONFIG->{$name} = $result;
return $result;
}
return false;
}
/**
* When given an ID, returns the corresponding metastring
*
* @param int $id Metastring ID
* @return string Metastring
*/
function get_metastring($id)
{
global $CONFIG, $METASTRINGS_CACHE;
$id = (int) $id;
if (isset($METASTRINGS_CACHE[$id])) {
if ($CONFIG->debug) {
error_log("** Returning string for id:{$id} from cache.");
}
return $METASTRINGS_CACHE[$id];
}
$row = get_data_row("SELECT * from {$CONFIG->dbprefix}metastrings where id='{$id}' limit 1");
if ($row) {
$METASTRINGS_CACHE[$id] = $row->string;
// Cache it
if ($CONFIG->debug) {
error_log("** Cacheing string '{$row->string}'");
}
return $row->string;
}
return false;
}
/**
* Initialize search plugin
*/
function search_init()
{
global $CONFIG;
require_once 'search_hooks.php';
// page handler for search actions and results
elgg_register_page_handler('search', 'search_page_handler');
// register some default search hooks
elgg_register_plugin_hook_handler('search', 'object', 'search_objects_hook');
elgg_register_plugin_hook_handler('search', 'user', 'search_users_hook');
elgg_register_plugin_hook_handler('search', 'group', 'search_groups_hook');
// tags and comments are a bit different.
// register a search types and a hooks for them.
elgg_register_plugin_hook_handler('search_types', 'get_types', 'search_custom_types_tags_hook');
elgg_register_plugin_hook_handler('search', 'tags', 'search_tags_hook');
elgg_register_plugin_hook_handler('search_types', 'get_types', 'search_custom_types_comments_hook');
elgg_register_plugin_hook_handler('search', 'comments', 'search_comments_hook');
// get server min and max allowed chars for ft searching
$CONFIG->search_info = array();
$result = false;
try {
$result = get_data_row('SELECT @@ft_min_word_len as min, @@ft_max_word_len as max');
} catch (DatabaseException $e) {
// some servers don't have these values set which leads to exception
// we ignore the exception
}
if ($result) {
$CONFIG->search_info['min_chars'] = $result->min;
$CONFIG->search_info['max_chars'] = $result->max;
} else {
// defaults from MySQL on Ubuntu Linux
$CONFIG->search_info['min_chars'] = 4;
$CONFIG->search_info['max_chars'] = 90;
}
// add in CSS for search elements
elgg_extend_view('css/elgg', 'search/css');
// extend view for elgg topbar search box
elgg_extend_view('page/elements/header', 'search/header');
elgg_register_plugin_hook_handler('robots.txt', 'site', 'search_exclude_robots');
}
/**
* Create or update the entities table for a given group.
* Call create_entity first.
*
* @param int $guid GUID
* @param string $name Name
* @param string $description Description
*
* @return bool
* @access private
*/
function create_group_entity($guid, $name, $description)
{
global $CONFIG;
$guid = (int) $guid;
$name = sanitise_string($name);
$description = sanitise_string($description);
$row = get_entity_as_row($guid);
if ($row) {
// Exists and you have access to it
$exists = get_data_row("SELECT guid from {$CONFIG->dbprefix}groups_entity WHERE guid = {$guid}");
if ($exists) {
$query = "UPDATE {$CONFIG->dbprefix}groups_entity set" . " name='{$name}', description='{$description}' where guid={$guid}";
$result = update_data($query);
if ($result != false) {
// Update succeeded, continue
$entity = get_entity($guid);
if (elgg_trigger_event('update', $entity->type, $entity)) {
return $guid;
} else {
$entity->delete();
}
}
} else {
// Update failed, attempt an insert.
$query = "INSERT into {$CONFIG->dbprefix}groups_entity" . " (guid, name, description) values ({$guid}, '{$name}', '{$description}')";
$result = insert_data($query);
if ($result !== false) {
$entity = get_entity($guid);
if (elgg_trigger_event('create', $entity->type, $entity)) {
return $guid;
} else {
$entity->delete();
}
}
}
}
return false;
}
/**
* DB Based session handling code.
*/
function __elgg_session_read($id)
{
global $DB_PREFIX;
$id = sanitise_string($id);
try {
$result = get_data_row("SELECT * from {$DB_PREFIX}users_sessions where session='{$id}'");
if ($result) {
return (string) $result->data;
}
} catch (DatabaseException $e) {
// Fall back to file store in this case, since this likely means that the database hasn't been upgraded
global $sess_save_path;
$sess_file = "{$sess_save_path}/sess_{$id}";
return (string) @file_get_contents($sess_file);
}
return '';
}
function elgg_solr_get_entity_guids(array $options = array())
{
global $CONFIG;
$defaults = array('types' => ELGG_ENTITIES_ANY_VALUE, 'subtypes' => ELGG_ENTITIES_ANY_VALUE, 'type_subtype_pairs' => ELGG_ENTITIES_ANY_VALUE, 'guids' => ELGG_ENTITIES_ANY_VALUE, 'owner_guids' => ELGG_ENTITIES_ANY_VALUE, 'container_guids' => ELGG_ENTITIES_ANY_VALUE, 'site_guids' => $CONFIG->site_guid, 'modified_time_lower' => ELGG_ENTITIES_ANY_VALUE, 'modified_time_upper' => ELGG_ENTITIES_ANY_VALUE, 'created_time_lower' => ELGG_ENTITIES_ANY_VALUE, 'created_time_upper' => ELGG_ENTITIES_ANY_VALUE, 'reverse_order_by' => false, 'order_by' => 'e.time_created desc', 'group_by' => ELGG_ENTITIES_ANY_VALUE, 'limit' => 10, 'offset' => 0, 'count' => false, 'selects' => array(), 'wheres' => array(), 'joins' => array(), 'callback' => false, '__ElggBatch' => null);
$options = array_merge($defaults, $options);
// can't use helper function with type_subtype_pair because
// it's already an array...just need to merge it
if (isset($options['type_subtype_pair'])) {
if (isset($options['type_subtype_pairs'])) {
$options['type_subtype_pairs'] = array_merge($options['type_subtype_pairs'], $options['type_subtype_pair']);
} else {
$options['type_subtype_pairs'] = $options['type_subtype_pair'];
}
}
$singulars = array('type', 'subtype', 'guid', 'owner_guid', 'container_guid', 'site_guid');
$options = _elgg_normalize_plural_options_array($options, $singulars);
// evaluate where clauses
if (!is_array($options['wheres'])) {
$options['wheres'] = array($options['wheres']);
}
$wheres = $options['wheres'];
$wheres[] = _elgg_get_entity_type_subtype_where_sql('e', $options['types'], $options['subtypes'], $options['type_subtype_pairs']);
$wheres[] = _elgg_get_guid_based_where_sql('e.guid', $options['guids']);
$wheres[] = _elgg_get_guid_based_where_sql('e.owner_guid', $options['owner_guids']);
$wheres[] = _elgg_get_guid_based_where_sql('e.container_guid', $options['container_guids']);
$wheres[] = _elgg_get_guid_based_where_sql('e.site_guid', $options['site_guids']);
$wheres[] = _elgg_get_entity_time_where_sql('e', $options['created_time_upper'], $options['created_time_lower'], $options['modified_time_upper'], $options['modified_time_lower']);
// see if any functions failed
// remove empty strings on successful functions
foreach ($wheres as $i => $where) {
if ($where === false) {
return false;
} elseif (empty($where)) {
unset($wheres[$i]);
}
}
// remove identical where clauses
$wheres = array_unique($wheres);
// evaluate join clauses
if (!is_array($options['joins'])) {
$options['joins'] = array($options['joins']);
}
// remove identical join clauses
$joins = array_unique($options['joins']);
foreach ($joins as $i => $join) {
if ($join === false) {
return false;
} elseif (empty($join)) {
unset($joins[$i]);
}
}
// evalutate selects
if ($options['selects']) {
$selects = '';
foreach ($options['selects'] as $select) {
$selects .= ", {$select}";
}
} else {
$selects = '';
}
if (!$options['count']) {
$distinct = '';
if ($options['require_distinct']) {
$distinct = ' DISTINCT';
}
$query = "SELECT{$distinct} e.guid{$selects} FROM {$CONFIG->dbprefix}entities e ";
} else {
$query = "SELECT count(DISTINCT e.guid) as total FROM {$CONFIG->dbprefix}entities e ";
}
// add joins
foreach ($joins as $j) {
$query .= " {$j} ";
}
// add wheres
$query .= ' WHERE ';
foreach ($wheres as $w) {
$query .= " {$w} AND ";
}
// Add access controls
$query .= _elgg_get_access_where_sql();
// reverse order by
if ($options['reverse_order_by']) {
$options['order_by'] = _elgg_sql_reverse_order_by_clause($options['order_by']);
}
if (!$options['count']) {
if ($options['group_by']) {
$query .= " GROUP BY {$options['group_by']}";
}
if ($options['order_by']) {
$query .= " ORDER BY {$options['order_by']}";
}
if ($options['limit']) {
$limit = sanitise_int($options['limit'], false);
$offset = sanitise_int($options['offset'], false);
$query .= " LIMIT {$offset}, {$limit}";
}
if ($options['callback'] === 'entity_row_to_elggstar') {
$dt = _elgg_fetch_entities_from_sql($query, $options['__ElggBatch']);
} else {
$dt = get_data($query, $options['callback']);
}
if ($dt) {
// populate entity and metadata caches
$guids = array();
foreach ($dt as $item) {
// A custom callback could result in items that aren't ElggEntity's, so check for them
if ($item instanceof ElggEntity) {
_elgg_cache_entity($item);
// plugins usually have only settings
if (!$item instanceof ElggPlugin) {
$guids[] = $item->guid;
}
}
}
// @todo Without this, recursive delete fails. See #4568
reset($dt);
if ($guids) {
_elgg_get_metadata_cache()->populateFromEntities($guids);
}
}
return $dt;
} else {
$total = get_data_row($query);
return (int) $total->total;
}
}
/**
* Return the object specific details of a object by a row.
*
* @param int $guid The guid to retreive
*
* @return bool
* @access private
*/
function get_object_entity_as_row($guid)
{
global $CONFIG;
$guid = (int) $guid;
return get_data_row("SELECT * from {$CONFIG->dbprefix}objects_entity where guid={$guid}");
}
function get_entities_from_metadata_by_value($meta_array, $entity_type = "", $entity_subtype = "", $count = false, $owner_guid = 0, $container_guid = 0, $limit = 10, $offset = 0, $order_by = "", $site_guid = 0)
{
global $CONFIG;
// ORDER BY
if ($order_by == "") {
$order_by = "e.time_created desc";
}
$order_by = sanitise_string($order_by);
$where = array();
// Filetr by metadata
$mindex = 1;
// Starting index of joined metadata/metastring tables
$join_meta = "";
$query_access = "";
foreach ($meta_array as $meta) {
$join_meta .= "JOIN {$CONFIG->dbprefix}metadata m{$mindex} on e.guid = m{$mindex}.entity_guid ";
$join_meta .= "JOIN {$CONFIG->dbprefix}metastrings v{$mindex} on v{$mindex}.id = m{$mindex}.value_id ";
$meta_n = get_metastring_id($meta['name']);
$where[] = "m{$mindex}.name_id='{$meta_n}'";
if (strtolower($meta['operand']) == "like") {
// "LIKE" search
$where[] = "v{$mindex}.string LIKE ('" . $meta['value'] . "') ";
} elseif (strtolower($meta['operand']) == "in") {
// TO DO - "IN" search
} elseif ($meta['operand'] != '') {
// Simple operand search
$where[] = "v{$mindex}.string" . $meta['operand'] . "'" . $meta['value'] . "'";
}
$query_access .= ' and ' . get_access_sql_suffix("m{$mindex}");
// Add access controls
$mindex++;
}
$limit = (int) $limit;
$offset = (int) $offset;
if (is_array($owner_guid) && count($owner_guid)) {
foreach ($owner_guid as $key => $guid) {
$owner_guid[$key] = (int) $guid;
}
} else {
$owner_guid = (int) $owner_guid;
}
if (is_array($container_guid) && count($container_guid)) {
foreach ($container_guid as $key => $guid) {
$container_guid[$key] = (int) $guid;
}
} else {
$container_guid = (int) $container_guid;
}
$site_guid = (int) $site_guid;
if ($site_guid == 0) {
$site_guid = $CONFIG->site_guid;
}
$entity_type = sanitise_string($entity_type);
if ($entity_type != "") {
$where[] = "e.type='{$entity_type}'";
}
$entity_subtype = get_subtype_id($entity_type, $entity_subtype);
if ($entity_subtype) {
$where[] = "e.subtype={$entity_subtype}";
}
if ($site_guid > 0) {
$where[] = "e.site_guid = {$site_guid}";
}
if (is_array($owner_guid)) {
$where[] = "e.owner_guid in (" . implode(",", $owner_guid) . ")";
} else {
if ($owner_guid > 0) {
$where[] = "e.owner_guid = {$owner_guid}";
}
}
if (is_array($container_guid)) {
$where[] = "e.container_guid in (" . implode(",", $container_guid) . ")";
} else {
if ($container_guid > 0) {
$where[] = "e.container_guid = {$container_guid}";
}
}
if (!$count) {
$query = "SELECT distinct e.* ";
} else {
$query = "SELECT count(distinct e.guid) as total ";
}
$query .= "FROM {$CONFIG->dbprefix}entities e ";
$query .= $join_meta;
$query .= " WHERE ";
foreach ($where as $w) {
$query .= " {$w} and ";
}
$query .= get_access_sql_suffix("e");
// Add access controls
$query .= $query_access;
if (!$count) {
$query .= " order by {$order_by} limit {$offset}, {$limit}";
// Add order and limit
return get_data($query, "entity_row_to_elggstar");
} else {
$row = get_data_row($query);
//echo $query.mysql_error().__FILE__.__LINE__;
if ($row) {
return $row->total;
}
}
return false;
}
/**
* As get_entities_from_metadata_groups() but with multiple entities.
*
* @param int $group_guid The ID of the group.
* @param array $meta_array Array of 'name' => 'value' pairs
* @param string $entity_type The type of entity to look for, eg 'site' or 'object'
* @param string $entity_subtype The subtype of the entity.
* @param int $owner_guid Owner GUID
* @param int $limit Limit
* @param int $offset Offset
* @param string $order_by Optional ordering.
* @param int $site_guid Site GUID. 0 for current, -1 for any
* @param bool $count Return count of entities instead of entities
*
* @return int|array List of ElggEntities, or the total number if count is set to false
* @deprecated 1.8 Use elgg_get_entities_from_metadata()
*/
function get_entities_from_metadata_groups_multi($group_guid, $meta_array, $entity_type = "", $entity_subtype = "", $owner_guid = 0, $limit = 10, $offset = 0, $order_by = "", $site_guid = 0, $count = false)
{
elgg_deprecated_notice("get_entities_from_metadata_groups_multi was deprecated in 1.8.", 1.8);
global $CONFIG;
if (!is_array($meta_array) || sizeof($meta_array) == 0) {
return false;
}
$where = array();
$mindex = 1;
$join = "";
foreach ($meta_array as $meta_name => $meta_value) {
$meta_n = get_metastring_id($meta_name);
$meta_v = get_metastring_id($meta_value);
$join .= " JOIN {$CONFIG->dbprefix}metadata m{$mindex} on e.guid = m{$mindex}.entity_guid" . " JOIN {$CONFIG->dbprefix}objects_entity o on e.guid = o.guid ";
if ($meta_name != "") {
$where[] = "m{$mindex}.name_id='{$meta_n}'";
}
if ($meta_value != "") {
$where[] = "m{$mindex}.value_id='{$meta_v}'";
}
$mindex++;
}
$entity_type = sanitise_string($entity_type);
$entity_subtype = get_subtype_id($entity_type, $entity_subtype);
$limit = (int) $limit;
$offset = (int) $offset;
if ($order_by == "") {
$order_by = "e.time_created desc";
}
$order_by = sanitise_string($order_by);
$owner_guid = (int) $owner_guid;
$site_guid = (int) $site_guid;
if ($site_guid == 0) {
$site_guid = $CONFIG->site_guid;
}
//$access = get_access_list();
if ($entity_type != "") {
$where[] = "e.type = '{$entity_type}'";
}
if ($entity_subtype) {
$where[] = "e.subtype = {$entity_subtype}";
}
if ($site_guid > 0) {
$where[] = "e.site_guid = {$site_guid}";
}
if ($owner_guid > 0) {
$where[] = "e.owner_guid = {$owner_guid}";
}
if ($group_guid > 0) {
$where[] = "e.container_guid = {$group_guid}";
}
if ($count) {
$query = "SELECT count(e.guid) as total ";
} else {
$query = "SELECT distinct e.* ";
}
$query .= " from {$CONFIG->dbprefix}entities e {$join} where";
foreach ($where as $w) {
$query .= " {$w} and ";
}
$query .= get_access_sql_suffix("e");
// Add access controls
if (!$count) {
$query .= " order by {$order_by} limit {$offset}, {$limit}";
// Add order and limit
return get_data($query, "entity_row_to_elggstar");
} else {
if ($count = get_data_row($query)) {
return $count->total;
}
}
return false;
}
