public function __construct($id, CodeKBUser &$user)
{
$this->_id = $id;
$this->_user =& $user;
$db = new CodeKBDatabase();
$db->dosql("SELECT name, " . "entry, " . "fs_name, " . "size, " . "symbol, " . "highlight, " . "created, " . "modified " . "FROM files " . "WHERE id = {$db->number($this->_id)}");
if ($db->countrows() == 0) {
throw new CodeKBException(__METHOD__, "file", "nosuchfile");
}
$this->_entry = new CodeKBEntry($db->column("entry"), $this->_user);
if ($this->_user->entrycan("download", $this->_entry)) {
$this->_downloadable = true;
}
$this->_name = $db->column("name");
$this->_fsname = $db->column("fs_name");
$this->_size = $db->column("size");
$this->_symbol = $db->column("symbol");
$this->_highlight = $db->column("highlight");
$this->_created = $db->column("created");
$this->_modified = $db->column("modified");
// For mysql...
if ($this->_modified == "0000-00-00 00:00:00") {
$this->_modified = null;
}
}
public function addfile($file, $type, $symbol)
{
// return values
// 1 failed to upload
if (!$this->_user->entrycan("changeentry", $this)) {
return false;
}
global $HTTP_POST_FILES;
$fs_name = null;
if (is_uploaded_file($HTTP_POST_FILES[$file]['tmp_name'])) {
$fs_name = CodeKBFile::upload($file);
}
if (!$fs_name) {
throw new CodeKBException(__METHOD__, "file", "uploadfailed", null, 1);
} else {
$size = $HTTP_POST_FILES[$file]['size'];
}
$db = new CodeKBDatabase();
$db->start();
// We need a random id
$succ = false;
while ($succ == false) {
$id = mt_rand();
$db->dosql("SELECT id " . "FROM files " . "WHERE id = {$db->number($id)}");
if ($db->countrows() == 0) {
break;
}
}
$db->dosql("INSERT INTO files (id, entry, name, fs_name, size, symbol, highlight) " . "VALUES ({$db->number($id)}, " . "{$db->number($this->_id)}, " . "'{$db->string($HTTP_POST_FILES[$file]['name'])}', " . "'{$db->string($fs_name)}', " . "{$db->number($size)}, " . "'{$db->string($symbol)}', " . "'{$db->string($type)}')");
$db->commit();
if ($db->success()) {
return $id;
}
// Insert failed so remove zombie file
$file = new CodeKBFile($id, $this->_user);
$file->delete();
unset($file);
throw new CodeKBException(__METHOD__, "entry", "fileaddfailed");
}
function showsearch()
{
global $lang;
global $conf;
global $site;
global $user;
$site->title($lang['search']['results']);
$site->addfooter("search.php", "search", $lang['search']['extended']);
if ($_POST['cancel']) {
redirect("category.php");
}
if (!$_POST['query'] && !$_POST['author'] && !$_POST['cats']) {
$site->addcontent(notice($lang['search']['noquery']));
return false;
}
$start_search = microtime(true);
$db = new CodeKBDatabase();
$searchquery = buildsearchquery($db->type());
try {
$db->dosql($searchquery);
} catch (Exception $e) {
$site->addcontent(notice($lang['search']['wrongquery']));
}
$end_search = microtime(true);
$search = new CodeKBTemplate("search");
$search->push("extended", url("search.php", $lang['search']['extended']));
$text = phrasereplace($lang['search']['xresultsiny'], "%1%", $db->countrows());
$text = phrasereplace($text, "%2%", round($end_search - $start_search, 2));
$search->push("info", $text);
$resultcode = "";
while ($val = $db->row()) {
try {
$tmpentry = new CodeKBEntry($val['id'], $user);
unset($tmpentry);
} catch (Exception $e) {
continue;
}
$resultitem = new CodeKBTemplate("result");
$content = url("entry.php?id=" . $val['id'], icon($val['symbol'], $val['name'])) . " \n";
$content .= url("entry.php?id=" . $val['id'], htmlentities($val['name']), $val['name']);
$resultitem->push("title", $content);
$content = $db->datetime($val['created']) . " (" . htmlentities($val['author']) . ")";
$resultitem->push("subtitle", $content);
$resultitem->push("description", htmlentities($val['description']));
$resultcode .= $resultitem->__toString();
unset($resultitem);
}
$search->push("results", $resultcode);
$site->addcontent($search);
return true;
}
public function register($name, $pass)
{
// return values
// 1 duplicate user
$pass = sha1($pass);
global $lang;
if ($name == $lang['admin']['nobody']) {
throw new CodeKBException(__METHOD__, "admin", "duplicateuser", $name, 1);
}
$db = new CodeKBDatabase();
$db->start();
$db->dosql("SELECT id " . "FROM users " . "WHERE name = '{$db->string($name)}'");
if ($db->countrows() > 0) {
$db->abort();
throw new CodeKBException(__METHOD__, "admin", "duplicateuser", $name, 1);
}
// We need a random id
$succ = false;
while ($succ == false) {
$id = mt_rand();
$db->dosql("SELECT id " . "FROM users " . "WHERE id = {$db->number($id)}");
if ($db->countrows() == 0) {
break;
}
}
$db->dosql("INSERT INTO users (id, name, pass) " . "VALUES ({$db->number($id)}, " . "'{$db->string($name)}', " . "'{$db->string($pass)}')");
$db->commit();
if ($db->success()) {
return true;
}
throw new CodeKBException(__METHOD__, "admin", "failedadduser", $name);
}
public function joingroup($user, $group)
{
// return values
// 1 already in group
$db = new CodeKBDatabase();
$db->start();
$db->dosql("SELECT userid " . "FROM group_user " . "WHERE userid = {$db->number($user)} AND " . "groupid = {$db->number($group)}");
if ($db->countrows() > 0) {
$db->abort();
throw new CodeKBException(__METHOD__, "admin", "alreadyingroup", null, 1);
}
$db->dosql("INSERT INTO group_user (groupid, userid) " . "VALUES ({$db->number($group)}, " . "{$db->number($user)})");
$db->commit();
if ($db->success()) {
return true;
}
throw new CodeKBException(__METHOD__, "admin", "failedjoin");
}
public function change($name, $description, $parent = -1)
{
// return values
// 1 child cannot be parent
// 2 duplicate category
if (!$this->_user->can("changecat", $this)) {
return false;
}
$db = new CodeKBDatabase();
$db->start();
if ($parent == -1) {
$db->dosql("SELECT parent " . "FROM categories " . "WHERE id = {$db->number($this->_id)}");
$parent = $db->column("parent");
} else {
$i = $parent;
if ($i == $this->_id) {
throw new CodeKBException(__METHOD__, "category", "childnoparent", $name, 1);
}
while ($i != 0) {
$db->dosql("SELECT parent " . "FROM categories " . "WHERE id = {$db->number($i)}");
$i = $db->column("parent");
if ($i == $this->_id) {
$db->abort();
throw new CodeKBException(__METHOD__, "category", "childnoparent", $name, 1);
}
}
}
$db->dosql("SELECT id " . "FROM categories " . "WHERE parent = {$db->number($parent)} AND " . "id <> {$db->number($this->_id)} AND " . "name = '{$db->string($name)}'");
if ($db->countrows() > 0) {
$db->abort();
throw new CodeKBException(__METHOD__, "category", "duplicate", $name, 2);
}
$db->dosql("UPDATE categories " . "SET name = '{$db->string($name)}', " . "description = '{$db->string($description)}', " . "parent = {$db->number($parent)} " . "WHERE id = {$db->number($this->_id)}");
$db->commit();
if ($db->success()) {
$this->_name = $name;
$this->_description = $description;
if ($parent != -1) {
$this->_parent = $parent;
}
return true;
}
$db->abort();
throw new CodeKBException(__METHOD__, "category", "failedchange", $name);
}
