/**
* Fetches language entries for options from DB
*
* @param int $lang_id
*/
public function load_option_lang($lang_id)
{
$sql = 'SELECT field_id, option_id, lang_value
FROM ' . $this->language_table . '
WHERE lang_id = ' . (int) $lang_id . "\n\t\t\t\tORDER BY option_id";
$result = $this->db->sql_query($sql);
while ($row = $this->db->sql_fetchrow($result)) {
$this->options_lang[$row['field_id']][$lang_id][$row['option_id'] + 1] = $row['lang_value'];
}
$this->db->sql_freeresult($result);
}
/**
* Load a user by username
*
* Stores the full data in the user cache so they do not need to be loaded again
* Returns the user id so you may use get_user() from the returned value
*
* @param string $username Raw username to load (will be cleaned)
* @return int User ID for the username
*/
public function load_user_by_username($username)
{
$sql = 'SELECT *
FROM ' . $this->users_table . "\n\t\t\tWHERE username_clean = '" . $this->db->sql_escape(utf8_clean_string($username)) . "'";
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
if ($row) {
$this->users[$row['user_id']] = $row;
return $row['user_id'];
}
return ANONYMOUS;
}
/**
* Computes the stats and store them in the $this->stats associative array
*/
protected function get_stats()
{
if (strpos($this->db->get_sql_layer(), 'mysql') === false) {
$this->stats = array();
return;
}
$sql = 'SHOW INDEX
FROM ' . POSTS_TABLE;
$result = $this->db->sql_query($sql);
while ($row = $this->db->sql_fetchrow($result)) {
// deal with older MySQL versions which didn't use Index_type
$index_type = isset($row['Index_type']) ? $row['Index_type'] : $row['Comment'];
if ($index_type == 'FULLTEXT') {
if ($row['Key_name'] == 'post_subject') {
$this->stats['post_subject'] = $row;
} else {
if ($row['Key_name'] == 'post_content') {
$this->stats['post_content'] = $row;
}
}
}
}
$this->db->sql_freeresult($result);
$this->stats['total_posts'] = empty($this->stats) ? 0 : $this->db->get_estimated_row_count(POSTS_TABLE);
}
/**
* Mass delete configuration options.
*
* @param array $keys Set of configuration option names
*
* @return null
*/
public function delete_array(array $keys)
{
$sql = 'DELETE
FROM ' . $this->table . '
WHERE ' . $this->db->sql_in_set('config_name', $keys, false, true);
$this->db->sql_query($sql);
}
/**
* Uninstall style
*
* @param array $style Style data
* @return bool|string True on success, error message on error
*/
protected function uninstall_style($style)
{
$id = $style['style_id'];
$path = $style['style_path'];
// Check if style has child styles
$sql = 'SELECT style_id
FROM ' . STYLES_TABLE . '
WHERE style_parent_id = ' . (int) $id . " OR style_parent_tree = '" . $this->db->sql_escape($path) . "'";
$result = $this->db->sql_query($sql);
$conflict = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
if ($conflict !== false) {
return sprintf($this->user->lang['STYLE_UNINSTALL_DEPENDENT'], $style['style_name']);
}
// Change default style for users
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_style = 0
WHERE user_style = ' . $id;
$this->db->sql_query($sql);
// Uninstall style
$sql = 'DELETE FROM ' . STYLES_TABLE . '
WHERE style_id = ' . $id;
$this->db->sql_query($sql);
return true;
}
/**
* {@inheritDoc}
*/
public function move($group_id, $delta)
{
$delta = (int) $delta;
if (!$delta) {
return false;
}
$move_up = $delta > 0 ? true : false;
$current_value = $this->get_group_value($group_id);
if ($current_value != self::GROUP_DISABLED) {
$this->db->sql_transaction('begin');
// First we move all groups between our current value and the target value up/down 1,
// so we have a gap for our group to move.
$sql = 'UPDATE ' . GROUPS_TABLE . '
SET group_legend = group_legend' . ($move_up ? ' + 1' : ' - 1') . '
WHERE group_legend > ' . self::GROUP_DISABLED . '
AND group_legend' . ($move_up ? ' >= ' : ' <= ') . ($current_value - $delta) . '
AND group_legend' . ($move_up ? ' < ' : ' > ') . $current_value;
$this->db->sql_query($sql);
// Because there might be fewer groups above/below the group than we wanted to move,
// we use the number of changed groups, to update the group.
$delta = (int) $this->db->sql_affectedrows();
if ($delta) {
// And now finally, when we moved some other groups and built a gap,
// we can move the desired group to it.
$sql = 'UPDATE ' . GROUPS_TABLE . '
SET group_legend = group_legend ' . ($move_up ? ' - ' : ' + ') . $delta . '
WHERE group_id = ' . (int) $group_id;
$this->db->sql_query($sql);
$this->db->sql_transaction('commit');
return true;
}
$this->db->sql_transaction('commit');
}
return false;
}
/**
* Get the notification type id from the name
*
* @param string $notification_type_name The name
* @return int the notification_type_id
* @throws \src\notification\exception
*/
public function get_notification_type_id($notification_type_name)
{
$notification_type_ids = $this->cache->get('notification_type_ids');
if ($notification_type_ids === false) {
$notification_type_ids = array();
$sql = 'SELECT notification_type_id, notification_type_name
FROM ' . $this->notification_types_table;
$result = $this->db->sql_query($sql);
while ($row = $this->db->sql_fetchrow($result)) {
$notification_type_ids[$row['notification_type_name']] = (int) $row['notification_type_id'];
}
$this->db->sql_freeresult($result);
$this->cache->put('notification_type_ids', $notification_type_ids);
}
if (!isset($notification_type_ids[$notification_type_name])) {
if (!isset($this->notification_types[$notification_type_name]) && !isset($this->notification_types['notification.type.' . $notification_type_name])) {
throw new \src\notification\exception($this->user->lang('NOTIFICATION_TYPE_NOT_EXIST', $notification_type_name));
}
$sql = 'INSERT INTO ' . $this->notification_types_table . ' ' . $this->db->sql_build_array('INSERT', array('notification_type_name' => $notification_type_name, 'notification_type_enabled' => 1));
$this->db->sql_query($sql);
$notification_type_ids[$notification_type_name] = (int) $this->db->sql_nextid();
$this->cache->put('notification_type_ids', $notification_type_ids);
}
return $notification_type_ids[$notification_type_name];
}
/**
* Display various options that can be configured for the backend from the acp
*
* @return associative array containing template and config variables
*/
public function acp()
{
$tpl = '
<dl>
<dt><label>' . $this->user->lang['FULLTEXT_POSTGRES_VERSION_CHECK'] . '</label><br /><span>' . $this->user->lang['FULLTEXT_POSTGRES_VERSION_CHECK_EXPLAIN'] . '</span></dt>
<dd>' . ($this->db->get_sql_layer() == 'postgres' ? $this->user->lang['YES'] : $this->user->lang['NO']) . '</dd>
</dl>
<dl>
<dt><label>' . $this->user->lang['FULLTEXT_POSTGRES_TS_NAME'] . '</label><br /><span>' . $this->user->lang['FULLTEXT_POSTGRES_TS_NAME_EXPLAIN'] . '</span></dt>
<dd><select name="config[fulltext_postgres_ts_name]">';
if ($this->db->get_sql_layer() == 'postgres') {
$sql = 'SELECT cfgname AS ts_name
FROM pg_ts_config';
$result = $this->db->sql_query($sql);
while ($row = $this->db->sql_fetchrow($result)) {
$tpl .= '<option value="' . $row['ts_name'] . '"' . ($row['ts_name'] === $this->config['fulltext_postgres_ts_name'] ? ' selected="selected"' : '') . '>' . $row['ts_name'] . '</option>';
}
$this->db->sql_freeresult($result);
} else {
$tpl .= '<option value="' . $this->config['fulltext_postgres_ts_name'] . '" selected="selected">' . $this->config['fulltext_postgres_ts_name'] . '</option>';
}
$tpl .= '</select></dd>
</dl>
<dl>
<dt><label for="fulltext_postgres_min_word_len">' . $this->user->lang['FULLTEXT_POSTGRES_MIN_WORD_LEN'] . $this->user->lang['COLON'] . '</label><br /><span>' . $this->user->lang['FULLTEXT_POSTGRES_MIN_WORD_LEN_EXPLAIN'] . '</span></dt>
<dd><input id="fulltext_postgres_min_word_len" type="number" size="3" maxlength="3" min="0" max="255" name="config[fulltext_postgres_min_word_len]" value="' . (int) $this->config['fulltext_postgres_min_word_len'] . '" /></dd>
</dl>
<dl>
<dt><label for="fulltext_postgres_max_word_len">' . $this->user->lang['FULLTEXT_POSTGRES_MAX_WORD_LEN'] . $this->user->lang['COLON'] . '</label><br /><span>' . $this->user->lang['FULLTEXT_POSTGRES_MAX_WORD_LEN_EXPLAIN'] . '</span></dt>
<dd><input id="fulltext_postgres_max_word_len" type="number" size="3" maxlength="3" min="0" max="255" name="config[fulltext_postgres_max_word_len]" value="' . (int) $this->config['fulltext_postgres_max_word_len'] . '" /></dd>
</dl>
';
// These are fields required in the config table
return array('tpl' => $tpl, 'config' => array('fulltext_postgres_ts_name' => 'string', 'fulltext_postgres_min_word_len' => 'integer:0:255', 'fulltext_postgres_max_word_len' => 'integer:0:255'));
}
/**
* Get attachment file count and size of upload directory
*
* @param $limit string Additional limit for WHERE clause to filter stats by.
* @return array Returns array with stats: num_files and upload_dir_size
*/
public function get_attachment_stats($limit = '')
{
$sql = 'SELECT COUNT(a.attach_id) AS num_files, SUM(a.filesize) AS upload_dir_size
FROM ' . ATTACHMENTS_TABLE . " a\n\t\t\tWHERE a.is_orphan = 0\n\t\t\t\t{$limit}";
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
return array('num_files' => (int) $row['num_files'], 'upload_dir_size' => (double) $row['upload_dir_size']);
}
/**
* A helper function that performs the query for retrieving an access token
*
* @param array $data
* @return mixed
*/
protected function get_access_token_row($data)
{
$sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . '
WHERE ' . $this->db->sql_build_array('SELECT', $data);
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
return $row;
}
/**
* Updates rows in given table from a set of values to a new value.
* If this results in rows violating uniqueness constraints, the duplicate
* rows are merged respecting notify_status (0 takes precedence over 1).
*
* The only supported table is topics_watch.
*
* @param \src\db\driver\driver_interface $db Database object
* @param string $table Table on which to perform the update
* @param string $column Column whose values to change
* @param array $from_values An array of values that should be changed
* @param int $to_value The new value
* @return null
*/
function src_update_rows_avoiding_duplicates_notify_status(\src\db\driver\driver_interface $db, $table, $column, $from_values, $to_value)
{
$sql = "SELECT {$column}, user_id, notify_status\n\t\tFROM {$table}\n\t\tWHERE " . $db->sql_in_set($column, $from_values);
$result = $db->sql_query($sql);
$old_user_ids = array();
while ($row = $db->sql_fetchrow($result)) {
$old_user_ids[(int) $row['notify_status']][$row[$column]][] = (int) $row['user_id'];
}
$db->sql_freeresult($result);
$sql = "SELECT {$column}, user_id\n\t\tFROM {$table}\n\t\tWHERE {$column} = " . (int) $to_value;
$result = $db->sql_query($sql);
$new_user_ids = array();
while ($row = $db->sql_fetchrow($result)) {
$new_user_ids[$row[$column]][] = (int) $row['user_id'];
}
$db->sql_freeresult($result);
$queries = array();
$extra_updates = array(0 => 'notify_status = 0', 1 => '');
foreach ($from_values as $from_value) {
foreach ($extra_updates as $notify_status => $extra_update) {
if (!isset($old_user_ids[$notify_status][$from_value])) {
continue;
}
if (empty($new_user_ids)) {
$sql = "UPDATE {$table}\n\t\t\t\t\tSET {$column} = " . (int) $to_value . "\n\t\t\t\t\tWHERE {$column} = '" . $db->sql_escape($from_value) . "'";
$queries[] = $sql;
} else {
$different_user_ids = array_diff($old_user_ids[$notify_status][$from_value], $new_user_ids[$to_value]);
if (!empty($different_user_ids)) {
$sql = "UPDATE {$table}\n\t\t\t\t\t\tSET {$column} = " . (int) $to_value . "\n\t\t\t\t\t\tWHERE {$column} = '" . $db->sql_escape($from_value) . "'\n\t\t\t\t\t\tAND " . $db->sql_in_set('user_id', $different_user_ids);
$queries[] = $sql;
}
if ($extra_update) {
$same_user_ids = array_diff($old_user_ids[$notify_status][$from_value], $different_user_ids);
if (!empty($same_user_ids)) {
$sql = "UPDATE {$table}\n\t\t\t\t\t\t\tSET {$extra_update}\n\t\t\t\t\t\t\tWHERE {$column} = '" . (int) $to_value . "'\n\t\t\t\t\t\t\tAND " . $db->sql_in_set('user_id', $same_user_ids);
$queries[] = $sql;
}
}
}
}
}
if (!empty($queries)) {
$db->sql_transaction('begin');
foreach ($queries as $sql) {
$db->sql_query($sql);
}
$sql = "DELETE FROM {$table}\n\t\t\tWHERE " . $db->sql_in_set($column, $from_values);
$db->sql_query($sql);
$db->sql_transaction('commit');
}
}
protected function execute(InputInterface $input, OutputInterface $output)
{
$sql = 'SELECT user_id, user_email, user_email_hash
FROM ' . USERS_TABLE . '
WHERE user_type <> ' . USER_IGNORE . "\n\t\t\t\tAND user_email <> ''";
$result = $this->db->sql_query($sql);
while ($row = $this->db->sql_fetchrow($result)) {
$user_email_hash = src_email_hash($row['user_email']);
if ($user_email_hash !== $row['user_email_hash']) {
$sql_ary = array('user_email_hash' => $user_email_hash);
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . (int) $row['user_id'];
$this->db->sql_query($sql);
if ($output->getVerbosity() >= OutputInterface::VERBOSITY_DEBUG) {
$output->writeln(sprintf('user_id %d, email %s => %s', $row['user_id'], $row['user_email'], $user_email_hash));
}
}
}
$this->db->sql_freeresult($result);
$output->writeln('<info>' . $this->user->lang('CLI_FIXUP_RECALCULATE_EMAIL_HASH_SUCCESS') . '</info>');
}
/**
* Mark this item read/unread helper
*
* @param bool $unread Unread (True/False) (Default: False)
* @param bool $return True to return a string containing the SQL code to update this item, False to execute it (Default: False)
* @return string|null If $return is False, nothing will be returned, else the sql code to update this item
*/
protected function mark($unread = true, $return = false)
{
$this->notification_read = (bool) (!$unread);
$where = array('notification_type_id = ' . (int) $this->notification_type_id, 'item_id = ' . (int) $this->item_id, 'user_id = ' . (int) $this->user_id);
$where = implode(' AND ', $where);
if ($return) {
return $where;
}
$sql = 'UPDATE ' . $this->notifications_table . '
SET notification_read = ' . (int) $this->notification_read . '
WHERE ' . $where;
$this->db->sql_query($sql);
}
/**
* Increments an integer config value directly in the database.
*
* Using this method instead of setting the new value directly avoids race
* conditions and unlike set_atomic it cannot fail.
*
* @param string $key The configuration option's name
* @param int $increment Amount to increment by
* @param bool $use_cache Whether this variable should be cached or if it
* changes too frequently to be efficiently cached.
*/
function increment($key, $increment, $use_cache = true)
{
if (!isset($this->config[$key])) {
$this->set($key, '0', $use_cache);
}
$sql_update = $this->db->cast_expr_to_string($this->db->cast_expr_to_bigint('config_value') . ' + ' . (int) $increment);
$this->db->sql_query('UPDATE ' . $this->table . '
SET config_value = ' . $sql_update . "\n\t\t\tWHERE config_name = '" . $this->db->sql_escape($key) . "'");
if ($use_cache) {
$this->cache->destroy('config');
}
$this->config[$key] += $increment;
}
/**
* Regenerate left/right ids from parent/child relationship
*
* This method regenerates the left/right ids for the tree based on
* the parent/child relations. This function executes three queries per
* item, so it should only be called, when the set has one of the following
* problems:
* - The set has a duplicated value inside the left/right id chain
* - The set has a missing value inside the left/right id chain
* - The set has items that do not have a left/right id set
*
* When regenerating the items, the items are sorted by parent id and their
* current left id, so the current child/parent relationships are kept
* and running the function on a working set will not change the order.
*
* @param int $new_id First left_id to be used (should start with 1)
* @param int $parent_id parent_id of the current set (default = 0)
* @param bool $reset_ids Should we reset all left_id/right_id on the first call?
* @return int $new_id The next left_id/right_id that should be used
*/
public function regenerate_left_right_ids($new_id, $parent_id = 0, $reset_ids = false)
{
if ($acquired_new_lock = $this->acquire_lock()) {
$this->db->sql_transaction('begin');
if (!$reset_ids) {
$sql = 'UPDATE ' . $this->table_name . '
SET ' . $this->column_item_parents . " = ''\n\t\t\t\t\t" . $this->get_sql_where('WHERE');
$this->db->sql_query($sql);
}
}
if ($reset_ids) {
$sql = 'UPDATE ' . $this->table_name . '
SET ' . $this->db->sql_build_array('UPDATE', array($this->column_left_id => 0, $this->column_right_id => 0, $this->column_item_parents => '')) . '
' . $this->get_sql_where('WHERE');
$this->db->sql_query($sql);
}
$sql = 'SELECT *
FROM ' . $this->table_name . '
WHERE ' . $this->column_parent_id . ' = ' . (int) $parent_id . '
' . $this->get_sql_where('AND') . '
ORDER BY ' . $this->column_left_id . ', ' . $this->column_item_id . ' ASC';
$result = $this->db->sql_query($sql);
while ($row = $this->db->sql_fetchrow($result)) {
// First we update the left_id for this module
if ($row[$this->column_left_id] != $new_id) {
$sql = 'UPDATE ' . $this->table_name . '
SET ' . $this->db->sql_build_array('UPDATE', array($this->column_left_id => $new_id)) . '
WHERE ' . $this->column_item_id . ' = ' . (int) $row[$this->column_item_id];
$this->db->sql_query($sql);
}
$new_id++;
// Then we go through any children and update their left/right id's
$new_id = $this->regenerate_left_right_ids($new_id, $row[$this->column_item_id]);
// Then we come back and update the right_id for this module
if ($row[$this->column_right_id] != $new_id) {
$sql = 'UPDATE ' . $this->table_name . '
SET ' . $this->db->sql_build_array('UPDATE', array($this->column_right_id => $new_id)) . '
WHERE ' . $this->column_item_id . ' = ' . (int) $row[$this->column_item_id];
$this->db->sql_query($sql);
}
$new_id++;
}
$this->db->sql_freeresult($result);
if ($acquired_new_lock) {
$this->db->sql_transaction('commit');
$this->lock->release();
}
return $new_id;
}
/**
* Obtain disallowed usernames
*/
function obtain_disallowed_usernames()
{
if (($usernames = $this->driver->get('_disallowed_usernames')) === false) {
$sql = 'SELECT disallow_username
FROM ' . DISALLOW_TABLE;
$result = $this->db->sql_query($sql);
$usernames = array();
while ($row = $this->db->sql_fetchrow($result)) {
$usernames[] = str_replace('%', '.*?', preg_quote(utf8_clean_string($row['disallow_username']), '#'));
}
$this->db->sql_freeresult($result);
$this->driver->put('_disallowed_usernames', $usernames);
}
return $usernames;
}
/**
* {@inheritdoc}
*/
public function unlink_account(array $link_data)
{
if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service']) {
return 'LOGIN_LINK_MISSING_DATA';
}
// Remove user specified in $link_data if possible
$user_id = isset($link_data['user_id']) ? $link_data['user_id'] : $this->user->data['user_id'];
// Remove the link
$sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_account_assoc . "\n\t\t\tWHERE provider = '" . $this->db->sql_escape($link_data['oauth_service']) . "'\n\t\t\t\tAND user_id = " . (int) $user_id;
$this->db->sql_query($sql);
// Clear all tokens belonging to the user on this servce
$service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']);
$storage = new \src\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table);
$storage->clearToken($service_name);
}
/**
* Deletes all words from the index
*/
public function delete_index($acp_module, $u_action)
{
switch ($this->db->get_sql_layer()) {
case 'sqlite':
case 'sqlite3':
$this->db->sql_query('DELETE FROM ' . SEARCH_WORDLIST_TABLE);
$this->db->sql_query('DELETE FROM ' . SEARCH_WORDMATCH_TABLE);
$this->db->sql_query('DELETE FROM ' . SEARCH_RESULTS_TABLE);
break;
default:
$this->db->sql_query('TRUNCATE TABLE ' . SEARCH_WORDLIST_TABLE);
$this->db->sql_query('TRUNCATE TABLE ' . SEARCH_WORDMATCH_TABLE);
$this->db->sql_query('TRUNCATE TABLE ' . SEARCH_RESULTS_TABLE);
break;
}
}
/**
* Collects stats that can be displayed on the index maintenance page
*/
protected function get_stats()
{
if ($this->index_created()) {
$sql = 'SELECT COUNT(post_id) as total_posts
FROM ' . POSTS_TABLE;
$result = $this->db->sql_query($sql);
$this->stats['total_posts'] = (int) $this->db->sql_fetchfield('total_posts');
$this->db->sql_freeresult($result);
$sql = 'SELECT COUNT(p.post_id) as main_posts
FROM ' . POSTS_TABLE . ' p, ' . SPHINX_TABLE . ' m
WHERE p.post_id <= m.max_doc_id
AND m.counter_id = 1';
$result = $this->db->sql_query($sql);
$this->stats['main_posts'] = (int) $this->db->sql_fetchfield('main_posts');
$this->db->sql_freeresult($result);
}
}
/**
* Insert/Update migration row into the database
*
* @param string $name Name of the migration
* @param array $state
* @return null
*/
protected function set_migration_state($name, $state)
{
$migration_row = $state;
$migration_row['migration_depends_on'] = serialize($state['migration_depends_on']);
if (isset($this->migration_state[$name])) {
$sql = 'UPDATE ' . $this->migrations_table . '
SET ' . $this->db->sql_build_array('UPDATE', $migration_row) . "\n\t\t\t\tWHERE migration_name = '" . $this->db->sql_escape($name) . "'";
$this->db->sql_query($sql);
} else {
$migration_row['migration_name'] = $name;
$sql = 'INSERT INTO ' . $this->migrations_table . '
' . $this->db->sql_build_array('INSERT', $migration_row);
$this->db->sql_query($sql);
}
$this->migration_state[$name] = $state;
$this->last_run_migration['state'] = $state;
}
/**
* Submit form, generate the email and send it
*
* @param \messenger $messenger
* @return null
*/
public function submit(\messenger $messenger)
{
if (!check_form_key('memberlist_email')) {
$this->errors[] = 'FORM_INVALID';
}
if (!sizeof($this->errors)) {
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_emailtime = ' . time() . '
WHERE user_id = ' . $this->user->data['user_id'];
$this->db->sql_query($sql);
if ($this->cc_sender && $this->user->data['is_registered']) {
$this->message->cc_sender();
}
$this->message->send($messenger, src_get_srcrd_contact($this->config, $this->phpEx));
meta_refresh(3, append_sid($this->src_root_path . 'index.' . $this->phpEx));
trigger_error($this->user->lang['EMAIL_SENT'] . '<br /><br />' . $this->get_return_message());
}
}
function get_excluded_forums()
{
static $forum_ids;
// Matches acp/acp_srcrd.php
$cache_name = 'feed_excluded_forum_ids';
if (!isset($forum_ids) && ($forum_ids = $this->cache->get('_' . $cache_name)) === false) {
$sql = 'SELECT forum_id
FROM ' . FORUMS_TABLE . '
WHERE ' . $this->db->sql_bit_and('forum_options', FORUM_OPTION_FEED_EXCLUDE, '<> 0');
$result = $this->db->sql_query($sql);
$forum_ids = array();
while ($forum_id = (int) $this->db->sql_fetchfield('forum_id')) {
$forum_ids[$forum_id] = $forum_id;
}
$this->db->sql_freeresult($result);
$this->cache->put('_' . $cache_name, $forum_ids);
}
return $forum_ids;
}
/**
* Wrapper for running queries to generate user feedback on updates
*
* @param string $sql SQL query to run on the database
* @return mixed Query result from db->sql_query()
*/
protected function sql_query($sql)
{
$this->queries[] = $sql;
$this->db->sql_return_on_error(true);
if ($sql === 'begin') {
$result = $this->db->sql_transaction('begin');
} else {
if ($sql === 'commit') {
$result = $this->db->sql_transaction('commit');
} else {
$result = $this->db->sql_query($sql);
if ($this->db->get_sql_error_triggered()) {
$this->errors[] = array('sql' => $this->db->get_sql_error_sql(), 'code' => $this->db->get_sql_error_returned());
}
}
}
$this->db->sql_return_on_error(false);
return $result;
}
/**
* Build Array for user insertion into custom profile fields table
*/
public function build_insert_sql_array($cp_data)
{
$sql_not_in = array();
foreach ($cp_data as $key => $null) {
$sql_not_in[] = strncmp($key, 'pf_', 3) === 0 ? substr($key, 3) : $key;
}
$sql = 'SELECT f.field_type, f.field_ident, f.field_default_value, l.lang_default_value
FROM ' . $this->fields_language_table . ' l, ' . $this->fields_table . ' f
WHERE l.lang_id = ' . $this->user->get_iso_lang_id() . '
' . (sizeof($sql_not_in) ? ' AND ' . $this->db->sql_in_set('f.field_ident', $sql_not_in, true) : '') . '
AND l.field_id = f.field_id';
$result = $this->db->sql_query($sql);
while ($row = $this->db->sql_fetchrow($result)) {
$profile_field = $this->type_collection[$row['field_type']];
$cp_data['pf_' . $row['field_ident']] = $profile_field->get_default_field_value($row);
}
$this->db->sql_freeresult($result);
return $cp_data;
}
/**
* Set topic visibility
*
* Allows approving (which is akin to undeleting/restore) or soft deleting an entire topic.
* Calls set_post_visibility as needed.
*
* Note: By default, when a soft deleted topic is restored. Only posts that
* were approved at the time of soft deleting, are being restored.
* Same applies to soft deleting. Only approved posts will be marked
* as soft deleted.
* If you want to update all posts, use the force option.
*
* @param $visibility int Element of {ITEM_APPROVED, ITEM_DELETED, ITEM_REAPPROVE}
* @param $topic_id mixed Topic ID to act on
* @param $forum_id int Forum where $topic_id is found
* @param $user_id int User performing the action
* @param $time int Timestamp when the action is performed
* @param $reason string Reason why the visibilty was changed.
* @param $force_update_all bool Force to update all posts within the topic
* @return array Changed topic data, empty array if an error occured.
*/
public function set_topic_visibility($visibility, $topic_id, $forum_id, $user_id, $time, $reason, $force_update_all = false)
{
if (!in_array($visibility, array(ITEM_APPROVED, ITEM_DELETED, ITEM_REAPPROVE))) {
return array();
}
if (!$force_update_all) {
$sql = 'SELECT topic_visibility, topic_delete_time
FROM ' . $this->topics_table . '
WHERE topic_id = ' . (int) $topic_id;
$result = $this->db->sql_query($sql);
$original_topic_data = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
if (!$original_topic_data) {
// The topic does not exist...
return array();
}
}
// Note, we do not set a reason for the posts, just for the topic
$data = array('topic_visibility' => (int) $visibility, 'topic_delete_user' => (int) $user_id, 'topic_delete_time' => (int) $time ?: time(), 'topic_delete_reason' => truncate_string($reason, 255, 255, false));
$sql = 'UPDATE ' . $this->topics_table . '
SET ' . $this->db->sql_build_array('UPDATE', $data) . '
WHERE topic_id = ' . (int) $topic_id;
$this->db->sql_query($sql);
if (!$this->db->sql_affectedrows()) {
return array();
}
if (!$force_update_all && $original_topic_data['topic_delete_time'] && $original_topic_data['topic_visibility'] == ITEM_DELETED && $visibility == ITEM_APPROVED) {
// If we're restoring a topic we only restore posts, that were soft deleted through the topic soft deletion.
$this->set_post_visibility($visibility, false, $topic_id, $forum_id, $user_id, $time, '', true, true, $original_topic_data['topic_visibility'], $original_topic_data['topic_delete_time']);
} else {
if (!$force_update_all && $original_topic_data['topic_visibility'] == ITEM_APPROVED && $visibility == ITEM_DELETED) {
// If we're soft deleting a topic we only mark approved posts as soft deleted.
$this->set_post_visibility($visibility, false, $topic_id, $forum_id, $user_id, $time, '', true, true, $original_topic_data['topic_visibility']);
} else {
$this->set_post_visibility($visibility, false, $topic_id, $forum_id, $user_id, $time, '', true, true);
}
}
return $data;
}
/**
* Module Remove
*
* Remove a module
*
* @param string $class The module class(acp|mcp|ucp)
* @param int|string|bool $parent The parent module_id|module_langname(0 for no parent).
* Use false to ignore the parent check and check class wide.
* @param int|string $module The module id|module_langname
* specify that here
* @return null
* @throws \src\db\migration\exception
*/
public function remove($class, $parent = 0, $module = '')
{
// Imitation of module_add's "automatic" and "manual" method so the uninstaller works from the same set of instructions for umil_auto
if (is_array($module)) {
if (isset($module['module_langname'])) {
// Manual Method
return $this->remove($class, $parent, $module['module_langname']);
}
// Failed.
if (!isset($module['module_basename'])) {
throw new \src\db\migration\exception('MODULE_NOT_EXIST');
}
// Automatic method
$basename = $module['module_basename'];
$module_info = $this->get_module_info($class, $basename);
foreach ($module_info['modes'] as $mode => $info) {
if (!isset($module['modes']) || in_array($mode, $module['modes'])) {
$this->remove($class, $parent, $info['title']);
}
}
} else {
if (!$this->exists($class, $parent, $module)) {
return;
}
$parent_sql = '';
if ($parent !== false) {
// Allows '' to be sent as 0
$parent = $parent ?: 0;
if (!is_numeric($parent)) {
$sql = 'SELECT module_id
FROM ' . $this->modules_table . "\n\t\t\t\t\t\tWHERE module_langname = '" . $this->db->sql_escape($parent) . "'\n\t\t\t\t\t\t\tAND module_class = '" . $this->db->sql_escape($class) . "'";
$result = $this->db->sql_query($sql);
$module_id = $this->db->sql_fetchfield('module_id');
$this->db->sql_freeresult($result);
// we know it exists from the module_exists check
$parent_sql = 'AND parent_id = ' . (int) $module_id;
} else {
$parent_sql = 'AND parent_id = ' . (int) $parent;
}
}
$module_ids = array();
if (!is_numeric($module)) {
$sql = 'SELECT module_id
FROM ' . $this->modules_table . "\n\t\t\t\t\tWHERE module_langname = '" . $this->db->sql_escape($module) . "'\n\t\t\t\t\t\tAND module_class = '" . $this->db->sql_escape($class) . "'\n\t\t\t\t\t\t{$parent_sql}";
$result = $this->db->sql_query($sql);
while ($module_id = $this->db->sql_fetchfield('module_id')) {
$module_ids[] = (int) $module_id;
}
$this->db->sql_freeresult($result);
} else {
$module_ids[] = (int) $module;
}
if (!class_exists('acp_modules')) {
include $this->src_root_path . 'includes/acp/acp_modules.' . $this->php_ext;
$this->user->add_lang('acp/modules');
}
$acp_modules = new \acp_modules();
$acp_modules->module_class = $class;
foreach ($module_ids as $module_id) {
$result = $acp_modules->delete_module($module_id);
if (!empty($result)) {
return;
}
}
$this->cache->destroy("_modules_{$class}");
}
}
/**
* Handles authentication when downloading attachments from a post or topic
*
* @param \src\db\driver\driver_interface $db The database object
* @param \src\auth\auth $auth The authentication object
* @param int $topic_id The id of the topic that we are downloading from
*
* @return null
*/
function src_download_handle_forum_auth($db, $auth, $topic_id)
{
$sql_array = array('SELECT' => 't.topic_visibility, t.forum_id, f.forum_name, f.forum_password, f.parent_id', 'FROM' => array(TOPICS_TABLE => 't', FORUMS_TABLE => 'f'), 'WHERE' => 't.topic_id = ' . (int) $topic_id . '
AND t.forum_id = f.forum_id');
$sql = $db->sql_build_query('SELECT', $sql_array);
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row && $row['topic_visibility'] != ITEM_APPROVED && !$auth->acl_get('m_approve', $row['forum_id'])) {
send_status_line(404, 'Not Found');
trigger_error('ERROR_NO_ATTACHMENT');
} else {
if ($row && $auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id'])) {
if ($row['forum_password']) {
// Do something else ... ?
login_forum_box($row);
}
} else {
send_status_line(403, 'Forbidden');
trigger_error('SORRY_AUTH_VIEW_ATTACH');
}
}
}
/**
* Moves an item up/down
*
* @param int $teampage_id teampage_id of the item to be moved
* @param int $delta number of steps:
* - positive = move up
* - negative = move down
* @return bool True if the group was moved successfully
*/
public function move_teampage($teampage_id, $delta)
{
$delta = (int) $delta;
if (!$delta) {
return false;
}
$move_up = $delta > 0 ? true : false;
$data = $this->get_teampage_values($teampage_id);
$current_value = (int) $data['teampage_position'];
if ($current_value != self::GROUP_DISABLED) {
$this->db->sql_transaction('begin');
if (!$move_up && $data['teampage_parent'] == self::NO_PARENT) {
// If we move items down, we need to grab the one sibling more,
// so we do not ignore the children of the previous sibling.
// We will remove the additional sibling later on.
$delta = abs($delta) + 1;
}
$sql = 'SELECT teampage_id, teampage_position
FROM ' . TEAMPAGE_TABLE . '
WHERE teampage_parent = ' . (int) $data['teampage_parent'] . '
AND teampage_position' . ($move_up ? ' < ' : ' > ') . $current_value . '
ORDER BY teampage_position' . ($move_up ? ' DESC' : ' ASC');
$result = $this->db->sql_query_limit($sql, $delta);
$sibling_count = 0;
$sibling_limit = $delta;
// Reset the delta, as we recalculate the new real delta
$delta = 0;
while ($row = $this->db->sql_fetchrow($result)) {
$sibling_count++;
$delta = $current_value - $row['teampage_position'];
// Remove the additional sibling we added previously
// But only, if we included it, this is not be the case
// when we reached the end of our list
if (!$move_up && $data['teampage_parent'] == self::NO_PARENT && $sibling_count == $sibling_limit) {
$delta++;
}
}
$this->db->sql_freeresult($result);
if ($delta) {
$sql = 'SELECT COUNT(teampage_id) as num_items
FROM ' . TEAMPAGE_TABLE . '
WHERE teampage_id = ' . (int) $teampage_id . '
OR teampage_parent = ' . (int) $teampage_id;
$result = $this->db->sql_query($sql);
$num_items = (int) $this->db->sql_fetchfield('num_items');
$this->db->sql_freeresult($result);
// First we move all items between our current value and the target value up/down 1,
// so we have a gap for our item to move.
$sql = 'UPDATE ' . TEAMPAGE_TABLE . '
SET teampage_position = teampage_position' . ($move_up ? ' + ' : ' - ') . $num_items . '
WHERE teampage_position' . ($move_up ? ' >= ' : ' <= ') . ($current_value - $delta) . '
AND teampage_position' . ($move_up ? ' < ' : ' > ') . $current_value . '
AND NOT (teampage_id = ' . (int) $teampage_id . '
OR teampage_parent = ' . (int) $teampage_id . ')';
$this->db->sql_query($sql);
$delta = !$move_up && $data['teampage_parent'] == self::NO_PARENT ? abs($delta) - ($num_items - 1) : abs($delta);
// And now finally, when we moved some other items and built a gap,
// we can move the desired item to it.
$sql = 'UPDATE ' . TEAMPAGE_TABLE . '
SET teampage_position = teampage_position ' . ($move_up ? ' - ' : ' + ') . $delta . '
WHERE teampage_id = ' . (int) $teampage_id . '
OR teampage_parent = ' . (int) $teampage_id;
$this->db->sql_query($sql);
$this->db->sql_transaction('commit');
$this->cache->destroy('sql', TEAMPAGE_TABLE);
return true;
}
$this->db->sql_transaction('commit');
}
$this->cache->destroy('sql', TEAMPAGE_TABLE);
return false;
}
/**
* Permission Unset
*
* Allows you to unset (remove) permissions for a certain group/role
*
* @param string $name The name of the role/group
* @param string|array $auth_option The auth_option or array of
* auth_options you would like to set
* @param string $type The type (role|group)
* @return null
* @throws \src\db\migration\exception
*/
public function permission_unset($name, $auth_option, $type = 'role')
{
if (!is_array($auth_option)) {
$auth_option = array($auth_option);
}
$to_remove = array();
$sql = 'SELECT auth_option_id
FROM ' . ACL_OPTIONS_TABLE . '
WHERE ' . $this->db->sql_in_set('auth_option', $auth_option);
$result = $this->db->sql_query($sql);
while ($row = $this->db->sql_fetchrow($result)) {
$to_remove[] = (int) $row['auth_option_id'];
}
$this->db->sql_freeresult($result);
if (empty($to_remove)) {
return;
}
$type = (string) $type;
// Prevent PHP bug.
switch ($type) {
case 'role':
$sql = 'SELECT role_id
FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\tWHERE role_name = '" . $this->db->sql_escape($name) . "'";
$this->db->sql_query($sql);
$role_id = (int) $this->db->sql_fetchfield('role_id');
if (!$role_id) {
throw new \src\db\migration\exception('ROLE_NOT_EXIST', $name);
}
$sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . '
WHERE ' . $this->db->sql_in_set('auth_option_id', $to_remove) . '
AND role_id = ' . (int) $role_id;
$this->db->sql_query($sql);
break;
case 'group':
$sql = 'SELECT group_id
FROM ' . GROUPS_TABLE . "\n\t\t\t\t\tWHERE group_name = '" . $this->db->sql_escape($name) . "'";
$this->db->sql_query($sql);
$group_id = (int) $this->db->sql_fetchfield('group_id');
if (!$group_id) {
throw new \src\db\migration\exception('GROUP_NOT_EXIST', $name);
}
// If the group has a role set for them we will remove the requested permissions from that role.
$sql = 'SELECT auth_role_id
FROM ' . ACL_GROUPS_TABLE . '
WHERE group_id = ' . $group_id . '
AND auth_role_id <> 0';
$this->db->sql_query($sql);
$role_id = (int) $this->db->sql_fetchfield('auth_role_id');
if ($role_id) {
$sql = 'SELECT role_name
FROM ' . ACL_ROLES_TABLE . '
WHERE role_id = ' . $role_id;
$this->db->sql_query($sql);
$role_name = $this->db->sql_fetchfield('role_name');
return $this->permission_unset($role_name, $auth_option, 'role');
}
$sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . '
WHERE ' . $this->db->sql_in_set('auth_option_id', $to_remove);
$this->db->sql_query($sql);
break;
}
$this->auth->acl_clear_prefetch();
}
/**
* Handle deleting avatars
*
* @param \src\db\driver\driver_interface $db src dbal
* @param \src\user $user src user object
* @param array $avatar_data Cleaned user data containing the user's
* avatar data
* @param string $table Database table from which the avatar should be deleted
* @param string $prefix Prefix of user data columns in database
* @return null
*/
public function handle_avatar_delete(\src\db\driver\driver_interface $db, \src\user $user, $avatar_data, $table, $prefix)
{
if ($driver = $this->get_driver($avatar_data['avatar_type'])) {
$driver->delete($avatar_data);
}
$result = $this->prefix_avatar_columns($prefix, self::$default_row);
$sql = 'UPDATE ' . $table . '
SET ' . $db->sql_build_array('UPDATE', $result) . '
WHERE ' . $prefix . 'id = ' . (int) $avatar_data['id'];
$db->sql_query($sql);
// Make sure we also delete this avatar from the users
if ($prefix === 'group_') {
$result = $this->prefix_avatar_columns('user_', self::$default_row);
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $result) . "\n\t\t\t\tWHERE user_avatar = '" . $db->sql_escape($avatar_data['avatar']) . "'";
$db->sql_query($sql);
}
}
