function getMdRight($type, $user, $data_type, $create_user, $edit_group, $view_group) { setMickaLog("type={$type}, user={$user}, data_type={$data_type}, create={$create_user}, edit={$edit_group}, view={$view_group}", 'ERROR', 'getMdRight.start'); $rs = FALSE; if (canAction('*')) { // root - superuživatel, správce projektu, může vše setMickaLog('TRUE', 'ERROR', 'getMdRight.root'); return TRUE; } else { setMickaLog('FALSE', 'ERROR', 'getMdRight.root'); } if ($type == 'edit' && $user != 'guest') { if (getMsGroups('is_set', $edit_group) || $user == $create_user) { return TRUE; } } if ($type == 'view') { if ($user == $create_user) { return TRUE; } elseif (getMsGroups('is_set', $edit_group)) { return TRUE; } elseif (getMsGroups('is_set', $view_group) && $data_type > -1) { return TRUE; } elseif ($data_type > 0) { return TRUE; } } return $rs; }
require PHPPRG_DIR . '/micka_auth.php'; $substring = DB_DRIVER == 'oracle' ? 'SUBSTR' : 'SUBSTRING'; $sql = array(); $org = array(); $md_id = array(); $rs = array(); $recno = ''; $orderBy = TRUE; $query_lang = isset($_REQUEST['lang']) && $_REQUEST['lang'] != '' ? htmlspecialchars($_REQUEST['lang']) : ''; $creator = isset($_REQUEST['creator']) && $_REQUEST['creator'] != '' ? htmlspecialchars($_REQUEST['creator']) : ''; $query = isset($_REQUEST['query']) && $_REQUEST['query'] != '' ? htmlspecialchars($_REQUEST['query']) : ''; $contact_type = isset($_REQUEST['type']) && $_REQUEST['type'] != '' ? htmlspecialchars($_REQUEST['type']) : 'org'; $contact_role = isset($_REQUEST['role']) && $_REQUEST['role'] != '' ? htmlspecialchars($_REQUEST['role']) : ''; $user = MICKA_USER; $admin = canAction('*'); $group = getMsGroups('get_groups'); $group = implode("','", array_keys($group)); $group = "'" . $group . "'"; if ($admin === TRUE) { $right = 'md.data_type IS NOT NULL'; } else { $right = $user == 'guest' ? 'md.data_type>0' : "(md.create_user='******' OR md.view_group IN({$group}) OR md.edit_group IN({$group}) OR md.data_type>0)"; } switch ($contact_type) { case 'mdperson': //$md_id = array(152); $query_lang = ''; array_push($sql, "\n SELECT md_values.recno, md_values.md_path, md_values.md_value, md_values.lang\n FROM (md JOIN md_values ON md.recno=md_values.recno) LEFT JOIN md_values m ON({$substring}(md_values.md_path, 1,17)={$substring}(m.md_path, 1,17) AND md_values.recno=m.recno)\n WHERE \n "); if ($creator != '') { if ($creator == $user) { array_push($sql, "AND md.create_user=%s", $creator);
public function getXML($in, $params, $result = TRUE, $only_xml = FALSE) { //Debugger::dump($in);exit; //Debugger::log('[MdExport.getXML.begin] ' . print_r($in, true), 'INFO'); $this->rs_xml = ''; $rs_type = $only_xml === TRUE ? 'xml' : 'array'; $rs_md = array(); $supr = canAction('*'); // root - superuživatel, spravce projektu $vysl = array(); $recno_arr = array(); if (is_array($in) === FALSE) { $in = array(); } if (is_array($params) === FALSE) { $params = array(); } $this->setFlatParams($params); $this->setQueryIn($in); $in = $this->query_in; $pom = $this->setQuery($this->setMdParams($in)); if ($pom == -1) { setMickaLog('SQL == -1', 'ERROR', 'MdExport.getXML'); // TODO: návrat chyby /* if ($this->query_status === FALSE) { my_print_r($this->query_error); } */ return -1; } if ($this->search_uuid === FALSE) { $numberOfRecods = $this->setNumberOfRecords($this->startPosition + 1, $pom['paginator']['records']); } if ($pom['paginator']['records'] > 0 && $pom['sql'] != '' && $this->hits === FALSE) { if ($this->xml_from == 'cache') { $vysl = _executeSql('select', array($pom['sql']), array('all')); //Debugger::log('[MdExport.getXML.vysl] ' . print_r($vysl, true), 'ERROR'); $recno_arr = array_keys($vysl); if ($this->search_uuid === TRUE) { if (is_array($vysl) === FALSE && $vysl == '') { $vysl = array(); } $numberOfRecods = $this->setNumberOfRecords($this->startPosition + 1, count($vysl)); } } else { $elements_label = $this->getIdElements(); // nacteni elementu pro prevod na kody $result_db = DB_DRIVER == 'oracle' ? _executeSql('select', array($pom['sql']), array('assoc', 'RECNO,#,=')) : _executeSql('select', array($pom['sql']), array('assoc', 'recno,#,=')); $eval_text = ''; foreach ($result_db as $recno => $data) { $recno_arr[] = $recno; // seznam recno foreach ($data as $idx => $row) { if ($row['MD_PATH'] == '') { continue; } $mds = $row['MD_STANDARD']; if ($mds - 10 > -1) { $mds = $mds - 10; } $path_arr = explode('_', substr($row['MD_PATH'], 0, strlen($row['MD_PATH']) - 1)); $eval_text_tmp = '$vysl[' . $recno . ']'; foreach ($path_arr as $key => $value) { if ($key % 2 == 0) { $eval_text_tmp .= "['" . $elements_label[$mds][$value] . "']"; } else { $eval_text_tmp .= '[' . $value . ']'; } } $eval_text_tmp .= "['!" . $row['LANG'] . "']=" . '"' . gpc_addslashes($row['MD_VALUE']) . '";' . "\n"; $eval_text .= $eval_text_tmp; } } eval($eval_text); } $this->md = array(); if (count($recno_arr) == 0) { // TODO: otestovat stav, kdy požaduji záznam vyšší, než je počet nalezených //$numberOfRecods['Return'] = 0; } elseif ($this->xml_from == 'data') { $this->setMdHeader($recno_arr); } } if ($result) { $this->rs_xml .= "<results numberOfRecordsMatched=\"" . $numberOfRecods['Matched'] . "\" numberOfRecordsReturned=\"" . $numberOfRecods['Return'] . "\" nextRecord=\"" . $numberOfRecods['Next'] . "\" elementSet=\"brief\">"; } if (is_array($vysl) && $this->hits === FALSE) { if ($this->xml_from == 'data') { $this->printMDXML($vysl); } if ($this->xml_from == 'cache') { foreach ($vysl as $key => $item) { if (DB_DRIVER == 'mssql2005' && is_object($item['LAST_UPDATE_DATE'])) { $item['CREATE_DATE'] = $item['CREATE_DATE']->format('Y-m-d'); $item['LAST_UPDATE_DATE'] = $item['LAST_UPDATE_DATE']->format('Y-m-d'); } $item['edit'] = 0; if (getMsGroups('is_set', $item['EDIT_GROUP']) || $supr) { $item['edit'] = 1; } if ($item['CREATE_USER'] == $this->user && $this->user != 'guest') { $item['edit'] = 1; } if ($this->ext_header === TRUE) { $item = $item + $this->getHarvestor($item['SERVER_NAME']); } else { $item['harvest_source'] = ''; $item['harvest_title'] = ''; } if ($rs_type == 'xml') { $this->rs_xml .= '<rec recno="' . $item['RECNO'] . '"' . ' uuid="' . $item['UUID'] . '"' . ' md_standard="' . $item['MD_STANDARD'] . '"' . ' lang="' . $item['LANG'] . '"' . ' data_type="' . $item['DATA_TYPE'] . '"' . ' create_user="******"' . ' create_date="' . $item['CREATE_DATE'] . '"' . ' last_update_user="******"' . ' last_update_date="' . $item['LAST_UPDATE_DATE'] . '"' . ' edit_group="' . $item['EDIT_GROUP'] . '"' . ' view_group="' . $item['VIEW_GROUP'] . '"' . ' valid="' . $item['VALID'] . '"' . ' prim="' . $item['PRIM'] . '"' . ' server_name="' . $item['SERVER_NAME'] . '"' . ' harvest_source="' . $item['harvest_source'] . '"' . ' harvest_title="' . $item['harvest_title'] . '"' . ' edit="' . $item['edit'] . '">' . $item['PXML'] . "</rec>"; } else { $this->rs_xml .= $item['PXML']; unset($item['PXML']); $rs_md[] = $item; } } } } if ($result) { $this->rs_xml .= "\n"; $this->rs_xml .= "</results>"; } //$this->set2FileLog(array($in, $pom['sql'], $this->rs_xml, $rs_md)); $_SESSION['micka']['search']['xmlMatched'] = $numberOfRecods['Matched']; if ($rs_type == 'xml') { return $this->rs_xml; } return array($this->rs_xml, $rs_md); }
public function actionContacts($action, $cont_id) { if (MICKA_USER == 'guest') { require PHPINC_DIR . '/templates/403.php'; } $rs = array(); switch ($action) { case 'new': $rs['groups'] = getMsGroups('get_groups'); $rs['data'] = $this->getContacts(-1); break; case 'edit': $rs['groups'] = getMsGroups('get_groups'); $rs['data'] = $this->getContacts($cont_id); break; case 'copy': $record = $this->copyContact($cont_id); if ($record['ok']) { $rs['groups'] = getMsGroups('get_groups'); $rs['data'] = $record['contact']; } else { require PHPINC_DIR . '/templates/404_record.php'; } break; case 'delete': $result = $this->deleteContact($cont_id); Debugger::dump($result); if ($result['ok']) { $redirectUrl = substr(htmlspecialchars($_SERVER['PHP_SELF']), 0, strrpos($_SERVER['PHP_SELF'], '/')) . '?ak=md_contacts'; require PHPPRG_DIR . '/redirect.php'; } else { require PHPINC_DIR . '/templates/404_record.php'; } break; case 'save': $result = $this->setContact($_POST); if ($result['ok']) { $redirectUrl = substr(htmlspecialchars($_SERVER['PHP_SELF']), 0, strrpos($_SERVER['PHP_SELF'], '/')) . '?ak=md_contacts'; require PHPPRG_DIR . '/redirect.php'; } else { require PHPINC_DIR . '/templates/404_record.php'; } break; default: $rs['data'] = $this->getContacts(); } return $rs; }
$recordTitle = mainGetTitleRecord($record['data']['md']['UUID']); } elseif ($ak == 'detailall') { $template->label_sd = isset($record['data']['head']['title']) && $record['data']['head']['title'] != '' ? $record['data']['head']['title'] : getLabelStandard($record['data']['head']['mds']); $template->label_resource_type = getLabelResourceType($record); $template->values = $record['data']['data']; $template->rec = $record['data']['head']; $template->label_el = getLabelEl($record['data']['head']['mds']); $template->hs_wms = getHsWms(MICKA_LANG, $hs_wms); $recordTitle = $template->label_sd; } elseif ($ak == 'edit') { //$template->form_public = $form_public; $template->publisher = $record['publisher']; $template->saver = $record['saver']; $template->edit_group = $record['data']['md']['EDIT_GROUP']; $template->view_group = $record['data']['md']['VIEW_GROUP']; $template->groups = getMsGroups('get_groups', $record['data']['md']['EDIT_GROUP'] . '|' . $record['data']['md']['VIEW_GROUP']); $template->hierarchy = isset($record['hierarchy']) ? $record['hierarchy'] : ''; $template->mds = $record['data']['md']['MD_STANDARD']; $template->recno = $record['data']['md']['RECNO']; $template->uuid = $record['data']['md']['UUID']; $template->dataType = $record['data']['md']['DATA_TYPE']; $template->MdDataTypes = getMdDataType($template->label); $template->formData = isset($record['data']['md_values']) ? $record['data']['md_values'] : ''; $template->keywordsDataUri = $record['data']['keywords_uri']; $template->formEnd = isset($record['data']['md_values_end']) ? $record['data']['md_values_end'] : ''; $template->profils = getMdProfils(MICKA_LANG, $record['data']['md']['MD_STANDARD']); $template->packages = getMdPackages(MICKA_LANG, $record['data']['md']['MD_STANDARD'], $record['data']['profil']); $template->selectProfil = $record['data']['profil']; $template->langs = $record['data']['md']['LANG']; $template->selectPackage = isset($record['data']['package']) && $record['data']['package'] > -1 ? $record['data']['package'] : 1; $template->title = $record['data']['md']['TITLE'];