/**
* TODO: This code is old and is not used by any package in the bitweaver CVS anymore.
* We will clean up this code as soon as we migrated all legacy code
*/
function store(&$pParamHash)
{
//deprecated( "This method has been replaced by a method in LibertyMime. Please try to migrate your code." );
global $gLibertySystem, $gBitSystem, $gBitUser;
$this->mDb->StartTrans();
if (LibertyAttachable::verify($pParamHash) && (isset($pParamHash['skip_content_store']) || LibertyContent::store($pParamHash))) {
if (!empty($pParamHash['STORAGE']) && count($pParamHash['STORAGE'])) {
foreach (array_keys($pParamHash['STORAGE']) as $guid) {
$storeRows =& $pParamHash['STORAGE'][$guid];
// short hand variable assignment
// If it is empty then nothing more to do. Avoid error in foreach.
if (empty($storeRows)) {
continue;
}
foreach ($storeRows as $key => $value) {
$storeRow =& $pParamHash['STORAGE'][$guid][$key];
$storeRow['plugin_guid'] = $guid;
if (!@BitBase::verifyId($pParamHash['content_id'])) {
$storeRow['content_id'] = NULL;
} else {
$storeRow['content_id'] = $pParamHash['content_id'];
// copy in content_id
}
if (!empty($pParamHash['user_id'])) {
$storeRow['user_id'] = $pParamHash['user_id'];
// copy in the user_id
} else {
$storeRow['user_id'] = $gBitUser->mUserId;
}
// do we have a verify function for this storage type, and do things verify?
$verifyFunc = $gLibertySystem->getPluginFunction($guid, 'verify_function');
if ($verifyFunc && $verifyFunc($storeRow)) {
// For backwards compatibility with a single upload.
if (@BitBase::verifyId($pParamHash['attachment_id'])) {
$storeRow['upload']['attachment_id'] = $storeRow['attachment_id'] = $pParamHash['attachment_id'];
} else {
if (!isset($storeRow['skip_insert'])) {
if (defined('LINKED_ATTACHMENTS') && @BitBase::verifyId($pParamHash['content_id'])) {
$storeRow['upload']['attachment_id'] = $storeRow['attachment_id'] = $pParamHash['content_id'];
} else {
$storeRow['upload']['attachment_id'] = $storeRow['attachment_id'] = defined('LINKED_ATTACHMENTS') ? $this->mDb->GenID('liberty_content_id_seq') : $this->mDb->GenID('liberty_attachments_id_seq');
}
}
}
// if we have uploaded a file, we can take care of that generically
if (!empty($storeRow['upload']) && is_array($storeRow['upload']) && !empty($storeRow['upload']['size'])) {
if (empty($storeRow['upload']['type'])) {
$ext = substr($storeRow['upload']['name'], strrpos($storeRow['upload']['name'], '.') + 1);
$storeRow['upload']['type'] = $gBitSystem->lookupMimeType($ext);
}
$storeRow['upload']['dest_branch'] = $this->getStorageBranch($storeRow['attachment_id'], $storeRow['user_id'], $this->getStorageSubDirName());
if (!empty($pParamHash['thumbnail_sizes'])) {
$storeRow['upload']['thumbnail_sizes'] = $pParamHash['thumbnail_sizes'];
}
$storagePath = liberty_process_upload($storeRow['upload']);
// We're gonna store to local file system & liberty_files table
if (empty($storagePath)) {
$this->mErrors['file'] = tra("Could not store file") . ": " . $storeRow['upload']['name'] . '.';
$storeRow['attachment_id'] = NULL;
$storeRow['upload']['attachment_id'] = NULL;
} else {
$storeRow['upload']['dest_file_path'] = $storagePath;
}
}
if (@BitBase::verifyId($storeRow['attachment_id']) && ($storeFunc = $gLibertySystem->getPluginFunction($storeRow['plugin_guid'], 'store_function'))) {
$this->mStorage = $storeFunc($storeRow);
}
// don't insert if we already have an entry with this attachment_id
if (@BitBase::verifyId($storeRow['attachment_id']) && !isset($storeRow['skip_insert']) && !LibertyMime::loadAttachment($storeRow['attachment_id'])) {
$sql = "INSERT INTO `" . BIT_DB_PREFIX . "liberty_attachments` ( `content_id`, `attachment_id`, `attachment_plugin_guid`, `foreign_id`, `user_id` ) VALUES ( ?, ?, ?, ?, ? )";
$rs = $this->mDb->query($sql, array($storeRow['content_id'], $storeRow['attachment_id'], $storeRow['plugin_guid'], (int) $storeRow['foreign_id'], $storeRow['user_id']));
}
}
}
}
}
// set the primary attachment id
$this->setPrimaryAttachment($pParamHash['liberty_attachments']['primary'], $pParamHash['content_id'], empty($pParamHash['liberty_attachments']['auto_primary']) || $pParamHash['liberty_attachments']['auto_primary'] ? TRUE : FALSE);
}
$this->mDb->CompleteTrans();
return count($this->mErrors) == 0;
}
function mime_default_expunge($pAttachmentId)
{
global $gBitSystem, $gBitUser;
$ret = FALSE;
if (@BitBase::verifyId($pAttachmentId)) {
if ($fileHash = LibertyMime::loadAttachment($pAttachmentId)) {
if ($gBitUser->isAdmin() || $gBitUser->mUserId == $fileHash['user_id'] && isset($fileHash['source_file']) && !empty($fileHash['source_file'])) {
// make sure this is a valid storage directory before removing it
if (preg_match("#^" . realpath(STORAGE_PKG_PATH) . "/attachments/\\d+/\\d+/#", $fileHash['source_file']) && is_file($fileHash['source_file'])) {
unlink_r(dirname($fileHash['source_file']));
}
$query = "DELETE FROM `" . BIT_DB_PREFIX . "liberty_files` WHERE `file_id` = ?";
$gBitSystem->mDb->query($query, array($fileHash['foreign_id']));
$ret = TRUE;
}
}
}
return $ret;
}
/**
* @version $Header$
*
* @author xing <*****@*****.**>
* @package treasury
* @copyright 2003-2006 bitweaver
* @license LGPL {@link http://www.gnu.org/licenses/lgpl.html}
**/
/**
* Setup
*/
require_once '../kernel/setup_inc.php';
require_once LIBERTY_PKG_PATH . 'LibertyMime.php';
// fetch the attachment details
if (@(!BitBase::verifyId($_REQUEST['attachment_id'])) || !($attachment = LibertyMime::loadAttachment($_REQUEST['attachment_id'], $_REQUEST))) {
$gBitSystem->fatalError(tra("The Attachment ID given is not valid"));
}
$gBitSmarty->assign('attachment', $attachment);
// first we need to check the permissions of the content the attachment belongs to since they inherit them
if ($gContent = LibertyBase::getLibertyObject($attachment['content_id'])) {
$gContent->verifyViewPermission();
$gBitSmarty->assign('gContent', $gContent);
if ($download_function = $gLibertySystem->getPluginFunction($attachment['attachment_plugin_guid'], 'download_function', 'mime')) {
if ($download_function($attachment)) {
LibertyMime::addDownloadHit($attachment['attachment_id']);
die;
} else {
if (!empty($attachment['errors'])) {
$msg = '';
foreach ($attachment['errors'] as $error) {
/**
* This function generates a list of records from the liberty_content database for use in a list page
**/
function getList(&$pParamHash)
{
global $gBitSystem, $gBitUser;
if (empty($pParamHash['sort_mode'])) {
if (empty($_REQUEST["sort_mode"])) {
$pParamHash['sort_mode'] = 'event_time_asc';
} else {
$pParamHash['sort_mode'] = $_REQUEST['sort_mode'];
}
}
// Hack until sort_mode can be filtered to acceptable values
$pParamHash['sort_mode'] = 'event_time_asc';
LibertyContent::prepGetList($pParamHash);
$selectSql = '';
$joinSql = '';
$whereSql = '';
$bindVars = array();
array_push($bindVars, $this->mContentTypeGuid);
$this->getServicesSql('content_list_sql_function', $selectSql, $joinSql, $whereSql, $bindVars);
// this will set $find, $sort_mode, $max_records and $offset
extract($pParamHash);
if (is_array($find)) {
// you can use an array of pages
$whereSql .= " AND lc.`title` IN( " . implode(',', array_fill(0, count($find), '?')) . " )";
$bindVars = array_merge($bindVars, $find);
} else {
if (is_string($find)) {
// or a string
$whereSql .= " AND UPPER( lc.`title` )like ? ";
$bindVars[] = '%' . strtoupper($find) . '%';
} else {
if (@$this->verifyId($pUserId)) {
// or a string
$whereSql .= " AND lc.`creator_user_id` = ? ";
$bindVars[] = array($pUserId);
}
}
}
if (!empty($event_before)) {
$whereSql .= " AND lc.`event_time` <= ? ";
$bindVars[] = $event_before;
}
if (!empty($event_after)) {
$whereSql .= " AND lc.`event_time` > ? ";
$bindVars[] = $event_after;
}
$query = "SELECT e.*, et.`name` as `type_name`, lc.`title`, lc.`data`, lc.`modifier_user_id` AS `modifier_user_id`, lc.`user_id` AS `creator_user_id`,\n\t\t\tlc.`last_modified` AS `last_modified`, lc.`event_time` AS `event_time`, lc.`format_guid`, lcps.`pref_value` AS `show_start_time`, lcpe.`pref_value` AS `show_end_time`,\n\t\t\tla.`attachment_id` AS primary_attachment_id\n\t\t\t{$selectSql}\n\t\t\tFROM `" . BIT_DB_PREFIX . "events` e\n\t\t\tLEFT JOIN `" . BIT_DB_PREFIX . "events_types` et ON (e.`type_id` = et.`type_id`)\n\t\t\tINNER JOIN `" . BIT_DB_PREFIX . "liberty_content` lc ON( lc.`content_id` = e.`content_id` )\n\t\t\tLEFT JOIN `" . BIT_DB_PREFIX . "liberty_content_prefs` lcps ON (lc.`content_id` = lcps.`content_id` AND lcps.`pref_name` = 'show_start_time')\n\t\t\tLEFT JOIN `" . BIT_DB_PREFIX . "liberty_attachments` la ON (lc.`content_id` = la.`content_id` AND la.`is_primary` = 'y')\n\t\t\tLEFT JOIN `" . BIT_DB_PREFIX . "liberty_content_prefs` lcpe ON (lc.`content_id` = lcpe.`content_id` AND lcpe.`pref_name` = 'show_end_time')\n\t\t\t{$joinSql}\n\t\t\tWHERE lc.`content_type_guid` = ? {$whereSql}\n\t\t\tORDER BY " . $this->mDb->convertSortmode($sort_mode);
$query_cant = "SELECT COUNT( * )\n\t\t\t\tFROM `" . BIT_DB_PREFIX . "events` e\n\t\t\t\tINNER JOIN `" . BIT_DB_PREFIX . "liberty_content` lc ON( lc.`content_id` = e.`content_id` ) {$joinSql}\n\t\t\t\tWHERE lc.`content_type_guid` = ? {$whereSql}";
$result = $this->mDb->query($query, $bindVars, $max_records, $offset);
$ret = array();
while ($res = $result->fetchRow()) {
if (!empty($parse_split)) {
$res = array_merge($this->parseSplit($res), $res);
}
$res['display_url'] = $this->getDisplayUrl($res['events_id'], $res);
$res['primary_attachment'] = LibertyMime::loadAttachment($res['primary_attachment_id']);
$ret[] = $res;
}
$pParamHash["data"] = $ret;
$pParamHash["cant"] = $this->mDb->getOne($query_cant, $bindVars);
LibertyContent::postGetList($pParamHash);
return $ret;
}
/**
* This function generates a list of records from the liberty_content database for use in a list page
* @param $pParamHash contains an array of conditions to sort by
* @return array of articles
* @access public
**/
public function getList(&$pParamHash)
{
global $gBitSystem, $gBitUser, $gLibertySystem;
if (empty($pParamHash['sort_mode'])) {
// no idea what this is supposed to do
//$pParamHash['sort_mode'] = $gBitSystem->isFeatureActive('articles_auto_approve') ? 'order_key_desc' : 'publish_date_desc';
$pParamHash['sort_mode'] = 'publish_date_desc';
}
LibertyContent::prepGetList($pParamHash);
$joinSql = '';
$selectSql = '';
$bindVars = array();
array_push($bindVars, $this->mContentTypeGuid);
$this->getServicesSql('content_list_sql_function', $selectSql, $joinSql, $whereSql, $bindVars, NULL, $pParamHash);
$find = $pParamHash['find'];
if (is_array($find)) {
// you can use an array of articles
$whereSql .= " AND lc.`title` IN( " . implode(',', array_fill(0, count($find), '?')) . " )";
$bindVars = array_merge($bindVars, $find);
} elseif (is_string($find)) {
// or a string
$whereSql .= " AND UPPER( lc.`title` ) LIKE ? ";
$bindVars[] = '%' . strtoupper($find) . '%';
} elseif (@$this->verifyId($pParamHash['user_id'])) {
// or gate on a user
$whereSql .= " AND lc.`user_id` = ? ";
$bindVars[] = (int) $pParamHash['user_id'];
}
if (@$this->verifyId($pParamHash['status_id'])) {
$whereSql .= " AND a.`status_id` = ? ";
$bindVars[] = $pParamHash['status_id'];
}
if (@$this->verifyId($pParamHash['type_id'])) {
$whereSql .= " AND a.`article_type_id` = ? ";
$bindVars[] = (int) $pParamHash['type_id'];
}
// TODO: we need to check if the article wants to be viewed before / after respective dates
// someone better at SQL please get this working without an additional db call - xing
$now = $gBitSystem->getUTCTime();
if (!empty($pParamHash['show_future']) && !empty($pParamHash['show_expired']) && $gBitUser->hasPermission('p_articles_admin')) {
// this will show all articles at once - future, current and expired
} elseif (!empty($pParamHash['show_future']) && $gBitUser->hasPermission('p_articles_admin')) {
// hide expired articles
$whereSql .= " AND ( a.`expire_date` > ? OR atype.`show_post_expire` = ? ) ";
$bindVars[] = (int) $now;
$bindVars[] = 'y';
} elseif (!empty($pParamHash['show_expired']) && $gBitUser->hasPermission('p_articles_admin')) {
// hide future articles
$whereSql .= " AND ( a.`publish_date` < ? OR atype.`show_pre_publ` = ? ) ";
$bindVars[] = (int) $now;
$bindVars[] = 'y';
} elseif (!empty($pParamHash['get_future'])) {
// show only future
// if we're trying to view these articles, we better have the perms to do so
if (!$gBitUser->hasPermission('p_articles_admin')) {
return array();
}
$whereSql .= " AND a.`publish_date` > ?";
$bindVars[] = (int) $now;
} elseif (!empty($pParamHash['get_expired'])) {
// show only expired articles
// if we're trying to view these articles, we better have the perms to do so
if (!$gBitUser->hasPermission('p_articles_admin')) {
return array();
}
$whereSql .= " AND a.`expire_date` < ? ";
$bindVars[] = (int) $now;
} else {
// hide future and expired articles - this is the default behaviour
// we need all these AND and ORs to ensure that other conditions such as status_id are respected as well
$whereSql .= " AND (( a.`publish_date` > a.`expire_date` ) OR (( a.`publish_date` < ? OR atype.`show_pre_publ` = ? ) AND ( a.`expire_date` > ? OR atype.`show_post_expire` = ? ))) ";
$bindVars[] = (int) $now;
$bindVars[] = 'y';
$bindVars[] = (int) $now;
$bindVars[] = 'y';
}
if (@$this->verifyId($pParamHash['topic_id'])) {
$whereSql .= " AND a.`topic_id` = ? ";
$bindVars[] = (int) $pParamHash['topic_id'];
} elseif (!empty($pParamHash['topic'])) {
$whereSql .= " AND UPPER( atopic.`topic_name` ) = ? ";
$bindVars[] = strtoupper($pParamHash['topic']);
} else {
$whereSql .= " AND ( atopic.`active_topic` != 'n' OR atopic.`active_topic` IS NULL ) ";
//$whereSql .= " AND atopic.`active_topic` != 'n' ";
}
// Oracle is very particular about naming multiple columns, so need to explicity name them ORA-00918: column ambiguously defined
$query = "SELECT\n\t\t\t\ta.`article_id`, a.`description`, a.`author_name`, a.`publish_date`, a.`expire_date`, a.`rating`,\n\t\t\t\tatopic.`topic_id`, atopic.`topic_name`, atopic.`has_topic_image`, atopic.`active_topic`,\n\t\t\t\tastatus.`status_id`, astatus.`status_name`,\n\t\t\t\tlch.`hits`,\n\t\t\t\tatype.*, lc.*, la.`attachment_id` AS `primary_attachment_id`, lf.`file_name` AS `image_attachment_path` {$selectSql}\n\t\t\tFROM `" . BIT_DB_PREFIX . "articles` a\n\t\t\t\tINNER JOIN `" . BIT_DB_PREFIX . "liberty_content` lc ON( lc.`content_id` = a.`content_id` )\n\t\t\t\tINNER JOIN `" . BIT_DB_PREFIX . "article_status` astatus ON( astatus.`status_id` = a.`status_id` )\n\t\t\t\tLEFT OUTER JOIN `" . BIT_DB_PREFIX . "liberty_content_hits` lch ON( lc.`content_id` = lch.`content_id` )\n\t\t\t\tLEFT OUTER JOIN `" . BIT_DB_PREFIX . "article_topics` atopic ON( atopic.`topic_id` = a.`topic_id` )\n\t\t\t\tLEFT OUTER JOIN `" . BIT_DB_PREFIX . "article_types` atype ON( atype.`article_type_id` = a.`article_type_id` )\n\t\t\t\tLEFT OUTER JOIN `" . BIT_DB_PREFIX . "liberty_attachments` la ON( la.`content_id` = lc.`content_id` AND la.`is_primary` = 'y' )\n\t\t\t\tLEFT OUTER JOIN `" . BIT_DB_PREFIX . "liberty_files` lf ON( lf.`file_id` = la.`foreign_id` )\n\t\t\t\t{$joinSql}\n\t\t\tWHERE lc.`content_type_guid` = ? {$whereSql}\n\t\t\tORDER BY " . $this->mDb->convertSortmode($pParamHash['sort_mode']);
$query_cant = "SELECT COUNT( * )FROM `" . BIT_DB_PREFIX . "articles` a\n\t\t\tINNER JOIN `" . BIT_DB_PREFIX . "liberty_content` lc ON lc.`content_id` = a.`content_id`\n\t\t\tLEFT OUTER JOIN `" . BIT_DB_PREFIX . "article_topics` atopic ON atopic.`topic_id` = a.`topic_id` {$joinSql}\n\t\t\tLEFT OUTER JOIN `" . BIT_DB_PREFIX . "article_types` atype ON atype.`article_type_id` = a.`article_type_id`\n\t\t\tWHERE lc.`content_type_guid` = ? {$whereSql}";
$result = $this->mDb->query($query, $bindVars, $pParamHash['max_records'], $pParamHash['offset']);
$ret = array();
$comment = new LibertyComment();
while ($res = $result->fetchRow()) {
// get this stuff parsed
$res = array_merge($this->parseSplit($res, $gBitSystem->getConfig('articles_description_length', 500)), $res);
$res['thumbnail_url'] = static::getImageThumbnails($res);
$res['num_comments'] = $comment->getNumComments($res['content_id']);
$res['display_url'] = self::getDisplayUrlFromHash($res);
$res['display_link'] = $this->getDisplayLink($res['title'], $res);
// fetch the primary attachment that we can display the file on the front page if needed
$res['primary_attachment'] = LibertyMime::loadAttachment($res['primary_attachment_id']);
$ret[] = $res;
}
$pParamHash["cant"] = $this->mDb->getOne($query_cant, $bindVars);
LibertyContent::postGetList($pParamHash);
return $ret;
}
