function metacomplete(folksoQuery $q, folksoWsseCreds $cred, folksoDBconnect $dbc)
{
$i = new folksoDBinteract($dbc);
if ($i->db_error()) {
header('HTTP/1.1 501 Database error');
die($i->error_info());
}
$sql = "select tagdisplay " . " from metatag " . " where " . " tagnorm like '" . $i->dbescape(strtolower($q->get_param('q'))) . "%'";
$i->query($sql);
switch ($i->result_status) {
case 'DBERR':
header('HTTP/1.1 501 Database query error');
die($i->error_info());
break;
case 'NOROWS':
header('HTTP/1.1 204 No matching tags');
return;
break;
case 'OK':
header('HTTP/1.1 200 OK I guess');
while ($row = $i->result->fetch_object()) {
/** For entirely numeric tags, we enclose them in quotes so that
they can be treated as text instead of as ids. **/
if (is_numeric($row->tagdisplay)) {
print '"' . $row->tagdisplay . '"' . "\n";
} else {
print $row->tagdisplay . "\n";
}
}
break;
}
}
function autocomplete(folksoQuery $q, folksoDBconnect $dbc, folksoSession $fks)
{
$i = new folksoDBinteract($dbc);
$r = new folksoResponse();
if ($i->db_error()) {
$r->dbConnectionError($i->error_info());
return $r;
}
$sql = "SELECT tagdisplay " . "FROM tag " . "WHERE tagnorm like '" . $i->dbescape(strtolower($q->get_param('q'))) . "%'";
$i->query($sql);
switch ($i->result_status) {
case 'DBERR':
$r->dbQueryError($i->error_info());
return $r;
break;
case 'NOROWS':
$r->setOk(204, 'No matching tags');
return $r;
break;
case 'OK':
$r->setOk(200, 'OK I guess');
while ($row = $i->result->fetch_object()) {
/** For entirely numeric tags, we enclose them in quotes so that
they can be treated as text instead of as ids. **/
if (is_numeric($row->tagdisplay)) {
$r->t('"' . $row->tagdisplay . '"' . "\n");
} else {
$r->t($row->tagdisplay . "\n");
}
}
return $r;
break;
}
}
/**
* writes new user to DB. Should only be used for new users. Do not
* use for existing users, which will throw exceptions.
*/
public function writeNewUser()
{
if (!$this->Writeable()) {
throw new Exception('User object is not writeable, cannot write to DB');
}
if ($this->exists($this->loginId)) {
throw new Exception('User already exists, cannot be created');
}
$i = new folksoDBinteract($this->dbc);
if ($i->db_error()) {
throw new Exception('DB connect error: ' . $i->error_info());
}
$i->sp_query(sprintf("call create_user(" . "'%s', '%s', '%s', '%s', '', %d, '%s', '%s', '%s')", $i->dbescape($this->nick), $i->dbescape($this->firstName), $i->dbescape($this->lastName), $i->dbescape($this->email), $i->dbescape($this->loginId), $i->dbescape($this->institution), $i->dbescape($this->pays), $i->dbescape($this->fonction)));
if ($i->result_status == 'DBERR') {
throw new Exception('DB query error on create FB user: ' . $i->error_info());
}
}
/**
* Just a list of tags
*/
function getMyTags(folksoQuery $q, folksoDBconnect $dbc, folksoSession $fks)
{
$r = new folksoResponse();
$u = $fks->userSession();
if (!$u instanceof folksoUser) {
if (!$q->is_param('uid')) {
return $r->unAuthorized($u);
// add message about logging in?
} else {
$userid = $q->get_param('uid');
}
}
$userid = $userid ? $userid : $u->userid;
try {
$i = new folksoDBinteract($dbc);
$sql = sprintf(' select t.tagnorm, t.id, t.tagdisplay, count(te.tag_id) as cnt, tagtime' . ' from tag t ' . ' join tagevent te on t.id = te.tag_id ' . " where te.userid = '%s' " . ' group by t.tagnorm ' . ' order by tagtime ' . ' limit 50', $i->dbescape($userid));
$i->query($sql);
} catch (dbException $e) {
return $r->handleDBexception($e);
}
if ($i->rowCount == 0) {
return $r->setOk(204, 'No tags found');
}
$r->setOk(200, 'Tags found');
$df = new folksoDisplayFactory();
if ($q->content_type() == 'json') {
$disp = $df->json(array('resid', 'tagnorm', 'link', 'tagdisplay', 'count'));
} else {
$disp = $df->simpleTagList('xml');
}
$r->t($disp->startform());
while ($row = $i->result->fetch_object()) {
$link = new folksoTagLink($row->tagnorm);
$r->t($disp->line(htmlspecialchars($row->id), htmlspecialchars($row->tagnorm), htmlspecialchars($link->getLink()), htmlspecialchars($row->tagdisplay), htmlspecialchars($row->cnt)));
}
$r->t($disp->endform());
return $r;
}
/**
* Load user data from session id (cookie). Retuns folksoUser
* obj. Caches the fkUser object. We might consider a "force reload"
* option if there were a reason for it. This also means that if the
* arguments (sid) change, the data returned will not. This should
* not be a problem though.
*
* @param $sid Session ID.
* @return folksoUser obj or false if user not found
*/
public function userSession($sid = null, $service = null, $right = null)
{
if ($this->user instanceof folksoUser) {
return $this->user;
}
$sid = $sid ? $sid : $this->sessionId;
if ($this->validateSid($sid) === false) {
return false;
// exception?
}
$i = new folksoDBinteract($this->dbc);
$sql = '';
if (is_null($service) || is_null($right)) {
$sql = 'select u.nick as nick, u.firstname as firstname, ' . ' u.lastname as lastname, u.email as email, u.userid as userid' . ' from sessions s ' . ' join users u on u.userid = s.userid ' . " where s.token = '" . $sid . "'" . " and s.started > now() - 1209600 ";
} else {
$sql = 'select u.nick as nick, u.firstname as firstname, ' . ' u.lastname as lastname, u.email as email, u.userid as userid, ' . ' dr.rightid, dr.service ' . ' from sessions s ' . ' join users u on u.userid = s.userid ' . ' left join users_rights ur on ur.userid = s.userid ' . ' left join rights dr on dr.rightid = ur.rightid ' . " where s.token = '" . $i->dbescape($sid) . "' " . " and dr.rightid = '" . $i->dbescape($right) . "' " . " and s.started > now() - 1209600 ";
}
$this->debug = $sql;
$i->query($sql);
if ($i->result_status == 'OK') {
$u = new folksoUser($this->dbc);
$res = $i->result->fetch_object();
$u->loadUser(array('nick' => $res->nick, 'firstname' => $res->firstname, 'lastname' => $res->lastname, 'email' => $res->email, 'userid' => $res->userid));
if ($right && $service && $res->rightid == $right && $res->service == $service) {
$this->debug2 = 'we r here';
$u->rights->addRight(new folksoRight($res->service, $res->rightid));
}
return $u;
} else {
return false;
}
}
/**
* rename tag
*
* rename, newname
*
*/
function renameTag(folksoQuery $q, folksoDBconnect $dbc, folksoSession $fks)
{
$r = new folksoResponse();
$u = $fks->userSession(null, 'folkso', 'admin');
if (!$u instanceof folksoUser || !$u->checkUserRight('folkso', 'admin')) {
return $r->unAuthorized($u);
}
try {
$i = new folksoDBinteract($dbc);
if (!$i->tagp($q->tag)) {
$r->setError(404, 'Tag not found', 'Nothing to rename. No such tag: ' . $q->tag);
return $r;
}
$query = "UPDATE tag\n SET tagdisplay = '" . $i->dbescape($q->get_param('newname')) . "', " . "tagnorm = normalize_tag('" . $i->dbescape($q->get_param('newname')) . "') " . "where ";
if (is_numeric($q->tag)) {
$query .= " id = " . $q->tag;
} else {
$query .= " tagnorm = normalize_tag('" . $i->dbescape($q->tag) . "')";
}
$i->query($query);
} catch (dbException $e) {
return $r->handleDBexception($e);
}
$r->setOk(204, 'Tag renamed');
return $r;
}
function buildWhere($first, $inside, $tagp, folksoDBinteract $i)
{
$where = '';
if (strlen($first) > 0) {
$where = " (uri_normal LIKE 'fabula.org/" . $i->dbescape($first) . "%') \n";
if (strlen($inside) > 0) {
$where .= " AND \n";
}
}
if (strlen($inside) > 0) {
$where .= " (uri_normal LIKE '%" . $i->dbescape($inside) . "%') ";
}
// when there are no arguments, we list everything.
if (strlen($inside) == 0 && strlen($first) == 0) {
$where = " (1 = 1) ";
}
switch ($tagp) {
case 'all':
return $where;
// we are done
break;
case 'notags':
$where .= " AND " . " ((SELECT COUNT(*) FROM tagevent teee " . " WHERE teee.resource_id = r.id) = 0) \n";
break;
case 'tags':
$where .= " AND " . " ((SELECT COUNT(*) FROM tagevent teee " . " WHERE teee.resource_id = r.id) > 0) \n";
break;
default:
return $where;
}
return $where;
}
/**
* Returns an xml list of resources associated with the same ean-13 as
* the selected resource
*
* Web params: GET, folksores, folksoean13list
*/
function resEans(folksoQuery $q, folksoDBconnect $dbc, folksoSession $fks)
{
$r = new folksoResponse();
try {
$i = new folksoDBinteract($dbc);
if ($i->db_error()) {
$r->dbConnectionError($i->error_info());
return $r;
}
$rq = new folksoResQuery();
$sql = $rq->resEans($i->dbescape($q->res));
$i->query($sql);
} catch (dbConnectionException $e) {
$r->dbConnectionError($e->getMessage());
return $r;
} catch (dbQueryException $e) {
$r->dbQueryError($e->getMessage() . $e->sqlquery);
return $r;
}
switch ($i->result_status) {
case 'NOROWS':
$r->setError(404, 'Resource not found', "The requested resource is not present in the database.\n" . " Maybe it has not been indexed yet, or an erroneous identifier " . " was used. ");
return $r;
break;
case 'OK':
if ($i->result->num_rows == 1) {
$r->setError(404, 'No EAN-13 data associated with this resource', "There is no EAN-13 data yet for the resource " . $q->res . ".");
return $r;
} else {
$r->setOk(200, 'EAN-13 data found');
}
}
$title_line = $i->result->fetch_object();
/**popping the title that
we are not using, but
we could if we needed
too (see note in ResQuery)
**/
$df = new folksoDisplayFactory();
$dd = $df->associatedEan13resources();
$dd->activate_style('xml');
$r->t($dd->startform());
while ($row = $i->result->fetch_object()) {
$r->t($dd->line($row->id, $row->url, $row->title));
}
$r->t($dd->endform());
return $r;
}
/**
* @param
*/
public function loadAllRights()
{
$i = new folksoDBinteract($this->dbc);
$i->query('select ur.rightid, r.service ' . ' from users_rights ur ' . ' join rights r on r.rightid = ur.rightid ' . " where userid = '" . $i->dbescape($this->userid) . "' ");
while ($row = $i->result->fetch_object()) {
if (!$this->rights->checkRight($row->service, $row->rightid)) {
$this->rights->addRight(new folksoRight($row->service, $row->rightid));
}
}
}
