function handle(&$params)
{
if (!@$_REQUEST['email']) {
return PEAR::raiseError("No email address specified");
}
import('HTML/QuickForm.php');
$form = new HTML_QuickForm('opt_out_form', 'post');
$form->addElement('hidden', 'email', $_REQUEST['email']);
$form->addElement('hidden', '-action', 'email_opt_out');
$form->addElement('submit', 'submit', 'Cancel Subscription');
if ($form->validate()) {
$res = mysql_query("replace into dataface__email_blacklist (email) values ('" . addslashes($_REQUEST['email']) . "')", df_db());
if (!$res) {
trigger_error(mysql_error(df_db()), E_USER_ERROR);
}
header('Location: ' . DATAFACE_SITE_HREF . '?--msg=' . urlencode('You have successfully opted out of our mail list. You will no longer receive emails from us.'));
exit;
}
ob_start();
$form->display();
$html = ob_get_contents();
ob_end_clean();
$context = array();
$context['form'] = $html;
df_register_skin('email', DATAFACE_PATH . '/modules/Email/templates');
df_display($context, 'email/opt_out_form.html');
}
function performJobs()
{
if (!mutex('email.' . base64_encode(DATAFACE_SITE_PATH))) {
die("Email daemon already running");
}
$res = mysql_query("select * from dataface__email_jobs", df_db());
if (!$res) {
trigger_error(mysql_error(df_db()), E_USER_ERROR);
}
require_once DATAFACE_PATH . '/modules/Email/actions/email.php';
$action = new actions_email();
while ($row = mysql_fetch_assoc($res)) {
echo "\nSending mail for job {$row['job_id']} ...";
$res2 = mysql_query("delete from `" . $row['join_table'] . "` where recipient_email='' and messageid='" . addslashes($row['email_id']) . "'", df_db());
$action->sendMail($row['email_id'], $row['email_table'], $row['join_table'], $row['recipients_table'], $row['email_column']);
// check to see if all the messages for this job have been sent yet
$res2 = mysql_query("select count(*) from `" . $row['join_table'] . "` where sent<>1 and messageid='" . addslashes($row['email_id']) . "'", df_db());
if (!$res2) {
trigger_error(mysql_error(df_db()), E_USER_ERROR);
}
list($num) = mysql_fetch_row($res2);
@mysql_free_result($res2);
if ($num == 0) {
echo "\nJob {$row['job_id']} is complete! Deleting job...";
$res2 = mysql_query("delete from dataface__email_jobs where job_id='" . addslashes($row['job_id']) . "' limit 1", df_db());
if (!$res2) {
trigger_error(mysql_error(df_db()), E_USER_ERROR);
}
} else {
echo "\nAfter sending mail for job {$row['job_id']}, there are still {$num} messages left to send.";
}
}
@mysql_free_result($res);
echo "\n";
}
/**
* This function acts as a member method of the PreferencesTool class. It has
* been factored out for efficiency because it only needs to be run once.
* @see Dataface_PreferncesTool::_createPreferencesTable()
*/
function Dataface_PreferencesTool__createPreferencesTable()
{
$res = xf_db_query("create table if not exists `dataface__preferences` (\n\t\t\t`pref_id` int(11) unsigned not null auto_increment,\n\t\t\t`username` varchar(64) not null,\n\t\t\t`table` varchar(128) not null,\n\t\t\t`record_id` varchar(255) not null,\n\t\t\t`key` varchar(128) not null,\n\t\t\t`value` varchar(255) not null,\n\t\t\tprimary key (pref_id),\n\t\t\tindex `username` (`username`),\n\t\t\tindex `table` (`table`),\n\t\t\tindex `record_id` (`record_id`))", df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()), E_USER_ERROR);
}
}
function handle(&$params)
{
$app =& Dataface_Application::getInstance();
$query = $app->getQuery();
$query['-skip'] = 0;
$query['-limit'] = 999999999;
$at = Dataface_ActionTool::getInstance();
$emailAction = $at->getAction(array('name' => 'email'));
if (!isset($emailAction) or !isset($emailAction['email_column'])) {
return PEAR::raiseError("No email column specified");
}
$col = $emailAction['email_column'];
$qb = new Dataface_QueryBuilder($query['-table'], $query);
$sql = "select `" . $col . "` " . $qb->_from() . $qb->_secure($qb->_where());
$res = mysql_query($sql, df_db());
if (!$res) {
trigger_error(mysql_error(df_db()), E_USER_ERROR);
}
$addresses = array();
while ($row = mysql_fetch_row($res)) {
$addresses[] = $row[0];
}
@mysql_free_result($res);
header("Content-type: text/plain");
echo implode(', ', $addresses);
exit;
}
/**
* @brief Initializes the datepicker module and registers all of the event listener.
*
*/
function __construct()
{
$app = Dataface_Application::getInstance();
// Now work on our dependencies
$mt = Dataface_ModuleTool::getInstance();
// We require the XataJax module
// The XataJax module activates and embeds the Javascript and CSS tools
$mt->loadModule('modules_XataJax', 'modules/XataJax/XataJax.php');
// Register the geopicker widget with the form tool so that it responds
// to widget:type=geopicker
import('Dataface/FormTool.php');
$ft = Dataface_FormTool::getInstance();
$ft->registerWidgetHandler('geopicker', dirname(__FILE__) . DIRECTORY_SEPARATOR . 'widget.php', 'Dataface_FormTool_geopicker');
if (!@$app->_conf['modules_geopicker'] or !@$app->_conf['modules_geopicker']['key']) {
$msg = <<<END
<p>Google Maps Module is installed but no API key is specified.</p>
<p>For information about obtaining your API key see <a href="https://developers.google.com/maps/documentation/javascript/tutorial#api_key">this page</a>.</p>
<p>After obtaining your key, add the following section to your application's conf.ini file:</p>
<p><code><pre>
[modules_geopicker]
key=YOUR_API_KEY_HERE
</pre></code></p>
END;
die($msg);
}
$app->addHeadContent('<script>XF_GEOPICKER_API_KEY="' . htmlspecialchars($app->_conf['modules_geopicker']['key']) . '";</script>');
foreach (Dataface_Table::loadTable('', df_db(), true) as $t) {
$evt = new StdClass();
$evt->table = $t;
$this->afterTableInit($evt);
}
$app->registerEventListener("afterTableInit", array($this, 'afterTableInit'));
$app->registerEventListener("Dataface_Record__htmlValue", array($this, 'Dataface_Record__htmlValue'));
}
static function q($sql)
{
$res = mysql_query($sql, df_db());
if (!$res) {
throw new Exception(mysql_error(df_db()));
}
return $res;
}
function handle(&$params)
{
$app =& Dataface_Application::getInstance();
if (df_get_database_version() == df_get_file_system_version()) {
$app->redirect(DATAFACE_SITE_HREF . '?--msg=' . urlencode('The application database is up to date at version ' . df_get_database_version()));
}
if (df_get_database_version() > df_get_file_system_version()) {
$app->redirect(DATAFACE_SITE_HREF . '?--msg=' . urlencode('The database version is greater than the file system version. Please upgrade your application to match the version in the database (version ' . df_get_database_version()));
}
$res = xf_db_query("select count(*) from dataface__version", df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()));
}
$row = xf_db_fetch_row($res);
if ($row[0] == 0) {
$res2 = xf_db_query("insert into dataface__version (`version`) values (0)", df_db());
if (!$res2) {
throw new Exception(xf_db_error(df_db()));
}
}
if (file_exists('conf/Installer.php')) {
import('conf/Installer.php');
$installer = new conf_Installer();
$methods = get_class_methods('conf_Installer');
$methods = preg_grep('/^update_([0-9]+)$/', $methods);
$updates = array();
foreach ($methods as $method) {
preg_match('/^update_([0-9]+)$/', $method, $matches);
$version = intval($matches[1]);
if ($version > df_get_database_version() and $version <= df_get_file_system_version()) {
$updates[] = $version;
}
}
sort($updates);
foreach ($updates as $update) {
$method = 'update_' . $update;
$res = $installer->{$method}();
if (PEAR::isError($res)) {
return $res;
}
$res = xf_db_query("update dataface__version set `version`='" . addslashes($update) . "'", df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()), E_USER_ERROR);
}
}
}
$res = xf_db_query("update dataface__version set `version`='" . addslashes(df_get_file_system_version()) . "'", df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()), E_USER_ERROR);
}
if (function_exists('apc_clear_cache')) {
apc_clear_cache('user');
}
df_clear_views();
df_clear_cache();
$app->redirect(DATAFACE_SITE_HREF . '?--msg=' . urlencode('The database has been successfully updated to version ' . df_get_file_system_version()));
}
/**
* A method to create the configuration table in the database. The configuration
* table is where configuration (e.g. fields.ini etc..) may be stored. This is
* a new feature in 0.6.14.
*
* @author Steve Hannah <*****@*****.**>
* @created Feb. 26, 2007
*/
function Dataface_ConfigTool_createConfigTable()
{
$self =& Dataface_ConfigTool::getInstance();
if (!Dataface_Table::tableExists($self->configTableName, false)) {
$sql = "CREATE TABLE `" . $self->configTableName . "` (\n\t\t\t\t\tconfig_id int(11) NOT NULL auto_increment primary key,\n\t\t\t\t\t`file` varchar(255) NOT NULL,\n\t\t\t\t\t`section` varchar(128),\n\t\t\t\t\t`key` varchar(128) NOT NULL,\n\t\t\t\t\t`value` text NOT NULL,\n\t\t\t\t\t`lang` varchar(2),\n\t\t\t\t\t`username` varchar(32),\n\t\t\t\t\t`priority` int(5) default 5\n\t\t\t\t\t)";
$res = xf_db_query($sql, df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()), E_USER_ERROR);
}
}
}
public static function createPortletWithSQL($sql, $cols = null, $opts = array())
{
$db = new Database(df_db());
if (is_array($sql)) {
if (count($sql) > 1) {
$queryParams = $sql[1];
} else {
$queryParams = array();
}
$sql = $sql[0];
}
$rows = $db->query($sql, (object) $queryParams);
return new Portlet($rows, $cols, $opts);
}
function get_user($token = null)
{
$db = new Database(df_db());
if (!isset($token)) {
$token = $_POST['token'];
}
if (!$token) {
return null;
}
$user = $db->getObject("select username from sessions where token_id=:token_id and expires > :now", array('token_id' => $token, 'now' => time()));
if ($user) {
return $user->username;
}
return null;
}
/**
* Sets a configuration parameter in the configuration table.
* This should not be called directly. It should be called through the
* Dataface_ConfigTool class as its setConfigParam method.
*
* @param string $file The name of the ini file in which the config value is being set.
* @param string $section The name of the section (could be null).
* @param string $key The name of the parameter's key (not null)
* @param string $value The value to set (not null)
* @param string $username The username for which the parameter is being set (null for all users)
* @param string $lang The 2-digit language code for which the parameter is being set (null for all languages).
* @param integer $priority The priority of this config variable (priority dictates which
* parameters take priority. Default vallue of 5.
* @returns true if success or PEAR_Error if failure.
*
* This will create the configuration table if it doesn't already exist.
*
* @author Steve Hannah <*****@*****.**>
* @created Feb. 26, 2007
*/
function Dataface_ConfigTool_setConfigParam($file, $section, $key, $value, $username = null, $lang = null, $priority = 5)
{
$self =& Dataface_ConfigTool::getInstance();
// See if this parameter has already been set:
$where = array();
$where[] = "`key`='" . addslashes($key) . "'";
$where[] = "`file`='" . addslashes($file) . "'";
$where[] = "`section`" . (isset($section) ? "='" . addslashes($section) . "'" : ' IS NULL');
$where[] = "`username`" . (isset($username) ? "='" . addslashes($username) . "'" : ' IS NULL');
$where[] = "`lang`" . (isset($lang) ? "='" . addslashes($lang) . "'" : ' IS NULL');
$where = implode(' and ', $where);
$sql = "select `config_id` from `" . $self->configTableName . "` where {$where} limit 1";
$res = mysql_query($sql, df_db());
if (!$res) {
$self->createConfigTable();
$res = mysql_query($sql, df_db());
}
if (!$res) {
return PEAR::raiseError("Failed to get config parameter: " . mysql_error(df_db()));
}
$vals = array("section" => isset($section) ? "'" . addslashes($section) . "'" : 'NULL', "key" => "'" . addslashes($key) . "'", "value" => "'" . addslashes($value) . "'", "username" => "'" . addslashes($username) . "'", "lang" => "'" . addslashes($lang) . "'", "priority" => $priority);
if (mysql_num_rows($res) > 0) {
$row = mysql_fetch_assoc($res);
// We need to perform an update
$updates = array();
foreach ($vals as $vkey => $vval) {
$updates[] = '`' . $vkey . '`=' . $vval;
}
$sets = implode(' and ', $updates);
$sql = "update `" . $self->configTableName . "` set " . $sets . " where `config_id`='" . $row['config_id'] . "' limit 1";
} else {
$values = array();
$cols = array();
foreach ($vals as $vkey => $vval) {
$cols[] = "`{$vkey}`";
$values[] = $vval;
}
$cols = implode(',', $cols);
$values = implode(',', $values);
$sql = "insert into `" . $self->configTableName . "` ({$cols}) VALUES ({$values})";
}
@mysql_free_result($res);
$res = mysql_query($sql, df_db());
if (!$res) {
return PEAR::raiseError("Could not write config value: " . mysql_error(df_db()));
}
return true;
}
public static function q($sql)
{
if (is_array($sql)) {
$res = null;
foreach ($sql as $q) {
$res = self::q($q);
}
return $res;
} else {
$res = mysql_query($sql, df_db());
if (!$res) {
throw new Exception(mysql_error(df_db()));
}
return $res;
}
}
function handle(&$params)
{
$app =& Dataface_Application::getInstance();
$query =& $app->getQuery();
$mt =& Dataface_ModuleTool::getInstance();
$mod =& $mt->loadModule('modules_DataGrid');
if (PEAR::isError($mod)) {
return $mod;
}
$res = mysql_query("select gridID,gridName from dataface__DataGrids where tableName='" . addslashes($query['-table']) . "'", df_db());
$grids = array();
while ($row = mysql_fetch_assoc($res)) {
$grids[$row['gridID']] = array('name' => $row['gridName'], 'url' => $app->url('-gridid=' . $row['gridID'] . '&-action=DataGrid_view'));
}
//print_r($grids);
df_register_skin('DataGrid', DATAFACE_PATH . '/modules/DataGrid/templates');
df_display(array('grids' => $grids), 'DataGrid/list.html');
}
function handle(&$params)
{
$res = xf_db_query("show tables like 'dataface__view_%'", df_db());
$views = array();
while ($row = xf_db_fetch_row($res)) {
$views[] = $row[0];
}
if ($views) {
$sql = "drop view `" . implode('`,`', $views) . "`";
echo $sql;
echo "<br/>";
$res = xf_db_query("drop view `" . implode('`,`', $views) . "`", df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()));
}
}
echo "done";
}
function saveDataGrid($grid)
{
if ($grid->id) {
$idName = 'gridID,';
$idVal = "'" . addslashes($grid->id) . "',";
} else {
$idName = '';
$idVal = '';
}
$sql = "replace into dataface__DataGrids \n\t\t\t(" . $idName . "gridName,gridData,tableName)\n\t\t\tvalues\n\t\t\t(" . $idVal . "'" . addslashes($grid->name) . "',\n\t\t\t'" . addslashes(serialize($grid)) . "',\n\t\t\t'" . addslashes($grid->tableName) . "')";
$res = mysql_query($sql, df_db());
if (!$res) {
trigger_error(mysql_error(df_db()), E_USER_ERROR);
}
if (!$grid->id) {
$grid->id = mysql_insert_id(df_db());
return $this->saveDataGrid($grid);
}
return true;
}
function afterCopy(Dataface_Record $orig, Dataface_Record $copy)
{
$rand = md5(rand(0, 1000000));
$copytable = 'copy_' . $rand;
$res = xf_db_query("create temporary table `{$copytable}` select * from formula_ingredients where formula_id='" . addslashes($orig->val('formula_id')) . "'", df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()));
}
$res = xf_db_query("update `{$copytable}` set formula_id='" . addslashes($copy->val('formula_id')) . "'", df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()));
}
$res = xf_db_query("insert into formula_ingredients select * from `{$copytable}`", df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()));
}
$res = xf_db_query("drop table `{$copytable}`", df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()));
}
}
function handle(&$params)
{
$app =& Dataface_Application::getInstance();
$context = array();
if (!is_array(@$app->_conf['_output_cache']) or !@$app->_conf['_output_cache']['enabled']) {
$context['enabled'] = false;
//return PEAR::raiseError('The output cache is currently disabled. You can enable it by adding an [_output_cache] section to your conf.ini file with a value \'enabled=1\'');
} else {
$context['enabled'] = true;
}
if (@$_POST['--clear-cache']) {
// We should clear the cache
@xf_db_query("delete from `__output_cache`", df_db());
$app->redirect($app->url('') . '&--msg=' . urlencode('The output cache has been successfully cleared.'));
}
$res = xf_db_query("select count(*) from `__output_cache`", df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()), E_USER_ERROR);
}
list($numrows) = xf_db_fetch_row($res);
$context['numrows'] = $numrows;
df_display($context, 'manage_output_cache.html');
}
function handle($params)
{
$query = Dataface_Application::getInstance()->getQuery();
if (!isset($query['website_id'])) {
throw new Exception("No site id provided");
}
$site = df_get_record('websites', array('website_id' => '=' . $query['website_id']));
if (!$site->checkPermission('view')) {
throw new Exception("No permission to perform action");
}
import('Dataface/ResultReader.php');
$reader = new Dataface_ResultReader("select\n\t\t\tws.source_language,\n\t\t\tws.target_language,\n\t\t\tws.log_translation_misses,\n\t\t\tws.website_id, \n\t\t\tws.website_name,\n\t\t\tws.website_url,\n\t\t\tws.translation_memory_id,\n\t\t\tconcat('http://',ws.host,ws.base_path) as proxy_url,\n\t\t\tws.source_language,\n\t\t\tws.target_language,\n\t\t\t(\n\t\t\t\tselect count(*) from webpages w where w.website_id=ws.website_id\n\t\t\t) as numpages,\n\t\t\t(\n\t\t\t\tselect count(*) from swete_strings tml where tml.website_id=ws.website_id\n\t\t\t) as numphrases,\n\t\t\tifnull((\n\t\t\t\tselect sum(tml.num_words) from xf_tm_strings xts \n\t\t\t\t\tinner join swete_strings tml on tml.string_id=xts.string_id\n\t\t\t\twhere tml.website_id=ws.website_id\n\t\t\t), 0) as numwords,\n\t\t\t(\n\t\t\t\tselect count(*) from swete_strings tml\n\t\t\t\t\tinner join websites ws2 on ws2.website_id=tml.website_id\n\t\t\t\t\tinner join xf_tm_translation_memory_strings xttms on xttms.translation_memory_id=ws2.translation_memory_id and xttms.string_id=tml.string_id\n\t\t\t\twhere xttms.current_translation_id is not null\n\t\t\t\t \tand tml.website_id=ws.website_id\n\t\t\t\t\n\t\t\t) as translated_phrases,\n\t\t\t\n\t\t\tifnull((\n\t\t\t\tselect sum(tml.num_words) from swete_strings tml\n\t\t\t\t\tinner join websites ws2 on ws2.website_id=tml.website_id\n\t\t\t\t\tinner join xf_tm_translation_memory_strings xttms on xttms.translation_memory_id=ws2.translation_memory_id and xttms.string_id=tml.string_id\n\t\t\t\t\tinner join xf_tm_strings xts on xttms.string_id=xts.string_id\n\t\t\t\twhere xttms.current_translation_id is not null\n\t\t\t\t\tand tml.website_id=ws.website_id\n\t\t\t\t\t\n\t\t\t), 0) as translated_words\n\t\t\t\n\t\t\t\t\n\t\t\tfrom websites ws where website_id='" . addslashes($query['website_id']) . "'\n\t\t\t", df_db());
$results = array();
//$languages = Dataface_Table::loadTable('websites')->getValuelist('languages');
foreach ($reader as $row) {
$results[] = $row;
$row->untranslated_words = $row->numwords - $row->translated_words;
$row->untranslated_phrases = $row->numphrases - $row->translated_phrases;
//$row->source_label = @$languages[$row->source_language] ? $languages[$row->source_language] : $row->source_language;
//$row->target_label = @$languages[$row->target_language] ? $languages[$row->target_language] : $row->target_language;
}
df_display(array('results' => $results), 'swete/actions/dashboard_site_stats.html');
}
function df_q($sql)
{
if (is_array($sql)) {
foreach ($sql as $q) {
$res = df_q($q);
}
return $res;
} else {
$res = xf_db_query($sql, df_db());
if (!$res) {
error_log("Error executing SQL: {$sql}");
error_log(xf_db_error(df_db()));
throw new Exception(xf_db_error(df_db()));
}
return $res;
}
}
/**
* Returns the name of the VIEW to be used for reading records from the database.
* This feature is new in version 1.2 and is intended to improve performance
* by NOT using subqueries to implement support for __sql__ parameters on tables.
* We'll see if this makes a big difference to mysql.
*
* This method will return the name of the view to be used. If no custom SQL has
* been defined this will return null. If mysql doesn't support views, this will
* return null.
*
* @return string
*/
function getProxyView()
{
if (defined('XATAFACE_DISABLE_PROXY_VIEWS') and XATAFACE_DISABLE_PROXY_VIEWS) {
return null;
}
$sql = $this->sql();
// If there is no custom SQL then there is no point using a view at all
if (!$sql) {
return null;
}
$sqlKey = md5($sql);
$viewName = 'dataface__view_' . $this->tablename . '_' . $sqlKey;
if (isset($this->_proxyViews[$viewName]) and $this->_proxyViews[$viewName]) {
return $viewName;
} else {
if (isset($this->_proxyViews[$viewName]) and !$this->_proxyViews[$viewName]) {
return null;
}
}
if (Dataface_Application::getInstance()->getMySQLMajorVersion() < 5) {
$this->_proxyViews[$viewName] = false;
return null;
}
if (@$this->app->_conf['multilingual_content'] and $this->getTranslations()) {
$this->_proxyViews[$viewName] = false;
return null;
}
// Check if view already exists
$res = mysql_query("show table status like '" . addslashes($viewName) . "'", df_db());
if (!$res) {
throw new Exception(mysql_error(df_db()));
}
if (mysql_num_rows($res) < 1) {
@mysql_free_result($res);
// The view doesn't exist yet
$res = mysql_query("create view `" . str_replace('`', '', $viewName) . "` as " . $sql, df_db());
if (!$res) {
error_log(mysql_error(df_db()));
$this->_proxyViews[$viewName] = false;
return null;
}
} else {
@mysql_free_result($res);
}
$this->_proxyViews[$viewName] = true;
return $viewName;
}
/**
* @brief Builds an HTML_QuickForm object to edit the given record.
* @param Dataface_Record &$record The record that is to be edited.
*
* @param string $tab The name of the tab to display. In the case of multi
* tab forms, we may specify the tab which we wish to display.
* the tab may contain only a subset of the fields in the table,
* or it could be a 'partition' tab. A 'partition' tab.
*/
function createRecordForm($record, $new = false, $tab = null, $query = null, $fields = null)
{
if (!$record) {
throw new Exception("Cannot create record form for null record");
}
$table =& $record->_table;
if (!$table) {
throw new Exception("Could not find table " . $record->_table->tablename);
}
if ($table->hasJoinTable($tab, $record)) {
$query['--tab'] = null;
$jrecord = $record->getJoinRecord($tab, true);
if (!isset($jrecord)) {
$new = true;
} else {
$new = false;
}
$form = $this->createRecordForm($record->getJoinRecord($tab), $new, null, $query, $fields);
$form->overrideNoQuery = true;
return $form;
} else {
// TO DO: Finish this method
$form = new Dataface_QuickForm($table->tablename, df_db(), $query, '', $new, $fields);
$form->_record =& $record;
$form->tab = $tab;
return $form;
}
}
function rollbackTransaction()
{
return xf_db_query('rollback', df_db());
}
function getResultFilters()
{
ob_start();
$app =& Dataface_Application::getInstance();
$query =& $app->getQuery();
echo '<div class="resultlist-filters">
<h3>' . df_translate('scripts.Dataface_ResultList.MESSAGE_FILTER_RESULTS', 'Filter Results') . ':</h3>
<script language="javascript"><!--
function resultlist__updateFilters(col,select){
var currentURL = "' . $app->url('') . '";
var currentParts = currentURL.split("?");
var currentQuery = "?"+currentParts[1];
var value = select.options[select.selectedIndex].value;
var regex = new RegExp(\'([?&])\'+col+\'={1,2}[^&]*\');
if ( currentQuery.match(regex) ){
if ( value ){
prefix = "=";
} else {
prefix = "";
}
currentQuery = currentQuery.replace(regex, \'$1\'+col+\'=\'+prefix+encodeURIComponent(value));
} else {
currentQuery += \'&\'+col+\'==\'+encodeURIComponent(value);
}
window.location=currentParts[0]+currentQuery;
}
//--></script>
<ul>';
$qb = new Dataface_QueryBuilder($this->_table->tablename, $query);
foreach ($this->_filterCols as $col) {
$field =& $this->_table->getField($col);
unset($vocab);
if (isset($field['vocabulary'])) {
$vocab =& $this->_table->getValuelist($field['vocabulary']);
} else {
$vocab = null;
}
echo '<li> ' . htmlspecialchars($field['widget']['label']) . ' <select onchange="resultlist__updateFilters(\'' . addslashes($col) . '\', this);"><option value="">' . df_translate('scripts.GLOBAL.LABEL_ALL', 'All') . '</option>';
$res = df_query("select `{$col}`, count(*) as `num` " . $qb->_from() . " " . $qb->_secure($qb->_where(array($col => null))) . " group by `{$col}`", null, true);
if (!$res and !is_array($res)) {
trigger_error(mysql_error(df_db()), E_USER_ERROR);
}
if (@$query[$col] and $query[$col][0] == '=') {
$queryColVal = substr($query[$col], 1);
} else {
$queryColVal = @$query[$col];
}
//while ( $row = mysql_fetch_assoc($res) ){
foreach ($res as $row) {
if (isset($vocab) and isset($vocab[$row[$col]])) {
$val = $vocab[$row[$col]];
} else {
$val = $row[$col];
}
if ($queryColVal == $row[$col]) {
$selected = ' selected';
} else {
$selected = '';
}
echo '<option value="' . htmlspecialchars($row[$col]) . '"' . $selected . '>' . htmlspecialchars($val) . ' (' . $row['num'] . ')</option>';
}
//@mysql_free_result($res);
echo '</select></li>';
}
echo '</ul></div>';
$out = ob_get_contents();
ob_end_clean();
return $out;
}
function delete_request_with_uuid($uuid)
{
$table = self::$TABLE_RESET_PASSWORD;
$res = xf_db_query("delete from `{$table}` where request_uuid='" . addslashes($uuid) . "' limit 1", df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()));
}
}
/**
*
* @param array $columns
* @return type
* @throws Exception@brief Load the totals for the current found set using MySQL's aggregate
* operators. This method will always query the database directly (no caching).
*
* <p>This method was developed to make it easier to create "totals" rows in the
* list view.</p>
*
* <h3>Example</h3>
*
* @code
* $resultSet = Dataface_Application::getInstance()->getResultSet();
* $results = $resultSet->loadTotals(array(
* 'age#avg',
* 'age#std',
* 'income#sum'
* ));
* print_r($results);
* @endcode
*
* <p>Output:</p>
*
* @code
* array(
* 'age_AVG' => 74.4,
* 'age_STD' => 13.2,
* 'income_SUM' => 100567
* );
* @endcode
*
* @param array $columns A list of strings of the form {fieldname}#{operator} where
* where {fieldname} is the name of a field and {operator} is the name of an operator
* to apply to the field.
*
* <h3>Available Operators</h3>
* <table>
* <tr>
* <th>Operator</th><th>Description</th>
* </tr>
* <tr>
* <td>sum</td><td>The sum of field values for result set.</td>
* </tr>
* <tr>
* <td>avg</td><td>The average value of field in result set.</td>
* <tr>
* <td>max</td><td>The max value of field in result set.</td>
* </tr>
* <tr>
* <td>min</td><td>The minimum value of field result set.</td>
* </tr>
* <tr>
* <td>bit_and</td><td>Result of bitwise AND on field for all found records.</td>
* </tr>
* <tr>
* <td>bit_or</td><td>Result of bitwise OR on field for all found records.</td>
* </tr>
* <tr>
* <td>bit_xor</td><td>Result of bitwise XOR on field for all found records.</td>
* </tr>
* <tr>
* <td>group_concat</td><td>The concatenation of all rows in found set for field. Joined with a comma.</td>
* </tr>
* <tr>
* <td>std</td><td>Population Standard deviation of field values for result set.</td>
* </tr>
* <tr>
* <td>stddev_samp</td><td>Sample Standard deviation of field values for result set.</td>
* </tr>
* <tr>
* <td>stddev_pop</td><td>Same as stddev</td>
* </tr>
* <tr>
* <td>var_pop<td><td>Population standard variance for field values for result set.</td>
* </tr>
* <tr>
* <td>var_samp</td><td>Sample standard deviation for field values for result set.</td>
* </tr>
* <tr>
* <td>variance</td><td>Same as var_pop</td>
* </tr>
* </table>
*
*
* @return Associative array where the keys have the form {fieldname}_{operator|uppercase} and the values
* are the corresponding result of the operator on that field. E.g. If your input was array('field1#sum', 'field2#avg')
* the output woult be array('field1_SUM' => {some number}, 'field2_AVG' => {some_number})
*
* @since 2.0.4
* @see Dataface_QueryBuilder::select_totals()
*/
function loadTotals($columns = array())
{
$builder = new Dataface_QueryBuilder($this->_tablename, $this->_query);
$sql = $builder->select_totals(array(), null, $columns);
$res = df_query($sql);
if (!$res) {
throw new Exception(xf_db_error(df_db()));
} else {
$out = xf_db_fetch_assoc($res);
@xf_db_free_result($res);
return $out;
}
}
function update_3446()
{
$sql[] = "INSERT INTO `user_roles` VALUES \n \t\t(1,'USER','USER'),(2,'TRANSLATOR','TRANSLATOR'),(3,'ADMIN','ADMIN');";
foreach ($sql as $q) {
mysql_query($q, df_db());
}
}
/**
* Returns an array of history ids of history records that match the
* given query.
*/
function findMatchingSnapshots($record, $query, $idsOnly = true)
{
$app =& Dataface_Application::getInstance();
$htablename = $record->_table->tablename . '__history';
if (!Dataface_Table::tableExists($htablename)) {
return array();
}
$keys = $record->strvals(array_keys($record->_table->keys()));
foreach ($keys as $key => $val) {
$query[$key] = '=' . $val;
}
if ($idsOnly) {
$qbuilder = new Dataface_QueryBuilder($htablename, $query);
$sql = $qbuilder->select(array('history__id'), $query);
$res = xf_db_query($sql, df_db());
$ids = array();
while ($row = xf_db_fetch_row($res)) {
$ids[] = $row[0];
}
@xf_db_free_result($res);
return $ids;
} else {
return df_get_records_array($htablename, $query);
}
}
function handle(&$params)
{
$app = Dataface_Application::getInstance();
if (!isset($_GET['code'])) {
// We need this parameter or we can do nothing.
return PEAR::raiseError(df_translate('actions.activate.MESSAGE_MISSING_CODE_PARAMETER', 'The code parameter is missing from your request. Validation cannot take place. Please check your url and try again.'), DATAFACE_E_ERROR);
}
// Step 0: Find out what the redirect URL will be
// We accept --redirect markers to specify which page to redirect
// to after we're done. This will usually be the page that the
// user was on before they went to the login page.
if (isset($_SESSION['--redirect'])) {
$url = $_SESSION['--redirect'];
} else {
if (isset($_SESSION['-redirect'])) {
$url = $_SESSION['-redirect'];
} else {
if (isset($_REQUEST['--redirect'])) {
$url = $_REQUEST['--redirect'];
} else {
if (isset($_REQUEST['-redirect'])) {
$url = $_REQUEST['-redirect'];
} else {
$url = $app->url('-action=' . $app->_conf['default_action']);
}
}
}
}
if (strpos($url, '?') === false) {
$url .= '?';
}
// Step 1: Delete all registrations older than time limit
$time_limit = 24 * 60 * 60;
// 1 day
if (isset($params['time_limit'])) {
$time_limit = intval($params['time_limit']);
}
$res = xf_db_query("delete from dataface__registrations \n\t\t\t\twhere registration_date < '" . addslashes(date('Y-m-d H:i:s', time() - $time_limit)) . "'", df_db());
if (!$res) {
error_log(xf_db_error(df_db()));
throw new Exception("Failed to delete registrations due to an SQL error. See error log for details.", E_USER_ERROR);
}
// Step 2: Load the specified registration information
$res = xf_db_query("select registration_data from dataface__registrations\n\t\t\t\twhere registration_code = '" . addslashes($_GET['code']) . "'", df_db());
if (!$res) {
error_log(xf_db_error(df_db()));
throw new Exception("Failed to load registration information due to an SQL error. See error log for details.", E_USER_ERROR);
}
if (xf_db_num_rows($res) == 0) {
// We didn't find any records matching the prescribed code, so
// we redirect the user to their desired page and inform them
// that the registration didn't work.
$msg = df_translate('actions.activate.MESSAGE_REGISTRATION_NOT_FOUND', 'No registration information could be found to match this code. Please try registering again.');
$app->redirect($url . '&--msg=' . urlencode($msg));
}
// Step 3: Check to make sure that there are no other users with the
// same name.
list($raw_data) = xf_db_fetch_row($res);
$values = unserialize($raw_data);
$appdel = $app->getDelegate();
if (isset($appdel) and method_exists($appdel, 'validateRegistrationForm')) {
$res = $appdel->validateRegistrationForm($values);
if (PEAR::isError($res)) {
$msg = $res->getMessage();
$app->redirect($url . '&--msg=' . urlencode($msg));
}
} else {
$res = xf_db_query("select count(*) from \n\t\t\t\t`" . str_replace('`', '', $app->_conf['_auth']['users_table']) . "` \n\t\t\t\twhere `" . str_replace('`', '', $app->_conf['_auth']['username_column']) . "` = '" . addslashes($values[$app->_conf['_auth']['username_column']]) . "'\n\t\t\t\t", df_db());
if (!$res) {
error_log(xf_db_error(df_db()));
throw new Exception("Failed to find user records due to an SQL error. See error log for details.", E_USER_ERROR);
}
list($num) = xf_db_fetch_row($res);
if ($num > 0) {
$msg = df_translate('actions.activate.MESSAGE_DUPLICATE_USER', 'Registration failed because a user already exists by that name. Try registering again with a different name.');
$app->redirect($url . '&--msg=' . urlencode($msg));
}
}
// Step 4: Save the registration data and log the user in.
$record = new Dataface_Record($app->_conf['_auth']['users_table'], array());
$record->setValues($values);
$res = $record->save();
if (PEAR::isError($res)) {
$app->redirect($url . '&--msg=' . urlencode($res->getMessage()));
} else {
$res = xf_db_query("delete from dataface__registrations\n\t\t\t\t\twhere registration_code = '" . addslashes($_GET['code']) . "'", df_db());
if (!$res) {
error_log(xf_db_error(df_db()));
throw new Exception("Failed to clean up old registrations due to an SQL error. See error log for details.", E_USER_ERROR);
}
$msg = df_translate('actions.activate.MESSAGE_REGISTRATION_COMPLETE', 'Registration complete. You are now logged in.');
$_SESSION['UserName'] = $record->strval($app->_conf['_auth']['username_column']);
import('Dataface/Utilities.php');
Dataface_Utilities::fireEvent('after_action_activate', array('record' => $record));
$app->redirect($url . '&--msg=' . urlencode($msg));
}
}
/**
* Returns the application version in the database.
* @return int The version number in the database.
*/
function df_get_database_version($db = null)
{
if (!$db) {
$db = df_db();
}
static $version = -1;
if ($version == -1) {
$sql = "select `version` from dataface__version limit 1";
$res = @mysql_query($sql, $db);
if (!$res) {
$res = mysql_query("create table dataface__version ( `version` int(5) not null default 0)", $db);
if (!$res) {
trigger_error(mysql_error($db), E_USER_ERROR);
}
//$fs_version = df_get_file_system_version();
$res = mysql_query("insert into dataface__version values ('0')", $db);
if (!$res) {
trigger_error(mysql_error($db), E_USER_ERROR);
}
$res = mysql_query($sql, $db);
if (!$res) {
trigger_error(mysql_error($db), E_USER_ERROR);
}
}
list($version) = mysql_fetch_row($res);
}
return $version;
}
/**
* @brief Updates a module so that the database version is the same
* as the file system version.
* @param string $modname The name of the module.
* @param string $path The path to the module.
*/
public function updateModule($modname, $path)
{
$installpath = dirname($path) . DIRECTORY_SEPARATOR . 'installer.php';
if (file_exists($installpath)) {
import($installpath);
$classname = $modname . '_installer';
$installer = new $classname();
$methods = get_class_methods($classname);
$methods = preg_grep('/^update_([0-9]+)$/', $methods);
$updates = array();
$fsversion = $this->getFsVersion($modname, $path);
$dbversion = $this->getDbVersion($modname);
foreach ($methods as $method) {
preg_match('/^update_([0-9]+)$/', $method, $matches);
$version = intval($matches[1]);
if ($version > $dbversion and $version <= $fsversion) {
$updates[] = $version;
}
}
sort($updates);
if ($dbversion == 0) {
$res = xf_db_query("insert into dataface__modules (module_name,module_version)\n\t\t\t\t\tvalues ('" . addslashes($modname) . "',-1)", df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()));
}
}
foreach ($updates as $update) {
$method = 'update_' . $update;
$res = $installer->{$method}();
if (PEAR::isError($res)) {
return $res;
}
$res = xf_db_query("update dataface__modules set `module_version`='" . addslashes($update) . "'", df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()), E_USER_ERROR);
}
}
$res = xf_db_query("update dataface__modules set `module_version`='" . addslashes($fsversion) . "'", df_db());
if (!$res) {
throw new Exception(xf_db_error(df_db()), E_USER_ERROR);
}
}
}
