/**
* Sets the string value.
*
* @param string $value the string value to set
* @return boolean true on success, false on failure
* @access public
*/
function setValue($value)
{
//add some complementary checks on values
if ($value && io::strlen($value) > 255) {
$this->raiseError("Setting a too long string for string value : max 255 cars, set : " . io::strlen($value));
return false;
}
$this->_value = $value;
return true;
}
/**
* Creates compressed file by compressing raw data contained into $this->CMS_archive
*
* @return true on success, false on failure
*/
function create_tar()
{
$pwd = getcwd();
chdir($this->options['basedir']);
foreach ($this->files as $current) {
if ($current['name'] == $this->options['name']) {
continue;
}
if (io::strlen($current['name2']) > 99) {
$path = io::substr($current['name2'], 0, io::strpos($current['name2'], "/", io::strlen($current['name2']) - 100) + 1);
$current['name2'] = io::substr($current['name2'], io::strlen($path));
if (io::strlen($path) > 154 || io::strlen($current['name2']) > 99) {
$this->raiseError("Could not add {$path}{$current['name2']} to archive because the filename is too long.");
continue;
}
}
$block = pack("a100a8a8a8a12a12a8a1a100a6a2a32a32a8a8a155a12", $current['name2'], decoct($current['stat'][2]), sprintf("%6s ", decoct($current['stat'][4])), sprintf("%6s ", decoct($current['stat'][5])), sprintf("%11s ", decoct($current['stat'][7])), sprintf("%11s ", decoct($current['stat'][9])), " ", $current['type'], "", "ustar", "00", "Unknown", "Unknown", "", "", !empty($path) ? $path : "", "");
$checksum = 0;
for ($i = 0; $i < 512; $i++) {
$checksum += ord(io::substr($block, $i, 1));
}
$checksum = pack("a8", sprintf("%6s ", decoct($checksum)));
$block = substr_replace($block, $checksum, 148, 8);
if ($current['stat'][7] == 0) {
$this->add_data($block);
} else {
if ($fp = @fopen($current['name'], "rb")) {
$this->add_data($block);
while ($temp = fread($fp, 1048576)) {
$this->add_data($temp);
}
if ($current['stat'][7] % 512 > 0) {
$temp = "";
for ($i = 0; $i < 512 - $current['stat'][7] % 512; $i++) {
$temp .= "";
}
$this->add_data($temp);
}
fclose($fp);
} else {
$this->raiseError("Could not open file {$current['name']} for reading. It was not added.");
}
}
}
$this->add_data(pack("a512", ""));
chdir($pwd);
return true;
}
/**
* Search groups
* Static function.
*
* @param string search : search group by lastname, firstname or login
* @param string letter : search group by first lastname letter
* @param integer userId : search group which user belongs to
* @param string order : order by fieldname (without suffix). default : label
* @param integer start : search start offset
* @param integer limit : search limit (default : 0 : unlimited)
* @param boolean returnObjects : return CMS_profile_usersGroup objects (default) or array of groupId
* @return array(CMS_profile_usersGroup)
* @access public
*/
static function search($search = '', $letter = '', $userId = false, $groupsIds = array(), $order = '', $direction = 'asc', $start = 0, $limit = 0, $returnObjects = true, &$score = array())
{
$start = (int) $start;
$limit = (int) $limit;
$direction = in_array(io::strtolower($direction), array('asc', 'desc')) ? io::strtolower($direction) : 'asc';
$keywordsWhere = $letterWhere = $groupWhere = $orderClause = $orderBy = '';
$select = 'id_prg';
if ($search) {
//clean user keywords (never trust user input, user is evil)
$keyword = strtr($search, ",;", " ");
$words = array();
$words = array_map("trim", array_unique(explode(" ", io::strtolower($keyword))));
$cleanedWords = array();
foreach ($words as $aWord) {
if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) {
$aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord);
$cleanedWords[] = $aWord;
}
}
if (!$cleanedWords) {
//if no words after cleaning, return
return array();
}
foreach ($cleanedWords as $cleanedWord) {
$keywordsWhere .= $keywordsWhere ? ' and ' : '';
$keywordsWhere .= " label_prg like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'";
}
//$keywordsWhere = ' (';
$select .= " , MATCH (label_prg, description_prg) AGAINST ('" . sensitiveIO::sanitizeSQLString($search) . "') as m ";
$keywordsWhere = " (MATCH (label_prg, description_prg) AGAINST ('" . sensitiveIO::sanitizeSQLString($search) . "') or (" . $keywordsWhere . "))";
}
if ($letter && io::strlen($letter) === 1) {
$letterWhere .= $keywordsWhere ? ' and ' : '';
$letterWhere .= " label_prg like '" . sensitiveIO::sanitizeSQLString($letter) . "%'";
}
if ($userId && sensitiveIO::isPositiveInteger($userId)) {
$userGroups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($userId, true);
if (!$userGroups) {
return array();
}
$groupWhere .= $keywordsWhere || $letterWhere ? ' and ' : '';
$groupWhere .= " id_prg in (" . implode(',', $userGroups) . ")";
}
if ($groupsIds) {
$groupWhere .= $keywordsWhere || $letterWhere || $groupWhere ? ' and ' : '';
$groupWhere .= " id_prg in (" . sensitiveIO::sanitizeSQLString(implode(',', $groupsIds)) . ")";
}
if ($order != 'score') {
if ($order) {
$found = false;
$sql = "DESCRIBE profilesUsersGroups";
$q = new CMS_query($sql);
while ($field = $q->getValue('Field')) {
if ($field == $order . '_prg') {
$found = true;
}
}
if ($found) {
$orderBy = $order . '_prg';
} else {
$orderBy = 'label_prg';
}
} else {
$orderBy = 'label_prg';
}
if ($orderBy) {
$orderClause = "order by\n\t\t\t\t\t" . $orderBy . "\n\t\t\t\t\t" . $direction;
}
} else {
$orderClause = " order by m " . $direction;
}
$sql = "\n\t\t\tselect\n\t\t\t\t" . $select . "\n\t\t\tfrom\n\t\t\t\tprofilesUsersGroups\n\t\t\t" . ($keywordsWhere || $letterWhere || $groupWhere ? 'where' : '') . "\n\t\t\t" . $keywordsWhere . "\n\t\t\t" . $letterWhere . "\n\t\t\t" . $groupWhere . "\n\t\t\t" . $orderClause . "\n\t\t";
if ($limit) {
$sql .= "limit \n\t\t\t\t" . $start . ", " . $limit;
}
$q = new CMS_query($sql);
//pr($sql);
//pr($q->getNumRows());
$groups = array();
while ($r = $q->getArray()) {
$id = $r['id_prg'];
//set match score if exists
if (isset($r['m'])) {
$score[$id] = $r['m'];
}
if ($returnObjects) {
$group = CMS_profile_usersGroupsCatalog::getById($id);
if (is_a($group, "CMS_profile_usersGroup") && !$group->hasError()) {
$groups[] = $group;
}
} else {
$groups[] = $id;
}
}
return $groups;
}
/**
* Check validity format of a given right
*
* @param string the right to check
* format :
* r read (and execute if it's a folder)
* w read and write (and execute if it's a folder)
* x read+write+execute
* XXX unix chmod octal value (ex : 664, 775, etc.)
* @return boolean true on success, false on failure
* @access private
*/
protected function _checkRightFormat($right)
{
if (is_numeric($right)) {
if (io::strlen($right) != 3) {
return false;
} else {
$rights = preg_split('//', $right, -1, PREG_SPLIT_NO_EMPTY);
foreach ($rights as $aRight) {
if ($aRight > 7) {
return false;
}
}
}
} else {
if ($right != 'r' && $right != 'w' && $right != 'x') {
return false;
}
}
return true;
}
/**
* Get field search SQL request (used by class CMS_object_search)
*
* @param integer $fieldID : this field id in object (aka $this->_field->getID())
* @param mixed $value : the value to search
* @param string $operator : additionnal search operator
* @param string $where : where clauses to add to SQL
* @param boolean $public : values are public or edited ? (default is edited)
* @return string : the SQL request
* @access public
*/
function getFieldSearchSQL($fieldID, $value, $operator, $where, $public = false)
{
$supportedOperator = array('like', '!=', '=', 'any', 'all', 'phrase', 'beginswith');
$supportedOperatorForArray = array('in', 'not in', 'any', 'all');
// No operator : use default search
if (!$operator) {
return parent::getFieldSearchSQL($fieldID, $value, $operator, $where, $public);
}
// Check supported operators
if ($operator && !in_array($operator, array_merge($supportedOperator, $supportedOperatorForArray))) {
$this->raiseError("Unknown search operator : " . $operator . ", use default search instead");
$operator = false;
}
// Check operators for array value
if (is_array($value) && $operator && !in_array($operator, $supportedOperatorForArray)) {
$this->raiseError("Can't use this operator : " . $operator . " with an array value, return empty sql");
return '';
}
$statusSuffix = $public ? "_public" : "_edited";
$cleanedWords = array();
if (is_array($value)) {
if ($operator == 'any' || $operator == 'all') {
// in this case, we do a specific cleanup
foreach ($value as $i => $val) {
$cleanedWords[] = str_replace(array('%', '_'), array('\\%', '\\_'), $val);
}
} else {
foreach ($value as $i => $val) {
$value[$i] = "'" . SensitiveIO::sanitizeSQLString($val) . "'";
}
$value = '(' . implode(',', $value) . ')';
}
} elseif (strtolower($value) == 'null') {
$value = "''";
} else {
if ($operator == 'any' || $operator == 'all') {
$words = array();
$words = array_map("trim", array_unique(explode(" ", $value)));
foreach ($words as $aWord) {
if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) {
$aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord);
$cleanedWords[] = $aWord;
}
}
} elseif ($operator != 'phrase' && $operator != 'beginswith') {
// we keep this for backward compatibility, where the user can specify his search with % at the beginning / end
$value = "'" . SensitiveIO::sanitizeSQLString($value) . "'";
}
}
$whereClause = '';
switch ($operator) {
case 'any':
$whereClause .= '(';
//then add keywords
$count = '0';
foreach ($cleanedWords as $aWord) {
$whereClause .= $count ? ' or ' : '';
$count++;
$whereClause .= "value like '%" . $aWord . "%'";
if (htmlentities($aWord) != $aWord) {
$whereClause .= " or value like '%" . htmlentities($aWord) . "%'";
}
}
$whereClause .= ')';
break;
case 'all':
$whereClause .= '(';
//then add keywords
$count = '0';
foreach ($cleanedWords as $aWord) {
$whereClause .= $count ? ' and ' : '';
$count++;
if (htmlentities($aWord) != $aWord) {
$whereClause .= "(value like '%" . $aWord . "%' or value like '%" . htmlentities($aWord) . "%')";
} else {
$whereClause .= "value like '%" . $aWord . "%'";
}
}
$whereClause .= ')';
break;
case 'phrase':
$value = str_replace(array('%', '_'), array('\\%', '\\_'), trim($value));
if (htmlentities($value) != $value) {
$whereClause .= "(value like '%" . $value . "%' or value like '%" . htmlentities($value) . "%')";
} else {
$whereClause .= "value like '%" . $value . "%'";
}
break;
case 'beginswith':
$value = str_replace(array('%', '_'), array('\\%', '\\_'), trim($value));
if (htmlentities($value) != $value) {
$whereClause .= "(value like '" . $value . "%' or value like '" . htmlentities($value) . "%')";
} else {
$whereClause .= "value like '" . $value . "%'";
}
break;
default:
$whereClause .= " value " . $operator . " " . $value;
break;
}
$sql = "\n\t\t\tselect\n\t\t\t\tdistinct objectID\n\t\t\tfrom\n\t\t\t\tmod_subobject_text" . $statusSuffix . "\n\t\t\twhere\n\t\t\t\tobjectFieldID = '" . SensitiveIO::sanitizeSQLString($fieldID) . "'\n\t\t\t\tand " . $whereClause . "\n\t\t\t\t{$where}";
return $sql;
}
/**
* Duplicate this block
* Used to duplicate a CMS_page.
*
* @param CMS_page $destinationPage, the page receiving a copy of this block
* @param boolean $public The precision needed for USERSPACE location
* @return CMS_block object
*/
function duplicate(&$destinationPage, $public = false)
{
if (SensitiveIO::isPositiveInteger($this->_dbID) && $this->_file) {
$table = $this->_getDataTableName(RESOURCE_LOCATION_USERSPACE, $public);
//Copy linked file
//In new file name, delete reference to old page and add refernce to new one
$_newFilename = "p" . $destinationPage->getID() . io::substr($this->_file, io::strpos($this->_file, "_"), io::strlen($this->_file));
if (@is_file(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file) && @copy(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename) && @chmod(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename, octdec(FILES_CHMOD))) {
//Public
if ($public) {
if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename, octdec(FILES_CHMOD))) {
$this->raiseError("Duplicate, copy of new file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename);
}
}
$_newEnlargedFilename = '';
//With enlarged file
if ($this->_enlargedFile != '') {
$_newEnlargedFilename = "p" . $destinationPage->getID() . io::substr($this->_enlargedFile, io::strpos($this->_enlargedFile, "_"), io::strlen($this->_enlargedFile));
//Edited
if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_enlargedFile, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename, octdec(FILES_CHMOD))) {
$this->raiseError("Duplicate, copy of new enlarged file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename);
}
//Public
if ($public) {
if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $this->_enlargedFile, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename, octdec(FILES_CHMOD))) {
$this->raiseError("Duplicate, copy of new enlarged file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename);
}
}
}
//Save new datas
$str_set = "\n\t\t\t\t\t\tpage='" . $destinationPage->getID() . "',\n\t\t\t\t\t\tclientSpaceID='" . $this->_clientSpaceID . "',\n\t\t\t\t\t\trowID='" . $this->_rowID . "',\n\t\t\t\t\t\tblockID='" . $this->_tagID . "',\n\t\t\t\t\t\tlabel='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($this->_label)) . "',\n\t\t\t\t\t\tfile='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($_newFilename)) . "',\n\t\t\t\t\t\texternalLink='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($this->_externalLink)) . "',\n\t\t\t\t\t\tenlargedFile='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($_newEnlargedFilename)) . "'\n\t\t\t\t";
$sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\t" . $table . "\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t";
$q = new CMS_query($sql);
if (!$q->hasError()) {
//Table Edition
$sql = "\n\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t" . $this->_getDataTableName(RESOURCE_LOCATION_EDITION, false) . "\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tid='" . $q->getLastInsertedID() . "',\n\t\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t\t";
$q = new CMS_query($sql);
return !$q->hasError();
} else {
$this->raiseError("Duplicate, SQL insertion of new filename failed : " . $sql);
}
} else {
$this->raiseError("Duplicate, copy of file failed :" . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file);
}
}
return false;
}
*
* @package Automne
* @subpackage admin
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_JSON);
//This file is an admin file. Interface must be secure
$view->setSecure();
$query = sensitiveIO::request('query', '', '');
$start = sensitiveIO::request('start', 'sensitiveIO::isPositiveInteger', 0);
$limit = sensitiveIO::request('limit', 'sensitiveIO::isPositiveInteger', 10);
if (!$query || io::strlen($query) < 3) {
CMS_grandFather::raiseError('Missing query or query is too short : ' . $query);
$view->show();
}
//lauch search
$results = CMS_search::getSearch($query, $cms_user, false, false);
//pr($results);
$pages = array();
$count = 0;
if (isset($results['results']) && is_array($results['results'])) {
foreach ($results['results'] as $result) {
if ($count >= $start && sizeof($pages) < $limit) {
$page = CMS_tree::getPageById($result);
if ($page && !$page->hasError()) {
$pages[] = array('pageId' => $page->getID(), 'title' => $page->getTitle() . ' (' . $page->getID() . ')', 'status' => $page->getStatus()->getHTML(true, $cms_user, MOD_STANDARD_CODENAME, $page->getID()), 'lineage' => CMS_tree::getLineage(APPLICATION_ROOT_PAGE_ID, $page->getID(), false));
} else {
/**
* Return all the rows available
*
* @param CMS_profile_user $cms_user : restrict to user rights on modules (default : false)
* @param integer $tplId : restrict to rows usable in given template (default : false)
* @param string $csId : restrict to rows usable in given clientspace (default : false)
* @param integer $start : start position
* @param integer $limit : limit position
* @param integer $count : number of rows found (passed by reference)
* @access public
*/
static function getAll($includeInactive = false, $keyword = '', $groups = array(), $rowIds = array(), $user = false, $tplId = false, $csId = false, $start = 0, $limit = 0, $returnObjects = true, &$score = array())
{
$select = 'id_row';
$where = '';
//keywords
if ($keyword) {
//clean user keywords (never trust user input, user is evil)
$keyword = strtr($keyword, ",;", " ");
$words = array();
$words = array_map("trim", array_unique(explode(" ", io::strtolower($keyword))));
$cleanedWords = array();
foreach ($words as $aWord) {
if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) {
$aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord);
$cleanedWords[] = $aWord;
}
}
if (!$cleanedWords) {
//if no words after cleaning, return
return array();
}
$keywordWhere = '';
foreach ($cleanedWords as $cleanedWord) {
$keywordWhere .= $keywordWhere ? ' and ' : '';
$keywordWhere .= " (\n\t\t\t\t\tdescription_row like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\tor label_row like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t)";
}
$where .= $where ? ' and ' : '';
$where .= " ((" . $keywordWhere . ") or MATCH (label_row, description_row) AGAINST ('" . sensitiveIO::sanitizeSQLString($keyword) . "') )";
$select .= " , MATCH (label_row, description_row) AGAINST ('" . sensitiveIO::sanitizeSQLString($keyword) . "') as m ";
}
$sql = "\n\t\t\tselect\n\t\t\t\t" . $select . "\n\t\t\tfrom\n\t\t\t\tmod_standard_rows\n\t\t";
//groups
if ($groups) {
foreach ($groups as $group) {
$where .= $where ? ' and ' : '';
$where .= " (\n\t\t\t\t\tgroupsStack_row='" . sensitiveIO::sanitizeSQLString($group) . "'\n\t\t\t\t\tor groupsStack_row like '%;" . sensitiveIO::sanitizeSQLString($group) . ";%'\n\t\t\t\t\tor groupsStack_row like '" . sensitiveIO::sanitizeSQLString($group) . ";%'\n\t\t\t\t\tor groupsStack_row like '%;" . sensitiveIO::sanitizeSQLString($group) . "'\n\t\t\t\t)";
}
}
//useable
if (!$includeInactive) {
$where .= $where ? ' and ' : '';
$where .= " useable_row=1 ";
}
//rowIds
if ($rowIds) {
$where .= $where ? ' and ' : '';
$where .= " id_row in (" . implode(',', $rowIds) . ") ";
}
if ($tplId) {
$where .= $where ? ' and ' : '';
$where .= " (\n\t\t\t\ttplfilter_row=''\n\t\t\t\tor tplfilter_row='" . sensitiveIO::sanitizeSQLString($tplId) . "'\n\t\t\t\tor tplfilter_row like '%;" . sensitiveIO::sanitizeSQLString($tplId) . ";%'\n\t\t\t\tor tplfilter_row like '" . sensitiveIO::sanitizeSQLString($tplId) . ";%'\n\t\t\t\tor tplfilter_row like '%;" . sensitiveIO::sanitizeSQLString($tplId) . "'\n\t\t\t) ";
}
//user
if (is_object($user) && !$user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) {
$groupsDenied = $user->getRowGroupsDenied();
$groupsDenied = $groupsDenied->getElements();
if ($groupsDenied) {
$where .= $where ? ' and (' : '(';
foreach ($groupsDenied as $group) {
$where .= " (\n\t\t\t\t\t\tgroupsStack_row != '" . sensitiveIO::sanitizeSQLString($group[0]) . "'\n\t\t\t\t\t\tand groupsStack_row not like '%;" . sensitiveIO::sanitizeSQLString($group[0]) . ";%'\n\t\t\t\t\t\tand groupsStack_row not like '" . sensitiveIO::sanitizeSQLString($group[0]) . ";%'\n\t\t\t\t\t\tand groupsStack_row not like '%;" . sensitiveIO::sanitizeSQLString($group[0]) . "'\n\t\t\t\t\t) and";
}
//remove last "or" and append )
$where = io::substr($where, 0, -3) . ')';
}
}
$sql = $sql . ($where ? ' where ' . $where : '');
//order
if (io::strpos($sql, 'MATCH') === false) {
$sql .= " order by label_row ";
} else {
$sql .= " order by m desc ";
}
//limit
if ($start || $limit) {
$sql .= " limit " . sensitiveIO::sanitizeSQLString($start) . "," . sensitiveIO::sanitizeSQLString($limit);
}
//pr($sql);
$q = new CMS_query($sql);
$rows = array();
while ($r = $q->getArray()) {
$id = $r['id_row'];
//set match score if exists
if (isset($r['m'])) {
$score[$id] = $r['m'];
}
if ($returnObjects) {
$row = new CMS_row($id);
if (!$row->hasError()) {
$rows[$row->getID()] = $row;
}
} else {
$rows[$id] = $id;
}
}
return $rows;
}
/**
* Creates compressed file by compressing raw data contained into $this->CMS_archive
*
* @return true on success, false on failure
*/
function create_zip()
{
$files = 0;
$offset = 0;
$central = "";
if (!empty($this->options['sfx'])) {
if ($fp = @fopen($this->options['sfx'], "rb")) {
$temp = fread($fp, filesize($this->options['sfx']));
fclose($fp);
$this->add_data($temp);
$offset += io::strlen($temp);
unset($temp);
} else {
$this->raiseError("Could not open sfx module from {$this->options['sfx']}.");
}
}
$pwd = getcwd();
chdir($this->options['basedir']);
foreach ($this->files as $current) {
if ($current['name'] == $this->options['name']) {
continue;
}
// Special chars management
$translate = array('Ç' => pack("C", 128), 'ü' => pack("C", 129), 'é' => pack("C", 130), 'â' => pack("C", 131), 'ä' => pack("C", 132), 'à' => pack("C", 133), 'å' => pack("C", 134), 'ç' => pack("C", 135), 'ê' => pack("C", 136), 'ë' => pack("C", 137), 'è' => pack("C", 138), 'ï' => pack("C", 139), 'î' => pack("C", 140), 'ì' => pack("C", 141), 'Ä' => pack("C", 142), 'Å' => pack("C", 143), 'É' => pack("C", 144), 'æ' => pack("C", 145), 'Æ' => pack("C", 146), 'ô' => pack("C", 147), 'ö' => pack("C", 148), 'ò' => pack("C", 149), 'û' => pack("C", 150), 'ù' => pack("C", 151), 'Ö' => pack("C", 153), 'Ü' => pack("C", 154), '£' => pack("C", 156), '¥' => pack("C", 157), 'ƒ' => pack("C", 159), 'á' => pack("C", 160), 'í' => pack("C", 161), 'ó' => pack("C", 162), 'ú' => pack("C", 163), 'ñ' => pack("C", 164), 'Ñ' => pack("C", 165));
$current['name2'] = strtr($current['name2'], $translate);
$timedate = explode(" ", date("Y n j G i s", $current['stat'][9]));
$timedate = $timedate[0] - 1980 << 25 | $timedate[1] << 21 | $timedate[2] << 16 | $timedate[3] << 11 | $timedate[4] << 5 | $timedate[5];
$block = pack("VvvvV", 0x4034b50, 0xa, 0x0, isset($current['method']) || $this->options['method'] == 0 ? 0x0 : 0x8, $timedate);
if ($current['stat'][7] == 0 && $current['type'] == 5) {
$block .= pack("VVVvv", 0x0, 0x0, 0x0, io::strlen($current['name2']) + 1, 0x0);
$block .= $current['name2'] . "/";
$this->add_data($block);
$central .= pack("VvvvvVVVVvvvvvVV", 0x2014b50, 0x14, $this->options['method'] == 0 ? 0x0 : 0xa, 0x0, isset($current['method']) || $this->options['method'] == 0 ? 0x0 : 0x8, $timedate, 0x0, 0x0, 0x0, io::strlen($current['name2']) + 1, 0x0, 0x0, 0x0, 0x0, $current['type'] == 5 ? 0x10 : 0x0, $offset);
$central .= $current['name2'] . "/";
$files++;
$offset += 31 + io::strlen($current['name2']);
} else {
if ($current['stat'][7] == 0) {
$block .= pack("VVVvv", 0x0, 0x0, 0x0, io::strlen($current['name2']), 0x0);
$block .= $current['name2'];
$this->add_data($block);
$central .= pack("VvvvvVVVVvvvvvVV", 0x2014b50, 0x14, $this->options['method'] == 0 ? 0x0 : 0xa, 0x0, isset($current['method']) || $this->options['method'] == 0 ? 0x0 : 0x8, $timedate, 0x0, 0x0, 0x0, io::strlen($current['name2']), 0x0, 0x0, 0x0, 0x0, $current['type'] == 5 ? 0x10 : 0x0, $offset);
$central .= $current['name2'];
$files++;
$offset += 30 + io::strlen($current['name2']);
} else {
if ($fp = @fopen($current['name'], "rb")) {
$temp = fread($fp, $current['stat'][7]);
fclose($fp);
$crc32 = crc32($temp);
if (!isset($current['method']) && $this->options['method'] == 1) {
$temp = gzcompress($temp, $this->options['level']);
$size = io::strlen($temp) - 6;
$temp = io::substr($temp, 2, $size);
} else {
$size = io::strlen($temp);
}
$block .= pack("VVVvv", $crc32, $size, $current['stat'][7], io::strlen($current['name2']), 0x0);
$block .= $current['name2'];
$this->add_data($block);
$this->add_data($temp);
unset($temp);
$central .= pack("VvvvvVVVVvvvvvVV", 0x2014b50, 0x14, $this->options['method'] == 0 ? 0x0 : 0xa, 0x0, isset($current['method']) || $this->options['method'] == 0 ? 0x0 : 0x8, $timedate, $crc32, $size, $current['stat'][7], io::strlen($current['name2']), 0x0, 0x0, 0x0, 0x0, 0x0, $offset);
$central .= $current['name2'];
$files++;
$offset += 30 + io::strlen($current['name2']) + $size;
} else {
$this->raiseError("Could not open file {$current['name']} for reading. It was not added.");
}
}
}
}
$this->add_data($central);
$this->add_data(pack("VvvvvVVv", 0x6054b50, 0x0, 0x0, $files, $files, io::strlen($central), $offset, !empty($this->options['comment']) ? io::strlen($this->options['comment']) : 0x0));
if (!empty($this->options['comment'])) {
$this->add_data($this->options['comment']);
}
chdir($pwd);
return true;
}
/**
* Sets the alternatives domains url. Can be empty. Will be riden of http://.
*
* @param string $url The url to set
* @return boolean true on success, false on failure.
* @access public
*/
function setAltDomains($domains)
{
if (!$domains) {
$this->_altdomains = '';
return true;
}
$this->_altdomains = '';
$domains = explode(';', $domains);
foreach ($domains as $domain) {
if (io::substr($domain, 0, 7) == "http://") {
$domain = io::substr($domain, 7);
}
if ($domain) {
$this->_altdomains .= $this->_altdomains ? ';' : '';
if (io::substr($domain, io::strlen($domain) - 1) == "/") {
$domain = io::substr($domain, 0, -1);
}
$this->_altdomains .= $domain;
}
}
return true;
}
/**
* Start the scripts process queue.
* Remove the lock file then relaunch the script if force is true
*
* @param boolean $force Set to true if you wish to remove the lock file before launch
* @return void
* @access public
* @static
*/
static function startScript($force = false)
{
if (USE_BACKGROUND_REGENERATOR) {
$forceRestart = '';
if ($force) {
$forceRestart = ' -F';
} elseif (processManager::hasRunningScript()) {
return false;
}
//test if we're on windows or linux, for the output redirection
if (APPLICATION_IS_WINDOWS) {
if (realpath(PATH_PHP_CLI_WINDOWS) === false) {
CMS_grandFather::raiseError("Unknown CLI location : " . PATH_PHP_CLI_WINDOWS . ", please check your configuration.");
return false;
}
// Create the BAT file
$command = '@echo off' . "\r\n" . 'start /B /LOW ' . realpath(PATH_PHP_CLI_WINDOWS) . ' ' . realpath(PATH_PACKAGES_FS . '\\scripts\\script.php') . ' -m ' . REGENERATION_THREADS . $forceRestart;
$replace = array('program files (x86)' => 'progra~2', 'program files' => 'progra~1', 'documents and settings' => 'docume~1');
$command = str_ireplace(array_keys($replace), $replace, $command);
if (!@touch(PATH_WINDOWS_BIN_FS . "/script.bat")) {
CMS_grandFather::_raiseError("CMS_scriptsManager : startScript : Create file error : " . PATH_WINDOWS_BIN_FS . "/script.bat");
return false;
}
$fh = @fopen(PATH_WINDOWS_BIN_FS . "/script.bat", "wb");
if (is_resource($fh)) {
if (!@fwrite($fh, $command, io::strlen($command))) {
CMS_grandFather::raiseError("Save file error : script.bat");
}
@fclose($fh);
}
$WshShell = new COM("WScript.Shell");
$oExec = $WshShell->Run(str_ireplace(array_keys($replace), $replace, realpath(PATH_WINDOWS_BIN_FS . '\\script.bat')), 0, false);
} else {
$error = '';
if (!defined('PATH_PHP_CLI_UNIX') || !PATH_PHP_CLI_UNIX) {
$return = CMS_patch::executeCommand('which php 2>&1', $error);
if ($error) {
CMS_grandFather::raiseError('Error when finding php CLI with command "which php", please check your configuration : ' . $error);
return false;
}
if (io::substr($return, 0, 1) != '/') {
CMS_grandFather::raiseError('Can\'t find php CLI with command "which php", please check your configuration.');
return false;
}
$return = CMS_patch::executeCommand("cd " . PATH_REALROOT_FS . "; php " . PATH_PACKAGES_FS . "/scripts/script.php -m " . REGENERATION_THREADS . $forceRestart . " > /dev/null 2>&1 &", $error);
if ($error) {
CMS_grandFather::raiseError('Error during execution of script command (cd ' . PATH_REALROOT_FS . '; php ' . PATH_PACKAGES_FS . '/scripts/script.php -m ' . REGENERATION_THREADS . $forceRestart . '), please check your configuration : ' . $error);
return false;
}
} else {
$return = CMS_patch::executeCommand(PATH_PHP_CLI_UNIX . ' -v 2>&1', $error);
if ($error) {
CMS_grandFather::raiseError('Error when testing php CLI with command "' . PATH_PHP_CLI_UNIX . ' -v", please check your configuration : ' . $error);
return false;
}
if (io::strpos(io::strtolower($return), '(cli)') === false) {
CMS_grandFather::raiseError(PATH_PHP_CLI_UNIX . ' is not the CLI version');
return false;
}
$return = CMS_patch::executeCommand("cd " . PATH_REALROOT_FS . "; " . PATH_PHP_CLI_UNIX . " " . PATH_PACKAGES_FS . "/scripts/script.php -m " . REGENERATION_THREADS . $forceRestart . " > /dev/null 2>&1 &", $error);
if ($error) {
CMS_grandFather::raiseError('Error during execution of script command (cd ' . PATH_REALROOT_FS . '; ' . PATH_PHP_CLI_UNIX . ' ' . PATH_PACKAGES_FS . '/scripts/script.php -m ' . REGENERATION_THREADS . $forceRestart . '), please check your configuration : ' . $error);
return false;
}
}
//CMS_grandFather::log($return);
//CMS_grandFather::log("cd ".PATH_REALROOT_FS."; php ".PATH_PACKAGES_FS."/scripts/script.php -m ".REGENERATION_THREADS.$forceRestart." > /dev/null 2>&1 &");
//@system("cd ".PATH_REALROOT_FS."; php ".PATH_PACKAGES_FS."/scripts/script.php -m ".REGENERATION_THREADS.$forceRestart." > /dev/null 2>&1 &");
}
} else {
CMS_session::setSessionVar('start_script', true);
}
}
/**
* Duplicate this block
* Used to duplicate a CMS_page.
*
* @param CMS_page $destinationPage, the page receiving a copy of this block
* @param boolean $public The precision needed for USERSPACE location
* @return CMS_block object
*/
function duplicate(&$destinationPage, $public = false)
{
if (SensitiveIO::isPositiveInteger($this->_dbID) && $this->_file) {
$table = $this->_getDataTableName(RESOURCE_LOCATION_USERSPACE, $public);
//Copy linked file
//In new file name, delete reference to old page and add refernce to new one
$_newFilename = "p" . $destinationPage->getID() . io::substr($this->_file, io::strpos($this->_file, "_"), io::strlen($this->_file));
if (@is_file(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file) && @copy(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename) && @chmod(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename, octdec(FILES_CHMOD))) {
//Public
if ($public) {
if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename, octdec(FILES_CHMOD))) {
$this->raiseError("Duplicate, flash file copy failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename);
}
}
//Save new datas
$str_set = "\n\t\t\t\t\t\tpage='" . $destinationPage->getID() . "',\n\t\t\t\t\t\tclientSpaceID='" . $this->_clientSpaceID . "',\n\t\t\t\t\t\trowID='" . $this->_rowID . "',\n\t\t\t\t\t\tblockID='" . $this->_tagID . "',\n\t\t\t\t\t\tfile='" . SensitiveIO::sanitizeSQLString($_newFilename) . "',\n\t\t\t\t\t\twidth='" . SensitiveIO::sanitizeSQLString($this->_width) . "',\n\t\t\t\t\t\theight='" . SensitiveIO::sanitizeSQLString($this->_height) . "',\n\t\t\t\t\t\tname='" . SensitiveIO::sanitizeSQLString($this->_name) . "',\n\t\t\t\t\t\tversion='" . SensitiveIO::sanitizeSQLString($this->_version) . "',\n\t\t\t\t\t\tparams='" . SensitiveIO::sanitizeSQLString($this->_params) . "',\n\t\t\t\t\t\tflashvars='" . SensitiveIO::sanitizeSQLString($this->_flashvars) . "',\n\t\t\t\t\t\tattributes='" . SensitiveIO::sanitizeSQLString($this->_flashattributes) . "'\n\t\t\t\t";
$sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\t" . $table . "\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t";
$q = new CMS_query($sql);
if (!$q->hasError()) {
//Table Edition
$sql = "\n\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t" . $this->_getDataTableName(RESOURCE_LOCATION_EDITION, false) . "\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tid='" . $q->getLastInsertedID() . "',\n\t\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t\t";
$q = new CMS_query($sql);
return !$q->hasError();
} else {
$this->raiseError("Duplicate, SQL insertion of new flash failed: " . $sql);
}
} else {
$this->raiseError("Duplicate, copy of file failed :" . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file);
}
}
return false;
}
/**
* Sets a value for a given language code.
*
* @param string $languageCode the language code of the value to set
* @param mixed $value the value to set
* @return boolean true on success, false on failure
* @access public
*/
function setValue($languageCode, $value)
{
if (io::strlen($languageCode) > 5) {
$this->raiseError("Can't use a language code longuer than 5 caracters : " . $languageCode);
return false;
}
$this->_values[$languageCode] = $value;
return true;
}
/**
* Search users
* Static function.
*
* @param string search : search user by lastname, firstname or login
* @param string letter : search user by first lastname letter
* @param integer group : search user by group ID
* @param string order : order by fieldname (without suffix). default : lastname, firstname
* @param integer start : search start offset
* @param integer limit : search limit (default : 0 : unlimited)
* @param boolean activeOnly : return only active users (default : false)
* @param boolean returnObjects : return CMS_profile_user objects (default) or array of userId
* @return array(CMS_profile_user)
* @access public
*/
static function search($search = '', $letter = '', $group = '', $order = '', $direction = 'asc', $start = 0, $limit = 0, $activeOnly = false, $returnObjects = true, &$score = array())
{
$start = (int) $start;
$limit = (int) $limit;
$group = (int) $group;
$direction = in_array(io::strtolower($direction), array('asc', 'desc')) ? io::strtolower($direction) : 'asc';
$keywordsWhere = $letterWhere = $groupWhere = $orderBy = $orderClause = $idWhere = '';
$select = 'id_pru';
if (io::strpos($search, ':noroot:') !== false) {
$idWhere = " and id_pru != '" . ROOT_PROFILEUSER_ID . "'";
$search = trim(str_replace(':noroot:', '', $search));
}
if (io::substr($search, 0, 5) == 'user:'******'" . sensitiveIO::sanitizeSQLString(io::substr($search, 5)) . "'";
$search = '';
}
if (io::substr($search, 0, 6) == 'group:' && sensitiveIO::isPositiveInteger(io::substr($search, 6))) {
$group = io::substr($search, 6);
$search = '';
}
if ($search) {
//clean user keywords (never trust user input, user is evil)
$keyword = strtr($search, ",;", " ");
$words = array();
$words = array_map("trim", array_unique(explode(" ", io::strtolower($keyword))));
$cleanedWords = array();
foreach ($words as $aWord) {
if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) {
$aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord);
if (htmlentities($aWord) != $aWord) {
$cleanedWords[] = htmlentities($aWord);
}
$cleanedWords[] = $aWord;
}
}
if (!$cleanedWords) {
//if no words after cleaning, return
return array();
}
foreach ($cleanedWords as $cleanedWord) {
$keywordsWhere .= $keywordsWhere ? " and " : '';
$keywordsWhere .= " (\n\t\t\t\t\tlastName_pru like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\tor firstName_pru like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\tor login_pru like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t)";
}
$keywordsWhere = ' and ((' . $keywordsWhere . ')';
$select .= " , MATCH (lastName_pru, firstName_pru, login_pru) AGAINST ('" . sensitiveIO::sanitizeSQLString($search) . "') as m ";
$keywordsWhere .= " or MATCH (lastName_pru, firstName_pru, login_pru) AGAINST ('" . sensitiveIO::sanitizeSQLString($search) . "') )";
}
if ($letter && io::strlen($letter) === 1) {
$letterWhere = " and lastName_pru like '" . sensitiveIO::sanitizeSQLString($letter) . "%'";
}
if ($group) {
$groupUsers = CMS_profile_usersGroupsCatalog::getGroupUsers($group, false);
if (!$groupUsers) {
return array();
}
$groupWhere = " and id_pru in (" . implode(',', $groupUsers) . ")";
}
if ($order != 'score') {
if ($order) {
$found = false;
$sql = "DESCRIBE profilesUsers";
$q = new CMS_query($sql);
while ($field = $q->getValue('Field')) {
if ($field == $order . '_pru') {
$found = true;
}
}
if ($found) {
$orderBy = $order . '_pru';
} else {
$orderBy = 'lastName_pru,firstName_pru';
}
} else {
$orderBy = 'lastName_pru,firstName_pru';
}
if ($orderBy) {
$orderClause = "order by\n\t\t\t\t\t" . $orderBy . "\n\t\t\t\t\t" . $direction;
}
} elseif ($search) {
$orderClause = " order by m " . $direction;
}
$sql = "\n\t\t\tselect\n\t\t\t\t" . $select . "\n\t\t\tfrom\n\t\t\t\tprofilesUsers\n\t\t\twhere \n\t\t\t deleted_pru='0'\n\t\t\t" . ($activeOnly ? " and active_pru='1' " : '') . "\n\t\t\t" . $keywordsWhere . "\n\t\t\t" . $letterWhere . "\n\t\t\t" . $groupWhere . "\n\t\t\t" . $idWhere . "\n\t\t\t" . $orderClause . "\n\t\t";
if ($limit) {
$sql .= "limit \n\t\t\t\t" . $start . ", " . $limit;
}
$q = new CMS_query($sql);
//pr($sql);
//pr($q->getNumRows());
$users = array();
while ($r = $q->getArray()) {
$id = $r['id_pru'];
//set match score if exists
if (isset($r['m'])) {
$score[$id] = $r['m'];
}
if ($returnObjects) {
$usr = CMS_profile_usersCatalog::getByID($id);
if (is_a($usr, "CMS_profile_user") && !$usr->hasError()) {
if ($activeOnly && $usr->isActive() || !$activeOnly) {
$users[] = $usr;
}
}
} else {
$users[] = $id;
}
}
//pr($score);
return $users;
}
/** Encode string to quoted-printable.
* @access private
* @return string
*/
function EncodeQP($str)
{
$encoded = $this->FixEOL($str);
if (io::substr($encoded, -io::strlen($this->LE)) != $this->LE) {
$encoded .= $this->LE;
}
/* Replace every high ascii, control and = characters */
$encoded = preg_replace('/([\\000-\\010\\013\\014\\016-\\037\\075\\177-\\377])/e', "'='.sprintf('%02X', ord('\\1'))", $encoded);
/* Replace every spaces and tabs when it's the last character on a line */
$encoded = preg_replace("/([\t ])" . $this->LE . "/e", "'='.sprintf('%02X', ord('\\1')).'" . $this->LE . "'", $encoded);
/* Maximum line length of 76 characters before CRLF (74 + space + '=') */
//$encoded = $this->WrapText($encoded, 74, true);
return $encoded;
}
/**
* set object Values
*
* @param array $values : the POST result values
* @param string prefixname : the prefix used for post names
* @param boolean newFormat : new automne v4 format (default false for compatibility)
* @param integer $objectID : the current object id. Must be set, but default is blank for compatibility with other objects
* @return boolean true on success, false on failure
* @access public
*/
function setValues($values, $prefixName, $newFormat = false, $objectID = '')
{
if (!sensitiveIO::isPositiveInteger($objectID)) {
$this->raiseError('ObjectID must be a positive integer : ' . $objectID);
return false;
}
//get field parameters
$params = $this->getParamsValues();
//get module codename
$moduleCodename = CMS_poly_object_catalog::getModuleCodenameForField($this->_field->getID());
if ($newFormat) {
//delete old files ?
//thumbnail
if ($this->_subfieldValues[1]->getValue() && (!$values[$prefixName . $this->_field->getID() . '_1'] || pathinfo($values[$prefixName . $this->_field->getID() . '_1'], PATHINFO_BASENAME) != $this->_subfieldValues[1]->getValue())) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue());
$this->_subfieldValues[1]->setValue('');
}
//file
if ($this->_subfieldValues[4]->getValue() && (!$values[$prefixName . $this->_field->getID() . '_4'] || pathinfo($values[$prefixName . $this->_field->getID() . '_4'], PATHINFO_BASENAME) != $this->_subfieldValues[4]->getValue())) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue());
$this->_subfieldValues[4]->setValue('');
//reset filesize
if (!$this->_subfieldValues[2]->setValue(0)) {
return false;
}
}
if (!(isset($values[$prefixName . $this->_field->getID() . '_0']) && $this->_subfieldValues[0]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_0'])))) {
return false;
}
//thumbnail
if (isset($values[$prefixName . $this->_field->getID() . '_1']) && $values[$prefixName . $this->_field->getID() . '_1'] && io::strpos($values[$prefixName . $this->_field->getID() . '_1'], PATH_UPLOAD_WR . '/') !== false) {
$filename = $values[$prefixName . $this->_field->getID() . '_1'];
//check for image type before doing anything
if (!in_array(io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)), $this->_allowedExtensions)) {
return false;
}
//destroy old image if any
if ($this->_subfieldValues[1]->getValue()) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue());
$this->_subfieldValues[1]->setValue('');
}
//move and rename uploaded file
$filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $filename);
$basename = pathinfo($filename, PATHINFO_BASENAME);
//set thumbnail
$path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED;
$newBasename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($basename));
//rename image
$path_parts = pathinfo($newBasename);
$extension = io::strtolower($path_parts['extension']);
$newBasename = io::substr($path_parts['basename'], 0, -(io::strlen($extension) + 1)) . '_thumbnail.' . $extension;
if (io::strlen($newBasename) > 255) {
$newBasename = sensitiveIO::ellipsis($newBasename, 255, '-', true);
}
$newFilename = $path . '/' . $newBasename;
//move file from upload dir to new dir
CMS_file::moveTo($filename, $newFilename);
CMS_file::chmodFile(FILES_CHMOD, $newFilename);
//resize thumbnail if needed
if ($params['thumbMaxWidth'] > 0 || $params['thumbMaxHeight'] > 0) {
$oImage = new CMS_image($newFilename);
//get current file size
$sizeX = $oImage->getWidth();
$sizeY = $oImage->getHeight();
//check thumbnail size
list($sizeX, $sizeY) = @getimagesize($newFilename);
if ($params['thumbMaxWidth'] && $sizeX > $params['thumbMaxWidth'] || $params['thumbMaxHeight'] && $sizeY > $params['thumbMaxHeight']) {
$newSizeX = $sizeX;
$newSizeY = $sizeY;
// Check width
if ($params['thumbMaxWidth'] && $newSizeX > $params['thumbMaxWidth']) {
$newSizeY = round($params['thumbMaxWidth'] * $newSizeY / $newSizeX);
$newSizeX = $params['thumbMaxWidth'];
}
if ($params['thumbMaxHeight'] && $newSizeY > $params['thumbMaxHeight']) {
$newSizeX = round($params['thumbMaxHeight'] * $newSizeX / $newSizeY);
$newSizeY = $params['thumbMaxHeight'];
}
if (!$oImage->resize($newSizeX, $newSizeY, $newFilename)) {
return false;
}
}
}
//set thumbnail
if (!$this->_subfieldValues[1]->setValue($newBasename)) {
return false;
}
}
//File
//1- from external location
if (isset($values[$prefixName . $this->_field->getID() . '_externalfile']) && $values[$prefixName . $this->_field->getID() . '_externalfile']) {
//from FTP directory
$filename = $values[$prefixName . $this->_field->getID() . '_externalfile'];
//check file extension
if ($params['allowedType'] || $params['disallowedType']) {
$extension = io::strtolower(pathinfo($filename, PATHINFO_EXTENSION));
if (!$extension) {
return false;
}
//extension must be in allowed list
if ($params['allowedType'] && !in_array($extension, explode(',', io::strtolower($params['allowedType'])))) {
return false;
}
//extension must not be in disallowed list
if ($params['disallowedType'] && in_array($extension, explode(',', io::strtolower($params['disallowedType'])))) {
return false;
}
}
//destroy old file if any
if ($this->_subfieldValues[4]->getValue()) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue());
$this->_subfieldValues[4]->setValue('');
}
$new_filename = 'r' . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($filename));
if (io::strlen($new_filename) > 255) {
$new_filename = sensitiveIO::ellipsis($new_filename, 255, '-', true);
}
$destination_path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/';
$ftp_dir = PATH_REALROOT_FS . $params['ftpDir'];
if (@file_exists($ftp_dir . $filename) && is_file($ftp_dir . $filename)) {
if (CMS_file::moveTo($ftp_dir . $filename, $destination_path . '/' . $new_filename)) {
CMS_file::chmodFile(FILES_CHMOD, $destination_path . '/' . $new_filename);
//set label as file name if none set
if (!$values[$prefixName . $this->_field->getID() . '_0']) {
if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars($filename))) {
return false;
}
}
//set it
if (!$this->_subfieldValues[4]->setValue($new_filename)) {
return false;
}
//and set filesize
$filesize = @filesize($destination_path . '/' . $new_filename);
if ($filesize !== false && $filesize > 0) {
//convert in MB
$filesize = round($filesize / 1048576, 2);
} else {
$filesize = '0';
}
if (!$this->_subfieldValues[2]->setValue($filesize)) {
return false;
}
//set file type
if (!$this->_subfieldValues[3]->setValue(self::OBJECT_FILE_TYPE_INTERNAL)) {
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
//2- from post
if ($values[$prefixName . $this->_field->getID() . '_4'] && io::strpos($values[$prefixName . $this->_field->getID() . '_4'], PATH_UPLOAD_WR . '/') !== false) {
//check file extension
if ($params['allowedType'] || $params['disallowedType']) {
$extension = io::strtolower(pathinfo($values[$prefixName . $this->_field->getID() . '_4'], PATHINFO_EXTENSION));
if (!$extension) {
return false;
}
//extension must be in allowed list
if ($params['allowedType'] && !in_array($extension, explode(',', io::strtolower($params['allowedType'])))) {
return false;
}
//extension must not be in disallowed list
if ($params['disallowedType'] && in_array($extension, explode(',', io::strtolower($params['disallowedType'])))) {
return false;
}
}
//set file type
if (!$this->_subfieldValues[3]->setValue(self::OBJECT_FILE_TYPE_INTERNAL)) {
return false;
}
//destroy old file if any
if ($this->_subfieldValues[4]->getValue()) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue());
$this->_subfieldValues[4]->setValue('');
}
//move and rename uploaded file
$filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $values[$prefixName . $this->_field->getID() . '_4']);
$basename = pathinfo($filename, PATHINFO_BASENAME);
//create file path
$path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED;
$newBasename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($basename));
if (io::strlen($newBasename) > 255) {
$newBasename = sensitiveIO::ellipsis($newBasename, 255, '-', true);
}
$newFilename = $path . '/' . $newBasename;
if (!CMS_file::moveTo($filename, $newFilename)) {
return false;
}
CMS_file::chmodFile(FILES_CHMOD, $newFilename);
//set it
if (!$this->_subfieldValues[4]->setValue($newBasename)) {
return false;
}
//and set filesize
$filesize = @filesize($newFilename);
if ($filesize !== false && $filesize > 0) {
//convert in MB
$filesize = round($filesize / 1048576, 2);
} else {
$filesize = '0';
}
if (!$this->_subfieldValues[2]->setValue($filesize)) {
return false;
}
}
}
// If label not set yet, set it
if (!$this->_subfieldValues[0]->getValue()) {
if ($this->_subfieldValues[4]->getValue()) {
$this->_subfieldValues[0]->setValue($this->_subfieldValues[4]->getValue());
}
}
//update files infos if needed
if ($this->_subfieldValues[1]->getValue() && file_exists(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue())) {
$file = new CMS_file(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue());
$imageDatas = array('filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension());
} else {
$imageDatas = array('filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'extension' => '');
}
//update files infos if needed
if ($this->_subfieldValues[4]->getValue() && file_exists(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue())) {
$file = new CMS_file(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue());
$fileDatas = array('filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension());
} else {
$fileDatas = array('filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'extension' => '');
}
$imageDatas['module'] = $fileDatas['module'] = $moduleCodename;
$imageDatas['visualisation'] = $fileDatas['visualisation'] = RESOURCE_DATA_LOCATION_EDITED;
$content = array('datas' => array('polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_1]' => $imageDatas, 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_4]' => $fileDatas, 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_externalfile]' => '', 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_0]' => sensitiveIO::decodeEntities($this->_subfieldValues[0]->getValue())));
$view = CMS_view::getInstance();
$view->addContent($content);
return true;
} else {
//Old format
//delete old files ?
if (isset($values[$prefixName . $this->_field->getID() . '_delete']) && $values[$prefixName . $this->_field->getID() . '_delete'] == 1) {
//thumbnail
if ($this->_subfieldValues[1]->getValue()) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue());
$this->_subfieldValues[1]->setValue('');
} elseif ($values[$prefixName . $this->_field->getID() . '_1_hidden']) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_1_hidden']);
$this->_subfieldValues[1]->setValue('');
}
//file
if ($this->_subfieldValues[4]->getValue()) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue());
$this->_subfieldValues[4]->setValue('');
} elseif ($values[$prefixName . $this->_field->getID() . '_4_hidden']) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_4_hidden']);
$this->_subfieldValues[4]->setValue('');
}
//reset filesize
if (!$this->_subfieldValues[2]->setValue(0)) {
return false;
}
}
if (!(isset($values[$prefixName . $this->_field->getID() . '_0']) && $this->_subfieldValues[0]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_0'])))) {
return false;
}
//thumbnail
if (isset($_FILES[$prefixName . $this->_field->getID() . '_1']) && $_FILES[$prefixName . $this->_field->getID() . '_1']['name'] && !$_FILES[$prefixName . $this->_field->getID() . '_1']['error']) {
//check for image type before doing anything
if (!in_array(io::strtolower(pathinfo($_FILES[$prefixName . $this->_field->getID() . '_1']["name"], PATHINFO_EXTENSION)), $this->_allowedExtensions)) {
return false;
}
//destroy old image if any
if ($this->_subfieldValues[1]->getValue()) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue());
$this->_subfieldValues[1]->setValue('');
} elseif ($values[$prefixName . $this->_field->getID() . '_1_hidden']) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_1_hidden']);
$this->_subfieldValues[1]->setValue('');
}
//set thumbnail (resize it if needed)
//create thumbnail path
$path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED;
$filename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($_FILES[$prefixName . $this->_field->getID() . '_1']["name"]));
if (io::strlen($filename) > 255) {
$filename = sensitiveIO::ellipsis($filename, 255, '-', true);
}
//move uploaded file
$fileDatas = CMS_file::uploadFile($prefixName . $this->_field->getID() . '_1', PATH_TMP_FS);
if ($fileDatas['error']) {
return false;
}
if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) {
return false;
}
if ($params['thumbMaxWidth'] > 0 || $params['thumbMaxHeight'] > 0) {
$oImage = new CMS_image($path . "/" . $filename);
//get current file size
$sizeX = $oImage->getWidth();
$sizeY = $oImage->getHeight();
//check thumbnail size
if ($sizeX > $params['thumbMaxWidth'] || $sizeX > $params['thumbMaxHeight']) {
$newSizeX = $sizeX;
$newSizeY = $sizeY;
// Check width
if ($params['thumbMaxWidth'] && $newSizeX > $params['thumbMaxWidth']) {
$newSizeY = round($params['thumbMaxWidth'] * $newSizeY / $newSizeX);
$newSizeX = $params['thumbMaxWidth'];
}
if ($params['thumbMaxHeight'] && $newSizeY > $params['thumbMaxHeight']) {
$newSizeX = round($params['thumbMaxHeight'] * $newSizeX / $newSizeY);
$newSizeY = $params['thumbMaxHeight'];
}
//resize image
$srcfilepath = $path . "/" . $filename;
$path_parts = pathinfo($srcfilepath);
$thumbnailFilename = io::substr($path_parts['basename'], 0, -(io::strlen($path_parts['extension']) + 1)) . '.png';
$destfilepath = $path . "/" . $thumbnailFilename;
if (!$oImage->resize($newSizeX, $newSizeY, $destfilepath)) {
return false;
}
//destroy original image
@unlink($srcfilepath);
//set resized thumbnail
if (!$this->_subfieldValues[1]->setValue($thumbnailFilename)) {
return false;
}
} else {
//no need to resize thumbnail (below the maximum width), so set it
if (!$this->_subfieldValues[1]->setValue($filename)) {
return false;
}
}
} else {
//no need to resize thumbnail (no size limit), so set it
if (!$this->_subfieldValues[1]->setValue($filename)) {
return false;
}
}
} elseif (isset($_FILES[$prefixName . $this->_field->getID() . '_1']) && $_FILES[$prefixName . $this->_field->getID() . '_1']['name'] && $_FILES[$prefixName . $this->_field->getID() . '_1']['error'] != 0) {
return false;
} elseif (isset($values[$prefixName . $this->_field->getID() . '_1_hidden']) && $values[$prefixName . $this->_field->getID() . '_1_hidden'] && $values[$prefixName . $this->_field->getID() . '_delete'] != 1) {
if (!$this->_subfieldValues[1]->setValue($values[$prefixName . $this->_field->getID() . '_1_hidden'])) {
return false;
}
}
//File
//1- from external location
if (isset($values[$prefixName . $this->_field->getID() . '_externalfile']) && $values[$prefixName . $this->_field->getID() . '_externalfile']) {
//destroy old file if any
if ($this->_subfieldValues[4]->getValue()) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue());
$this->_subfieldValues[4]->setValue('');
} elseif ($values[$prefixName . $this->_field->getID() . '_4_hidden']) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_4_hidden']);
$this->_subfieldValues[4]->setValue('');
}
//from FTP directory
$filename = $values[$prefixName . $this->_field->getID() . '_externalfile'];
//io::substr($values[$prefixName.$this->_field->getID().'_externalfile'], 1);
//check file extension
if ($params['allowedType'] || $params['disallowedType']) {
$extension = io::strtolower(pathinfo($filename, PATHINFO_EXTENSION));
if (!$extension) {
return false;
}
//extension must be in allowed list
if ($params['allowedType'] && !in_array($extension, explode(',', io::strtolower($params['allowedType'])))) {
return false;
}
//extension must not be in disallowed list
if ($params['disallowedType'] && in_array($extension, explode(',', io::strtolower($params['disallowedType'])))) {
return false;
}
}
$new_filename = 'r' . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($filename));
if (io::strlen($new_filename) > 255) {
$new_filename = sensitiveIO::ellipsis($new_filename, 255, '-', true);
}
$destination_path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/';
$ftp_dir = PATH_REALROOT_FS . $params['ftpDir'];
if (@file_exists($ftp_dir . $filename) && is_file($ftp_dir . $filename)) {
if (@copy($ftp_dir . $filename, $destination_path . '/' . $new_filename)) {
@chmod($destination_path . '/' . $new_filename, octdec(FILES_CHMOD));
//set label as file name if none set
if (!$values[$prefixName . $this->_field->getID() . '_0']) {
if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars($filename))) {
return false;
}
}
//set it
if (!$this->_subfieldValues[4]->setValue($new_filename)) {
return false;
}
//and set filesize
$filesize = @filesize($destination_path . '/' . $new_filename);
if ($filesize !== false && $filesize > 0) {
//convert in MB
$filesize = round($filesize / 1048576, 2);
} else {
$filesize = '0';
}
if (!$this->_subfieldValues[2]->setValue($filesize)) {
return false;
}
//set file type
if (!$this->_subfieldValues[3]->setValue(self::OBJECT_FILE_TYPE_INTERNAL)) {
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
//2- from post
if (isset($_FILES[$prefixName . $this->_field->getID() . '_4']) && $_FILES[$prefixName . $this->_field->getID() . '_4']['name'] && !$_FILES[$prefixName . $this->_field->getID() . '_4']['error']) {
//check file extension
if ($params['allowedType'] || $params['disallowedType']) {
$extension = io::strtolower(pathinfo($_FILES[$prefixName . $this->_field->getID() . '_4']['name'], PATHINFO_EXTENSION));
if (!$extension) {
return false;
}
//extension must be in allowed list
if ($params['allowedType'] && !in_array($extension, explode(',', io::strtolower($params['allowedType'])))) {
return false;
}
//extension must not be in disallowed list
if ($params['disallowedType'] && in_array($extension, explode(',', io::strtolower($params['disallowedType'])))) {
return false;
}
}
//set label as image name if none set
if (!$values[$prefixName . $this->_field->getID() . '_0']) {
if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars($_FILES[$prefixName . $this->_field->getID() . '_4']["name"]))) {
return false;
}
}
//set file type
if (!$this->_subfieldValues[3]->setValue(self::OBJECT_FILE_TYPE_INTERNAL)) {
return false;
}
//destroy old file if any
if ($this->_subfieldValues[4]->getValue()) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue());
$this->_subfieldValues[4]->setValue('');
}
//create thumnail path
$path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED;
$filename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($_FILES[$prefixName . $this->_field->getID() . '_4']["name"]));
if (io::strlen($filename) > 255) {
$filename = sensitiveIO::ellipsis($filename, 255, '-', true);
}
//move uploaded file
$fileDatas = CMS_file::uploadFile($prefixName . $this->_field->getID() . '_4', PATH_TMP_FS);
if ($fileDatas['error']) {
return false;
}
if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) {
return false;
}
//set it
if (!$this->_subfieldValues[4]->setValue($filename)) {
return false;
}
//and set filesize
$filesize = @filesize($path . "/" . $filename);
if ($filesize !== false && $filesize > 0) {
//convert in MB
$filesize = round($filesize / 1048576, 2);
} else {
$filesize = '0';
}
if (!$this->_subfieldValues[2]->setValue($filesize)) {
return false;
}
} elseif (isset($_FILES[$prefixName . $this->_field->getID() . '_4']) && $_FILES[$prefixName . $this->_field->getID() . '_4']['name'] && $_FILES[$prefixName . $this->_field->getID() . '_4']['error'] != 0) {
return false;
} else {
//from hidden fields (previously set but not already saved)
if (isset($values[$prefixName . $this->_field->getID() . '_4_hidden']) && $values[$prefixName . $this->_field->getID() . '_4_hidden'] && (!isset($values[$prefixName . $this->_field->getID() . '_delete']) || $values[$prefixName . $this->_field->getID() . '_delete'] != 1)) {
//set label as image name if none set
if ($values[$prefixName . $this->_field->getID() . '_0']) {
if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_0']))) {
return false;
}
}
//set filesize
if (!$this->_subfieldValues[2]->setValue($values[$prefixName . $this->_field->getID() . '_2_hidden'])) {
return false;
}
//set file type
if (!$this->_subfieldValues[3]->setValue($values[$prefixName . $this->_field->getID() . '_3_hidden'])) {
return false;
}
if (!$this->_subfieldValues[4]->setValue($values[$prefixName . $this->_field->getID() . '_4_hidden'])) {
return false;
}
}
}
}
// If label not set yet, set it
if (!$this->_subfieldValues[0]->getValue()) {
if ($this->_subfieldValues[4]->getValue()) {
$this->_subfieldValues[0]->setValue($this->_subfieldValues[4]->getValue());
}
}
return true;
}
}
/**
* Sets the year part of the date
*
* @param string $value the year to set to
* @return boolean true on success, false on failure
* @access public
*/
function setYear($value)
{
if (!ctype_digit((string) $value)) {
$this->_raiseError(__CLASS__ . ' : ' . __FUNCTION__ . ' : value must be numeric : ' . $value);
return false;
}
//$value = $this->_fillWithZeros($value, 4);
$value = (int) $value;
if ($value < 100) {
$value += $value > 30 ? 1900 : 2000;
}
if (!$value || io::strlen((string) $value) != 4) {
$this->_raiseError("Date : incorrect year : " . $value);
return false;
} else {
$this->_year = $value;
return true;
}
}
/**
* Proceeds to archive download
*
* @return binary file content to be downloaded
*/
function download_file()
{
if ($this->options['inmemory'] == 0) {
$this->raiseError("Can only use download_file() if archive is in memory. Redirect to file otherwise, it is faster.");
return;
}
switch ($this->options['type']) {
case "zip":
header("Content-type:application/zip");
break;
case "bzip":
header("Content-type:application/x-compressed");
break;
case "gzip":
header("Content-type:application/x-compressed");
break;
case "tar":
header("Content-type:application/x-tar");
}
$header = "Content-disposition: attachment; filename=\"";
$header .= strstr($this->options['name'], "/") ? io::substr($this->options['name'], strrpos($this->options['name'], "/") + 1) : $this->options['name'];
$header .= "\"";
header($header);
header("Content-length: " . io::strlen($this->CMS_archive));
header("Content-transfer-encoding: binary");
header("Pragma: no-cache");
header("Expires: 0");
print $this->CMS_archive;
}
/**
* Duplicate this block
* Used to duplicate a CMS_page.
*
* @param CMS_page $destinationPage, the page receiving a copy of this block
* @param boolean $public The precision needed for USERSPACE location
* @return CMS_block object
*/
function duplicate(&$destinationPage, $public = false)
{
if (SensitiveIO::isPositiveInteger($this->_dbID)) {
$link = $this->_link;
if ($link->hasValidHREF()) {
if ($link->getLinkType() == RESOURCE_LINK_TYPE_FILE) {
//get file path
$file = $link->getFileLink(false, MOD_STANDARD_CODENAME, RESOURCE_DATA_LOCATION_EDITED, PATH_RELATIVETO_FILESYSTEM, true);
$path = $link->getFileLink(true, MOD_STANDARD_CODENAME, RESOURCE_DATA_LOCATION_EDITED, PATH_RELATIVETO_FILESYSTEM, false);
if ($file && file_exists($path . '/' . $file)) {
//Copy linked file
//In new file name, delete reference to old page and add refernce to new one
$_newFilename = "p" . $destinationPage->getID() . io::substr($file, io::strpos($file, "_"), io::strlen($file));
if (@is_file(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $file) && CMS_file::copyTo(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $file, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename) && CMS_file::chmodFile(FILES_CHMOD, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename)) {
//Public
if ($public) {
if (!is_file(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $file) || !CMS_file::copyTo(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $file, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename) || !CMS_file::chmodFile(FILES_CHMOD, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename)) {
$this->raiseError("Duplicate, file copy failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $file);
}
}
$link->setFileLink($_newFilename);
}
}
}
$table = $this->_getDataTableName(RESOURCE_LOCATION_USERSPACE, $public);
//Save new datas
$str_set = "\n\t\t\t\t\t\tpage='" . $destinationPage->getID() . "',\n\t\t\t\t\t\tclientSpaceID='" . $this->_clientSpaceID . "',\n\t\t\t\t\t\trowID='" . $this->_rowID . "',\n\t\t\t\t\t\tblockID='" . $this->_tagID . "',\n\t\t\t\t\t\ttype='CMS_block_link',\n\t\t\t\t\t\tvalue='" . SensitiveIO::sanitizeSQLString($link->getTextDefinition()) . "'\n\t\t\t\t";
$sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\t" . $table . "\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t";
$q = new CMS_query($sql);
if (!$q->hasError()) {
//Table Edition
$sql = "\n\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t" . $this->_getDataTableName(RESOURCE_LOCATION_EDITION, false) . "\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tid='" . $q->getLastInsertedID() . "',\n\t\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t\t";
$q = new CMS_query($sql);
return !$q->hasError();
} else {
$this->raiseError("Duplicate, SQL insertion of new filename failed: " . $sql);
}
} else {
$this->raiseError("Duplicate, copy of file failed :" . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file);
}
}
return false;
}
/**
* Returns all the page Templates, sorted by label.
* Static function.
*
* @param boolean $includeInactive If set to true, don't watch inactive templates
* @return array(CMS_pageTemplate)
* @access public
*/
static function getAll($includeInactive = false, $keyword = '', $groups = array(), $website = '', $tplIds = array(), $user = false, $start = 0, $limit = 0, $returnObjects = true, &$score = array())
{
$where = 'private_pt=0';
$select = 'id_pt';
//keywords
if ($keyword) {
//clean user keywords (never trust user input, user is evil)
$keyword = strtr($keyword, ",;", " ");
$words = array();
$words = array_map("trim", array_unique(explode(" ", io::strtolower($keyword))));
$cleanedWords = array();
foreach ($words as $aWord) {
if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) {
$aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord);
$cleanedWords[] = $aWord;
}
}
if (!$cleanedWords) {
//if no words after cleaning, return
return array();
}
//extract row: keywords which are used by general search engine to filter templates by row usage
$rows = array();
foreach ($cleanedWords as $key => $word) {
if (io::strpos($word, 'row:') === 0) {
unset($cleanedWords[$key]);
$rows[] = substr($word, 4);
}
}
if ($cleanedWords) {
$keywordWhere = '';
foreach ($cleanedWords as $cleanedWord) {
$keywordWhere .= $keywordWhere ? ' and ' : '';
$keywordWhere .= " (\n\t\t\t\t\t\tdescription_pt like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\t\tor label_pt like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\t)";
}
$where .= $where ? ' and ' : '';
$where .= " ((" . $keywordWhere . ") or MATCH (label_pt, description_pt) AGAINST ('" . sensitiveIO::sanitizeSQLString($keyword) . "') )";
$select .= " , MATCH (label_pt, description_pt) AGAINST ('" . sensitiveIO::sanitizeSQLString($keyword) . "') as m ";
}
if ($rows) {
$q = new CMS_query("\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct(template_cs)\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_standard_clientSpaces_edited\n\t\t\t\t\twhere\n\t\t\t\t\t\ttype_cs in (" . io::sanitizeSQLString(implode($rows, ',')) . ")\n\t\t\t\t");
if ($q->getNumRows()) {
while ($r = $q->getArray()) {
$tplIds[] = $r['template_cs'];
}
}
}
}
$sql = "\n\t\t\tselect\n\t\t\t\t" . $select . "\n\t\t\tfrom\n\t\t\t\tpageTemplates\n\t\t";
//groups
if ($groups) {
foreach ($groups as $group) {
$where .= $where ? ' and ' : '';
$where .= " (\n\t\t\t\t\tgroupsStack_pt='" . sensitiveIO::sanitizeSQLString($group) . "'\n\t\t\t\t\tor groupsStack_pt like '%;" . sensitiveIO::sanitizeSQLString($group) . ";%'\n\t\t\t\t\tor groupsStack_pt like '" . sensitiveIO::sanitizeSQLString($group) . ";%'\n\t\t\t\t\tor groupsStack_pt like '%;" . sensitiveIO::sanitizeSQLString($group) . "'\n\t\t\t\t)";
}
}
//website
if ($website) {
$where .= $where ? ' and ' : '';
$where .= " (\n\t\t\t\twebsitesdenied_pt != '" . sensitiveIO::sanitizeSQLString($website) . "'\n\t\t\t\tand websitesdenied_pt not like '%;" . sensitiveIO::sanitizeSQLString($website) . ";%'\n\t\t\t\tand websitesdenied_pt not like '" . sensitiveIO::sanitizeSQLString($website) . ";%'\n\t\t\t\tand websitesdenied_pt not like '%;" . sensitiveIO::sanitizeSQLString($website) . "'\n\t\t\t)";
}
//useable
if (!$includeInactive) {
$where .= $where ? ' and ' : '';
$where .= " inUse_pt=1 ";
$where .= " and definitionFile_pt!='' ";
}
//tplIds
if ($tplIds) {
$where .= $where ? ' and ' : '';
$where .= " id_pt in (" . implode(',', $tplIds) . ") ";
}
//user
if (is_object($user) && !$user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) {
$groupsDenied = $user->getTemplateGroupsDenied()->getElements();
if ($groupsDenied && is_array($groupsDenied) && sizeof($groupsDenied)) {
$where .= $where ? ' and (' : '(';
foreach ($groupsDenied as $group) {
$where .= " (\n\t\t\t\t\t\tgroupsStack_pt != '" . sensitiveIO::sanitizeSQLString($group[0]) . "'\n\t\t\t\t\t\tand groupsStack_pt not like '%;" . sensitiveIO::sanitizeSQLString($group[0]) . ";%'\n\t\t\t\t\t\tand groupsStack_pt not like '" . sensitiveIO::sanitizeSQLString($group[0]) . ";%'\n\t\t\t\t\t\tand groupsStack_pt not like '%;" . sensitiveIO::sanitizeSQLString($group[0]) . "'\n\t\t\t\t\t) and ";
}
//remove last "and " and append )
$where = io::substr($where, 0, -4) . ')';
}
}
$sql = $sql . ($where ? ' where ' . $where : '');
//order
if (io::strpos($sql, 'MATCH') === false) {
$sql .= " order by label_pt ";
} else {
$sql .= " order by m desc ";
}
//limit
if ($start || $limit) {
$sql .= " limit " . sensitiveIO::sanitizeSQLString($start) . "," . sensitiveIO::sanitizeSQLString($limit);
}
//pr($sql);
$q = new CMS_query($sql);
$pts = array();
while ($r = $q->getArray()) {
$id = $r['id_pt'];
//set match score if exists
if (isset($r['m'])) {
$score[$id] = $r['m'];
}
if ($returnObjects) {
$pt = new CMS_pageTemplate($id);
if (!$pt->hasError()) {
$pts[$pt->getID()] = $pt;
}
} else {
$pts[$id] = $id;
}
}
return $pts;
}
/**
* set object Values
*
* @param array $values : the POST result values
* @param string prefixname : the prefix used for post names
* @return boolean true on success, false on failure
* @access public
*/
function setValues($values, $prefixName)
{
$params = $this->getParamsValues();
if ($values[$prefixName . $this->_field->getID() . '_0']) {
//check string length parameter
if (io::strlen($values[$prefixName . $this->_field->getID() . '_0']) > $params['maxLength']) {
return false;
}
//check if value is a negative number (if needed)
if ($values[$prefixName . $this->_field->getID() . '_0'] && !$params['canBeNegative'] && (int) $values[$prefixName . $this->_field->getID() . '_0'] < 0) {
return false;
}
//check if value has no html tags
if (strip_tags($values[$prefixName . $this->_field->getID() . '_0']) != $values[$prefixName . $this->_field->getID() . '_0']) {
return false;
}
//check match expression if any
if ($params['matchExp'] && !preg_match('#' . $params['matchExp'] . '#', $values[$prefixName . $this->_field->getID() . '_0'])) {
return false;
}
}
if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_0']))) {
return false;
}
return true;
}
/**
* Set the text content. This content must include the tag itself.
*
* @param string $content The tag content including the tag itself
* @return boolean true on success, false on failure to set it
* @access public
*/
function setTextContent($content)
{
$content = trim($content);
if ($content && io::substr($content, 1, io::strlen($this->_name)) == $this->_name) {
$this->_textContent = $content;
return true;
} else {
$this->raiseError("Content is empty or does not contain self tag");
return false;
}
}
/**
* activates the script function.
*
* @return void
* @access public
*/
function activate()
{
parent::activate();
if ($_SERVER['argv']['1'] == '-s' && SensitiveIO::isPositiveInteger($_SERVER['argv']['2'])) {
// SUB-SCRIPT : Processes one script task
@ini_set('max_execution_time', SUB_SCRIPT_TIME_OUT);
//set max execution time for sub script
@set_time_limit(SUB_SCRIPT_TIME_OUT);
//set the PHP timeout for sub script
$sql = "\n\t\t\t\tselect\n\t\t\t\t\t*\n\t\t\t\tfrom\n\t\t\t\t\tregenerator\n\t\t\t\twhere\n\t\t\t\t\tid_reg = '" . $_SERVER['argv']['2'] . "'\n\t\t\t";
$q = new CMS_query($sql);
if ($q->getNumRows()) {
$data = $q->getArray();
//send script informations to process manager
$this->_processManager->setParameters($data['module_reg'], $data['parameters_reg']);
//instanciate script module
$module = CMS_modulesCatalog::getByCodename($data['module_reg']);
//then send script task to module (return task title by reference)
$task = $module->scriptTask(unserialize($data['parameters_reg']));
//delete the current script task
$sql_delete = "\n\t\t\t\t\tdelete\n\t\t\t\t\tfrom\n\t\t\t\t\t\tregenerator\n\t\t\t\t\twhere\n\t\t\t\t\t\tid_reg='" . $data['id_reg'] . "'";
$q = new CMS_query($sql_delete);
if ($this->_debug) {
$this->raiseError($this->_processManager->getPIDFilePath() . " : task " . $_SERVER['argv']['2'] . " seems " . (!$task ? 'NOT ' : '') . "done !");
$this->raiseError($this->_processManager->getPIDFilePath() . " : PID file exists ? " . @file_exists($this->_processManager->getPIDFilePath()));
}
$fpath = $this->_processManager->getPIDFilePath() . '.ok';
if (@touch($fpath) && @chmod($fpath, octdec(FILES_CHMOD))) {
$f = @fopen($fpath, 'a');
if (!@fwrite($f, 'Script OK')) {
$this->raiseError($this->_processManager->getPIDFilePath() . " : Can't write into file: " . $fpath);
}
@fclose($f);
} else {
$this->raiseError($this->_processManager->getPIDFilePath() . " : Can't create file: " . $fpath);
}
}
} else {
// MASTER SCRIPT : Processes all sub-scripts
@ini_set('max_execution_time', MASTER_SCRIPT_TIME_OUT);
//set max execution time for master script
@set_time_limit(MASTER_SCRIPT_TIME_OUT);
//set the PHP timeout for master script
//max simultaneous scripts
$maxScripts = $_SERVER['argv']['2'];
$scriptsArray = array();
//send script informations to process manager
$this->_processManager->setParameters(processManager::MASTER_SCRIPT_NAME, '');
//the sql script which selects one script task at a time
$sql_select = "\n\t\t\t\tselect\n\t\t\t\t\t*\n\t\t\t\tfrom\n\t\t\t\t\tregenerator\n\t\t\t\tlimit\n\t\t\t\t\t" . $maxScripts . "\n\t\t\t";
//and now, launch all sub-scripts until table is empty.
while (true) {
//get scripts
$q = new CMS_query($sql_select);
if ($q->getNumRows()) {
while (count($scriptsArray) < $maxScripts && ($data = $q->getArray())) {
// Launch sub-process
if (!APPLICATION_IS_WINDOWS) {
// On unix system
$sub_system = PATH_PACKAGES_FS . "/scripts/script.php -s " . $data["id_reg"] . " > /dev/null 2>&1 &";
if (!defined('PATH_PHP_CLI_UNIX') || !PATH_PHP_CLI_UNIX) {
CMS_patch::executeCommand("cd " . PATH_REALROOT_FS . "; php " . $sub_system, $error);
if ($error) {
CMS_grandFather::raiseError('Error during execution of sub script command (cd ' . PATH_REALROOT_FS . '; php ' . $sub_system . '), please check your configuration : ' . $error);
return false;
}
} else {
CMS_patch::executeCommand("cd " . PATH_REALROOT_FS . "; " . PATH_PHP_CLI_UNIX . " " . $sub_system, $error);
if ($error) {
CMS_grandFather::raiseError('Error during execution of sub script command (cd ' . PATH_REALROOT_FS . '; ' . PATH_PHP_CLI_UNIX . ' ' . $sub_system . '), please check your configuration : ' . $error);
return false;
}
}
$PIDfile = $this->_processManager->getTempPath() . "/" . SCRIPT_CODENAME . "_" . $data["id_reg"];
if ($this->_debug) {
$this->raiseError(processManager::MASTER_SCRIPT_NAME . " : Executes system(" . $sub_system . ")");
}
//sleep a little
@sleep(SLEEP_TIME);
} else {
// On windows system
//Create the BAT file
$command = '@echo off' . "\r\n" . '@start /B /BELOWNORMAL ' . realpath(PATH_PHP_CLI_WINDOWS) . ' ' . realpath(PATH_PACKAGES_FS . '\\scripts\\script.php') . ' -s ' . $data["id_reg"];
if (!@touch(realpath(PATH_WINDOWS_BIN_FS) . DIRECTORY_SEPARATOR . "sub_script.bat")) {
$this->raiseError(processManager::MASTER_SCRIPT_NAME . " : Create file error : sub_script.bat");
}
$replace = array('program files (x86)' => 'progra~2', 'program files' => 'progra~1', 'documents and settings' => 'docume~1');
$command = str_ireplace(array_keys($replace), $replace, $command);
$fh = fopen(realpath(PATH_WINDOWS_BIN_FS . DIRECTORY_SEPARATOR . "sub_script.bat"), "wb");
if (is_resource($fh)) {
if (!fwrite($fh, $command, io::strlen($command))) {
CMS_grandFather::raiseError(processManager::MASTER_SCRIPT_NAME . " : Save file error : sub_script.bat");
}
fclose($fh);
}
$WshShell = new COM("WScript.Shell");
$oExec = $WshShell->Run(str_ireplace(array_keys($replace), $replace, realpath(PATH_WINDOWS_BIN_FS . '\\sub_script.bat')), 0, false);
$PIDfile = $this->_processManager->getTempPath() . DIRECTORY_SEPARATOR . SCRIPT_CODENAME . "_" . $data["id_reg"];
//sleep a little
@sleep(SLEEP_TIME);
}
if ($this->_debug) {
$this->raiseError(processManager::MASTER_SCRIPT_NAME . " : script : " . $data["id_reg"] . " - sub_system : " . $sub_system);
}
$scriptsArray[] = array("PID" => $PIDfile, "startTime" => CMS_stats::getmicrotime(), "scriptID" => $data["id_reg"], "scriptDatas" => $data);
}
} else {
// no more scripts to process
// > delete all temporary files
// > end script
if (APPLICATION_IS_WINDOWS) {
$files = glob(realpath($this->_processManager->getTempPath()) . DIRECTORY_SEPARATOR . SCRIPT_CODENAME . '*.ok', GLOB_NOSORT);
if (is_array($files)) {
foreach ($files as $file) {
if (!CMS_file::deleteFile($file)) {
$this->raiseError("Can't delete file " . $file);
return false;
}
}
}
} else {
$tmpDir = dir($this->_processManager->getTempPath());
while (false !== ($file = $tmpDir->read())) {
if (io::strpos($file, SCRIPT_CODENAME) !== false) {
@unlink($this->_processManager->getTempPath() . '/' . $file);
}
}
}
break;
}
while (true) {
@sleep(SLEEP_TIME);
//wait a little to check sub_scripts
$break = false;
$timeStop = CMS_stats::getmicrotime();
if ($this->_debug) {
$this->raiseError(processManager::MASTER_SCRIPT_NAME . " Scripts in progress : " . sizeof($scriptsArray));
}
foreach ($scriptsArray as $nb => $aScript) {
if ($this->_debug) {
$this->raiseError(processManager::MASTER_SCRIPT_NAME . " PID : " . $aScript["PID"] . " - time : " . ($timeStop - $aScript["startTime"]));
}
$ok = '';
$ok = is_file($aScript["PID"] . '.ok');
if ($ok) {
//$break = true;
if ($this->_debug) {
$this->raiseError(processManager::MASTER_SCRIPT_NAME . " Script : " . $aScript["PID"] . " OK !");
}
unset($scriptsArray[$nb]);
} elseif ($timeStop - $aScript["startTime"] >= SUB_SCRIPT_TIME_OUT) {
if ($this->_debug) {
$this->raiseError(processManager::MASTER_SCRIPT_NAME . " : Script : " . $aScript["PID"] . " NOT OK !");
}
$this->raiseError(processManager::MASTER_SCRIPT_NAME . ' : Error on task : ' . $aScript["scriptID"] . ' ... skip it. Task parameters : ' . print_r($aScript['scriptDatas'], true));
//$break = true;
unset($scriptsArray[$nb]);
//delete the script in error from task list
$q_del = "\n\t\t\t\t\t\t\t\tdelete\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tregenerator\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tid_reg='" . $aScript["scriptID"] . "'";
$q_del = new CMS_query($q_del);
}
}
if (!$scriptsArray) {
break;
}
}
}
}
}
/**
* Convert variables of a given definition string (usually a row definition)
*
* @param string $definition the definition string to convert
* @param boolean $toHumanReadableFormat if true, convert found variables to a human readable format, else to a machine readable format
* @param boolean $reset if true, reset convertion table if already loaded
*
* @return string : the module definition string converted
* @access public
*/
function convertDefinitionString($definition, $toHumanReadableFormat, $reset = false)
{
global $cms_language;
static $modulesConversionTable;
$count = 1;
//loop on text for vars to replace if any
while (preg_match_all("#\\{[^{}]+[|}]{1}#U", $definition, $matches) && $count) {
$matches = array_unique($matches[0]);
//get module variables conversion table
if (!isset($modulesConversionTable[$cms_language->getCode()][$this->getCodename()]) || $reset) {
$modulesConversionTable[$cms_language->getCode()][$this->getCodename()] = CMS_poly_module_structure::getModuleTranslationTable($this->getCodename(), $cms_language);
}
$convertionTable = $toHumanReadableFormat ? array_flip($modulesConversionTable[$cms_language->getCode()][$this->getCodename()]) : $modulesConversionTable[$cms_language->getCode()][$this->getCodename()];
//create definition conversion table
$replace = array();
$count = 0;
foreach ($matches as $variable) {
$strippedVar = io::substr($variable, 1, io::strlen($variable) - 2);
if (isset($convertionTable[$strippedVar])) {
$replace[$variable] = '{' . $convertionTable[$strippedVar] . io::substr($variable, -1);
$count++;
}
}
//then replace variables in definition
$definition = str_replace(array_keys($replace), $replace, $definition);
}
return $definition;
}
/**
* Get all searched objects ids
*
* @access private
* @return array of object ids unsorted
*/
protected function _getIds()
{
$IDs = array();
$statusSuffix = $this->_public ? "_public" : "_edited";
//loop on each conditions
foreach ($this->_whereConditions as $type => $typeWhereConditions) {
foreach ($typeWhereConditions as $whereConditionsValues) {
$value = $whereConditionsValues['value'];
$operator = $whereConditionsValues['operator'];
$sql = '';
switch ($type) {
case "object":
//add previously found IDs to where clause
$where = $IDs ? ' and id_moo in (' . $this->_getSQLTmpList() . ')' : '';
//to remove deleted objects from results
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tid_moo as objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_object_polyobjects\n\t\t\t\t\twhere\n\t\t\t\t\t\tobject_type_id_moo = '" . $this->_object->getID() . "'\n\t\t\t\t\t\tand deleted_moo = '0'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t";
break;
case "item":
//add previously found IDs to where clause
$where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : '';
//check operator
$supportedOperator = array('=', '!=', '>=', '>', '<=', '<');
if ($operator && !in_array($operator, $supportedOperator)) {
$this->raiseError("Unknown search operator : " . $operator . ", use default search instead");
$operator = false;
}
if (!$operator) {
$operator = '=';
}
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_text" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " '" . $value . "'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " '" . $value . "'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_string" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " '" . $value . "'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_date" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " '" . $value . "'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t";
break;
case "items":
//add previously found IDs to where clause
$where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : '';
//check operator
$supportedOperator = array('in', 'not in');
if ($operator && !in_array($operator, $supportedOperator)) {
$this->raiseError("Unknown search operator : " . $operator . ", use default search instead");
$operator = false;
}
if (!$operator) {
$operator = 'in';
}
//no values to found so break search
if ((!is_array($value) || !$value) && $operator == 'in') {
$IDs = array();
break;
}
//no filter to do so break search
if ((!is_array($value) || !$value) && $operator == 'not in') {
break;
}
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_text" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_string" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_date" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t";
break;
case "profile":
//if user has no right on module, he cannot search object on it
if (!$value->hasModuleClearance($this->_object->getValue('module'), CLEARANCE_MODULE_VIEW)) {
break;
}
//if object has categories, check rights on it
if ($this->_object->hasCategories()) {
//get field of categories for searched object type (assume it uses categories)
$categoriesFields = CMS_poly_object_catalog::objectHasCategories($this->_object->getId());
//BUG : in websites without APPLICATION_ENFORCES_ACCESS_CONTROL, backend rights on categories are checked on visibility instead of edition
if (!$this->_public) {
$clearance = CLEARANCE_MODULE_EDIT;
$strict = true;
} else {
$clearance = CLEARANCE_MODULE_VIEW;
$strict = false;
}
//get a list of all viewvable categories for current user
$cats = array_keys(CMS_moduleCategories_catalog::getViewvableCategoriesForProfile($value, $this->_object->getValue('module'), true, $clearance, $strict));
foreach ($categoriesFields as $categoriesField) {
//load category field if not exists
if (!isset($this->_fieldsDefinitions[$categoriesField]) || !is_object($this->_fieldsDefinitions[$categoriesField])) {
//get object fields definition
$this->_fieldsDefinitions = CMS_poly_object_catalog::getFieldsDefinition($this->_object->getID());
}
if (!isset($this->_fieldsDefinitions[$categoriesField])) {
break;
}
//we can see objects without categories only if is not public or field is not required and user has admin right on module
if ($this->_public && !$this->_fieldsDefinitions[$categoriesField]->getValue('required') || !$this->_public && $value->hasModuleClearance($this->_object->getValue('module'), CLEARANCE_MODULE_EDIT)) {
//add deleted cats to searchs
$viewvableCats = array_merge(CMS_moduleCategories_catalog::getDeletedCategories($this->_object->getValue('module')), $cats);
//add zero value for objects without categories
$viewvableCats[] = 0;
} else {
$viewvableCats = $cats;
//add zero value for objects without categories
$viewvableCats[] = 0;
}
//if no viewvable categories, user has no rights to view anything
if (!$viewvableCats) {
break;
}
$removedIDs = array();
//add previously found IDs to where clause
$where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : '';
$sqlTmp = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '" . $categoriesField . "'\n\t\t\t\t\t\t\t\t\tand value not in (" . @implode(',', $viewvableCats) . ")\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t";
$qTmp = new CMS_query($sqlTmp);
while ($r = $qTmp->getArray()) {
if ($r['objectID'] && isset($IDs[$r['objectID']])) {
$removedIDs[$r['objectID']] = $r['objectID'];
}
}
//add (again) ids which has a category visible and a category not visible
if ($removedIDs) {
$sqlTmp = "\n\t\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t\tobjectFieldID = '" . $categoriesField . "'\n\t\t\t\t\t\t\t\t\t\tand value in (" . @implode(',', $viewvableCats) . ")\n\t\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t";
$qTmp = new CMS_query($sqlTmp);
while ($r = $qTmp->getArray()) {
if ($r['objectID'] && isset($removedIDs[$r['objectID']])) {
unset($removedIDs[$r['objectID']]);
}
}
//then finally remove ids
foreach ($removedIDs as $idToRemove) {
unset($IDs[$idToRemove]);
}
}
//if no IDs break
if (!$IDs) {
break;
}
//if field is required and if it is a public search, object must have this category in DB
if ($this->_fieldsDefinitions[$categoriesField]->getValue('required') && $this->_public) {
//update tmp table with found ids
$this->_updateTmpList($IDs);
$sqlTmp = "\n\t\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t\tobjectFieldID = '" . $categoriesField . "'\n\t\t\t\t\t\t\t\t\t\tand objectID in (" . $this->_getSQLTmpList() . ")\n\t\t\t\t\t\t\t\t";
$qTmp = new CMS_query($sqlTmp);
$IDs = array();
while ($r = $qTmp->getArray()) {
$IDs[$r['objectID']] = $r['objectID'];
}
}
//if no IDs break
if (!$IDs) {
break;
}
}
//if no IDs break
if (!$IDs) {
break;
}
} elseif (!$this->_public && !$value->hasModuleClearance($this->_object->getValue('module'), CLEARANCE_MODULE_EDIT)) {
break;
} elseif ($this->_public && !$value->hasModuleClearance($this->_object->getValue('module'), CLEARANCE_MODULE_VIEW)) {
break;
}
//update tmp table with found ids
$this->_updateTmpList($IDs);
//add previously found IDs to where clause
$where = $IDs ? ' id_moo in (' . $this->_getSQLTmpList() . ')' : '';
$sql = "\n\t\t\t\t\t\tselect\n\t\t\t\t\t\t\tdistinct id_moo as objectID\n\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\tmod_object_polyobjects\n\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t";
break;
case "keywords":
if ($value) {
//check operators
$supportedOperator = array('any', 'all', 'phrase', 'beginswith');
if ($operator && !in_array($operator, $supportedOperator)) {
$this->raiseError("Unkown search operator : " . $operator . ", use default search instead");
$operator = 'any';
} elseif (!$operator) {
$operator = 'any';
}
//if ASE module exists (and is active) and object is indexed, and search is public, use it to do this search
if ($operator == 'any' && class_exists('CMS_module_ase') && CMS_module_ase::isActive() && $this->_object->getValue('indexable') && $this->_public) {
//get language code for stemming
$languageCode = '';
if ($languageFieldIDs = CMS_poly_object_catalog::objectHasLanguageField($this->_object->getID())) {
$languageFieldID = array_shift($languageFieldIDs);
//if any query use this field, use the queried value for stemming strategy
if (isset($this->_whereConditions[$languageFieldID]) && $this->_whereConditions[$languageFieldID]) {
$languageCode = $this->_whereConditions[$languageFieldID][0]['value'];
}
}
//otherwise, we use current language
if (!$languageCode) {
global $cms_language;
$languageCode = $cms_language->getCode();
}
if (!$languageCode) {
$languageCode = io::strtolower(APPLICATION_DEFAULT_LANGUAGE);
}
$module = $this->_object->getValue('module');
//create Xapian search object
$search = new CMS_XapianQuery(trim($value), array($module), $languageCode, true);
//load module interface
if (!($moduleInterface = CMS_ase_interface_catalog::getModuleInterface($module))) {
$this->raiseError('No active Xapian interface for module : ' . $module);
return false;
}
//add previously found IDs to search filters
$moduleInterface->addFilter('items', $IDs);
//set module interface to search engine
$search->setModuleInterface($module, $moduleInterface);
//set page number and max results for xapian query
//we must do a complete search all the time so we start from page 0
$page = 0;
//we limit to a maximum of 1000 results
$maxResults = 1000;
//then search
if (!$search->query($page, $maxResults)) {
$this->raiseError('Error in Xapian query for search : ' . io::htmlspecialchars($value));
return false;
}
//pr($search->getQueryDesc(true));
//if no results : break
if (!$search->getMatchesNumbers()) {
break;
}
$xapianResults = $search->getMatches();
} else {
//get fields
if (!isset($this->_fieldsDefinitions[$type]) || !is_object($this->_fieldsDefinitions[$type])) {
//get object fields definition
$this->_fieldsDefinitions = CMS_poly_object_catalog::getFieldsDefinition($this->_object->getID());
}
//search only in "searchable" fields
$fields = array();
$aseExists = class_exists('CMS_module_ase') && CMS_module_ase::isActive() && $this->_object->getValue('indexable') ? true : false;
foreach ($this->_fieldsDefinitions as $fieldDefinition) {
if ($fieldDefinition->getValue($aseExists ? 'indexable' : 'searchable')) {
$fields[] = $fieldDefinition->getID();
}
}
if (!$fields) {
//if no fields after cleaning, return
break;
}
//add previously found IDs to where clause
$where = $IDs ? ' objectID in (' . $this->_getSQLTmpList() . ') and ' : '';
//filter on specified fields
$where .= $fields ? ' objectFieldID in (' . implode(',', $fields) . ') and ' : '';
//clean user keywords (never trust user input, user is evil)
$value = strtr($value, ",;", " ");
$words = array();
$words = array_map("trim", array_unique(explode(" ", $value)));
$cleanedWords = array();
foreach ($words as $aWord) {
if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) {
$aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord);
$cleanedWords[] = $aWord;
}
}
if (!$cleanedWords) {
//if no words after cleaning, return
break;
}
switch ($operator) {
case 'any':
$where .= '(';
//then add keywords
$count = '0';
foreach ($cleanedWords as $aWord) {
$where .= $count ? ' or ' : '';
$count++;
$where .= "value like '%" . $aWord . "%'";
if (htmlentities($aWord) != $aWord) {
$where .= " or value like '%" . htmlentities($aWord) . "%'";
}
}
$where .= ')';
break;
case 'all':
$where .= '(';
//then add keywords
$count = '0';
foreach ($cleanedWords as $aWord) {
$where .= $count ? ' and ' : '';
$count++;
if (htmlentities($aWord) != $aWord) {
$where .= "(value like '%" . $aWord . "%' or value like '%" . htmlentities($aWord) . "%')";
} else {
$where .= "value like '%" . $aWord . "%'";
}
}
$where .= ')';
break;
case 'phrase':
$value = str_replace(array('%', '_'), array('\\%', '\\_'), trim($value));
if (htmlentities($value) != $value) {
$where .= "(value like '%" . $value . "%' or value like '%" . htmlentities($value) . "%')";
} else {
$where .= "value like '%" . $value . "%'";
}
break;
case 'beginswith':
$value = str_replace(array('%', '_'), array('\\%', '\\_'), trim($value));
if (htmlentities($value) != $value) {
$where .= "(value like '" . $value . "%' or value like '" . htmlentities($value) . "%')";
} else {
$where .= "value like '" . $value . "%'";
}
break;
}
$sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_text" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\tunion distinct\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\tunion distinct\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_string" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\tunion distinct\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_date" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t";
}
}
break;
case "publication date after":
// Date start
//add previously found IDs to where clause
$where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : '';
$sql = "\n\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\tand publicationDateStart_rs >= '" . $value->getDBValue(true) . "'\n\t\t\t\t\t\t\t\tand publicationDateStart_rs != '0000-00-00'\n\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t";
break;
case "publication date before":
// Date End
//add previously found IDs to where clause
$where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : '';
$sql = "\n\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\tand publicationDateStart_rs <= '" . $value->getDBValue(true) . "'\n\t\t\t\t\t\t\t\tand publicationDateStart_rs != '0000-00-00'\n\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t";
break;
case "publication date end":
// End Date of publication
//add previously found IDs to where clause
$where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : '';
$sql = "\n\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\tand (publicationDateEnd_rs >= '" . $value->getDBValue(true) . "'\n\t\t\t\t\t\t\t\tor publicationDateEnd_rs = '0000-00-00')\n\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t";
break;
case "status":
// Publication status
//add previously found IDs to where clause
$where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : '';
switch ($value) {
case 'online':
$sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\t\tand location_rs='" . RESOURCE_LOCATION_USERSPACE . "'\n\t\t\t\t\t\t\t\t\tand publication_rs='" . RESOURCE_PUBLICATION_PUBLIC . "'\n\t\t\t\t\t\t\t\t\tand publicationDateStart_rs <= '" . date('Y-m-d') . "'\n\t\t\t\t\t\t\t\t\tand publicationDateStart_rs != '0000-00-00'\n\t\t\t\t\t\t\t\t\tand (publicationDateEnd_rs >= '" . date('Y-m-d') . "'\n\t\t\t\t\t\t\t\t\tor publicationDateEnd_rs = '0000-00-00')\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t";
break;
case 'offline':
$sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\t\tand (publication_rs='" . RESOURCE_PUBLICATION_NEVERVALIDATED . "' or publication_rs='" . RESOURCE_PUBLICATION_VALIDATED . "')\n\t\t\t\t\t\t\t\t\tand (publicationDateStart_rs > '" . date('Y-m-d') . "' or publicationDateEnd_rs < '" . date('Y-m-d') . "')\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t";
break;
case 'validated':
$sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\t\tand editions_rs=0\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t";
break;
case 'awaiting':
$sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\t\tand editions_rs!=0\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t";
break;
}
break;
default:
//add previously found IDs to where clause
$where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : '';
if (!isset($this->_fieldsDefinitions[$type]) || !is_object($this->_fieldsDefinitions[$type])) {
//get object fields definition
$this->_fieldsDefinitions = CMS_poly_object_catalog::getFieldsDefinition($this->_object->getID());
}
//get type object for field
if (isset($this->_fieldsDefinitions[$type])) {
$objectField = $this->_fieldsDefinitions[$type]->getTypeObject();
$sql = $objectField->getFieldSearchSQL($type, $value, $operator, $where, $this->_public);
} else {
$this->raiseError('Unknown field ' . $type . ' to filter with value ' . print_r($value, true));
}
break;
}
if ($sql || isset($xapianResults) || isset($fullTextResults)) {
if ($sql) {
//pr($sql);
//$this->raiseError($sql);
$q = new CMS_query($sql);
$IDs = array();
if (!$q->hasError()) {
while ($id = $q->getValue('objectID')) {
$IDs[$id] = $id;
}
}
} elseif (isset($xapianResults)) {
$IDs = array();
foreach ($xapianResults as $id) {
$IDs[$id] = $id;
}
//if we only have objectID as orderCondition or if order by relevance is queried, use order provided by Xapian
if (isset($this->_orderConditions['objectID']) && $this->_orderConditions['objectID'] && sizeof($this->_orderConditions) <= 1 || isset($this->_orderConditions['relevance']) && $this->_orderConditions['relevance']) {
if ($this->_orderConditions['relevance'] == 'desc') {
$this->_orderConditions = array('itemsOrdered' => array('order' => array_reverse($IDs, true)));
} else {
$this->_orderConditions = array('itemsOrdered' => array('order' => $IDs));
}
if (isset($this->_orderConditions['relevance']) && $this->_orderConditions['relevance']) {
unset($this->_orderConditions['relevance']);
}
}
} else {
//if we only have objectID as orderCondition or if order by relevance is queried, use order provided by MySQL Fulltext
if (isset($this->_orderConditions['relevance']) && $this->_orderConditions['relevance']) {
if ($this->_orderConditions['relevance'] == 'desc') {
$this->_orderConditions = array('itemsOrdered' => array('order' => array_reverse($fullTextResults, true)));
} else {
$this->_orderConditions = array('itemsOrdered' => array('order' => $fullTextResults));
}
unset($this->_orderConditions['relevance']);
}
}
//if no results, no need to continue
if (!$IDs) {
$IDs = array();
$this->_numRows = 0;
return $IDs;
}
//update tmp table with found ids
$this->_updateTmpList($IDs);
} else {
//if no sql request, then no results (can be used by 'profile'), no need to continue
$IDs = array();
$this->_numRows = sizeof($IDs);
return $IDs;
}
}
}
$this->_numRows = sizeof($IDs);
return $IDs;
}
/**
* set object Values
*
* @param array $values : the POST result values
* @param string prefixname : the prefix used for post names
* @param boolean newFormat : new automne v4 format (default false for compatibility)
* @param integer $objectID : the current object id. Must be set, but default is blank for compatibility with other objects
* @return boolean true on success, false on failure
* @access public
*/
function setValues($values, $prefixName, $newFormat = false, $objectID = '')
{
if (!sensitiveIO::isPositiveInteger($objectID)) {
$this->raiseError('ObjectID must be a positive integer : ' . $objectID);
return false;
}
//get field parameters
$params = $this->getParamsValues();
//get module codename
$moduleCodename = CMS_poly_object_catalog::getModuleCodenameForField($this->_field->getID());
if ($newFormat) {
//delete old images ?
//thumbnail
if ($this->_subfieldValues[0]->getValue() && (!$values[$prefixName . $this->_field->getID() . '_0'] || pathinfo($values[$prefixName . $this->_field->getID() . '_0'], PATHINFO_BASENAME) != $this->_subfieldValues[0]->getValue())) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue());
$this->_subfieldValues[0]->setValue('');
}
//image zoom
if ($this->_subfieldValues[2]->getValue() && (!isset($values[$prefixName . $this->_field->getID() . '_2']) || !$values[$prefixName . $this->_field->getID() . '_2'] || pathinfo($values[$prefixName . $this->_field->getID() . '_2'], PATHINFO_BASENAME) != $this->_subfieldValues[2]->getValue())) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue());
$this->_subfieldValues[2]->setValue('');
}
//set label from label field
if (!$this->_subfieldValues[1]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_1']))) {
return false;
}
//image zoom (if needed)
if ((!isset($values[$prefixName . $this->_field->getID() . '_makeZoom']) || $values[$prefixName . $this->_field->getID() . '_makeZoom'] != 1) && isset($values[$prefixName . $this->_field->getID() . '_2']) && $values[$prefixName . $this->_field->getID() . '_2'] && io::strpos($values[$prefixName . $this->_field->getID() . '_2'], PATH_UPLOAD_WR . '/') !== false) {
$filename = $values[$prefixName . $this->_field->getID() . '_2'];
//check for image type before doing anything
if (!in_array(io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)), $this->_allowedExtensions)) {
return false;
}
//destroy old image if any
if ($this->_subfieldValues[2]->getValue()) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue());
$this->_subfieldValues[2]->setValue('');
}
//move and rename uploaded file
$filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $filename);
$basename = pathinfo($filename, PATHINFO_BASENAME);
//set thumbnail
$path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED;
$zoomBasename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($basename));
if (io::strlen($zoomBasename) > 255) {
$zoomBasename = sensitiveIO::ellipsis($zoomBasename, 255, '-', true);
}
$zoomFilename = $path . '/' . $zoomBasename;
CMS_file::moveTo($filename, $zoomFilename);
CMS_file::chmodFile(FILES_CHMOD, $zoomFilename);
//set it
if (!$this->_subfieldValues[2]->setValue($zoomBasename)) {
return false;
}
}
//thumbnail
if ($values[$prefixName . $this->_field->getID() . '_0'] && io::strpos($values[$prefixName . $this->_field->getID() . '_0'], PATH_UPLOAD_WR . '/') !== false) {
$filename = $values[$prefixName . $this->_field->getID() . '_0'];
//check for image type before doing anything
if (!in_array(io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)), $this->_allowedExtensions)) {
return false;
}
//destroy old image if any
if ($this->_subfieldValues[0]->getValue()) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue());
$this->_subfieldValues[0]->setValue('');
}
//move and rename uploaded file
$filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $filename);
$basename = pathinfo($filename, PATHINFO_BASENAME);
//set thumbnail
$path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED;
$newBasename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($basename));
//rename image
$path_parts = pathinfo($newBasename);
$extension = io::strtolower($path_parts['extension']);
$newBasename = io::substr($path_parts['basename'], 0, -(io::strlen($extension) + 1)) . '_thumbnail.' . $extension;
if (io::strlen($newBasename) > 255) {
$newBasename = sensitiveIO::ellipsis($newBasename, 255, '-', true);
}
$newFilename = $path . '/' . $newBasename;
//move file from upload dir to new dir
CMS_file::moveTo($filename, $newFilename);
CMS_file::chmodFile(FILES_CHMOD, $newFilename);
//if we use original image as image zoom, set it
if (isset($values[$prefixName . $this->_field->getID() . '_makeZoom']) && $values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) {
$zoomFilename = str_replace('_thumbnail.' . $extension, '.' . $extension, $newFilename);
//copy image as zoom
CMS_file::copyTo($newFilename, $zoomFilename);
$zoomBasename = pathinfo($zoomFilename, PATHINFO_BASENAME);
//set image zoom
if (!$this->_subfieldValues[2]->setValue($zoomBasename)) {
return false;
}
}
//resize thumbnail if needed
if ($params['maxWidth'] > 0 || $params['maxHeight'] > 0) {
$oImage = new CMS_image($newFilename);
//get current file size
$sizeX = $oImage->getWidth();
$sizeY = $oImage->getHeight();
//check thumbnail size
if ($params['maxWidth'] && $sizeX > $params['maxWidth'] || $params['maxHeight'] && $sizeY > $params['maxHeight']) {
$newSizeX = $sizeX;
$newSizeY = $sizeY;
// Check width
if ($params['maxWidth'] && $newSizeX > $params['maxWidth']) {
$newSizeY = round($params['maxWidth'] * $newSizeY / $newSizeX);
$newSizeX = $params['maxWidth'];
}
if ($params['maxHeight'] && $newSizeY > $params['maxHeight']) {
$newSizeX = round($params['maxHeight'] * $newSizeX / $newSizeY);
$newSizeY = $params['maxHeight'];
}
if (!$oImage->resize($newSizeX, $newSizeY, $newFilename)) {
return false;
}
}
}
//set thumbnail
if (!$this->_subfieldValues[0]->setValue($newBasename)) {
return false;
}
}
// If label not set yet, set it
/*if(!$this->_subfieldValues[1]->getValue()){
if($this->_subfieldValues[0]->getValue()){
$this->_subfieldValues[1]->setValue($this->_subfieldValues[0]->getValue());
}
}*/
//if we had an imagezoom, check his size
if ($this->_subfieldValues[2]->getValue() && ($params['maxZoomWidth'] > 0 || $params['maxZoomHeight'] > 0)) {
//resize zoom if needed
$path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED;
$basename = $this->_subfieldValues[2]->getValue();
$filename = $path . '/' . $basename;
$extension = io::strtolower(pathinfo($basename, PATHINFO_EXTENSION));
$oImage = new CMS_image($filename);
//get current file size
$sizeX = $oImage->getWidth();
$sizeY = $oImage->getHeight();
//check zoom size
if ($params['maxZoomWidth'] && $sizeX > $params['maxZoomWidth'] || $params['maxZoomHeight'] && $sizeY > $params['maxZoomHeight']) {
$newSizeX = $sizeX;
$newSizeY = $sizeY;
// Check width
if ($params['maxZoomWidth'] && $newSizeX > $params['maxZoomWidth']) {
$newSizeY = round($params['maxZoomWidth'] * $newSizeY / $newSizeX);
$newSizeX = $params['maxZoomWidth'];
}
if ($params['maxZoomHeight'] && $newSizeY > $params['maxZoomHeight']) {
$newSizeX = round($params['maxZoomHeight'] * $newSizeX / $newSizeY);
$newSizeY = $params['maxZoomHeight'];
}
if (!$oImage->resize($newSizeX, $newSizeY, $filename)) {
return false;
}
}
}
//update files infos if needed
if ($this->_subfieldValues[0]->getValue() && file_exists(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue())) {
$file = new CMS_file(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue());
$imageDatas = array('filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension());
} else {
$imageDatas = array('filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'extension' => '');
}
$imageDatas['module'] = $moduleCodename;
$imageDatas['visualisation'] = RESOURCE_DATA_LOCATION_EDITED;
if ($params['useDistinctZoom'] || $this->_subfieldValues[2]->getValue()) {
//update files infos if needed
if ($this->_subfieldValues[2]->getValue() && file_exists(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue())) {
$file = new CMS_file(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue());
$zoomDatas = array('filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension());
} else {
$zoomDatas = array('filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'extension' => '');
}
$zoomDatas['module'] = $moduleCodename;
$zoomDatas['visualisation'] = RESOURCE_DATA_LOCATION_EDITED;
} else {
$zoomDatas = '';
}
$content = array('datas' => array('polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_0]' => $imageDatas, 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_2]' => $zoomDatas, 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_1]' => sensitiveIO::decodeEntities($this->_subfieldValues[1]->getValue())));
$view = CMS_view::getInstance();
$view->addContent($content);
return true;
} else {
//Old format
//delete old images ?
if (isset($values[$prefixName . $this->_field->getID() . '_delete']) && $values[$prefixName . $this->_field->getID() . '_delete'] == 1) {
if ($this->_subfieldValues[0]->getValue()) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue());
$this->_subfieldValues[0]->setValue('');
} elseif (isset($values[$prefixName . $this->_field->getID() . '_0_hidden']) && $values[$prefixName . $this->_field->getID() . '_0_hidden']) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_0_hidden']);
$this->_subfieldValues[0]->setValue('');
}
if ($this->_subfieldValues[2]->getValue()) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue());
$this->_subfieldValues[2]->setValue('');
} elseif (isset($values[$prefixName . $this->_field->getID() . '_2_hidden']) && $values[$prefixName . $this->_field->getID() . '_2_hidden']) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_2_hidden']);
$this->_subfieldValues[2]->setValue('');
}
}
//set label from label field
if (!$this->_subfieldValues[1]->setValue(io::htmlspecialchars(@$values[$prefixName . $this->_field->getID() . '_1']))) {
return false;
}
//thumbnail
if (isset($_FILES[$prefixName . $this->_field->getID() . '_0']) && $_FILES[$prefixName . $this->_field->getID() . '_0']['name'] && !$_FILES[$prefixName . $this->_field->getID() . '_0']['error']) {
//check for image type before doing anything
if (!in_array(io::strtolower(pathinfo($_FILES[$prefixName . $this->_field->getID() . '_0']["name"], PATHINFO_EXTENSION)), $this->_allowedExtensions)) {
return false;
}
//set label as image name if none set
/*if (!$values[$prefixName.$this->_field->getID().'_1']) {
if (!$this->_subfieldValues[1]->setValue(io::htmlspecialchars($_FILES[$prefixName.$this->_field->getID().'_0']["name"]))) {
return false;
}
}*/
//destroy all old images if any
if ($this->_subfieldValues[0]->getValue()) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue());
$this->_subfieldValues[0]->setValue('');
} elseif (isset($values[$prefixName . $this->_field->getID() . '_0_hidden']) && $values[$prefixName . $this->_field->getID() . '_0_hidden']) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_0_hidden']);
$this->_subfieldValues[0]->setValue('');
}
if ($this->_subfieldValues[2]->getValue()) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue());
$this->_subfieldValues[2]->setValue('');
} elseif (isset($values[$prefixName . $this->_field->getID() . '_2_hidden']) && $values[$prefixName . $this->_field->getID() . '_2_hidden']) {
@unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_2_hidden']);
$this->_subfieldValues[2]->setValue('');
}
//set thumbnail (resize it if needed)
//create thumbnail path
$path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED;
$filename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($_FILES[$prefixName . $this->_field->getID() . '_0']["name"]));
if (io::strlen($filename) > 255) {
$filename = sensitiveIO::ellipsis($filename, 255, '-', true);
}
//move uploaded file
$fileDatas = CMS_file::uploadFile($prefixName . $this->_field->getID() . '_0', PATH_TMP_FS);
if ($fileDatas['error']) {
return false;
}
if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) {
return false;
}
if ($params['maxWidth'] > 0) {
$oImage = new CMS_image($path . "/" . $filename);
//get current file size
$sizeX = $oImage->getWidth();
$sizeY = $oImage->getHeight();
//check thumbnail size
if ($sizeX > $params['maxWidth'] || $sizeY > $params['maxHeight']) {
$newSizeX = $sizeX;
$newSizeY = $sizeY;
// Check width
if ($params['maxWidth'] && $newSizeX > $params['maxWidth']) {
$newSizeY = round($params['maxWidth'] * $newSizeY / $newSizeX);
$newSizeX = $params['maxWidth'];
}
if ($params['maxHeight'] && $newSizeY > $params['maxHeight']) {
$newSizeX = round($params['maxHeight'] * $newSizeX / $newSizeY);
$newSizeY = $params['maxHeight'];
}
//resize image
$srcfilepath = $path . "/" . $filename;
$path_parts = pathinfo($srcfilepath);
$thumbnailFilename = io::substr($path_parts['basename'], 0, -(io::strlen($path_parts['extension']) + 1)) . '_thumbnail.' . $path_parts['extension'];
$destfilepath = $path . "/" . $thumbnailFilename;
$extension = io::strtolower($path_parts['extension']);
if (!$oImage->resize($newSizeX, $newSizeY, $destfilepath)) {
return false;
}
//if we use original image as image zoom, set it
if ($values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) {
//set image zoom
if (!$this->_subfieldValues[2]->setValue($filename)) {
return false;
}
} else {
//destroy original image
unlink($srcfilepath);
}
//set resized thumbnail
if (!$this->_subfieldValues[0]->setValue($thumbnailFilename)) {
return false;
}
} else {
//no need to resize thumbnail (below the maximum width), so set it
if (!$this->_subfieldValues[0]->setValue($filename)) {
return false;
}
//if we use original image as image zoom, set it
if ($values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) {
//set image zoom
if (!$this->_subfieldValues[2]->setValue($filename)) {
return false;
}
}
}
} else {
//no need to resize thumbnail, so set it
if (!$this->_subfieldValues[0]->setValue($filename)) {
return false;
}
//if we use original image as image zoom, set it
if ($values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) {
//set image zoom
if (!$this->_subfieldValues[2]->setValue($filename)) {
return false;
}
}
}
} elseif (isset($_FILES[$prefixName . $this->_field->getID() . '_0']) && $_FILES[$prefixName . $this->_field->getID() . '_0']['name'] && $_FILES[$prefixName . $this->_field->getID() . '_0']['error'] != 0) {
return false;
} elseif (isset($values[$prefixName . $this->_field->getID() . '_0_hidden']) && $values[$prefixName . $this->_field->getID() . '_0_hidden'] && (!isset($values[$prefixName . $this->_field->getID() . '_delete']) || $values[$prefixName . $this->_field->getID() . '_delete'] != 1)) {
//set label as image name if none set
if (!$this->_subfieldValues[0]->setValue($values[$prefixName . $this->_field->getID() . '_0_hidden'])) {
return false;
}
}
//image zoom (if needed)
if (isset($values[$prefixName . $this->_field->getID() . '_makeZoom']) && $values[$prefixName . $this->_field->getID() . '_makeZoom'] != 1 && isset($_FILES[$prefixName . $this->_field->getID() . '_2']['name']) && $_FILES[$prefixName . $this->_field->getID() . '_2']['name'] && !$_FILES[$prefixName . $this->_field->getID() . '_2']['error']) {
//check for image type before doing anything
if (!in_array(io::strtolower(pathinfo($_FILES[$prefixName . $this->_field->getID() . '_2']["name"], PATHINFO_EXTENSION)), $this->_allowedExtensions)) {
return false;
}
//create thumbnail path
$path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED;
$filename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($_FILES[$prefixName . $this->_field->getID() . '_2']["name"]));
if (io::strlen($filename) > 255) {
$filename = sensitiveIO::ellipsis($filename, 255, '-', true);
}
//move uploaded file
$fileDatas = CMS_file::uploadFile($prefixName . $this->_field->getID() . '_2', PATH_TMP_FS);
if ($fileDatas['error']) {
return false;
}
if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) {
return false;
}
//set it
if (!$this->_subfieldValues[2]->setValue($filename)) {
return false;
}
} elseif (isset($_FILES[$prefixName . $this->_field->getID() . '_2']) && $_FILES[$prefixName . $this->_field->getID() . '_2']['name'] && $_FILES[$prefixName . $this->_field->getID() . '_2']['error'] != 0) {
return false;
} elseif (isset($values[$prefixName . $this->_field->getID() . '_2_hidden']) && $values[$prefixName . $this->_field->getID() . '_2_hidden'] && (!isset($values[$prefixName . $this->_field->getID() . '_delete']) || $values[$prefixName . $this->_field->getID() . '_delete'] != 1)) {
if (!$this->_subfieldValues[2]->setValue($values[$prefixName . $this->_field->getID() . '_2_hidden'])) {
return false;
}
}
return true;
}
}
/**
* Search messages
* Static function.
*
* @param string module : module to search messages
* @param string search : search message by value
* @param array languagesOnly : limit search to given languages codes
* @param array options : search options
* @param string direction : search is ordered by results id. Specify order direction (asc or desc). Default : asc
* @param integer start : search start offset
* @param integer limit : search limit (default : 0 : unlimited)
* @param integer resultsnb : return results count by reference
* @return array(id => msg)
* @access public
*/
static function searchMessages($module, $search = '', $languagesOnly = array(), $options = array(), $direction = 'asc', $start = 0, $limit = 0, &$resultsnb)
{
$start = (int) $start;
$limit = (int) $limit;
$direction = in_array(io::strtolower($direction), array('asc', 'desc')) ? io::strtolower($direction) : 'asc';
$emptyOnly = $idsOnly = false;
if (is_array($options)) {
$emptyOnly = isset($options['empty']) && $options['empty'] ? true : false;
$idsOnly = isset($options['ids']) && is_array($options['ids']) ? $options['ids'] : false;
}
$keywordsWhere = $languagesWhere = $emptyWhere = $orderBy = $orderClause = $idsWhere = '';
//get ids for which one message is missing
if ($emptyOnly) {
$qLanguages = new CMS_query("\n\t\t\t\tselect \n\t\t\t\t\tdistinct language_mes\n\t\t\t\tfrom \n\t\t\t\t\tmessages\n\t\t\t\twhere\n\t\t\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t");
$qIds = new CMS_query("\n\t\t\t\tselect \n\t\t\t\t\tdistinct id_mes\n\t\t\t\tfrom \n\t\t\t\t\tmessages\n\t\t\t\twhere\n\t\t\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t");
$allIds = $qIds->getAll(PDO::FETCH_COLUMN | PDO::FETCH_UNIQUE, 0);
$missingIds = array();
while ($language = $qLanguages->getValue('language_mes')) {
$qLang = new CMS_query("\n\t\t\t\t\tselect \n\t\t\t\t\t\tdistinct id_mes\n\t\t\t\t\tfrom \n\t\t\t\t\t\tmessages\n\t\t\t\t\twhere\n\t\t\t\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t\t\t\tand language_mes='" . $language . "'\n\t\t\t\t\t\tand message_mes != ''\n\t\t\t\t");
$ids = $qLang->getAll(PDO::FETCH_COLUMN | PDO::FETCH_UNIQUE, 0);
$missingIds = array_merge($missingIds, array_diff($allIds, $ids));
}
if (!$missingIds) {
$resultsnb = 0;
return array();
}
$emptyWhere = ' and id_mes in (' . implode($missingIds, ',') . ')';
}
if ($idsOnly) {
$idsWhere = ' and id_mes in (' . io::sanitizeSQLString(implode($idsOnly, ',')) . ')';
}
if ($search) {
//clean user keywords (never trust user input, user is evil)
$search = strtr($search, ",;", " ");
if (isset($options['phrase']) && $options['phrase']) {
$search = str_replace(array('%', '_'), array('\\%', '\\_'), $search);
if (htmlentities($search) != $search) {
$keywordsWhere .= " and (\n\t\t\t\t\t\tmessage_mes like '%" . sensitiveIO::sanitizeSQLString($search) . "%' or message_mes like '%" . sensitiveIO::sanitizeSQLString(htmlentities($search)) . "%'\n\t\t\t\t\t)";
} else {
$keywordsWhere .= " and message_mes like '%" . sensitiveIO::sanitizeSQLString($search) . "%'";
}
} else {
$words = array();
$words = array_map("trim", array_unique(explode(" ", io::strtolower($search))));
$cleanedWords = array();
foreach ($words as $aWord) {
if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) {
$aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord);
$cleanedWords[] = $aWord;
}
}
if (!$cleanedWords) {
//if no words after cleaning, return
return array();
}
foreach ($cleanedWords as $cleanedWord) {
$keywordsWhere .= $keywordsWhere ? " and " : '';
if (htmlentities($aWord) != $aWord) {
$keywordsWhere .= " (\n\t\t\t\t\t\t\tmessage_mes like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%' or message_mes like '%" . sensitiveIO::sanitizeSQLString(htmlentities($cleanedWord)) . "%'\n\t\t\t\t\t\t)";
} else {
$keywordsWhere .= " (\n\t\t\t\t\t\t\tmessage_mes like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\t\t)";
}
}
$keywordsWhere = ' and (' . $keywordsWhere . ')';
}
}
if (is_array($languagesOnly) && $languagesOnly) {
$languagesWhere = ' and language_mes in (\'' . implode($languagesOnly, '\',\'') . '\')';
}
$orderClause = "order by\n\t\t\tid_mes\n\t\t\t" . $direction;
$sql = "\n\t\t\tselect\n\t\t\t\tid_mes as id\n\t\t\tfrom\n\t\t\t\tmessages\n\t\t\twhere \n\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t" . $keywordsWhere . "\n\t\t\t" . $languagesWhere . "\n\t\t\t" . $emptyWhere . "\n\t\t\t" . $idsWhere . "\n\t\t";
$q = new CMS_query($sql);
if (!$q->getNumRows()) {
$resultsnb = 0;
return array();
}
$messageIds = array();
$messageIds = $q->getAll(PDO::FETCH_COLUMN | PDO::FETCH_UNIQUE, 0);
$sql = "\n\t\t\tselect\n\t\t\t\tid_mes as id,\n\t\t\t\tmodule_mes as module,\n\t\t\t\tlanguage_mes as language,\n\t\t\t\tmessage_mes as message\n\t\t\tfrom\n\t\t\t\tmessages\n\t\t\twhere \n\t\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t\tand id_mes in (" . implode($messageIds, ',') . ")\n\t\t\t\t" . $orderClause . "\n\t\t";
$q = new CMS_query($sql);
if (!$q->getNumRows()) {
$resultsnb = 0;
return array();
}
$messageGroups = array();
$messageGroups = $q->getAll(PDO::FETCH_GROUP | PDO::FETCH_ASSOC);
$resultsnb = count($messageGroups);
if ($limit) {
$messageGroups = array_slice($messageGroups, $start, $limit, true);
}
$messages = array();
foreach ($messageGroups as $key => $messageGroup) {
$messages[$key]['id'] = $key;
foreach ($messageGroup as $message) {
$messages[$key][$message['language']] = $message['message'];
}
}
return $messages;
}
/**
* function chmodFile
* Try to chmod a file (a dir is redirected to makeExecutable method).
* @param string $right, the 3 or 4 octal numbers to set (775, 664, 0664, etc.)
* @param string $file, the full filename of the file or dir
* @return boolean true on success, false on failure
* @static
*/
static function chmodFile($right, $file)
{
$file = realpath($file);
if (!file_exists($file)) {
return false;
}
if (@is_dir($file)) {
return CMS_file::makeExecutable($file);
} elseif (@is_file($file)) {
if (APPLICATION_IS_WINDOWS) {
//chmod does not mean anything on windows
return true;
}
$right = io::strlen($right) == 3 ? '0' . $right : $right;
return @chmod($file, octdec($right));
} else {
CMS_grandFather::raiseError("Can't chmod file who does not exist : " . $file);
return false;
}
}
