Example #1
0
 /**
  * @param       int     ID          ID der MySQL-Verbindung
  * @param       string  adminmail   Mailadresses des Admins fuer Fehlermeldung
  * @param       bool    show_error  Fehlermeldungen anzeigen
  * @return      void
  * @deprecated  Konstruktor
  **/
 function NestedSetDb($ID, $tablename, $show_error = TRUE)
 {
     $this->linkId = $ID;
     $this->showError = true;
     $this->adminmail = $adminmail;
     $this->db =& sYDB();
     $this->tablename = $tablename;
 }
Example #2
0
 /**
  * Sets the current version of the yeager cms
  *
  * @param $version
  * @return bool TRUE on success or FALSE in case of an error
  */
 function setVersion($version)
 {
     $version = str_pad($version, 5, '0', STR_PAD_RIGHT);
     // Set current version
     $sql = "UPDATE `yg_version` SET VERSION = ?;";
     $result = sYDB()->Execute($sql, $version);
     if ($result) {
         // Set property 'current_version'
         $this->current_version = $version;
         $this->current_version_string = prettifyVersionString(implode('.', preg_split('#(?<=.)(?=.)#s', $version)));
         return true;
     } else {
         return false;
     }
 }
Example #3
0
 public function onRender()
 {
     $action = sApp()->request->parameters['action'];
     if ($action == "insert") {
         $title = sYDB()->escape_string(sApp()->request->parameters['title']);
         $author = sYDB()->escape_string(sApp()->request->parameters['author']);
         $date = time();
         $tablename = "yg_ext_" . $this->_code . "_exampletable";
         $sql = "INSERT INTO {$tablename} \n\t\t\t\t\t(title, author, creation) VALUES \n\t\t\t\t\t(?, ?, ?);";
         $dbr = sYDB()->Execute($sql, $title, $author, $date);
         if ($dbr === false) {
             throw new \Exception(sYDB()->ErrorMsg());
             return false;
         } else {
             echo "SUCCESS";
             die;
         }
     }
 }
Example #4
0
 /**
  * Sets the default Navigation
  *
  * @param int $templateId Template Id
  * @param string $code Navigation code
  * @return bool TRUE on success or FALSE in case of an error
  */
 function setDefaultNavi($templateId, $code)
 {
     if (sUsergroups()->permissions->check($this->_uid, 'RTEMPLATES')) {
         $templateId = (int) $templateId;
         $code = sYDB()->escape_string(sanitize($code));
         $sql = "UPDATE yg_templates_navis SET `DEFAULT` = 0 WHERE (TEMPLATE = ?) AND (CODE <> ?);";
         sYDB()->Execute($sql, $templateId, $code);
         $sql = "UPDATE yg_templates_navis SET `DEFAULT` = 1 WHERE (TEMPLATE = ?) AND (CODE = ?);";
         sYDB()->Execute($sql, $templateId, $code);
         return true;
     } else {
         return false;
     }
 }
Example #5
0
 /**
  * Gets n last History entries
  *
  * @param int $max (optional) Maximum number of entries
  * @param string|array $text (optional) One or multiple text filters
  * @return array List of History entries
  * @throws Exception
  */
 function getLastChanges($max = 8, $text = '')
 {
     $max = (int) $max;
     $tmpTableName = 'TMP_' . strtoupper(sApp()->request->parameters['us']) . '_' . rand() . '_HISTORY';
     $sql = "DROP TEMPORARY TABLE IF EXISTS `{$tmpTableName}`;";
     $result = sYDB()->Execute($sql);
     if ($result === false) {
         throw new Exception(sYDB()->ErrorMsg());
     }
     $sql = "CREATE TEMPORARY TABLE `{$tmpTableName}` (\n\t\t\t\t\t`ID` int(11) NOT NULL,\n\t\t\t\t\t`SOURCEID` varchar(20) NOT NULL,\n\t\t\t\t\t`OID` int(11) NOT NULL DEFAULT '0',\n\t\t\t\t\t`DATETIME` int(11) DEFAULT NULL,\n\t\t\t\t\t`TEXT` text NOT NULL,\n\t\t\t\t\t`UID` int(11) NOT NULL DEFAULT '0',\n\t\t\t\t\t`TYPE` int(11) NOT NULL,\n\t\t\t\t\t`TARGETID` int(11) NOT NULL,\n\t\t\t\t\t`OLDVALUE` text NOT NULL,\n\t\t\t\t\t`NEWVALUE` text NOT NULL,\n\t\t\t\t\t`SITEID` int(11) NOT NULL,\n\t\t\t\t\t`FROM` int(11) DEFAULT '0',\n\t\t\t\t\t`TYPE_OID` int(11) DEFAULT NULL,\n\t\t\t\t\tPRIMARY KEY (`ID`),\n\t\t\t\t\tKEY `OID` (`OID`)\n\t\t\t\t);";
     $result = sYDB()->Execute($sql);
     if ($result === false) {
         throw new Exception(sYDB()->ErrorMsg());
     }
     $sqlargs = array();
     if (!is_array($text) && strlen($text) > 1) {
         $wheresql .= "TEXT=?";
         array_push($sqlargs, $text);
     } else {
         if (is_array($text) && count($text) > 0) {
             for ($t = 0; $t < count($text); $t++) {
                 $wheresql .= "TEXT = ? ";
                 array_push($sqlargs, $text[$t]);
                 if ($t < count($text) - 1) {
                     $wheresql .= " OR ";
                 }
             }
         } else {
             $wheresql .= "1";
         }
     }
     if ($this->_sourceid != "") {
         $sourcesql = "AND SOURCEID = ?";
         array_push($sqlargs, $this->_sourceid);
     }
     $sql = "INSERT INTO `{$tmpTableName}`\n\t\t\t\tSELECT\n\t\t\t\t\t*,\n\t\t\t\t\t((TYPE *1000000) + OID) AS `TYPE_OID`\n\t\t\t\tFROM " . $this->_table . "\n\t\t\t\tWHERE {$wheresql} {$sourcesql}\n\t\t\t\tORDER BY `DATETIME` DESC\n\t\t\t\tLIMIT 0, 2000;";
     array_unshift($sqlargs, $sql);
     $dbr = call_user_func_array(array(sYDB(), 'Execute'), $sqlargs);
     if ($dbr === false) {
         throw new Exception(sYDB()->ErrorMsg());
     }
     // Get folder for embedded cblocks
     $embeddedCblockFolder = (int) sConfig()->getVar('CONFIG/EMBEDDED_CBLOCKFOLDER');
     // Remove all embedded Cblocks from temporary table
     $sql = "DELETE\n\t\t\t\tFROM\n\t\t\t\t\t`{$tmpTableName}`\n\t\t\t\tUSING\n\t\t\t\t\t`{$tmpTableName}`\n\t\t\t\tINNER JOIN\n\t\t\t\t\t`yg_contentblocks_tree`\n\t\t\t\tWHERE\n\t\t\t\t\t(`{$tmpTableName}`.OID = `yg_contentblocks_tree`.ID) AND\n\t\t\t\t\t(`yg_contentblocks_tree`.PARENT = " . $embeddedCblockFolder . ") AND\n\t\t\t\t\t(TYPE = " . HISTORYTYPE_CO . ");";
     $result = sYDB()->Execute($sql);
     if ($result === false) {
         throw new Exception(sYDB()->ErrorMsg());
     }
     $sql = "SELECT *, (SELECT\n\t\t\t\t\t\tMAX(`DATETIME`)\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . $this->_table . " AS `h2`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`h2`.`OID` = `lft`.`OID`) AS `MAXDATETIME`\n\t\t\t\tFROM `{$tmpTableName}` AS `lft`\n\t\t\t\tGROUP BY `TYPE_OID`\n\t\t\t\tORDER BY `DATETIME` DESC\n\t\t\t\tLIMIT 0, {$max};";
     $result = sYDB()->Execute($sql);
     if ($result === false) {
         throw new Exception(sYDB()->ErrorMsg());
     }
     $resultarray = $result->GetArray();
     for ($i = 0; $i < count($resultarray); $i++) {
         $oid = $resultarray[$i]['OID'];
         $rread = false;
         if ($this->permissions == NULL) {
             if ($resultarray[$i]['SITEID'] && $resultarray[$i]['TYPE'] == HISTORYTYPE_PAGE) {
                 $tmpPageMgr = new PageMgr($resultarray[$i]['SITEID']);
                 if ($tmpPageMgr->permissions->checkInternal($this->_uid, $oid, "RREAD")) {
                     $rread = true;
                 }
             }
             if ($resultarray[$i]['TYPE'] == HISTORYTYPE_CO) {
                 if (sCblockMgr()->permissions->checkInternal($this->_uid, $oid, "RREAD")) {
                     $rread = true;
                 }
             }
             if ($resultarray[$i]['TYPE'] == HISTORYTYPE_FILE) {
                 if (sFileMgr()->permissions->checkInternal($this->_uid, $oid, "RREAD")) {
                     $file = sFileMgr()->getFile($oid);
                     if ($file) {
                         $fileinfo = $file->get();
                         if ($fileinfo["FOLDER"] == 0) {
                             $rread = true;
                         }
                     }
                 }
             }
         } else {
             if ($this->permissions->checkInternal($this->_uid, $oid, "RREAD")) {
                 $rread = true;
             }
         }
         if ($rread) {
             if ($resultarray[$i]['TYPE'] == HISTORYTYPE_CO) {
                 $tmpCblock = sCblockMgr()->getCblock($resultarray[$i]['OID']);
                 if ($tmpCblock) {
                     $tmpCblockInfo = $tmpCblock->get();
                     $embeddedCblockFolder = (int) sConfig()->getVar("CONFIG/EMBEDDED_CBLOCKFOLDER");
                     if ($tmpCblockInfo['PARENT'] != $embeddedCblockFolder) {
                         $ra[] = $resultarray[$i];
                     }
                 }
             } else {
                 $ra[] = $resultarray[$i];
             }
         }
     }
     return $ra;
 }
Example #6
0
 /**
  * Gets Locks for the specific Token
  *
  * @param string $token Lock Token
  * @return array Array of File Locks
  * @throws Exception
  */
 public function getLocksByToken($token)
 {
     $token = sYDB()->escape_string($token);
     if ($token == "") {
         return false;
     }
     $sql = "SELECT OBJECTID, LOCKED, TOKEN FROM yg_files_properties WHERE TOKEN = ?;";
     $dbr = sYDB()->Execute($sql, $token);
     if ($dbr === false) {
         throw new Exception(sYDB()->ErrorMsg() . ":: " . $sql);
     }
     $ra = $dbr->GetArray();
     return $ra;
 }
Example #7
0
 /**
  * Checks if a specified job has been locked
  *
  * @param int $jobId Scheduler job Id
  * @return bool TRUE if the job is locked or FALSE if not
  * @throws Exception
  */
 function isLocked($jobId)
 {
     $jobId = (int) $jobId;
     $sql = "SELECT IS_FREE_LOCK('scheduler_lock_" . $jobId . "') AS IS_LOCKED;";
     $result = sYDB()->Execute($sql);
     if ($result === false) {
         throw new Exception(sYDB()->ErrorMsg());
     }
     $resultarray = $result->GetArray();
     if ($resultarray[0]['IS_LOCKED'] == 1) {
         return false;
     } else {
         return true;
     }
 }
Example #8
0
 /**
  * Gets list of all Properties for the Object
  *
  * @param string $order (optional) "ORDER BY" SQL clause
  * @param string $identifier (optional) Filters by identifier
  * @return array Array Properties
  */
 function getList($order = 'NAME', $identifier)
 {
     $identifier = sYDB()->escape_string($identifier);
     $order = sYDB()->escape_string(sanitize($order));
     if (strlen($identifier) > 0) {
         $identifier = "%" . $identifier . "%";
         $prefix_sql = " (IDENTIFIER like ?)  ";
     } else {
         $prefix_sql = "1";
     }
     $sql = "SELECT NAME, READONLY, ID, IDENTIFIER, VISIBLE, TYPE FROM " . $this->_table . " WHERE 1 AND {$prefix_sql} ORDER BY `{$order}`;";
     if (strlen($identifier) > 0) {
         $resultarray = $this->cacheExecuteGetArray($sql, "%" . $identifier . "%");
     } else {
         $resultarray = $this->cacheExecuteGetArray($sql);
     }
     return $resultarray;
 }
Example #9
0
 /**
  * Sets version of the Views of this File
  *
  * @param int $version View version
  * @return bool TRUE on success or FALSE in case of an error
  */
 public function setViewVersion($version)
 {
     $mo = (int) $this->_id;
     if ($this->permissions->checkInternal($this->_uid, $mo, "RWRITE")) {
         $version = (int) $version;
         if (!$version) {
             $version = (int) $this->getVersion();
         }
         $sql = "UPDATE yg_files_properties SET VIEWVERSION = ? WHERE (OBJECTID = ?) AND VERSION = ?;";
         $result = sYDB()->Execute($sql, $version, $mo, $version);
         if ($result === false) {
             throw new Exception(sYDB()->ErrorMsg());
         }
     } else {
         return false;
     }
 }
Example #10
0
 /**
  * Searches for a single User by email address
  *
  * @param string $email Email to search for
  * @param bool $exact TRUE if an exact search should be performed
  * @return array|false Array containing User information or FALSE in case of an error
  */
 function getByEmail($email, $exact = false)
 {
     if (sUsergroups()->permissions->check($this->_uid, 'RUSERS')) {
         $email = sYDB()->escape_string(sanitize($email));
         if ($exact !== true) {
             $email = "%" . $email . "%";
         }
         if (strlen($email) > 0) {
             $sql = "SELECT u.LOGIN AS LOGIN,\n\t\t\t\tu.PASSWORD AS PASSWORD,\n\t\t\t\tu.ID AS ID\n\t\t\t\tFROM\n\t\t\t\tyg_user as u\n\t\t\t\tLEFT JOIN yg_user_propsv ON u.ID = yg_user_propsv.OID\n\t\t\t\tWHERE\n\t\t\t\t(yg_user_propsv.EMAIL LIKE ?);";
             $result = sYDB()->Execute($sql, $email);
             if ($result === false) {
                 throw new Exception(sYDB()->ErrorMsg());
             }
             $resultarray = $result->GetArray();
         }
         return $resultarray[0];
     } else {
         return false;
     }
 }
Example #11
0
 /**
  * Gets n last JSQueue entries
  *
  * @param int $max (optional) Maximum number of entries
  * @param string|array $text (optional) One or more Text filters
  * @return array List of JSQueue entries
  * @throws Exception
  */
 function getLastChanges($max = 8, $text = '')
 {
     $max = (int) $max;
     $sql = "SELECT *, (SELECT MAX(DATETIME) FROM " . $this->_table . " AS h2 WHERE h2.OID = lft.OID) AS MAXDATETIME FROM " . $this->_table . " AS lft WHERE ";
     $sqlargs = array();
     if (!is_array($text) && strlen($text) > 1) {
         $sql .= "TEXT=?";
         array_push($sqlargs, $text);
     } else {
         if (is_array($text) && count($text) > 0) {
             for ($t = 0; $t < count($text); $t++) {
                 $sql .= "TEXT = ? ";
                 array_push($sqlargs, $text[$t]);
                 if ($t < count($text) - 1) {
                     $sql .= " OR ";
                 }
             }
         } else {
             $sql .= "1";
         }
     }
     if ($this->_sourceid != "") {
         $sourcesql = "AND SOURCEID = ?";
         array_push($sqlargs, $this->_sourceid);
     }
     $sql .= " {$sourcesql} GROUP BY OID ORDER BY DATETIME DESC LIMIT 0, {$max}";
     array_unshift($sqlargs, $sql);
     $dbr = call_user_func_array(array(sYDB(), 'Execute'), $sqlargs);
     if ($dbr === false) {
         throw new Exception(sYDB()->ErrorMsg());
     }
     $resultarray = $dbr->GetArray();
     for ($i = 0; $i < count($resultarray); $i++) {
         $oid = $resultarray[$i]["OID"];
         $rread = false;
         if ($this->permissions == NULL) {
             $rread = true;
         } else {
             if ($this->permissions->checkInternal($this->_uid, $oid, "RREAD")) {
                 $rread = true;
             }
         }
         if ($rread) {
             $ra[] = $resultarray[$i];
         } else {
         }
     }
     return $ra;
 }
Example #12
0
<?php

// Includes
include_once "error.php";
// Set frontend timezone
date_default_timezone_set($this->frontendTimezone);
// Normalize and remove webroot-prefix
$webroot_path_string = implode('/', sApp()->webroot);
$request_path_string = getRequestPathString(sApp()->request->path);
$request_path = getRequestPathArray($request_path_string);
$psite = $request_path[1];
$ppage = (int) $request_path[2];
$action = sYDB()->escape_string($this->request->parameters['action']);
// Default
if (strlen($psite) < 1) {
    if (strlen($request_path_string) === 0) {
        // Webroot was requested, use first site and first page from that site
        $sites = sSites()->getList();
        $siteID = $sites[0]['ID'];
        if ($siteID) {
            $pageMgr = new PageMgr($siteID);
            $pagesList = $pageMgr->getTree($pageMgr->tree->getRoot(), 2);
            foreach ($pagesList as $currPage) {
                if ($currPage['LEVEL'] == 2 && $pageID == 0) {
                    $pageID = $currPage['ID'];
                    $pagePName = $currPage['PNAME'];
                }
            }
            $newUrl = $webroot_path_string . '/' . $sites[0]['PNAME'] . '/' . $pagePName . '/';
            // Throw status 301 and redirect
            $header = $_SERVER['SERVER_PROTOCOL'] . ' 301 Moved Permanently';
Example #13
0
 /**
  * Gets a list of Extensions
  *
  * @param int $type Extension type constant
  * @param bool $onlyInstalled If TRUE, only return installed Extensions
  * @param bool $hideInternal If TRUE, only return Extensions which are not marked as "internal"
  * @return array|false Array of Extensions or FALSE in case of an error
  */
 function getList($type = 0, $onlyInstalled = false, $hideInternal = false)
 {
     $type = (int) $type;
     $installFilter = " INSTALLED != 2";
     if ($onlyInstalled === true) {
         $installFilter = " INSTALLED = 1";
     }
     if ($hideInternal === true) {
         $installFilter .= " AND (INTERNAL = 0)";
     }
     if ($type > 0) {
         $typeFilter = " (TYPE = '" . $type . "') ";
     } else {
         $typeFilter = " 1 ";
     }
     $sql = "SELECT * FROM `yg_extensions` WHERE {$typeFilter} AND " . $installFilter . " ORDER BY NAME ASC";
     $result = sYDB()->Execute($sql);
     if ($result === false) {
         throw new Exception(sYDB()->ErrorMsg());
     }
     return $result->GetArray();
 }
Example #14
0
 /**
  * Sets the name of the specified Site
  *
  * @param int $siteId Site Id
  * @param string $name Site name
  * @return bool TRUE on success or FALSE in case of an error
  */
 public function setName($siteId, $name)
 {
     if (sUsergroups()->permissions->check($this->_uid, 'RSITES')) {
         $siteId = (int) $siteId;
         $name = sYDB()->escape_string(sanitize($name));
         $sql = "UPDATE yg_site SET NAME = ? WHERE ID = ?;";
         $result = $this->_db->execute($sql, $name, $siteId);
         if ($result === false) {
             return false;
         }
         return true;
     } else {
         return false;
     }
 }
Example #15
0
 /**
  * Gets all incoming References for a File
  *
  * @param int $fileId File Id
  * @return array Array of References
  * @throws Exception
  */
 function getIncomingForFile($fileId)
 {
     $fileId = (int) $fileId;
     $sql = "SELECT ref.* FROM `yg_references` AS ref WHERE\n\t\t\t\t( (ref.TGTTYPE = ?) OR\n\t\t\t\t  (ref.TGTTYPE = ?) )\n\t\t\t\tAND (ref.TGTOID = ?);";
     $result = sYDB()->Execute($sql, REFTYPE_IMAGE, REFTYPE_FILE, $fileId);
     if ($result === false) {
         throw new Exception(sYDB()->ErrorMsg());
     }
     $refs = $result->GetArray();
     return $refs;
 }
Example #16
0
 /**
  * Sets the permanent name of this Cblock
  *
  * @param string $pname Permanent name
  * @return bool TRUE on success or FALSE in case of an error
  * @throws Exception
  */
 public function setPName($pname)
 {
     $cbId = $this->_id;
     $pname = sYDB()->escape_string(sanitize($pname));
     if ($this->permissions->checkInternal($this->_uid, $cbId, "RWRITE")) {
         $pname = $this->filterPName($pname);
         if (is_numeric($pname)) {
             return false;
         }
         $checkpinfo = sCblockMgr()->getCblockIdByPName($pname);
         if ($checkpinfo["ID"] != $cbId && $checkpinfo["ID"] > 0) {
             $pname = $pname . $cbId;
         } else {
             if ($checkpinfo["ID"] > 0 && $checkpinfo["ID"] == $cbId) {
             } else {
             }
         }
         $sql = "SELECT PNAME AS STATE FROM yg_contentblocks_tree WHERE (ID = ?);";
         $result = sYDB()->Execute($sql, $cbId);
         if ($result === false) {
             throw new Exception(sYDB()->ErrorMsg());
         }
         $sql = "UPDATE yg_contentblocks_tree SET PNAME = '{$pname}' WHERE (ID = ?);";
         $result = sYDB()->Execute($sql, $cbId);
         if ($result === false) {
             throw new Exception(sYDB()->ErrorMsg());
         }
         if (Singleton::cache_config()->getVar("CONFIG/INVALIDATEON/PNAME_CHANGE") == "true") {
             Singleton::FC()->emptyBucket();
         }
         return true;
     } else {
         return false;
     }
 }
Example #17
0
 /**
  * Removes all Privileges for a given Extension
  *
  * @param string $extcode Extension-Code
  */
 public function removeAllExtensionPrivileges($extcode)
 {
     $extcode = sYDB()->escape_string(sanitize($extcode));
     $sql = "SELECT * FROM " . $this->_table . " WHERE EXTCODE = ?;";
     $result = sYDB()->Execute($sql, $extcode);
     $resultarray = @$result->GetArray();
     foreach ($resultarray as $resultarrayItem) {
         $this->removePrivilege($resultarrayItem['PRIVILEGE'], $extcode);
     }
 }
Example #18
0
 /**
  * Sets the order of list values of a Formfield
  *
  * @param array $orderArray Array of list Ids
  * @return bool TRUE on success or FALSE in case of an error
  * @throws Exception
  */
 function setListOrder($orderArray)
 {
     if (sUsergroups()->permissions->check($this->_uid, 'RENTRYMASKS')) {
         $order = 0;
         foreach ($orderArray as $order_array_item) {
             $order_array_item = (int) $order_array_item;
             $sql = "UPDATE `yg_entrymasks_lnk_formfields_lv` SET `LISTORDER` = ? WHERE ID = ?;";
             $result = sYDB()->Execute($sql, $order, $order_array_item);
             if ($result === false) {
                 throw new Exception(sYDB()->ErrorMsg());
             }
             $order++;
         }
         return true;
     } else {
         return false;
     }
 }
Example #19
0
 /**
  * Checks if the current instance of this Object is locked
  *
  * @return bool TRUE if the Object currently has a lock or FALSE if not
  */
 public function getLock()
 {
     $objectid = (int) $this->_id;
     $lockts = time() - (int) sConfig()->getVar("/CONFIG/OBJECTLOCK_TIMEOUT");
     $sql = "SELECT LOCKED, TOKEN, LOCKUID FROM " . $this->_table . " WHERE OBJECTID = ? AND LOCKED >= ?;";
     $dbr = sYDB()->Execute($sql, $objectid, $lockts);
     if ($dbr === false) {
         throw new Exception(sYDB()->ErrorMsg() . ":: " . $sql);
         return false;
     }
     $ra = $dbr->GetArray();
     return $ra[0];
 }
Example #20
0
 /**
  * Gets a list of Filetypes
  * @return array Array of Filetypes
  */
 function getList()
 {
     $rootGroupId = (int) sConfig()->getVar("CONFIG/SYSTEMUSERS/ROOTGROUPID");
     $perm_sql_select = ", MAX(perm.RREAD) AS RREAD,  MAX(perm.RWRITE) AS RWRITE,  MAX(perm.RDELETE) AS RDELETE,  MAX(perm.RSTAGE) AS RSTAGE";
     $perm_sql_from = " LEFT JOIN yg_filetypes_permissions AS perm ON perm.OID = group2.ID";
     $perm_sql_where = " AND (";
     $roles = $this->permissions->getUsergroups();
     for ($r = 0; $r < count($roles); $r++) {
         $perm_sql_where .= "(perm.USERGROUPID = " . (int) $roles[$r]["ID"] . ") ";
         if (count($roles) - $r > 1) {
             $perm_sql_where .= " OR ";
         }
     }
     $perm_sql_where .= ") ";
     $perm_sql_where .= " AND ((RREAD >= 1) OR (perm.USERGROUPID = " . (int) $rootGroupId . ")) ";
     $sql = "SELECT\n\t\t\t\t\tgroup2.LFT,\n\t\t\t\t\tgroup2.RGT,\n\t\t\t\t\tgroup2.LEVEL AS LEVEL,\n\t\t\t\t\tgroup2.PARENT AS PARENT,\n\t\t\t\t\tprop.*\n\t\t\t\t\t{$perm_sql_select}\n\t\t\t\tFROM\n\t\t\t\t\t({$this->table} AS group1, {$this->table} AS group2, yg_filetypes_properties AS prop)\n\t\t\t\t\t{$perm_sql_from}\n\t\t\t\tWHERE\n\t\t\t\t\t((group2.LFT >= group1.LFT) AND (group2.LFT <= group1.RGT)) AND\n\t\t\t\t\t(group2.ID = prop.OBJECTID)\n\t\t\t\t\t{$perm_sql_where}\n\t\t\t\t\t{$filtersql_where}\n\t\t\t\tGROUP BY\n\t\t\t\t\tgroup2.LFT, group2.RGT, group2.ID\n\t\t\t\tORDER BY prop.NAME;";
     $result = sYDB()->Execute($sql);
     return $result->GetArray();
 }
Example #21
0
 /**
  * Removes a specific Tag
  *
  * @param int $tagId Tag Id
  *
  * @return array Array with all elements which were successfully deleted
  */
 function remove($tagId)
 {
     $tagId = $origTagId = (int) $tagId;
     $rootNode = $this->tree->getRoot();
     if ($tagId == $rootNode) {
         return array();
     }
     // Get all nodes
     $successNodes = array();
     $allNodes = $this->tree->get($tagId, 1000);
     foreach ($allNodes as $allNodesItem) {
         $tagId = (int) $allNodesItem['ID'];
         if ($this->permissions->checkInternal($this->_uid, $tagId, "RDELETE")) {
             $sql = "DELETE FROM yg_tags_properties WHERE OBJECTID = ?;";
             sYDB()->Execute($sql, $tagId);
             $successNodes[] = $tagId;
         }
     }
     if (in_array($origTagId, $successNodes)) {
         $this->tree->remove($origTagId);
     }
     if (Singleton::cache_config()->getVar("CONFIG/INVALIDATEON/TAG_DELETE") == "true") {
         Singleton::FC()->emptyBucket();
     }
     return $successNodes;
 }
Example #22
0
 /**
  * Gets direct children of the specified Node
  *
  * @param int $oid Node Id
  * @return array Array of Nodes
  */
 function getDirectChildren($oid)
 {
     $oid = (int) $oid;
     if ($this->_object->permissions->checkInternal($this->_object->_uid, $oid, "RREAD")) {
         $sql = "SELECT * FROM `" . $this->_object->getTreeTable() . "` AS lft WHERE\n\t\t\t\t(lft.PARENT = {$oid}) ORDER BY LFT ASC;";
         $result = sYDB()->Execute($sql);
         if ($result) {
             $resulta = $result->GetArray();
         }
         return $resulta;
     }
 }
Example #23
0
 /**
  * Copies all Property values from one Object to another
  *
  * @param int $sourcePropertyId Source Property Id (versioned Object Id)
  * @param int $targetPropertyId Target Property Id (versioned Object Id)
  * @return bool TRUE on success or FALSE in case of an error
  * @throws Exception
  */
 function copyTo($sourcePropertyId, $targetPropertyId)
 {
     $sourcePropertyId = (int) $sourcePropertyId;
     $targetPropertyId = (int) $targetPropertyId;
     $this->clear($targetPropertyId);
     $properties = $this->getList();
     if (count($properties) == 0) {
         return true;
     }
     $tsql = '';
     for ($p = 0; $p < count($properties); $p++) {
         $tsql .= '`' . $properties[$p]["IDENTIFIER"] . '`';
         if ($p + 1 < count($properties)) {
             $tsql .= ",";
         }
     }
     $sql = "INSERT INTO `" . $this->_table . "v`\n\t\t\t\t\t(OID, {$tsql})\n\t\t\t\tSELECT {$targetPropertyId}, {$tsql}\n\t\t\t\tFROM `" . $this->_table . "v` WHERE (OID = ?);";
     $result = sYDB()->Execute($sql, $sourcePropertyId);
     if ($result === false) {
         throw new Exception(sYDB()->ErrorMsg());
     }
     return true;
 }
Example #24
0
 /**
  * Removes a Language
  *
  * @param int $languageId Language Id
  * @return bool TRUE on success or FALSE in case of an error
  */
 function remove($languageId)
 {
     $languageId = (int) $languageId;
     $sql = "DELETE FROM yg_languages WHERE ID = ?;";
     $result = sYDB()->Execute($sql, $languageId);
     if ($result === false) {
         throw new Exception(sYDB()->ErrorMsg());
     } else {
         return true;
     }
 }
Example #25
0
 /**
  * Checks if a User owns a specific Permission for a specific Object
  *
  * @param int $userId User Id
  * @param int $objectId Object Id
  * @param string $permission Permission (RREAD, RWRITE, RDELETE, RSUB, RSTAGE, RMODERATE, RCOMMENT, RSEND)
  * @return bool TRUE if the User has Permissions, false if not
  */
 public function checkInternal($userId, $objectId, $permission)
 {
     $userId = (int) $userId;
     $objectId = (int) $objectId;
     $permission = sYDB()->escape_string(sanitize($permission));
     if ($userId == 0 && $permission == "RREAD") {
         return true;
     }
     if ($userId == $this->_user->_uid) {
         // reuse user object
         $user = $this->_user;
     } else {
         $user = new User($userId);
     }
     $userroles = $user->getUsergroups($userId);
     for ($r = 0; $r < count($userroles); $r++) {
         $permissions = $this->getByUsergroup($userroles[$r]["ID"], $objectId);
         $privinfo = $privinfo + $permissions[$permission];
         if ($privinfo > 0) {
             // early exit
             return true;
         }
     }
     if ($privinfo > 0) {
         return true;
     } else {
         return false;
     }
     return false;
 }
Example #26
0
 /**
  * Uninstalls this Extension
  *
  * @return bool TRUE on success or FALSE in case of an error
  * @throws Exception
  */
 public function uninstall()
 {
     if (parent::uninstall()) {
         if ($this->uninstallPropertyTables("yg_ext_" . $this->_code . "_cblocks")) {
             $sql = "DELETE FROM yg_extensions_lnk_cblocks WHERE CODE = ?";
             $result = sYDB()->Execute($sql, $this->_code);
             if ($result === false) {
                 throw new Exception(sYDB()->ErrorMsg());
             }
             if (Singleton::cache_config()->getVar("CONFIG/INVALIDATEON/EXTENSION_UNINSTALL") == "true") {
                 Singleton::FC()->emptyBucket();
             }
             return true;
         }
     } else {
         return false;
     }
 }
Example #27
0
 /**
  * Saves all Usergroups for this User (removes all Usergroups first)
  *
  * @param array $usergroupIds Array of Usergroup Ids
  */
 function saveUsergroups($usergroupIds)
 {
     $uid = (int) $this->id;
     $sql = "DELETE FROM `yg_user_lnk_usergroups` WHERE UID = ?;";
     $result = sYDB()->Execute($sql, $uid);
     for ($i = 0; $i < count($usergroupIds); $i++) {
         $usergroupId = $usergroupIds[$i];
         $sql = "INSERT INTO\t`yg_user_lnk_usergroups` (`UID`, `USERGROUPID`) VALUES (?, ?);";
         sYDB()->Execute($sql, $uid, $usergroupId);
     }
 }
Example #28
0
 /**
  * Sets the name of the Usergroup
  *
  * @param int $usergroupId Usergroup Id
  * @param string $name Usergroup name
  */
 function setName($usergroupId, $name)
 {
     if ($this->permissions->check($this->_uid, 'RUSERGROUPS')) {
         $usergroupId = (int) $usergroupId;
         $name = sYDB()->escape_string(sanitize($name));
         $sql = "UPDATE " . $this->_table . " SET NAME = ? WHERE (ID = ?);";
         $result = sYDB()->Execute($sql, $name, $usergroupId);
         return true;
     } else {
         return false;
     }
 }
Example #29
0
 /**
  * Sets the permanent name of this Mailing
  *
  * @param string $pname Pname
  * @return bool TRUE on success FALSE in case of an error
  * @throws Exception
  */
 public function setPName($pname)
 {
     $mailingID = $this->_id;
     if ($this->permissions->checkInternal($this->_uid, $mailingID, "RWRITE")) {
         $pname = $this->filterPName($pname);
         if (is_numeric($pname)) {
             return false;
         }
         $mailingMgr = new MailingMgr();
         $checkpinfo = $mailingMgr->getMailingIdByPName($pname);
         if ($checkpinfo["ID"] != $mailingID && $checkpinfo["ID"] > 0) {
             $pname = $pname . $mailing;
         }
         $sql = "UPDATE yg_mailing_tree SET PNAME = ? WHERE (ID = ?);";
         $result = sYDB()->Execute($sql, $pname, $mailingID);
         if ($result === false) {
             throw new Exception(sYDB()->ErrorMsg());
         }
         if (Singleton::cache_config()->getVar("CONFIG/INVALIDATEON/PNAME_CHANGE") == "true") {
             Singleton::FC()->emptyBucket();
         }
         return true;
     } else {
         return false;
     }
 }
Example #30
0
 /**
  * Sets Comment settings
  *
  * @param array Array of settings
  * @return bool ERROR_NONE on success or error code in case of an error
  */
 function setSettings($settingsArray)
 {
     $sql = "UPDATE\n\t\t\t\t\tyg_comments_settings\n\t\t\t\tSET\n\t\t\t\t\tALLOW_HTML = ?,\n\t\t\t\t\tAUTOCLOSE_AFTER_DAYS = ?,\n\t\t\t\t\tFORCE_APPROVAL = ?,\n\t\t\t\t\tFORCE_AUTHENTICATION = ?,\n\t\t\t\t\tMINIMUM_INTERVAL = ?,\n\t\t\t\t\tSE_RANK_DENIAL = ?,\n\t\t\t\t\tBLACKLIST = ?,\n\t\t\t\t\tSPAMLIST = ?\n\t\t\t\tWHERE 1;";
     $result = sYDB()->Execute($sql, $settingsArray['ALLOW_HTML'], $settingsArray['AUTOCLOSE_AFTER_DAYS'], $settingsArray['FORCE_APPROVAL'], $settingsArray['FORCE_AUTHENTICATION'], $settingsArray['MINIMUM_INTERVAL'], $settingsArray['SE_RANK_DENIAL'], $settingsArray['BLACKLIST'], $settingsArray['SPAMLIST']);
     if ($result === false) {
         throw new Exception(sYDB()->ErrorMsg());
     } else {
         return ERROR_NONE;
     }
 }