/** * Search * * do the actual search and display the results * * @return output the search results */ public function search($args) { if (!SecurityUtil::checkPermission('EZComments::', '::', ACCESS_READ)) { return true; } $minlen = 3; $maxlen = 30; if (strlen($args['q']) < $minlen || strlen($args['q']) > $maxlen) { return LogUtil::registerStatus($this->__f('The comments can only be searched for words that are longer than %1$s and less than %2$s characters!', array($minlen, $maxlen))); } ModUtil::dbInfoLoad('Search'); $tables = DBUtil::getTables(); // ezcomments tables $ezcommentstable = $tables['EZComments']; $ezcommentscolumn = $tables['EZComments_column']; // our own tables $searchTable = $tables['search_result']; $searchColumn = $tables['search_result_column']; // where $where = Search_Api_User::construct_where($args, array($ezcommentscolumn['subject'], $ezcommentscolumn['comment'])); $where .= " AND " . $ezcommentscolumn['url'] . " != ''"; $sessionId = session_id(); $insertSql = "INSERT INTO {$searchTable}\n ({$searchColumn['title']},\n {$searchColumn['text']},\n {$searchColumn['extra']},\n {$searchColumn['module']},\n {$searchColumn['created']},\n {$searchColumn['session']})\n VALUES\n "; $comments = DBUtil::selectObjectArray('EZComments', $where); foreach ($comments as $comment) { $sql = $insertSql . '(' . '\'' . DataUtil::formatForStore($comment['subject']) . '\', ' . '\'' . DataUtil::formatForStore($comment['comment']) . '\', ' . '\'' . DataUtil::formatForStore($comment['url']) . '\', ' . '\'' . 'EZComments' . '\', ' . '\'' . DataUtil::formatForStore($comment['date']) . '\', ' . '\'' . DataUtil::formatForStore($sessionId) . '\')'; $insertResult = DBUtil::executeSQL($sql); if (!$insertResult) { return LogUtil::registerError($this->__('Error! Could not load items.')); } } return true; }
public function install() { if (!SecurityUtil::checkPermission('Files::', '::', ACCESS_ADMIN)) { return LogUtil::registerPermissionError(); } // set content of the files .htaccess and .locked $htaccessContent = "# Avoid direct web access to folder files\r\nOrder deny,allow\r\nDeny from all\r\n"; $lockedContent = "# Avoid direct web access with the file file.php\r\n"; // Create module table if (!DBUtil::createTable('Files')) { return false; } //Create indexes $pntable = DBUtil::getTables(); $c = $pntable['Files_column']; DBUtil::createIndex($c['userId'], 'Files', 'userId'); // create security files FileUtil::writeFile(ModUtil::getVar('Files', 'folderPath') . '/.htaccess', $htaccessContent, true); FileUtil::writeFile(ModUtil::getVar('Files', 'folderPath') . '/.locked', $lockedContent, true); FileUtil::writeFile(ModUtil::getVar('Files', 'folderPath') . '/' . ModUtil::getVar('Files', 'usersFolder') . '/.htaccess', $htaccessContent, true); FileUtil::writeFile(ModUtil::getVar('Files', 'folderPath') . '/' . ModUtil::getVar('Files', 'usersFolder') . '/.locked', $lockedContent, true); //Create module vars ModUtil::setVar('Files', 'showHideFiles', '0'); ModUtil::setVar('Files', 'allowedExtensions', 'gif,png,jpg,odt,doc,pdf,zip'); ModUtil::setVar('Files', 'defaultQuota', 1); ModUtil::setVar('Files', 'groupsQuota', 's:0:"";'); ModUtil::setVar('Files', 'filesMaxSize', '1000000'); ModUtil::setVar('Files', 'maxWidth', '250'); ModUtil::setVar('Files', 'maxHeight', '250'); ModUtil::setVar('Files', 'editableExtensions', 'php,htm,html,htaccess,css,js,tpl'); // Set up module hook ModUtil::registerHook('item', 'display', 'GUI', 'Files', 'user', 'Files'); return true; }
function display() { $prevpage = null; $nextpage = null; $page = ModUtil::apiFunc('Content', 'Page', 'getPage', array('id' => $this->pageId)); $tables = DBUtil::getTables(); $pageTable = $tables['content_page']; $pageColumn = $tables['content_page_column']; $options = array('makeTree' => true); $options['orderBy'] = 'position'; $options['orderDir'] = 'desc'; $options['pageSize'] = 1; $options['filter']['superParentId'] = $page['parentPageId']; if ($page['position'] > 0) { $options['filter']['where'] = "{$pageColumn['level']} = {$page['level']} and {$pageColumn['position']} < {$page['position']}"; $pages = ModUtil::apiFunc('Content', 'Page', 'getPages', $options); if (count($pages) > 0) { $prevpage = $pages[0]; } } if (isset($page['position']) && $page['position'] >= 0) { $options['orderDir'] = 'asc'; $options['filter']['where'] = "{$pageColumn['level']} = {$page['level']} and {$pageColumn['position']} > {$page['position']}"; $pages = ModUtil::apiFunc('Content', 'Page', 'getPages', $options); if (count($pages) > 0) { $nextpage = $pages[0]; } } $this->view->assign('loggedin', UserUtil::isLoggedIn()); $this->view->assign('prevpage', $prevpage); $this->view->assign('nextpage', $nextpage); return $this->view->fetch($this->getTemplate()); }
public function getModuleConfig($args) { if (!isset($args['modulename'])) { $args['modulename'] = ModUtil::getName(); } $modconfig = array(); if ($args['modulename'] == 'list') { $modconfig = DBUtil::selectObjectArray('scribite', '', 'modname'); } else { $dbtables = DBUtil::getTables(); $scribitecolumn = $dbtables['scribite_column']; $where = "{$scribitecolumn['modname']} = '" . $args['modulename'] . "'"; $item = DBUtil::selectObjectArray('scribite', $where); if ($item == false) { return; } $modconfig['mid'] = $item[0]['mid']; $modconfig['modulename'] = $item[0]['modname']; if (!is_int($item[0]['modfuncs'])) { $modconfig['modfuncs'] = unserialize($item[0]['modfuncs']); } if (!is_int($item[0]['modareas'])) { $modconfig['modareas'] = unserialize($item[0]['modareas']); } $modconfig['modeditor'] = $item[0]['modeditor']; } return $modconfig; }
/** * Do the migration * * With this function, the actual migration is done. * * @return boolean true on sucessful migration, false else * @since 0.2 */ function EZComments_migrateapi_pnFlashGames() { // Security check if (!SecurityUtil::checkPermission('EZComments::', '::', ACCESS_ADMIN)) { return LogUtil::registerError('pnFlashGames comments migration: Not Admin'); } // Get datbase setup $tables = DBUtil::getTables(); $Commentstable = $tables['pnFlashGames_comments']; $Commentscolumn = $tables['pnFlashGames_comments_column']; $Usertable = $tables['users']; $Usercolumn = $tables['users_column']; $sql = "SELECT {$Commentscolumn['gid']},\n {$Commentscolumn['uname']},\n {$Commentscolumn['date']},\n {$Commentscolumn['comment']},\n {$Usercolumn['uid']}\n FROM {$Commentstable}\n LEFT JOIN {$Usertable}\n ON {$Commentscolumn['uname']} = {$Usercolumn['uname']}"; $result = DBUtil::executeSQL($sql); if ($result == false) { return LogUtil::registerError('pnFlashGames migration: DB Error: ' . $sql . ' -- ' . mysql_error()); } // loop through the old comments and insert them one by one into the DB $items = DBUtil::marshalObjects($result, array('gid', 'uname', 'date', 'comment', 'uid')); foreach ($items as $item) { // set the correct user id for anonymous users if (empty($item['uid'])) { $item['uid'] = 1; } $id = ModUtil::apiFunc('EZComments', 'user', 'create', array('mod' => 'pnFlashGames', 'objectid' => DataUtil::formatForStore($item['gid']), 'url' => ModUtil::url('pnFlashGames', 'user', 'display', array('id' => $item['gid'])), 'comment' => $item['comment'], 'subject' => '', 'uid' => $item['uid'], 'date' => $item['date'])); if (!$id) { return LogUtil::registerError('pnFlashGames migration: Error creating comment'); } } return LogUtil::registerStatus('pnFlashGames migration successful'); }
/** * Update the IWdocmanager module * @author Albert Pérez Monfort (aperezm@xtec.cat) * @return bool true if successful, false otherwise */ public function upgrade($oldversion) { $table = DBUtil::getTables(); switch ($oldversion) { case '0.0.1'; $table = DBUtil::getTables(); $c = $table['IWdocmanager_column']; $c1 = $table['IWdocmanager_categories_column']; // used in agora module upgrade in order to calc the number of document in each category $categories = DBUtil::selectObjectArray('IWdocmanager_categories', '', '', '-1', '-1', 'categoryId'); foreach ($categories as $category) { $where = "$c[categoryId] = $category[categoryId] AND $c[validated] = 1 AND $c[versioned] <= 0"; $number = DBUtil::selectObjectCount('IWdocmanager', $where); $where = "$c[categoryId] = $category[categoryId] AND $c[validated] = 0 AND $c[versioned] <= 0"; $number1 = DBUtil::selectObjectCount('IWdocmanager', $where); $where = "$c1[categoryId] = $category[categoryId]"; $item = array('nDocuments' => $number, 'nDocumentsNV' => $number1 ); DBUtil::updateObject($item, 'IWdocmanager_categories', $where); } case '1.0.0': // future versions } return true; }
public function Install() { // Checks if module IWmain is installed. If not returns error $modid = ModUtil::getIdFromName('IWmain'); $modinfo = ModUtil::getInfo($modid); if ($modinfo['state'] != 3) { return LogUtil::registerError($this->__('Module IWmain is needed. You have to install the IWmain module before installing it.')); } // Check if the version needed is correct $versionNeeded = '2.0'; if (!ModUtil::func('IWmain', 'admin', 'checkVersion', array('version' => $versionNeeded))) { return false; } // create module tables $tables = array('IWstats', 'IWstats_summary'); foreach ($tables as $table) { if (!DBUtil::createTable($table)) { return false; } } // create several indexes for IWstats table $table = DBUtil::getTables(); $c = $table['IWstats_column']; if (!DBUtil::createIndex($c['moduleid'], 'IWstats', 'moduleid')) { return false; } if (!DBUtil::createIndex($c['uid'], 'IWstats', 'uid')) { return false; } if (!DBUtil::createIndex($c['ip'], 'IWstats', 'ip')) { return false; } if (!DBUtil::createIndex($c['ipForward'], 'IWstats', 'ipForward')) { return false; } if (!DBUtil::createIndex($c['ipClient'], 'IWstats', 'ipClient')) { return false; } if (!DBUtil::createIndex($c['userAgent'], 'IWstats', 'userAgent')) { return false; } if (!DBUtil::createIndex($c['isadmin'], 'IWstats', 'isadmin')) { return false; } // Set up config variables $this->setVar('skippedIps', '') ->setVar('modulesSkipped', '') ->setVar('deleteFromDays', 90) ->setVar('keepDays', 90); // create the system init hook EventUtil::registerPersistentModuleHandler('IWstats', 'core.postinit', array('IWstats_Listeners', 'coreinit')); // Initialisation successful return true; }
/** * Performs the actual search processing. */ public function search($args) { ModUtil::dbInfoLoad('Search'); $dbtables = DBUtil::getTables(); $pageTable = $dbtables['content_page']; $pageColumn = $dbtables['content_page_column']; $contentTable = $dbtables['content_content']; $contentColumn = $dbtables['content_content_column']; $contentSearchTable = $dbtables['content_searchable']; $contentSearchColumn = $dbtables['content_searchable_column']; $translatedPageTable = $dbtables['content_translatedpage']; $translatedPageColumn = $dbtables['content_translatedpage_column']; $sessionId = session_id(); // check whether we need to search also in translated content $multilingual = System::getVar('multilingual'); $currentLanguage = ZLanguage::getLanguageCode(); $searchWhereClauses = array(); $searchWhereClauses[] = '(' . Search_Api_User::construct_where($args, array($pageColumn['title']), $pageColumn['language']) . ')'; if ($multilingual) { $searchWhereClauses[] = '(' . Search_Api_User::construct_where($args, array($translatedPageColumn['title']), $translatedPageColumn['language']) . ')'; } $searchWhereClauses[] = '(' . Search_Api_User::construct_where($args, array($contentSearchColumn['text']), $contentSearchColumn['language']) . ')'; // add default filters $whereClauses = array(); $whereClauses[] = '(' . implode(' OR ', $searchWhereClauses) . ')'; $whereClauses[] = $pageColumn['active'] . ' = 1'; $whereClauses[] = "({$pageColumn['activeFrom']} IS NULL OR {$pageColumn['activeFrom']} <= NOW())"; $whereClauses[] = "({$pageColumn['activeTo']} IS NULL OR {$pageColumn['activeTo']} >= NOW())"; $whereClauses[] = $contentColumn['active'] . ' = 1'; $whereClauses[] = $contentColumn['visiblefor'] . (UserUtil::isLoggedIn() ? ' <= 1' : ' >= 1'); $titleFields = $pageColumn['title']; $additionalJoins = ''; if ($multilingual) { // if searching in non-default languages, we need the translated title $titleFields .= ', ' . $translatedPageColumn['title'] . ' AS translatedTitle'; // join also the translation table if required $additionalJoins = "LEFT OUTER JOIN {$translatedPageTable} ON {$translatedPageColumn['pageId']} = {$pageColumn['id']} AND {$translatedPageColumn['language']} = '{$currentLanguage}'"; // prevent content snippets in other languages $whereClauses[] = $contentSearchColumn['language'] . ' = \'' . $currentLanguage . '\''; } $where = implode(' AND ', $whereClauses); $sql = "\n SELECT DISTINCT {$titleFields},\n {$contentSearchColumn['text']} AS description,\n {$pageColumn['id']} AS pageId,\n {$pageColumn['cr_date']} AS createdDate\n FROM {$pageTable}\n JOIN {$contentTable}\n ON {$contentColumn['pageId']} = {$pageColumn['id']}\n JOIN {$contentSearchTable}\n ON {$contentSearchColumn['contentId']} = {$contentColumn['id']}\n {$additionalJoins}\n WHERE {$where}\n "; $result = DBUtil::executeSQL($sql); if (!$result) { return LogUtil::registerError($this->__('Error! Could not load items.')); } $objectArray = DBUtil::marshallObjects($result); foreach ($objectArray as $object) { $pageTitle = $object['page_title']; if ($object['translatedTitle'] != '') { $pageTitle = $object['translatedTitle']; } $searchItemData = array('title' => $pageTitle, 'text' => $object['description'], 'extra' => $object['pageId'], 'created' => $object['createdDate'], 'module' => 'Content', 'session' => $sessionId); if (!\DBUtil::insertObject($searchItemData, 'search_result')) { return \LogUtil::registerError($this->__('Error! Could not save the search results.')); } } return true; }
/** * @param int args[uid] userid */ public function userOnline($args) { $uid = $args['uid']; $tables = DBUtil::getTables(); $columns = $tables['session_info_column']; $where = "{$columns['uid']} = '" . DataUtil::formatForStore($uid) . "'"; return DBUtil::selectObject('session_info', $where); }
/** * Search plugin main function **/ public function search($args) { if (!SecurityUtil::checkPermission('Feeds::', '::', ACCESS_READ)) { return true; } ModUtil::dbInfoLoad('Search'); $pntable = DBUtil::getTables(); $feedscolumn = $pntable['feeds_column']; $searchTable = $pntable['search_result']; $searchColumn = $pntable['search_result_column']; $where = search_construct_where($args, array($feedscolumn['name']), null); $sessionId = session_id(); // define the permission filter to apply $permFilter = array(array('realm' => 0, 'component_left' => 'Feeds', 'instance_left' => 'fid', 'instance_right' => '', 'level' => ACCESS_READ)); // get the result set $objArray = DBUtil::selectObjectArray('feeds', $where, 'fid', 1, -1, '', $permFilter); if ($objArray === false) { return LogUtil::registerError($this->__('Error! Could not load items.')); } $insertSql = "INSERT INTO $searchTable ($searchColumn[title], $searchColumn[text], $searchColumn[extra], $searchColumn[created], $searchColumn[module], $searchColumn[session]) VALUES "; // Process the result set and insert into search result table foreach ($objArray as $obj) { $sql = $insertSql . '(' . '\'' . DataUtil::formatForStore($obj['name']) . '\', ' . '\'' . '\', ' . '\'' . DataUtil::formatForStore($obj['fid']) . '\', ' . '\'' . DataUtil::formatForStore($obj['cr_date']) . '\', ' . '\'' . 'Feeds' . '\', ' . '\'' . DataUtil::formatForStore($sessionId) . '\')'; $insertResult = DBUtil::executeSQL($sql); if (!$insertResult) { return LogUtil::registerError(__('Error! Could not load items.', $dom)); } } return true; }
/** * Get all blocks. * * This function gets all block entries from the database. * * @param 'active_status' filter by active status (0=all, 1=active, 2=inactive). * @param 'blockposition' block position id to filter block selection for. * @param 'inactive' force inclusion of inactive blocks (true overrides active_status to 0, false goes with active_status). * @param 'language' language to filter block selection for. * @param 'module_id' module id to filter block selection for. * * @return array array of items, or false on failure. */ public function getall($args) { // create an empty items array $items = array(); // Security check if (!SecurityUtil::checkPermission('Blocks::', '::', ACCESS_OVERVIEW)) { return $items; } $dbtable = DBUtil::getTables(); $blockstable = $dbtable['blocks']; $blockscolumn = $dbtable['blocks_column']; $sort = isset($args['sort']) && $args['sort'] ? $args['sort'] : ''; $sortdir = isset($args['sortdir']) && $args['sortdir'] ? $args['sortdir'] : 'ASC'; if ($sort) { $sort .= " {$sortdir}"; } else { $sort = 'title'; } // backwards parameter compatability if (isset($args['modid']) && is_numeric($args['modid'])) { $args['module_id'] = $args['modid']; } // initialise the where arguments array $whereargs = array(); // filter by block position if (isset($args['blockposition_id']) && is_numeric($args['blockposition_id']) && $args['blockposition_id']) { $where = "pid = {$args['blockposition_id']}"; $bids = DBUtil::selectFieldArray('block_placements', 'bid', $where); $bidList = $bids ? implode(',', $bids) : -1; $whereargs[] = "{$blockscolumn['bid']} IN ({$bidList})"; } // filter by active block status if (isset($args['inactive']) && $args['inactive']) { $args['active_status'] = 0; } if (isset($args['active_status']) && is_numeric($args['active_status']) && $args['active_status']) { // new logic $whereargs[] = "{$blockscolumn['active']} = " . ($args['active_status'] == 1 ? '1' : '0'); } // filter by module if (isset($args['module_id']) && is_numeric($args['module_id']) && $args['module_id']) { $whereargs[] = "{$blockscolumn['mid']} = '" . DataUtil::formatForStore($args['module_id']) . "'"; } // filter by language if (isset($args['language']) && $args['language']) { $whereargs[] = "{$blockscolumn['language']} = '" . DataUtil::formatForStore($args['language']) . "'"; } // construct the where clause $where = ''; if (!empty($whereargs)) { $where = 'WHERE ' . implode(' AND ', $whereargs); } $permFilter = array(); $permFilter[] = array('component_left' => 'Blocks', 'component_middle' => '', 'component_right' => '', 'instance_left' => 'bkey', 'instance_middle' => 'title', 'instance_right' => 'bid', 'level' => ACCESS_OVERVIEW); $joinInfo = array(); $joinInfo[] = array('join_table' => 'modules', 'join_field' => 'name', 'object_field_name' => 'module_name', 'compare_field_table' => 'mid', 'compare_field_join' => 'id'); return DBUtil::selectExpandedObjectArray('blocks', $joinInfo, $where, $sort, -1, -1, '', $permFilter); }
/** * Display the output of the online block. * * @param array $blockinfo A blockinfo structure. * * @todo Move sql queries to calls to relevant API's. * * @return string|void The output. */ public function display($blockinfo) { if (!SecurityUtil::checkPermission('Onlineblock::', $blockinfo['bid'].'::', ACCESS_READ)) { return; } if ($this->view->getCaching()) { // Here we use the user id as the cache id since the block shows user based // information; username and number of private messages. $uid = UserUtil::getVar('uid'); $cacheid = $blockinfo['bkey'].'/bid'.$blockinfo['bid'].'/'.($uid ? $uid : 'guest'); // We use an individual cache with a lifetime specified on the block configuration. $this->view->setCaching(Zikula_View::CACHE_INDIVIDUAL) ->setCacheLifetime($blockinfo['refresh']) ->setCacheId($cacheid); // check out if the contents are cached. // If this is the case, we do not need to make DB queries. if ($this->view->is_cached('users_block_online.tpl')) { $blockinfo['content'] = $this->view->fetch('users_block_online.tpl'); return BlockUtil::themeBlock($blockinfo); } } $table = DBUtil::getTables(); $sessioninfocolumn = $table['session_info_column']; $activetime = strftime('%Y-%m-%d %H:%M:%S', time() - (System::getVar('secinactivemins') * 60)); $where = "WHERE $sessioninfocolumn[lastused] > '$activetime' AND $sessioninfocolumn[uid] > 0"; $numusers = DBUtil::selectObjectCount('session_info', $where, 'uid', true); $where = "WHERE $sessioninfocolumn[lastused] > '$activetime' AND $sessioninfocolumn[uid] = '0'"; $numguests = DBUtil::selectObjectCount('session_info', $where, 'ipaddr', true); $msgmodule = System::getVar('messagemodule', ''); if ($msgmodule && SecurityUtil::checkPermission($msgmodule.'::', '::', ACCESS_READ) && UserUtil::isLoggedIn()) { // check if message module is available and add the necessary info if (ModUtil::available($msgmodule)) { $this->view->assign('messages', ModUtil::apiFunc($msgmodule, 'user', 'getmessagecount')); } else { $this->view->assign('messages', array()); } } $this->view->assign('registerallowed', $this->getVar('reg_allowreg')) ->assign('userscount', $numusers) ->assign('guestcount', $numguests) ->assign('msgmodule', $msgmodule); $blockinfo['content'] = $this->view->fetch('users_block_online.tpl'); return BlockUtil::themeBlock($blockinfo); }
public function getContent() { ModUtil::dbInfoLoad('Content'); $dbtables = DBUtil::getTables(); $query = "SELECT " . $dbtables['content_page_column']['id'] . " , " . $dbtables['content_page_column']['title'] . ", " . $dbtables['content_page_column']['views'] . " \n \tFROM " . $dbtables['content_page'] . "\n\tWHERE " . $dbtables['content_page_column']['views'] . " >= 0 AND " . $dbtables['content_page_column']['active'] . " >= 0 ORDER BY " . $dbtables['content_page_column']['views'] . " DESC LIMIT 25"; $dbresult = DBUtil::executeSQL($query); $views = DBUtil::marshallObjects($dbresult); $view = Zikula_View::getInstance('Content'); $view->assign('views', $views); return $view->fetch('content_widget_top25.tpl'); }
/** * Listener for installer.subscriberarea.uninstalled * * @param Zikula_Event $event * * @return void */ public static function hookAreaDelete(Zikula_Event $event) { $areaId = $event['areaid']; // Database information ModUtil::dbInfoLoad('EZComments'); $tables = DBUtil::getTables(); $columns = $tables['EZComments_column']; // Get items $where = "WHERE {$columns['areaid']} = '" . DataUtil::formatForStore($areaId) . "'"; DBUtil::deleteWhere('EZComments', $where); }
/** * Do the migration * * With this function, the actual migration is done. * * @return boolean true on sucessful migration, false else * @since 0.2 */ function EZComments_migrateapi_news() { // Security check if (!SecurityUtil::checkPermission('EZComments::', '::', ACCESS_ADMIN)) { return LogUtil::registerError('News migration: Not Admin'); } // Get datbase setup $tables = DBUtil::getTables(); $EZCommentstable = $tables['EZComments']; $EZCommentscolumn = $tables['EZComments_column']; $Commentstable = $tables['comments']; $Commentscolumn = $tables['comments_column']; if (version_compare(PN_VERSION_NUM, '1', '>=')) { EZComments_get76xcolumns_news($Commentstable, $Commentscolumn); } if (is_null($Commentstable) || is_null($Commentscolumn)) { return LogUtil::registerError('News migration: Comments tables not found'); } $Usertable = $tables['users']; $Usercolumn = $tables['users_column']; $sql = "SELECT {$Commentscolumn['tid']},\n {$Commentscolumn['sid']},\n {$Commentscolumn['date']}, \n {$Usercolumn['uid']},\n {$Commentscolumn['comment']},\n {$Commentscolumn['subject']},\n {$Commentscolumn['pid']}\n FROM {$Commentstable}\n LEFT JOIN {$Usertable}\n ON {$Commentscolumn['name']} = {$Usercolumn['uname']}"; $result = DBUtil::executeSQL($sql); if ($result == false) { return LogUtil::registerError('News migration: DB Error'); } // array to rebuild the patents $comments = array(0 => array('newid' => -1)); // loop through the old comments and insert them one by one into the DB $items = DBUtil::marshalObjects($result, array('tid', 'sid', 'date', 'uid', 'comment', 'subject', 'replyto')); foreach ($items as $item) { // set the correct user id for anonymous users if (empty($item['uid'])) { $item['uid'] = 1; } $id = ModUtil::apiFunc('EZComments', 'user', 'create', array('mod' => 'News', 'objectid' => DataUtil::formatForStore($item['sid']), 'url' => ModUtil::url('News', 'user', 'display', array('sid' => $item['sid'])), 'comment' => $item['comment'], 'subject' => $item['subject'], 'uid' => $item['uid'], 'date' => $item['date'])); if (!$id) { return LogUtil::registerError('News migration: Error creating comment'); } $comments[$item['tid']] = array('newid' => $id, 'pid' => $item['replyto']); } // rebuild the links to the parents $tids = array_keys($comments); foreach ($tids as $tid) { if ($tid != 0) { $v = $comments[$tid]; $sql = "UPDATE {$EZCommentstable}\n SET {$EZCommentscolumn['replyto']} = '" . $comments[$v['pid']]['newid'] . "'\n WHERE {$EZCommentscolumn['id']} = '{$v['newid']}'"; $result = DBUtil::executeSQL($sql); } } // activate the ezcomments hook for the news module ModUtil::apiFunc('Modules', 'admin', 'enablehooks', array('callermodname' => 'News', 'hookmodname' => 'EZComments')); return LogUtil::registerStatus('News migration successful'); }
/** * Reset the agreement to the terms of use for a specific group of users, or all users. * * Parameters passed in the $args array: * ------------------------------------- * int $args['gid'] The group id; -1 = none, 0 = all groups. * * @param array $args All arguments passed to the function. * * @return bool True if successfully reset, otherwise false. * * @throws Zikula_Exception_Forbidden Thrown if the user does not have the appropriate access level for the function. * * @throws Zikula_Exception_Fatal Thrown in cases where expected data is not present or not in an expected form. */ public function resetagreement($args) { // Security check if (!SecurityUtil::checkPermission('legal::', '::', ACCESS_ADMIN)) { throw new Zikula_Exception_Forbidden(); } if (!isset($args['gid']) || $args['gid'] == -1) { throw new Zikula_Exception_Fatal(); } // Get database setup $pntable = DBUtil::getTables(); $userscolumn = $pntable['users_column']; if ($args['gid']==0) { //all users // creative usage of DBUtil $object = array('activated' => 2); $where = "WHERE $userscolumn[uid] NOT IN (1,2)"; DBUtil::updateObject($object, 'users', $where, 'uid'); } else { // single group // get the group incl members $grp = ModUtil::apiFunc('Groups', 'user', 'get', array('gid' => $args['gid'])); if ($grp==false) { return false; } // remove anonymous from members array if (array_key_exists(1, $grp['members'])) { unset($grp['members'][1]); } // remove admin from members array if (array_key_exists(2, $grp['members'])) { unset($grp['members'][2]); } // return if group is empty if (count($grp['members'])==0) { return false; } $members = '(' . implode(array_keys($grp['members']), ',') . ')'; // creative usage of DBUtil $object = array('activated' => 2); $where = "WHERE $userscolumn[uid] IN $members"; DBUtil::updateObject($object, 'users', $where, 'uid'); } return true; }
function deletefavourite() { $objectid = FormUtil::getPassedValue('objectid', null, 'POST'); $userid = FormUtil::getPassedValue('userid', null, 'POST'); if (!SecurityUtil::checkPermission('AddressBook::', "::", ACCESS_COMMENT)) { AjaxUtil::error($this->__('Error! No authorization to access this module.')); } $ztables = DBUtil::getTables(); $fav_column = $ztables['addressbook_favourites_column']; $where = "{$fav_column['favadr_id']} = '" . DataUtil::formatForStore($objectid) . "' AND {$fav_column['favuser_id']} = '" . DataUtil::formatForStore($userid) . "'"; DBUtil::deleteWhere('addressbook_favourites', $where); return; }
public static function pendingContent(Zikula_Event $event) { $dom = ZLanguage::getModuleDomain('News'); ModUtil::dbInfoLoad('News'); $dbtables = DBUtil::getTables(); $columns = $dbtables['news_column']; $count = DBUtil::selectObjectCount('news', "WHERE $columns[published_status]=2"); if ($count > 0) { $collection = new Zikula_Collection_Container('News'); $collection->add(new Zikula_Provider_AggregateItem('submission', _n('News article', 'News articles', $count, $dom), $count, 'admin', 'view', array('news_status'=>2))); $event->getSubject()->add($collection); } }
/** * Smarty function to wrap MUBoard_Form_View generated form controls with suitable form tags. * * @param array $params Parameters passed in the block tag. * @param string $content Content of the block. * @param Zikula_Form_View $view Reference to Zikula_Form_View object. * * @return string The rendered output. */ function smarty_block_muboardform($params, $content, $view) { if ($content) { PageUtil::addVar('stylesheet', 'system/Theme/style/form/style.css'); $encodingHtml = array_key_exists('enctype', $params) ? " enctype=\"{$params['enctype']}\"" : ''; $action = htmlspecialchars(System::getCurrentUri()); $classString = ''; if (isset($params['cssClass'])) { $classString = "class=\"{$params['cssClass']}\" "; } $request = new Zikula_Request_Http(); $id = $request->getGet()->filter('id', 0, FILTER_SANITIZE_NUMBER_INT); $forumid = $request->getGet()->filter('forum', 0, FILTER_SANITIZE_NUMBER_INT); // we check if the entrypoint is part of the url $stripentrypoint = ModUtil::getVar('ZConfig', 'shorturlsstripentrypoint'); // get url name $tables = DBUtil::getTables(); $modcolumn = $tables['modules_column']; $module = 'MUBoard'; $where = "{$modcolumn['name']} = '" . DataUtil::formatForStore($module) . "'"; $module = DBUtil::selectObject('modules', $where); $urlname = $module['url']; if (ModUtil::getVar('ZConfig', 'shorturls') == 0) { if (strpos($action, "func=display") !== false) { $action = 'index.php?module=' . $urlname . '&type=user&func=edit&ot=posting&answer=1'; } if (strpos($action, "func=edit&ot=posting") !== false && $forumid > 0) { $action = 'index.php?module=' . $urlname . '&type=user&func=edit&ot=posting&forum' . $forumid; } } else { if (strpos($action, $urlname . "/posting/id.") !== false) { if ($stripentrypoint == 1) { $action = $urlname . '/edit/ot/posting/answer/1'; } elseif ($stripentrypoint == 0) { $action = 'index.php/' . $urlname . '/edit/ot/posting/answer/1'; } } if (strpos($action, "edit/ot/posting/forum/") !== false && $forumid > 0) { if ($stripentrypoint == 1) { $action = $urlname . '/edit/ot/posting/forum/' . $forumid; } elseif ($stripentrypoint == 0) { $action = 'index.php/' . $urlname . '/edit/ot/posting/forum/' . $forumid; } } } $view->postRender(); $formId = $view->getFormId(); $out = "\n <form id=\"{$formId}\" {$classString}action=\"{$action}\" method=\"post\"{$encodingHtml}>\n {$content}\n <div>\n {$view->getStateHTML()}\n {$view->getStateDataHTML()}\n {$view->getIncludesHTML()}\n {$view->getCsrfTokenHtml()}\n <input type=\"hidden\" name=\"__formid\" id=\"form__id\" value=\"{$formId}\" />\n <input type=\"hidden\" name=\"FormEventTarget\" id=\"FormEventTarget\" value=\"\" />\n <input type=\"hidden\" name=\"FormEventArgument\" id=\"FormEventArgument\" value=\"\" />\n <script type=\"text/javascript\">\n <!--\n function FormDoPostBack(eventTarget, eventArgument)\n {\n var f = document.getElementById('{$formId}');\n if (!f.onsubmit || f.onsubmit())\n {\n f.FormEventTarget.value = eventTarget;\n f.FormEventArgument.value = eventArgument;\n f.submit();\n }\n }\n // -->\n </script>\n </div>\n </form>\n "; return $out; } }
/** * * @param permorder array of sorted permissions (value = permission id) * @return mixed true or Ajax error */ public function changeorder() { $this->checkAjaxToken(); $this->throwForbiddenUnless(SecurityUtil::checkPermission('Permissions::', '::', ACCESS_ADMIN)); $permorder = $this->request->getPost()->get('permorder'); $dbtable = DBUtil::getTables(); $permcolumn = $dbtable['group_perms_column']; for ($cnt = 0; $cnt < count($permorder); $cnt++) { $where = "WHERE {$permcolumn['pid']} = '" . (int) DataUtil::formatForStore($permorder[$cnt]) . "'"; $obj = array('sequence' => $cnt); DBUtil::updateObject($obj, 'group_perms', $where, 'pid'); } return new Zikula_Response_Ajax(array('result' => true)); }
/** * Search plugin main function **/ public function search($args) { ModUtil::dbInfoLoad('Search'); $dbtables = DBUtil::getTables(); $searchTable = $dbtables['search_result']; $searchColumn = $dbtables['search_result_column']; $pageTable = $dbtables['content_page']; $pageColumn = $dbtables['content_page_column']; $contentTable = $dbtables['content_content']; $contentColumn = $dbtables['content_content_column']; $contentSearchTable = $dbtables['content_searchable']; $contentSearchColumn = $dbtables['content_searchable_column']; $sessionId = session_id(); $where = Search_Api_User::construct_where($args, array($contentSearchColumn['text']), null); $wheretitle = Search_Api_User::construct_where($args, array($pageColumn['title']), $pageColumn['language']); // Direct SQL way of searching in titles and searchable content items // for Pages and Content items that are visible/active // Optimization and conversion into DBUtil calls should be done $sql = "INSERT INTO $searchTable ($searchColumn[title], $searchColumn[text], $searchColumn[module], $searchColumn[extra], $searchColumn[created], $searchColumn[session]) SELECT DISTINCT $pageColumn[title], $contentSearchColumn[text], 'Content', $pageColumn[id], $pageColumn[cr_date] AS createdDate, '" . DataUtil::formatForStore($sessionId) . "' FROM $pageTable JOIN $contentTable ON $contentColumn[pageId] = $pageColumn[id] JOIN $contentSearchTable ON $contentSearchColumn[contentId] = $contentColumn[id] WHERE ($where or $wheretitle) AND $pageColumn[active] = 1 AND ($pageColumn[activeFrom] IS NULL OR $pageColumn[activeFrom] <= NOW()) AND ($pageColumn[activeTo] IS NULL OR $pageColumn[activeTo] >= NOW()) AND $contentColumn[active] = 1 AND $contentColumn[visiblefor] " . (UserUtil::isLoggedIn() ? '<=1' : '>=1'); $dbresult = DBUtil::executeSQL($sql); if (!$dbresult) { return LogUtil::registerError($this->__('Error! Could not load any Content pages or items.')); } return true; }
/** * Delete the iwmyrole module * @author Albert Pérez Monfort (aperezm@xtec.cat) * @author Josep Ferràndiz Farré (jferran6@xtec.cat) * @return bool true if successful, false otherwise */ public function uninstall() { //Deletion successfull // Esborrar el permís IWmyrole $pntables = DBUtil::getTables(); $column = $pntables['group_perms_column']; $where = "WHERE $column[component] LIKE 'IWmyrole%' AND $column[gid] = " . ModUtil::getVar('IWmyrole', 'rolegroup'); $result = DBUtil::DeleteWhere('group_perms', $where); $this->delVar('rolegroup') ->delVar('groupsNotChangeable'); return true; }
/** * Initialise the IWforums module creating module tables and module vars * @author Albert Pérez Monfort (aperezm@xtec.cat) * @return bool true if successful, false otherwise */ public function Install() { // Checks if module IWmain is installed. If not returns error $modid = ModUtil::getIdFromName('IWmain'); $modinfo = ModUtil::getInfo($modid); if ($modinfo['state'] != 3) { return LogUtil::registerError($this->__('Module IWmain is required. You have to install the IWmain module previously to install it.')); } // Check if the version needed is correct $versionNeeded = '3.0.2'; if (!ModUtil::func('IWmain', 'admin', 'checkVersion', array('version' => $versionNeeded))) { return false; } // Create module tables if (!DBUtil::createTable('IWforums_definition')) return false; if (!DBUtil::createTable('IWforums_temes')) return false; if (!DBUtil::createTable('IWforums_msg')) return false; //Create indexes $tables = DBUtil::getTables(); $c = $tables['IWforums_msg_column']; if (!DBUtil::createIndex($c['idparent'], 'IWforums_msg', 'idparent')) return false; if (!DBUtil::createIndex($c['ftid'], 'IWforums_msg', 'ftid')) return false; if (!DBUtil::createIndex($c['fid'], 'IWforums_msg', 'fid')) return false; $c = $tables['IWforums_temes_column']; if (!DBUtil::createIndex($c['fid'], 'IWforums_temes', 'fid')) return false; //Create module vars $this->setVar('urladjunts', 'forums') ->setVar('avatarsVisible', '1') ->setVar('restyledTheme', '1') ->setVar('smiliesActive', '1'); HookUtil::registerSubscriberBundles($this->version->getHookSubscriberBundles()); //Initialation successfull return true; }
/** * Search plugin main function **/ public function search($args) { if (!SecurityUtil::checkPermission('News::', '::', ACCESS_READ)) { return true; } ModUtil::dbInfoLoad('Search'); $tables = DBUtil::getTables(); $newsColumn = $tables['news_column']; $where = Search_Api_User::construct_where($args, array($newsColumn['title'], $newsColumn['hometext'], $newsColumn['bodytext']), $newsColumn['language']); // Only search in published articles that are currently visible $where .= " AND ({$newsColumn['published_status']} = '0')"; $date = DateUtil::getDatetime(); $where .= " AND ('$date' >= {$newsColumn['from']} AND ({$newsColumn['to']} IS NULL OR '$date' <= {$newsColumn['to']}))"; $sessionId = session_id(); ModUtil::loadApi('News', 'user'); $permChecker = new News_ResultChecker($this->getVar('enablecategorization'), $this->getVar('enablecategorybasedpermissions')); $articles = DBUtil::selectObjectArrayFilter('news', $where, null, null, null, '', $permChecker, null); foreach ($articles as $article) { $item = array( 'title' => $article['title'], 'text' => $article['hometext'], 'extra' => $article['sid'], 'created' => $article['from'], 'module' => 'News', 'session' => $sessionId ); $insertResult = DBUtil::insertObject($item, 'search_result'); if (!$insertResult) { return LogUtil::registerError($this->__('Error! Could not load any articles.')); } } return true; }
/** * Change the status of a block. * * Invert the status of a given block id (collapsed/uncollapsed). * * @return void */ public function changestatus() { $bid = FormUtil::getPassedValue('bid'); $uid = UserUtil::getVar('uid'); $dbtable = DBUtil::getTables(); $column = $dbtable['userblocks_column']; $where = "WHERE {$column['bid']}='" . DataUtil::formatForStore($bid) . "' AND {$column['uid']}='" . DataUtil::formatForStore($uid) . "'"; $active = DBUtil::selectField('userblocks', 'active', $where); $obj = array(); $obj['active'] = $active ? 0 : 1; $where = "WHERE {$column['uid']}='" . DataUtil::formatForStore($uid) . "' AND {$column['bid']}='" . DataUtil::formatForStore($bid) . "'"; $res = DBUtil::updateObject($obj, 'userblocks', $where); if (!$res) { return LogUtil::registerError($this->__('Error! An SQL error occurred.')); } // now lets get back to where we came from $this->redirect(System::serverGetVar('HTTP_REFERER')); }
public function updateCategory($args) { // Security check if (!SecurityUtil::checkPermission('IWdocmanager::', "::", ACCESS_ADMIN)) { throw new Zikula_Exception_Forbidden(); } $table = DBUtil::getTables(); $c = $table['IWdocmanager_categories_column']; $where = "$c[categoryId]=$args[categoryId]"; if (!DBUtil::updateObject($args['items'], 'IWdocmanager_categories', $where)) { return LogUtil::registerError($this->__('Error! Update attempt failed.')); } return true; }
/** * Get all admin messages items that match the criteria * * @author Mark West, Jorn Wildt * @param bool args['activeonly'] only show active items * @return bool true/false on success/failure */ function Admin_Messages_searchapi_search($args) { $dom = ZLanguage::getModuleDomain('Admin_Messages'); // Security check if (!SecurityUtil::checkPermission('Admin_Messages::', '::', ACCESS_READ)) { return true; } // get the db and table info ModUtil::dbInfoLoad('Search'); $pntable = DBUtil::getTables(); $messagestable = $pntable['message']; $messagescolumn = $pntable['message_column']; $searchTable =& $pntable['search_result']; $searchColumn =& $pntable['search_result_column']; // form the where clause $where = ''; if (!ModUtil::getVar('Admin_Messages', 'allowsearchinactive') || isset($args['activeonly']) && (bool) $args['activeonly']) { $where .= " {$messagescolumn['active']} = 1 AND "; } $where .= " ({$messagescolumn['date']}+{$messagescolumn['expire']} > '" . time() . "' OR {$messagescolumn['expire']} = 0) AND"; $where .= search_construct_where($args, array($messagescolumn['title'], $messagescolumn['content']), $messagescolumn['language']); $sessionId = session_id(); $sql = "\nSELECT\n {$messagescolumn['mid']} as mid,\n {$messagescolumn['title']} as title,\n {$messagescolumn['content']} as text,\n {$messagescolumn['date']} as date\nFROM {$messagestable}\nWHERE {$where}"; $result = DBUtil::executeSQL($sql); if (!$result) { return LogUtil::registerError(__('Error! Could not load data.')); } $insertSql = "INSERT INTO {$searchTable}\n ({$searchColumn['title']},\n {$searchColumn['text']},\n {$searchColumn['module']},\n {$searchColumn['created']},\n {$searchColumn['session']})\nVALUES "; // Process the result set and insert into search result table for (; !$result->EOF; $result->MoveNext()) { $message = $result->GetRowAssoc(2); if (SecurityUtil::checkPermission('Admin_Messages::', "{$message['title']}::{$message['mid']}", ACCESS_READ)) { $sql = $insertSql . '(' . '\'' . DataUtil::formatForStore($message['title']) . '\', ' . '\'' . DataUtil::formatForStore($message['text']) . '\', ' . '\'' . 'Admin_Messages' . '\', ' . '\'' . DataUtil::formatForStore(DateUtil::getDatetime($message['date'])) . '\', ' . '\'' . DataUtil::formatForStore($sessionId) . '\')'; $insertResult = DBUtil::executeSQL($sql); if (!$insertResult) { return LogUtil::registerError(__('Error! Could not load data.', $dom)); } } } return true; }
/** * Do the migration * * With this function, the actual migration is done. * * @return boolean true on sucessful migration, false else * @since 0.6 */ function EZComments_migrateapi_reviews() { // Security check if (!SecurityUtil::checkPermission('EZComments::', '::', ACCESS_ADMIN)) { return LogUtil::registerError('Reviews migration: Not Admin'); } // Get datbase setup ModUtil::dbInfoLoad('Reviews', 'EZComments/migrateapi/Reviews', true); $tables = DBUtil::getTables(); $Commentstable = $tables['reviews_comments']; $Commentscolumn = $tables['reviews_comments_column']; if (version_compare(PN_VERSION_NUM, '1', '>=')) { EZComments_get76xcolumns_reviews($Commentstable, $Commentscolumn); } if (is_null($Commentstable) || is_null($Commentscolumn)) { return LogUtil::registerError('Reviews migration: Comments tables not found'); } $Usertable = $tables['users']; $Usercolumn = $tables['users_column']; // note: there's nothing we can do with the score...... $sql = "SELECT {$Commentscolumn['cid']},\n {$Commentscolumn['rid']},\n {$Commentscolumn['date']}, \n {$Usercolumn['uid']}, \n {$Commentscolumn['comments']},\n {$Commentscolumn['score']}\n FROM {$Commentstable}\n LEFT JOIN {$Usertable}\n ON {$Commentscolumn['userid']} = {$Usercolumn['uname']}"; $result = DBUtil::executeSQL($sql); if ($result == false) { return LogUtil::registerError('Reviews migration: DB Error'); } // loop through the old comments and insert them one by one into the DB $items = DBUtil::marshalObjects($result, array('cid', 'rid', 'date', 'uid', 'comment', 'score')); foreach ($items as $item) { // set the correct user id for anonymous users if (empty($item['uid'])) { $item['uid'] = 1; } $id = ModUtil::apiFunc('EZComments', 'user', 'create', array('mod' => 'Reviews', 'objectid' => DataUtil::formatForStore($item['rid']), 'url' => ModUtil::url('Reviews', 'user', 'display', array('id' => $item['rid'])), 'comment' => $item['comment'], 'subject' => '', 'uid' => $item['uid'], 'date' => $item['date'])); if (!$id) { return LogUtil::registerError('Reviews migration: Error creating comment'); } } // activate the ezcomments hook for the Reviews module ModUtil::apiFunc('Modules', 'admin', 'enablehooks', array('callermodname' => 'Reviews', 'hookmodname' => 'EZComments')); return LogUtil::registerStatus('Reviews migration successful'); }
/** * get all users that use the given avatar * *@params $args['avatar'] string the avatar name */ public function getusersbyavatar($args) { if (!SecurityUtil::checkPermission('Avatar::', '::', ACCESS_READ)) { return LogUtil::registerPermissionError(); } $users = array(); if (!isset($args['avatar']) || empty($args['avatar'])) { return $users; } $ztables = DBUtil::getTables(); $userdatacolumn = $ztables['objectdata_attributes_column']; if ($args['avatar'] == 'blank.gif') { $where = $userdatacolumn['attribute_name'] . '="avatar" AND (' . $userdatacolumn['value'] . '="' . DataUtil::formatForStore($args['avatar']) . '" OR ' . $userdatacolumn['value'] . '="")'; } else { $where = $userdatacolumn['attribute_name'] . '="avatar" AND ' . $userdatacolumn['value'] . '="' . DataUtil::formatForStore($args['avatar']) . '"'; } $avatarusers = DBUtil::selectObjectArray('objectdata_attributes', $where); foreach ($avatarusers as $avataruser) { $users[$avataruser['id']] = UserUtil::getVar('uname', $avataruser['object_id']); } return $users; }
/** * Gets from the database all the items in the submenus * @author: Albert Pï¿œrez Monfort (aperezm@xtec.cat) * @param: id parent of the menu which want the submenus * @return: And array with the items information */ public function getAllSubMenuItems($args) { $values = array(); // Security check if (!SecurityUtil::checkPermission('IWvhmenu::', '::', ACCESS_READ)) { return LogUtil::registerPermissionError(); } $table = DBUtil::getTables(); $c = $table['IWvhmenu_column']; $where = "$c[id_parent]=$args[id_parent] AND $c[active]=1"; $orderby = "$c[iorder]"; // get the objects from the db $items = DBUtil::selectObjectArray('IWvhmenu', $where, $orderby); // Check for an error with the database code, and if so set an appropriate // error message and return if ($items === false) { return LogUtil::registerError($this->__('Error! Could not load items.')); } // Return the items return $items; }