function user_Update($system, $record) { if (user_Validate($system, $record)) { $recID = intval(@$record['ugr_ID']); $rectype = $record['ugr_Type']; $is_registration = $rectype == 'user' && $recID < 1; if ($is_registration && $system->get_system('sys_AllowRegistration') == 0) { $system->addError(HEURIST_REQUEST_DENIED, 'Registration is not allowed for current database'); } else { if ($is_registration || $system->is_admin2($recID)) { //do not allow registration if approvement mail cannot be sent if ($is_registration) { if (false && !checkSmtp()) { $system->addError(HEURIST_SYSTEM_CONFIG, 'Error_Mail_Registration'); return false; } //check capture if (@$_SESSION["captcha_code"] && $_SESSION["captcha_code"] != @$record['ugr_Captcha']) { $system->addError(HEURIST_UNKNOWN_ERROR, 'Are you a bot? Please enter the correct answer to the challenge question'); return false; } if (@$_SESSION["captcha_code"]) { unset($_SESSION["captcha_code"]); } } if (@$record['ugr_Captcha']) { unset($record['ugr_Captcha']); } $mysqli = $system->get_mysqli(); $res = mysql__select_value($mysqli, "select ugr_ID from sysUGrps where ugr_Name='" . $mysqli->real_escape_string($record['ugr_Enabled']) . "' or ugr_eMail='" . $mysqli->real_escape_string($record['ugr_eMail']) . "'"); if ($res != $recID) { $system->addError(HEURIST_INVALID_REQUEST, 'The provided name or email already exists'); return false; } $is_approvement = false; //encrypt password $tmp_password = null; if ($rectype == 'user') { if (@$record['ugr_Password'] && $record['ugr_Password'] != '') { $tmp_password = $record['ugr_Password']; $record['ugr_Password'] = hash_it($tmp_password); } else { unset($record['ugr_Password']); } if ($system->get_user_id() < 1) { //not logged in - always disabled $record['ugr_Enabled'] = "n"; } if ("y" == @$record['ugr_Enabled']) { $is_approvement = user_isApprovement($system, $recID); } } $res = mysql__insertupdate($mysqli, "sysUGrps", "ugr", $record); if (is_numeric($res) > 0) { $new_recID = $res; //actions on complete if ($rectype == 'user') { $rv = true; if ($recID < 1 && $system->get_user_id() < 1) { $rv = user_EmailAboutNewUser($system, $new_recID); } else { if ($recID < 1 || $is_approvement) { $rv = user_EmailApproval($system, $new_recID, $tmp_password, $is_approvement); } } if (!$rv) { return false; } } else { if ($recID < 1) { //this is addition of new group //add current user as admin for new group //changeRole($recID, get_user_id(), "admin", null, false, true); } } return $res; //returns affected record id } else { $system->addError(HEURIST_DB_ERROR, 'Cannot update record in database', $res); } } else { $system->addError(HEURIST_REQUEST_DENIED, 'Operation denied. Not enough rights'); } } } else { //$system->addError(HEURIST_INVALID_REQUEST, "All required fields are not defined"); } return false; }
/** * insert/update tag * * @param mixed $system * @param mixed $tag - array [ ID, UGrpID, Text, Description, AddedByImport ] * * return false or new tag_ID */ function tagSave($system, $tag) { if (!@$tag['tag_Text']) { $system->addError(HEURIST_INVALID_REQUEST, "Text not defined"); return false; } $tag['tag_UGrpID'] = $system->is_admin2(@$tag['tag_UGrpID']); if (!$tag['tag_UGrpID']) { $system->addError(HEURIST_REQUEST_DENIED); return false; } else { if (intval(@$tag['tag_ID']) < 1) { $samename = tagGetByName($system, $tag['tag_Text'], false, $tag['tag_UGrpID']); if (count($samename) > 0) { $tag['tag_ID'] = $samename[0]; } } $res = mysql__insertupdate($system->get_mysqli(), "usrTags", "tag", $tag); if (is_numeric($res) && $res > 0) { return $res; //returns affected record id } else { $system->addError(HEURIST_DB_ERROR, 'Cannot update record in database', $res); return false; } } }
/** * Remove detail value for given set of records and detail type and values */ public function detailsDelete() { if (!$this->_validateParamsAndCounts()) { return false; } else { if (count(@$this->recIDs) == 0) { return $this->result_data; } } $dtyID = $this->data['dtyID']; $dtyName = @$this->data['dtyName'] ? "'" . $this->data['dtyName'] . "'" : "id:" . $this->data['dtyID']; $isDeleteAll = !array_key_exists("sVal", $this->data) || $this->data['sVal'] == ''; $mysqli = $this->system->get_mysqli(); $basetype = mysql__select_value($mysqli, 'select dty_Type from defDetailTypes where dty_ID = ' . $dtyID); switch ($basetype) { case "freetext": case "blocktext": case "enum": case "relationtype": case "float": case "integer": case "resource": case "date": $searchClause = $isDeleteAll ? '1' : "dtl_Value = \"" . $mysqli->real_escape_string($this->data['sVal']) . "\""; break; default: $this->system->addError(HEURIST_INVALID_REQUEST, "{$basetype} fields are not supported by deletion service"); return false; } //get array of required detail types per record type $rtyRequired = mysql__select_list($mysqli, "defRecStructure", "rst_RecTypeID", "rst_DetailTypeID = {$dtyID} and rst_RecTypeID in (" . implode(",", $this->rtyIDs) . ") and rst_RequirementType='required'"); $undefinedFieldsRecIDs = array(); //value not found $processedRecIDs = array(); //success $limittedRecIDs = array(); //it is npt possible to delete requried fields $sqlErrors = array(); $now = date('Y-m-d H:i:s'); $dtl = array('dtl_Modified' => $now); $rec_update = array('rec_ID' => 'to-be-filled', 'rec_Modified' => $now); $baseTag = "~delete field {$dtyName} {$now}"; foreach ($this->recIDs as $recID) { //get matching detail value for record if there is one $valuesToBeDeleted = mysql__select_list($mysqli, "recDetails", "dtl_ID", "dtl_RecID = {$recID} and dtl_DetailTypeID = {$dtyID} and {$searchClause}"); if ($valuesToBeDeleted == null && $mysqli->error) { $sqlErrors[$recID] = $mysqli->error; continue; } else { if ($valuesToBeDeleted == null || count($valuesToBeDeleted) == 0) { //not found array_push($undefinedFieldsRecIDs, $recID); continue; } } //validate if details can be deleted for required fields if (count($this->rtyIDs) > 1) { //get rectype for current record $rectype_ID = mysql__select_value($mysqli, 'select rec_RecTypeID from Records where rec_ID=' . $recID); } else { $rectype_ID = $this->rtyIDs[0]; } if (array_search($rectype_ID, $rtyRequired) !== FALSE) { //this is required field if (!$isDeleteAll) { //find total count $total_cnt = mysql__select_value($mysqli, "select count() from recDetails where " . " where dtl_RecID = {$recID} and dtl_DetailTypeID = {$dtyID}"); } if ($isDeleteAll || $total_cnt == count($valuesToBeDeleted)) { array_push($limittedRecIDs, $recID); continue; } } //delete the details $sql = 'delete from recDetails where dtl_ID in (' . implode(',', $valuesToBeDeleted) . ')'; if ($mysqli->query($sql) === TRUE) { array_push($processedRecIDs, $recID); //update record edit date $rec_update['rec_ID'] = $recID; $ret = mysql__insertupdate($mysqli, 'Records', 'rec', $rec_update); if (!is_numeric($ret)) { $sqlErrors[$recID] = 'Cannot update modify date. ' . $ret; } } else { $sqlErrors[$recID] = $mysqli->error; } } //for recors //assign special system tags $this->_assignTagsAndReport('processed', $processedRecIDs, $baseTag); $this->_assignTagsAndReport('undefined', $undefinedFieldsRecIDs, $baseTag); $this->_assignTagsAndReport('limitted', $limittedRecIDs, $baseTag); $this->_assignTagsAndReport('errors', $sqlErrors, $baseTag); return $this->result_data; }
/** * update record in import session table * * @param mixed $mysqli * @param mixed $imp_session */ function saveSession($mysqli, $imp_session) { $imp_id = mysql__insertupdate($mysqli, "sysImportSessions", "imp", array("imp_ID" => @$imp_session["import_id"], "ugr_id" => get_user_id(), "imp_table" => $imp_session["import_name"], "imp_session" => json_encode($imp_session))); if (intval($imp_id) < 1) { return "Cannot save session. SQL error:" . $imp_id; } else { $imp_session["import_id"] = $imp_id; return $imp_session; } }
/** * insert/update file * * @param mixed $system * @param mixed $file - array of fields (the same as in db) */ function fileSave($system, $file) { if (!$system->get_user_id()) { $system->addError(HEURIST_REQUEST_DENIED); return false; } else { if (!@$file['ulf_OrigFileName']) { $system->addError(HEURIST_INVALID_REQUEST, "Name of file not defined"); return false; } if (!(@$file['ulf_ExternalFileReference'] || @$file['ulf_FilePath'] && @$file['ulf_FileName'])) { $system->addError(HEURIST_INVALID_REQUEST, "Path or link to file not defined"); return false; } $isinsert = !@$file['ulf_ID']; if ($isinsert) { //insert $file['ulf_UploaderUGrpID'] = $system->get_user_id(); } $res = mysql__insertupdate($system->get_mysqli(), "recUploadedFiles", "ulf", $file); if (is_numeric($res) && $res > 0) { if ($isinsert) { //define obfuscation $file2 = array(); $file2['ulf_ID'] = $res; $file2['ulf_ObfuscatedFileID'] = addslashes(sha1($res . '.' . rand())); $res = mysql__insertupdate($system->get_mysqli(), "recUploadedFiles", "ulf", $file2); } return $res; //returns affected record id } else { $system->addError(HEURIST_DB_ERROR, 'Cannot update record in database', $res); return false; } } }
function makeDatabase() { global $newDBName, $isNewDB, $done, $isDefineNewDatabase, $dbTemplateName, $errorCreatingTables; $isTemplateDB = $dbTemplateName != null && $dbTemplateName != '0'; $dataInsertionSQLFile = null; $error = false; $warning = false; if (isset($_REQUEST['dbname'])) { // Check that there is a current administrative user who can be made the owner of the new database $message = "MySQL username and password have not been set in configIni.php " . "or heuristConfigIni.php<br/> - Please do so before trying to create a new database.<br>"; if (ADMIN_DBUSERNAME == "" || ADMIN_DBUSERPSWD == "") { errorOut($message); return false; } // checking for current administrative user if (!is_logged_in()) { //this is creation+registration $captcha_code = getUsrField('ugr_Captcha'); //check capture if (@$_SESSION["captcha_code"] && $_SESSION["captcha_code"] != $captcha_code) { errorOut('Are you a bot? Please enter the correct answer to the challenge question'); print '<script type="text/javascript">isRegdataEntered=false;</script>'; $isDefineNewDatabase = true; return false; } if (@$_SESSION["captcha_code"]) { unset($_SESSION["captcha_code"]); } $firstName = getUsrField('ugr_FirstName'); $lastName = getUsrField('ugr_LastName'); $eMail = getUsrField('ugr_eMail'); $name = getUsrField('ugr_Name'); $password = getUsrField('ugr_Password'); if ($firstName == '' || $lastName == '' || $eMail == '' || $name == '' || $password == '') { errorOut('Mandatory data for your registration profile (first and last name, email, password) are not completed. Please fill out registration form'); print '<script type="text/javascript">isRegdataEntered=false;</script>'; $isDefineNewDatabase = true; return false; } } // Create a new blank database $newDBName = trim($_REQUEST['uname']) . '_'; if ($newDBName == '_') { $newDBName = ''; } // don't double up underscore if no user prefix $newDBName = $newDBName . trim($_REQUEST['dbname']); $newname = HEURIST_DB_PREFIX . $newDBName; // all databases have common prefix then user prefix $list = mysql__getdatabases(); $list = array_map("arraytolower", $list); if (false && in_array(strtolower($newDBName), $list)) { errorOut('Warning: database "' . $newname . '" already exists. Please choose a different name'); $isDefineNewDatabase = true; return false; } //get path to registered db template and download coreDefinitions.txt $reg_url = @$_REQUEST['url_template']; $exemplar_db = @$_REQUEST['exemplar']; $name = ''; //user name if (true) { // For debugging: set to false to avoid real database creation if ($exemplar_db != null) { //from example db //1a. verify that sample dump exists $templateFoldersContent = HEURIST_DIR . "admin/setup/exemplars/" . $exemplar_db . '.zip'; if (!file_exists($templateFoldersContent) || filesize($templateFoldersContent) < 1) { errorOut('Sorry, unable to find the exemplar zip file (' . $templateFoldersContent . ')containing the database folders and SQL script.'); return false; } //1b. verify that sample dump can be extracted $exemplar_dir = HEURIST_DIR . "admin/setup/exemplars/"; $exemplar_dir = str_replace('//', '/', $exemplar_dir); $dataInsertionSQLFile = HEURIST_FILESTORE_DIR . 'scratch/' . $exemplar_db . ".sql"; if (!file_exists($dataInsertionSQLFile) || filesize($templateFoldersContent) < 0) { //extract dump from archive unzip($templateFoldersContent, HEURIST_FILESTORE_DIR . 'scratch/', $exemplar_db . '.sql'); if (!file_exists($dataInsertionSQLFile) || filesize($dataInsertionSQLFile) < 0) { errorOut('Sorry, unable to extract the database script "' . $exemplar_db . '.sql" from the zipped file "' . $templateFoldersContent . '". This may be due to incorrect permissions on the program code - please consult your system administrator.'); return false; } } //2. create empty database if (!db_create($newname)) { errorOut('Sorry, unable to create new database ' . $newname); return false; } //3. restore from dump if (!db_script($newname, $dataInsertionSQLFile)) { errorOut('Error importing sample data from ' . $dataInsertionSQLFile); cleanupNewDB($newname); return false; } $dataInsertionSQLFile = null; } else { //$exemplar_db // this is global variable that is used in buildCrosswalks.php $templateFileName = "NOT DEFINED"; $templateFoldersContent = "NOT DEFINED"; if ($reg_url) { // getting definitions from an external registered database $nouse_proxy = true; $isTemplateDB = true; $data = loadRemoteURLContent($reg_url, $nouse_proxy); //without proxy $resval = isDefinitionsInvalid($data); if ($resval) { if (defined("HEURIST_HTTP_PROXY")) { $nouse_proxy = false; $data = loadRemoteURLContent($reg_url, $nouse_proxy); //with proxy $resval = isDefinitionsInvalid($data); if ($resval) { $data = null; } } else { $data = null; } } if ($resval) { errorOut("Error importing core definitions from template database {$reg_url} for database {$newname}<br>" . $resval . '<br>Please check whether this database is valid; consult Heurist support if needed'); return false; } //save data into file if (defined('HEURIST_SETTING_DIR')) { $templateFileName = HEURIST_SETTING_DIR . get_user_id() . '_dbtemplate.txt'; } else { $templateFileName = HEURIST_UPLOAD_ROOT . '0_dbtemplate.txt'; } $res = file_put_contents($templateFileName, $data); if (!$res) { errorOut('Error: cannot save definitions from template database into local file.' . ' Please verify that folder ' . (defined('HEURIST_SETTING_DIR') ? HEURIST_SETTING_DIR : HEURIST_UPLOAD_ROOT) . ' is writeable'); return false; } //download content of some folder from template database ====================== $reg_url = str_replace("getDBStructureAsSQL", "getDBFoldersForNewDB", $reg_url); //replace to other script $data = loadRemoteURLContent($reg_url, $nouse_proxy); //with proxy if ($data) { if (defined('HEURIST_SETTING_DIR')) { $templateFoldersContent = HEURIST_SETTING_DIR . get_user_id() . '_dbfolders.zip'; } else { $templateFoldersContent = HEURIST_UPLOAD_ROOT . '0_dbfolders.zip'; } $res = file_put_contents($templateFoldersContent, $data); if (!$res) { errorOut('Warning: cannot save content of settings folders from template database into local file. ' . ' Please verify that folder ' . (defined('HEURIST_SETTING_DIR') ? HEURIST_SETTING_DIR : HEURIST_UPLOAD_ROOT) . ' is writeable'); return false; } } else { errorOut('Warning: server does not return the content of settings folders from template database. ' . 'Please ask system adminstrator to verify that zip extension on remote server is installed and that upload folder is writeable'); return false; } // Example database: download data to insert into new database ================================= if ($dbTemplateName != '1') { // TODO: Artem: correct way is the donwloading data from sample database, however at the moment it is included into code. Ian: NASAT - would exposes databases to easy harvesting, but potentially OK as long as data marked public // $dbTemplateNsme is the name of the database which is used to populate the example database, the corresponding data file has the same name with _data.sql appended $dataInsertionSQLFile = HEURIST_DIR . "admin/setup/dbcreate/" . $dbTemplateName . "_data.sql"; if (!file_exists($dataInsertionSQLFile)) { errorOut('Warning: cannot find sample data file in code ' . $dataInsertionSQLFile); return false; } } } else { if ($isTemplateDB) { errorOut('Wrong parameters: Template database is not defined.'); return false; } else { $templateFileName = HEURIST_DIR . "admin/setup/dbcreate/coreDefinitions.txt"; } } if (!file_exists($templateFileName)) { errorOut('Error: template database structure file ' . $templateFileName . ' not found'); return false; } if (!createDatabaseEmpty($newDBName)) { $isDefineNewDatabase = true; return false; } // Run buildCrosswalks to import minimal definitions from coreDefinitions.txt into the new DB // yes, this is badly structured, but it works - if it ain't broke ... $isNewDB = true; // flag of context for buildCrosswalks, tells it to use coreDefinitions.txt require_once dirname(__FILE__) . '/../../structure/import/buildCrosswalks.php'; // errorCreatingTables is set to true by buildCrosswalks if an error occurred if ($errorCreatingTables) { errorOut('Error importing core definitions from ' . ($isTemplateDB ? "template database" : "coreDefinitions.txt") . ' for database ' . $newname . '<br>' . 'Please check whether this file or database is valid; consult Heurist support if needed'); cleanupNewDB($newname); return false; } } //not $exemplar_db // Get and clean information for the user creating the database if (!is_logged_in()) { // getUsrField sanitises data entered $longName = ""; $firstName = getUsrField('ugr_FirstName'); $lastName = getUsrField('ugr_LastName'); $eMail = getUsrField('ugr_eMail'); $name = getUsrField('ugr_Name'); $password = getUsrField('ugr_Password'); $department = getUsrField('ugr_Department'); $organisation = getUsrField('ugr_Organisation'); $city = getUsrField('ugr_City'); $state = getUsrField('ugr_State'); $postcode = getUsrField('ugr_Postcode'); $interests = getUsrField('ugr_Interests'); $ugr_IncomingEmailAddresses = getUsrField('ugr_IncomingEmailAddresses'); $ugr_TargetEmailAddresses = getUsrField('ugr_TargetEmailAddresses'); $ugr_URLs = getUsrField('ugr_URLs'); $s = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./'; $salt = $s[rand(0, strlen($s) - 1)] . $s[rand(0, strlen($s) - 1)]; $password = crypt($password, $salt); } else { mysql_connection_insert(DATABASE); $query = mysql_query('SELECT ugr_LongName, ugr_FirstName, ugr_LastName, ugr_eMail, ugr_Name, ugr_Password, ' . 'ugr_Department, ugr_Organisation, ugr_City, ugr_State, ugr_Postcode, ugr_Interests, ' . 'ugr_IncomingEmailAddresses, ugr_TargetEmailAddresses, ugr_URLs ' . 'FROM sysUGrps WHERE ugr_ID=' . get_user_id()); $details = mysql_fetch_row($query); $longName = mysql_real_escape_string($details[0]); $firstName = mysql_real_escape_string($details[1]); $lastName = mysql_real_escape_string($details[2]); $eMail = mysql_real_escape_string($details[3]); $name = mysql_real_escape_string($details[4]); $password = mysql_real_escape_string($details[5]); $department = mysql_real_escape_string($details[6]); $organisation = mysql_real_escape_string($details[7]); $city = mysql_real_escape_string($details[8]); $state = mysql_real_escape_string($details[9]); $postcode = mysql_real_escape_string($details[10]); $interests = mysql_real_escape_string($details[11]); $ugr_IncomingEmailAddresses = mysql_real_escape_string($details[12]); $ugr_TargetEmailAddresses = mysql_real_escape_string($details[13]); $ugr_URLs = mysql_real_escape_string($details[14]); } // todo: code location of upload directory into sysIdentification, remove from edit form (should not be changed) // todo: might wish to control ownership rather than leaving it to the O/S, although this works well at present createDatabaseFolders($newDBName); if (file_exists($templateFoldersContent) && filesize($templateFoldersContent) > 0) { //override content of setting folders with template database files - rectype icons, smarty templates etc unzip($templateFoldersContent, HEURIST_UPLOAD_ROOT . $newDBName . "/"); } // Prepare to write to the newly created database mysql_connection_insert($newname); // Make the current user the owner and admin of the new database $res = mysql_query('UPDATE sysUGrps SET ugr_Enabled="Y", ugr_LongName="' . $longName . '", ugr_FirstName="' . $firstName . '", ugr_LastName="' . $lastName . '", ugr_eMail="' . $eMail . '", ugr_Name="' . $name . '", ugr_Password="******", ugr_Department="' . $department . '", ugr_Organisation="' . $organisation . '", ugr_City="' . $city . '", ugr_State="' . $state . '", ugr_Postcode="' . $postcode . '", ugr_IncomingEmailAddresses="' . $ugr_IncomingEmailAddresses . '", ugr_TargetEmailAddresses="' . $ugr_TargetEmailAddresses . '", ugr_URLs="' . $ugr_URLs . '", ugr_interests="' . $interests . '" WHERE ugr_ID=2'); if (!$res) { ?> <b>Warning: Failed to make the current user the owner and admin of the new database, error:</b> <?php print mysql_error(); } // Add the default navigation tree for the DATABASE MANAGERS group (user #1). This is copied from the Heurist_Core_Definitions database} $navTree = '{"expanded":true,"key":"root_3","title":"root","children":[{"expanded":true,"folder":true,"key":"_6","title":"Recent changes","children":[{"folder":false,"key":"19","title":"Recent changes (last week)","data":{"isfaceted":false}},{"folder":false,"key":"20","title":"Recent changes (last month)","data":{"isfaceted":false}},{"folder":false,"key":"21","title":"Recent changes (last year)","data":{"isfaceted":false}},{"folder":false,"key":"14","title":"All (most recent first)","data":{"isfaceted":false}}]},{"expanded":true,"folder":true,"key":"_1","title":"Specific types","children":[{"key":"27","title":"Bibliographic records","data":{"isfaceted":false}},{"key":"28","title":"Organisations","data":{"isfaceted":false}},{"key":"29","title":"People","data":{"isfaceted":false}},{"key":"30","title":"Media items","data":{"isfaceted":false}},{"expanded":true,"folder":true,"key":"_5","title":"Facet searches","children":[{"key":"25","title":"Persons","data":{"isfaceted":true}},{"key":"26","title":"Organisations","data":{"isfaceted":true}},{"expanded":true,"folder":true,"key":"_1","title":"Facet searches with rules","children":[{"key":"31","title":"Persons with related recs","data":{"isfaceted":true}}]}]}]},{"expanded":true,"folder":true,"key":"_5","title":"Experiments","children":[{"key":"24","title":"Mapping (layers, data sources)","data":{"isfaceted":false}}]}]}'; $res = mysql__insertupdate($newname, 'sysUGrps', 'ugr', array('ugr_ID' => 1, 'ugr_NavigationTree' => $navTree)); if (!is_int($res)) { print '<b>Warning: Failed to copy navigation tree for user (group) 1 (DB Managers) to new database, error:</b>' . $res; } // Add the default navigation tree for the DATABASE OWNER (user #2). This is copied from the Heurist_Core_Definitions database} $navTree = '"bookmark":{"expanded":true,"key":"root_1","title":"root","children":[{"folder":false,"key":"_1","title":"Recent changes","data":{"url":"?w=bookmark&q=sortby:-m after:\\"1 week ago\\"&label=Recent changes"}},{"folder":false,"key":"_2","title":"All (date order)","data":{"url":"?w=bookmark&q=sortby:-m&label=All records"}}]},"all":{"expanded":true,"key":"root_2","title":"root","children":[{"folder":false,"key":"_3","title":"Recent changes","data":{"url":"?w=all&q=sortby:-m after:\\"1 week ago\\"&label=Recent changes"}},{"folder":false,"key":"_4","title":"All (date order)","data":{"url":"?w=all&q=sortby:-m&label=All records"}},{"folder":true,"key":"_5","title":"Rules","children":[{"folder":false,"key":"12","title":"Person > anything they created","data":{"isfaceted":false}},{"folder":false,"key":"13","title":"Organisation > Assoc. places","data":{"isfaceted":false}}]}]}'; $res = mysql__insertupdate($newname, 'sysUGrps', 'ugr', array('ugr_ID' => 2, 'ugr_NavigationTree' => $navTree)); if (!is_int($res)) { print '<b>Warning: Failed to copy navigation tree for user 2 (DB Owner) to new database, error:</b>' . $res; } // email the system administrator to tell them a new database has been created user_EmailAboutNewDatabase($name, $firstName . ' ' . $lastName, $organisation, $eMail, $newDBName, $interests); } if ($dataInsertionSQLFile != null && file_exists($dataInsertionSQLFile)) { if (!db_script($newname, $dataInsertionSQLFile)) { errorOut('Error importing sample data from ' . $dataInsertionSQLFile); } } ?> <div style='padding:0px 0 10px 0; font-size:larger;'> <h2 style='padding-bottom:10px'>Congratulations, your new database [ <?php echo $newDBName; ?> ] has been created</h2> <?php if (@$_REQUEST['db'] != '' && @$_REQUEST['db'] != null) { ?> <p style="padding-left:10px"><strong>Admin username:</strong> <?php echo $name; ?> </p> <p style="padding-left:10px"><strong>Admin password:</strong> <<i>same as the account you are currently logged in as</i>></p> <?php } ?> <p style="padding-left:10px">Log into your new database with the following link:</p> <p style="padding-left:6em"><b><a href="<?php echo HEURIST_BASE_URL . "?db=" . $newDBName; ?> " title="" onclick="{closeDialog()}" target="blank"> <?php echo HEURIST_BASE_URL . "?db=" . $newDBName; ?> </a></b> <i>(we suggest bookmarking this link)</i></p> <p style="padding-left:6em"> After logging in to your new database, we suggest you import some additional entity types from one of the<br /> curated Heurist databases, or from one of the other databases listed in the central database catalogue,<br /> using Database > Structure > Acquire from Databases <!--or Database > Structure > Acquire from Templates --> </p> </div> <?php // TODO: automatically redirect to the new database in a new window // this is a point at which people tend to get lost return false; } // isset }
/** * Save saved searches tree data into sysUGrps */ function svsSaveTreeData($system, $data) { $mysqli = $system->get_mysqli(); $groups = json_decode($data, true); $personal_data = array(); $ugrID = $system->get_user_id(); $ugr_groups = $system->get_user_group_ids(); $lastID = null; foreach ($groups as $id => $treedata) { if ($id == "bookmark" || $id == "all") { array_push($personal_data, '"' . $id . '":' . json_encode($treedata)); } else { if (in_array($id, $ugr_groups)) { //check date of modification $res = mysql__insertupdate($mysqli, 'sysUGrps', 'ugr', array('ugr_ID' => $id, 'ugr_NavigationTree' => json_encode($treedata))); if (!is_int($res)) { $system->addError(HEURIST_DB_ERROR, 'Cannot update navigation tree (personal) on server sode', $res); return false; } $lastID = $id; } } } if (count($personal_data) > 0) { $res = mysql__insertupdate($mysqli, 'sysUGrps', 'ugr', array('ugr_ID' => $ugrID, 'ugr_NavigationTree' => implode(',', $personal_data))); if (!is_int($res)) { $system->addError(HEURIST_DB_ERROR, 'Cannot update navigation tree (personal) on server sode', $res); return false; } $lastID = $ugrID; } if ($lastID > 0) { //get modification time $date = mysql__select_value($mysqli, 'SELECT `ugr_Modified` FROM `sysUGrps` WHERE ugr_ID=' . $lastID); return $date; } $system->addError(HEURIST_INVALID_REQUEST, 'No data provided to update tree on server side'); return false; }