public function GetPermissionsForObject($object, $idCol, $objectId, $clause = '')
 {
     try {
         $dbh = PDOConnect::init();
         $params = array('id' => $objectId);
         $SQL = 'SELECT joinedGroup.groupid, joinedGroup.group, view, edit, del, joinedGroup.isuserspecific ';
         $SQL .= '  FROM (
                 SELECT `group`.*
                   FROM `group`
                  WHERE IsUserSpecific = 0
                 UNION ALL
                 SELECT `group`.*
                   FROM `group`
                     INNER JOIN lkusergroup
                     ON lkusergroup.GroupID = group.GroupID
                         AND IsUserSpecific = 1
                     INNER JOIN `user`
                     ON lkusergroup.UserID = user.UserID
                         AND retired = 0
             ) joinedGroup ';
         $SQL .= '   LEFT OUTER JOIN ' . $object;
         $SQL .= '   ON ' . $object . '.GroupID = joinedGroup.GroupID ';
         if ($clause != '') {
             $SQL .= $clause;
         } else {
             $SQL .= '       AND ' . $object . '.' . $idCol . ' = :id ';
             $params = array('id' => $objectId);
         }
         $SQL .= 'ORDER BY joinedGroup.IsEveryone DESC, joinedGroup.IsUserSpecific, joinedGroup.`Group`; ';
         Debug::sql($SQL, $params);
         $sth = $dbh->prepare($SQL);
         $sth->execute($params);
         return $sth->fetchAll();
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage());
         if (!$this->IsError()) {
             $this->SetError(1, __('Unknown Error'));
         }
         return false;
     }
 }
Exemple #2
0
 /**
  * Generates the calendar that we draw events on
  */
 function GenerateCalendar()
 {
     $displayGroupIds = Kit::GetParam('DisplayGroupIDs', _GET, _ARRAY);
     $start = Kit::GetParam('from', _REQUEST, _INT) / 1000;
     $end = Kit::GetParam('to', _REQUEST, _INT) / 1000;
     // if we have some displaygroupids then add them to the session info so we can default everything else.
     Session::Set('DisplayGroupIDs', $displayGroupIds);
     if (count($displayGroupIds) <= 0) {
         die(json_encode(array('success' => 1, 'result' => array())));
     }
     // Get Events between the provided dates
     try {
         $dbh = PDOConnect::init();
         // Query for all events between the dates
         $SQL = "";
         $SQL .= "SELECT schedule.EventID, ";
         $SQL .= "       schedule_detail.FromDT, ";
         $SQL .= "       schedule_detail.ToDT,";
         $SQL .= "       schedule.DisplayGroupIDs, ";
         $SQL .= "       schedule.is_priority, ";
         $SQL .= "       schedule.recurrence_type, ";
         $SQL .= "       campaign.Campaign, ";
         $SQL .= "       schedule.DisplayOrder, ";
         $SQL .= "       GROUP_CONCAT(displaygroup.DisplayGroup) AS DisplayGroups ";
         $SQL .= "  FROM schedule_detail ";
         $SQL .= "  INNER JOIN schedule ON schedule_detail.EventID = schedule.EventID ";
         $SQL .= "  INNER JOIN campaign ON campaign.CampaignID = schedule.CampaignID ";
         $SQL .= "  INNER JOIN displaygroup ON displaygroup.DisplayGroupID = schedule_detail.DisplayGroupID ";
         $SQL .= " WHERE 1=1 ";
         // If we have minus 1, then show all
         if (in_array(-1, $displayGroupIds)) {
             // Get all display groups this user has permission to view
             $displayGroupIdsThisUser = $this->user->DisplayGroupList(-1);
             foreach ($displayGroupIdsThisUser as $row) {
                 $displayGroupIds[] = $row['displaygroupid'];
             }
         }
         $sanitized = array();
         foreach ($displayGroupIds as $displayGroupId) {
             $sanitized[] = sprintf("'%d'", $displayGroupId);
         }
         $SQL .= "   AND schedule_detail.DisplayGroupID IN (" . implode(',', $sanitized) . ")";
         // Events that fall inside the two dates
         $SQL .= "   AND schedule_detail.ToDT > :start ";
         $SQL .= "   AND schedule_detail.FromDT < :end ";
         // Grouping
         $SQL .= "GROUP BY schedule.EventID, ";
         $SQL .= "       schedule_detail.FromDT, ";
         $SQL .= "       schedule_detail.ToDT,";
         $SQL .= "       schedule.DisplayGroupIDs, ";
         $SQL .= "       schedule.is_priority, ";
         $SQL .= "       schedule.recurrence_type, ";
         $SQL .= "       campaign.Campaign ,";
         $SQL .= "       schedule.DisplayOrder ";
         // Ordering
         $SQL .= " ORDER BY schedule_detail.FromDT DESC";
         $params = array('start' => $start, 'end' => $end);
         Debug::sql($SQL, $params);
         $sth = $dbh->prepare($SQL);
         $sth->execute($params);
         $events = array();
         foreach ($sth->fetchAll() as $row) {
             $eventDisplayGroupIds = explode(',', $row['DisplayGroupIDs']);
             // Event Permissions
             $editable = $this->IsEventEditable($eventDisplayGroupIds);
             // Event Title
             $title = sprintf(__('[%s to %s] %s scheduled on %s (Order: %d)'), DateManager::getLocalDate(Kit::ValidateParam('FromDT', _INT)), DateManager::getLocalDate(Kit::ValidateParam('ToDT', _INT)), Kit::ValidateParam($row['Campaign'], _STRING), Kit::ValidateParam($row['DisplayGroups'], _STRING), Kit::ValidateParam($row['DisplayOrder'], _INT));
             // Event URL
             $url = $editable ? sprintf('index.php?p=schedule&q=EditEventForm&EventID=%d', $row['EventID']) : '#';
             // Classes used to distinguish between events
             //$class = 'event-warning';
             // Event is on a single display
             if (count($eventDisplayGroupIds) <= 1) {
                 $class = 'event-info';
                 $extra = 'single-display';
             } else {
                 $class = "event-success";
                 $extra = 'multi-display';
             }
             if ($row['recurrence_type'] != '') {
                 $class = 'event-special';
                 $extra = 'recurring';
             }
             // Priority event
             if ($row['is_priority'] == 1) {
                 $class = 'event-important';
                 $extra = 'priority';
             }
             // Is this event editable?
             if (!$editable) {
                 $class = 'event-inverse';
                 $extra = 'view-only';
             }
             $events[] = array('id' => $row['EventID'], 'title' => $title, 'url' => $url, 'class' => 'XiboFormButton ' . $class, 'extra' => $extra, 'start' => $row['FromDT'] * 1000, 'end' => $row['ToDT'] * 1000);
         }
         echo json_encode(array('success' => 1, 'result' => $events));
         die;
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage(), get_class(), __FUNCTION__);
         die(json_encode(array('success' => 0, 'error' => __('Unable to get events'))));
     }
 }
Exemple #3
0
 public static function query($sortOrder = null, $filterBy = null)
 {
     $entries = array();
     $params = array();
     $select = ' SELECT logId, logDate, user.userName, message, objectAfter, entity, entityId, auditlog.userId ';
     $body = 'FROM `auditlog` LEFT OUTER JOIN user ON user.userId = auditlog.userId WHERE 1 = 1 ';
     if (\Kit::GetParam('search', $filterBy, _STRING) != '') {
         // tokenize
         $i = 0;
         foreach (explode(' ', \Kit::GetParam('search', $filterBy, _STRING)) as $searchTerm) {
             $i++;
             if (stripos($searchTerm, '|') > -1) {
                 $complexTerm = explode('|', $searchTerm);
                 if (!isset($complexTerm[1]) || $complexTerm[1] == '') {
                     continue;
                 }
                 $like = false;
                 switch (strtolower($complexTerm[0])) {
                     case 'fromtimestamp':
                         $body .= ' AND auditlog.logDate >= :search' . $i;
                         break;
                     case 'totimestamp':
                         $body .= ' AND auditlog.logDate < :search' . $i;
                         break;
                     case 'entity':
                         $like = true;
                         $body .= ' AND auditlog.entity LIKE :search' . $i;
                         break;
                     case 'username':
                         $like = true;
                         $body .= ' AND user.userName LIKE :search' . $i;
                         break;
                     default:
                         $like = true;
                         $body .= ' AND auditlog.message LIKE :search' . $i;
                 }
                 $params['search' . $i] = $like ? '%' . $complexTerm[1] . '%' : $complexTerm[1];
             } else {
                 $body .= ' AND auditlog.message LIKE :search' . $i;
                 $params['search' . $i] = '%' . $searchTerm . '%';
             }
         }
         $body .= ' ';
     }
     $order = '';
     if (is_array($sortOrder) && count($sortOrder) > 0) {
         $order .= 'ORDER BY ' . implode(', ', $sortOrder) . ' ';
     }
     // The final statements
     $sql = $select . $body . $order;
     \Debug::sql($sql, $params);
     $dbh = \PDOConnect::init();
     $sth = $dbh->prepare($sql);
     $sth->execute($params);
     foreach ($sth->fetchAll() as $row) {
         $auditLog = new AuditLog();
         $auditLog->logId = $row['logId'];
         $auditLog->logDate = $row['logDate'];
         $auditLog->entity = $row['entity'];
         $auditLog->userId = $row['userId'];
         $auditLog->userName = $row['userName'];
         $auditLog->message = $row['message'];
         $auditLog->entityId = $row['entityId'];
         $auditLog->objectAfter = $row['objectAfter'];
         $entries[] = $auditLog;
     }
     return $entries;
 }
Exemple #4
0
 /**
  * Shows the stats grid
  */
 public function StatsGrid()
 {
     $db =& $this->db;
     $user =& $this->user;
     $response = new ResponseManager();
     $fromDt = DateManager::getIsoDateFromString(Kit::GetParam('fromdt', _POST, _STRING));
     $toDt = DateManager::getIsoDateFromString(Kit::GetParam('todt', _POST, _STRING));
     $displayId = Kit::GetParam('displayid', _POST, _INT);
     $mediaId = Kit::GetParam('mediaid', _POST, _INT);
     // What if the fromdt and todt are exactly the same?
     // in this case assume an entire day from midnight on the fromdt to midnight on the todt (i.e. add a day to the todt)
     if ($fromDt == $toDt) {
         $toDt = date("Y-m-d", strtotime($toDt) + 86399);
     }
     Debug::Audit('Converted Times received are: FromDt=' . $fromDt . '. ToDt=' . $toDt);
     // Get an array of display id this user has access to.
     $displays = $this->user->DisplayList();
     $display_ids = array();
     foreach ($displays as $display) {
         $display_ids[] = $display['displayid'];
     }
     if (count($display_ids) <= 0) {
         trigger_error(__('No displays with View permissions'), E_USER_ERROR);
     }
     // 3 grids showing different stats.
     // Layouts Ran
     $SQL = 'SELECT display.Display, layout.Layout, COUNT(StatID) AS NumberPlays, SUM(TIME_TO_SEC(TIMEDIFF(end, start))) AS Duration, MIN(start) AS MinStart, MAX(end) AS MaxEnd ';
     $SQL .= '  FROM stat ';
     $SQL .= '  INNER JOIN layout ON layout.LayoutID = stat.LayoutID ';
     $SQL .= '  INNER JOIN display ON stat.DisplayID = display.DisplayID ';
     $SQL .= " WHERE stat.type = 'layout' ";
     $SQL .= sprintf("  AND stat.end > '%s' ", $fromDt);
     $SQL .= sprintf("  AND stat.start <= '%s' ", $toDt);
     $SQL .= ' AND stat.displayID IN (' . implode(',', $display_ids) . ') ';
     if ($displayId != 0) {
         $SQL .= sprintf("  AND stat.displayID = %d ", $displayId);
     }
     $SQL .= 'GROUP BY display.Display, layout.Layout ';
     $SQL .= 'ORDER BY display.Display, layout.Layout';
     // Log
     Debug::sql($SQL);
     if (!($results = $this->db->query($SQL))) {
         trigger_error($db->error());
         trigger_error(__('Unable to get Layouts Shown'), E_USER_ERROR);
     }
     $cols = array(array('name' => 'Display', 'title' => __('Display')), array('name' => 'Layout', 'title' => __('Layout')), array('name' => 'NumberPlays', 'title' => __('Number of Plays')), array('name' => 'DurationSec', 'title' => __('Total Duration (s)')), array('name' => 'Duration', 'title' => __('Total Duration')), array('name' => 'MinStart', 'title' => __('First Shown')), array('name' => 'MaxEnd', 'title' => __('Last Shown')));
     Theme::Set('table_cols', $cols);
     $rows = array();
     while ($row = $db->get_assoc_row($results)) {
         $row['Display'] = Kit::ValidateParam($row['Display'], _STRING);
         $row['Layout'] = Kit::ValidateParam($row['Layout'], _STRING);
         $row['NumberPlays'] = Kit::ValidateParam($row['NumberPlays'], _INT);
         $row['DurationSec'] = Kit::ValidateParam($row['Duration'], _INT);
         $row['Duration'] = sec2hms(Kit::ValidateParam($row['Duration'], _INT));
         $row['MinStart'] = DateManager::getLocalDate(strtotime(Kit::ValidateParam($row['MinStart'], _STRING)));
         $row['MaxEnd'] = DateManager::getLocalDate(strtotime(Kit::ValidateParam($row['MaxEnd'], _STRING)));
         $rows[] = $row;
     }
     Theme::Set('table_rows', $rows);
     Theme::Set('table_layouts_shown', Theme::RenderReturn('table_render'));
     // Media Ran
     $SQL = 'SELECT display.Display, media.Name, COUNT(StatID) AS NumberPlays, SUM(TIME_TO_SEC(TIMEDIFF(end, start))) AS Duration, MIN(start) AS MinStart, MAX(end) AS MaxEnd ';
     $SQL .= '  FROM stat ';
     $SQL .= '  INNER JOIN display ON stat.DisplayID = display.DisplayID ';
     $SQL .= '  INNER JOIN  media ON media.MediaID = stat.MediaID ';
     $SQL .= " WHERE stat.type = 'media' ";
     $SQL .= sprintf("  AND stat.end > '%s' ", $fromDt);
     $SQL .= sprintf("  AND stat.start <= '%s' ", $toDt);
     $SQL .= ' AND stat.displayID IN (' . implode(',', $display_ids) . ') ';
     if ($mediaId != 0) {
         $SQL .= sprintf("  AND media.MediaID = %d ", $mediaId);
     }
     if ($displayId != 0) {
         $SQL .= sprintf("  AND stat.displayID = %d ", $displayId);
     }
     $SQL .= 'GROUP BY display.Display, media.Name ';
     $SQL .= 'ORDER BY display.Display, media.Name';
     if (!($results = $this->db->query($SQL))) {
         trigger_error($db->error());
         trigger_error(__('Unable to get Library Media Ran'), E_USER_ERROR);
     }
     $cols = array(array('name' => 'Display', 'title' => __('Display')), array('name' => 'Media', 'title' => __('Media')), array('name' => 'NumberPlays', 'title' => __('Number of Plays')), array('name' => 'DurationSec', 'title' => __('Total Duration (s)')), array('name' => 'Duration', 'title' => __('Total Duration')), array('name' => 'MinStart', 'title' => __('First Shown')), array('name' => 'MaxEnd', 'title' => __('Last Shown')));
     Theme::Set('table_cols', $cols);
     $rows = array();
     while ($row = $db->get_assoc_row($results)) {
         $row['Display'] = Kit::ValidateParam($row['Display'], _STRING);
         $row['Media'] = Kit::ValidateParam($row['Name'], _STRING);
         $row['NumberPlays'] = Kit::ValidateParam($row['NumberPlays'], _INT);
         $row['DurationSec'] = Kit::ValidateParam($row['Duration'], _INT);
         $row['Duration'] = sec2hms(Kit::ValidateParam($row['Duration'], _INT));
         $row['MinStart'] = DateManager::getLocalDate(strtotime(Kit::ValidateParam($row['MinStart'], _STRING)));
         $row['MaxEnd'] = DateManager::getLocalDate(strtotime(Kit::ValidateParam($row['MaxEnd'], _STRING)));
         $rows[] = $row;
     }
     Theme::Set('table_rows', $rows);
     Theme::Set('table_media_shown', Theme::RenderReturn('table_render'));
     // Media on Layouts Ran
     $SQL = "SELECT display.Display, layout.Layout, IFNULL(media.Name, 'Text/Rss/Webpage') AS Name, COUNT(StatID) AS NumberPlays, SUM(TIME_TO_SEC(TIMEDIFF(end, start))) AS Duration, MIN(start) AS MinStart, MAX(end) AS MaxEnd ";
     $SQL .= '  FROM stat ';
     $SQL .= '  INNER JOIN display ON stat.DisplayID = display.DisplayID ';
     $SQL .= '  INNER JOIN layout ON layout.LayoutID = stat.LayoutID ';
     $SQL .= '  LEFT OUTER JOIN media ON media.MediaID = stat.MediaID ';
     $SQL .= " WHERE stat.type = 'media' ";
     $SQL .= sprintf("  AND stat.end > '%s' ", $fromDt);
     $SQL .= sprintf("  AND stat.start <= '%s' ", $toDt);
     $SQL .= ' AND stat.displayID IN (' . implode(',', $display_ids) . ') ';
     if ($mediaId != 0) {
         $SQL .= sprintf("  AND media.MediaID = %d ", $mediaId);
     }
     if ($displayId != 0) {
         $SQL .= sprintf("  AND stat.displayID = %d ", $displayId);
     }
     $SQL .= "GROUP BY display.Display, layout.Layout, IFNULL(media.Name, 'Text/Rss/Webpage') ";
     $SQL .= "ORDER BY display.Display, layout.Layout, IFNULL(media.Name, 'Text/Rss/Webpage')";
     if (!($results = $this->db->query($SQL))) {
         trigger_error($db->error());
         trigger_error(__('Unable to get Library Media Ran'), E_USER_ERROR);
     }
     $cols = array(array('name' => 'Display', 'title' => __('Display')), array('name' => 'Layout', 'title' => __('Layout')), array('name' => 'Media', 'title' => __('Media')), array('name' => 'NumberPlays', 'title' => __('Number of Plays')), array('name' => 'DurationSec', 'title' => __('Total Duration (s)')), array('name' => 'Duration', 'title' => __('Total Duration')), array('name' => 'MinStart', 'title' => __('First Shown')), array('name' => 'MaxEnd', 'title' => __('Last Shown')));
     Theme::Set('table_cols', $cols);
     $rows = array();
     while ($row = $db->get_assoc_row($results)) {
         $row['Display'] = Kit::ValidateParam($row['Display'], _STRING);
         $row['Layout'] = Kit::ValidateParam($row['Layout'], _STRING);
         $row['Media'] = Kit::ValidateParam($row['Name'], _STRING);
         $row['NumberPlays'] = Kit::ValidateParam($row['NumberPlays'], _INT);
         $row['DurationSec'] = Kit::ValidateParam($row['Duration'], _INT);
         $row['Duration'] = sec2hms(Kit::ValidateParam($row['Duration'], _INT));
         $row['MinStart'] = DateManager::getLocalDate(strtotime(Kit::ValidateParam($row['MinStart'], _STRING)));
         $row['MaxEnd'] = DateManager::getLocalDate(strtotime(Kit::ValidateParam($row['MaxEnd'], _STRING)));
         $rows[] = $row;
     }
     Theme::Set('table_rows', $rows);
     Theme::Set('table_media_on_layouts_shown', Theme::RenderReturn('table_render'));
     $output = Theme::RenderReturn('stats_page_grid');
     $response->SetGridResponse($output);
     $response->paging = false;
     $response->Respond();
 }
 /**
  * List of Displays this user has access to view
  */
 public function DisplayList($sort_order = array('displayid'), $filter_by = array(), $auth_level = 'view')
 {
     $SQL = 'SELECT display.displayid, ';
     $SQL .= '    display.display, ';
     $SQL .= '    displaygroup.description, ';
     $SQL .= '    layout.layout, ';
     $SQL .= '    display.loggedin, ';
     $SQL .= '    IFNULL(display.lastaccessed, 0) AS lastaccessed, ';
     $SQL .= '    display.inc_schedule, ';
     $SQL .= '    display.licensed, ';
     $SQL .= '    display.email_alert, ';
     $SQL .= '    displaygroup.DisplayGroupID, ';
     $SQL .= '    display.ClientAddress, ';
     $SQL .= '    display.MediaInventoryStatus, ';
     $SQL .= '    display.MacAddress, ';
     $SQL .= '    display.client_type, ';
     $SQL .= '    display.client_version, ';
     $SQL .= '    display.client_code, ';
     $SQL .= '    display.screenShotRequested, ';
     $SQL .= '    display.storageAvailableSpace, ';
     $SQL .= '    display.storageTotalSpace, ';
     $SQL .= '    currentLayout.layout AS currentLayout, ';
     $SQL .= '    currentLayout.layoutId AS currentLayoutId ';
     $SQL .= '  FROM display ';
     $SQL .= '    INNER JOIN lkdisplaydg ON lkdisplaydg.DisplayID = display.DisplayID ';
     $SQL .= '    INNER JOIN displaygroup ON displaygroup.DisplayGroupID = lkdisplaydg.DisplayGroupID ';
     $SQL .= '    LEFT OUTER JOIN layout ON layout.layoutid = display.defaultlayoutid ';
     $SQL .= '    LEFT OUTER JOIN layout currentLayout ON currentLayout.layoutId = display.currentLayoutId';
     if (Kit::GetParam('displaygroupid', $filter_by, _INT) != 0) {
         // Restrict to a specific display group
         $SQL .= sprintf(' WHERE displaygroup.displaygroupid = %d ', Kit::GetParam('displaygroupid', $filter_by, _INT));
     } else {
         // Restrict to display specific groups
         $SQL .= ' WHERE displaygroup.IsDisplaySpecific = 1 ';
     }
     // Filter by Display ID?
     if (Kit::GetParam('displayid', $filter_by, _INT) != 0) {
         $SQL .= sprintf(' AND display.displayid = %d ', Kit::GetParam('displayid', $filter_by, _INT));
     }
     // Filter by Display Name?
     if (Kit::GetParam('display', $filter_by, _STRING) != '') {
         // convert into a space delimited array
         $names = explode(' ', Kit::GetParam('display', $filter_by, _STRING));
         foreach ($names as $searchName) {
             // Not like, or like?
             if (substr($searchName, 0, 1) == '-') {
                 $SQL .= " AND  (display.display NOT LIKE '%" . sprintf('%s', ltrim($this->db->escape_string($searchName), '-')) . "%') ";
             } else {
                 $SQL .= " AND  (display.display LIKE '%" . sprintf('%s', $this->db->escape_string($searchName)) . "%') ";
             }
         }
     }
     if (Kit::GetParam('macAddress', $filter_by, _STRING) != '') {
         $SQL .= sprintf(' AND display.macaddress LIKE \'%s\' ', '%' . $this->db->escape_string(Kit::GetParam('macAddress', $filter_by, _STRING)) . '%');
     }
     // Exclude a group?
     if (Kit::GetParam('exclude_displaygroupid', $filter_by, _INT) != 0) {
         $SQL .= " AND display.DisplayID NOT IN ";
         $SQL .= "       (SELECT display.DisplayID ";
         $SQL .= "       FROM    display ";
         $SQL .= "               INNER JOIN lkdisplaydg ";
         $SQL .= "               ON      lkdisplaydg.DisplayID = display.DisplayID ";
         $SQL .= sprintf("   WHERE  lkdisplaydg.DisplayGroupID   = %d ", Kit::GetParam('exclude_displaygroupid', $filter_by, _INT));
         $SQL .= "       )";
     }
     // Filter by client version
     if (Kit::GetParam('clientVersion', $filter_by, _STRING) != '') {
         $clientVersion = '%' . $this->db->escape_string(Kit::GetParam('clientVersion', $filter_by, _STRING)) . '%';
         $SQL .= sprintf(" AND (display.client_version LIKE '%s' OR display.client_type LIKE '%s') ", $clientVersion, $clientVersion);
     }
     // Sorting?
     if (is_array($sort_order)) {
         $SQL .= 'ORDER BY ' . implode(',', $sort_order);
     }
     Debug::sql($SQL, $filter_by);
     if (!($result = $this->db->query($SQL))) {
         trigger_error($this->db->error());
         return false;
     }
     $displays = array();
     while ($row = $this->db->get_assoc_row($result)) {
         $displayItem = array();
         // Validate each param and add it to the array.
         $displayItem['displayid'] = Kit::ValidateParam($row['displayid'], _INT);
         $displayItem['display'] = Kit::ValidateParam($row['display'], _STRING);
         $displayItem['description'] = Kit::ValidateParam($row['description'], _STRING);
         $displayItem['layout'] = Kit::ValidateParam($row['layout'], _STRING);
         $displayItem['loggedin'] = Kit::ValidateParam($row['loggedin'], _INT);
         $displayItem['lastaccessed'] = Kit::ValidateParam($row['lastaccessed'], _STRING);
         $displayItem['inc_schedule'] = Kit::ValidateParam($row['inc_schedule'], _INT);
         $displayItem['licensed'] = Kit::ValidateParam($row['licensed'], _INT);
         $displayItem['email_alert'] = Kit::ValidateParam($row['email_alert'], _INT);
         $displayItem['displaygroupid'] = Kit::ValidateParam($row['DisplayGroupID'], _INT);
         $displayItem['clientaddress'] = Kit::ValidateParam($row['ClientAddress'], _STRING);
         $displayItem['mediainventorystatus'] = Kit::ValidateParam($row['MediaInventoryStatus'], _INT);
         $displayItem['macaddress'] = Kit::ValidateParam($row['MacAddress'], _STRING);
         $displayItem['client_type'] = Kit::ValidateParam($row['client_type'], _STRING);
         $displayItem['client_version'] = Kit::ValidateParam($row['client_version'], _STRING);
         $displayItem['client_code'] = Kit::ValidateParam($row['client_code'], _STRING);
         $displayItem['screenShotRequested'] = Kit::ValidateParam($row['screenShotRequested'], _INT);
         $displayItem['storageAvailableSpace'] = Kit::ValidateParam($row['storageAvailableSpace'], _INT);
         $displayItem['storageTotalSpace'] = Kit::ValidateParam($row['storageTotalSpace'], _INT);
         $displayItem['currentLayoutId'] = Kit::ValidateParam($row['currentLayoutId'], _INT);
         $displayItem['currentLayout'] = Kit::ValidateParam($row['currentLayout'], _STRING);
         $auth = $this->DisplayGroupAuth($displayItem['displaygroupid'], true);
         if ($auth->view) {
             // If auth level = edit and we don't have edit, then leave them off
             if ($auth_level == 'edit' && !$auth->edit) {
                 continue;
             }
             $displayItem['view'] = (int) $auth->view;
             $displayItem['edit'] = (int) $auth->edit;
             $displayItem['del'] = (int) $auth->del;
             $displayItem['modifypermissions'] = (int) $auth->modifyPermissions;
             $displays[] = $displayItem;
         }
     }
     return $displays;
 }
 public static function entries($sortOrder = array(), $filterBy = array())
 {
     $entries = array();
     // Default sort order
     if (count($sortOrder) <= 0) {
         $sortOrder = array('username');
     }
     try {
         $dbh = PDOConnect::init();
         $params = array();
         $SQL = '
           SELECT `user`.userId, userName, userTypeId, loggedIn, email, homePage, lastAccessed, newUserWizard, retired, `userGroups`.groupId, `userGroups`.libraryQuota
             FROM `user`
               LEFT OUTER JOIN (
                 SELECT `group`.groupId, `group`.libraryQuota, `lkusergroup`.userId
                   FROM `lkusergroup`
                     INNER JOIN `group`
                     ON `group`.groupId = `lkusergroup`.groupId
                       AND `group`.isUserSpecific = 1
               ) userGroups
               ON userGroups.userId = `user`.userId
            WHERE 1 = 1
         ';
         // User Id Provided?
         if (Kit::GetParam('userId', $filterBy, _INT) != 0) {
             $SQL .= " AND user.userId = :userId ";
             $params['userId'] = Kit::GetParam('userId', $filterBy, _INT);
         }
         // User Type Provided
         if (Kit::GetParam('userTypeId', $filterBy, _INT) != 0) {
             $SQL .= " AND user.userTypeId = :userTypeId ";
             $params['userTypeId'] = Kit::GetParam('userTypeId', $filterBy, _INT);
         }
         // User Name Provided
         if (Kit::GetParam('userName', $filterBy, _STRING) != '') {
             $SQL .= " AND user.userName LIKE :userName ";
             $params['userName'] = '******' . Kit::GetParam('userName', $filterBy, _STRING) . '%';
         }
         // Groups Provided
         $groups = Kit::GetParam('groupIds', $filterBy, _ARRAY_INT);
         if (count($groups) > 0) {
             $SQL .= " AND user.userId IN (SELECT userId FROM `lkusergroup` WHERE groupid IN (" . implode($groups, ',') . ")) ";
         }
         // Retired users?
         if (Kit::GetParam('retired', $filterBy, _INT) != -1) {
             $SQL .= " AND user.retired = :retired ";
             $params['retired'] = Kit::GetParam('retired', $filterBy, _INT);
         }
         // Sorting?
         if (is_array($sortOrder)) {
             $SQL .= 'ORDER BY ' . implode(',', $sortOrder);
         }
         Debug::sql($SQL, $params);
         $sth = $dbh->prepare($SQL);
         $sth->execute($params);
         foreach ($sth->fetchAll() as $row) {
             $user = new Userdata();
             $user->userId = Kit::ValidateParam($row['userId'], _INT);
             $user->userName = Kit::ValidateParam($row['userName'], _STRING);
             $user->userTypeId = Kit::ValidateParam($row['userTypeId'], _INT);
             $user->loggedIn = Kit::ValidateParam($row['loggedIn'], _INT);
             $user->email = Kit::ValidateParam($row['email'], _STRING);
             $user->homePage = Kit::ValidateParam($row['homePage'], _STRING);
             $user->lastAccessed = Kit::ValidateParam($row['lastAccessed'], _INT);
             $user->newUserWizard = Kit::ValidateParam($row['newUserWizard'], _INT);
             $user->retired = Kit::ValidateParam($row['retired'], _INT);
             $user->groupId = Kit::ValidateParam($row['groupId'], _INT);
             $user->libraryQuota = Kit::ValidateParam($row['libraryQuota'], _INT);
             $entries[] = $user;
         }
         return $entries;
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage(), get_class(), __FUNCTION__);
         return false;
     }
 }