function _appendChildren(&$master, &$blocks, $parent, $depth = 0, $parents = array()) { global $db; if ($parent != 0) { $parents[] = $parent; // numChildren added for Barry Goed's Explorer-style navigation view $master[$parent]->numChildren = count($blocks[$parent]); } if (!defined('SYS_SORTING')) { require_once BASE . 'subsystems/sorting.php'; } usort($blocks[$parent], 'pathos_sorting_byRankAscending'); for ($i = 0; $i < count($blocks[$parent]); $i++) { $child = $blocks[$parent][$i]; if ($child->public == 1 || navigationmodule::canView($child)) { $child->numParents = count($parents); $child->numChildren = 0; $child->depth = $depth; $child->first = $i == 0 ? 1 : 0; $child->last = $i == count($blocks[$parent]) - 1 ? 1 : 0; $child->parents = $parents; // Generate the link attribute base on alias type. if ($child->alias_type == 1) { // External link. Set the link to the configured website URL. // This is guaranteed to be a full URL because of the // section::updateExternalAlias() method in datatypes/section.php $child->link = $child->external_link; } else { if ($child->alias_type == 2) { // Internal link. // Need to check and see if the internal_id is pointing at an external link. $dest = $db->selectObject('section', 'id=' . $child->internal_id); if ($dest->alias_type == 1) { // This internal alias is pointing at an external alias. // Use the external_link of the destination section for the link $child->link = $dest->external_link; } else { // Pointing at a regular section. This is guaranteed to be // a regular section because aliases cannot be turned into sections, // (and vice-versa) and because the section::updateInternalLink // does 'alias to alias' dereferencing before the section is saved // (see datatypes/section.php) $child->link = pathos_core_makeLink(array('section' => $child->internal_id)); } } else { // Normal link. Just create the URL from the section's id. $child->link = pathos_core_makeLink(array('section' => $child->id)); } } $master[$child->id] = $child; if (isset($blocks[$child->id])) { navigationmodule::_appendChildren($master, $blocks, $child->id, $depth + 1, $parents); } } } }
public function getSearchResults($terms, $readonly = 0) { global $db, $user; // get the search terms //$terms = $this->params['search_string']; if (SAVE_SEARCH_QUERIES && $readonly == 0) { if (INCLUDE_ANONYMOUS_SEARCH == 1 || $user->id != 0) { $queryObj = new stdClass(); $queryObj->user_id = $user->id; $queryObj->query = $terms; $queryObj->timestamp = time(); $db->insertObject($queryObj, 'search_queries'); } } //setup the sql query /*$sql = "SELECT *, MATCH (s.title,s.body) AGAINST ('".$terms."') as score from ".DB_TABLE_PREFIX."_search as s "; $sql .= "LEFT OUTER JOIN ".DB_TABLE_PREFIX."_product p ON s.original_id = p.id WHERE MATCH(title,body) against ('".$terms."' IN BOOLEAN MODE)"; SELECT *, MATCH (s.title,s.body) AGAINST ('army combat uniform') as score from exponent_search as s LEFT OUTER JOIN exponent_product p ON s.original_id = p.id WHERE MATCH(s.title,s.body) against ('army combat uniform' IN BOOLEAN MODE)*/ $sql = "SELECT *, MATCH (s.title,s.body) AGAINST ('" . $terms . "*') as score from " . DB_TABLE_PREFIX . "_search as s "; $sql .= "WHERE MATCH(title,body) against ('" . $terms . "*' IN BOOLEAN MODE) "; // look up the records. //eDebug($sql); $records = $db->selectObjectsBySql($sql); //eDebug($records); //FIXME: The page count is off when have to not show // search results due to permissions...not sure what to do about that. $recs = $records; for ($i = 0; $i < count($records); $i++) { if ($records[$i]->ref_type == 'product') { $score = $records[$i]->score; if (!product::canView($records[$i]->original_id)) { unset($recs[$i]); } /*else { $records[$i] = new product($records[$i]->original_id); $records[$i]->score = $score; }*/ } else { if ($records[$i]->ref_type == 'section') { $section = $db->selectObject('section', 'id=' . $records[$i]->original_id); if (empty($section) || !navigationmodule::canView($section)) { unset($recs[$i]); //$records[$i]->canview = false; } } else { $rloc = unserialize($records[$i]->location_data); if (!empty($rloc)) { $sectionref = $db->selectObject("sectionref", "module='" . expModules::getControllerClassName($rloc->mod) . "' AND source='" . $rloc->src . "'"); if (!empty($sectionref)) { $section = $db->selectObject("section", "id=" . $sectionref->section); if (empty($section) || !navigationmodule::canView($section)) { unset($recs[$i]); //$records[$i]->canview = false; } } } } } } return $recs; }
require_once BASE . 'subsystems/core.php'; // Initialize the Database Subsystem require_once BASE . 'subsystems/database.php'; $db = pathos_database_connect(DB_USER, DB_PASS, DB_HOST . ':' . DB_PORT, DB_NAME); // Initialize the Modules Subsystem. require_once BASE . 'subsystems/modules.php'; pathos_modules_initialize(); // Initialize the Template Subsystem. require_once BASE . 'subsystems/template.php'; // Initialize the Permissions Subsystem. require_once BASE . 'subsystems/permissions.php'; // Initialize the Flow Subsystem. if (!defined('SYS_FLOW')) { require_once BASE . 'subsystems/flow.php'; } // Validate session pathos_sessions_validate(); // Initialize permissions variables pathos_permissions_initialize(); $section = pathos_sessions_isset('last_section') ? pathos_sessions_get('last_section') : SITE_DEFAULT_SECTION; $section = $db->selectObject('section', 'id=' . $section); if (!navigationmodule::canView($section)) { define('AUTHORIZED_SECTION', 0); } else { define('AUTHORIZED_SECTION', 1); } if (!navigationmodule::isPublic($section)) { define('PUBLIC_SECTION', 0); } else { define('PUBLIC_SECTION', 1); }
} $search_string = trim(strtolower($_GET['search_string'])); if ($search_string == "") { pathos_lang_loadDictionary('modules', 'searchmodule'); echo TR_SEARCHMODULE_NEEDTERM; return; } $term_status = pathos_search_cleanSearchQuery(array_map("addslashes", array_map("trim", split(" ", $search_string)))); $terms = $term_status['valid']; $results = array(); foreach ($db->selectObjects("search", pathos_search_whereClause(array("title", "body"), $terms, SEARCH_TYPE_ANY)) as $r) { $result = null; $rloc = unserialize($r->location_data); $sectionref = $db->selectObject("sectionref", "module='" . $rloc->mod . "' AND source='" . $rloc->src . "'"); $section = $db->selectObject("section", "id=" . $sectionref->section); $canview = navigationmodule::canView($section); if ($canview && $r->view_perm != '') { // No point in checking the perm stuff if they cant even see the section $canview = false; // They need to have specific perms on the module. foreach (explode(',', $r->view_perm) as $p) { if (pathos_permissions_check($p, $rloc)) { $canview = true; break; } } } if ($canview) { $weight = 0; $body_l = strtolower($r->body); $title_l = strtolower($r->title);
static function canView($section) { global $db; if ($section == null) { return false; } if ($section->public == 0) { // Not a public section. Check permissions. return expPermissions::check('view', expCore::makeLocation('navigationmodule', '', $section->id)); } else { // Is public. check parents. if ($section->parent <= 0) { // Out of parents, and since we are still checking, we haven't hit a private section. return true; } else { $s = $db->selectObject('section', 'id=' . $section->parent); return navigationmodule::canView($s); } } }
public function getSectionObj($section) { global $db; if ($section == "*") { $action = $this->params['controller'] . "Controller"; $sectionObj = call_user_func($action . "::getSection", $this->params); } else { $sectionObj = $db->selectObject('section', 'id=' . intval($section)); } // $sectionObj = $db->selectObject('section','id='. intval($section)); if (!navigationmodule::canView($sectionObj)) { define('AUTHORIZED_SECTION', 0); } else { define('AUTHORIZED_SECTION', 1); } if (!navigationmodule::isPublic($sectionObj)) { define('PUBLIC_SECTION', 0); } else { define('PUBLIC_SECTION', 1); } if (isset($_REQUEST['section'])) { expSession::set('last_section', intval($_REQUEST['section'])); } else { //expSession::unset('last_section'); } return $sectionObj; }