public static function setPermissionsOnEntryForGroup($author_id, $entry_id, $group_id, $group_access_options) { $ega = new EntryGroupAccess(); $ega->setSafe('author_id', $author_id); $ega->setSafe('entry_id', $entry_id); $ega->setSafe('group_id', $group_id); $unused_perms = array('can_view' => 0, 'can_edit' => 1, 'can_delete' => 2, 'can_manage_access' => 3); if ($group_access_options) { foreach ($group_access_options as $opt) { $ega->set(Query::clean($opt), 1); unset($unused_perms[$opt]); } } $unused_perms = array_flip($unused_perms); foreach ($unused_perms as $opt) { $ega->set(Query::clean($opt), 0); } $ega->replace(); $ega->save(); }
protected function getParams() { // TOTO: Rewrite this as a select from a temporary table populated by a select on the ss_system_data table $key = Query::clean(Application::param('key')); $sql = <<<EOF \t\t\tSELECT ss_system.key, \t\t\tapi_key.value AS api_key, \t\t\tmethod.value AS method, \t\t\tuser_id.value AS user_id, \t\t\tphotoset_id.value AS photoset_id, \t\t\tdisplay.value AS display, \t\t\ttags.value AS tags, \t\t\ttag_mode.value AS tag_mode, \t\t\tsort.value AS sort, \t\t\textras.value AS extras, \t\t\tper_page.value AS per_page, \t\t\tformat.value AS format, \t\t\twidth.value AS width, \t\t\theight.value AS height, \t\t\tfade_speed.value AS fade_speed, \t\t\ttimeout_interval.value AS timeout_interval \t\t\tFROM ss_system \t\t\tJOIN ss_system_type ON ss_system.system_type_id=ss_system_type.system_type_id \t\t\tJOIN ss_system_data AS api_key ON api_key.key = 'api_key' AND ss_system.system_id=api_key.system_id \t\t\tJOIN ss_system_data AS method ON method.key='method' AND ss_system.system_id=method.system_id \t\t\tJOIN ss_system_data AS user_id ON user_id.key='user_id' AND ss_system.system_id=user_id.system_id \t\t\tJOIN ss_system_data AS photoset_id ON photoset_id.key='photoset_id' AND ss_system.system_id=photoset_id.system_id \t\t\tJOIN ss_system_data AS display ON display.key='display' AND ss_system.system_id= display.system_id \t\t\tJOIN ss_system_data AS tags ON tags.key='tags' AND ss_system.system_id= tags.system_id \t\t\tJOIN ss_system_data AS tag_mode ON tag_mode.key='tag_mode' AND ss_system.system_id= tag_mode.system_id \t\t\tJOIN ss_system_data AS sort ON sort.key='sort' AND ss_system.system_id= sort.system_id \t\t\tJOIN ss_system_data AS extras ON extras.key='extras' AND ss_system.system_id= extras.system_id \t\t\tJOIN ss_system_data AS per_page ON per_page.key='per_page' AND ss_system.system_id= per_page.system_id \t\t\tJOIN ss_system_data AS format ON format.key='format' AND ss_system.system_id= format.system_id \t\t\tJOIN ss_system_data AS width ON width.key='width' AND ss_system.system_id= width.system_id \t\t\tJOIN ss_system_data AS height ON height.key='height' AND ss_system.system_id= height.system_id \t\t\tJOIN ss_system_data AS fade_speed ON fade_speed.key='fade_speed' AND ss_system.system_id= fade_speed.system_id \t\t\tJOIN ss_system_data AS timeout_interval ON timeout_interval.key='timeout_interval' AND ss_system.system_id= timeout_interval.system_id \t\t\tWHERE ss_system.key = '{$key}' LIMIT 0,1 EOF; //echo "<br />DEBUG \$sql == $sql<br />\n"; $system_query = SimpleQuery::create($sql); // Set the params $params = array(); //echo "<br />DEBUG api_key: ".$system_query->fieldValue('api_key')."<br />\n"; if ($key = Query::clean(Application::param('key'))) { $params['key'] = $key; } else { $params['key'] = $system_query->fieldValue('key'); } if ($api_key = Query::clean(Application::param('api_key'))) { $params['api_key'] = $api_key; } else { $params['api_key'] = $system_query->fieldValue('api_key'); } if ($method = Query::clean(Application::param('method'))) { $params['method'] = $method; } else { $params['method'] = $system_query->fieldValue('method'); } if ($user_id = Query::clean(Application::param('user_id'))) { $params['user_id'] = $user_id; } else { $params['user_id'] = $system_query->fieldValue('user_id'); } if ($photoset_id = Query::clean(Application::param('photoset_id'))) { $params['photoset_id'] = $photoset_id; } else { $params['photoset_id'] = $system_query->fieldValue('photoset_id'); } if ($display = Query::clean(Application::param('display'))) { $params['display'] = $display; } else { $params['display'] = $system_query->fieldValue('display'); } if ($tags = Query::clean(Application::param('tags'))) { $params['tags'] = $tags; } else { $params['tags'] = $system_query->fieldValue('tags'); } if ($tag_mode = Query::clean(Application::param('tag_mode'))) { $params['tag_mode'] = $tag_mode; } else { $params['tag_mode'] = $system_query->fieldValue('tag_mode'); } if ($sort = Query::clean(Application::param('sort'))) { $params['sort'] = $sort; } else { $params['sort'] = $system_query->fieldValue('sort'); } if ($extras = Query::clean(Application::param('extras'))) { $params['extras'] = $extras; } else { $params['extras'] = $system_query->fieldValue('extras'); } if ($per_page = Query::clean(Application::param('per_page'))) { $params['per_page'] = $per_page; } else { $params['per_page'] = $system_query->fieldValue('per_page'); } if ($format = Query::clean(Application::param('format'))) { $params['format'] = $format; } else { $params['format'] = $system_query->fieldValue('format'); } if ($width = Query::clean(Application::param('width'))) { $params['width'] = $width; } else { $params['width'] = $system_query->fieldValue('width'); } if ($height = Query::clean(Application::param('height'))) { $params['height'] = $height; } else { $params['height'] = $system_query->fieldValue('height'); } if ($fade_speed = Query::clean(Application::param('fade_speed'))) { $params['fade_speed'] = $fade_speed; } else { $params['fade_speed'] = $system_query->fieldValue('fade_speed'); } if ($timeout_interval = Query::clean(Application::param('timeout_interval'))) { $params['timeout_interval'] = $timeout_interval; } else { $params['timeout_interval'] = $system_query->fieldValue('timeout_interval'); } return $params; }
/** * Called by the {@link save()} method to update the object * @param vars - (optional) An array of key,value pairs to be assigned * for this object * @access protected * @see insert,save */ protected function update($vars = '') { if (!$this->table->tainted()) { if ($vars) { $this->parse($vars); } $query = new UpdateQuery($this->tableName()); $fields = $this->table()->fields(); foreach ($fields as $cur_field) { if ($cur_field->requiresUpdate() && !$cur_field->key()) { if (!$cur_field->isSetted()) { $value = Query::clean($cur_field->value()); } else { $value = $cur_field->value(); } $query->updateField($cur_field->name(), $value, $cur_field->getQuotes()); $cur_field->updated(); } } $query->setClause($this->uniqueClause()); $query->doQuery(); $this->clearQueryCache(); //$this->table->refresh(); $ret = true; } else { $this->taintException(); } return $ret; }
/** * Add a condition securing first against SQL injection * */ public function addConditionSafe($part1, $part2, $type = '', $relate_to = '', $relate_how = '') { $this->addCondition(Query::clean($part1), Query::clean($part2), $type, $relate_to, $relate_how); }