Beispiel #1
0
 /**
  * @param array(CMS_users) $users users to send message to
  * @param array(CMS_profile_user) $users
  * @param array($language=>$subject) $messages indexed by languages code
  * @param array($language=>$subject) $subjects indexed by languages code
  * @param integer $alertLevel
  * @return void
  * @access public
  */
 function setUserMessages($users, $messages, $subjects, $alertLevel = ALERT_LEVEL_VALIDATION, $module = MOD_STANDARD_CODENAME)
 {
     $mainURL = CMS_websitesCatalog::getMainURL();
     $template = is_file(PATH_MAIL_TEMPLATES_FS) ? PATH_MAIL_TEMPLATES_FS : '';
     foreach ($users as $user) {
         //if is integer create user object
         if (!is_a($user, "CMS_user_profile") && SensitiveIO::isPositiveInteger($user)) {
             $user = CMS_profile_usersCatalog::getByID($user);
         }
         //if user hasn't alert level for this module or user is not active anymore, skip it
         if (!$user->hasAlertLevel($alertLevel, $module) || $user->isDeleted() || !$user->isActive()) {
             //CMS_grandFather::raiseError('user '.$user->getFullName().' has no alerts for level '.$alertLevel.' for module '.$module);
             continue;
         }
         $userLang = $user->getLanguage();
         $email = new CMS_email();
         if ($user->getEmail()) {
             if ($email->setEmailTo($user->getEmail())) {
                 $email->setSubject($subjects[$userLang->getCode()], true);
                 $email->setBody($messages[$userLang->getCode()]);
                 $email->setFooter($userLang->getMessage(self::MESSAGE_EMAIL_BODY_URLS, array(APPLICATION_LABEL, $mainURL . "/", $mainURL . PATH_ADMIN_WR . "/")));
                 $email->setTemplate($template);
                 $this->_messages[] = $email;
             } else {
                 $this->raiseError("Email Catalog: email invalid (" . $user->getEmail() . ") for user : " . $user->getFullName());
             }
         }
     }
 }
Beispiel #2
0
 /**
  * Constructor.
  * initializes the linxCondition.
  *
  * @param string $property The page property we're gonna test. Only a set of these are available here.
  * @param string $operator The comparison operator serving to test the condition.
  * @param string $tagContent The tag content.
  * @return void
  * @access public
  */
 function __construct($tag)
 {
     $authorized_properties = array("rank", "title", "id", "lvl", "father", "website", "codename");
     $property = $tag->getAttribute('property');
     $operator = $tag->getAttribute('operator');
     if (SensitiveIO::isInSet($property, $authorized_properties)) {
         $this->_pageProperty = $property;
         $this->_operator = io::decodeEntities(io::decodeEntities(io::decodeEntities($operator)));
         $values = $tag->getElementsByTagName('value');
         if ($values->length > 0) {
             $value = $values->item(0);
             //if value type is "nodeproperty", we must parse the inner content to find a nodespec tag
             if ($value->hasAttribute("type") && $value->getAttribute("type") == "nodeproperty") {
                 $this->_valueIsScalar = false;
                 $this->_valueNodespecProperty = $value->getAttribute("property");
                 $nodespecs = $value->getElementsByTagName('nodespec');
                 if ($nodespecs->length > 0) {
                     $nodespec = $nodespecs->item(0);
                     $this->_valueNodespec = CMS_linxNodespec::createNodespec($nodespec);
                 }
             } else {
                 $this->_valueScalar = $value->nodeValue;
             }
         } else {
             $this->raiseError("Malformed innerContent");
             return;
         }
     } else {
         $this->raiseError("Unknown property : " . $property);
     }
 }
    /**
     * Get array of contacts data by Email
     *
     * @param string $data
     * @return array of CMS_profile_user
     * @access public
     */
    static function getByEmail($data)
    {
        if (!SensitiveIO::isValidEmail($data)) {
            CMS_grandFather::raiseError('$data must be a valid email : ' . $data);
            return array();
        }
        $aUsers = array();
        //create the request to look for the data
        $sql = 'select `id_cd` 
			from `contactDatas`
			where `email_cd` = "' . sensitiveIO::sanitizeSQLString($data) . '"';
        //launching the request
        $q = new CMS_query($sql);
        //checking if ok and looping on results
        if (!$q->hasError()) {
            while (($oTmpUserId = $q->getValue("id_cd")) !== false) {
                //creating the user and filling the data
                $oTmpUser = CMS_profile_usersCatalog::getByID($oTmpUserId);
                if (!$oTmpUser->hasError()) {
                    $oTmpUser->getContactData();
                    if (!$oTmpUser->hasError()) {
                        $aUsers[] = $oTmpUser;
                    }
                }
            }
            unset($oTmpUser, $oTmpUserId);
        }
        return $aUsers;
    }
Beispiel #4
0
 /**
  * Constructor.
  * initializes the linxDisplay.
  *
  * @param string $innerContent The tag content.
  * @return void
  * @access public
  */
 function __construct($type, $value, $relativeOffset, $crosswebsite = false, $website = '')
 {
     $authorized_types = array("node", "relative", "codename");
     $authorized_string_values = array("self", "brother", "father", "root");
     $this->_crosswebsite = $crosswebsite;
     if (!SensitiveIO::isInSet($type, $authorized_types)) {
         $this->raiseError("Type unknown : " . $type);
         return;
     }
     if ($type == 'node' && !SensitiveIO::isPositiveInteger($value)) {
         $this->raiseError("Bad value for 'node' type : " . $value);
         return;
     }
     if ($type == 'relative' && !SensitiveIO::isInSet($value, $authorized_string_values)) {
         $this->raiseError("Bad value for 'relative' type : " . $value);
         return;
     }
     if ($type == 'codename' && strtolower(io::sanitizeAsciiString($value)) != $value) {
         $this->raiseError("Bad value for 'codename' type : " . $value);
         return;
     }
     if ($type == 'codename' && strtolower(io::sanitizeAsciiString($website)) != $website) {
         $this->raiseError("Bad value for 'website' : " . $website);
         return;
     }
     $this->_type = $type;
     $this->_value = $value;
     $this->_website = $website;
     if ($this->_type == 'relative') {
         $this->_relativeOffset = $relativeOffset;
     }
 }
Beispiel #5
0
 /**
  * Compute the tag
  *
  * @return string the PHP / HTML content computed
  * @access private
  */
 protected function _compute()
 {
     if ($this->_parameters['context'] == CMS_XMLTag::HTML_CONTEXT) {
         if (!isset($this->_computeParams['visualization']) || !isset($this->_computeParams['object']) || !$this->_computeParams['object'] instanceof CMS_page) {
             return '';
         }
         return SensitiveIO::sanitizeHTMLString($this->_computeParams['object']->getTitle($this->_computeParams['visualization'] == PAGE_VISUALMODE_HTML_PUBLIC));
     } else {
         return '$content .= CMS_tree::getPageValue($parameters[\'pageID\'], \'title\', (isset($public_search) ? $public_search : false));';
     }
 }
 /**
  * Returns a queried CMS_website value
  * Static function.
  *
  * @param integer $id The DB ID of the wanted CMS_website
  * @param string $type The value type to get
  * @return CMS_website value or false on failure to find it
  * @access public
  */
 static function getWebsiteValue($id, $type)
 {
     static $websitesInfos;
     if (!SensitiveIO::isPositiveInteger($id)) {
         CMS_grandFather::raiseError("Website id must be positive integer : " . $id);
         return false;
     }
     if (!isset($websitesInfos[$id][$type])) {
         $website = CMS_websitesCatalog::getByID($id);
         if (!$website) {
             $return = false;
         } else {
             switch ($type) {
                 case 'codename':
                     $return = $website->getCodename();
                     break;
                 case 'root':
                     $return = $website->getRoot()->getID();
                     break;
                 case 'domain':
                     $return = $website->getURL();
                     break;
                 case 'keywords':
                 case 'description':
                 case 'category':
                 case 'author':
                 case 'replyto':
                 case 'copyright':
                 case 'language':
                 case 'robots':
                 case 'favicon':
                 case 'metas':
                     $return = $website->getMeta($type);
                     break;
                 case 'title':
                     $return = $website->getLabel();
                     break;
                 default:
                     CMS_grandFather::raiseError("Unknown type value to get : " . $type);
                     $return = false;
                     break;
             }
             $websitesInfos[$id][$type] = $return;
         }
     }
     return $websitesInfos[$id][$type];
 }
 /**
  * Returns a resourceValidation object instance from a DB id or from GetValidationByID function if exists.
  * Static function.
  *
  * @param integer $id the id of the saved object
  * @return resourceValidation the instance unserialized, false if not found.
  * @access public
  */
 static function getValidationInstance($id, $user = false)
 {
     if (!SensitiveIO::isPositiveInteger($id) && base64_decode($id) && $user) {
         //load validation form encoded ID (new validations system)
         $decodedID = explode('||', base64_decode($id));
         $module = CMS_modulesCatalog::getByCodename($decodedID[0]);
         $editions = $decodedID[1];
         $resourceID = $decodedID[2];
         if (isset($module) && isset($editions) && isset($resourceID)) {
             return $module->getValidationByID($resourceID, $user, $editions);
         }
     }
     $sql = "\n\t\t\tselect\n\t\t\t\tserializedObject_rv as data\n\t\t\tfrom\n\t\t\t\tresourceValidations\n\t\t\twhere\n\t\t\t\tid_rv='" . $id . "'\n\t\t";
     $q = new CMS_query($sql);
     if ($q->getNumRows()) {
         $instance = unserialize(stripslashes($q->getValue("data")));
         $instance->setID($id);
         return $instance;
     } else {
         parent::raiseError("Unknown id : " . $id);
         return false;
     }
 }
Beispiel #8
0
 function getContent($type = 'menu')
 {
     //create a random name (useful for onSubmit purposes among other)
     $form_name = md5(mt_rand());
     $onSubmit = '0';
     $method = isset($this->_formAttributes["method"]) ? $this->_formAttributes["method"] : "post";
     if ($method != 'post') {
         $onSubmit = '1';
     }
     if ($type == 'DHTML' || $type == 'popup') {
         $content = '<tr><td width="100%" height="34" valign="top" nowrap="nowrap">';
     } else {
         $content = '<td width="34" height="35" onMouseOver="changeColor(this,\'A69C9A\');" onMouseOut="changeColor(this,\'\');" valign="center" align="center">';
     }
     $content .= '<form name="' . $form_name . '" method="' . $method . '" action="' . $this->_formAction . '" ';
     foreach ($this->_formAttributes as $name => $value) {
         if ($name != "method" && $name != "onSubmit" && $name != "onsubmit" && $name != "target") {
             $content .= $name . '="' . io::htmlspecialchars($value) . '" ';
         }
         if ($name == "onSubmit" || $name == "onsubmit") {
             $content .= $name . '="' . io::htmlspecialchars($value) . '" ';
             $onSubmit = '1';
         }
         if ($name == "target") {
             if ($value == "_blank") {
                 $onSubmit = '1';
             }
             $content .= $name . '="' . io::htmlspecialchars($value) . '" ';
         }
     }
     if (!$onSubmit && $type != 'popup') {
         $content .= ' onSubmit="check();" ';
     }
     $content .= '>';
     foreach ($this->_formHiddens as $name => $value) {
         $value = str_replace("\n", "", $value);
         $value = str_replace("\r", "", $value);
         $value = io::htmlspecialchars($value);
         $content .= '<input type="hidden" name="' . $name . '" value="' . $value . '" />';
     }
     foreach ($this->_formTexts as $name => $textArray) {
         $value = $textArray["value"];
         $size = $textArray["size"];
         $code = $textArray["code"];
         $replace = array("\n" => '', "\r" => '');
         $value = str_replace(array_keys($replace), $replace, $value);
         $value = htmlspecialchars($value);
         $content .= SensitiveIO::arraySprintf($code, array('<input type="text" class="admin_input_text" name="' . $name . '" value="' . $value . '" size="' . $size . '" />'));
     }
     if ($type == 'DHTML' || $type == 'popup') {
         if ($this->_picto) {
             $content .= '<input align="absmiddle" type="image" src="' . PATH_ADMIN_IMAGES_WR . '/../v3/img/' . $this->_picto . '" alt="' . $this->_label . '" title="' . $this->_label . '" value="' . $this->_label . '" /><input type="submit" onMouseOver="this.style.backgroundColor=\'#D0CBCA\';" onMouseOut="this.style.backgroundColor=\'#FFFFFF\';" class="CMS_dhtml_input_submit" value="' . $this->_label . '" />';
         } else {
             $content .= '<input type="submit" class="admin_input_submit" value="' . $this->_label . '" style="width:130px" />';
         }
     } else {
         if ($this->_picto) {
             $content .= '<input type="image" src="' . PATH_ADMIN_IMAGES_WR . '/../v3/img/' . $this->_picto . '" alt="' . $this->_label . '" title="' . $this->_label . '" value="' . $this->_label . '" />';
         } else {
             $content .= '<input type="submit" class="admin_input_submit" value="' . $this->_label . '" style="width:130px" />';
         }
     }
     if ($type == 'DHTML' || $type == 'popup') {
         $content .= '</form></td></tr>';
     } else {
         $content .= '</form></td>';
     }
     return $content;
 }
Beispiel #9
0
 /**
  * Write to persistence
  *
  * @return boolean true on success, false on failure
  * @access public
  */
 function writeToPersistence()
 {
     $sql_fields = "\n\t\t\t\tuser_log='" . SensitiveIO::sanitizeSQLString($this->_user->getUserId()) . "',\n\t\t\t\taction_log='" . SensitiveIO::sanitizeSQLString($this->_action) . "',\n\t\t\t\tdatetime_log='" . SensitiveIO::sanitizeSQLString($this->_datetime->getDBValue()) . "',\n\t\t\t\ttextData_log='" . SensitiveIO::sanitizeSQLString($this->_textData) . "',\n\t\t\t\tlabel_log='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\t\tmodule_log='" . SensitiveIO::sanitizeSQLString($this->_module) . "',\n\t\t\t\tresource_log='" . SensitiveIO::sanitizeSQLString($this->_resource) . "',\n\t\t\t\trsAfterLocation_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getLocation()) . "',\n\t\t\t\trsAfterProposedFor_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getProposedFor()) . "',\n\t\t\t\trsAfterEditions_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getEditions()) . "',\n\t\t\t\trsAfterValidationsRefused_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getValidationRefused()) . "',\n\t\t\t\trsAfterPublication_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getPublication()) . "'\t\n\t\t\t";
     if ($this->_id) {
         $sql = "\n\t\t\t\t\tupdate\n\t\t\t\t\t\tlog\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $sql_fields . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tid_log='" . $this->_id . "'\n\t\t\t\t";
     } else {
         $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\tlog\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $sql_fields;
     }
     $q = new CMS_query($sql);
     if ($q->hasError()) {
         return false;
     } else {
         $this->_id = $q->getLastInsertedID();
     }
     return true;
 }
Beispiel #10
0
 /**
  * Writes the resource into persistence (MySQL for now).
  *
  * @return boolean true on success, false on failure
  * @access public
  */
 function writeToPersistence()
 {
     $this->_status->writeToPersistence();
     $sql_fields = "\n\t\t\tstatus_res='" . $this->_status->getID() . "',\n\t\t\teditorsStack_res='" . SensitiveIO::sanitizeSQLString($this->_editors->getTextDefinition()) . "'\n\t\t";
     if ($this->_id) {
         $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tresources\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_res='" . $this->_id . "'\n\t\t\t";
     } else {
         $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tresources\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields;
     }
     $q = new CMS_query($sql);
     if ($q->hasError()) {
         return false;
     } elseif (!$this->_id) {
         $this->_id = $q->getLastInsertedID();
     }
     return true;
 }
Beispiel #11
0
 /**
  * Duplicate current page into another one
  * All contents and external datas are duplicated too
  *
  * @param CMS_user user, the user processing to creation
  * @param integer templateID, a new template to duplicate the page with
  * @param boolean $dontDuplicateContent If true, the content of the page is not duplicated
  * @return CMS_page newly created, or null on error
  */
 function duplicate(&$user, $templateID = 0, $dontDuplicateContent = false)
 {
     $pg = null;
     if ($user->hasPageClearance($this->getID(), CLEARANCE_PAGE_VIEW) && $user->hasModuleClearance(MOD_STANDARD_CODENAME, CLEARANCE_MODULE_EDIT)) {
         $pg = new CMS_page();
         $pg->lock($user);
         $pg->addEdition(RESOURCE_EDITION_CONTENT, $user);
         //Which template to use?
         if (!$templateID) {
             $newTpl = CMS_pageTemplatesCatalog::getCloneFromID($this->_templateID, false, true, false, $this->_templateID);
         } else {
             $newTpl = CMS_pageTemplatesCatalog::getCloneFromID($templateID, false, true, false, $this->_templateID);
         }
         if (!is_a($newTpl, 'CMS_pageTemplate') || $newTpl->hasError()) {
             $this->raiseError("Error during template clone creation.");
         } else {
             $pg->setTemplate($newTpl->getID());
         }
         //Duplicate page base datas
         $pg->setTitle($this->getTitle(), $user);
         $pg->setLinkTitle($this->getLinkTitle(), $user);
         $pg->setDescription($this->getDescription(false, false), $user);
         $pg->setKeywords($this->getKeywords(false, false), $user);
         $pg->setPublicationDates($this->getPublicationDateStart(false), $this->getPublicationDateEnd(false));
         $pg->setReminderOn($this->getReminderOn(false, false), $user);
         $pg->setReminderOnMessage($this->getReminderOnMessage(false, false), $user);
         $pg->setCategory($this->getCategory(false, false), $user);
         $pg->setAuthor($this->getAuthor(false, false), $user);
         $pg->setReplyto($this->getReplyto(false, false), $user);
         $pg->setCopyright($this->getCopyright(false, false), $user);
         $pg->setLanguage($this->getLanguage(false, false), $user);
         $pg->setRobots($this->getRobots(false, false), $user);
         $pg->setPragma($this->getPragma(false, false), $user);
         $pg->setRefresh($this->getRefresh(false, false), $user);
         $pg->setRedirectLink($this->getRedirectLink(), $user);
         $pg->setMetas($this->getMetas(false, false), $user);
         $pg->setCodename($this->getCodename(), $user, false);
         if (SensitiveIO::isPositiveInteger($this->getReminderPeriodicity())) {
             $pg->setReminderPeriodicity($this->getReminderPeriodicity(), $user);
         }
         $pg->writeToPersistence();
         $pg->unlock();
         //Duplicate contents, get all blocks and duplicate them
         if (!$dontDuplicateContent) {
             $this->duplicateContent($user, $pg);
         }
     } else {
         $this->raiseError("User doesn't have rights to do this creation");
     }
     return $pg;
 }
Beispiel #12
0
 /**
  * activates the script function.
  *
  * @return void
  * @access public
  */
 function activate()
 {
     parent::activate();
     if ($_SERVER['argv']['1'] == '-s' && SensitiveIO::isPositiveInteger($_SERVER['argv']['2'])) {
         // SUB-SCRIPT : Processes one script task
         @ini_set('max_execution_time', SUB_SCRIPT_TIME_OUT);
         //set max execution time for sub script
         @set_time_limit(SUB_SCRIPT_TIME_OUT);
         //set the PHP timeout for sub script
         $sql = "\n\t\t\t\tselect\n\t\t\t\t\t*\n\t\t\t\tfrom\n\t\t\t\t\tregenerator\n\t\t\t\twhere\n\t\t\t\t\tid_reg = '" . $_SERVER['argv']['2'] . "'\n\t\t\t";
         $q = new CMS_query($sql);
         if ($q->getNumRows()) {
             $data = $q->getArray();
             //send script informations to process manager
             $this->_processManager->setParameters($data['module_reg'], $data['parameters_reg']);
             //instanciate script module
             $module = CMS_modulesCatalog::getByCodename($data['module_reg']);
             //then send script task to module (return task title by reference)
             $task = $module->scriptTask(unserialize($data['parameters_reg']));
             //delete the current script task
             $sql_delete = "\n\t\t\t\t\tdelete\n\t\t\t\t\tfrom\n\t\t\t\t\t\tregenerator\n\t\t\t\t\twhere\n\t\t\t\t\t\tid_reg='" . $data['id_reg'] . "'";
             $q = new CMS_query($sql_delete);
             if ($this->_debug) {
                 $this->raiseError($this->_processManager->getPIDFilePath() . " : task " . $_SERVER['argv']['2'] . " seems " . (!$task ? 'NOT ' : '') . "done !");
                 $this->raiseError($this->_processManager->getPIDFilePath() . " : PID file exists ? " . @file_exists($this->_processManager->getPIDFilePath()));
             }
             $fpath = $this->_processManager->getPIDFilePath() . '.ok';
             if (@touch($fpath) && @chmod($fpath, octdec(FILES_CHMOD))) {
                 $f = @fopen($fpath, 'a');
                 if (!@fwrite($f, 'Script OK')) {
                     $this->raiseError($this->_processManager->getPIDFilePath() . " : Can't write into file: " . $fpath);
                 }
                 @fclose($f);
             } else {
                 $this->raiseError($this->_processManager->getPIDFilePath() . " : Can't create file: " . $fpath);
             }
         }
     } else {
         // MASTER SCRIPT : Processes all sub-scripts
         @ini_set('max_execution_time', MASTER_SCRIPT_TIME_OUT);
         //set max execution time for master script
         @set_time_limit(MASTER_SCRIPT_TIME_OUT);
         //set the PHP timeout  for master script
         //max simultaneous scripts
         $maxScripts = $_SERVER['argv']['2'];
         $scriptsArray = array();
         //send script informations to process manager
         $this->_processManager->setParameters(processManager::MASTER_SCRIPT_NAME, '');
         //the sql script which selects one script task at a time
         $sql_select = "\n\t\t\t\tselect\n\t\t\t\t\t*\n\t\t\t\tfrom\n\t\t\t\t\tregenerator\n\t\t\t\tlimit\n\t\t\t\t\t" . $maxScripts . "\n\t\t\t";
         //and now, launch all sub-scripts until table is empty.
         while (true) {
             //get scripts
             $q = new CMS_query($sql_select);
             if ($q->getNumRows()) {
                 while (count($scriptsArray) < $maxScripts && ($data = $q->getArray())) {
                     // Launch sub-process
                     if (!APPLICATION_IS_WINDOWS) {
                         // On unix system
                         $sub_system = PATH_PACKAGES_FS . "/scripts/script.php -s " . $data["id_reg"] . " > /dev/null 2>&1 &";
                         if (!defined('PATH_PHP_CLI_UNIX') || !PATH_PHP_CLI_UNIX) {
                             CMS_patch::executeCommand("cd " . PATH_REALROOT_FS . "; php " . $sub_system, $error);
                             if ($error) {
                                 CMS_grandFather::raiseError('Error during execution of sub script command (cd ' . PATH_REALROOT_FS . '; php ' . $sub_system . '), please check your configuration : ' . $error);
                                 return false;
                             }
                         } else {
                             CMS_patch::executeCommand("cd " . PATH_REALROOT_FS . "; " . PATH_PHP_CLI_UNIX . " " . $sub_system, $error);
                             if ($error) {
                                 CMS_grandFather::raiseError('Error during execution of sub script command (cd ' . PATH_REALROOT_FS . '; ' . PATH_PHP_CLI_UNIX . ' ' . $sub_system . '), please check your configuration : ' . $error);
                                 return false;
                             }
                         }
                         $PIDfile = $this->_processManager->getTempPath() . "/" . SCRIPT_CODENAME . "_" . $data["id_reg"];
                         if ($this->_debug) {
                             $this->raiseError(processManager::MASTER_SCRIPT_NAME . " : Executes system(" . $sub_system . ")");
                         }
                         //sleep a little
                         @sleep(SLEEP_TIME);
                     } else {
                         // On windows system
                         //Create the BAT file
                         $command = '@echo off' . "\r\n" . '@start /B /BELOWNORMAL ' . realpath(PATH_PHP_CLI_WINDOWS) . ' ' . realpath(PATH_PACKAGES_FS . '\\scripts\\script.php') . ' -s ' . $data["id_reg"];
                         if (!@touch(realpath(PATH_WINDOWS_BIN_FS) . DIRECTORY_SEPARATOR . "sub_script.bat")) {
                             $this->raiseError(processManager::MASTER_SCRIPT_NAME . " : Create file error : sub_script.bat");
                         }
                         $replace = array('program files (x86)' => 'progra~2', 'program files' => 'progra~1', 'documents and settings' => 'docume~1');
                         $command = str_ireplace(array_keys($replace), $replace, $command);
                         $fh = fopen(realpath(PATH_WINDOWS_BIN_FS . DIRECTORY_SEPARATOR . "sub_script.bat"), "wb");
                         if (is_resource($fh)) {
                             if (!fwrite($fh, $command, io::strlen($command))) {
                                 CMS_grandFather::raiseError(processManager::MASTER_SCRIPT_NAME . " : Save file error : sub_script.bat");
                             }
                             fclose($fh);
                         }
                         $WshShell = new COM("WScript.Shell");
                         $oExec = $WshShell->Run(str_ireplace(array_keys($replace), $replace, realpath(PATH_WINDOWS_BIN_FS . '\\sub_script.bat')), 0, false);
                         $PIDfile = $this->_processManager->getTempPath() . DIRECTORY_SEPARATOR . SCRIPT_CODENAME . "_" . $data["id_reg"];
                         //sleep a little
                         @sleep(SLEEP_TIME);
                     }
                     if ($this->_debug) {
                         $this->raiseError(processManager::MASTER_SCRIPT_NAME . " : script : " . $data["id_reg"] . " - sub_system : " . $sub_system);
                     }
                     $scriptsArray[] = array("PID" => $PIDfile, "startTime" => CMS_stats::getmicrotime(), "scriptID" => $data["id_reg"], "scriptDatas" => $data);
                 }
             } else {
                 // no more scripts to process
                 // > delete all temporary files
                 // > end script
                 if (APPLICATION_IS_WINDOWS) {
                     $files = glob(realpath($this->_processManager->getTempPath()) . DIRECTORY_SEPARATOR . SCRIPT_CODENAME . '*.ok', GLOB_NOSORT);
                     if (is_array($files)) {
                         foreach ($files as $file) {
                             if (!CMS_file::deleteFile($file)) {
                                 $this->raiseError("Can't delete file " . $file);
                                 return false;
                             }
                         }
                     }
                 } else {
                     $tmpDir = dir($this->_processManager->getTempPath());
                     while (false !== ($file = $tmpDir->read())) {
                         if (io::strpos($file, SCRIPT_CODENAME) !== false) {
                             @unlink($this->_processManager->getTempPath() . '/' . $file);
                         }
                     }
                 }
                 break;
             }
             while (true) {
                 @sleep(SLEEP_TIME);
                 //wait a little to check sub_scripts
                 $break = false;
                 $timeStop = CMS_stats::getmicrotime();
                 if ($this->_debug) {
                     $this->raiseError(processManager::MASTER_SCRIPT_NAME . " Scripts in progress : " . sizeof($scriptsArray));
                 }
                 foreach ($scriptsArray as $nb => $aScript) {
                     if ($this->_debug) {
                         $this->raiseError(processManager::MASTER_SCRIPT_NAME . " PID : " . $aScript["PID"] . " - time : " . ($timeStop - $aScript["startTime"]));
                     }
                     $ok = '';
                     $ok = is_file($aScript["PID"] . '.ok');
                     if ($ok) {
                         //$break = true;
                         if ($this->_debug) {
                             $this->raiseError(processManager::MASTER_SCRIPT_NAME . " Script : " . $aScript["PID"] . " OK !");
                         }
                         unset($scriptsArray[$nb]);
                     } elseif ($timeStop - $aScript["startTime"] >= SUB_SCRIPT_TIME_OUT) {
                         if ($this->_debug) {
                             $this->raiseError(processManager::MASTER_SCRIPT_NAME . " : Script : " . $aScript["PID"] . " NOT OK !");
                         }
                         $this->raiseError(processManager::MASTER_SCRIPT_NAME . ' : Error on task : ' . $aScript["scriptID"] . ' ... skip it. Task parameters : ' . print_r($aScript['scriptDatas'], true));
                         //$break = true;
                         unset($scriptsArray[$nb]);
                         //delete the script in error from task list
                         $q_del = "\n\t\t\t\t\t\t\t\tdelete\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tregenerator\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tid_reg='" . $aScript["scriptID"] . "'";
                         $q_del = new CMS_query($q_del);
                     }
                 }
                 if (!$scriptsArray) {
                     break;
                 }
             }
         }
     }
 }
Beispiel #13
0
 /**
  * Get field search SQL request (used by class CMS_object_search)
  *
  * @param integer $fieldID : this field id in object (aka $this->_field->getID())
  * @param mixed $value : the value to search
  * @param string $operator : additionnal search operator
  * @param string $where : where clauses to add to SQL
  * @param boolean $public : values are public or edited ? (default is edited)
  * @return string : the SQL request
  * @access public
  */
 function getFieldSearchSQL($fieldID, $value, $operator, $where, $public = false)
 {
     $supportedOperator = array();
     if ($operator && !in_array($operator, $supportedOperator)) {
         $this->raiseError("Unknown search operator : " . $operator . ", use default search instead");
         $operator = false;
     }
     $statusSuffix = $public ? "_public" : "_edited";
     $value = $value == '-' ? '0' : $value;
     $sql = "\n\t\t\tselect\n\t\t\t\tdistinct objectID\n\t\t\tfrom\n\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\twhere\n\t\t\t\tobjectFieldID = '" . SensitiveIO::sanitizeSQLString($fieldID) . "'\n\t\t\t\tand value = '" . $value . "'\n\t\t\t\t{$where}";
     return $sql;
 }
 /**
  * Writes object into persistence (MySQL for now), along with base data.
  *
  * @return boolean true on success, false on failure
  * @access public
  */
 function writeToPersistence()
 {
     //get Order if needed
     if (!$this->_objectFieldValues["order"] && sensitiveIO::isPositiveInteger($this->_objectFieldValues["objectID"])) {
         $this->_objectFieldValues["order"] = $this->getFieldsNextOrder();
     }
     if (!$this->_objectFieldValues["uuid"]) {
         $this->_objectFieldValues["uuid"] = io::uuid();
     }
     $sql_fields = "\n\t\t\tobject_id_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["objectID"]) . "',\n\t\t\tlabel_id_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["labelID"]) . "',\n\t\t\tdesc_id_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["descriptionID"]) . "',\n\t\t\ttype_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["type"]) . "',\n\t\t\torder_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["order"]) . "',\n\t\t\tsystem_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["system"]) . "',\n\t\t\trequired_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["required"]) . "',\n\t\t\tindexable_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["indexable"]) . "',\n\t\t\tsearchlist_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["searchlist"]) . "',\n\t\t\tsearchable_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["searchable"]) . "',\n\t\t\tparams_mof='" . SensitiveIO::sanitizeSQLString(serialize($this->_objectFieldValues["params"])) . "',\n\t\t\tuuid_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["uuid"]) . "'\n\t\t";
     //save data
     if ($this->_fieldID) {
         $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_object_field\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_mof='" . $this->_fieldID . "'\n\t\t\t";
     } else {
         $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_object_field\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields;
     }
     $q = new CMS_query($sql);
     if ($q->hasError()) {
         $this->raiseError("Can't save object");
         return false;
     } elseif (!$this->_fieldID) {
         $this->_fieldID = $q->getLastInsertedID();
     }
     //unset fields catalog in cache
     CMS_cache::clearTypeCache('atm-polymod-structure');
     //Clear polymod cache
     //CMS_cache::clearTypeCacheByMetas('polymod', array('module' => CMS_poly_object_catalog::getModuleCodenameForField($this->_fieldID)));
     CMS_cache::clearTypeCache('polymod');
     return true;
 }
Beispiel #15
0
 /**
  * Writes the row into persistence (MySQL for now).
  *
  * @return boolean true on success, false on failure
  * @access public
  */
 function writeToPersistence()
 {
     if (!$this->_uuid) {
         $this->_uuid = io::uuid();
     }
     $sql_fields = "\n\t\t\tlabel_row='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\tdefinitionFile_row='" . SensitiveIO::sanitizeSQLString($this->_definitionFile) . "',\n\t\t\tmodulesStack_row='" . $this->_modules->getTextDefinition() . "',\n\t\t\tgroupsStack_row='" . SensitiveIO::sanitizeSQLString($this->_groups->getTextDefinition()) . "',\n\t\t\tuseable_row='" . SensitiveIO::sanitizeSQLString($this->_useable) . "',\n\t\t\tdescription_row='" . SensitiveIO::sanitizeSQLString($this->_description) . "',\n\t\t\ttplfilter_row='" . SensitiveIO::sanitizeSQLString(implode(';', $this->_tplfilter)) . "',\n\t\t\timage_row='" . SensitiveIO::sanitizeSQLString($this->_image) . "',\n\t\t\tuuid_row='" . SensitiveIO::sanitizeSQLString($this->_uuid) . "'\n\t\t";
     if ($this->_id) {
         $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_standard_rows\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_row='" . $this->_id . "'\n\t\t\t";
     } else {
         $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_standard_rows\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t";
     }
     //pr($sql);
     $q = new CMS_query($sql);
     if ($q->hasError()) {
         return false;
     } elseif (!$this->_id) {
         $this->_id = $q->getLastInsertedID();
     }
     return true;
 }
Beispiel #16
0
 /**
  * Gets alias by its internal ID
  *
  * @param integer $id The DB ID of the alias to get
  * @return CMS_resource_cms_aliases or false if not found
  * @access public
  * @static
  */
 static function getByID($id, $reset = false)
 {
     if (!SensitiveIO::isPositiveInteger($id)) {
         CMS_grandFather::raiseError("Id must be positive integer : " . $id . ' - ' . io::getCallInfos());
         return false;
     }
     static $aliases;
     if (isset($aliases[$id]) && !$reset) {
         return $aliases[$id];
     }
     $aliases[$id] = new CMS_resource_cms_aliases($id);
     /*if ($aliases[$id]->hasError()) {
     			$aliases[$id] = false;
     		}*/
     return $aliases[$id];
 }
 /**
  * Get field search SQL request (used by class CMS_object_search)
  *
  * @param integer $fieldID : this field id in object
  * @param mixed $value : the value to search
  * @param string $operator : additionnal search operator
  * @param string $where : where clauses to add to SQL
  * @param boolean $public : values are public or edited ? (default is edited)
  * @return string : the SQL request
  * @access public
  */
 function getFieldSearchSQL($fieldID, $value, $operator, $where, $public = false)
 {
     $statusSuffix = $public ? "_public" : "_edited";
     $sql = "\n\t\tselect\n\t\t\tdistinct objectID\n\t\tfrom\n\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\twhere\n\t\t\tobjectFieldID = '" . SensitiveIO::sanitizeSQLString($fieldID) . "'\n\t\t\tand value " . (is_array($value) ? "in (" . SensitiveIO::sanitizeSQLString(implode(',', $value)) . ")" : "= '" . SensitiveIO::sanitizeSQLString($value) . "'") . "\n\t\t\t{$where}\n\t\t";
     return $sql;
 }
Beispiel #18
0
 /**
  * Writes the news into persistence (MySQL for now), along with base data.
  *
  * @return boolean true on success, false on failure
  * @access public
  */
 function writeToPersistence()
 {
     $sql_fields = "\n\t\t\tform_fld='" . SensitiveIO::sanitizeSQLString($this->_formID) . "',\n\t\t\tname_fld='" . SensitiveIO::sanitizeSQLString($this->_name) . "',\n\t\t\tlabel_fld='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\ttype_fld='" . SensitiveIO::sanitizeSQLString($this->_type) . "',\n\t\t\tdataValidation_fld='" . SensitiveIO::sanitizeSQLString($this->_dataValidation) . "',\n\t\t\tdefaultValue_fld='" . SensitiveIO::sanitizeSQLString($this->_value) . "',\n\t\t\trequired_fld='" . SensitiveIO::sanitizeSQLString($this->_required) . "',\n\t\t\tactive_fld='" . SensitiveIO::sanitizeSQLString($this->_active) . "',\n\t\t\torder_fld='" . SensitiveIO::sanitizeSQLString($this->_order) . "',\n\t\t\toptions_fld='" . SensitiveIO::sanitizeSQLString(serialize($this->_options)) . "',\n\t\t\tparams_fld='" . SensitiveIO::sanitizeSQLString(serialize($this->_params)) . "'\n\t\t\t";
     if ($this->_fieldID) {
         $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_cms_forms_fields\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_fld='" . $this->_fieldID . "'\n\t\t\t";
     } else {
         $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_cms_forms_fields\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields;
     }
     $q = new CMS_query($sql);
     if ($q->hasError()) {
         $this->raiseError("Failed to write");
         return false;
     } elseif (!$this->_fieldID) {
         $this->_fieldID = $q->getLastInsertedID();
     }
     //then write options in a second query, (cause in the first query it cause a strange error with PDO
     /*$sql_fields = "
     				options_fld=:options
     		";
     		$sqlParameters = array(
     			'options' => serialize($this->_options),
     		);
     		$sql = "
     			update
     				mod_cms_forms_fields
     			set
     				".$sql_fields."
     			where
     				id_fld='".$this->_fieldID."'
     		";
     		$q = new CMS_query();
     		$q->executePreparedQuery($sql, $sqlParameters);
     		if ($q->hasError()) {
     			$this->raiseError("Failed to write");
     			return false;
     		}*/
     return true;
 }
Beispiel #19
0
 /**
  * Get POST vars from a form formatted by such a CMS_dialog_href class
  * and build a CMS_href
  *
  * Uses : _POST['link'] : array $link, the $_POST['link'] built by submiting
  * the form data : array ( 'internal'=>, 'external'=>, 'file'=>,
  * 'edit_file'=>, 'popup'=> array ('width'=>,'height'=>), 'type'=> )
  * @param  string $module, the module concerned by this link
  * @param integer $resourceID, ID to prepend the filename uploaded with
  * @param integer $fieldID, optional field ID to surcharge file name representation ("r".$resourceID."_f".$fieldID."_")
  * @return boolean true on success, false on failure
  * @access public
  */
 function doPost($module = MOD_STANDARD_CODENAME, $resourceID, $fieldID = '')
 {
     $linkLabel = isset($_POST[$this->_prefix . 'link_label']) ? $_POST[$this->_prefix . 'link_label'] : '';
     $linkType = isset($_POST[$this->_prefix . 'link_type']) ? $_POST[$this->_prefix . 'link_type'] : '';
     $internalLink = isset($_POST[$this->_prefix . 'link_internal']) ? $_POST[$this->_prefix . 'link_internal'] : '';
     $externalLink = isset($_POST[$this->_prefix . 'link_external']) ? $_POST[$this->_prefix . 'link_external'] : '';
     $this->_href->setLabel($linkLabel);
     $this->_href->setLinkType($linkType);
     $this->_href->setInternalLink($internalLink);
     $this->_href->setExternalLink($externalLink);
     // Delete/Upload file
     if (isset($_POST[$this->_prefix . 'link_edit_linkfile']) && $_POST[$this->_prefix . 'link_edit_linkfile'] > 0) {
         switch ($module) {
             case MOD_STANDARD_CODENAME:
                 $locationType = RESOURCE_DATA_LOCATION_EDITION;
                 $uniqueName = md5(serialize($this) . microtime());
                 $fileprefix = $fieldID ? 'p' . $resourceID . '_' . $uniqueName . "_f" . $fieldID : 'p' . $resourceID . '_' . $uniqueName;
                 break;
             default:
                 $locationType = RESOURCE_DATA_LOCATION_EDITED;
                 $fileprefix = $fieldID ? 'r' . $resourceID . "_f" . $fieldID . "_" : 'r' . $resourceID . "_";
                 break;
         }
         //remove the old file if any
         if (is_file($this->_href->getFileLink(true, $module, $locationType, PATH_RELATIVETO_FILESYSTEM))) {
             if (!unlink($this->_href->getFileLink(true, $module, $locationType, PATH_RELATIVETO_FILESYSTEM))) {
                 $this->raiseError("Could not delete linked file");
             }
         }
         if ($_FILES[$this->_prefix . 'link_file']['name'] != '' && $resourceID > 0) {
             $path = $this->_href->getFileLink(true, $module, $locationType, PATH_RELATIVETO_FILESYSTEM, false);
             $filename = $fileprefix . SensitiveIO::sanitizeAsciiString($_FILES[$this->_prefix . 'link_file']['name']);
             //move uploaded file
             $fileDatas = CMS_file::uploadFile($this->_prefix . 'link_file', PATH_TMP_FS);
             if ($fileDatas['error']) {
                 return false;
             }
             if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) {
                 return false;
             }
         } else {
             $filename = '';
         }
         $this->_href->setFileLink($filename);
     }
     // Target and Popup > (width, height)
     if (isset($_POST[$this->_prefix . 'link_target'])) {
         switch ($_POST[$this->_prefix . 'link_target']) {
             case "popup":
                 if ((int) $_POST[$this->_prefix . 'link_popup_width'] > 0 || (int) $_POST[$this->_prefix . 'link_popup_height'] > 0) {
                     $this->_href->setPopup($_POST[$this->_prefix . 'link_popup_width'], $_POST[$this->_prefix . 'link_popup_height']);
                 } else {
                     $this->_href->setPopup('', '');
                 }
                 break;
             case "top":
                 $this->_href->setTarget('_top');
                 $this->_href->setPopup('', '');
                 break;
             case "blank":
                 $this->_href->setTarget('_blank');
                 $this->_href->setPopup('', '');
                 break;
         }
     }
     return true;
 }
Beispiel #20
0
 /**
  * Get field order SQL request (used by class CMS_object_search)
  *
  * @param integer $fieldID : this field id in object (aka $this->_field->getID())
  * @param mixed $direction : the direction to search (asc/desc)
  * @param string $operator : additionnal search operator
  * @param string $where : where clauses to add to SQL
  * @param boolean $public : values are public or edited ? (default is edited)
  * @return string : the SQL request
  * @access public
  */
 function getFieldOrderSQL($fieldID, $direction, $operator, $where, $public = false)
 {
     $statusSuffix = $public ? "_public" : "_edited";
     //operators are not supported for now : TODO
     $supportedOperator = array();
     if ($operator && !in_array($operator, $supportedOperator)) {
         $this->raiseError('Unkown search operator : ' . $operator . ', use default search instead');
         $operator = false;
     }
     $sql = '';
     //choose table
     $fromTable = 'mod_subobject_string';
     // create sql
     $sql = "\n\t\tselect\n\t\t\tdistinct objectID\n\t\tfrom\n\t\t\t" . $fromTable . $statusSuffix . "\n\t\twhere\n\t\t\tobjectFieldID = '" . SensitiveIO::sanitizeSQLString($fieldID) . "'\n\t\t\tand objectSubFieldID = '0'\n\t\t\t{$where}\n\t\torder by (value+0) " . $direction;
     return $sql;
 }
Beispiel #21
0
 /**
  * Writes the news into persistence (MySQL for now), along with base data.
  *
  * @return boolean true on success, false on failure
  * @access public
  */
 function writeToPersistence()
 {
     //save data
     $closed = $this->_public === true ? 0 : 1;
     $sql_fields = "\n\t\t\towner_frm='" . $this->_ownerID . "',\n\t\t\tlanguage_frm='" . SensitiveIO::sanitizeSQLString($this->_language->getCode()) . "',\n\t\t\tname_frm='" . SensitiveIO::sanitizeSQLString($this->_name) . "',\n\t\t\tsource_frm='" . SensitiveIO::sanitizeSQLString($this->_source) . "',\n\t\t\tresponses_frm='" . SensitiveIO::sanitizeSQLString($this->_responses) . "',\n\t\t\tclosed_frm='" . $closed . "'";
     if ($this->_formID) {
         $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_cms_forms_formulars\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_frm='" . $this->_formID . "'\n\t\t\t";
     } else {
         $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_cms_forms_formulars\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields;
     }
     $q = new CMS_query($sql);
     if ($q->hasError()) {
         $this->raiseError("Failed to write");
         return false;
     } elseif (!$this->_formID) {
         $this->_formID = $q->getLastInsertedID();
     }
     //then create the 4 defaut actions for this form if hasn't any
     if (!$this->hasActions()) {
         //Form answer excedeed
         $alreadyFoldAction = new CMS_forms_action();
         $alreadyFoldAction->setInteger("form", $this->_formID);
         $alreadyFoldAction->setInteger("type", CMS_forms_action::ACTION_ALREADY_FOLD);
         $alreadyFoldAction->setString("value", 'text');
         $alreadyFoldAction->writeToPersistence();
         //Save form results in DB
         $dbAction = new CMS_forms_action();
         $dbAction->setInteger("form", $this->_formID);
         $dbAction->setInteger("type", CMS_forms_action::ACTION_DB);
         $dbAction->writeToPersistence();
         //form OK
         $okAction = new CMS_forms_action();
         $okAction->setInteger("form", $this->_formID);
         $okAction->setInteger("type", CMS_forms_action::ACTION_FORMOK);
         $okAction->setString("value", 'text');
         $okAction->writeToPersistence();
         //form NOK
         $nokAction = new CMS_forms_action();
         $nokAction->setInteger("form", $this->_formID);
         $nokAction->setInteger("type", CMS_forms_action::ACTION_FORMNOK);
         $nokAction->setString("value", 'text');
         $nokAction->writeToPersistence();
     }
     return true;
 }
Beispiel #22
0
 /**
  * Get field order SQL request (used by class CMS_object_search)
  *
  * @param integer $fieldID : this field id in object (aka $this->_field->getID())
  * @param mixed $direction : the direction to search (asc/desc)
  * @param string $operator : additionnal search operator
  * @param string $where : where clauses to add to SQL
  * @param boolean $public : values are public or edited ? (default is edited)
  * @return string : the SQL request
  * @access public
  */
 function getFieldOrderSQL($fieldID, $direction, $operator, $where, $public = false)
 {
     $statusSuffix = $public ? "_public" : "_edited";
     $supportedOperator = array();
     if ($operator && !in_array($operator, $supportedOperator)) {
         $this->raiseError("Unknown search operator : " . $operator . ", use default search instead");
         $operator = false;
     }
     $sql = '';
     //only add tables used by subfields
     foreach ($this->_subfields as $subFieldID => $subFieldDefinition) {
         $types[$subFieldDefinition['type']] = true;
     }
     //choose table
     if (isset($types['integer']) && $types['integer'] == true) {
         $fromTable = 'mod_subobject_integer';
     } elseif (isset($types['date']) && $types['date'] == true) {
         $fromTable = 'mod_subobject_date';
     } elseif (isset($types['text']) && $types['text'] == true) {
         $fromTable = 'mod_subobject_text';
     } elseif (isset($types['string']) && $types['string'] == true) {
         $fromTable = 'mod_subobject_string';
     }
     if (!$fromTable) {
         $fromTable = 'mod_subobject_integer';
     }
     // create sql
     $sql = "\n\t\tselect\n\t\t\tdistinct objectID\n\t\tfrom\n\t\t\t" . $fromTable . $statusSuffix . "\n\t\twhere\n\t\t\tobjectFieldID = '" . SensitiveIO::sanitizeSQLString($fieldID) . "'\n\t\t\t{$where}\n\t\torder by value " . $direction;
     return $sql;
 }
Beispiel #23
0
 /**
  * Writes the template into persistence (MySQL for now).
  *
  * @return boolean true on success, false on failure
  * @access public
  */
 function writeToPersistence()
 {
     $sql_fields = "\n\t\t\tlabel_pt='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\timage_pt='" . SensitiveIO::sanitizeSQLString($this->_image) . "',\n\t\t\tdefinitionFile_pt='" . SensitiveIO::sanitizeSQLString($this->_definitionFile) . "',\n\t\t\tgroupsStack_pt='" . SensitiveIO::sanitizeSQLString($this->_groups->getTextDefinition()) . "',\n\t\t\tmodulesStack_pt='" . SensitiveIO::sanitizeSQLString($this->_modules->getTextDefinition()) . "',\n\t\t\tinUse_pt='" . $this->_useable . "',\n\t\t\tdescription_pt='" . SensitiveIO::sanitizeSQLString($this->_description) . "',\n\t\t\twebsitesdenied_pt='" . SensitiveIO::sanitizeSQLString($this->_websitesdenied->getTextDefinition()) . "',\n\t\t\tprivate_pt='" . $this->_private . "',\n\t\t\tprintingCSOrder_pt='" . SensitiveIO::sanitizeSQLString(implode(";", $this->_printingClientSpaces)) . "'\n\t\t";
     if ($this->_id) {
         // Some changes must be applied
         // to all private templates similar to this one using same xml file
         if ($this->_definitionFile) {
             $sql = "\n\t\t\t\t\tupdate\n\t\t\t\t\t\tpageTemplates\n\t\t\t\t\tset\n\t\t\t\t\t\tlabel_pt='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\t\t\t\timage_pt='" . SensitiveIO::sanitizeSQLString($this->_image) . "',\n\t\t\t\t\t\tgroupsStack_pt='" . SensitiveIO::sanitizeSQLString($this->_groups->getTextDefinition()) . "',\n\t\t\t\t\t\tmodulesStack_pt='" . SensitiveIO::sanitizeSQLString($this->_modules->getTextDefinition()) . "',\n\t\t\t\t\t\tprintingCSOrder_pt='" . SensitiveIO::sanitizeSQLString(implode(";", $this->_printingClientSpaces)) . "'\n\t\t\t\t\twhere\n\t\t\t\t\t\tdefinitionFile_pt like '" . SensitiveIO::sanitizeSQLString($this->_definitionFile) . "'\n\t\t\t\t";
             $q = new CMS_query($sql);
         }
         $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tpageTemplates\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_pt='" . $this->_id . "'\n\t\t\t";
     } else {
         $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tpageTemplates\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields;
     }
     $q = new CMS_query($sql);
     //pr($sql);
     if ($q->hasError()) {
         return false;
     } elseif (!$this->_id) {
         $this->_id = $q->getLastInsertedID();
     }
     return true;
 }
Beispiel #24
0
 /**
  * Duplicate this block
  * Used to duplicate a CMS_page.
  *
  * @param CMS_page $destinationPage, the page receiving a copy of this block
  * @param boolean $public The precision needed for USERSPACE location
  * @return CMS_block object
  */
 function duplicate(&$destinationPage, $public = false)
 {
     if (SensitiveIO::isPositiveInteger($this->_dbID) && $this->_file) {
         $table = $this->_getDataTableName(RESOURCE_LOCATION_USERSPACE, $public);
         //Copy linked file
         //In new file name, delete reference to old page and add refernce to new one
         $_newFilename = "p" . $destinationPage->getID() . io::substr($this->_file, io::strpos($this->_file, "_"), io::strlen($this->_file));
         if (@is_file(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file) && @copy(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename) && @chmod(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename, octdec(FILES_CHMOD))) {
             //Public
             if ($public) {
                 if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename, octdec(FILES_CHMOD))) {
                     $this->raiseError("Duplicate, copy of new file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename);
                 }
             }
             $_newEnlargedFilename = '';
             //With enlarged file
             if ($this->_enlargedFile != '') {
                 $_newEnlargedFilename = "p" . $destinationPage->getID() . io::substr($this->_enlargedFile, io::strpos($this->_enlargedFile, "_"), io::strlen($this->_enlargedFile));
                 //Edited
                 if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_enlargedFile, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename, octdec(FILES_CHMOD))) {
                     $this->raiseError("Duplicate, copy of new enlarged file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename);
                 }
                 //Public
                 if ($public) {
                     if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $this->_enlargedFile, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename, octdec(FILES_CHMOD))) {
                         $this->raiseError("Duplicate, copy of new enlarged file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename);
                     }
                 }
             }
             //Save new datas
             $str_set = "\n\t\t\t\t\t\tpage='" . $destinationPage->getID() . "',\n\t\t\t\t\t\tclientSpaceID='" . $this->_clientSpaceID . "',\n\t\t\t\t\t\trowID='" . $this->_rowID . "',\n\t\t\t\t\t\tblockID='" . $this->_tagID . "',\n\t\t\t\t\t\tlabel='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($this->_label)) . "',\n\t\t\t\t\t\tfile='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($_newFilename)) . "',\n\t\t\t\t\t\texternalLink='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($this->_externalLink)) . "',\n\t\t\t\t\t\tenlargedFile='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($_newEnlargedFilename)) . "'\n\t\t\t\t";
             $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\t" . $table . "\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t";
             $q = new CMS_query($sql);
             if (!$q->hasError()) {
                 //Table Edition
                 $sql = "\n\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t" . $this->_getDataTableName(RESOURCE_LOCATION_EDITION, false) . "\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tid='" . $q->getLastInsertedID() . "',\n\t\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t\t";
                 $q = new CMS_query($sql);
                 return !$q->hasError();
             } else {
                 $this->raiseError("Duplicate, SQL insertion of new filename failed : " . $sql);
             }
         } else {
             $this->raiseError("Duplicate, copy of file failed :" . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file);
         }
     }
     return false;
 }
Beispiel #25
0
 /**
  * Gets the URL of a link towards a file managed by this application
  *
  * @param boolean $withPath If false, only returns the filename
  * @param string $module If false, only returns the filename
  * @param string $dataLocation Where does the data lies ? See CMS_resource constants
  * @param integer $relativeTo Can be web root or filesystem relative, see base constants
  * @param boolean $withFilename Should the function return the filename too or only the path ?
  * @return string The file
  * @access public
  */
 function getFileLink($withPath = false, $module = MOD_STANDARD_CODENAME, $dataLocation = RESOURCE_DATA_LOCATION_EDITED, $relativeTo = PATH_RELATIVETO_WEBROOT, $withFilename = true)
 {
     if ($withPath) {
         if (class_exists("CMS_resource")) {
             if (!SensitiveIO::isInSet($dataLocation, CMS_resource::getAllDataLocations()) || $dataLocation == RESOURCE_DATA_LOCATION_DEVNULL) {
                 $this->raiseError("DataLocation not in the valid set : " . $dataLocation);
                 return false;
             }
         } else {
             $dataLocation = RESOURCE_DATA_LOCATION_PUBLIC;
         }
         // Prepare module folder name
         $module = $module != '' ? $module . '/' : '';
         // Prepare full path
         switch ($relativeTo) {
             case PATH_RELATIVETO_WEBROOT:
                 $path = PATH_MODULES_FILES_WR . "/" . $module . $dataLocation;
                 break;
             case PATH_RELATIVETO_FILESYSTEM:
                 $path = PATH_MODULES_FILES_FS . "/" . $module . $dataLocation;
                 break;
         }
         if ($withFilename) {
             return $path . "/" . $this->_fileLink;
         } else {
             return $path;
         }
     } else {
         return $this->_fileLink;
     }
 }
//
// $Id: page-previsualization.php,v 1.5 2010/03/08 16:41:19 sebastien Exp $
/**
 * PHP page : page previsualization
 * Used to view the page edited data.
 *
 * @package Automne
 * @subpackage admin
 * @author Antoine Pouch <*****@*****.**> &
 * @author Sébastien Pauchet <*****@*****.**>
 */
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
$currentPage = sensitiveIO::request('currentPage', 'sensitiveIO::isPositiveInteger', CMS_session::getPageID());
$draft = sensitiveIO::request('draft') ? true : false;
//unset request to avoid it to have interaction with page code
sensitiveIO::unsetRequest(array('draft', 'currentPage'));
//CHECKS
if (!SensitiveIO::isPositiveInteger($currentPage)) {
    die("Invalid page");
}
//view edited or edition mode ?
$cms_visual_mode = $draft ? PAGE_VISUALMODE_HTML_EDITION : PAGE_VISUALMODE_HTML_EDITED;
$cms_page = CMS_tree::getPageByID($currentPage);
if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT)) {
    die('No rigths on page ...');
    exit;
}
//unset vars to avoid interraction with page
unset($currentPage);
unset($draft);
echo $cms_page->getContent($cms_language, $cms_visual_mode);
 /**
  * Process the module validations. Note that the EMails sent to either the transferred validator or the editors were sent before.
  *
  * @param CMS_resourceValidation $resourceValidation The resource validation to process
  * @param integer $result The result of the validation process. See VALIDATION_OPTION constants
  * @return boolean true on success, false on failure to process
  * @access public
  */
 function processValidation($resourceValidation, $result, $lastValidation = true)
 {
     if (!CMS_poly_object_catalog::hasPrimaryResource($this->getCodename())) {
         $this->raiseError("Module have not any primary resource !");
         return false;
     }
     if (!$resourceValidation instanceof CMS_resourceValidation) {
         $this->raiseError("ResourceValidation is not a valid CMS_resourceValidation object");
         return false;
     }
     if (!SensitiveIO::isInSet($result, CMS_resourceValidation::getAllValidationOptions())) {
         $this->raiseError("ProcessValidation : result is not a valid validation option");
         return false;
     }
     //Tell the resource of the changes
     $resource = $resourceValidation->getResource();
     $editions = $resourceValidation->getEditions();
     //add a call to all modules for validation specific treatment
     $modulesCodes = new CMS_modulesCodes();
     //add a call to modules after validation
     $modulesCodes->getModulesCodes(MODULE_TREATMENT_BEFORE_VALIDATION_TREATMENT, '', $resource, array('result' => $result, 'lastvalidation' => $lastValidation, 'module' => $this->_codename));
     switch ($result) {
         case VALIDATION_OPTION_REFUSE:
             //validation was refused, adjust the array of validations refused
             $all_editions = CMS_resourceStatus::getAllEditions();
             foreach ($all_editions as $aEdition) {
                 if ($aEdition & $editions) {
                     if (RESOURCE_EDITION_LOCATION & $aEdition && $resource->getProposedLocation() == RESOURCE_LOCATION_DELETED) {
                         $resource->removeProposedLocation();
                     } else {
                         $resource->addValidationRefused($aEdition);
                     }
                 }
             }
             break;
         case VALIDATION_OPTION_ACCEPT:
             //if one of the edition was the location, only treat this one. Move the data.
             if ($editions & RESOURCE_EDITION_LOCATION) {
                 if ($resource->getLocation() == RESOURCE_LOCATION_USERSPACE) {
                     //pulling resource out of USERSPACE
                     switch ($resource->getProposedLocation()) {
                         case RESOURCE_LOCATION_DELETED:
                             $locationTo = RESOURCE_DATA_LOCATION_DELETED;
                             break;
                     }
                     //first, move edited
                     $this->_changeDataLocation($resource, RESOURCE_DATA_LOCATION_EDITED, $locationTo);
                     //then delete public
                     $this->_changeDataLocation($resource, RESOURCE_DATA_LOCATION_PUBLIC, RESOURCE_DATA_LOCATION_DEVNULL);
                     //mark item as deleted
                     CMS_modulePolymodValidation::markDeletedItem($resource->getID());
                 } else {
                     if ($resource->getProposedLocation() == RESOURCE_LOCATION_USERSPACE) {
                         //Pushing resource to USERSPACE
                         switch ($resource->getLocation()) {
                             case RESOURCE_LOCATION_DELETED:
                                 $locationFrom = RESOURCE_DATA_LOCATION_DELETED;
                                 break;
                         }
                         //if resource was published, copy data to public table
                         if ($resource->getPublication() != RESOURCE_PUBLICATION_NEVERVALIDATED) {
                             $this->_changeDataLocation($resource, $locationFrom, RESOURCE_DATA_LOCATION_PUBLIC, true);
                         }
                         //move data from its location to edited
                         $this->_changeDataLocation($resource, $locationFrom, RESOURCE_DATA_LOCATION_EDITED);
                     } else {
                         //the move entirely takes place outside of USERSPACE (archived to deleted hopefully)
                         switch ($resource->getLocation()) {
                             case RESOURCE_LOCATION_DELETED:
                                 $locationFrom = RESOURCE_DATA_LOCATION_DELETED;
                                 break;
                         }
                         switch ($resource->getProposedLocation()) {
                             case RESOURCE_LOCATION_DELETED:
                                 $locationTo = RESOURCE_DATA_LOCATION_DELETED;
                                 break;
                         }
                         $this->_changeDataLocation($resource, $locationFrom, $locationTo);
                         if ($locationTo == RESOURCE_DATA_LOCATION_DELETED) {
                             //mark item as deleted
                             CMS_modulePolymodValidation::markDeletedItem($resource->getID());
                         }
                     }
                 }
                 $resource->validateProposedLocation();
             } else {
                 $all_editions = CMS_resourceStatus::getAllEditions();
                 $this->_changeDataLocation($resource, RESOURCE_DATA_LOCATION_EDITED, RESOURCE_DATA_LOCATION_PUBLIC, true);
                 foreach ($all_editions as $aEdition) {
                     if ($aEdition & $editions) {
                         $resource->validateEdition($aEdition);
                     }
                 }
             }
             break;
     }
     //if resource is a polyobject, we need to save only it resource (parent) status
     if (!$resource instanceof CMS_poly_object) {
         $resource->writeToPersistence();
     } else {
         $resource->writeToPersistence(false);
         //Clear polymod cache
         //CMS_cache::clearTypeCacheByMetas('polymod', array('module' => $this->_codename));
         CMS_cache::clearTypeCache('polymod');
     }
     $modulesCodes->getModulesCodes(MODULE_TREATMENT_AFTER_VALIDATION_TREATMENT, '', $resource, array('result' => $result, 'lastvalidation' => $lastValidation, 'module' => $this->_codename));
     return true;
 }
             if ($regenok) {
                 $cms_message = $cms_language->getMessage(MESSAGE_ACTION_OPERATION_DONE) . ' : ' . $cms_language->getMessage(MESSAGE_ACTION_N_PAGES_REGENERATED, array($regenok));
             }
             if ($regenerror) {
                 $cms_message .= $cms_message ? '<br />' . $cms_language->getMessage(MESSAGE_ACTION_N_PAGES_REGENERATION_ERROR, array($regenerror)) : $cms_language->getMessage(MESSAGE_ACTION_N_PAGES_REGENERATION_ERROR, array($regenerror));
             }
         }
     }
     break;
 case 'regenerate-pages':
     if ($pages) {
         $tmpPages = preg_split('#[ ;,]#', $pages);
         $pages = array();
         foreach ($tmpPages as $p) {
             $p = trim($p);
             if (SensitiveIO::isPositiveInteger($p)) {
                 $pages[] = $p;
             } elseif (preg_match("#[0-9]+\\-[0-9]+#", $p)) {
                 $subPages = explode('-', $p);
                 sort($subPages);
                 for ($idp = $subPages[0]; $idp <= $subPages[1]; $idp++) {
                     $pages[] = $idp;
                 }
             }
         }
         $pages = array_unique($pages);
         sort($pages);
         if (sizeof($pages)) {
             $validPages = CMS_tree::pagesExistsInUserSpace($pages);
             if (sizeof($validPages)) {
                 if (sizeof($validPages) > 3) {
Beispiel #29
0
 /**
  * Writes the block data into persistence (destroys previous and insert new)
  *
  * @param integer $pageID The page which contains the client space, DB ID
  * @param integer $clientSpaceID The client space which contains the row, DB ID
  * @param integer $rowID The row which contains the block, DB ID
  * @param integer $location The location we want to completly remove the block from
  * @param boolean $public The precision needed for USERSPACE location
  * @param array(mixed=>mixed) $data The data indexed by data type (value, file, alt_tag, ...), 
  * @return boolean true on success, false on failure
  * @access public
  */
 function writeToPersistence($pageID, $clientSpaceID, $rowID, $location, $public, $data)
 {
     if (!SensitiveIO::isInSet($location, CMS_resourceStatus::getAllLocations())) {
         $this->raiseError("writeToPersistence was given a bad location");
         return false;
     }
 }
Beispiel #30
0
 /**
  * Constructor.
  * initializes the linx.
  *
  * @param string $type The linx type
  * @param string $tagContent The tag content.
  * @param CMS_page $page The page we're parsing
  * @param boolean $publicTree Does the linx must be calculated in the public or edited tree ?
  * @return void
  * @access public
  */
 function __construct($type, $tagContent, $page, $publicTree = false, $args = array())
 {
     if (!SensitiveIO::isInSet($type, CMS_linxesCatalog::getAllTypes())) {
         $this->raiseError("Constructor has an unknown type : " . $type);
         return;
     } elseif (!is_a($page, "CMS_page")) {
         $this->raiseError("Constructor was not given a valid CMS_page");
         return;
     } else {
         $this->_args = $args;
         $this->_type = $type;
         //Hack for shorthand writing of atm-linx
         //<atm-linx type="direct" node="pageID"> ... </atm-linx>
         //<atm-linx type="direct" codename="pageCodename"> ... </atm-linx>
         if ((isset($this->_args['node']) || isset($this->_args['codename'])) && $this->_type == 'direct') {
             $tag = new CMS_XMLTag('atm-linx', $this->_args);
             $tag->setTextContent($tagContent);
             $tagContent = '<atm-linx type="direct">' . '<selection ' . (isset($this->_args['crosswebsite']) ? ' crosswebsite="' . $this->_args['crosswebsite'] . '"' : '') . '>';
             if (isset($this->_args['node'])) {
                 $tagContent .= '<start><nodespec type="node" value="' . $this->_args['node'] . '" /></start>';
                 //remove useless node argument
                 unset($this->_args['node']);
             } else {
                 $tagContent .= '<start><nodespec type="codename" value="' . $this->_args['codename'] . '" /></start>';
                 //remove useless node argument
                 unset($this->_args['codename']);
             }
             $tagContent .= '</selection>' . '<display>' . '<htmltemplate>' . $tag->getInnerContent() . '</htmltemplate>' . '</display>' . '</atm-linx>';
         }
         $this->_page = $page;
         $this->_publicTree = $publicTree;
         $domdocument = new CMS_DOMDocument();
         try {
             $domdocument->loadXML($tagContent);
         } catch (DOMException $e) {
             $this->raiseError('Malformed atm-linx content in page ' . $page->getID() . ' : ' . $e->getMessage() . "\n" . $tagContent, true);
             return false;
         }
         $selections = $domdocument->getElementsByTagName('selection');
         if ($selections->length > 0) {
             $selection = $selections->item(0);
             //parse the selection for nodespecs and condition
             if (!$this->_parseSelection($selection)) {
                 $this->raiseError();
                 return;
             }
         }
         $noselections = $domdocument->getElementsByTagName('noselection');
         if ($noselections->length > 0) {
             $this->_noselection = $noselections->item(0);
         }
         $displays = $domdocument->getElementsByTagName('display');
         //get the displays objects
         $unsortedDisplays = array();
         foreach ($displays as $display) {
             $unsortedDisplays[] = new CMS_linxDisplay($display);
         }
         //put the default display (the one with no condition) at the end of the array
         $default = false;
         foreach ($unsortedDisplays as $dsp) {
             if ($dsp->hasCondition() && !$default) {
                 $this->_displays[] = $dsp;
             } else {
                 $default = $dsp;
             }
         }
         if ($default) {
             $this->_displays[] = $default;
         }
     }
 }