/** * Get array of contacts data by Email * * @param string $data * @return array of CMS_profile_user * @access public */ static function getByEmail($data) { if (!SensitiveIO::isValidEmail($data)) { CMS_grandFather::raiseError('$data must be a valid email : ' . $data); return array(); } $aUsers = array(); //create the request to look for the data $sql = 'select `id_cd` from `contactDatas` where `email_cd` = "' . sensitiveIO::sanitizeSQLString($data) . '"'; //launching the request $q = new CMS_query($sql); //checking if ok and looping on results if (!$q->hasError()) { while (($oTmpUserId = $q->getValue("id_cd")) !== false) { //creating the user and filling the data $oTmpUser = CMS_profile_usersCatalog::getByID($oTmpUserId); if (!$oTmpUser->hasError()) { $oTmpUser->getContactData(); if (!$oTmpUser->hasError()) { $aUsers[] = $oTmpUser; } } } unset($oTmpUser, $oTmpUserId); } return $aUsers; }
public static function create($campaignId, $data = array()) { if (!io::isPositiveInteger($campaignId)) { return false; } $sql = 'INSERT INTO mod_mailjet VALUES (' . $campaignId . ',"' . json_encode($data) . '");'; $query = new CMS_query($sql); return !$query->hasError(); }
/** * Duplicate this block * Used to duplicate a CMS_page. * * @param CMS_page $destinationPage, the page receiving a copy of this block * @param boolean $public The precision needed for USERSPACE location * @return CMS_block object */ function duplicate(&$destinationPage, $public = false) { if (SensitiveIO::isPositiveInteger($this->_dbID)) { $table = $this->_getDataTableName(RESOURCE_LOCATION_USERSPACE, $public); $str_set = "\n\t\t\t\t\tpage='" . $destinationPage->getID() . "',\n\t\t\t\t\tclientSpaceID='" . $this->_clientSpaceID . "',\n\t\t\t\t\trowID='" . $this->_rowID . "',\n\t\t\t\t\tblockID='" . $this->_tagID . "',\n\t\t\t\t\ttype='CMS_block_cms_forms',\n\t\t\t\t\tvalue='" . SensitiveIO::sanitizeSQLString(serialize($this->_value)) . "'\n\t\t\t"; $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\t" . $table . "\n\t\t\t\tset\n\t\t\t\t\t" . $str_set . "\n\t\t\t"; $q = new CMS_query($sql); if (!$q->hasError()) { //Table Edition $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\t" . $this->_getDataTableName(RESOURCE_LOCATION_EDITION, false) . "\n\t\t\t\t\tset\n\t\t\t\t\t\tid='" . $id . "',\n\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t"; $q = new CMS_query($sql); return !$q->hasError(); } else { $this->raiseError("Duplicate, insertion failed: " . $sql); } } else { $this->raiseError("Duplicate, object does not have a DB ID, not initialized"); } return false; }
/** * Deletes a category from persistence * Must be called from static method * @see CMS_moduleCategories_catalog * * @access public * @return boolean */ function destroy() { if ($this->_categoryID > 0) { $err = 0; $sql = "\n\t\t\t\tdelete\n\t\t\t\tfrom\n\t\t\t\t\tmodulesCategories\n\t\t\t\twhere\n\t\t\t\t\tid_mca='" . $this->_categoryID . "'\n\t\t\t"; $q = new CMS_query($sql); if ($q->hasError()) { $err++; $this->raiseError("Error deleting category."); } $sql = "\n\t\t\t\tdelete\n\t\t\t\tfrom\n\t\t\t\t\tmodulesCategories_i18nm\n\t\t\t\twhere\n\t\t\t\t\tcategory_mcl='" . $this->_categoryID . "'\n\t\t\t"; $q = new CMS_query($sql); if ($q->hasError()) { $err++; $this->raiseError("Error deleting category labels."); } $sql = "\n\t\t\t\tdelete\n\t\t\t\tfrom\n\t\t\t\t\tmodulesCategories_clearances\n\t\t\t\twhere\n\t\t\t\t\tcategory_mcc='" . $this->_categoryID . "'\n\t\t\t"; $q = new CMS_query($sql); if ($q->hasError()) { $err++; $this->raiseError("Error deleting category clearances."); } //Clear polymod cache //CMS_cache::clearTypeCacheByMetas('polymod', array('module' => $this->_moduleCodename)); CMS_cache::clearTypeCache('polymod'); unset($this); return $err <= 0; } return false; }
/** * Writes these clearances into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { if ($this->_profileID && is_a($this->_categoriesClearances, "CMS_stack")) { $err = 0; // Delete old clearances $sql = "\n\t\t\t\tdelete\n\t\t\t\tfrom\n\t\t\t\t\tmodulesCategories_clearances\n\t\t\t\twhere\n\t\t\t\t\tprofile_mcc='" . $this->_profileID . "'\n\t\t\t"; $q = new CMS_query($sql); if ($q->hasError()) { $err++; $this->raiseError("Error on sql statement : " . var_dump($sql)); } // Insert new ones $elements = $this->_categoriesClearances->getElements(); if (is_array($elements) && $elements) { $values = ''; foreach ($elements as $v) { $values .= $values ? ',' : ''; $values .= "('" . $this->_profileID . "', '" . $v[0] . "', '" . $v[1] . "')"; } $sql = "\n\t\t\t\t\tinsert into modulesCategories_clearances\n\t\t\t\t\t\t(profile_mcc, category_mcc, clearance_mcc)\n\t\t\t\t\tvalues " . $values . "\n\t\t\t\t"; $q = new CMS_query($sql); if ($q->hasError()) { $err++; $this->raiseError("Error on sql statement : " . var_dump($sql)); } } return !$err ? true : false; } }
/** * Writes the template into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\tlabel_pt='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\timage_pt='" . SensitiveIO::sanitizeSQLString($this->_image) . "',\n\t\t\tdefinitionFile_pt='" . SensitiveIO::sanitizeSQLString($this->_definitionFile) . "',\n\t\t\tgroupsStack_pt='" . SensitiveIO::sanitizeSQLString($this->_groups->getTextDefinition()) . "',\n\t\t\tmodulesStack_pt='" . SensitiveIO::sanitizeSQLString($this->_modules->getTextDefinition()) . "',\n\t\t\tinUse_pt='" . $this->_useable . "',\n\t\t\tdescription_pt='" . SensitiveIO::sanitizeSQLString($this->_description) . "',\n\t\t\twebsitesdenied_pt='" . SensitiveIO::sanitizeSQLString($this->_websitesdenied->getTextDefinition()) . "',\n\t\t\tprivate_pt='" . $this->_private . "',\n\t\t\tprintingCSOrder_pt='" . SensitiveIO::sanitizeSQLString(implode(";", $this->_printingClientSpaces)) . "'\n\t\t"; if ($this->_id) { // Some changes must be applied // to all private templates similar to this one using same xml file if ($this->_definitionFile) { $sql = "\n\t\t\t\t\tupdate\n\t\t\t\t\t\tpageTemplates\n\t\t\t\t\tset\n\t\t\t\t\t\tlabel_pt='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\t\t\t\timage_pt='" . SensitiveIO::sanitizeSQLString($this->_image) . "',\n\t\t\t\t\t\tgroupsStack_pt='" . SensitiveIO::sanitizeSQLString($this->_groups->getTextDefinition()) . "',\n\t\t\t\t\t\tmodulesStack_pt='" . SensitiveIO::sanitizeSQLString($this->_modules->getTextDefinition()) . "',\n\t\t\t\t\t\tprintingCSOrder_pt='" . SensitiveIO::sanitizeSQLString(implode(";", $this->_printingClientSpaces)) . "'\n\t\t\t\t\twhere\n\t\t\t\t\t\tdefinitionFile_pt like '" . SensitiveIO::sanitizeSQLString($this->_definitionFile) . "'\n\t\t\t\t"; $q = new CMS_query($sql); } $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tpageTemplates\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_pt='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tpageTemplates\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); //pr($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } return true; }
/** * Get all searched objects (and subobjects) values * * @access private * @return array of values array(objectID => array(objectFieldID => array(objectSubfieldId => array(sql datas)))) */ protected function _getObjectValues() { $datas = array(); // Prepare conditions if (is_array($this->_sortedResultsIds) && $this->_sortedResultsIds) { $where = " where objectID in (" . implode($this->_sortedResultsIds, ','); if (is_array($this->_resultsSubObjectsIds) && $this->_resultsSubObjectsIds) { $where .= "," . implode($this->_resultsSubObjectsIds, ','); } $where .= ")"; } $statusSuffix = $this->_public ? "_public" : "_edited"; $sql = "select\n\t\t\t\t\t*\n\t\t\t\tfrom\n\t\t\t\t\tmod_subobject_text" . $statusSuffix . "\n\t\t\t\t\t{$where}\n\t\t\tunion distinct\n\t\t\t\tselect\n\t\t\t\t\t*\n\t\t\t\tfrom\n\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\t{$where}\n\t\t\tunion distinct\n\t\t\t\tselect\n\t\t\t\t\t*\n\t\t\t\tfrom\n\t\t\t\t\tmod_subobject_string" . $statusSuffix . "\n\t\t\t\t\t{$where}\n\t\t\tunion distinct\n\t\t\t\tselect\n\t\t\t\t\t*\n\t\t\t\tfrom\n\t\t\t\t\tmod_subobject_date" . $statusSuffix . "\n\t\t\t\t\t{$where}\n\t\t\t\t"; $q = new CMS_query($sql); //pr($sql); if (!$q->hasError()) { //create multidimentionnal array of results values while ($arr = $q->getArray()) { $datas[$arr["objectID"]][$arr["objectFieldID"]][$arr["objectSubFieldID"]] = $arr; } } return $datas; }
/** * Destroy this object, in DB and filesystem if needed * Destroy title label also * * @return boolean true on success, false on failure * @access public */ function destroy() { if ($this->_fieldID) { //delete all files of objects for this field $module = CMS_poly_object_catalog::getModuleCodenameForField($this->_fieldID); $filesDir = new CMS_file(PATH_MODULES_FILES_FS . '/' . $module, CMS_file::FILE_SYSTEM, CMS_file::TYPE_DIRECTORY); if ($filesDir->exists()) { //search all files of this field $filesList = $filesDir->getFileList(PATH_MODULES_FILES_FS . '/' . $module . '/*_f' . $this->_fieldID . '_*'); //then delete them foreach ($filesList as $aFile) { if (!CMS_file::deleteFile($aFile['name'])) { $this->raiseError("Can't delete file " . $aFile['name'] . " for field : " . $this->_fieldID); return false; } } } //delete all datas of objects for this field $tables = array('mod_subobject_date_deleted', 'mod_subobject_date_edited', 'mod_subobject_date_public', 'mod_subobject_integer_deleted', 'mod_subobject_integer_edited', 'mod_subobject_integer_public', 'mod_subobject_string_deleted', 'mod_subobject_string_edited', 'mod_subobject_string_public', 'mod_subobject_text_deleted', 'mod_subobject_text_edited', 'mod_subobject_text_public'); foreach ($tables as $aTable) { $sql = "\n\t\t\t\t\tdelete from\n\t\t\t\t\t\t" . $aTable . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectFieldID = '" . $this->_fieldID . "'\n\t\t\t\t"; $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Can't delete datas of table " . $aTable . " for field : " . $this->_fieldID); return false; } } //delete title label object if (sensitiveIO::IsPositiveInteger($this->_objectFieldValues["labelID"])) { $label = new CMS_object_i18nm($this->_objectFieldValues["labelID"]); $label->destroy(); } //delete field DB record $sql = "\n\t\t\t\tdelete from\n\t\t\t\t\tmod_object_field \n\t\t\t\twhere\n\t\t\t\t\tid_mof='" . $this->_fieldID . "'\n\t\t\t"; $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Can't delete datas of table mod_object_field for field : " . $this->_fieldID); return false; } //unset fields catalog in cache CMS_cache::clearTypeCache('atm-polymod-structure'); //Clear polymod cache //CMS_cache::clearTypeCacheByMetas('polymod', array('module' => CMS_poly_object_catalog::getModuleCodenameForField($this->_fieldID))); CMS_cache::clearTypeCache('polymod'); } //unset fields catalog in cache CMS_cache::clearTypeCacheByMetas('atm-polymod-structure', array('type' => 'fields')); //finally destroy object instance unset($this); return true; }
/** * Destroy this object, in DB * * @return boolean true on success, false on failure * @access public */ function destroy() { if ($this->_ID) { $sql = "delete from\n\t\t\t\t\t\tmod_object_i18nm\n\t\t\t\t\twhere\n\t\t\t\t\t\tid_i18nm='" . $this->_ID . "'\n\t\t\t"; $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Can't destroy object"); return false; } } unset($this); return true; }
/** * Get field search SQL request (used by class CMS_object_search) * * @param integer $fieldID : this field id in object (aka $this->_field->getID()) * @param integer $value : the category value to search * @param string $operator : additionnal search operator * @param string $where : where clauses to add to SQL * @param boolean $public : values are public or edited ? (default is edited) * @return string : the SQL request * @access public */ function getFieldSearchSQL($fieldID, $value, $operator, $where, $public = false) { $statusSuffix = $public ? "_public" : "_edited"; $supportedOperator = array('editableOnly', 'strict', 'not in', 'not in strict'); if ($operator && !in_array($operator, $supportedOperator)) { $this->raiseError("Unkown search operator : " . $operator . ", use default search instead"); $operator = false; } if ($operator == 'editableOnly') { global $cms_user; //get module codename $moduleCodename = CMS_poly_object_catalog::getModuleCodenameForField($this->_field->getID()); //get a list of all viewvable categories for current user $editableCats = array_keys(CMS_moduleCategories_catalog::getViewvableCategoriesForProfile($cms_user, $moduleCodename, true, true)); //if no viewvable categories, user has no rights to view anything if (!$editableCats) { return false; } //add previously found IDs to where clause $sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t\tand value in (" . @implode(',', $editableCats) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t"; $q = new CMS_query($sql); $IDs = array(); if (!$q->hasError()) { while ($id = $q->getValue('objectID')) { $IDs[$id] = $id; } } //if no results, no need to continue if (!$IDs) { return false; } $where = $IDs ? ' and objectID in (' . implode(',', $IDs) . ')' : ''; } if ($value == CMS_moduleCategory::LINEAGE_PARK_POSITION) { //if it is a public search, and field is mandatory, no objects should be returned if ($this->_field->getValue('required') && $public) { return false; } $module = CMS_poly_object_catalog::getModuleCodenameForField($fieldID); //add deleted cats to searchs $viewvableCats = CMS_moduleCategories_catalog::getDeletedCategories($module); //add zero value for objects without categories $viewvableCats[] = 0; //get object type id $objectID = CMS_poly_object_catalog::getObjectIDForField($fieldID); //first we get objects with deleted or no categories (value 0) $sqlTmp = "\n\t\t\t\tselect\n\t\t\t\t\tdistinct objectID\n\t\t\t\tfrom\n\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\twhere\n\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\tand value in (" . implode(',', $viewvableCats) . ")\n\t\t\t\t\t{$where}\n\t\t\t\t"; $qTmp = new CMS_query($sqlTmp); $deletedIDs = array(); while ($r = $qTmp->getArray()) { if ($r['objectID']) { $deletedIDs[$r['objectID']] = $r['objectID']; } } //then if we get objects with no categories at all (not referenced in mod_subobject_integer table) $sqlTmp = "\n\t\t\t\tselect\n\t\t\t\t\tdistinct objectID\n\t\t\t\tfrom\n\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\twhere\n\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t{$where}\n\t\t\t\t"; $qTmp = new CMS_query($sqlTmp); $noCatsIDs = $catsIDs = array(); while ($r = $qTmp->getArray()) { if ($r['objectID']) { $catsIDs[$r['objectID']] = $r['objectID']; } } $IDs = array(); if (preg_match_all('#\\d+#', $where, $IDs)) { $IDs = array_shift($IDs); } $noCatsIDs = array_diff($IDs, $catsIDs); $IDs = array_merge($deletedIDs, $noCatsIDs); //if no results, no need to continue if (!$IDs) { return false; } //then we mix the too results and we return it as a fake SQL request to keep system compatibility $sql = "\n\t\t\t\tselect\n\t\t\t\t\tdistinct id_moo as objectID\n\t\t\t\tfrom\n\t\t\t\t\tmod_object_polyobjects\n\t\t\t\twhere \n\t\t\t\t\tid_moo in (" . implode(',', $IDs) . ")\n\t\t\t\t"; } else { if ($operator == 'strict') { if (!is_array($value)) { $value = array($value); } //get categories searched $sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\tmodulesCategories\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t\tand id_mca = value\n\t\t\t\t\t\tand value in (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t"; } elseif ($operator == 'not in strict') { if (!is_array($value)) { $value = array($value); } //get categories searched $sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\tmodulesCategories\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t\tand id_mca = value\n\t\t\t\t\t\tand value not in (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t"; } else { if (!is_array($value)) { $value = array($value); } $lineages = array(); foreach ($value as $catID) { if ($catID) { //get lineage of category searched $lineages[] = CMS_moduleCategories_catalog::getLineageOfCategoryAsString($catID); } } $sql = ''; if ($operator == 'not in') { foreach ($lineages as $lineage) { $sql .= $sql ? ' and ' : ''; $sql .= "\n\t\t\t\t\t\tlineage_mca != '" . SensitiveIO::sanitizeSQLString($lineage) . "'\n\t\t\t\t\t\tand lineage_mca not like '" . SensitiveIO::sanitizeSQLString($lineage) . ";%' "; } } else { foreach ($lineages as $lineage) { $sql .= $sql ? ' or ' : ''; $sql .= "\n\t\t\t\t\t\tlineage_mca = '" . SensitiveIO::sanitizeSQLString($lineage) . "'\n\t\t\t\t\t\tor lineage_mca like '" . SensitiveIO::sanitizeSQLString($lineage) . ";%' "; } } $sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\tmodulesCategories\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t\tand id_mca=value\n\t\t\t\t\t\t" . ($sql ? " and (" . $sql . ") " : '') . "\n\t\t\t\t\t\t{$where}"; } } return $sql; }
/** * Writes all objects values into persistence (MySQL for now), along with base data. * * @param boolean $withResource treat also the resource status (if object is a primary resource) default true * @param boolean $emailValidators send emails to validators (if object is a primary resource) default true * @param boolean $onlyCreateID create only the object ID (used to save fiels fields). Default false * @return boolean true on success, false on failure * @access public */ function writeToPersistence($treatResource = true, $emailValidators = true, $onlyCreateID = false) { global $cms_user; if ($this->_public) { $this->raiseError("Can't write public object"); return false; } if ($this->hasError()) { $this->raiseError("Can't write object with error"); return false; } $isNew = $this->_ID === NULL; // Inform modules of the object creation $modules = CMS_modulesCatalog::getAll('id'); foreach ($modules as $codename => $module) { if (method_exists($module, 'polyObjectPreSave')) { $module->polyObjectPreSave($this, $isNew); } } if (!$this->_ID) { //first, if object does not have ID, create one $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_object_polyobjects\n\t\t\t\tset\n\t\t\t\t\tobject_type_id_moo='" . SensitiveIO::sanitizeSQLString($this->_objectID) . "'\n\t\t\t\t"; $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Can't save object"); return false; } elseif (!$this->_ID) { //set ID $this->_ID = $q->getLastInsertedID(); //reload all sub objects definition to add ID $this->_populateSubObjectsDefinitions(); } if ($onlyCreateID) { return true; } } $forceSecondaryRessourcePublication = false; //if this object is a primary resource if ($this->_objectResourceStatus == 1) { if ($treatResource) { //add content edition status $this->addEdition(RESOURCE_EDITION_CONTENT, $cms_user); } //write parent to persistence parent::writeToPersistence(); //set $this->_resource $this->_resource->setValue(parent::getID()); //then save resource ID //set definition for resource $definition = array('objectID' => $this->_ID, 'fieldID' => 0, 'subFieldID' => 0); $this->_resource->setDefinition($definition); if (!$this->_resource->writeToPersistence()) { return false; } } elseif ($this->_objectResourceStatus == 2) { //if this object is a secondary resource //get all primary resource associated $primaryItems = CMS_poly_object_catalog::getPrimaryItemsWhichUsesSecondaryItem($this->_ID, true, false); if ($primaryItems) { foreach ($primaryItems as $primaryItem) { $primaryItem->writeToPersistence(); } } else { $forceSecondaryRessourcePublication = true; } } //save all subobjects foreach (array_keys($this->_objectValues) as $fieldID) { if (is_a($this->_objectValues[$fieldID], 'CMS_poly_object')) { //set definition for poly object field in $this->_polyObjectValues $definition = array('objectID' => $this->_ID, 'fieldID' => $fieldID, 'subFieldID' => 0); $this->_polyObjectValues[$fieldID]->setDefinition($definition); if (!$this->_polyObjectValues[$fieldID]->writeToPersistence()) { return false; } } else { //set sub fields definitions for other object fields $this->_objectValues[$fieldID]->setSubFieldsDefinition($this->_subObjectsDefinitions[$fieldID]); if (!$this->_objectValues[$fieldID]->writeToPersistence()) { return false; } } } //resource management if ($treatResource) { //get Object definition $objectDef = $this->getObjectDefinition(); //get module codename $polyModuleCodename = $objectDef->getValue('module'); //if object is not a resource, copy datas to public location if ($this->_objectResourceStatus != 1 && $this->_objectResourceStatus != 2 || $this->_objectResourceStatus == 2 && $forceSecondaryRessourcePublication) { $modulesCodes = new CMS_modulesCodes(); //add a call to all modules for before validation specific treatment $modulesCodes->getModulesCodes(MODULE_TREATMENT_BEFORE_VALIDATION_TREATMENT, '', $this, array('result' => VALIDATION_OPTION_ACCEPT, 'lastvalidation' => true, 'module' => $polyModuleCodename, 'action' => 'update')); //move resource datas to public location CMS_modulePolymodValidation::moveResourceData($polyModuleCodename, $this->getID(), RESOURCE_DATA_LOCATION_EDITED, RESOURCE_DATA_LOCATION_PUBLIC, true); //add a call to all modules for after validation specific treatment $modulesCodes->getModulesCodes(MODULE_TREATMENT_AFTER_VALIDATION_TREATMENT, '', $this, array('result' => VALIDATION_OPTION_ACCEPT, 'lastvalidation' => true, 'module' => $polyModuleCodename, 'action' => 'update')); } //if item is a primary resource, send emails to validators if ($this->_objectResourceStatus == 1) { if (APPLICATION_ENFORCES_WORKFLOW) { if (!NO_APPLICATION_MAIL && $emailValidators) { $validators = CMS_profile_usersCatalog::getValidators($polyModuleCodename); //get editors $editors = $this->getEditors(); $editorsIds = array(); foreach ($editors as $editor) { $editorsIds[] = $editor->getUserId(); } foreach ($validators as $validator) { //add script to send email for validator if needed CMS_scriptsManager::addScript($polyModuleCodename, array('task' => 'emailNotification', 'object' => $this->getID(), 'validator' => $validator->getUserId(), 'type' => 'validate', 'editors' => $editorsIds)); } //then launch scripts execution CMS_scriptsManager::startScript(); } } else { $validation = new CMS_resourceValidation($polyModuleCodename, RESOURCE_EDITION_CONTENT, $this); $mod = CMS_modulesCatalog::getByCodename($polyModuleCodename); $mod->processValidation($validation, VALIDATION_OPTION_ACCEPT); } //Log action $log = new CMS_log(); $language = $cms_user->getLanguage(); $log->logResourceAction(CMS_log::LOG_ACTION_RESOURCE_EDIT_CONTENT, $cms_user, $polyModuleCodename, $this->getStatus(), 'Item \'' . $this->getLabel() . '\' (' . $objectDef->getLabel($language) . ')', $this); } else { //Log action $log = new CMS_log(); $language = $cms_user->getLanguage(); $log->logMiscAction(CMS_log::LOG_ACTION_RESOURCE_EDIT_CONTENT, $cms_user, 'Item \'' . $this->getLabel() . '\' (' . $objectDef->getLabel($language) . ')', $polyModuleCodename); } //Clear polymod cache //CMS_cache::clearTypeCacheByMetas('polymod', array('module' => $polyModuleCodename)); CMS_cache::clearTypeCache('polymod'); } // Inform modules of the object creation $modules = CMS_modulesCatalog::getAll('id'); foreach ($modules as $codename => $module) { if (method_exists($module, 'polyObjectPostSave')) { $module->polyObjectPostSave($this, $isNew); } } return true; }
/** * Authenticate user * This method can * - authenticate user throught authentification process * - load already authenticated user in current session (or SSO) * - disconnect user * * @param array $params : indexed array of authentification parameters (default : nothing) * Accepted array keys are : * - authenticate : boolean : default true if disconnect is not set * - disconnect : boolean : default false * - login : string : user login to authenticate * - password : string : user password to authenticate * - remember : boolean : default false * - tokenName : string * - token : string * - type : string : type of authentification (admin|frontend) : default APPLICATION_USER_TYPE contant * - ... and any parameter needed by authentifications processes handled by modules * @return void * @access public * @static */ public static function authenticate($params = array()) { //first clean old sessions datas from database CMS_session::_cleanSessions(); // Get Zend Auth instance $auth = Zend_Auth::getInstance(); // Use CMS_auth as session storage space $auth->setStorage(new Zend_Auth_Storage_Session('atm-auth')); //set authentification type if (!isset($params['type'])) { $params['type'] = APPLICATION_USER_TYPE; } //set permanent auth status if (isset($params['remember']) && $params['remember']) { self::$_permanent = true; } else { $params['remember'] = false; } //clear auth storage if disconnection is queried and set default authenticate value if (isset($params['disconnect']) && $params['disconnect']) { //log disconection if user exists $storageValue = $auth->getStorage()->read(); if (io::isPositiveInteger($storageValue)) { //load user $user = CMS_profile_usersCatalog::getByID($storageValue); if ($user) { //log new session $log = new CMS_log(); $log->logMiscAction(CMS_log::LOG_ACTION_DISCONNECT, $user, 'IP: ' . @$_SERVER['REMOTE_ADDR'] . ', UA: ' . @$_SERVER['HTTP_USER_AGENT']); } } //clear session content CMS_session::deleteSession(true); if (!isset($params['authenticate'])) { $params['authenticate'] = false; } } else { $params['disconnect'] = false; if (!isset($params['authenticate'])) { $params['authenticate'] = true; } } //init authenticated boolean $authenticated = false; //keep old storage value, because storage will be reseted by each module authentification $storageValue = $auth->getStorage()->read(); //loop on each authentification types suupported foreach (array('credentials', 'session', 'cookie', 'sso') as $authType) { //load modules $modules = CMS_modulesCatalog::getAll('id'); //get last module $module = array_pop($modules); //set authentification type as param $params['authType'] = $authType; //then try it for each modules do { //if module has auth method, try it if (method_exists($module, 'getAuthAdapter')) { //overwrite auth storage value with old value $auth->getStorage()->write($storageValue); //get module auth adapter $authAdapter = $module->getAuthAdapter($params); //authenticate user self::$_result = $auth->authenticate($authAdapter); //To debug Auth process easily, discomment this line //CMS_grandFather::log($_SERVER['SCRIPT_NAME'].' - '.$module->getCodename().' - Auth type : '.$authType.'/'.$params['type'].' - Auth result : '.self::$_result->getCode().($auth->hasIdentity() ? ' - Identity : '.$auth->getIdentity() : '').' - Message : '.(sizeof(self::$_result->getMessages()) == 1 ? array_pop(self::$_result->getMessages()) : print_r(self::$_result->getMessages(), true))); switch (self::$_result->getCode()) { case Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND: //user crendentials does not exists (ex: no login/pass provided) //nothing for now break; case Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID: //invalid login/pass //nothing for now break; case Zend_Auth_Result::SUCCESS: if ($auth->hasIdentity()) { // get user from identity found $user = $authAdapter->getUser($auth->getIdentity()); //check if user is valid if (isset($user) && $user && !$user->hasError() && !$user->isDeleted() && $user->isActive()) { $authenticated = true; //overwrite auth identity with valid user Id $auth->getStorage()->write($user->getUserId()); } else { unset($user); } } break; case Zend_Auth_Result::FAILURE: //user found but has error during loading (user inactive or deleted) //nothing for now break; default: //other unidentified cases : thrown an error CMS_grandFather::raiseError('Authentification return code ' . self::$_result->getCode() . ' for module ' . $module->getCodename() . ' with parameters ' . print_r($params, true)); break; } } //get next last module $module = array_pop($modules); } while (!$authenticated && $module); //if user is authenticated, break authentification foreach if ($authenticated) { break; } } //if authenticated : set or refresh session datas in table, regenerate session Id if ($authenticated && $user) { $q = new CMS_query("\n\t\t\tselect \n\t\t\t\tid_ses, cookie_expire_ses\n\t\t\tfrom \n\t\t\t\tsessions \n\t\t\twhere \n\t\t\t\tphpid_ses='" . sensitiveIO::sanitizeSQLString(Zend_Session::getId()) . "' \n\t\t\t\tand user_ses='" . sensitiveIO::sanitizeSQLString($user->getUserId()) . "'"); //get old session Id $oldSessionId = Zend_Session::getId(); if ($q->getNumRows() > 0) { //if session already exists : update it //regenerate session Id randomly (arround 1/100 times) //removed : cause session instability /*if (!rand(0, 100)) { //session id should not be regenerated each times because in case of a lot of concurrent calls, session can be destroyed Zend_Session::regenerateId(); }*/ $r = $q->getArray(); $id = $r['id_ses']; //Cookie if (self::$_permanent || $r['cookie_expire_ses'] != '0000-00-00 00:00:00') { self::$_permanent = true; // Cookie expire in APPLICATION_COOKIE_EXPIRATION days $expires = time() + 60 * 60 * 24 * APPLICATION_COOKIE_EXPIRATION; CMS_session::setCookie(CMS_session::getAutoLoginCookieName(), base64_encode($id . '|' . Zend_Session::getId()), $expires); } //DB session $sql = "\n\t\t\t\t\tupdate \n\t\t\t\t\t\tsessions \n\t\t\t\t\tset\n\t\t\t\t\t\tlastTouch_ses=NOW(),\n\t\t\t\t\t\tuser_ses='" . sensitiveIO::sanitizeSQLString($user->getUserId()) . "',\n\t\t\t\t\t\tphpid_ses='" . sensitiveIO::sanitizeSQLString(Zend_Session::getId()) . "',\n\t\t\t\t\t\tremote_addr_ses='" . sensitiveIO::sanitizeSQLString(@$_SERVER['REMOTE_ADDR']) . "'"; if (self::$_permanent) { $sql .= ",\n\t\t\t\t\t\tcookie_expire_ses = DATE_ADD(NOW(), INTERVAL " . APPLICATION_COOKIE_EXPIRATION . " DAY)"; } $sql .= "\n\t\t\t\t\twhere\n\t\t\t\t\t \tid_ses='" . sensitiveIO::sanitizeSQLString($id) . "'"; $q = new CMS_query($sql); //if autologin : log it if (in_array(CMS_auth::AUTH_AUTOLOGIN_VALID, self::$_result->getMessages())) { //log autologin session $log = new CMS_log(); $log->logMiscAction(CMS_log::LOG_ACTION_AUTO_LOGIN, $user, 'IP: ' . @$_SERVER['REMOTE_ADDR'] . ', UA: ' . @$_SERVER['HTTP_USER_AGENT']); } } else { //otherwhise, create user session //regenerate session Id Zend_Session::regenerateId(); //delete old session record if any $q = new CMS_query("\n\t\t\t\t\tdelete\n\t\t\t\t\tfrom \n\t\t\t\t\t\tsessions \n\t\t\t\t\twhere \n\t\t\t\t\t\tphpid_ses='" . sensitiveIO::sanitizeSQLString($oldSessionId) . "'"); //insert new session record $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\tsessions\n\t\t\t\t\tset\n\t\t\t\t\t\tlastTouch_ses=NOW(),\n\t\t\t\t\t\tphpid_ses='" . sensitiveIO::sanitizeSQLString(Zend_Session::getId()) . "',\n\t\t\t\t\t\tuser_ses='" . sensitiveIO::sanitizeSQLString($user->getUserId()) . "',\n\t\t\t\t\t\tremote_addr_ses='" . sensitiveIO::sanitizeSQLString(@$_SERVER['REMOTE_ADDR']) . "'\n\t\t\t\t"; if (self::$_permanent) { $sql .= ",\n\t\t\t\t\tcookie_expire_ses = DATE_ADD(NOW(), INTERVAL " . APPLICATION_COOKIE_EXPIRATION . " DAY)"; } $q = new CMS_query($sql); if (!$q->hasError() && self::$_permanent) { // Cookie expire in APPLICATION_COOKIE_EXPIRATION days $expires = time() + 60 * 60 * 24 * APPLICATION_COOKIE_EXPIRATION; CMS_session::setCookie(CMS_session::getAutoLoginCookieName(), base64_encode($q->getLastInsertedID() . '|' . Zend_Session::getId()), $expires); } //log new session $log = new CMS_log(); $log->logMiscAction(CMS_log::LOG_ACTION_LOGIN, $user, 'Permanent cookie: ' . (self::$_permanent ? 'Yes' : 'No') . ', IP: ' . @$_SERVER['REMOTE_ADDR'] . ', UA: ' . @$_SERVER['HTTP_USER_AGENT']); } //set user as currently logged user self::$_userID = $user->getUserId(); } else { if (APPLICATION_USER_TYPE == "frontend" && APPLICATION_ENFORCES_ACCESS_CONTROL) { //set public user as currently logged user self::$_userID = ANONYMOUS_PROFILEUSER_ID; } } //for backward compatibility $_SESSION["cms_context"] = new CMS_context(); }
/** * Check and/or repair positions in siblings of a given category * if ever needed * * @param integer $category_id, category ID to compact * @access public * @return boolean */ static function compactSiblingsOrder($category, $codename = false) { if ($category instanceof CMS_moduleCategory) { $categoryId = $category->getID(); $codename = $category->getAttribute('moduleCodename'); } else { if (sensitiveIO::isPositiveInteger($category)) { $categoryId = $category; } else { CMS_grandFather::raiseError("Category parameter is not a valid ID nor a valid category"); return false; } } // Checks if any hole in list order (more orders than records in siblings) $proceed = true; $sql = "\n\t\t\tselect\n\t\t\t\tCOUNT(*),\n\t\t\t\tmax(order_mca) as m\n\t\t\tfrom\n\t\t\t\tmodulesCategories\n\t\t\twhere\n\t\t\t\tparent_mca = '" . SensitiveIO::sanitizeSQLString($categoryId) . "'\n\t\t"; if ($codename) { $sql .= " and module_mca = '" . SensitiveIO::sanitizeSQLString($codename) . "'"; } $q = new CMS_query($sql); $arr = $q->getArray(); if ((int) $arr["m"] != (int) $arr["COUNT(*)"]) { //move the siblings order $sql = "\n\t\t\t\tselect\n\t\t\t\t\tid_mca as id\n\t\t\t\tfrom\n\t\t\t\t\tmodulesCategories\n\t\t\t\twhere\n\t\t\t\t\tparent_mca='" . SensitiveIO::sanitizeSQLString($categoryId) . "'"; if ($codename) { $sql .= " and module_mca = '" . SensitiveIO::sanitizeSQLString($codename) . "'"; } $sql .= "\n\t\t\t\torder by\n\t\t\t\t\torder_mca\n\t\t\t"; $q = new CMS_query($sql); $order = 0; while ($linkId = $q->getValue("id")) { $order++; $sql = "\n\t\t\t\t\tupdate\n\t\t\t\t\t\tmodulesCategories\n\t\t\t\t\tset\n\t\t\t\t\t\torder_mca='" . $order . "'\n\t\t\t\t\twhere\n\t\t\t\t\t\tid_mca='" . $linkId . "'\n\t\t\t\t"; $qU = new CMS_query($sql); if ($qU->hasError()) { CMS_grandFather::raiseError("Error while reordering siblings of category " . $categoryId); $proceed = false; } } } if ($codename) { //Clear polymod cache //CMS_cache::clearTypeCacheByMetas('polymod', array('module' => $codename)); CMS_cache::clearTypeCache('polymod'); } return $proceed; }
/** * Writes the group data into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { parent::writeToPersistence(); $sql_fields = "\n\t\t\tlabel_prg='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\tdescription_prg='" . SensitiveIO::sanitizeSQLString($this->_description) . "',\n\t\t\tprofile_prg='" . SensitiveIO::sanitizeSQLString(parent::getId()) . "'\n\t\t"; if ($this->_groupId) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tprofilesUsersGroups\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_prg='" . $this->_groupId . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tprofilesUsersGroups\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_groupId) { $this->_groupId = $q->getLastInsertedID(); } /* Delete all records and re-insert the good ones */ $sql = "\n\t\t\tdelete from\n\t\t\t\tprofileUsersByGroup\n\t\t\twhere\n\t\t\t\tgroupId_gu='" . $this->_groupId . "'\n\t\t"; $q = new CMS_query($sql); if (is_array($this->_users) && $this->_users) { $sql = ''; foreach ($this->_users as $user) { $sql .= $sql ? ', ' : ''; $sql .= "('" . $this->_groupId . "' ,'" . $user . "') "; } $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tprofileUsersByGroup (groupId_gu, userId_gu)\n\t\t\t\tvalues \n\t\t\t\t\t" . $sql; $q = new CMS_query($sql); } //Clear polymod cache //CMS_cache::clearTypeCacheByMetas('polymod', array('resource' => 'users')); CMS_cache::clearTypeCache('polymod'); return true; }
/** * Duplicate this block * Used to duplicate a CMS_page. * * @param CMS_page $destinationPage, the page receiving a copy of this block * @param boolean $public The precision needed for USERSPACE location * @return CMS_block object */ function duplicate(&$destinationPage, $public = false) { if (SensitiveIO::isPositiveInteger($this->_dbID)) { $link = $this->_link; if ($link->hasValidHREF()) { if ($link->getLinkType() == RESOURCE_LINK_TYPE_FILE) { //get file path $file = $link->getFileLink(false, MOD_STANDARD_CODENAME, RESOURCE_DATA_LOCATION_EDITED, PATH_RELATIVETO_FILESYSTEM, true); $path = $link->getFileLink(true, MOD_STANDARD_CODENAME, RESOURCE_DATA_LOCATION_EDITED, PATH_RELATIVETO_FILESYSTEM, false); if ($file && file_exists($path . '/' . $file)) { //Copy linked file //In new file name, delete reference to old page and add refernce to new one $_newFilename = "p" . $destinationPage->getID() . io::substr($file, io::strpos($file, "_"), io::strlen($file)); if (@is_file(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $file) && CMS_file::copyTo(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $file, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename) && CMS_file::chmodFile(FILES_CHMOD, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename)) { //Public if ($public) { if (!is_file(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $file) || !CMS_file::copyTo(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $file, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename) || !CMS_file::chmodFile(FILES_CHMOD, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename)) { $this->raiseError("Duplicate, file copy failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $file); } } $link->setFileLink($_newFilename); } } } $table = $this->_getDataTableName(RESOURCE_LOCATION_USERSPACE, $public); //Save new datas $str_set = "\n\t\t\t\t\t\tpage='" . $destinationPage->getID() . "',\n\t\t\t\t\t\tclientSpaceID='" . $this->_clientSpaceID . "',\n\t\t\t\t\t\trowID='" . $this->_rowID . "',\n\t\t\t\t\t\tblockID='" . $this->_tagID . "',\n\t\t\t\t\t\ttype='CMS_block_link',\n\t\t\t\t\t\tvalue='" . SensitiveIO::sanitizeSQLString($link->getTextDefinition()) . "'\n\t\t\t\t"; $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\t" . $table . "\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t"; $q = new CMS_query($sql); if (!$q->hasError()) { //Table Edition $sql = "\n\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t" . $this->_getDataTableName(RESOURCE_LOCATION_EDITION, false) . "\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tid='" . $q->getLastInsertedID() . "',\n\t\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t\t"; $q = new CMS_query($sql); return !$q->hasError(); } else { $this->raiseError("Duplicate, SQL insertion of new filename failed: " . $sql); } } else { $this->raiseError("Duplicate, copy of file failed :" . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file); } } return false; }
/** * Writes the website into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { if (!sensitiveIO::isPositiveInteger($this->_order)) { //get max order $sql = "\n\t\t\t\tselect \n\t\t\t\t\tmax(order_web) as order_max\n\t\t\t\tfrom\n\t\t\t\t\twebsites\n\t\t\t"; $q = new CMS_query($sql); if ($q->hasError() || !$q->getNumRows()) { CMS_grandFather::raiseError('Error to get max order from websites table ... '); return false; } $this->_order = $q->getValue('order_max') + 1; } $sql_fields = "\n\t\t\tlabel_web='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\tcodename_web='" . SensitiveIO::sanitizeSQLString($this->_codename) . "',\n\t\t\turl_web='" . SensitiveIO::sanitizeSQLString($this->_url) . "',\n\t\t\taltdomains_web='" . SensitiveIO::sanitizeSQLString($this->_altdomains) . "',\n\t\t\taltredir_web='" . ($this->_altredir ? 1 : 0) . "',\n\t\t\troot_web='" . $this->_root->getID() . "',\n\t\t\tkeywords_web='" . SensitiveIO::sanitizeSQLString($this->_meta['keywords']) . "',\n\t\t\tdescription_web='" . SensitiveIO::sanitizeSQLString($this->_meta['description']) . "',\n\t\t\tcategory_web='" . SensitiveIO::sanitizeSQLString($this->_meta['category']) . "',\n\t\t\tauthor_web='" . SensitiveIO::sanitizeSQLString($this->_meta['author']) . "',\n\t\t\treplyto_web='" . SensitiveIO::sanitizeSQLString($this->_meta['replyto']) . "',\n\t\t\tcopyright_web='" . SensitiveIO::sanitizeSQLString($this->_meta['copyright']) . "',\n\t\t\tlanguage_web='" . SensitiveIO::sanitizeSQLString($this->_meta['language']) . "',\n\t\t\trobots_web='" . SensitiveIO::sanitizeSQLString($this->_meta['robots']) . "',\n\t\t\tfavicon_web='" . SensitiveIO::sanitizeSQLString($this->_meta['favicon']) . "',\n\t\t\tmetas_web='" . SensitiveIO::sanitizeSQLString($this->_meta['metas']) . "',\n\t\t\torder_web='" . SensitiveIO::sanitizeSQLString($this->_order) . "',\n\t\t\t403_web='" . SensitiveIO::sanitizeSQLString($this->_403) . "',\n\t\t\t404_web='" . SensitiveIO::sanitizeSQLString($this->_404) . "'\n\t\t"; if ($this->_id) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\twebsites\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_web='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\twebsites\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } //create the page directory if (!is_dir($this->getPagesPath(PATH_RELATIVETO_FILESYSTEM))) { @mkdir($this->getPagesPath(PATH_RELATIVETO_FILESYSTEM)); @chmod($this->getPagesPath(PATH_RELATIVETO_FILESYSTEM), octdec(DIRS_CHMOD)); } return true; }
/** * Writes the module into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\tlabel_mod='" . SensitiveIO::sanitizeSQLString($this->_labelMessageID) . "',\n\t\t\tcodename_mod='" . SensitiveIO::sanitizeSQLString($this->_codename) . "',\n\t\t\tadministrationFrontend_mod='" . SensitiveIO::sanitizeSQLString($this->_administrationFrontend) . "',\n\t\t\thasParameters_mod='" . SensitiveIO::sanitizeSQLString($this->_hasParameters) . "',\n\t\t\tisPolymod_mod='" . SensitiveIO::sanitizeSQLString($this->_isPolymod) . "'\n\t\t"; if ($this->_id) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmodules\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_mod='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmodules\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } //create module files for module $this->createModuleFiles(); return true; }
/** * Write to persistence * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\t\tuser_log='" . SensitiveIO::sanitizeSQLString($this->_user->getUserId()) . "',\n\t\t\t\taction_log='" . SensitiveIO::sanitizeSQLString($this->_action) . "',\n\t\t\t\tdatetime_log='" . SensitiveIO::sanitizeSQLString($this->_datetime->getDBValue()) . "',\n\t\t\t\ttextData_log='" . SensitiveIO::sanitizeSQLString($this->_textData) . "',\n\t\t\t\tlabel_log='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\t\tmodule_log='" . SensitiveIO::sanitizeSQLString($this->_module) . "',\n\t\t\t\tresource_log='" . SensitiveIO::sanitizeSQLString($this->_resource) . "',\n\t\t\t\trsAfterLocation_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getLocation()) . "',\n\t\t\t\trsAfterProposedFor_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getProposedFor()) . "',\n\t\t\t\trsAfterEditions_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getEditions()) . "',\n\t\t\t\trsAfterValidationsRefused_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getValidationRefused()) . "',\n\t\t\t\trsAfterPublication_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getPublication()) . "'\t\n\t\t\t"; if ($this->_id) { $sql = "\n\t\t\t\t\tupdate\n\t\t\t\t\t\tlog\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $sql_fields . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tid_log='" . $this->_id . "'\n\t\t\t\t"; } else { $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\tlog\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } else { $this->_id = $q->getLastInsertedID(); } return true; }
/** * Writes the row into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { if (!$this->_uuid) { $this->_uuid = io::uuid(); } $sql_fields = "\n\t\t\tlabel_row='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\tdefinitionFile_row='" . SensitiveIO::sanitizeSQLString($this->_definitionFile) . "',\n\t\t\tmodulesStack_row='" . $this->_modules->getTextDefinition() . "',\n\t\t\tgroupsStack_row='" . SensitiveIO::sanitizeSQLString($this->_groups->getTextDefinition()) . "',\n\t\t\tuseable_row='" . SensitiveIO::sanitizeSQLString($this->_useable) . "',\n\t\t\tdescription_row='" . SensitiveIO::sanitizeSQLString($this->_description) . "',\n\t\t\ttplfilter_row='" . SensitiveIO::sanitizeSQLString(implode(';', $this->_tplfilter)) . "',\n\t\t\timage_row='" . SensitiveIO::sanitizeSQLString($this->_image) . "',\n\t\t\tuuid_row='" . SensitiveIO::sanitizeSQLString($this->_uuid) . "'\n\t\t"; if ($this->_id) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_standard_rows\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_row='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_standard_rows\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t"; } //pr($sql); $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } return true; }
/** * Writes the news into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { //save data $closed = $this->_public === true ? 0 : 1; $sql_fields = "\n\t\t\towner_frm='" . $this->_ownerID . "',\n\t\t\tlanguage_frm='" . SensitiveIO::sanitizeSQLString($this->_language->getCode()) . "',\n\t\t\tname_frm='" . SensitiveIO::sanitizeSQLString($this->_name) . "',\n\t\t\tsource_frm='" . SensitiveIO::sanitizeSQLString($this->_source) . "',\n\t\t\tresponses_frm='" . SensitiveIO::sanitizeSQLString($this->_responses) . "',\n\t\t\tclosed_frm='" . $closed . "'"; if ($this->_formID) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_cms_forms_formulars\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_frm='" . $this->_formID . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_cms_forms_formulars\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Failed to write"); return false; } elseif (!$this->_formID) { $this->_formID = $q->getLastInsertedID(); } //then create the 4 defaut actions for this form if hasn't any if (!$this->hasActions()) { //Form answer excedeed $alreadyFoldAction = new CMS_forms_action(); $alreadyFoldAction->setInteger("form", $this->_formID); $alreadyFoldAction->setInteger("type", CMS_forms_action::ACTION_ALREADY_FOLD); $alreadyFoldAction->setString("value", 'text'); $alreadyFoldAction->writeToPersistence(); //Save form results in DB $dbAction = new CMS_forms_action(); $dbAction->setInteger("form", $this->_formID); $dbAction->setInteger("type", CMS_forms_action::ACTION_DB); $dbAction->writeToPersistence(); //form OK $okAction = new CMS_forms_action(); $okAction->setInteger("form", $this->_formID); $okAction->setInteger("type", CMS_forms_action::ACTION_FORMOK); $okAction->setString("value", 'text'); $okAction->writeToPersistence(); //form NOK $nokAction = new CMS_forms_action(); $nokAction->setInteger("form", $this->_formID); $nokAction->setInteger("type", CMS_forms_action::ACTION_FORMNOK); $nokAction->setString("value", 'text'); $nokAction->writeToPersistence(); } return true; }
/** * Reset websites order * * @param array $websitesIDsOrdered : the websites IDs ordered * @return boolean true on success, false on failure * @access public */ static function setOrders($websitesIDsOrdered) { $count = 1; foreach ($websitesIDsOrdered as $websiteID) { if (!sensitiveIO::isPositiveInteger($websiteID)) { CMS_grandFather::raiseError('Website id must be a positive integer : ' . $websiteID); return false; } $sql = "\n\t\t\t\tupdate \n\t\t\t\t\twebsites \n\t\t\t\tset \n\t\t\t\t\torder_web='" . $count . "'\n\t\t\t\twhere\n\t\t\t\t\tid_web='" . $websiteID . "'\n\t\t\t"; $q = new CMS_query($sql); if ($q->hasError()) { CMS_grandFather::raiseError('Saving order error for website : ' . $websiteID); return false; } $count++; } return true; }
/** * Writes the news into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\tlanguages_snd='" . SensitiveIO::sanitizeSQLString($this->_languages) . "',\n\t\t\tuserID_snd='" . SensitiveIO::sanitizeSQLString($this->_userID) . "',\n\t\t\tclientIP_snd='" . SensitiveIO::sanitizeSQLString($this->_clientIP) . "',\n\t\t\tsessionID_snd='" . SensitiveIO::sanitizeSQLString($this->_sessionID) . "',\n\t\t\tuserAgent_snd='" . SensitiveIO::sanitizeSQLString($this->_userAgent) . "'"; // Date if (is_a($this->_dateInserted, 'CMS_date')) { $sql_fields .= ",\n\t\t\tdateInserted_snd='" . $this->_dateInserted->getDBValue() . "'"; } if ($this->_senderID) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_cms_forms_senders\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_snd='" . $this->_senderID . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_cms_forms_senders\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Failed to write"); return false; } elseif (!$this->_senderID) { $this->_senderID = $q->getLastInsertedID(); } return true; }
/** * Writes the news into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\tform_fld='" . SensitiveIO::sanitizeSQLString($this->_formID) . "',\n\t\t\tname_fld='" . SensitiveIO::sanitizeSQLString($this->_name) . "',\n\t\t\tlabel_fld='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\ttype_fld='" . SensitiveIO::sanitizeSQLString($this->_type) . "',\n\t\t\tdataValidation_fld='" . SensitiveIO::sanitizeSQLString($this->_dataValidation) . "',\n\t\t\tdefaultValue_fld='" . SensitiveIO::sanitizeSQLString($this->_value) . "',\n\t\t\trequired_fld='" . SensitiveIO::sanitizeSQLString($this->_required) . "',\n\t\t\tactive_fld='" . SensitiveIO::sanitizeSQLString($this->_active) . "',\n\t\t\torder_fld='" . SensitiveIO::sanitizeSQLString($this->_order) . "',\n\t\t\toptions_fld='" . SensitiveIO::sanitizeSQLString(serialize($this->_options)) . "',\n\t\t\tparams_fld='" . SensitiveIO::sanitizeSQLString(serialize($this->_params)) . "'\n\t\t\t"; if ($this->_fieldID) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_cms_forms_fields\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_fld='" . $this->_fieldID . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_cms_forms_fields\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Failed to write"); return false; } elseif (!$this->_fieldID) { $this->_fieldID = $q->getLastInsertedID(); } //then write options in a second query, (cause in the first query it cause a strange error with PDO /*$sql_fields = " options_fld=:options "; $sqlParameters = array( 'options' => serialize($this->_options), ); $sql = " update mod_cms_forms_fields set ".$sql_fields." where id_fld='".$this->_fieldID."' "; $q = new CMS_query(); $q->executePreparedQuery($sql, $sqlParameters); if ($q->hasError()) { $this->raiseError("Failed to write"); return false; }*/ return true; }
/** * Writes the cmsprofile into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\tadministrationClearance_pr='" . SensitiveIO::sanitizeSQLString($this->_adminClearance) . "',\n\t\t\tpageClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($this->_pageClearances->getTextDefinition()) . "',\n\t\t\tvalidationClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($this->_validationClearances->getTextDefinition()) . "',\n\t\t\tmoduleClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($this->_moduleClearances->getTextDefinition()) . "',\n\t\t\ttemplateGroupsDeniedStack_pr='" . SensitiveIO::sanitizeSQLString($this->_templateGroupsDenied->getTextDefinition()) . "',\n\t\t\trowGroupsDeniedStack_pr='" . SensitiveIO::sanitizeSQLString($this->_rowGroupsDenied->getTextDefinition()) . "'\n\t\t"; if ($this->_id) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tprofiles\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_pr='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tprofiles\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } //pr($sql); $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } if (!sensitiveIO::isPositiveInteger($this->_moduleCategoriesClearances->getProfileID())) { $this->_moduleCategoriesClearances->setProfileID($this->_id); } // Write moduleCategories clearances to persistence also return $this->_moduleCategoriesClearances->writeToPersistence(); }
/** * Writes the page into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { parent::writeToPersistence(); $isNew = $this->_pageID === NULL; // Inform modules of the page creation $modules = CMS_modulesCatalog::getAll('id'); foreach ($modules as $codename => $module) { if (method_exists($module, 'pagePreSave')) { $module->pagePreSave($this, $isNew); } } //save page data $sql_fields = "\n\t\t\tresource_pag='" . parent::getID() . "',\n\t\t\tremindedEditorsStack_pag='" . SensitiveIO::sanitizeSQLString($this->_remindedEditors->getTextDefinition()) . "',\n\t\t\tlastReminder_pag='" . $this->_lastReminder->getDBValue() . "',\n\t\t\ttemplate_pag='" . $this->_templateID . "',\n\t\t\tlastFileCreation_pag='" . $this->_lastFileCreation->getDBValue() . "',\n\t\t\turl_pag='" . SensitiveIO::sanitizeSQLString($this->_pageURL) . "',\n\t\t\tprotected_pag='" . ($this->_protected ? 1 : 0) . "',\n\t\t\thttps_pag='" . ($this->_https ? 1 : 0) . "'\n\t\t"; if ($this->_pageID) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tpages\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_pag='" . $this->_pageID . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tpages\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_pageID) { $this->_pageID = $q->getLastInsertedID(); } //save base data if modified if ($this->_editedBaseData) { $sql_fields = "\n\t\t\t\tpage_pbd='" . $this->_pageID . "',\n\t\t\t\ttitle_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["title"]) . "',\n\t\t\t\tlinkTitle_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["linkTitle"]) . "',\n\t\t\t\tkeywords_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["keywords"]) . "',\n\t\t\t\tdescription_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["description"]) . "',\n\t\t\t\treminderPeriodicity_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["reminderPeriodicity"]) . "',\n\t\t\t\treminderOn_pbd='" . $this->_editedBaseData["reminderOn"]->getDBValue() . "',\n\t\t\t\treminderOnMessage_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["reminderOnMessage"]) . "',\n\t\t\t\tcategory_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["category"]) . "',\n\t\t\t\tauthor_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["author"]) . "',\n\t\t\t\treplyto_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["replyto"]) . "',\n\t\t\t\tcopyright_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["copyright"]) . "',\n\t\t\t\tlanguage_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["language"]) . "',\n\t\t\t\trobots_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["robots"]) . "',\n\t\t\t\tpragma_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["pragma"]) . "',\n\t\t\t\trefresh_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["refresh"]) . "',\n\t\t\t\tredirect_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["redirect"]->getTextDefinition()) . "',\n\t\t\t\trefreshUrl_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["refreshUrl"]) . "',\n\t\t\t\tmetas_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["metas"]) . "',\n\t\t\t\tcodename_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["codename"]) . "'\n\t\t\t"; if ($this->_baseDataID) { $sql = "\n\t\t\t\t\tupdate\n\t\t\t\t\t\tpagesBaseData_edited\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $sql_fields . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tid_pbd='" . $this->_baseDataID . "'\n\t\t\t\t"; } else { $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\tpagesBaseData_edited\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if (!$q->hasError() && !$this->_baseDataID) { $this->_baseDataID = $q->getLastInsertedID(); } } // Inform modules of the page creation $modules = CMS_modulesCatalog::getAll('id'); foreach ($modules as $codename => $module) { if (method_exists($module, 'pagePostSave')) { $module->pagePostSave($this, $isNew); } } return true; }
/** * Execute a SQL script * * @param $script, string : the CMS_file::FILE_SYSTEM SQL script filename * This script can be SQL export provided by phpMyadmin or mysqldump, etc. * @param simulation : boolean, if true, only do a read of the script and if it contain sql data, return true. * @return boolean, true on success, false on failure * @access public */ function executeSqlScript($script, $simulation = false) { //include PMA import functions require_once PATH_PACKAGES_FS . '/files/sqlDump.php'; //read mysql version and set needed constant/vars for phpMyAdmin $q = new CMS_query('SELECT VERSION() AS version'); $version = $q->getValue('version'); $match = explode('.', $version); //read mysql file $query = PMA_readFile($script); //first, detect SQL file encoding $isUTF8 = io::isUTF8($query); //then, change charset declaration inside sql queries to match current Automne charset if (strtolower(APPLICATION_DEFAULT_ENCODING) != 'utf-8') { //if Automne is not in utf8, then table charset must be in latin1 $query = str_ireplace(' CHARSET=utf8', ' CHARSET=latin1', $query); $query = str_ireplace('TYPE=MyISAM;', 'TYPE=MyISAM CHARSET=latin1;', $query); } else { //if Automne is in utf8, then table charset must be in utf8 $query = str_ireplace(' CHARSET=latin1', ' CHARSET=utf8', $query); $query = str_ireplace('TYPE=MyISAM;', 'TYPE=MyISAM CHARSET=utf8;', $query); } //finally, clean it and split queries PMA_splitSqlFile($queries, $query, (int) sprintf('%d%02d%02d', $match[0], $match[1], intval($match[2]))); if (!$simulation) { //set connection charset accordingly to file charset if ($isUTF8) { $q = new CMS_query("SET NAMES 'utf8'"); } else { $q = new CMS_query("SET NAMES 'latin1'"); } //execute all queries $ok = true; foreach ($queries as $aQuery) { $q = new CMS_query($aQuery); $ok = $q->hasError() ? false : $ok; } //set connection charset accordingly to file charset if ($isUTF8) { $q = new CMS_query("SET NAMES 'latin1'"); } else { $q = new CMS_query("SET NAMES 'utf8'"); } } else { $ok = is_array($queries) && $queries ? true : false; } //reset connection charset if (io::strtolower(APPLICATION_DEFAULT_ENCODING) == 'utf-8') { //set connection to utf-8 charset $q = new CMS_query("SET NAMES 'utf8'"); } else { $q = new CMS_query("SET NAMES 'latin1'"); } return $ok; }
/** * Writes the resource into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $this->_status->writeToPersistence(); $sql_fields = "\n\t\t\tstatus_res='" . $this->_status->getID() . "',\n\t\t\teditorsStack_res='" . SensitiveIO::sanitizeSQLString($this->_editors->getTextDefinition()) . "'\n\t\t"; if ($this->_id) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tresources\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_res='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tresources\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } return true; }
/** * Writes the contactData into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\tservice_cd='" . SensitiveIO::sanitizeSQLString($this->_service) . "',\n\t\t\tjobTitle_cd='" . SensitiveIO::sanitizeSQLString($this->_jobTitle) . "',\n\t\t\taddressField1_cd='" . SensitiveIO::sanitizeSQLString($this->_addressField1) . "',\n\t\t\taddressField2_cd='" . SensitiveIO::sanitizeSQLString($this->_addressField2) . "',\n\t\t\taddressField3_cd='" . SensitiveIO::sanitizeSQLString($this->_addressField3) . "',\n\t\t\tzip_cd='" . SensitiveIO::sanitizeSQLString($this->_zip) . "',\n\t\t\tcity_cd='" . SensitiveIO::sanitizeSQLString($this->_city) . "',\n\t\t\tstate_cd='" . SensitiveIO::sanitizeSQLString($this->_state) . "',\n\t\t\tcountry_cd='" . SensitiveIO::sanitizeSQLString($this->_country) . "',\n\t\t\tphone_cd='" . SensitiveIO::sanitizeSQLString($this->_phone) . "',\n\t\t\tcellphone_cd='" . SensitiveIO::sanitizeSQLString($this->_cellphone) . "',\n\t\t\tfax_cd='" . SensitiveIO::sanitizeSQLString($this->_fax) . "',\n\t\t\temail_cd='" . SensitiveIO::sanitizeSQLString($this->_email) . "',\n\t\t\tcompany_cd='" . SensitiveIO::sanitizeSQLString($this->_company) . "',\n\t\t\tgender_cd='" . SensitiveIO::sanitizeSQLString($this->_gender) . "'\n\t\t"; if ($this->_id) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tcontactDatas\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_cd='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tcontactDatas\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } return true; }
/** * Duplicate this block * Used to duplicate a CMS_page. * * @param CMS_page $destinationPage, the page receiving a copy of this block * @param boolean $public The precision needed for USERSPACE location * @return CMS_block object */ function duplicate(&$destinationPage, $public = false) { if (SensitiveIO::isPositiveInteger($this->_dbID) && $this->_file) { $table = $this->_getDataTableName(RESOURCE_LOCATION_USERSPACE, $public); //Copy linked file //In new file name, delete reference to old page and add refernce to new one $_newFilename = "p" . $destinationPage->getID() . io::substr($this->_file, io::strpos($this->_file, "_"), io::strlen($this->_file)); if (@is_file(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file) && @copy(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename) && @chmod(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename, octdec(FILES_CHMOD))) { //Public if ($public) { if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename, octdec(FILES_CHMOD))) { $this->raiseError("Duplicate, copy of new file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename); } } $_newEnlargedFilename = ''; //With enlarged file if ($this->_enlargedFile != '') { $_newEnlargedFilename = "p" . $destinationPage->getID() . io::substr($this->_enlargedFile, io::strpos($this->_enlargedFile, "_"), io::strlen($this->_enlargedFile)); //Edited if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_enlargedFile, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename, octdec(FILES_CHMOD))) { $this->raiseError("Duplicate, copy of new enlarged file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename); } //Public if ($public) { if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $this->_enlargedFile, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename, octdec(FILES_CHMOD))) { $this->raiseError("Duplicate, copy of new enlarged file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename); } } } //Save new datas $str_set = "\n\t\t\t\t\t\tpage='" . $destinationPage->getID() . "',\n\t\t\t\t\t\tclientSpaceID='" . $this->_clientSpaceID . "',\n\t\t\t\t\t\trowID='" . $this->_rowID . "',\n\t\t\t\t\t\tblockID='" . $this->_tagID . "',\n\t\t\t\t\t\tlabel='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($this->_label)) . "',\n\t\t\t\t\t\tfile='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($_newFilename)) . "',\n\t\t\t\t\t\texternalLink='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($this->_externalLink)) . "',\n\t\t\t\t\t\tenlargedFile='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($_newEnlargedFilename)) . "'\n\t\t\t\t"; $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\t" . $table . "\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t"; $q = new CMS_query($sql); if (!$q->hasError()) { //Table Edition $sql = "\n\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t" . $this->_getDataTableName(RESOURCE_LOCATION_EDITION, false) . "\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tid='" . $q->getLastInsertedID() . "',\n\t\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t\t"; $q = new CMS_query($sql); return !$q->hasError(); } else { $this->raiseError("Duplicate, SQL insertion of new filename failed : " . $sql); } } else { $this->raiseError("Duplicate, copy of file failed :" . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file); } } return false; }
/** * Writes the clientSpace into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { if ($this->_templateID && $this->_tagID) { $table = "mod_standard_clientSpaces"; $table .= $this->_editionMode ? "_edition" : "_edited"; //delete from table $sql = "\n\t\t\t\tdelete from\n\t\t\t\t\t" . $table . "\n\t\t\t\twhere\n\t\t\t\t\ttemplate_cs='" . $this->_templateID . "'\n\t\t\t\t\tand tagID_cs='" . SensitiveIO::sanitizeSQLString($this->_tagID) . "'\n\t\t\t"; $q = new CMS_query($sql); //insert new rows datas if any if (is_array($this->_rows) && $this->_rows) { $sql = "insert into\n\t\t\t\t\t\t\t" . $table . "\n\t\t\t\t\t\t\t(`template_cs`, `tagID_cs`, `rowsDefinition_cs`, `type_cs`, `order_cs`) \n\t\t\t\t\t\tVALUES "; $count = 0; foreach ($this->_rows as $order => $row) { if (SensitiveIO::isPositiveInteger($row->getID())) { $sql .= $count ? ',' : ''; $sql .= "('" . $this->_templateID . "', '" . SensitiveIO::sanitizeSQLString($this->_tagID) . "', '" . SensitiveIO::sanitizeSQLString($row->getTagID()) . "', '" . $row->getID() . "', '" . $order . "')"; $count++; } } $q = new CMS_query($sql); if ($q->hasError()) { return false; } } return true; } return false; }