/** * Sets the string value. * * @param string $value the string value to set * @return boolean true on success, false on failure * @access public */ function setValue($value) { //add some complementary checks on values if ($value && io::strlen($value) > 255) { $this->raiseError("Setting a too long string for string value : max 255 cars, set : " . io::strlen($value)); return false; } $this->_value = $value; return true; }
/** * Creates compressed file by compressing raw data contained into $this->CMS_archive * * @return true on success, false on failure */ function create_tar() { $pwd = getcwd(); chdir($this->options['basedir']); foreach ($this->files as $current) { if ($current['name'] == $this->options['name']) { continue; } if (io::strlen($current['name2']) > 99) { $path = io::substr($current['name2'], 0, io::strpos($current['name2'], "/", io::strlen($current['name2']) - 100) + 1); $current['name2'] = io::substr($current['name2'], io::strlen($path)); if (io::strlen($path) > 154 || io::strlen($current['name2']) > 99) { $this->raiseError("Could not add {$path}{$current['name2']} to archive because the filename is too long."); continue; } } $block = pack("a100a8a8a8a12a12a8a1a100a6a2a32a32a8a8a155a12", $current['name2'], decoct($current['stat'][2]), sprintf("%6s ", decoct($current['stat'][4])), sprintf("%6s ", decoct($current['stat'][5])), sprintf("%11s ", decoct($current['stat'][7])), sprintf("%11s ", decoct($current['stat'][9])), " ", $current['type'], "", "ustar", "00", "Unknown", "Unknown", "", "", !empty($path) ? $path : "", ""); $checksum = 0; for ($i = 0; $i < 512; $i++) { $checksum += ord(io::substr($block, $i, 1)); } $checksum = pack("a8", sprintf("%6s ", decoct($checksum))); $block = substr_replace($block, $checksum, 148, 8); if ($current['stat'][7] == 0) { $this->add_data($block); } else { if ($fp = @fopen($current['name'], "rb")) { $this->add_data($block); while ($temp = fread($fp, 1048576)) { $this->add_data($temp); } if ($current['stat'][7] % 512 > 0) { $temp = ""; for ($i = 0; $i < 512 - $current['stat'][7] % 512; $i++) { $temp .= ""; } $this->add_data($temp); } fclose($fp); } else { $this->raiseError("Could not open file {$current['name']} for reading. It was not added."); } } } $this->add_data(pack("a512", "")); chdir($pwd); return true; }
/** * Search groups * Static function. * * @param string search : search group by lastname, firstname or login * @param string letter : search group by first lastname letter * @param integer userId : search group which user belongs to * @param string order : order by fieldname (without suffix). default : label * @param integer start : search start offset * @param integer limit : search limit (default : 0 : unlimited) * @param boolean returnObjects : return CMS_profile_usersGroup objects (default) or array of groupId * @return array(CMS_profile_usersGroup) * @access public */ static function search($search = '', $letter = '', $userId = false, $groupsIds = array(), $order = '', $direction = 'asc', $start = 0, $limit = 0, $returnObjects = true, &$score = array()) { $start = (int) $start; $limit = (int) $limit; $direction = in_array(io::strtolower($direction), array('asc', 'desc')) ? io::strtolower($direction) : 'asc'; $keywordsWhere = $letterWhere = $groupWhere = $orderClause = $orderBy = ''; $select = 'id_prg'; if ($search) { //clean user keywords (never trust user input, user is evil) $keyword = strtr($search, ",;", " "); $words = array(); $words = array_map("trim", array_unique(explode(" ", io::strtolower($keyword)))); $cleanedWords = array(); foreach ($words as $aWord) { if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) { $aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord); $cleanedWords[] = $aWord; } } if (!$cleanedWords) { //if no words after cleaning, return return array(); } foreach ($cleanedWords as $cleanedWord) { $keywordsWhere .= $keywordsWhere ? ' and ' : ''; $keywordsWhere .= " label_prg like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'"; } //$keywordsWhere = ' ('; $select .= " , MATCH (label_prg, description_prg) AGAINST ('" . sensitiveIO::sanitizeSQLString($search) . "') as m "; $keywordsWhere = " (MATCH (label_prg, description_prg) AGAINST ('" . sensitiveIO::sanitizeSQLString($search) . "') or (" . $keywordsWhere . "))"; } if ($letter && io::strlen($letter) === 1) { $letterWhere .= $keywordsWhere ? ' and ' : ''; $letterWhere .= " label_prg like '" . sensitiveIO::sanitizeSQLString($letter) . "%'"; } if ($userId && sensitiveIO::isPositiveInteger($userId)) { $userGroups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($userId, true); if (!$userGroups) { return array(); } $groupWhere .= $keywordsWhere || $letterWhere ? ' and ' : ''; $groupWhere .= " id_prg in (" . implode(',', $userGroups) . ")"; } if ($groupsIds) { $groupWhere .= $keywordsWhere || $letterWhere || $groupWhere ? ' and ' : ''; $groupWhere .= " id_prg in (" . sensitiveIO::sanitizeSQLString(implode(',', $groupsIds)) . ")"; } if ($order != 'score') { if ($order) { $found = false; $sql = "DESCRIBE profilesUsersGroups"; $q = new CMS_query($sql); while ($field = $q->getValue('Field')) { if ($field == $order . '_prg') { $found = true; } } if ($found) { $orderBy = $order . '_prg'; } else { $orderBy = 'label_prg'; } } else { $orderBy = 'label_prg'; } if ($orderBy) { $orderClause = "order by\n\t\t\t\t\t" . $orderBy . "\n\t\t\t\t\t" . $direction; } } else { $orderClause = " order by m " . $direction; } $sql = "\n\t\t\tselect\n\t\t\t\t" . $select . "\n\t\t\tfrom\n\t\t\t\tprofilesUsersGroups\n\t\t\t" . ($keywordsWhere || $letterWhere || $groupWhere ? 'where' : '') . "\n\t\t\t" . $keywordsWhere . "\n\t\t\t" . $letterWhere . "\n\t\t\t" . $groupWhere . "\n\t\t\t" . $orderClause . "\n\t\t"; if ($limit) { $sql .= "limit \n\t\t\t\t" . $start . ", " . $limit; } $q = new CMS_query($sql); //pr($sql); //pr($q->getNumRows()); $groups = array(); while ($r = $q->getArray()) { $id = $r['id_prg']; //set match score if exists if (isset($r['m'])) { $score[$id] = $r['m']; } if ($returnObjects) { $group = CMS_profile_usersGroupsCatalog::getById($id); if (is_a($group, "CMS_profile_usersGroup") && !$group->hasError()) { $groups[] = $group; } } else { $groups[] = $id; } } return $groups; }
/** * Check validity format of a given right * * @param string the right to check * format : * r read (and execute if it's a folder) * w read and write (and execute if it's a folder) * x read+write+execute * XXX unix chmod octal value (ex : 664, 775, etc.) * @return boolean true on success, false on failure * @access private */ protected function _checkRightFormat($right) { if (is_numeric($right)) { if (io::strlen($right) != 3) { return false; } else { $rights = preg_split('//', $right, -1, PREG_SPLIT_NO_EMPTY); foreach ($rights as $aRight) { if ($aRight > 7) { return false; } } } } else { if ($right != 'r' && $right != 'w' && $right != 'x') { return false; } } return true; }
/** * Get field search SQL request (used by class CMS_object_search) * * @param integer $fieldID : this field id in object (aka $this->_field->getID()) * @param mixed $value : the value to search * @param string $operator : additionnal search operator * @param string $where : where clauses to add to SQL * @param boolean $public : values are public or edited ? (default is edited) * @return string : the SQL request * @access public */ function getFieldSearchSQL($fieldID, $value, $operator, $where, $public = false) { $supportedOperator = array('like', '!=', '=', 'any', 'all', 'phrase', 'beginswith'); $supportedOperatorForArray = array('in', 'not in', 'any', 'all'); // No operator : use default search if (!$operator) { return parent::getFieldSearchSQL($fieldID, $value, $operator, $where, $public); } // Check supported operators if ($operator && !in_array($operator, array_merge($supportedOperator, $supportedOperatorForArray))) { $this->raiseError("Unknown search operator : " . $operator . ", use default search instead"); $operator = false; } // Check operators for array value if (is_array($value) && $operator && !in_array($operator, $supportedOperatorForArray)) { $this->raiseError("Can't use this operator : " . $operator . " with an array value, return empty sql"); return ''; } $statusSuffix = $public ? "_public" : "_edited"; $cleanedWords = array(); if (is_array($value)) { if ($operator == 'any' || $operator == 'all') { // in this case, we do a specific cleanup foreach ($value as $i => $val) { $cleanedWords[] = str_replace(array('%', '_'), array('\\%', '\\_'), $val); } } else { foreach ($value as $i => $val) { $value[$i] = "'" . SensitiveIO::sanitizeSQLString($val) . "'"; } $value = '(' . implode(',', $value) . ')'; } } elseif (strtolower($value) == 'null') { $value = "''"; } else { if ($operator == 'any' || $operator == 'all') { $words = array(); $words = array_map("trim", array_unique(explode(" ", $value))); foreach ($words as $aWord) { if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) { $aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord); $cleanedWords[] = $aWord; } } } elseif ($operator != 'phrase' && $operator != 'beginswith') { // we keep this for backward compatibility, where the user can specify his search with % at the beginning / end $value = "'" . SensitiveIO::sanitizeSQLString($value) . "'"; } } $whereClause = ''; switch ($operator) { case 'any': $whereClause .= '('; //then add keywords $count = '0'; foreach ($cleanedWords as $aWord) { $whereClause .= $count ? ' or ' : ''; $count++; $whereClause .= "value like '%" . $aWord . "%'"; if (htmlentities($aWord) != $aWord) { $whereClause .= " or value like '%" . htmlentities($aWord) . "%'"; } } $whereClause .= ')'; break; case 'all': $whereClause .= '('; //then add keywords $count = '0'; foreach ($cleanedWords as $aWord) { $whereClause .= $count ? ' and ' : ''; $count++; if (htmlentities($aWord) != $aWord) { $whereClause .= "(value like '%" . $aWord . "%' or value like '%" . htmlentities($aWord) . "%')"; } else { $whereClause .= "value like '%" . $aWord . "%'"; } } $whereClause .= ')'; break; case 'phrase': $value = str_replace(array('%', '_'), array('\\%', '\\_'), trim($value)); if (htmlentities($value) != $value) { $whereClause .= "(value like '%" . $value . "%' or value like '%" . htmlentities($value) . "%')"; } else { $whereClause .= "value like '%" . $value . "%'"; } break; case 'beginswith': $value = str_replace(array('%', '_'), array('\\%', '\\_'), trim($value)); if (htmlentities($value) != $value) { $whereClause .= "(value like '" . $value . "%' or value like '" . htmlentities($value) . "%')"; } else { $whereClause .= "value like '" . $value . "%'"; } break; default: $whereClause .= " value " . $operator . " " . $value; break; } $sql = "\n\t\t\tselect\n\t\t\t\tdistinct objectID\n\t\t\tfrom\n\t\t\t\tmod_subobject_text" . $statusSuffix . "\n\t\t\twhere\n\t\t\t\tobjectFieldID = '" . SensitiveIO::sanitizeSQLString($fieldID) . "'\n\t\t\t\tand " . $whereClause . "\n\t\t\t\t{$where}"; return $sql; }
/** * Duplicate this block * Used to duplicate a CMS_page. * * @param CMS_page $destinationPage, the page receiving a copy of this block * @param boolean $public The precision needed for USERSPACE location * @return CMS_block object */ function duplicate(&$destinationPage, $public = false) { if (SensitiveIO::isPositiveInteger($this->_dbID) && $this->_file) { $table = $this->_getDataTableName(RESOURCE_LOCATION_USERSPACE, $public); //Copy linked file //In new file name, delete reference to old page and add refernce to new one $_newFilename = "p" . $destinationPage->getID() . io::substr($this->_file, io::strpos($this->_file, "_"), io::strlen($this->_file)); if (@is_file(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file) && @copy(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename) && @chmod(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename, octdec(FILES_CHMOD))) { //Public if ($public) { if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename, octdec(FILES_CHMOD))) { $this->raiseError("Duplicate, copy of new file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename); } } $_newEnlargedFilename = ''; //With enlarged file if ($this->_enlargedFile != '') { $_newEnlargedFilename = "p" . $destinationPage->getID() . io::substr($this->_enlargedFile, io::strpos($this->_enlargedFile, "_"), io::strlen($this->_enlargedFile)); //Edited if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_enlargedFile, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename, octdec(FILES_CHMOD))) { $this->raiseError("Duplicate, copy of new enlarged file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename); } //Public if ($public) { if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $this->_enlargedFile, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename, octdec(FILES_CHMOD))) { $this->raiseError("Duplicate, copy of new enlarged file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename); } } } //Save new datas $str_set = "\n\t\t\t\t\t\tpage='" . $destinationPage->getID() . "',\n\t\t\t\t\t\tclientSpaceID='" . $this->_clientSpaceID . "',\n\t\t\t\t\t\trowID='" . $this->_rowID . "',\n\t\t\t\t\t\tblockID='" . $this->_tagID . "',\n\t\t\t\t\t\tlabel='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($this->_label)) . "',\n\t\t\t\t\t\tfile='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($_newFilename)) . "',\n\t\t\t\t\t\texternalLink='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($this->_externalLink)) . "',\n\t\t\t\t\t\tenlargedFile='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($_newEnlargedFilename)) . "'\n\t\t\t\t"; $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\t" . $table . "\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t"; $q = new CMS_query($sql); if (!$q->hasError()) { //Table Edition $sql = "\n\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t" . $this->_getDataTableName(RESOURCE_LOCATION_EDITION, false) . "\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tid='" . $q->getLastInsertedID() . "',\n\t\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t\t"; $q = new CMS_query($sql); return !$q->hasError(); } else { $this->raiseError("Duplicate, SQL insertion of new filename failed : " . $sql); } } else { $this->raiseError("Duplicate, copy of file failed :" . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file); } } return false; }
* * @package Automne * @subpackage admin * @author Sébastien Pauchet <*****@*****.**> */ require_once dirname(__FILE__) . '/../../cms_rc_admin.php'; //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_JSON); //This file is an admin file. Interface must be secure $view->setSecure(); $query = sensitiveIO::request('query', '', ''); $start = sensitiveIO::request('start', 'sensitiveIO::isPositiveInteger', 0); $limit = sensitiveIO::request('limit', 'sensitiveIO::isPositiveInteger', 10); if (!$query || io::strlen($query) < 3) { CMS_grandFather::raiseError('Missing query or query is too short : ' . $query); $view->show(); } //lauch search $results = CMS_search::getSearch($query, $cms_user, false, false); //pr($results); $pages = array(); $count = 0; if (isset($results['results']) && is_array($results['results'])) { foreach ($results['results'] as $result) { if ($count >= $start && sizeof($pages) < $limit) { $page = CMS_tree::getPageById($result); if ($page && !$page->hasError()) { $pages[] = array('pageId' => $page->getID(), 'title' => $page->getTitle() . ' (' . $page->getID() . ')', 'status' => $page->getStatus()->getHTML(true, $cms_user, MOD_STANDARD_CODENAME, $page->getID()), 'lineage' => CMS_tree::getLineage(APPLICATION_ROOT_PAGE_ID, $page->getID(), false)); } else {
/** * Return all the rows available * * @param CMS_profile_user $cms_user : restrict to user rights on modules (default : false) * @param integer $tplId : restrict to rows usable in given template (default : false) * @param string $csId : restrict to rows usable in given clientspace (default : false) * @param integer $start : start position * @param integer $limit : limit position * @param integer $count : number of rows found (passed by reference) * @access public */ static function getAll($includeInactive = false, $keyword = '', $groups = array(), $rowIds = array(), $user = false, $tplId = false, $csId = false, $start = 0, $limit = 0, $returnObjects = true, &$score = array()) { $select = 'id_row'; $where = ''; //keywords if ($keyword) { //clean user keywords (never trust user input, user is evil) $keyword = strtr($keyword, ",;", " "); $words = array(); $words = array_map("trim", array_unique(explode(" ", io::strtolower($keyword)))); $cleanedWords = array(); foreach ($words as $aWord) { if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) { $aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord); $cleanedWords[] = $aWord; } } if (!$cleanedWords) { //if no words after cleaning, return return array(); } $keywordWhere = ''; foreach ($cleanedWords as $cleanedWord) { $keywordWhere .= $keywordWhere ? ' and ' : ''; $keywordWhere .= " (\n\t\t\t\t\tdescription_row like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\tor label_row like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t)"; } $where .= $where ? ' and ' : ''; $where .= " ((" . $keywordWhere . ") or MATCH (label_row, description_row) AGAINST ('" . sensitiveIO::sanitizeSQLString($keyword) . "') )"; $select .= " , MATCH (label_row, description_row) AGAINST ('" . sensitiveIO::sanitizeSQLString($keyword) . "') as m "; } $sql = "\n\t\t\tselect\n\t\t\t\t" . $select . "\n\t\t\tfrom\n\t\t\t\tmod_standard_rows\n\t\t"; //groups if ($groups) { foreach ($groups as $group) { $where .= $where ? ' and ' : ''; $where .= " (\n\t\t\t\t\tgroupsStack_row='" . sensitiveIO::sanitizeSQLString($group) . "'\n\t\t\t\t\tor groupsStack_row like '%;" . sensitiveIO::sanitizeSQLString($group) . ";%'\n\t\t\t\t\tor groupsStack_row like '" . sensitiveIO::sanitizeSQLString($group) . ";%'\n\t\t\t\t\tor groupsStack_row like '%;" . sensitiveIO::sanitizeSQLString($group) . "'\n\t\t\t\t)"; } } //useable if (!$includeInactive) { $where .= $where ? ' and ' : ''; $where .= " useable_row=1 "; } //rowIds if ($rowIds) { $where .= $where ? ' and ' : ''; $where .= " id_row in (" . implode(',', $rowIds) . ") "; } if ($tplId) { $where .= $where ? ' and ' : ''; $where .= " (\n\t\t\t\ttplfilter_row=''\n\t\t\t\tor tplfilter_row='" . sensitiveIO::sanitizeSQLString($tplId) . "'\n\t\t\t\tor tplfilter_row like '%;" . sensitiveIO::sanitizeSQLString($tplId) . ";%'\n\t\t\t\tor tplfilter_row like '" . sensitiveIO::sanitizeSQLString($tplId) . ";%'\n\t\t\t\tor tplfilter_row like '%;" . sensitiveIO::sanitizeSQLString($tplId) . "'\n\t\t\t) "; } //user if (is_object($user) && !$user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) { $groupsDenied = $user->getRowGroupsDenied(); $groupsDenied = $groupsDenied->getElements(); if ($groupsDenied) { $where .= $where ? ' and (' : '('; foreach ($groupsDenied as $group) { $where .= " (\n\t\t\t\t\t\tgroupsStack_row != '" . sensitiveIO::sanitizeSQLString($group[0]) . "'\n\t\t\t\t\t\tand groupsStack_row not like '%;" . sensitiveIO::sanitizeSQLString($group[0]) . ";%'\n\t\t\t\t\t\tand groupsStack_row not like '" . sensitiveIO::sanitizeSQLString($group[0]) . ";%'\n\t\t\t\t\t\tand groupsStack_row not like '%;" . sensitiveIO::sanitizeSQLString($group[0]) . "'\n\t\t\t\t\t) and"; } //remove last "or" and append ) $where = io::substr($where, 0, -3) . ')'; } } $sql = $sql . ($where ? ' where ' . $where : ''); //order if (io::strpos($sql, 'MATCH') === false) { $sql .= " order by label_row "; } else { $sql .= " order by m desc "; } //limit if ($start || $limit) { $sql .= " limit " . sensitiveIO::sanitizeSQLString($start) . "," . sensitiveIO::sanitizeSQLString($limit); } //pr($sql); $q = new CMS_query($sql); $rows = array(); while ($r = $q->getArray()) { $id = $r['id_row']; //set match score if exists if (isset($r['m'])) { $score[$id] = $r['m']; } if ($returnObjects) { $row = new CMS_row($id); if (!$row->hasError()) { $rows[$row->getID()] = $row; } } else { $rows[$id] = $id; } } return $rows; }
/** * Creates compressed file by compressing raw data contained into $this->CMS_archive * * @return true on success, false on failure */ function create_zip() { $files = 0; $offset = 0; $central = ""; if (!empty($this->options['sfx'])) { if ($fp = @fopen($this->options['sfx'], "rb")) { $temp = fread($fp, filesize($this->options['sfx'])); fclose($fp); $this->add_data($temp); $offset += io::strlen($temp); unset($temp); } else { $this->raiseError("Could not open sfx module from {$this->options['sfx']}."); } } $pwd = getcwd(); chdir($this->options['basedir']); foreach ($this->files as $current) { if ($current['name'] == $this->options['name']) { continue; } // Special chars management $translate = array('Ç' => pack("C", 128), 'ü' => pack("C", 129), 'é' => pack("C", 130), 'â' => pack("C", 131), 'ä' => pack("C", 132), 'à ' => pack("C", 133), 'Ã¥' => pack("C", 134), 'ç' => pack("C", 135), 'ê' => pack("C", 136), 'ë' => pack("C", 137), 'è' => pack("C", 138), 'ï' => pack("C", 139), 'î' => pack("C", 140), 'ì' => pack("C", 141), 'Ä' => pack("C", 142), 'Ã…' => pack("C", 143), 'É' => pack("C", 144), 'æ' => pack("C", 145), 'Æ' => pack("C", 146), 'ô' => pack("C", 147), 'ö' => pack("C", 148), 'ò' => pack("C", 149), 'û' => pack("C", 150), 'ù' => pack("C", 151), 'Ö' => pack("C", 153), 'Ãœ' => pack("C", 154), '£' => pack("C", 156), 'Â¥' => pack("C", 157), 'Æ’' => pack("C", 159), 'á' => pack("C", 160), 'Ã' => pack("C", 161), 'ó' => pack("C", 162), 'ú' => pack("C", 163), 'ñ' => pack("C", 164), 'Ñ' => pack("C", 165)); $current['name2'] = strtr($current['name2'], $translate); $timedate = explode(" ", date("Y n j G i s", $current['stat'][9])); $timedate = $timedate[0] - 1980 << 25 | $timedate[1] << 21 | $timedate[2] << 16 | $timedate[3] << 11 | $timedate[4] << 5 | $timedate[5]; $block = pack("VvvvV", 0x4034b50, 0xa, 0x0, isset($current['method']) || $this->options['method'] == 0 ? 0x0 : 0x8, $timedate); if ($current['stat'][7] == 0 && $current['type'] == 5) { $block .= pack("VVVvv", 0x0, 0x0, 0x0, io::strlen($current['name2']) + 1, 0x0); $block .= $current['name2'] . "/"; $this->add_data($block); $central .= pack("VvvvvVVVVvvvvvVV", 0x2014b50, 0x14, $this->options['method'] == 0 ? 0x0 : 0xa, 0x0, isset($current['method']) || $this->options['method'] == 0 ? 0x0 : 0x8, $timedate, 0x0, 0x0, 0x0, io::strlen($current['name2']) + 1, 0x0, 0x0, 0x0, 0x0, $current['type'] == 5 ? 0x10 : 0x0, $offset); $central .= $current['name2'] . "/"; $files++; $offset += 31 + io::strlen($current['name2']); } else { if ($current['stat'][7] == 0) { $block .= pack("VVVvv", 0x0, 0x0, 0x0, io::strlen($current['name2']), 0x0); $block .= $current['name2']; $this->add_data($block); $central .= pack("VvvvvVVVVvvvvvVV", 0x2014b50, 0x14, $this->options['method'] == 0 ? 0x0 : 0xa, 0x0, isset($current['method']) || $this->options['method'] == 0 ? 0x0 : 0x8, $timedate, 0x0, 0x0, 0x0, io::strlen($current['name2']), 0x0, 0x0, 0x0, 0x0, $current['type'] == 5 ? 0x10 : 0x0, $offset); $central .= $current['name2']; $files++; $offset += 30 + io::strlen($current['name2']); } else { if ($fp = @fopen($current['name'], "rb")) { $temp = fread($fp, $current['stat'][7]); fclose($fp); $crc32 = crc32($temp); if (!isset($current['method']) && $this->options['method'] == 1) { $temp = gzcompress($temp, $this->options['level']); $size = io::strlen($temp) - 6; $temp = io::substr($temp, 2, $size); } else { $size = io::strlen($temp); } $block .= pack("VVVvv", $crc32, $size, $current['stat'][7], io::strlen($current['name2']), 0x0); $block .= $current['name2']; $this->add_data($block); $this->add_data($temp); unset($temp); $central .= pack("VvvvvVVVVvvvvvVV", 0x2014b50, 0x14, $this->options['method'] == 0 ? 0x0 : 0xa, 0x0, isset($current['method']) || $this->options['method'] == 0 ? 0x0 : 0x8, $timedate, $crc32, $size, $current['stat'][7], io::strlen($current['name2']), 0x0, 0x0, 0x0, 0x0, 0x0, $offset); $central .= $current['name2']; $files++; $offset += 30 + io::strlen($current['name2']) + $size; } else { $this->raiseError("Could not open file {$current['name']} for reading. It was not added."); } } } } $this->add_data($central); $this->add_data(pack("VvvvvVVv", 0x6054b50, 0x0, 0x0, $files, $files, io::strlen($central), $offset, !empty($this->options['comment']) ? io::strlen($this->options['comment']) : 0x0)); if (!empty($this->options['comment'])) { $this->add_data($this->options['comment']); } chdir($pwd); return true; }
/** * Sets the alternatives domains url. Can be empty. Will be riden of http://. * * @param string $url The url to set * @return boolean true on success, false on failure. * @access public */ function setAltDomains($domains) { if (!$domains) { $this->_altdomains = ''; return true; } $this->_altdomains = ''; $domains = explode(';', $domains); foreach ($domains as $domain) { if (io::substr($domain, 0, 7) == "http://") { $domain = io::substr($domain, 7); } if ($domain) { $this->_altdomains .= $this->_altdomains ? ';' : ''; if (io::substr($domain, io::strlen($domain) - 1) == "/") { $domain = io::substr($domain, 0, -1); } $this->_altdomains .= $domain; } } return true; }
/** * Start the scripts process queue. * Remove the lock file then relaunch the script if force is true * * @param boolean $force Set to true if you wish to remove the lock file before launch * @return void * @access public * @static */ static function startScript($force = false) { if (USE_BACKGROUND_REGENERATOR) { $forceRestart = ''; if ($force) { $forceRestart = ' -F'; } elseif (processManager::hasRunningScript()) { return false; } //test if we're on windows or linux, for the output redirection if (APPLICATION_IS_WINDOWS) { if (realpath(PATH_PHP_CLI_WINDOWS) === false) { CMS_grandFather::raiseError("Unknown CLI location : " . PATH_PHP_CLI_WINDOWS . ", please check your configuration."); return false; } // Create the BAT file $command = '@echo off' . "\r\n" . 'start /B /LOW ' . realpath(PATH_PHP_CLI_WINDOWS) . ' ' . realpath(PATH_PACKAGES_FS . '\\scripts\\script.php') . ' -m ' . REGENERATION_THREADS . $forceRestart; $replace = array('program files (x86)' => 'progra~2', 'program files' => 'progra~1', 'documents and settings' => 'docume~1'); $command = str_ireplace(array_keys($replace), $replace, $command); if (!@touch(PATH_WINDOWS_BIN_FS . "/script.bat")) { CMS_grandFather::_raiseError("CMS_scriptsManager : startScript : Create file error : " . PATH_WINDOWS_BIN_FS . "/script.bat"); return false; } $fh = @fopen(PATH_WINDOWS_BIN_FS . "/script.bat", "wb"); if (is_resource($fh)) { if (!@fwrite($fh, $command, io::strlen($command))) { CMS_grandFather::raiseError("Save file error : script.bat"); } @fclose($fh); } $WshShell = new COM("WScript.Shell"); $oExec = $WshShell->Run(str_ireplace(array_keys($replace), $replace, realpath(PATH_WINDOWS_BIN_FS . '\\script.bat')), 0, false); } else { $error = ''; if (!defined('PATH_PHP_CLI_UNIX') || !PATH_PHP_CLI_UNIX) { $return = CMS_patch::executeCommand('which php 2>&1', $error); if ($error) { CMS_grandFather::raiseError('Error when finding php CLI with command "which php", please check your configuration : ' . $error); return false; } if (io::substr($return, 0, 1) != '/') { CMS_grandFather::raiseError('Can\'t find php CLI with command "which php", please check your configuration.'); return false; } $return = CMS_patch::executeCommand("cd " . PATH_REALROOT_FS . "; php " . PATH_PACKAGES_FS . "/scripts/script.php -m " . REGENERATION_THREADS . $forceRestart . " > /dev/null 2>&1 &", $error); if ($error) { CMS_grandFather::raiseError('Error during execution of script command (cd ' . PATH_REALROOT_FS . '; php ' . PATH_PACKAGES_FS . '/scripts/script.php -m ' . REGENERATION_THREADS . $forceRestart . '), please check your configuration : ' . $error); return false; } } else { $return = CMS_patch::executeCommand(PATH_PHP_CLI_UNIX . ' -v 2>&1', $error); if ($error) { CMS_grandFather::raiseError('Error when testing php CLI with command "' . PATH_PHP_CLI_UNIX . ' -v", please check your configuration : ' . $error); return false; } if (io::strpos(io::strtolower($return), '(cli)') === false) { CMS_grandFather::raiseError(PATH_PHP_CLI_UNIX . ' is not the CLI version'); return false; } $return = CMS_patch::executeCommand("cd " . PATH_REALROOT_FS . "; " . PATH_PHP_CLI_UNIX . " " . PATH_PACKAGES_FS . "/scripts/script.php -m " . REGENERATION_THREADS . $forceRestart . " > /dev/null 2>&1 &", $error); if ($error) { CMS_grandFather::raiseError('Error during execution of script command (cd ' . PATH_REALROOT_FS . '; ' . PATH_PHP_CLI_UNIX . ' ' . PATH_PACKAGES_FS . '/scripts/script.php -m ' . REGENERATION_THREADS . $forceRestart . '), please check your configuration : ' . $error); return false; } } //CMS_grandFather::log($return); //CMS_grandFather::log("cd ".PATH_REALROOT_FS."; php ".PATH_PACKAGES_FS."/scripts/script.php -m ".REGENERATION_THREADS.$forceRestart." > /dev/null 2>&1 &"); //@system("cd ".PATH_REALROOT_FS."; php ".PATH_PACKAGES_FS."/scripts/script.php -m ".REGENERATION_THREADS.$forceRestart." > /dev/null 2>&1 &"); } } else { CMS_session::setSessionVar('start_script', true); } }
/** * Duplicate this block * Used to duplicate a CMS_page. * * @param CMS_page $destinationPage, the page receiving a copy of this block * @param boolean $public The precision needed for USERSPACE location * @return CMS_block object */ function duplicate(&$destinationPage, $public = false) { if (SensitiveIO::isPositiveInteger($this->_dbID) && $this->_file) { $table = $this->_getDataTableName(RESOURCE_LOCATION_USERSPACE, $public); //Copy linked file //In new file name, delete reference to old page and add refernce to new one $_newFilename = "p" . $destinationPage->getID() . io::substr($this->_file, io::strpos($this->_file, "_"), io::strlen($this->_file)); if (@is_file(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file) && @copy(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename) && @chmod(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename, octdec(FILES_CHMOD))) { //Public if ($public) { if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename, octdec(FILES_CHMOD))) { $this->raiseError("Duplicate, flash file copy failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename); } } //Save new datas $str_set = "\n\t\t\t\t\t\tpage='" . $destinationPage->getID() . "',\n\t\t\t\t\t\tclientSpaceID='" . $this->_clientSpaceID . "',\n\t\t\t\t\t\trowID='" . $this->_rowID . "',\n\t\t\t\t\t\tblockID='" . $this->_tagID . "',\n\t\t\t\t\t\tfile='" . SensitiveIO::sanitizeSQLString($_newFilename) . "',\n\t\t\t\t\t\twidth='" . SensitiveIO::sanitizeSQLString($this->_width) . "',\n\t\t\t\t\t\theight='" . SensitiveIO::sanitizeSQLString($this->_height) . "',\n\t\t\t\t\t\tname='" . SensitiveIO::sanitizeSQLString($this->_name) . "',\n\t\t\t\t\t\tversion='" . SensitiveIO::sanitizeSQLString($this->_version) . "',\n\t\t\t\t\t\tparams='" . SensitiveIO::sanitizeSQLString($this->_params) . "',\n\t\t\t\t\t\tflashvars='" . SensitiveIO::sanitizeSQLString($this->_flashvars) . "',\n\t\t\t\t\t\tattributes='" . SensitiveIO::sanitizeSQLString($this->_flashattributes) . "'\n\t\t\t\t"; $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\t" . $table . "\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t"; $q = new CMS_query($sql); if (!$q->hasError()) { //Table Edition $sql = "\n\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t" . $this->_getDataTableName(RESOURCE_LOCATION_EDITION, false) . "\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tid='" . $q->getLastInsertedID() . "',\n\t\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t\t"; $q = new CMS_query($sql); return !$q->hasError(); } else { $this->raiseError("Duplicate, SQL insertion of new flash failed: " . $sql); } } else { $this->raiseError("Duplicate, copy of file failed :" . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file); } } return false; }
/** * Sets a value for a given language code. * * @param string $languageCode the language code of the value to set * @param mixed $value the value to set * @return boolean true on success, false on failure * @access public */ function setValue($languageCode, $value) { if (io::strlen($languageCode) > 5) { $this->raiseError("Can't use a language code longuer than 5 caracters : " . $languageCode); return false; } $this->_values[$languageCode] = $value; return true; }
/** * Search users * Static function. * * @param string search : search user by lastname, firstname or login * @param string letter : search user by first lastname letter * @param integer group : search user by group ID * @param string order : order by fieldname (without suffix). default : lastname, firstname * @param integer start : search start offset * @param integer limit : search limit (default : 0 : unlimited) * @param boolean activeOnly : return only active users (default : false) * @param boolean returnObjects : return CMS_profile_user objects (default) or array of userId * @return array(CMS_profile_user) * @access public */ static function search($search = '', $letter = '', $group = '', $order = '', $direction = 'asc', $start = 0, $limit = 0, $activeOnly = false, $returnObjects = true, &$score = array()) { $start = (int) $start; $limit = (int) $limit; $group = (int) $group; $direction = in_array(io::strtolower($direction), array('asc', 'desc')) ? io::strtolower($direction) : 'asc'; $keywordsWhere = $letterWhere = $groupWhere = $orderBy = $orderClause = $idWhere = ''; $select = 'id_pru'; if (io::strpos($search, ':noroot:') !== false) { $idWhere = " and id_pru != '" . ROOT_PROFILEUSER_ID . "'"; $search = trim(str_replace(':noroot:', '', $search)); } if (io::substr($search, 0, 5) == 'user:'******'" . sensitiveIO::sanitizeSQLString(io::substr($search, 5)) . "'"; $search = ''; } if (io::substr($search, 0, 6) == 'group:' && sensitiveIO::isPositiveInteger(io::substr($search, 6))) { $group = io::substr($search, 6); $search = ''; } if ($search) { //clean user keywords (never trust user input, user is evil) $keyword = strtr($search, ",;", " "); $words = array(); $words = array_map("trim", array_unique(explode(" ", io::strtolower($keyword)))); $cleanedWords = array(); foreach ($words as $aWord) { if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) { $aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord); if (htmlentities($aWord) != $aWord) { $cleanedWords[] = htmlentities($aWord); } $cleanedWords[] = $aWord; } } if (!$cleanedWords) { //if no words after cleaning, return return array(); } foreach ($cleanedWords as $cleanedWord) { $keywordsWhere .= $keywordsWhere ? " and " : ''; $keywordsWhere .= " (\n\t\t\t\t\tlastName_pru like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\tor firstName_pru like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\tor login_pru like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t)"; } $keywordsWhere = ' and ((' . $keywordsWhere . ')'; $select .= " , MATCH (lastName_pru, firstName_pru, login_pru) AGAINST ('" . sensitiveIO::sanitizeSQLString($search) . "') as m "; $keywordsWhere .= " or MATCH (lastName_pru, firstName_pru, login_pru) AGAINST ('" . sensitiveIO::sanitizeSQLString($search) . "') )"; } if ($letter && io::strlen($letter) === 1) { $letterWhere = " and lastName_pru like '" . sensitiveIO::sanitizeSQLString($letter) . "%'"; } if ($group) { $groupUsers = CMS_profile_usersGroupsCatalog::getGroupUsers($group, false); if (!$groupUsers) { return array(); } $groupWhere = " and id_pru in (" . implode(',', $groupUsers) . ")"; } if ($order != 'score') { if ($order) { $found = false; $sql = "DESCRIBE profilesUsers"; $q = new CMS_query($sql); while ($field = $q->getValue('Field')) { if ($field == $order . '_pru') { $found = true; } } if ($found) { $orderBy = $order . '_pru'; } else { $orderBy = 'lastName_pru,firstName_pru'; } } else { $orderBy = 'lastName_pru,firstName_pru'; } if ($orderBy) { $orderClause = "order by\n\t\t\t\t\t" . $orderBy . "\n\t\t\t\t\t" . $direction; } } elseif ($search) { $orderClause = " order by m " . $direction; } $sql = "\n\t\t\tselect\n\t\t\t\t" . $select . "\n\t\t\tfrom\n\t\t\t\tprofilesUsers\n\t\t\twhere \n\t\t\t deleted_pru='0'\n\t\t\t" . ($activeOnly ? " and active_pru='1' " : '') . "\n\t\t\t" . $keywordsWhere . "\n\t\t\t" . $letterWhere . "\n\t\t\t" . $groupWhere . "\n\t\t\t" . $idWhere . "\n\t\t\t" . $orderClause . "\n\t\t"; if ($limit) { $sql .= "limit \n\t\t\t\t" . $start . ", " . $limit; } $q = new CMS_query($sql); //pr($sql); //pr($q->getNumRows()); $users = array(); while ($r = $q->getArray()) { $id = $r['id_pru']; //set match score if exists if (isset($r['m'])) { $score[$id] = $r['m']; } if ($returnObjects) { $usr = CMS_profile_usersCatalog::getByID($id); if (is_a($usr, "CMS_profile_user") && !$usr->hasError()) { if ($activeOnly && $usr->isActive() || !$activeOnly) { $users[] = $usr; } } } else { $users[] = $id; } } //pr($score); return $users; }
/** Encode string to quoted-printable. * @access private * @return string */ function EncodeQP($str) { $encoded = $this->FixEOL($str); if (io::substr($encoded, -io::strlen($this->LE)) != $this->LE) { $encoded .= $this->LE; } /* Replace every high ascii, control and = characters */ $encoded = preg_replace('/([\\000-\\010\\013\\014\\016-\\037\\075\\177-\\377])/e', "'='.sprintf('%02X', ord('\\1'))", $encoded); /* Replace every spaces and tabs when it's the last character on a line */ $encoded = preg_replace("/([\t ])" . $this->LE . "/e", "'='.sprintf('%02X', ord('\\1')).'" . $this->LE . "'", $encoded); /* Maximum line length of 76 characters before CRLF (74 + space + '=') */ //$encoded = $this->WrapText($encoded, 74, true); return $encoded; }
/** * set object Values * * @param array $values : the POST result values * @param string prefixname : the prefix used for post names * @param boolean newFormat : new automne v4 format (default false for compatibility) * @param integer $objectID : the current object id. Must be set, but default is blank for compatibility with other objects * @return boolean true on success, false on failure * @access public */ function setValues($values, $prefixName, $newFormat = false, $objectID = '') { if (!sensitiveIO::isPositiveInteger($objectID)) { $this->raiseError('ObjectID must be a positive integer : ' . $objectID); return false; } //get field parameters $params = $this->getParamsValues(); //get module codename $moduleCodename = CMS_poly_object_catalog::getModuleCodenameForField($this->_field->getID()); if ($newFormat) { //delete old files ? //thumbnail if ($this->_subfieldValues[1]->getValue() && (!$values[$prefixName . $this->_field->getID() . '_1'] || pathinfo($values[$prefixName . $this->_field->getID() . '_1'], PATHINFO_BASENAME) != $this->_subfieldValues[1]->getValue())) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue()); $this->_subfieldValues[1]->setValue(''); } //file if ($this->_subfieldValues[4]->getValue() && (!$values[$prefixName . $this->_field->getID() . '_4'] || pathinfo($values[$prefixName . $this->_field->getID() . '_4'], PATHINFO_BASENAME) != $this->_subfieldValues[4]->getValue())) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue()); $this->_subfieldValues[4]->setValue(''); //reset filesize if (!$this->_subfieldValues[2]->setValue(0)) { return false; } } if (!(isset($values[$prefixName . $this->_field->getID() . '_0']) && $this->_subfieldValues[0]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_0'])))) { return false; } //thumbnail if (isset($values[$prefixName . $this->_field->getID() . '_1']) && $values[$prefixName . $this->_field->getID() . '_1'] && io::strpos($values[$prefixName . $this->_field->getID() . '_1'], PATH_UPLOAD_WR . '/') !== false) { $filename = $values[$prefixName . $this->_field->getID() . '_1']; //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //destroy old image if any if ($this->_subfieldValues[1]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue()); $this->_subfieldValues[1]->setValue(''); } //move and rename uploaded file $filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $filename); $basename = pathinfo($filename, PATHINFO_BASENAME); //set thumbnail $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $newBasename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($basename)); //rename image $path_parts = pathinfo($newBasename); $extension = io::strtolower($path_parts['extension']); $newBasename = io::substr($path_parts['basename'], 0, -(io::strlen($extension) + 1)) . '_thumbnail.' . $extension; if (io::strlen($newBasename) > 255) { $newBasename = sensitiveIO::ellipsis($newBasename, 255, '-', true); } $newFilename = $path . '/' . $newBasename; //move file from upload dir to new dir CMS_file::moveTo($filename, $newFilename); CMS_file::chmodFile(FILES_CHMOD, $newFilename); //resize thumbnail if needed if ($params['thumbMaxWidth'] > 0 || $params['thumbMaxHeight'] > 0) { $oImage = new CMS_image($newFilename); //get current file size $sizeX = $oImage->getWidth(); $sizeY = $oImage->getHeight(); //check thumbnail size list($sizeX, $sizeY) = @getimagesize($newFilename); if ($params['thumbMaxWidth'] && $sizeX > $params['thumbMaxWidth'] || $params['thumbMaxHeight'] && $sizeY > $params['thumbMaxHeight']) { $newSizeX = $sizeX; $newSizeY = $sizeY; // Check width if ($params['thumbMaxWidth'] && $newSizeX > $params['thumbMaxWidth']) { $newSizeY = round($params['thumbMaxWidth'] * $newSizeY / $newSizeX); $newSizeX = $params['thumbMaxWidth']; } if ($params['thumbMaxHeight'] && $newSizeY > $params['thumbMaxHeight']) { $newSizeX = round($params['thumbMaxHeight'] * $newSizeX / $newSizeY); $newSizeY = $params['thumbMaxHeight']; } if (!$oImage->resize($newSizeX, $newSizeY, $newFilename)) { return false; } } } //set thumbnail if (!$this->_subfieldValues[1]->setValue($newBasename)) { return false; } } //File //1- from external location if (isset($values[$prefixName . $this->_field->getID() . '_externalfile']) && $values[$prefixName . $this->_field->getID() . '_externalfile']) { //from FTP directory $filename = $values[$prefixName . $this->_field->getID() . '_externalfile']; //check file extension if ($params['allowedType'] || $params['disallowedType']) { $extension = io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)); if (!$extension) { return false; } //extension must be in allowed list if ($params['allowedType'] && !in_array($extension, explode(',', io::strtolower($params['allowedType'])))) { return false; } //extension must not be in disallowed list if ($params['disallowedType'] && in_array($extension, explode(',', io::strtolower($params['disallowedType'])))) { return false; } } //destroy old file if any if ($this->_subfieldValues[4]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue()); $this->_subfieldValues[4]->setValue(''); } $new_filename = 'r' . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($filename)); if (io::strlen($new_filename) > 255) { $new_filename = sensitiveIO::ellipsis($new_filename, 255, '-', true); } $destination_path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/'; $ftp_dir = PATH_REALROOT_FS . $params['ftpDir']; if (@file_exists($ftp_dir . $filename) && is_file($ftp_dir . $filename)) { if (CMS_file::moveTo($ftp_dir . $filename, $destination_path . '/' . $new_filename)) { CMS_file::chmodFile(FILES_CHMOD, $destination_path . '/' . $new_filename); //set label as file name if none set if (!$values[$prefixName . $this->_field->getID() . '_0']) { if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars($filename))) { return false; } } //set it if (!$this->_subfieldValues[4]->setValue($new_filename)) { return false; } //and set filesize $filesize = @filesize($destination_path . '/' . $new_filename); if ($filesize !== false && $filesize > 0) { //convert in MB $filesize = round($filesize / 1048576, 2); } else { $filesize = '0'; } if (!$this->_subfieldValues[2]->setValue($filesize)) { return false; } //set file type if (!$this->_subfieldValues[3]->setValue(self::OBJECT_FILE_TYPE_INTERNAL)) { return false; } } else { return false; } } else { return false; } } else { //2- from post if ($values[$prefixName . $this->_field->getID() . '_4'] && io::strpos($values[$prefixName . $this->_field->getID() . '_4'], PATH_UPLOAD_WR . '/') !== false) { //check file extension if ($params['allowedType'] || $params['disallowedType']) { $extension = io::strtolower(pathinfo($values[$prefixName . $this->_field->getID() . '_4'], PATHINFO_EXTENSION)); if (!$extension) { return false; } //extension must be in allowed list if ($params['allowedType'] && !in_array($extension, explode(',', io::strtolower($params['allowedType'])))) { return false; } //extension must not be in disallowed list if ($params['disallowedType'] && in_array($extension, explode(',', io::strtolower($params['disallowedType'])))) { return false; } } //set file type if (!$this->_subfieldValues[3]->setValue(self::OBJECT_FILE_TYPE_INTERNAL)) { return false; } //destroy old file if any if ($this->_subfieldValues[4]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue()); $this->_subfieldValues[4]->setValue(''); } //move and rename uploaded file $filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $values[$prefixName . $this->_field->getID() . '_4']); $basename = pathinfo($filename, PATHINFO_BASENAME); //create file path $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $newBasename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($basename)); if (io::strlen($newBasename) > 255) { $newBasename = sensitiveIO::ellipsis($newBasename, 255, '-', true); } $newFilename = $path . '/' . $newBasename; if (!CMS_file::moveTo($filename, $newFilename)) { return false; } CMS_file::chmodFile(FILES_CHMOD, $newFilename); //set it if (!$this->_subfieldValues[4]->setValue($newBasename)) { return false; } //and set filesize $filesize = @filesize($newFilename); if ($filesize !== false && $filesize > 0) { //convert in MB $filesize = round($filesize / 1048576, 2); } else { $filesize = '0'; } if (!$this->_subfieldValues[2]->setValue($filesize)) { return false; } } } // If label not set yet, set it if (!$this->_subfieldValues[0]->getValue()) { if ($this->_subfieldValues[4]->getValue()) { $this->_subfieldValues[0]->setValue($this->_subfieldValues[4]->getValue()); } } //update files infos if needed if ($this->_subfieldValues[1]->getValue() && file_exists(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue())) { $file = new CMS_file(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue()); $imageDatas = array('filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension()); } else { $imageDatas = array('filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'extension' => ''); } //update files infos if needed if ($this->_subfieldValues[4]->getValue() && file_exists(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue())) { $file = new CMS_file(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue()); $fileDatas = array('filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension()); } else { $fileDatas = array('filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'extension' => ''); } $imageDatas['module'] = $fileDatas['module'] = $moduleCodename; $imageDatas['visualisation'] = $fileDatas['visualisation'] = RESOURCE_DATA_LOCATION_EDITED; $content = array('datas' => array('polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_1]' => $imageDatas, 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_4]' => $fileDatas, 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_externalfile]' => '', 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_0]' => sensitiveIO::decodeEntities($this->_subfieldValues[0]->getValue()))); $view = CMS_view::getInstance(); $view->addContent($content); return true; } else { //Old format //delete old files ? if (isset($values[$prefixName . $this->_field->getID() . '_delete']) && $values[$prefixName . $this->_field->getID() . '_delete'] == 1) { //thumbnail if ($this->_subfieldValues[1]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue()); $this->_subfieldValues[1]->setValue(''); } elseif ($values[$prefixName . $this->_field->getID() . '_1_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_1_hidden']); $this->_subfieldValues[1]->setValue(''); } //file if ($this->_subfieldValues[4]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue()); $this->_subfieldValues[4]->setValue(''); } elseif ($values[$prefixName . $this->_field->getID() . '_4_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_4_hidden']); $this->_subfieldValues[4]->setValue(''); } //reset filesize if (!$this->_subfieldValues[2]->setValue(0)) { return false; } } if (!(isset($values[$prefixName . $this->_field->getID() . '_0']) && $this->_subfieldValues[0]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_0'])))) { return false; } //thumbnail if (isset($_FILES[$prefixName . $this->_field->getID() . '_1']) && $_FILES[$prefixName . $this->_field->getID() . '_1']['name'] && !$_FILES[$prefixName . $this->_field->getID() . '_1']['error']) { //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($_FILES[$prefixName . $this->_field->getID() . '_1']["name"], PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //destroy old image if any if ($this->_subfieldValues[1]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue()); $this->_subfieldValues[1]->setValue(''); } elseif ($values[$prefixName . $this->_field->getID() . '_1_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_1_hidden']); $this->_subfieldValues[1]->setValue(''); } //set thumbnail (resize it if needed) //create thumbnail path $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $filename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($_FILES[$prefixName . $this->_field->getID() . '_1']["name"])); if (io::strlen($filename) > 255) { $filename = sensitiveIO::ellipsis($filename, 255, '-', true); } //move uploaded file $fileDatas = CMS_file::uploadFile($prefixName . $this->_field->getID() . '_1', PATH_TMP_FS); if ($fileDatas['error']) { return false; } if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) { return false; } if ($params['thumbMaxWidth'] > 0 || $params['thumbMaxHeight'] > 0) { $oImage = new CMS_image($path . "/" . $filename); //get current file size $sizeX = $oImage->getWidth(); $sizeY = $oImage->getHeight(); //check thumbnail size if ($sizeX > $params['thumbMaxWidth'] || $sizeX > $params['thumbMaxHeight']) { $newSizeX = $sizeX; $newSizeY = $sizeY; // Check width if ($params['thumbMaxWidth'] && $newSizeX > $params['thumbMaxWidth']) { $newSizeY = round($params['thumbMaxWidth'] * $newSizeY / $newSizeX); $newSizeX = $params['thumbMaxWidth']; } if ($params['thumbMaxHeight'] && $newSizeY > $params['thumbMaxHeight']) { $newSizeX = round($params['thumbMaxHeight'] * $newSizeX / $newSizeY); $newSizeY = $params['thumbMaxHeight']; } //resize image $srcfilepath = $path . "/" . $filename; $path_parts = pathinfo($srcfilepath); $thumbnailFilename = io::substr($path_parts['basename'], 0, -(io::strlen($path_parts['extension']) + 1)) . '.png'; $destfilepath = $path . "/" . $thumbnailFilename; if (!$oImage->resize($newSizeX, $newSizeY, $destfilepath)) { return false; } //destroy original image @unlink($srcfilepath); //set resized thumbnail if (!$this->_subfieldValues[1]->setValue($thumbnailFilename)) { return false; } } else { //no need to resize thumbnail (below the maximum width), so set it if (!$this->_subfieldValues[1]->setValue($filename)) { return false; } } } else { //no need to resize thumbnail (no size limit), so set it if (!$this->_subfieldValues[1]->setValue($filename)) { return false; } } } elseif (isset($_FILES[$prefixName . $this->_field->getID() . '_1']) && $_FILES[$prefixName . $this->_field->getID() . '_1']['name'] && $_FILES[$prefixName . $this->_field->getID() . '_1']['error'] != 0) { return false; } elseif (isset($values[$prefixName . $this->_field->getID() . '_1_hidden']) && $values[$prefixName . $this->_field->getID() . '_1_hidden'] && $values[$prefixName . $this->_field->getID() . '_delete'] != 1) { if (!$this->_subfieldValues[1]->setValue($values[$prefixName . $this->_field->getID() . '_1_hidden'])) { return false; } } //File //1- from external location if (isset($values[$prefixName . $this->_field->getID() . '_externalfile']) && $values[$prefixName . $this->_field->getID() . '_externalfile']) { //destroy old file if any if ($this->_subfieldValues[4]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue()); $this->_subfieldValues[4]->setValue(''); } elseif ($values[$prefixName . $this->_field->getID() . '_4_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_4_hidden']); $this->_subfieldValues[4]->setValue(''); } //from FTP directory $filename = $values[$prefixName . $this->_field->getID() . '_externalfile']; //io::substr($values[$prefixName.$this->_field->getID().'_externalfile'], 1); //check file extension if ($params['allowedType'] || $params['disallowedType']) { $extension = io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)); if (!$extension) { return false; } //extension must be in allowed list if ($params['allowedType'] && !in_array($extension, explode(',', io::strtolower($params['allowedType'])))) { return false; } //extension must not be in disallowed list if ($params['disallowedType'] && in_array($extension, explode(',', io::strtolower($params['disallowedType'])))) { return false; } } $new_filename = 'r' . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($filename)); if (io::strlen($new_filename) > 255) { $new_filename = sensitiveIO::ellipsis($new_filename, 255, '-', true); } $destination_path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/'; $ftp_dir = PATH_REALROOT_FS . $params['ftpDir']; if (@file_exists($ftp_dir . $filename) && is_file($ftp_dir . $filename)) { if (@copy($ftp_dir . $filename, $destination_path . '/' . $new_filename)) { @chmod($destination_path . '/' . $new_filename, octdec(FILES_CHMOD)); //set label as file name if none set if (!$values[$prefixName . $this->_field->getID() . '_0']) { if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars($filename))) { return false; } } //set it if (!$this->_subfieldValues[4]->setValue($new_filename)) { return false; } //and set filesize $filesize = @filesize($destination_path . '/' . $new_filename); if ($filesize !== false && $filesize > 0) { //convert in MB $filesize = round($filesize / 1048576, 2); } else { $filesize = '0'; } if (!$this->_subfieldValues[2]->setValue($filesize)) { return false; } //set file type if (!$this->_subfieldValues[3]->setValue(self::OBJECT_FILE_TYPE_INTERNAL)) { return false; } } else { return false; } } else { return false; } } else { //2- from post if (isset($_FILES[$prefixName . $this->_field->getID() . '_4']) && $_FILES[$prefixName . $this->_field->getID() . '_4']['name'] && !$_FILES[$prefixName . $this->_field->getID() . '_4']['error']) { //check file extension if ($params['allowedType'] || $params['disallowedType']) { $extension = io::strtolower(pathinfo($_FILES[$prefixName . $this->_field->getID() . '_4']['name'], PATHINFO_EXTENSION)); if (!$extension) { return false; } //extension must be in allowed list if ($params['allowedType'] && !in_array($extension, explode(',', io::strtolower($params['allowedType'])))) { return false; } //extension must not be in disallowed list if ($params['disallowedType'] && in_array($extension, explode(',', io::strtolower($params['disallowedType'])))) { return false; } } //set label as image name if none set if (!$values[$prefixName . $this->_field->getID() . '_0']) { if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars($_FILES[$prefixName . $this->_field->getID() . '_4']["name"]))) { return false; } } //set file type if (!$this->_subfieldValues[3]->setValue(self::OBJECT_FILE_TYPE_INTERNAL)) { return false; } //destroy old file if any if ($this->_subfieldValues[4]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue()); $this->_subfieldValues[4]->setValue(''); } //create thumnail path $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $filename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($_FILES[$prefixName . $this->_field->getID() . '_4']["name"])); if (io::strlen($filename) > 255) { $filename = sensitiveIO::ellipsis($filename, 255, '-', true); } //move uploaded file $fileDatas = CMS_file::uploadFile($prefixName . $this->_field->getID() . '_4', PATH_TMP_FS); if ($fileDatas['error']) { return false; } if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) { return false; } //set it if (!$this->_subfieldValues[4]->setValue($filename)) { return false; } //and set filesize $filesize = @filesize($path . "/" . $filename); if ($filesize !== false && $filesize > 0) { //convert in MB $filesize = round($filesize / 1048576, 2); } else { $filesize = '0'; } if (!$this->_subfieldValues[2]->setValue($filesize)) { return false; } } elseif (isset($_FILES[$prefixName . $this->_field->getID() . '_4']) && $_FILES[$prefixName . $this->_field->getID() . '_4']['name'] && $_FILES[$prefixName . $this->_field->getID() . '_4']['error'] != 0) { return false; } else { //from hidden fields (previously set but not already saved) if (isset($values[$prefixName . $this->_field->getID() . '_4_hidden']) && $values[$prefixName . $this->_field->getID() . '_4_hidden'] && (!isset($values[$prefixName . $this->_field->getID() . '_delete']) || $values[$prefixName . $this->_field->getID() . '_delete'] != 1)) { //set label as image name if none set if ($values[$prefixName . $this->_field->getID() . '_0']) { if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_0']))) { return false; } } //set filesize if (!$this->_subfieldValues[2]->setValue($values[$prefixName . $this->_field->getID() . '_2_hidden'])) { return false; } //set file type if (!$this->_subfieldValues[3]->setValue($values[$prefixName . $this->_field->getID() . '_3_hidden'])) { return false; } if (!$this->_subfieldValues[4]->setValue($values[$prefixName . $this->_field->getID() . '_4_hidden'])) { return false; } } } } // If label not set yet, set it if (!$this->_subfieldValues[0]->getValue()) { if ($this->_subfieldValues[4]->getValue()) { $this->_subfieldValues[0]->setValue($this->_subfieldValues[4]->getValue()); } } return true; } }
/** * Sets the year part of the date * * @param string $value the year to set to * @return boolean true on success, false on failure * @access public */ function setYear($value) { if (!ctype_digit((string) $value)) { $this->_raiseError(__CLASS__ . ' : ' . __FUNCTION__ . ' : value must be numeric : ' . $value); return false; } //$value = $this->_fillWithZeros($value, 4); $value = (int) $value; if ($value < 100) { $value += $value > 30 ? 1900 : 2000; } if (!$value || io::strlen((string) $value) != 4) { $this->_raiseError("Date : incorrect year : " . $value); return false; } else { $this->_year = $value; return true; } }
/** * Proceeds to archive download * * @return binary file content to be downloaded */ function download_file() { if ($this->options['inmemory'] == 0) { $this->raiseError("Can only use download_file() if archive is in memory. Redirect to file otherwise, it is faster."); return; } switch ($this->options['type']) { case "zip": header("Content-type:application/zip"); break; case "bzip": header("Content-type:application/x-compressed"); break; case "gzip": header("Content-type:application/x-compressed"); break; case "tar": header("Content-type:application/x-tar"); } $header = "Content-disposition: attachment; filename=\""; $header .= strstr($this->options['name'], "/") ? io::substr($this->options['name'], strrpos($this->options['name'], "/") + 1) : $this->options['name']; $header .= "\""; header($header); header("Content-length: " . io::strlen($this->CMS_archive)); header("Content-transfer-encoding: binary"); header("Pragma: no-cache"); header("Expires: 0"); print $this->CMS_archive; }
/** * Duplicate this block * Used to duplicate a CMS_page. * * @param CMS_page $destinationPage, the page receiving a copy of this block * @param boolean $public The precision needed for USERSPACE location * @return CMS_block object */ function duplicate(&$destinationPage, $public = false) { if (SensitiveIO::isPositiveInteger($this->_dbID)) { $link = $this->_link; if ($link->hasValidHREF()) { if ($link->getLinkType() == RESOURCE_LINK_TYPE_FILE) { //get file path $file = $link->getFileLink(false, MOD_STANDARD_CODENAME, RESOURCE_DATA_LOCATION_EDITED, PATH_RELATIVETO_FILESYSTEM, true); $path = $link->getFileLink(true, MOD_STANDARD_CODENAME, RESOURCE_DATA_LOCATION_EDITED, PATH_RELATIVETO_FILESYSTEM, false); if ($file && file_exists($path . '/' . $file)) { //Copy linked file //In new file name, delete reference to old page and add refernce to new one $_newFilename = "p" . $destinationPage->getID() . io::substr($file, io::strpos($file, "_"), io::strlen($file)); if (@is_file(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $file) && CMS_file::copyTo(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $file, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename) && CMS_file::chmodFile(FILES_CHMOD, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename)) { //Public if ($public) { if (!is_file(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $file) || !CMS_file::copyTo(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $file, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename) || !CMS_file::chmodFile(FILES_CHMOD, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename)) { $this->raiseError("Duplicate, file copy failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $file); } } $link->setFileLink($_newFilename); } } } $table = $this->_getDataTableName(RESOURCE_LOCATION_USERSPACE, $public); //Save new datas $str_set = "\n\t\t\t\t\t\tpage='" . $destinationPage->getID() . "',\n\t\t\t\t\t\tclientSpaceID='" . $this->_clientSpaceID . "',\n\t\t\t\t\t\trowID='" . $this->_rowID . "',\n\t\t\t\t\t\tblockID='" . $this->_tagID . "',\n\t\t\t\t\t\ttype='CMS_block_link',\n\t\t\t\t\t\tvalue='" . SensitiveIO::sanitizeSQLString($link->getTextDefinition()) . "'\n\t\t\t\t"; $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\t" . $table . "\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t"; $q = new CMS_query($sql); if (!$q->hasError()) { //Table Edition $sql = "\n\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t" . $this->_getDataTableName(RESOURCE_LOCATION_EDITION, false) . "\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tid='" . $q->getLastInsertedID() . "',\n\t\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t\t"; $q = new CMS_query($sql); return !$q->hasError(); } else { $this->raiseError("Duplicate, SQL insertion of new filename failed: " . $sql); } } else { $this->raiseError("Duplicate, copy of file failed :" . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file); } } return false; }
/** * Returns all the page Templates, sorted by label. * Static function. * * @param boolean $includeInactive If set to true, don't watch inactive templates * @return array(CMS_pageTemplate) * @access public */ static function getAll($includeInactive = false, $keyword = '', $groups = array(), $website = '', $tplIds = array(), $user = false, $start = 0, $limit = 0, $returnObjects = true, &$score = array()) { $where = 'private_pt=0'; $select = 'id_pt'; //keywords if ($keyword) { //clean user keywords (never trust user input, user is evil) $keyword = strtr($keyword, ",;", " "); $words = array(); $words = array_map("trim", array_unique(explode(" ", io::strtolower($keyword)))); $cleanedWords = array(); foreach ($words as $aWord) { if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) { $aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord); $cleanedWords[] = $aWord; } } if (!$cleanedWords) { //if no words after cleaning, return return array(); } //extract row: keywords which are used by general search engine to filter templates by row usage $rows = array(); foreach ($cleanedWords as $key => $word) { if (io::strpos($word, 'row:') === 0) { unset($cleanedWords[$key]); $rows[] = substr($word, 4); } } if ($cleanedWords) { $keywordWhere = ''; foreach ($cleanedWords as $cleanedWord) { $keywordWhere .= $keywordWhere ? ' and ' : ''; $keywordWhere .= " (\n\t\t\t\t\t\tdescription_pt like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\t\tor label_pt like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\t)"; } $where .= $where ? ' and ' : ''; $where .= " ((" . $keywordWhere . ") or MATCH (label_pt, description_pt) AGAINST ('" . sensitiveIO::sanitizeSQLString($keyword) . "') )"; $select .= " , MATCH (label_pt, description_pt) AGAINST ('" . sensitiveIO::sanitizeSQLString($keyword) . "') as m "; } if ($rows) { $q = new CMS_query("\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct(template_cs)\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_standard_clientSpaces_edited\n\t\t\t\t\twhere\n\t\t\t\t\t\ttype_cs in (" . io::sanitizeSQLString(implode($rows, ',')) . ")\n\t\t\t\t"); if ($q->getNumRows()) { while ($r = $q->getArray()) { $tplIds[] = $r['template_cs']; } } } } $sql = "\n\t\t\tselect\n\t\t\t\t" . $select . "\n\t\t\tfrom\n\t\t\t\tpageTemplates\n\t\t"; //groups if ($groups) { foreach ($groups as $group) { $where .= $where ? ' and ' : ''; $where .= " (\n\t\t\t\t\tgroupsStack_pt='" . sensitiveIO::sanitizeSQLString($group) . "'\n\t\t\t\t\tor groupsStack_pt like '%;" . sensitiveIO::sanitizeSQLString($group) . ";%'\n\t\t\t\t\tor groupsStack_pt like '" . sensitiveIO::sanitizeSQLString($group) . ";%'\n\t\t\t\t\tor groupsStack_pt like '%;" . sensitiveIO::sanitizeSQLString($group) . "'\n\t\t\t\t)"; } } //website if ($website) { $where .= $where ? ' and ' : ''; $where .= " (\n\t\t\t\twebsitesdenied_pt != '" . sensitiveIO::sanitizeSQLString($website) . "'\n\t\t\t\tand websitesdenied_pt not like '%;" . sensitiveIO::sanitizeSQLString($website) . ";%'\n\t\t\t\tand websitesdenied_pt not like '" . sensitiveIO::sanitizeSQLString($website) . ";%'\n\t\t\t\tand websitesdenied_pt not like '%;" . sensitiveIO::sanitizeSQLString($website) . "'\n\t\t\t)"; } //useable if (!$includeInactive) { $where .= $where ? ' and ' : ''; $where .= " inUse_pt=1 "; $where .= " and definitionFile_pt!='' "; } //tplIds if ($tplIds) { $where .= $where ? ' and ' : ''; $where .= " id_pt in (" . implode(',', $tplIds) . ") "; } //user if (is_object($user) && !$user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) { $groupsDenied = $user->getTemplateGroupsDenied()->getElements(); if ($groupsDenied && is_array($groupsDenied) && sizeof($groupsDenied)) { $where .= $where ? ' and (' : '('; foreach ($groupsDenied as $group) { $where .= " (\n\t\t\t\t\t\tgroupsStack_pt != '" . sensitiveIO::sanitizeSQLString($group[0]) . "'\n\t\t\t\t\t\tand groupsStack_pt not like '%;" . sensitiveIO::sanitizeSQLString($group[0]) . ";%'\n\t\t\t\t\t\tand groupsStack_pt not like '" . sensitiveIO::sanitizeSQLString($group[0]) . ";%'\n\t\t\t\t\t\tand groupsStack_pt not like '%;" . sensitiveIO::sanitizeSQLString($group[0]) . "'\n\t\t\t\t\t) and "; } //remove last "and " and append ) $where = io::substr($where, 0, -4) . ')'; } } $sql = $sql . ($where ? ' where ' . $where : ''); //order if (io::strpos($sql, 'MATCH') === false) { $sql .= " order by label_pt "; } else { $sql .= " order by m desc "; } //limit if ($start || $limit) { $sql .= " limit " . sensitiveIO::sanitizeSQLString($start) . "," . sensitiveIO::sanitizeSQLString($limit); } //pr($sql); $q = new CMS_query($sql); $pts = array(); while ($r = $q->getArray()) { $id = $r['id_pt']; //set match score if exists if (isset($r['m'])) { $score[$id] = $r['m']; } if ($returnObjects) { $pt = new CMS_pageTemplate($id); if (!$pt->hasError()) { $pts[$pt->getID()] = $pt; } } else { $pts[$id] = $id; } } return $pts; }
/** * set object Values * * @param array $values : the POST result values * @param string prefixname : the prefix used for post names * @return boolean true on success, false on failure * @access public */ function setValues($values, $prefixName) { $params = $this->getParamsValues(); if ($values[$prefixName . $this->_field->getID() . '_0']) { //check string length parameter if (io::strlen($values[$prefixName . $this->_field->getID() . '_0']) > $params['maxLength']) { return false; } //check if value is a negative number (if needed) if ($values[$prefixName . $this->_field->getID() . '_0'] && !$params['canBeNegative'] && (int) $values[$prefixName . $this->_field->getID() . '_0'] < 0) { return false; } //check if value has no html tags if (strip_tags($values[$prefixName . $this->_field->getID() . '_0']) != $values[$prefixName . $this->_field->getID() . '_0']) { return false; } //check match expression if any if ($params['matchExp'] && !preg_match('#' . $params['matchExp'] . '#', $values[$prefixName . $this->_field->getID() . '_0'])) { return false; } } if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_0']))) { return false; } return true; }
/** * Set the text content. This content must include the tag itself. * * @param string $content The tag content including the tag itself * @return boolean true on success, false on failure to set it * @access public */ function setTextContent($content) { $content = trim($content); if ($content && io::substr($content, 1, io::strlen($this->_name)) == $this->_name) { $this->_textContent = $content; return true; } else { $this->raiseError("Content is empty or does not contain self tag"); return false; } }
/** * activates the script function. * * @return void * @access public */ function activate() { parent::activate(); if ($_SERVER['argv']['1'] == '-s' && SensitiveIO::isPositiveInteger($_SERVER['argv']['2'])) { // SUB-SCRIPT : Processes one script task @ini_set('max_execution_time', SUB_SCRIPT_TIME_OUT); //set max execution time for sub script @set_time_limit(SUB_SCRIPT_TIME_OUT); //set the PHP timeout for sub script $sql = "\n\t\t\t\tselect\n\t\t\t\t\t*\n\t\t\t\tfrom\n\t\t\t\t\tregenerator\n\t\t\t\twhere\n\t\t\t\t\tid_reg = '" . $_SERVER['argv']['2'] . "'\n\t\t\t"; $q = new CMS_query($sql); if ($q->getNumRows()) { $data = $q->getArray(); //send script informations to process manager $this->_processManager->setParameters($data['module_reg'], $data['parameters_reg']); //instanciate script module $module = CMS_modulesCatalog::getByCodename($data['module_reg']); //then send script task to module (return task title by reference) $task = $module->scriptTask(unserialize($data['parameters_reg'])); //delete the current script task $sql_delete = "\n\t\t\t\t\tdelete\n\t\t\t\t\tfrom\n\t\t\t\t\t\tregenerator\n\t\t\t\t\twhere\n\t\t\t\t\t\tid_reg='" . $data['id_reg'] . "'"; $q = new CMS_query($sql_delete); if ($this->_debug) { $this->raiseError($this->_processManager->getPIDFilePath() . " : task " . $_SERVER['argv']['2'] . " seems " . (!$task ? 'NOT ' : '') . "done !"); $this->raiseError($this->_processManager->getPIDFilePath() . " : PID file exists ? " . @file_exists($this->_processManager->getPIDFilePath())); } $fpath = $this->_processManager->getPIDFilePath() . '.ok'; if (@touch($fpath) && @chmod($fpath, octdec(FILES_CHMOD))) { $f = @fopen($fpath, 'a'); if (!@fwrite($f, 'Script OK')) { $this->raiseError($this->_processManager->getPIDFilePath() . " : Can't write into file: " . $fpath); } @fclose($f); } else { $this->raiseError($this->_processManager->getPIDFilePath() . " : Can't create file: " . $fpath); } } } else { // MASTER SCRIPT : Processes all sub-scripts @ini_set('max_execution_time', MASTER_SCRIPT_TIME_OUT); //set max execution time for master script @set_time_limit(MASTER_SCRIPT_TIME_OUT); //set the PHP timeout for master script //max simultaneous scripts $maxScripts = $_SERVER['argv']['2']; $scriptsArray = array(); //send script informations to process manager $this->_processManager->setParameters(processManager::MASTER_SCRIPT_NAME, ''); //the sql script which selects one script task at a time $sql_select = "\n\t\t\t\tselect\n\t\t\t\t\t*\n\t\t\t\tfrom\n\t\t\t\t\tregenerator\n\t\t\t\tlimit\n\t\t\t\t\t" . $maxScripts . "\n\t\t\t"; //and now, launch all sub-scripts until table is empty. while (true) { //get scripts $q = new CMS_query($sql_select); if ($q->getNumRows()) { while (count($scriptsArray) < $maxScripts && ($data = $q->getArray())) { // Launch sub-process if (!APPLICATION_IS_WINDOWS) { // On unix system $sub_system = PATH_PACKAGES_FS . "/scripts/script.php -s " . $data["id_reg"] . " > /dev/null 2>&1 &"; if (!defined('PATH_PHP_CLI_UNIX') || !PATH_PHP_CLI_UNIX) { CMS_patch::executeCommand("cd " . PATH_REALROOT_FS . "; php " . $sub_system, $error); if ($error) { CMS_grandFather::raiseError('Error during execution of sub script command (cd ' . PATH_REALROOT_FS . '; php ' . $sub_system . '), please check your configuration : ' . $error); return false; } } else { CMS_patch::executeCommand("cd " . PATH_REALROOT_FS . "; " . PATH_PHP_CLI_UNIX . " " . $sub_system, $error); if ($error) { CMS_grandFather::raiseError('Error during execution of sub script command (cd ' . PATH_REALROOT_FS . '; ' . PATH_PHP_CLI_UNIX . ' ' . $sub_system . '), please check your configuration : ' . $error); return false; } } $PIDfile = $this->_processManager->getTempPath() . "/" . SCRIPT_CODENAME . "_" . $data["id_reg"]; if ($this->_debug) { $this->raiseError(processManager::MASTER_SCRIPT_NAME . " : Executes system(" . $sub_system . ")"); } //sleep a little @sleep(SLEEP_TIME); } else { // On windows system //Create the BAT file $command = '@echo off' . "\r\n" . '@start /B /BELOWNORMAL ' . realpath(PATH_PHP_CLI_WINDOWS) . ' ' . realpath(PATH_PACKAGES_FS . '\\scripts\\script.php') . ' -s ' . $data["id_reg"]; if (!@touch(realpath(PATH_WINDOWS_BIN_FS) . DIRECTORY_SEPARATOR . "sub_script.bat")) { $this->raiseError(processManager::MASTER_SCRIPT_NAME . " : Create file error : sub_script.bat"); } $replace = array('program files (x86)' => 'progra~2', 'program files' => 'progra~1', 'documents and settings' => 'docume~1'); $command = str_ireplace(array_keys($replace), $replace, $command); $fh = fopen(realpath(PATH_WINDOWS_BIN_FS . DIRECTORY_SEPARATOR . "sub_script.bat"), "wb"); if (is_resource($fh)) { if (!fwrite($fh, $command, io::strlen($command))) { CMS_grandFather::raiseError(processManager::MASTER_SCRIPT_NAME . " : Save file error : sub_script.bat"); } fclose($fh); } $WshShell = new COM("WScript.Shell"); $oExec = $WshShell->Run(str_ireplace(array_keys($replace), $replace, realpath(PATH_WINDOWS_BIN_FS . '\\sub_script.bat')), 0, false); $PIDfile = $this->_processManager->getTempPath() . DIRECTORY_SEPARATOR . SCRIPT_CODENAME . "_" . $data["id_reg"]; //sleep a little @sleep(SLEEP_TIME); } if ($this->_debug) { $this->raiseError(processManager::MASTER_SCRIPT_NAME . " : script : " . $data["id_reg"] . " - sub_system : " . $sub_system); } $scriptsArray[] = array("PID" => $PIDfile, "startTime" => CMS_stats::getmicrotime(), "scriptID" => $data["id_reg"], "scriptDatas" => $data); } } else { // no more scripts to process // > delete all temporary files // > end script if (APPLICATION_IS_WINDOWS) { $files = glob(realpath($this->_processManager->getTempPath()) . DIRECTORY_SEPARATOR . SCRIPT_CODENAME . '*.ok', GLOB_NOSORT); if (is_array($files)) { foreach ($files as $file) { if (!CMS_file::deleteFile($file)) { $this->raiseError("Can't delete file " . $file); return false; } } } } else { $tmpDir = dir($this->_processManager->getTempPath()); while (false !== ($file = $tmpDir->read())) { if (io::strpos($file, SCRIPT_CODENAME) !== false) { @unlink($this->_processManager->getTempPath() . '/' . $file); } } } break; } while (true) { @sleep(SLEEP_TIME); //wait a little to check sub_scripts $break = false; $timeStop = CMS_stats::getmicrotime(); if ($this->_debug) { $this->raiseError(processManager::MASTER_SCRIPT_NAME . " Scripts in progress : " . sizeof($scriptsArray)); } foreach ($scriptsArray as $nb => $aScript) { if ($this->_debug) { $this->raiseError(processManager::MASTER_SCRIPT_NAME . " PID : " . $aScript["PID"] . " - time : " . ($timeStop - $aScript["startTime"])); } $ok = ''; $ok = is_file($aScript["PID"] . '.ok'); if ($ok) { //$break = true; if ($this->_debug) { $this->raiseError(processManager::MASTER_SCRIPT_NAME . " Script : " . $aScript["PID"] . " OK !"); } unset($scriptsArray[$nb]); } elseif ($timeStop - $aScript["startTime"] >= SUB_SCRIPT_TIME_OUT) { if ($this->_debug) { $this->raiseError(processManager::MASTER_SCRIPT_NAME . " : Script : " . $aScript["PID"] . " NOT OK !"); } $this->raiseError(processManager::MASTER_SCRIPT_NAME . ' : Error on task : ' . $aScript["scriptID"] . ' ... skip it. Task parameters : ' . print_r($aScript['scriptDatas'], true)); //$break = true; unset($scriptsArray[$nb]); //delete the script in error from task list $q_del = "\n\t\t\t\t\t\t\t\tdelete\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tregenerator\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tid_reg='" . $aScript["scriptID"] . "'"; $q_del = new CMS_query($q_del); } } if (!$scriptsArray) { break; } } } } }
/** * Convert variables of a given definition string (usually a row definition) * * @param string $definition the definition string to convert * @param boolean $toHumanReadableFormat if true, convert found variables to a human readable format, else to a machine readable format * @param boolean $reset if true, reset convertion table if already loaded * * @return string : the module definition string converted * @access public */ function convertDefinitionString($definition, $toHumanReadableFormat, $reset = false) { global $cms_language; static $modulesConversionTable; $count = 1; //loop on text for vars to replace if any while (preg_match_all("#\\{[^{}]+[|}]{1}#U", $definition, $matches) && $count) { $matches = array_unique($matches[0]); //get module variables conversion table if (!isset($modulesConversionTable[$cms_language->getCode()][$this->getCodename()]) || $reset) { $modulesConversionTable[$cms_language->getCode()][$this->getCodename()] = CMS_poly_module_structure::getModuleTranslationTable($this->getCodename(), $cms_language); } $convertionTable = $toHumanReadableFormat ? array_flip($modulesConversionTable[$cms_language->getCode()][$this->getCodename()]) : $modulesConversionTable[$cms_language->getCode()][$this->getCodename()]; //create definition conversion table $replace = array(); $count = 0; foreach ($matches as $variable) { $strippedVar = io::substr($variable, 1, io::strlen($variable) - 2); if (isset($convertionTable[$strippedVar])) { $replace[$variable] = '{' . $convertionTable[$strippedVar] . io::substr($variable, -1); $count++; } } //then replace variables in definition $definition = str_replace(array_keys($replace), $replace, $definition); } return $definition; }
/** * Get all searched objects ids * * @access private * @return array of object ids unsorted */ protected function _getIds() { $IDs = array(); $statusSuffix = $this->_public ? "_public" : "_edited"; //loop on each conditions foreach ($this->_whereConditions as $type => $typeWhereConditions) { foreach ($typeWhereConditions as $whereConditionsValues) { $value = $whereConditionsValues['value']; $operator = $whereConditionsValues['operator']; $sql = ''; switch ($type) { case "object": //add previously found IDs to where clause $where = $IDs ? ' and id_moo in (' . $this->_getSQLTmpList() . ')' : ''; //to remove deleted objects from results $sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tid_moo as objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_object_polyobjects\n\t\t\t\t\twhere\n\t\t\t\t\t\tobject_type_id_moo = '" . $this->_object->getID() . "'\n\t\t\t\t\t\tand deleted_moo = '0'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t"; break; case "item": //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; //check operator $supportedOperator = array('=', '!=', '>=', '>', '<=', '<'); if ($operator && !in_array($operator, $supportedOperator)) { $this->raiseError("Unknown search operator : " . $operator . ", use default search instead"); $operator = false; } if (!$operator) { $operator = '='; } $sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_text" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " '" . $value . "'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " '" . $value . "'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_string" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " '" . $value . "'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_date" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " '" . $value . "'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t"; break; case "items": //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; //check operator $supportedOperator = array('in', 'not in'); if ($operator && !in_array($operator, $supportedOperator)) { $this->raiseError("Unknown search operator : " . $operator . ", use default search instead"); $operator = false; } if (!$operator) { $operator = 'in'; } //no values to found so break search if ((!is_array($value) || !$value) && $operator == 'in') { $IDs = array(); break; } //no filter to do so break search if ((!is_array($value) || !$value) && $operator == 'not in') { break; } $sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_text" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_string" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_date" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t"; break; case "profile": //if user has no right on module, he cannot search object on it if (!$value->hasModuleClearance($this->_object->getValue('module'), CLEARANCE_MODULE_VIEW)) { break; } //if object has categories, check rights on it if ($this->_object->hasCategories()) { //get field of categories for searched object type (assume it uses categories) $categoriesFields = CMS_poly_object_catalog::objectHasCategories($this->_object->getId()); //BUG : in websites without APPLICATION_ENFORCES_ACCESS_CONTROL, backend rights on categories are checked on visibility instead of edition if (!$this->_public) { $clearance = CLEARANCE_MODULE_EDIT; $strict = true; } else { $clearance = CLEARANCE_MODULE_VIEW; $strict = false; } //get a list of all viewvable categories for current user $cats = array_keys(CMS_moduleCategories_catalog::getViewvableCategoriesForProfile($value, $this->_object->getValue('module'), true, $clearance, $strict)); foreach ($categoriesFields as $categoriesField) { //load category field if not exists if (!isset($this->_fieldsDefinitions[$categoriesField]) || !is_object($this->_fieldsDefinitions[$categoriesField])) { //get object fields definition $this->_fieldsDefinitions = CMS_poly_object_catalog::getFieldsDefinition($this->_object->getID()); } if (!isset($this->_fieldsDefinitions[$categoriesField])) { break; } //we can see objects without categories only if is not public or field is not required and user has admin right on module if ($this->_public && !$this->_fieldsDefinitions[$categoriesField]->getValue('required') || !$this->_public && $value->hasModuleClearance($this->_object->getValue('module'), CLEARANCE_MODULE_EDIT)) { //add deleted cats to searchs $viewvableCats = array_merge(CMS_moduleCategories_catalog::getDeletedCategories($this->_object->getValue('module')), $cats); //add zero value for objects without categories $viewvableCats[] = 0; } else { $viewvableCats = $cats; //add zero value for objects without categories $viewvableCats[] = 0; } //if no viewvable categories, user has no rights to view anything if (!$viewvableCats) { break; } $removedIDs = array(); //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; $sqlTmp = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '" . $categoriesField . "'\n\t\t\t\t\t\t\t\t\tand value not in (" . @implode(',', $viewvableCats) . ")\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t"; $qTmp = new CMS_query($sqlTmp); while ($r = $qTmp->getArray()) { if ($r['objectID'] && isset($IDs[$r['objectID']])) { $removedIDs[$r['objectID']] = $r['objectID']; } } //add (again) ids which has a category visible and a category not visible if ($removedIDs) { $sqlTmp = "\n\t\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t\tobjectFieldID = '" . $categoriesField . "'\n\t\t\t\t\t\t\t\t\t\tand value in (" . @implode(',', $viewvableCats) . ")\n\t\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t"; $qTmp = new CMS_query($sqlTmp); while ($r = $qTmp->getArray()) { if ($r['objectID'] && isset($removedIDs[$r['objectID']])) { unset($removedIDs[$r['objectID']]); } } //then finally remove ids foreach ($removedIDs as $idToRemove) { unset($IDs[$idToRemove]); } } //if no IDs break if (!$IDs) { break; } //if field is required and if it is a public search, object must have this category in DB if ($this->_fieldsDefinitions[$categoriesField]->getValue('required') && $this->_public) { //update tmp table with found ids $this->_updateTmpList($IDs); $sqlTmp = "\n\t\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t\tobjectFieldID = '" . $categoriesField . "'\n\t\t\t\t\t\t\t\t\t\tand objectID in (" . $this->_getSQLTmpList() . ")\n\t\t\t\t\t\t\t\t"; $qTmp = new CMS_query($sqlTmp); $IDs = array(); while ($r = $qTmp->getArray()) { $IDs[$r['objectID']] = $r['objectID']; } } //if no IDs break if (!$IDs) { break; } } //if no IDs break if (!$IDs) { break; } } elseif (!$this->_public && !$value->hasModuleClearance($this->_object->getValue('module'), CLEARANCE_MODULE_EDIT)) { break; } elseif ($this->_public && !$value->hasModuleClearance($this->_object->getValue('module'), CLEARANCE_MODULE_VIEW)) { break; } //update tmp table with found ids $this->_updateTmpList($IDs); //add previously found IDs to where clause $where = $IDs ? ' id_moo in (' . $this->_getSQLTmpList() . ')' : ''; $sql = "\n\t\t\t\t\t\tselect\n\t\t\t\t\t\t\tdistinct id_moo as objectID\n\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\tmod_object_polyobjects\n\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t"; break; case "keywords": if ($value) { //check operators $supportedOperator = array('any', 'all', 'phrase', 'beginswith'); if ($operator && !in_array($operator, $supportedOperator)) { $this->raiseError("Unkown search operator : " . $operator . ", use default search instead"); $operator = 'any'; } elseif (!$operator) { $operator = 'any'; } //if ASE module exists (and is active) and object is indexed, and search is public, use it to do this search if ($operator == 'any' && class_exists('CMS_module_ase') && CMS_module_ase::isActive() && $this->_object->getValue('indexable') && $this->_public) { //get language code for stemming $languageCode = ''; if ($languageFieldIDs = CMS_poly_object_catalog::objectHasLanguageField($this->_object->getID())) { $languageFieldID = array_shift($languageFieldIDs); //if any query use this field, use the queried value for stemming strategy if (isset($this->_whereConditions[$languageFieldID]) && $this->_whereConditions[$languageFieldID]) { $languageCode = $this->_whereConditions[$languageFieldID][0]['value']; } } //otherwise, we use current language if (!$languageCode) { global $cms_language; $languageCode = $cms_language->getCode(); } if (!$languageCode) { $languageCode = io::strtolower(APPLICATION_DEFAULT_LANGUAGE); } $module = $this->_object->getValue('module'); //create Xapian search object $search = new CMS_XapianQuery(trim($value), array($module), $languageCode, true); //load module interface if (!($moduleInterface = CMS_ase_interface_catalog::getModuleInterface($module))) { $this->raiseError('No active Xapian interface for module : ' . $module); return false; } //add previously found IDs to search filters $moduleInterface->addFilter('items', $IDs); //set module interface to search engine $search->setModuleInterface($module, $moduleInterface); //set page number and max results for xapian query //we must do a complete search all the time so we start from page 0 $page = 0; //we limit to a maximum of 1000 results $maxResults = 1000; //then search if (!$search->query($page, $maxResults)) { $this->raiseError('Error in Xapian query for search : ' . io::htmlspecialchars($value)); return false; } //pr($search->getQueryDesc(true)); //if no results : break if (!$search->getMatchesNumbers()) { break; } $xapianResults = $search->getMatches(); } else { //get fields if (!isset($this->_fieldsDefinitions[$type]) || !is_object($this->_fieldsDefinitions[$type])) { //get object fields definition $this->_fieldsDefinitions = CMS_poly_object_catalog::getFieldsDefinition($this->_object->getID()); } //search only in "searchable" fields $fields = array(); $aseExists = class_exists('CMS_module_ase') && CMS_module_ase::isActive() && $this->_object->getValue('indexable') ? true : false; foreach ($this->_fieldsDefinitions as $fieldDefinition) { if ($fieldDefinition->getValue($aseExists ? 'indexable' : 'searchable')) { $fields[] = $fieldDefinition->getID(); } } if (!$fields) { //if no fields after cleaning, return break; } //add previously found IDs to where clause $where = $IDs ? ' objectID in (' . $this->_getSQLTmpList() . ') and ' : ''; //filter on specified fields $where .= $fields ? ' objectFieldID in (' . implode(',', $fields) . ') and ' : ''; //clean user keywords (never trust user input, user is evil) $value = strtr($value, ",;", " "); $words = array(); $words = array_map("trim", array_unique(explode(" ", $value))); $cleanedWords = array(); foreach ($words as $aWord) { if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) { $aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord); $cleanedWords[] = $aWord; } } if (!$cleanedWords) { //if no words after cleaning, return break; } switch ($operator) { case 'any': $where .= '('; //then add keywords $count = '0'; foreach ($cleanedWords as $aWord) { $where .= $count ? ' or ' : ''; $count++; $where .= "value like '%" . $aWord . "%'"; if (htmlentities($aWord) != $aWord) { $where .= " or value like '%" . htmlentities($aWord) . "%'"; } } $where .= ')'; break; case 'all': $where .= '('; //then add keywords $count = '0'; foreach ($cleanedWords as $aWord) { $where .= $count ? ' and ' : ''; $count++; if (htmlentities($aWord) != $aWord) { $where .= "(value like '%" . $aWord . "%' or value like '%" . htmlentities($aWord) . "%')"; } else { $where .= "value like '%" . $aWord . "%'"; } } $where .= ')'; break; case 'phrase': $value = str_replace(array('%', '_'), array('\\%', '\\_'), trim($value)); if (htmlentities($value) != $value) { $where .= "(value like '%" . $value . "%' or value like '%" . htmlentities($value) . "%')"; } else { $where .= "value like '%" . $value . "%'"; } break; case 'beginswith': $value = str_replace(array('%', '_'), array('\\%', '\\_'), trim($value)); if (htmlentities($value) != $value) { $where .= "(value like '" . $value . "%' or value like '" . htmlentities($value) . "%')"; } else { $where .= "value like '" . $value . "%'"; } break; } $sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_text" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\tunion distinct\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\tunion distinct\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_string" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\tunion distinct\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_date" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t"; } } break; case "publication date after": // Date start //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; $sql = "\n\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\tand publicationDateStart_rs >= '" . $value->getDBValue(true) . "'\n\t\t\t\t\t\t\t\tand publicationDateStart_rs != '0000-00-00'\n\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t"; break; case "publication date before": // Date End //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; $sql = "\n\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\tand publicationDateStart_rs <= '" . $value->getDBValue(true) . "'\n\t\t\t\t\t\t\t\tand publicationDateStart_rs != '0000-00-00'\n\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t"; break; case "publication date end": // End Date of publication //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; $sql = "\n\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\tand (publicationDateEnd_rs >= '" . $value->getDBValue(true) . "'\n\t\t\t\t\t\t\t\tor publicationDateEnd_rs = '0000-00-00')\n\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t"; break; case "status": // Publication status //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; switch ($value) { case 'online': $sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\t\tand location_rs='" . RESOURCE_LOCATION_USERSPACE . "'\n\t\t\t\t\t\t\t\t\tand publication_rs='" . RESOURCE_PUBLICATION_PUBLIC . "'\n\t\t\t\t\t\t\t\t\tand publicationDateStart_rs <= '" . date('Y-m-d') . "'\n\t\t\t\t\t\t\t\t\tand publicationDateStart_rs != '0000-00-00'\n\t\t\t\t\t\t\t\t\tand (publicationDateEnd_rs >= '" . date('Y-m-d') . "'\n\t\t\t\t\t\t\t\t\tor publicationDateEnd_rs = '0000-00-00')\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t"; break; case 'offline': $sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\t\tand (publication_rs='" . RESOURCE_PUBLICATION_NEVERVALIDATED . "' or publication_rs='" . RESOURCE_PUBLICATION_VALIDATED . "')\n\t\t\t\t\t\t\t\t\tand (publicationDateStart_rs > '" . date('Y-m-d') . "' or publicationDateEnd_rs < '" . date('Y-m-d') . "')\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t"; break; case 'validated': $sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\t\tand editions_rs=0\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t"; break; case 'awaiting': $sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\t\tand editions_rs!=0\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t"; break; } break; default: //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; if (!isset($this->_fieldsDefinitions[$type]) || !is_object($this->_fieldsDefinitions[$type])) { //get object fields definition $this->_fieldsDefinitions = CMS_poly_object_catalog::getFieldsDefinition($this->_object->getID()); } //get type object for field if (isset($this->_fieldsDefinitions[$type])) { $objectField = $this->_fieldsDefinitions[$type]->getTypeObject(); $sql = $objectField->getFieldSearchSQL($type, $value, $operator, $where, $this->_public); } else { $this->raiseError('Unknown field ' . $type . ' to filter with value ' . print_r($value, true)); } break; } if ($sql || isset($xapianResults) || isset($fullTextResults)) { if ($sql) { //pr($sql); //$this->raiseError($sql); $q = new CMS_query($sql); $IDs = array(); if (!$q->hasError()) { while ($id = $q->getValue('objectID')) { $IDs[$id] = $id; } } } elseif (isset($xapianResults)) { $IDs = array(); foreach ($xapianResults as $id) { $IDs[$id] = $id; } //if we only have objectID as orderCondition or if order by relevance is queried, use order provided by Xapian if (isset($this->_orderConditions['objectID']) && $this->_orderConditions['objectID'] && sizeof($this->_orderConditions) <= 1 || isset($this->_orderConditions['relevance']) && $this->_orderConditions['relevance']) { if ($this->_orderConditions['relevance'] == 'desc') { $this->_orderConditions = array('itemsOrdered' => array('order' => array_reverse($IDs, true))); } else { $this->_orderConditions = array('itemsOrdered' => array('order' => $IDs)); } if (isset($this->_orderConditions['relevance']) && $this->_orderConditions['relevance']) { unset($this->_orderConditions['relevance']); } } } else { //if we only have objectID as orderCondition or if order by relevance is queried, use order provided by MySQL Fulltext if (isset($this->_orderConditions['relevance']) && $this->_orderConditions['relevance']) { if ($this->_orderConditions['relevance'] == 'desc') { $this->_orderConditions = array('itemsOrdered' => array('order' => array_reverse($fullTextResults, true))); } else { $this->_orderConditions = array('itemsOrdered' => array('order' => $fullTextResults)); } unset($this->_orderConditions['relevance']); } } //if no results, no need to continue if (!$IDs) { $IDs = array(); $this->_numRows = 0; return $IDs; } //update tmp table with found ids $this->_updateTmpList($IDs); } else { //if no sql request, then no results (can be used by 'profile'), no need to continue $IDs = array(); $this->_numRows = sizeof($IDs); return $IDs; } } } $this->_numRows = sizeof($IDs); return $IDs; }
/** * set object Values * * @param array $values : the POST result values * @param string prefixname : the prefix used for post names * @param boolean newFormat : new automne v4 format (default false for compatibility) * @param integer $objectID : the current object id. Must be set, but default is blank for compatibility with other objects * @return boolean true on success, false on failure * @access public */ function setValues($values, $prefixName, $newFormat = false, $objectID = '') { if (!sensitiveIO::isPositiveInteger($objectID)) { $this->raiseError('ObjectID must be a positive integer : ' . $objectID); return false; } //get field parameters $params = $this->getParamsValues(); //get module codename $moduleCodename = CMS_poly_object_catalog::getModuleCodenameForField($this->_field->getID()); if ($newFormat) { //delete old images ? //thumbnail if ($this->_subfieldValues[0]->getValue() && (!$values[$prefixName . $this->_field->getID() . '_0'] || pathinfo($values[$prefixName . $this->_field->getID() . '_0'], PATHINFO_BASENAME) != $this->_subfieldValues[0]->getValue())) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $this->_subfieldValues[0]->setValue(''); } //image zoom if ($this->_subfieldValues[2]->getValue() && (!isset($values[$prefixName . $this->_field->getID() . '_2']) || !$values[$prefixName . $this->_field->getID() . '_2'] || pathinfo($values[$prefixName . $this->_field->getID() . '_2'], PATHINFO_BASENAME) != $this->_subfieldValues[2]->getValue())) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $this->_subfieldValues[2]->setValue(''); } //set label from label field if (!$this->_subfieldValues[1]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_1']))) { return false; } //image zoom (if needed) if ((!isset($values[$prefixName . $this->_field->getID() . '_makeZoom']) || $values[$prefixName . $this->_field->getID() . '_makeZoom'] != 1) && isset($values[$prefixName . $this->_field->getID() . '_2']) && $values[$prefixName . $this->_field->getID() . '_2'] && io::strpos($values[$prefixName . $this->_field->getID() . '_2'], PATH_UPLOAD_WR . '/') !== false) { $filename = $values[$prefixName . $this->_field->getID() . '_2']; //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //destroy old image if any if ($this->_subfieldValues[2]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $this->_subfieldValues[2]->setValue(''); } //move and rename uploaded file $filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $filename); $basename = pathinfo($filename, PATHINFO_BASENAME); //set thumbnail $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $zoomBasename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($basename)); if (io::strlen($zoomBasename) > 255) { $zoomBasename = sensitiveIO::ellipsis($zoomBasename, 255, '-', true); } $zoomFilename = $path . '/' . $zoomBasename; CMS_file::moveTo($filename, $zoomFilename); CMS_file::chmodFile(FILES_CHMOD, $zoomFilename); //set it if (!$this->_subfieldValues[2]->setValue($zoomBasename)) { return false; } } //thumbnail if ($values[$prefixName . $this->_field->getID() . '_0'] && io::strpos($values[$prefixName . $this->_field->getID() . '_0'], PATH_UPLOAD_WR . '/') !== false) { $filename = $values[$prefixName . $this->_field->getID() . '_0']; //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //destroy old image if any if ($this->_subfieldValues[0]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $this->_subfieldValues[0]->setValue(''); } //move and rename uploaded file $filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $filename); $basename = pathinfo($filename, PATHINFO_BASENAME); //set thumbnail $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $newBasename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($basename)); //rename image $path_parts = pathinfo($newBasename); $extension = io::strtolower($path_parts['extension']); $newBasename = io::substr($path_parts['basename'], 0, -(io::strlen($extension) + 1)) . '_thumbnail.' . $extension; if (io::strlen($newBasename) > 255) { $newBasename = sensitiveIO::ellipsis($newBasename, 255, '-', true); } $newFilename = $path . '/' . $newBasename; //move file from upload dir to new dir CMS_file::moveTo($filename, $newFilename); CMS_file::chmodFile(FILES_CHMOD, $newFilename); //if we use original image as image zoom, set it if (isset($values[$prefixName . $this->_field->getID() . '_makeZoom']) && $values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) { $zoomFilename = str_replace('_thumbnail.' . $extension, '.' . $extension, $newFilename); //copy image as zoom CMS_file::copyTo($newFilename, $zoomFilename); $zoomBasename = pathinfo($zoomFilename, PATHINFO_BASENAME); //set image zoom if (!$this->_subfieldValues[2]->setValue($zoomBasename)) { return false; } } //resize thumbnail if needed if ($params['maxWidth'] > 0 || $params['maxHeight'] > 0) { $oImage = new CMS_image($newFilename); //get current file size $sizeX = $oImage->getWidth(); $sizeY = $oImage->getHeight(); //check thumbnail size if ($params['maxWidth'] && $sizeX > $params['maxWidth'] || $params['maxHeight'] && $sizeY > $params['maxHeight']) { $newSizeX = $sizeX; $newSizeY = $sizeY; // Check width if ($params['maxWidth'] && $newSizeX > $params['maxWidth']) { $newSizeY = round($params['maxWidth'] * $newSizeY / $newSizeX); $newSizeX = $params['maxWidth']; } if ($params['maxHeight'] && $newSizeY > $params['maxHeight']) { $newSizeX = round($params['maxHeight'] * $newSizeX / $newSizeY); $newSizeY = $params['maxHeight']; } if (!$oImage->resize($newSizeX, $newSizeY, $newFilename)) { return false; } } } //set thumbnail if (!$this->_subfieldValues[0]->setValue($newBasename)) { return false; } } // If label not set yet, set it /*if(!$this->_subfieldValues[1]->getValue()){ if($this->_subfieldValues[0]->getValue()){ $this->_subfieldValues[1]->setValue($this->_subfieldValues[0]->getValue()); } }*/ //if we had an imagezoom, check his size if ($this->_subfieldValues[2]->getValue() && ($params['maxZoomWidth'] > 0 || $params['maxZoomHeight'] > 0)) { //resize zoom if needed $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $basename = $this->_subfieldValues[2]->getValue(); $filename = $path . '/' . $basename; $extension = io::strtolower(pathinfo($basename, PATHINFO_EXTENSION)); $oImage = new CMS_image($filename); //get current file size $sizeX = $oImage->getWidth(); $sizeY = $oImage->getHeight(); //check zoom size if ($params['maxZoomWidth'] && $sizeX > $params['maxZoomWidth'] || $params['maxZoomHeight'] && $sizeY > $params['maxZoomHeight']) { $newSizeX = $sizeX; $newSizeY = $sizeY; // Check width if ($params['maxZoomWidth'] && $newSizeX > $params['maxZoomWidth']) { $newSizeY = round($params['maxZoomWidth'] * $newSizeY / $newSizeX); $newSizeX = $params['maxZoomWidth']; } if ($params['maxZoomHeight'] && $newSizeY > $params['maxZoomHeight']) { $newSizeX = round($params['maxZoomHeight'] * $newSizeX / $newSizeY); $newSizeY = $params['maxZoomHeight']; } if (!$oImage->resize($newSizeX, $newSizeY, $filename)) { return false; } } } //update files infos if needed if ($this->_subfieldValues[0]->getValue() && file_exists(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue())) { $file = new CMS_file(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $imageDatas = array('filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension()); } else { $imageDatas = array('filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'extension' => ''); } $imageDatas['module'] = $moduleCodename; $imageDatas['visualisation'] = RESOURCE_DATA_LOCATION_EDITED; if ($params['useDistinctZoom'] || $this->_subfieldValues[2]->getValue()) { //update files infos if needed if ($this->_subfieldValues[2]->getValue() && file_exists(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue())) { $file = new CMS_file(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $zoomDatas = array('filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension()); } else { $zoomDatas = array('filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'extension' => ''); } $zoomDatas['module'] = $moduleCodename; $zoomDatas['visualisation'] = RESOURCE_DATA_LOCATION_EDITED; } else { $zoomDatas = ''; } $content = array('datas' => array('polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_0]' => $imageDatas, 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_2]' => $zoomDatas, 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_1]' => sensitiveIO::decodeEntities($this->_subfieldValues[1]->getValue()))); $view = CMS_view::getInstance(); $view->addContent($content); return true; } else { //Old format //delete old images ? if (isset($values[$prefixName . $this->_field->getID() . '_delete']) && $values[$prefixName . $this->_field->getID() . '_delete'] == 1) { if ($this->_subfieldValues[0]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $this->_subfieldValues[0]->setValue(''); } elseif (isset($values[$prefixName . $this->_field->getID() . '_0_hidden']) && $values[$prefixName . $this->_field->getID() . '_0_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_0_hidden']); $this->_subfieldValues[0]->setValue(''); } if ($this->_subfieldValues[2]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $this->_subfieldValues[2]->setValue(''); } elseif (isset($values[$prefixName . $this->_field->getID() . '_2_hidden']) && $values[$prefixName . $this->_field->getID() . '_2_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_2_hidden']); $this->_subfieldValues[2]->setValue(''); } } //set label from label field if (!$this->_subfieldValues[1]->setValue(io::htmlspecialchars(@$values[$prefixName . $this->_field->getID() . '_1']))) { return false; } //thumbnail if (isset($_FILES[$prefixName . $this->_field->getID() . '_0']) && $_FILES[$prefixName . $this->_field->getID() . '_0']['name'] && !$_FILES[$prefixName . $this->_field->getID() . '_0']['error']) { //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($_FILES[$prefixName . $this->_field->getID() . '_0']["name"], PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //set label as image name if none set /*if (!$values[$prefixName.$this->_field->getID().'_1']) { if (!$this->_subfieldValues[1]->setValue(io::htmlspecialchars($_FILES[$prefixName.$this->_field->getID().'_0']["name"]))) { return false; } }*/ //destroy all old images if any if ($this->_subfieldValues[0]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $this->_subfieldValues[0]->setValue(''); } elseif (isset($values[$prefixName . $this->_field->getID() . '_0_hidden']) && $values[$prefixName . $this->_field->getID() . '_0_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_0_hidden']); $this->_subfieldValues[0]->setValue(''); } if ($this->_subfieldValues[2]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $this->_subfieldValues[2]->setValue(''); } elseif (isset($values[$prefixName . $this->_field->getID() . '_2_hidden']) && $values[$prefixName . $this->_field->getID() . '_2_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_2_hidden']); $this->_subfieldValues[2]->setValue(''); } //set thumbnail (resize it if needed) //create thumbnail path $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $filename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($_FILES[$prefixName . $this->_field->getID() . '_0']["name"])); if (io::strlen($filename) > 255) { $filename = sensitiveIO::ellipsis($filename, 255, '-', true); } //move uploaded file $fileDatas = CMS_file::uploadFile($prefixName . $this->_field->getID() . '_0', PATH_TMP_FS); if ($fileDatas['error']) { return false; } if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) { return false; } if ($params['maxWidth'] > 0) { $oImage = new CMS_image($path . "/" . $filename); //get current file size $sizeX = $oImage->getWidth(); $sizeY = $oImage->getHeight(); //check thumbnail size if ($sizeX > $params['maxWidth'] || $sizeY > $params['maxHeight']) { $newSizeX = $sizeX; $newSizeY = $sizeY; // Check width if ($params['maxWidth'] && $newSizeX > $params['maxWidth']) { $newSizeY = round($params['maxWidth'] * $newSizeY / $newSizeX); $newSizeX = $params['maxWidth']; } if ($params['maxHeight'] && $newSizeY > $params['maxHeight']) { $newSizeX = round($params['maxHeight'] * $newSizeX / $newSizeY); $newSizeY = $params['maxHeight']; } //resize image $srcfilepath = $path . "/" . $filename; $path_parts = pathinfo($srcfilepath); $thumbnailFilename = io::substr($path_parts['basename'], 0, -(io::strlen($path_parts['extension']) + 1)) . '_thumbnail.' . $path_parts['extension']; $destfilepath = $path . "/" . $thumbnailFilename; $extension = io::strtolower($path_parts['extension']); if (!$oImage->resize($newSizeX, $newSizeY, $destfilepath)) { return false; } //if we use original image as image zoom, set it if ($values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) { //set image zoom if (!$this->_subfieldValues[2]->setValue($filename)) { return false; } } else { //destroy original image unlink($srcfilepath); } //set resized thumbnail if (!$this->_subfieldValues[0]->setValue($thumbnailFilename)) { return false; } } else { //no need to resize thumbnail (below the maximum width), so set it if (!$this->_subfieldValues[0]->setValue($filename)) { return false; } //if we use original image as image zoom, set it if ($values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) { //set image zoom if (!$this->_subfieldValues[2]->setValue($filename)) { return false; } } } } else { //no need to resize thumbnail, so set it if (!$this->_subfieldValues[0]->setValue($filename)) { return false; } //if we use original image as image zoom, set it if ($values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) { //set image zoom if (!$this->_subfieldValues[2]->setValue($filename)) { return false; } } } } elseif (isset($_FILES[$prefixName . $this->_field->getID() . '_0']) && $_FILES[$prefixName . $this->_field->getID() . '_0']['name'] && $_FILES[$prefixName . $this->_field->getID() . '_0']['error'] != 0) { return false; } elseif (isset($values[$prefixName . $this->_field->getID() . '_0_hidden']) && $values[$prefixName . $this->_field->getID() . '_0_hidden'] && (!isset($values[$prefixName . $this->_field->getID() . '_delete']) || $values[$prefixName . $this->_field->getID() . '_delete'] != 1)) { //set label as image name if none set if (!$this->_subfieldValues[0]->setValue($values[$prefixName . $this->_field->getID() . '_0_hidden'])) { return false; } } //image zoom (if needed) if (isset($values[$prefixName . $this->_field->getID() . '_makeZoom']) && $values[$prefixName . $this->_field->getID() . '_makeZoom'] != 1 && isset($_FILES[$prefixName . $this->_field->getID() . '_2']['name']) && $_FILES[$prefixName . $this->_field->getID() . '_2']['name'] && !$_FILES[$prefixName . $this->_field->getID() . '_2']['error']) { //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($_FILES[$prefixName . $this->_field->getID() . '_2']["name"], PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //create thumbnail path $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $filename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($_FILES[$prefixName . $this->_field->getID() . '_2']["name"])); if (io::strlen($filename) > 255) { $filename = sensitiveIO::ellipsis($filename, 255, '-', true); } //move uploaded file $fileDatas = CMS_file::uploadFile($prefixName . $this->_field->getID() . '_2', PATH_TMP_FS); if ($fileDatas['error']) { return false; } if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) { return false; } //set it if (!$this->_subfieldValues[2]->setValue($filename)) { return false; } } elseif (isset($_FILES[$prefixName . $this->_field->getID() . '_2']) && $_FILES[$prefixName . $this->_field->getID() . '_2']['name'] && $_FILES[$prefixName . $this->_field->getID() . '_2']['error'] != 0) { return false; } elseif (isset($values[$prefixName . $this->_field->getID() . '_2_hidden']) && $values[$prefixName . $this->_field->getID() . '_2_hidden'] && (!isset($values[$prefixName . $this->_field->getID() . '_delete']) || $values[$prefixName . $this->_field->getID() . '_delete'] != 1)) { if (!$this->_subfieldValues[2]->setValue($values[$prefixName . $this->_field->getID() . '_2_hidden'])) { return false; } } return true; } }
/** * Search messages * Static function. * * @param string module : module to search messages * @param string search : search message by value * @param array languagesOnly : limit search to given languages codes * @param array options : search options * @param string direction : search is ordered by results id. Specify order direction (asc or desc). Default : asc * @param integer start : search start offset * @param integer limit : search limit (default : 0 : unlimited) * @param integer resultsnb : return results count by reference * @return array(id => msg) * @access public */ static function searchMessages($module, $search = '', $languagesOnly = array(), $options = array(), $direction = 'asc', $start = 0, $limit = 0, &$resultsnb) { $start = (int) $start; $limit = (int) $limit; $direction = in_array(io::strtolower($direction), array('asc', 'desc')) ? io::strtolower($direction) : 'asc'; $emptyOnly = $idsOnly = false; if (is_array($options)) { $emptyOnly = isset($options['empty']) && $options['empty'] ? true : false; $idsOnly = isset($options['ids']) && is_array($options['ids']) ? $options['ids'] : false; } $keywordsWhere = $languagesWhere = $emptyWhere = $orderBy = $orderClause = $idsWhere = ''; //get ids for which one message is missing if ($emptyOnly) { $qLanguages = new CMS_query("\n\t\t\t\tselect \n\t\t\t\t\tdistinct language_mes\n\t\t\t\tfrom \n\t\t\t\t\tmessages\n\t\t\t\twhere\n\t\t\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t"); $qIds = new CMS_query("\n\t\t\t\tselect \n\t\t\t\t\tdistinct id_mes\n\t\t\t\tfrom \n\t\t\t\t\tmessages\n\t\t\t\twhere\n\t\t\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t"); $allIds = $qIds->getAll(PDO::FETCH_COLUMN | PDO::FETCH_UNIQUE, 0); $missingIds = array(); while ($language = $qLanguages->getValue('language_mes')) { $qLang = new CMS_query("\n\t\t\t\t\tselect \n\t\t\t\t\t\tdistinct id_mes\n\t\t\t\t\tfrom \n\t\t\t\t\t\tmessages\n\t\t\t\t\twhere\n\t\t\t\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t\t\t\tand language_mes='" . $language . "'\n\t\t\t\t\t\tand message_mes != ''\n\t\t\t\t"); $ids = $qLang->getAll(PDO::FETCH_COLUMN | PDO::FETCH_UNIQUE, 0); $missingIds = array_merge($missingIds, array_diff($allIds, $ids)); } if (!$missingIds) { $resultsnb = 0; return array(); } $emptyWhere = ' and id_mes in (' . implode($missingIds, ',') . ')'; } if ($idsOnly) { $idsWhere = ' and id_mes in (' . io::sanitizeSQLString(implode($idsOnly, ',')) . ')'; } if ($search) { //clean user keywords (never trust user input, user is evil) $search = strtr($search, ",;", " "); if (isset($options['phrase']) && $options['phrase']) { $search = str_replace(array('%', '_'), array('\\%', '\\_'), $search); if (htmlentities($search) != $search) { $keywordsWhere .= " and (\n\t\t\t\t\t\tmessage_mes like '%" . sensitiveIO::sanitizeSQLString($search) . "%' or message_mes like '%" . sensitiveIO::sanitizeSQLString(htmlentities($search)) . "%'\n\t\t\t\t\t)"; } else { $keywordsWhere .= " and message_mes like '%" . sensitiveIO::sanitizeSQLString($search) . "%'"; } } else { $words = array(); $words = array_map("trim", array_unique(explode(" ", io::strtolower($search)))); $cleanedWords = array(); foreach ($words as $aWord) { if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) { $aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord); $cleanedWords[] = $aWord; } } if (!$cleanedWords) { //if no words after cleaning, return return array(); } foreach ($cleanedWords as $cleanedWord) { $keywordsWhere .= $keywordsWhere ? " and " : ''; if (htmlentities($aWord) != $aWord) { $keywordsWhere .= " (\n\t\t\t\t\t\t\tmessage_mes like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%' or message_mes like '%" . sensitiveIO::sanitizeSQLString(htmlentities($cleanedWord)) . "%'\n\t\t\t\t\t\t)"; } else { $keywordsWhere .= " (\n\t\t\t\t\t\t\tmessage_mes like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\t\t)"; } } $keywordsWhere = ' and (' . $keywordsWhere . ')'; } } if (is_array($languagesOnly) && $languagesOnly) { $languagesWhere = ' and language_mes in (\'' . implode($languagesOnly, '\',\'') . '\')'; } $orderClause = "order by\n\t\t\tid_mes\n\t\t\t" . $direction; $sql = "\n\t\t\tselect\n\t\t\t\tid_mes as id\n\t\t\tfrom\n\t\t\t\tmessages\n\t\t\twhere \n\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t" . $keywordsWhere . "\n\t\t\t" . $languagesWhere . "\n\t\t\t" . $emptyWhere . "\n\t\t\t" . $idsWhere . "\n\t\t"; $q = new CMS_query($sql); if (!$q->getNumRows()) { $resultsnb = 0; return array(); } $messageIds = array(); $messageIds = $q->getAll(PDO::FETCH_COLUMN | PDO::FETCH_UNIQUE, 0); $sql = "\n\t\t\tselect\n\t\t\t\tid_mes as id,\n\t\t\t\tmodule_mes as module,\n\t\t\t\tlanguage_mes as language,\n\t\t\t\tmessage_mes as message\n\t\t\tfrom\n\t\t\t\tmessages\n\t\t\twhere \n\t\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t\tand id_mes in (" . implode($messageIds, ',') . ")\n\t\t\t\t" . $orderClause . "\n\t\t"; $q = new CMS_query($sql); if (!$q->getNumRows()) { $resultsnb = 0; return array(); } $messageGroups = array(); $messageGroups = $q->getAll(PDO::FETCH_GROUP | PDO::FETCH_ASSOC); $resultsnb = count($messageGroups); if ($limit) { $messageGroups = array_slice($messageGroups, $start, $limit, true); } $messages = array(); foreach ($messageGroups as $key => $messageGroup) { $messages[$key]['id'] = $key; foreach ($messageGroup as $message) { $messages[$key][$message['language']] = $message['message']; } } return $messages; }
/** * function chmodFile * Try to chmod a file (a dir is redirected to makeExecutable method). * @param string $right, the 3 or 4 octal numbers to set (775, 664, 0664, etc.) * @param string $file, the full filename of the file or dir * @return boolean true on success, false on failure * @static */ static function chmodFile($right, $file) { $file = realpath($file); if (!file_exists($file)) { return false; } if (@is_dir($file)) { return CMS_file::makeExecutable($file); } elseif (@is_file($file)) { if (APPLICATION_IS_WINDOWS) { //chmod does not mean anything on windows return true; } $right = io::strlen($right) == 3 ? '0' . $right : $right; return @chmod($file, octdec($right)); } else { CMS_grandFather::raiseError("Can't chmod file who does not exist : " . $file); return false; } }