/**
* Delete Campaign
* @param <type> $campaignId
*/
public function Delete($campaignId)
{
Debug::LogEntry('audit', 'IN', 'Campaign', 'Delete');
// Delete the Campaign record
try {
$dbh = PDOConnect::init();
// Unlink all Layouts
if (!$this->UnlinkAll($campaignId)) {
throw new Exception(__('Unable to Unlink'));
}
// Remove all permissions
Kit::ClassLoader('campaignsecurity');
$security = new CampaignSecurity($this->db);
if (!$security->UnlinkAll($campaignId)) {
throw new Exception(__('Unable to set permissions'));
}
// Delete from the Campaign
$sth = $dbh->prepare('DELETE FROM `campaign` WHERE CampaignID = :campaignid');
$sth->execute(array('campaignid' => $campaignId));
return true;
} catch (Exception $e) {
Debug::LogEntry('error', $e->getMessage());
if (!$this->IsError()) {
$this->SetError(25500, __('Unable to delete Campaign'));
}
return false;
}
}
public function Permissions()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
}
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
Kit::ClassLoader('datasetgroupsecurity');
$dataSetId = Kit::GetParam('datasetid', _POST, _INT);
$groupIds = Kit::GetParam('groupids', _POST, _ARRAY);
$auth = $this->user->DataSetAuth($dataSetId, true);
if (!$auth->modifyPermissions) {
trigger_error(__('You do not have permissions to edit this dataset'), E_USER_ERROR);
}
// Unlink all
$security = new DataSetGroupSecurity($db);
if (!$security->UnlinkAll($dataSetId)) {
trigger_error(__('Unable to set permissions'));
}
// Some assignments for the loop
$lastGroupId = 0;
$first = true;
$view = 0;
$edit = 0;
$del = 0;
// List of groupIds with view, edit and del assignments
foreach ($groupIds as $groupPermission) {
$groupPermission = explode('_', $groupPermission);
$groupId = $groupPermission[0];
if ($first) {
// First time through
$first = false;
$lastGroupId = $groupId;
}
if ($groupId != $lastGroupId) {
// The groupId has changed, so we need to write the current settings to the db.
// Link new permissions
if (!$security->Link($dataSetId, $lastGroupId, $view, $edit, $del)) {
trigger_error(__('Unable to set permissions'), E_USER_ERROR);
}
// Reset
$lastGroupId = $groupId;
$view = 0;
$edit = 0;
$del = 0;
}
switch ($groupPermission[1]) {
case 'view':
$view = 1;
break;
case 'edit':
$edit = 1;
break;
case 'del':
$del = 1;
break;
}
}
// Need to do the last one
if (!$first) {
if (!$security->Link($dataSetId, $lastGroupId, $view, $edit, $del)) {
trigger_error(__('Unable to set permissions'), E_USER_ERROR);
}
}
$response->SetFormSubmitResponse(__('Permissions Changed'));
$response->Respond();
}
private function GetDataSetItems($displayId, $text)
{
$db =& $this->db;
// Extra fields for data sets
$dataSetId = $this->GetOption('datasetid');
$upperLimit = $this->GetOption('upperLimit');
$lowerLimit = $this->GetOption('lowerLimit');
$filter = $this->GetOption('filter');
$ordering = $this->GetOption('ordering');
Debug::LogEntry('audit', 'Then template for each row is: ' . $text);
// Combine the column id's with the dataset data
$matches = '';
preg_match_all('/\\[(.*?)\\]/', $text, $matches);
$columnIds = array();
foreach ($matches[1] as $match) {
// Get the column id's we are interested in
Debug::LogEntry('audit', 'Matched column: ' . $match);
$col = explode('|', $match);
$columnIds[] = $col[1];
}
// Get the dataset results
Kit::ClassLoader('dataset');
$dataSet = new DataSet($db);
$dataSetResults = $dataSet->DataSetResults($dataSetId, implode(',', $columnIds), $filter, $ordering, $lowerLimit, $upperLimit, $displayId, true);
$items = array();
foreach ($dataSetResults['Rows'] as $row) {
// For each row, substitute into our template
$rowString = $text;
foreach ($matches[1] as $sub) {
// Pick the appropriate column out
$subs = explode('|', $sub);
$rowString = str_replace('[' . $sub . ']', $row[$subs[0]], $rowString);
}
$items[] = $rowString;
}
return $items;
}
/**
* Sets the Members of a group
* @return
*/
public function SetMemberOf()
{
$db =& $this->db;
$response = new ResponseManager();
Kit::ClassLoader('displaygroup');
$displayGroupObject = new DisplayGroup($db);
$displayID = Kit::GetParam('DisplayID', _REQUEST, _INT);
$displayGroups = Kit::GetParam('DisplayGroupID', _POST, _ARRAY, array());
$members = array();
// Get a list of current members
$SQL = "";
$SQL .= "SELECT displaygroup.DisplayGroupID ";
$SQL .= "FROM displaygroup ";
$SQL .= " INNER JOIN lkdisplaydg ON lkdisplaydg.DisplayGroupID = displaygroup.DisplayGroupID ";
$SQL .= sprintf("WHERE lkdisplaydg.DisplayID = %d ", $displayID);
$SQL .= " AND displaygroup.IsDisplaySpecific = 0 ";
if (!($resultIn = $db->query($SQL))) {
trigger_error($db->error());
trigger_error(__('Error getting Display Groups'), E_USER_ERROR);
}
while ($row = $db->get_assoc_row($resultIn)) {
// Test whether this ID is in the array or not
$displayGroupID = Kit::ValidateParam($row['DisplayGroupID'], _INT);
if (!in_array($displayGroupID, $displayGroups)) {
// Its currently assigned but not in the $displays array
// so we unassign
if (!$displayGroupObject->Unlink($displayGroupID, $displayID)) {
trigger_error($displayGroupObject->GetErrorMessage(), E_USER_ERROR);
}
} else {
$members[] = $displayGroupID;
}
}
foreach ($displayGroups as $displayGroupID) {
// Add any that are missing
if (!in_array($displayGroupID, $members)) {
if (!$displayGroupObject->Link($displayGroupID, $displayID)) {
trigger_error($displayGroupObject->GetErrorMessage(), E_USER_ERROR);
}
}
}
$response->SetFormSubmitResponse(__('Group membership set'), false);
$response->Respond();
}
/**
* Permissions Edit
*/
public function Permissions()
{
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
Kit::ClassLoader('mediagroupsecurity');
Kit::ClassLoader('layoutmediagroupsecurity');
$layoutId = Kit::GetParam('layoutid', _POST, _INT);
$regionId = Kit::GetParam('regionid', _POST, _STRING);
$mediaId = Kit::GetParam('mediaid', _POST, _STRING);
$groupIds = Kit::GetParam('groupids', _POST, _ARRAY);
if (!$this->auth->modifyPermissions) {
trigger_error(__('You do not have permissions to edit this layout'), E_USER_ERROR);
}
// Unlink all
if ($this->assignedMedia) {
$layoutMediaSecurity = new LayoutMediaGroupSecurity($db);
if (!$layoutMediaSecurity->UnlinkAll($layoutId, $regionId, $mediaId)) {
trigger_error(__('Unable to set permissions'));
}
} else {
$mediaSecurity = new MediaGroupSecurity($db);
if (!$mediaSecurity->UnlinkAll($mediaId)) {
trigger_error(__('Unable to set permissions'));
}
}
// Some assignments for the loop
$lastGroupId = 0;
$first = true;
$view = 0;
$edit = 0;
$del = 0;
// List of groupIds with view, edit and del assignments
foreach ($groupIds as $groupPermission) {
$groupPermission = explode('_', $groupPermission);
$groupId = $groupPermission[0];
if ($first) {
// First time through
$first = false;
$lastGroupId = $groupId;
}
if ($groupId != $lastGroupId) {
// The groupId has changed, so we need to write the current settings to the db.
// Link new permissions
if ($this->assignedMedia) {
if (!$layoutMediaSecurity->Link($layoutId, $regionId, $mediaId, $lastGroupId, $view, $edit, $del)) {
trigger_error(__('Unable to set permissions'));
}
} else {
if (!$mediaSecurity->Link($mediaId, $lastGroupId, $view, $edit, $del)) {
trigger_error(__('Unable to set permissions'));
}
}
// Reset
$lastGroupId = $groupId;
$view = 0;
$edit = 0;
$del = 0;
}
switch ($groupPermission[1]) {
case 'view':
$view = 1;
break;
case 'edit':
$edit = 1;
break;
case 'del':
$del = 1;
break;
}
}
// Need to do the last one
if (!$first) {
if ($this->assignedMedia) {
if (!$layoutMediaSecurity->Link($layoutId, $regionId, $mediaId, $lastGroupId, $view, $edit, $del)) {
trigger_error(__('Unable to set permissions'));
}
} else {
if (!$mediaSecurity->Link($mediaId, $lastGroupId, $view, $edit, $del)) {
trigger_error(__('Unable to set permissions'));
}
}
}
$response->SetFormSubmitResponse(__('Permissions Changed'));
return $response;
}
}
} else {
// Only signed requests allowed.
$serviceResponse->ErrorServerError('Not signed.');
}
Debug::LogEntry('audit', 'Authenticated API call for [' . $method . '] with a [' . $response . '] response. Issued by UserId: ' . $user->userid, 'Services');
// Authenticated with OAuth.
Kit::ClassLoader('Rest');
// Detect response type requested.
switch ($response) {
case 'json':
Kit::ClassLoader('RestJson');
$rest = new RestJson($db, $user, $_REQUEST);
break;
case 'xml':
Kit::ClassLoader('RestXml');
$rest = new RestXml($db, $user, $_REQUEST);
break;
default:
$serviceResponse->ErrorServerError('Unknown response type');
}
// Run the method requested.
if (method_exists($rest, $method)) {
$serviceResponse->Success($rest->{$method}());
} else {
$serviceResponse->ErrorServerError('Unknown Method');
}
break;
default:
$serviceResponse->ErrorServerError('Not implemented.');
}
public function Import()
{
$db =& $this->db;
$response = new ResponseManager();
// What are we importing?
$template = Kit::GetParam('template', _POST, _STRING, 'false');
$template = $template == 'true';
$layout = Kit::GetParam('layout', _POST, _STRING);
$replaceExisting = Kit::GetParam('replaceExisting', _POST, _CHECKBOX);
$importTags = Kit::GetParam('importTags', _POST, _CHECKBOX, !$template);
// File data
$tmpName = Kit::GetParam('hidFileID', _POST, _STRING);
if ($tmpName == '') {
trigger_error(__('Please ensure you have picked a file and it has finished uploading'), E_USER_ERROR);
}
// File name and extension (orignial name)
$fileName = Kit::GetParam('txtFileName', _POST, _STRING);
$fileName = basename($fileName);
$ext = strtolower(substr(strrchr($fileName, "."), 1));
// File upload directory.. get this from the settings object
$fileLocation = Config::GetSetting('LIBRARY_LOCATION') . 'temp/' . $tmpName;
Kit::ClassLoader('layout');
$layoutObject = new Layout($this->db);
if (!$layoutObject->Import($fileLocation, $layout, $this->user->userid, $template, $replaceExisting, $importTags)) {
trigger_error($layoutObject->GetErrorMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse(__('Layout Imported'));
$response->Respond();
}
/**
* Revises the file for this media id
* @param int $mediaId
* @param int $fileId
* @param string $fileName
* @param int $userId
* @return bool|int
*/
public function FileRevise($mediaId, $fileId, $fileName, $userId)
{
Debug::LogEntry('audit', 'IN', 'Media', 'FileRevise');
try {
$dbh = PDOConnect::init();
// Check we have room in the library
$libraryLimit = Config::GetSetting('LIBRARY_SIZE_LIMIT_KB');
if ($libraryLimit > 0) {
$sth = $dbh->prepare('SELECT IFNULL(SUM(FileSize), 0) AS SumSize FROM media');
$sth->execute();
if (!($row = $sth->fetch())) {
throw new Exception("Error Processing Request", 1);
}
$fileSize = Kit::ValidateParam($row['SumSize'], _INT);
if ($fileSize / 1024 > $libraryLimit) {
$this->ThrowError(sprintf(__('Your library is full. Library Limit: %s K'), $libraryLimit));
}
}
// Check this user doesn't have a quota
if (!UserGroup::isQuotaFullByUser($userId)) {
$this->ThrowError(__('You have exceeded your library quota.'));
}
// Call add with this file Id and then update the existing mediaId with the returned mediaId
// from the add call.
// Will need to get some information about the existing media record first.
$sth = $dbh->prepare('SELECT name, duration, UserID, type FROM media WHERE MediaID = :mediaid');
$sth->execute(array('mediaid' => $mediaId));
if (!($row = $sth->fetch())) {
$this->ThrowError(31, 'Unable to get information about existing media record.');
}
// Pass in the old media id ($mediaid) so that we don't validate against it during the name check
if (!($newMediaId = $this->Add($fileId, $row['type'], $row['name'], $row['duration'], $fileName, $row['UserID'], $mediaId))) {
throw new Exception("Error Processing Request", 1);
}
// We need to assign all permissions for the old media id to the new media id
Kit::ClassLoader('mediagroupsecurity');
$security = new MediaGroupSecurity($this->db);
$security->Copy($mediaId, $newMediaId);
// Update the existing record with the new record's id
$sth = $dbh->prepare('UPDATE media SET isEdited = 1, editedMediaID = :newmediaid WHERE IFNULL(editedMediaID, 0) <> :newmediaid AND MediaID = :mediaid');
$sth->execute(array('mediaid' => $mediaId, 'newmediaid' => $newMediaId));
return $newMediaId;
} catch (Exception $e) {
Debug::LogEntry('error', $e->getMessage());
if (!$this->IsError()) {
$this->SetError(32, 'Unable to update existing media record');
}
return false;
}
}
/**
* Restore the Database
*/
public function RestoreDatabase()
{
$db =& $this->db;
if (Config::GetSetting('SETTING_IMPORT_ENABLED') != 1) {
trigger_error(__('Sorry this function is disabled.'), E_USER_ERROR);
}
include 'install/header.inc';
echo '<div class="info">';
// Expect a file upload
// Check we got a valid file
if (isset($_FILES['dumpFile']) && is_uploaded_file($_FILES['dumpFile']['tmp_name']) && $_FILES['dumpFile']['error'] == 0) {
echo 'Restoring Database</br>';
Debug::LogEntry('audit', 'Valid Upload', 'Backup', 'RestoreDatabase');
// Directory location
$fileName = Kit::ValidateParam($_FILES['dumpFile']['tmp_name'], _STRING);
if (is_uploaded_file($fileName)) {
// Move the uploaded file to a temporary location in the library
$destination = tempnam(Config::GetSetting('LIBRARY_LOCATION'), 'dmp');
move_uploaded_file($fileName, $destination);
Kit::ClassLoader('maintenance');
$maintenance = new Maintenance($this->db);
// Use the maintenance class to restore the database
if (!$maintenance->RestoreDatabase($destination)) {
trigger_error($maintenance->GetErrorMessage(), E_USER_ERROR);
}
unlink($destination);
} else {
trigger_error(__('Not a valid uploaded file'), E_USER_ERROR);
}
} else {
trigger_error(__('Unable to upload file'), E_USER_ERROR);
}
echo '</div>';
echo '<a href="index.php?p=admin">' . __('Database Restored. Click here to continue.') . '</a>';
include 'install/footer.inc';
die;
}
public function DeleteMedia()
{
$dataSetId = $this->GetOption('datasetid');
Kit::ClassLoader('dataset');
$dataSet = new DataSet($this->db);
$dataSet->UnlinkLayout($dataSetId, $this->layoutid, $this->regionid, $this->mediaid);
return parent::DeleteMedia();
}
/**
* Delete DataSet
* @param <type> $dataSetId
*/
public function Delete($dataSetId)
{
try {
$dbh = PDOConnect::init();
// First check to see if we have any data
$sth = $dbh->prepare('SELECT * FROM `datasetdata` INNER JOIN `datasetcolumn` ON datasetcolumn.DataSetColumnID = datasetdata.DataSetColumnID WHERE datasetcolumn.DataSetID = :datasetid');
$sth->execute(array('datasetid' => $dataSetId));
if ($row = $sth->fetch()) {
return $this->SetError(25005, __('There is data assigned to this data set, cannot delete.'));
}
// Delete security
Kit::ClassLoader('datasetgroupsecurity');
$security = new DataSetGroupSecurity($this->db);
$security->UnlinkAll($dataSetId);
// Delete columns
$dataSetObject = new DataSetColumn($this->db);
if (!$dataSetObject->DeleteAll($dataSetId)) {
return $this->SetError(25005, __('Cannot delete dataset, columns could not be deleted.'));
}
// Delete data set
$sth = $dbh->prepare('DELETE FROM dataset WHERE DataSetID = :datasetid');
$sth->execute(array('datasetid' => $dataSetId));
return true;
} catch (Exception $e) {
Debug::LogEntry('error', $e->getMessage());
if (!$this->IsError()) {
$this->SetError(25005, sprintf(__('Cannot edit dataset %s'), $dataSet));
}
return false;
}
}
public function VersionInstructions()
{
$response = new ResponseManager();
Kit::ClassLoader('media');
Kit::ClassLoader('display');
Kit::ClassLoader('lkmediadisplaygroup');
$displayGroupId = Kit::GetParam('displaygroupid', _POST, _INT);
$mediaId = Kit::GetParam('mediaid', _POST, _INT);
// Make sure we have permission to do this to this display
$auth = $this->user->DisplayGroupAuth($displayGroupId, true);
if (!$auth->edit) {
trigger_error(__('You do not have permission to edit this display group'), E_USER_ERROR);
}
// Make sure we have permission to use this file
$mediaAuth = $this->user->MediaAuth($mediaId, true);
if (!$mediaAuth->view) {
trigger_error(__('You have selected media that you no longer have permission to use. Please reload the form.'), E_USER_ERROR);
}
// Make sure this file is assigned to this display group
$link = new LkMediaDisplayGroup($this->db);
if (!$link->Link($displayGroupId, $mediaId)) {
trigger_error($display->GetErrorMessage(), E_USER_ERROR);
}
// Get the "StoredAs" for this media item
$media = new Media($this->db);
$storedAs = $media->GetStoredAs($mediaId);
// Get a list of displays for this group
$displays = $this->user->DisplayList(array('displayid'), array('displaygroupid' => $displayGroupId));
foreach ($displays as $display) {
// Update the Display with the new instructions
$displayObject = new Display($this->db);
if (!$displayObject->SetVersionInstructions($display['displayid'], $mediaId, $storedAs)) {
trigger_error($displayObject->GetErrorMessage(), E_USER_ERROR);
}
}
$response->SetFormSubmitResponse(__('Version Instructions Set'));
$response->Respond();
}
public function DeleteMedia()
{
$dataSetId = $this->GetOption('datasetid');
Debug::LogEntry('audit', sprintf('Deleting Media with DataSetId %d', $dataSetId), 'datasetview', 'DeleteMedia');
Kit::ClassLoader('dataset');
$dataSet = new DataSet($this->db);
$dataSet->UnlinkLayout($dataSetId, $this->layoutid, $this->regionid, $this->mediaid);
return parent::DeleteMedia();
}
/**
* Reorder the timeline according to the media list provided
* @param <type> $layoutId
* @param <type> $regionId
* @param <type> $mediaList
*/
public function ReorderTimeline($layoutId, $regionId, $mediaList)
{
// Load the XML for this layout
$xml = new DOMDocument("1.0");
$xml->loadXML($this->GetLayoutXml($layoutId));
//Get the Media Node in question in a DOMNode using Xpath
$xpath = new DOMXPath($xml);
$sequence = 0;
$numberofMediaItems = count($mediaList);
Debug::LogEntry('audit', 'There are ' . $numberofMediaItems . ' media items to reorder', 'region', 'ReorderTimeline');
foreach ($mediaList as $mediaItem) {
// Look for mediaid and lkid
$mediaId = $mediaItem['mediaid'];
$lkId = $mediaItem['lkid'];
Debug::LogEntry('audit', 'RegionId: ' . $regionId . '. MediaId: ' . $mediaId . '. LkId: ' . $lkId, 'region', 'ReorderTimeline');
if ($lkId == '') {
$mediaNodeList = $xpath->query("//region[@id='{$regionId}']/media[@id='{$mediaId}']");
} else {
$mediaNodeList = $xpath->query("//region[@id='{$regionId}']/media[@lkid='{$lkId}']");
}
$mediaNode = $mediaNodeList->item(0);
// Remove this node from its parent
$mediaNode->parentNode->removeChild($mediaNode);
// Get a NodeList of the Region specified (using XPath again)
$regionNodeList = $xpath->query("//region[@id='{$regionId}']/media");
// Insert the Media Node in question before this $sequence node
if ($sequence == $numberofMediaItems - 1) {
// Get the region node, and append the child node to the end
$regionNode = $regionNodeList = $xpath->query("//region[@id='{$regionId}']")->item(0);
$regionNode->appendChild($mediaNode);
} else {
// Get the $sequence node from the list
$mediaSeq = $regionNodeList->item($sequence);
$mediaSeq->parentNode->insertBefore($mediaNode, $mediaSeq);
}
// Increment the sequence
$sequence++;
}
// Save it
if (!$this->SetLayoutXml($layoutId, $xml->saveXML())) {
return false;
}
// Update layout status
Kit::ClassLoader('Layout');
$layout = new Layout($this->db);
$layout->SetValid($layoutId, true);
return true;
}
/**
* Re-orders a medias regions
* @return
*/
function TimelineReorder()
{
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
// Vars
$layoutId = Kit::GetParam('layoutid', _REQUEST, _INT);
$regionId = Kit::GetParam('regionid', _POST, _STRING);
$mediaList = Kit::GetParam('medialist', _POST, _STRING);
// Check the user has permission
Kit::ClassLoader('region');
$region = new region($db);
$ownerId = $region->GetOwnerId($layoutId, $regionId);
$regionAuth = $this->user->RegionAssignmentAuth($ownerId, $layoutId, $regionId, true);
if (!$regionAuth->edit) {
trigger_error(__('You do not have permissions to edit this region'), E_USER_ERROR);
}
// Create a list of media
if ($mediaList == '') {
trigger_error(__('No media to reorder'));
}
// Trim the last | if there is one
$mediaList = rtrim($mediaList, '|');
// Explode into an array
$mediaList = explode('|', $mediaList);
// Store in an array
$resolvedMedia = array();
foreach ($mediaList as $mediaNode) {
// Explode the second part of the array
$mediaNode = explode(',', $mediaNode);
$resolvedMedia[] = array('mediaid' => $mediaNode[0], 'lkid' => $mediaNode[1]);
}
// Hand off to the region object to do the actual reorder
if (!$region->ReorderTimeline($layoutId, $regionId, $resolvedMedia)) {
trigger_error($region->GetErrorMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse(__('Order Changed'));
$response->keepOpen = true;
$response->Respond();
}
public function PostImportFix($userId, $layoutId, $oldMediaId, $newMediaId, $storedAs = '', $background = 0)
{
Debug::LogEntry('audit', 'Swapping ' . $oldMediaId . ' for ' . $newMediaId, get_class(), __FUNCTION__);
// Are we the background image?
if ($background == 1) {
// Background Image
$this->DomXml->documentElement->setAttribute('background', $storedAs);
// Add the ID to the layout record.
try {
$dbh = PDOConnect::init();
$sth = $dbh->prepare('UPDATE `layout` SET backgroundImageId = :mediaId WHERE layoutId = :layoutId');
$sth->execute(array('mediaId' => $newMediaId, 'layoutId' => $layoutId));
// Link
$this->AddLk($layoutId, 'background', $newMediaId);
} catch (Exception $e) {
Debug::LogEntry('error', $e->getMessage(), get_class(), __FUNCTION__);
if (!$this->IsError()) {
$this->SetError(1, __('Unknown Error'));
}
return false;
}
} else {
// Media Items
$xpath = new DOMXPath($this->DomXml);
$mediaNodeList = $xpath->query('//media[@id=' . $oldMediaId . ']');
foreach ($mediaNodeList as $node) {
// Update the ID
$node->setAttribute('id', $newMediaId);
// Update Owner
$node->setAttribute('userId', $userId);
// Update the URI option
// Get the options node from this document
$optionNodes = $node->getElementsByTagName('options');
// There is only 1
$optionNode = $optionNodes->item(0);
// Get the option node for the URI
$oldUriNode = $xpath->query('.//uri', $optionNode);
// Create a new uri option node and use it as a replacement for this one.
$newNode = $this->DomXml->createElement('uri', $storedAs);
if ($oldUriNode->length == 0) {
// Append the new node to the list
$optionNode->appendChild($newNode);
} else {
// Replace the old node we found with XPath with the new node we just created
$optionNode->replaceChild($newNode, $oldUriNode->item(0));
}
// Get the parent node (the region node)
$regionId = $node->parentNode->getAttribute('id');
Debug::LogEntry('audit', 'Adding Link ' . $regionId, get_class(), __FUNCTION__);
// Insert a link
Kit::ClassLoader('region');
$region = new Region($this->db);
if (!($lkId = $region->AddDbLink($layoutId, $regionId, $newMediaId))) {
return false;
}
// Attach this lkid to the media item
$node->setAttribute("lkid", $lkId);
}
}
return true;
}
/**
* End point for jQuery file uploader
*/
public function JqueryFileUpload()
{
$db =& $this->db;
require_once "3rdparty/jquery-file-upload/XiboUploadHandler.php";
$type = Kit::GetParam('type', _REQUEST, _WORD);
Kit::ClassLoader('file');
$fileObject = new File($db);
$libraryFolder = Config::GetSetting('LIBRARY_LOCATION');
// Make sure the library exists
$fileObject->EnsureLibraryExists();
// Get Valid Extensions
Kit::ClassLoader('media');
$media = new Media($db);
$validExt = $media->ValidExtensions($type);
$options = array('db' => $this->db, 'user' => $this->user, 'upload_dir' => $libraryFolder . 'temp/', 'download_via_php' => true, 'script_url' => Kit::GetXiboRoot() . '?p=content&q=JqueryFileUpload', 'upload_url' => Kit::GetXiboRoot() . '?p=content&q=JqueryFileUpload', 'image_versions' => array(), 'accept_file_types' => '/\\.' . implode('|', $validExt) . '$/i');
// Hand off to the Upload Handler provided by jquery-file-upload
$handler = new XiboUploadHandler($options);
// Must commit if in a transaction
try {
$dbh = PDOConnect::init();
$dbh->commit();
} catch (Exception $e) {
Debug::LogEntry('audit', 'Unable to commit/rollBack');
}
// Must prevent from continuing (framework will try to issue a response)
exit;
}
public function LayoutStatus()
{
$db =& $this->db;
$response = new ResponseManager();
$layoutId = Kit::GetParam('layoutId', _GET, _INT);
Kit::ClassLoader('Layout');
$layout = new Layout($db);
$status = "";
switch ($layout->IsValid($layoutId)) {
case 1:
$status = '<span title="' . __('This Layout is ready to play') . '" class="icon-ok-circle"></span>';
break;
case 2:
$status = '<span title="' . __('There are items on this Layout that can only be assessed by the client') . '" class="icon-question-sign"></span>';
break;
case 3:
$status = '<span title="' . __('This Layout is invalid and should not be scheduled') . '" class="icon-remove-sign"></span>';
break;
default:
$status = '<span title="' . __('The Status of this Layout is not known') . '" class="icon-warning-sign"></span>';
}
$response->html = $status;
$response->success = true;
$response->Respond();
}
/**
* Set this templates permissions
*/
public function Permissions()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
$templateId = Kit::GetParam('templateid', _POST, _INT);
if ($templateId == 0) {
trigger_error(__('No template selected'), E_USER_ERROR);
}
// Is this user allowed to delete this template?
$auth = $this->user->TemplateAuth($templateId, true);
$groupIds = Kit::GetParam('groupids', _POST, _ARRAY);
// Unlink all
Kit::ClassLoader('templategroupsecurity');
$security = new TemplateGroupSecurity($db);
if (!$security->UnlinkAll($templateId)) {
trigger_error(__('Unable to set permissions'), E_USER_ERROR);
}
// Some assignments for the loop
$lastGroupId = 0;
$first = true;
$view = 0;
$edit = 0;
$del = 0;
// List of groupIds with view, edit and del assignments
foreach ($groupIds as $groupPermission) {
$groupPermission = explode('_', $groupPermission);
$groupId = $groupPermission[0];
if ($first) {
// First time through
$first = false;
$lastGroupId = $groupId;
}
if ($groupId != $lastGroupId) {
// The groupId has changed, so we need to write the current settings to the db.
// Link new permissions
if (!$security->Link($templateId, $lastGroupId, $view, $edit, $del)) {
trigger_error(__('Unable to set permissions'), E_USER_ERROR);
}
// Reset
$lastGroupId = $groupId;
$view = 0;
$edit = 0;
$del = 0;
}
switch ($groupPermission[1]) {
case 'view':
$view = 1;
break;
case 'edit':
$edit = 1;
break;
case 'del':
$del = 1;
break;
}
}
// Need to do the last one
if (!$first) {
if (!$security->Link($templateId, $lastGroupId, $view, $edit, $del)) {
trigger_error(__('Unable to set permissions'), E_USER_ERROR);
}
}
$response->SetFormSubmitResponse(__('Permissions Changed'));
$response->Respond();
}
/**
* Sets the Members of a group
* @return
*/
public function SetMembers()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$db =& $this->db;
$response = new ResponseManager();
Kit::ClassLoader('campaign');
$campaignObject = new Campaign($db);
$campaignId = Kit::GetParam('CampaignID', _REQUEST, _INT);
$layouts = Kit::GetParam('LayoutID', _POST, _ARRAY, array());
// Authenticate this user
$auth = $this->user->CampaignAuth($campaignId, true);
if (!$auth->edit) {
trigger_error(__('You do not have permission to edit this campaign'), E_USER_ERROR);
}
// Remove all current members
$campaignObject->UnlinkAll($campaignId);
// Add all new members
$displayOrder = 1;
foreach ($layouts as $layoutId) {
// Authenticate
$auth = $this->user->LayoutAuth($layoutId, true);
if (!$auth->view) {
trigger_error(__('Your permissions to view a layout you are adding have been revoked. Please reload the Layouts form.'), E_USER_ERROR);
}
$campaignObject->Link($campaignId, $layoutId, $displayOrder);
$displayOrder++;
}
$response->SetFormSubmitResponse(__('Layouts Added to Campaign'), false);
$response->Respond();
}
function getGroupFromID($id, $returnID = false)
{
$db =& $this->db;
$SQL = "";
$SQL .= "SELECT group.group, ";
$SQL .= " group.groupID ";
$SQL .= "FROM `user` ";
$SQL .= " INNER JOIN lkusergroup ";
$SQL .= " ON lkusergroup.UserID = user.UserID ";
$SQL .= " INNER JOIN `group` ";
$SQL .= " ON group.groupID = lkusergroup.GroupID ";
$SQL .= sprintf("WHERE `user`.userid = %d ", $id);
$SQL .= "AND `group`.IsUserSpecific = 1";
if (!($results = $db->query($SQL))) {
trigger_error($db->error());
trigger_error("Error looking up user information (group)", E_USER_ERROR);
}
if ($db->num_rows($results) == 0) {
// Every user should have a group?
// Add one in!
Kit::ClassLoader('usergroup');
$userGroupObject = new UserGroup($db);
if (!($groupID = $userGroupObject->Add($this->getNameFromID($id), 1))) {
// Error
trigger_error(__('User does not have a group and we are unable to add one.'), E_USER_ERROR);
}
// Link the two
$userGroupObject->Link($groupID, $id);
if ($returnID) {
return $groupID;
}
return 'Unknown';
}
$row = $db->get_row($results);
if ($returnID) {
return $row[1];
}
return $row[0];
}
/**
* Update the Water Mark to indicate the last data edit
* @param int $dataSetId The Data Set ID to Update
*/
private function UpdateWatermark($dataSetId)
{
if ($dataSetId == 0 || $dataSetId == '') {
return $this->SetError(25001, __('Missing dataSetId'));
}
if (!$this->updateWatermark) {
return;
}
Debug::LogEntry('audit', sprintf('Updating water mark on DataSetId: %d', $dataSetId), 'DataSetData', 'UpdateWatermark');
try {
$dbh = PDOConnect::init();
$sth = $dbh->prepare('UPDATE `dataset` SET LastDataEdit = :last_data_edit WHERE DataSetID = :dataset_id');
$sth->execute(array('last_data_edit' => time(), 'dataset_id' => $dataSetId));
// Get affected Campaigns
Kit::ClassLoader('dataset');
$dataSet = new DataSet($this->db);
$campaigns = $dataSet->GetCampaignsForDataSet($dataSetId);
Kit::ClassLoader('display');
$display = new Display($this->db);
foreach ($campaigns as $campaignId) {
// Assess all displays
$campaigns = $display->NotifyDisplays($campaignId);
}
} catch (Exception $e) {
Debug::LogEntry('error', $e->getMessage());
if (!$this->IsError()) {
$this->SetError(1, __('Unknown Error'));
}
return false;
}
}
public function DataSetColumnTypeList()
{
// Auth
if (!$this->user->PageAuth('dataset')) {
return $this->Error(1, 'Access Denied');
}
Kit::ClassLoader('dataset');
$dataSet = new DataSet();
return $this->Respond($this->NodeListFromArray($dataSet->GetDataSetColumnTypes(), 'datasetcolumntype'));
}
/**
* Flag this display group as incomplete. Also flags all child displays.
* @param int $displayGroupId The Display Group ID
*/
public function FlagIncomplete($displayGroupId)
{
Debug::LogEntry('audit', 'IN', get_class(), __FUNCTION__);
Kit::ClassLoader('display');
$display = new Display($this->db);
try {
$dbh = PDOConnect::init();
// Which displays does a change to this layout effect?
$sth = $dbh->prepare('
SELECT DISTINCT display.DisplayID
FROM lkdisplaydg
INNER JOIN display
ON lkdisplaydg.DisplayID = display.displayID
WHERE lkdisplaydg.displaygroupid = :displaygroupid
');
$sth->execute(array('displaygroupid' => $displayGroupId));
while ($id = $sth->fetchColumn()) {
$display->FlagIncomplete($id);
}
return true;
} catch (Exception $e) {
Debug::LogEntry('error', $e->getMessage());
if (!$this->IsError()) {
$this->SetError(1, __('Unknown Error'));
}
return false;
}
}
die('Database connection problem.');
}
// create a database class instance (legacy)
$db = new database();
if (!$db->connect_db($dbhost, $dbuser, $dbpass)) {
die('Database connection problem.');
}
if (!$db->select_db($dbname)) {
die('Database connection problem.');
}
date_default_timezone_set(Config::GetSetting("defaultTimezone"));
// Error Handling (our error handler requires a DB connection
set_error_handler(array(new Debug(), "ErrorHandler"));
// Define an auto-load function
spl_autoload_register(function ($class) {
Kit::ClassLoader($class);
});
// Define the VERSION
Config::Version();
// Deal with HTTPS/STS config
if (Kit::isSSL()) {
Kit::IssueStsHeaderIfNecessary();
} else {
if (Config::GetSetting('FORCE_HTTPS', 0) == 1) {
$redirect = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location: {$redirect}");
exit;
}
}
// What is the production mode of the server?
if (Config::GetSetting('SERVER_MODE') == 'Test') {
/**
* Gets the Xml for the specified layout
* @return
* @param $layoutid Object
*/
private function GetLayoutXmlNoMedia($layoutid)
{
// Get the Xml for this Layout from the DB
Kit::ClassLoader('layout');
$layout = new Layout($this->db);
$layoutXml = $layout->GetLayoutXml($layoutid);
$xml = new DOMDocument("1.0");
$xml->loadXML($layoutXml);
$xpath = new DOMXPath($xml);
//We want to get all the media nodes
$mediaNodes = $xpath->query('//media');
foreach ($mediaNodes as $node) {
$node->parentNode->removeChild($node);
}
return $xml->saveXML();
}
* Xibo is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* any later version.
*
* Xibo is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with Xibo. If not, see <http://www.gnu.org/licenses/>.
*/
defined('XIBO') or die("Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.");
// Companion classes
Kit::ClassLoader('displayprofile');
class displayprofileDAO extends baseDAO
{
/**
* Include display page template page based on sub page selected
* @return
*/
function displayPage()
{
// Configure the theme
$id = uniqid();
Theme::Set('id', $id);
Theme::Set('form_meta', '<input type="hidden" name="p" value="displayprofile"><input type="hidden" name="q" value="Grid">');
Theme::Set('filter_id', 'XiboFilterPinned' . uniqid('filter'));
Theme::Set('pager', ResponseManager::Pager($id));
// Call to render the template
public function Delete()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$db =& $this->db;
$response = new ResponseManager();
$helpId = Kit::GetParam('HelpID', _POST, _INT);
// Deal with the Edit
Kit::ClassLoader('help');
$helpObject = new Help($db);
if (!$helpObject->Delete($helpId)) {
trigger_error($helpObject->GetErrorMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse(__('Help Link Deleted'), false);
$response->Respond();
}
public function Permissions()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
}
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
$campaignId = Kit::GetParam('campaignId', _POST, _INT);
$groupIds = Kit::GetParam('groupids', _POST, _ARRAY);
$ownerId = Kit::GetParam('ownerId', _POST, _INT);
$auth = $this->user->CampaignAuth($campaignId, true);
if (!$auth->modifyPermissions) {
trigger_error(__('You do not have permissions to edit this campaign'), E_USER_ERROR);
}
// Change the owner?
if ($ownerId > 0) {
// Update this Campaign with a new owner
Campaign::setOwner($campaignId, $ownerId);
}
// Unlink all
Kit::ClassLoader('campaignsecurity');
$security = new CampaignSecurity($db);
if (!$security->UnlinkAll($campaignId)) {
trigger_error(__('Unable to set permissions'));
}
// Some assignments for the loop
$lastGroupId = 0;
$first = true;
$view = 0;
$edit = 0;
$del = 0;
$permissions = array();
// List of groupIds with view, edit and del assignments
foreach ($groupIds as $groupPermission) {
$groupPermission = explode('_', $groupPermission);
$groupId = $groupPermission[0];
if ($first) {
// First time through
$first = false;
$lastGroupId = $groupId;
}
if ($groupId != $lastGroupId) {
// The groupId has changed, so we need to write the current settings to the db.
// Link new permissions
if (!$security->Link($campaignId, $lastGroupId, $view, $edit, $del)) {
trigger_error(__('Unable to set permissions'));
}
// Store
$permissions[] = array('groupId' => $lastGroupId, 'view' => $view, 'edit' => $edit, 'del' => $del);
// Reset
$lastGroupId = $groupId;
$view = 0;
$edit = 0;
$del = 0;
}
switch ($groupPermission[1]) {
case 'view':
$view = 1;
break;
case 'edit':
$edit = 1;
break;
case 'del':
$del = 1;
break;
}
}
// Need to do the last one
if (!$first) {
if (!$security->Link($campaignId, $lastGroupId, $view, $edit, $del)) {
trigger_error(__('Unable to set permissions'));
}
$permissions[] = array('groupId' => $lastGroupId, 'view' => $view, 'edit' => $edit, 'del' => $del);
}
$replaceInLayouts = Kit::GetParam('replaceInLayouts', _POST, _CHECKBOX);
if ($replaceInLayouts) {
Debug::LogEntry('audit', 'Permissions to push down: ' . json_encode($permissions), get_class(), __FUNCTION__);
// Layout object to deal with layout information
Kit::ClassLoader('layout');
$layoutObject = new Layout($db);
// Get all layouts for this Campaign
foreach ($this->user->LayoutList(NULL, array('campaignId' => $campaignId)) as $layout) {
// Set for ease of use
$layoutId = $layout['layoutid'];
Debug::LogEntry('audit', 'Processing permissions for layout id' . $layoutId, get_class(), __FUNCTION__);
// Set the permissions on this layout (if its not the same one!)
if ($layout['campaignid'] != $campaignId) {
// Set permissions on this Layout
$auth = $this->user->CampaignAuth($layout['campaignid'], true);
if ($auth->modifyPermissions) {
if (!$security->UnlinkAll($layout['campaignid'])) {
continue;
}
foreach ($permissions as $permission) {
$security->Link($layout['campaignid'], $permission['groupId'], $permission['view'], $permission['edit'], $permission['del']);
}
}
}
// Get all regions and media and set permissions on those too
$layoutInformation = $layoutObject->LayoutInformation($layoutId);
// Region and Media Security Class
Kit::ClassLoader('layoutregiongroupsecurity');
Kit::ClassLoader('layoutmediagroupsecurity');
$layoutSecurity = new LayoutRegionGroupSecurity($this->db);
$layoutMediaSecurity = new LayoutMediaGroupSecurity($this->db);
foreach ($layoutInformation['regions'] as $region) {
// Make sure we have permission
$regionAuth = $this->user->RegionAssignmentAuth($region['ownerid'], $layoutId, $region['regionid'], true);
if (!$regionAuth->modifyPermissions) {
continue;
}
// Set the permissions on the region
// Unlink all
if (!$layoutSecurity->UnlinkAll($layoutId, $region['regionid'])) {
continue;
}
foreach ($permissions as $permission) {
if (!$layoutSecurity->Link($layoutId, $region['regionid'], $permission['groupId'], $permission['view'], $permission['edit'], $permission['del'])) {
trigger_error($layoutSecurity->GetErrorMessage(), E_USER_ERROR);
}
}
// Find all media nodes
foreach ($region['media'] as $media) {
$originalUserId = $media['userid'] == '' ? $layout['ownerid'] : $media['userid'];
// Make sure we have permission
$mediaAuth = $this->user->MediaAssignmentAuth($originalUserId, $layoutId, $region['regionid'], $media['mediaid'], true);
if (!$mediaAuth->modifyPermissions) {
continue;
}
// Set the permissions on the media node
if (!$layoutMediaSecurity->UnlinkAll($layoutId, $region['regionid'], $media['mediaid'])) {
continue;
}
foreach ($permissions as $permission) {
if (!$layoutMediaSecurity->Link($layoutId, $region['regionid'], $media['mediaid'], $permission['groupId'], $permission['view'], $permission['edit'], $permission['del'])) {
trigger_error($layoutMediaSecurity->GetErrorMessage(), E_USER_ERROR);
}
}
}
}
}
}
$response->SetFormSubmitResponse(__('Permissions Changed'));
$response->Respond();
}
/**
* Lists enabled modules
* @return <XiboAPIResponse>
*/
public function ModuleList()
{
// Does this user have permission to call this webservice method?
if (!$this->user->PageAuth('media')) {
return $this->Error(1, 'Access Denied');
}
Kit::ClassLoader('Media');
// Create a media object and gather the required parameters.
$media = new Media($this->db);
if (!($modules = $media->ModuleList())) {
return $this->Error($media->GetErrorNumber(), $media->GetErrorMessage());
}
return $this->Respond($this->NodeListFromArray($modules, 'module'));
}
