public function GetPermissionsForObject($object, $idCol, $objectId, $clause = '')
{
try {
$dbh = PDOConnect::init();
$params = array('id' => $objectId);
$SQL = 'SELECT joinedGroup.groupid, joinedGroup.group, view, edit, del, joinedGroup.isuserspecific ';
$SQL .= ' FROM (
SELECT `group`.*
FROM `group`
WHERE IsUserSpecific = 0
UNION ALL
SELECT `group`.*
FROM `group`
INNER JOIN lkusergroup
ON lkusergroup.GroupID = group.GroupID
AND IsUserSpecific = 1
INNER JOIN `user`
ON lkusergroup.UserID = user.UserID
AND retired = 0
) joinedGroup ';
$SQL .= ' LEFT OUTER JOIN ' . $object;
$SQL .= ' ON ' . $object . '.GroupID = joinedGroup.GroupID ';
if ($clause != '') {
$SQL .= $clause;
} else {
$SQL .= ' AND ' . $object . '.' . $idCol . ' = :id ';
$params = array('id' => $objectId);
}
$SQL .= 'ORDER BY joinedGroup.IsEveryone DESC, joinedGroup.IsUserSpecific, joinedGroup.`Group`; ';
Debug::sql($SQL, $params);
$sth = $dbh->prepare($SQL);
$sth->execute($params);
return $sth->fetchAll();
} catch (Exception $e) {
Debug::LogEntry('error', $e->getMessage());
if (!$this->IsError()) {
$this->SetError(1, __('Unknown Error'));
}
return false;
}
}
/**
* Generates the calendar that we draw events on
*/
function GenerateCalendar()
{
$displayGroupIds = Kit::GetParam('DisplayGroupIDs', _GET, _ARRAY);
$start = Kit::GetParam('from', _REQUEST, _INT) / 1000;
$end = Kit::GetParam('to', _REQUEST, _INT) / 1000;
// if we have some displaygroupids then add them to the session info so we can default everything else.
Session::Set('DisplayGroupIDs', $displayGroupIds);
if (count($displayGroupIds) <= 0) {
die(json_encode(array('success' => 1, 'result' => array())));
}
// Get Events between the provided dates
try {
$dbh = PDOConnect::init();
// Query for all events between the dates
$SQL = "";
$SQL .= "SELECT schedule.EventID, ";
$SQL .= " schedule_detail.FromDT, ";
$SQL .= " schedule_detail.ToDT,";
$SQL .= " schedule.DisplayGroupIDs, ";
$SQL .= " schedule.is_priority, ";
$SQL .= " schedule.recurrence_type, ";
$SQL .= " campaign.Campaign, ";
$SQL .= " schedule.DisplayOrder, ";
$SQL .= " GROUP_CONCAT(displaygroup.DisplayGroup) AS DisplayGroups ";
$SQL .= " FROM schedule_detail ";
$SQL .= " INNER JOIN schedule ON schedule_detail.EventID = schedule.EventID ";
$SQL .= " INNER JOIN campaign ON campaign.CampaignID = schedule.CampaignID ";
$SQL .= " INNER JOIN displaygroup ON displaygroup.DisplayGroupID = schedule_detail.DisplayGroupID ";
$SQL .= " WHERE 1=1 ";
// If we have minus 1, then show all
if (in_array(-1, $displayGroupIds)) {
// Get all display groups this user has permission to view
$displayGroupIdsThisUser = $this->user->DisplayGroupList(-1);
foreach ($displayGroupIdsThisUser as $row) {
$displayGroupIds[] = $row['displaygroupid'];
}
}
$sanitized = array();
foreach ($displayGroupIds as $displayGroupId) {
$sanitized[] = sprintf("'%d'", $displayGroupId);
}
$SQL .= " AND schedule_detail.DisplayGroupID IN (" . implode(',', $sanitized) . ")";
// Events that fall inside the two dates
$SQL .= " AND schedule_detail.ToDT > :start ";
$SQL .= " AND schedule_detail.FromDT < :end ";
// Grouping
$SQL .= "GROUP BY schedule.EventID, ";
$SQL .= " schedule_detail.FromDT, ";
$SQL .= " schedule_detail.ToDT,";
$SQL .= " schedule.DisplayGroupIDs, ";
$SQL .= " schedule.is_priority, ";
$SQL .= " schedule.recurrence_type, ";
$SQL .= " campaign.Campaign ,";
$SQL .= " schedule.DisplayOrder ";
// Ordering
$SQL .= " ORDER BY schedule_detail.FromDT DESC";
$params = array('start' => $start, 'end' => $end);
Debug::sql($SQL, $params);
$sth = $dbh->prepare($SQL);
$sth->execute($params);
$events = array();
foreach ($sth->fetchAll() as $row) {
$eventDisplayGroupIds = explode(',', $row['DisplayGroupIDs']);
// Event Permissions
$editable = $this->IsEventEditable($eventDisplayGroupIds);
// Event Title
$title = sprintf(__('[%s to %s] %s scheduled on %s (Order: %d)'), DateManager::getLocalDate(Kit::ValidateParam('FromDT', _INT)), DateManager::getLocalDate(Kit::ValidateParam('ToDT', _INT)), Kit::ValidateParam($row['Campaign'], _STRING), Kit::ValidateParam($row['DisplayGroups'], _STRING), Kit::ValidateParam($row['DisplayOrder'], _INT));
// Event URL
$url = $editable ? sprintf('index.php?p=schedule&q=EditEventForm&EventID=%d', $row['EventID']) : '#';
// Classes used to distinguish between events
//$class = 'event-warning';
// Event is on a single display
if (count($eventDisplayGroupIds) <= 1) {
$class = 'event-info';
$extra = 'single-display';
} else {
$class = "event-success";
$extra = 'multi-display';
}
if ($row['recurrence_type'] != '') {
$class = 'event-special';
$extra = 'recurring';
}
// Priority event
if ($row['is_priority'] == 1) {
$class = 'event-important';
$extra = 'priority';
}
// Is this event editable?
if (!$editable) {
$class = 'event-inverse';
$extra = 'view-only';
}
$events[] = array('id' => $row['EventID'], 'title' => $title, 'url' => $url, 'class' => 'XiboFormButton ' . $class, 'extra' => $extra, 'start' => $row['FromDT'] * 1000, 'end' => $row['ToDT'] * 1000);
}
echo json_encode(array('success' => 1, 'result' => $events));
die;
} catch (Exception $e) {
Debug::LogEntry('error', $e->getMessage(), get_class(), __FUNCTION__);
die(json_encode(array('success' => 0, 'error' => __('Unable to get events'))));
}
}
public static function query($sortOrder = null, $filterBy = null)
{
$entries = array();
$params = array();
$select = ' SELECT logId, logDate, user.userName, message, objectAfter, entity, entityId, auditlog.userId ';
$body = 'FROM `auditlog` LEFT OUTER JOIN user ON user.userId = auditlog.userId WHERE 1 = 1 ';
if (\Kit::GetParam('search', $filterBy, _STRING) != '') {
// tokenize
$i = 0;
foreach (explode(' ', \Kit::GetParam('search', $filterBy, _STRING)) as $searchTerm) {
$i++;
if (stripos($searchTerm, '|') > -1) {
$complexTerm = explode('|', $searchTerm);
if (!isset($complexTerm[1]) || $complexTerm[1] == '') {
continue;
}
$like = false;
switch (strtolower($complexTerm[0])) {
case 'fromtimestamp':
$body .= ' AND auditlog.logDate >= :search' . $i;
break;
case 'totimestamp':
$body .= ' AND auditlog.logDate < :search' . $i;
break;
case 'entity':
$like = true;
$body .= ' AND auditlog.entity LIKE :search' . $i;
break;
case 'username':
$like = true;
$body .= ' AND user.userName LIKE :search' . $i;
break;
default:
$like = true;
$body .= ' AND auditlog.message LIKE :search' . $i;
}
$params['search' . $i] = $like ? '%' . $complexTerm[1] . '%' : $complexTerm[1];
} else {
$body .= ' AND auditlog.message LIKE :search' . $i;
$params['search' . $i] = '%' . $searchTerm . '%';
}
}
$body .= ' ';
}
$order = '';
if (is_array($sortOrder) && count($sortOrder) > 0) {
$order .= 'ORDER BY ' . implode(', ', $sortOrder) . ' ';
}
// The final statements
$sql = $select . $body . $order;
\Debug::sql($sql, $params);
$dbh = \PDOConnect::init();
$sth = $dbh->prepare($sql);
$sth->execute($params);
foreach ($sth->fetchAll() as $row) {
$auditLog = new AuditLog();
$auditLog->logId = $row['logId'];
$auditLog->logDate = $row['logDate'];
$auditLog->entity = $row['entity'];
$auditLog->userId = $row['userId'];
$auditLog->userName = $row['userName'];
$auditLog->message = $row['message'];
$auditLog->entityId = $row['entityId'];
$auditLog->objectAfter = $row['objectAfter'];
$entries[] = $auditLog;
}
return $entries;
}
/**
* Shows the stats grid
*/
public function StatsGrid()
{
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
$fromDt = DateManager::getIsoDateFromString(Kit::GetParam('fromdt', _POST, _STRING));
$toDt = DateManager::getIsoDateFromString(Kit::GetParam('todt', _POST, _STRING));
$displayId = Kit::GetParam('displayid', _POST, _INT);
$mediaId = Kit::GetParam('mediaid', _POST, _INT);
// What if the fromdt and todt are exactly the same?
// in this case assume an entire day from midnight on the fromdt to midnight on the todt (i.e. add a day to the todt)
if ($fromDt == $toDt) {
$toDt = date("Y-m-d", strtotime($toDt) + 86399);
}
Debug::Audit('Converted Times received are: FromDt=' . $fromDt . '. ToDt=' . $toDt);
// Get an array of display id this user has access to.
$displays = $this->user->DisplayList();
$display_ids = array();
foreach ($displays as $display) {
$display_ids[] = $display['displayid'];
}
if (count($display_ids) <= 0) {
trigger_error(__('No displays with View permissions'), E_USER_ERROR);
}
// 3 grids showing different stats.
// Layouts Ran
$SQL = 'SELECT display.Display, layout.Layout, COUNT(StatID) AS NumberPlays, SUM(TIME_TO_SEC(TIMEDIFF(end, start))) AS Duration, MIN(start) AS MinStart, MAX(end) AS MaxEnd ';
$SQL .= ' FROM stat ';
$SQL .= ' INNER JOIN layout ON layout.LayoutID = stat.LayoutID ';
$SQL .= ' INNER JOIN display ON stat.DisplayID = display.DisplayID ';
$SQL .= " WHERE stat.type = 'layout' ";
$SQL .= sprintf(" AND stat.end > '%s' ", $fromDt);
$SQL .= sprintf(" AND stat.start <= '%s' ", $toDt);
$SQL .= ' AND stat.displayID IN (' . implode(',', $display_ids) . ') ';
if ($displayId != 0) {
$SQL .= sprintf(" AND stat.displayID = %d ", $displayId);
}
$SQL .= 'GROUP BY display.Display, layout.Layout ';
$SQL .= 'ORDER BY display.Display, layout.Layout';
// Log
Debug::sql($SQL);
if (!($results = $this->db->query($SQL))) {
trigger_error($db->error());
trigger_error(__('Unable to get Layouts Shown'), E_USER_ERROR);
}
$cols = array(array('name' => 'Display', 'title' => __('Display')), array('name' => 'Layout', 'title' => __('Layout')), array('name' => 'NumberPlays', 'title' => __('Number of Plays')), array('name' => 'DurationSec', 'title' => __('Total Duration (s)')), array('name' => 'Duration', 'title' => __('Total Duration')), array('name' => 'MinStart', 'title' => __('First Shown')), array('name' => 'MaxEnd', 'title' => __('Last Shown')));
Theme::Set('table_cols', $cols);
$rows = array();
while ($row = $db->get_assoc_row($results)) {
$row['Display'] = Kit::ValidateParam($row['Display'], _STRING);
$row['Layout'] = Kit::ValidateParam($row['Layout'], _STRING);
$row['NumberPlays'] = Kit::ValidateParam($row['NumberPlays'], _INT);
$row['DurationSec'] = Kit::ValidateParam($row['Duration'], _INT);
$row['Duration'] = sec2hms(Kit::ValidateParam($row['Duration'], _INT));
$row['MinStart'] = DateManager::getLocalDate(strtotime(Kit::ValidateParam($row['MinStart'], _STRING)));
$row['MaxEnd'] = DateManager::getLocalDate(strtotime(Kit::ValidateParam($row['MaxEnd'], _STRING)));
$rows[] = $row;
}
Theme::Set('table_rows', $rows);
Theme::Set('table_layouts_shown', Theme::RenderReturn('table_render'));
// Media Ran
$SQL = 'SELECT display.Display, media.Name, COUNT(StatID) AS NumberPlays, SUM(TIME_TO_SEC(TIMEDIFF(end, start))) AS Duration, MIN(start) AS MinStart, MAX(end) AS MaxEnd ';
$SQL .= ' FROM stat ';
$SQL .= ' INNER JOIN display ON stat.DisplayID = display.DisplayID ';
$SQL .= ' INNER JOIN media ON media.MediaID = stat.MediaID ';
$SQL .= " WHERE stat.type = 'media' ";
$SQL .= sprintf(" AND stat.end > '%s' ", $fromDt);
$SQL .= sprintf(" AND stat.start <= '%s' ", $toDt);
$SQL .= ' AND stat.displayID IN (' . implode(',', $display_ids) . ') ';
if ($mediaId != 0) {
$SQL .= sprintf(" AND media.MediaID = %d ", $mediaId);
}
if ($displayId != 0) {
$SQL .= sprintf(" AND stat.displayID = %d ", $displayId);
}
$SQL .= 'GROUP BY display.Display, media.Name ';
$SQL .= 'ORDER BY display.Display, media.Name';
if (!($results = $this->db->query($SQL))) {
trigger_error($db->error());
trigger_error(__('Unable to get Library Media Ran'), E_USER_ERROR);
}
$cols = array(array('name' => 'Display', 'title' => __('Display')), array('name' => 'Media', 'title' => __('Media')), array('name' => 'NumberPlays', 'title' => __('Number of Plays')), array('name' => 'DurationSec', 'title' => __('Total Duration (s)')), array('name' => 'Duration', 'title' => __('Total Duration')), array('name' => 'MinStart', 'title' => __('First Shown')), array('name' => 'MaxEnd', 'title' => __('Last Shown')));
Theme::Set('table_cols', $cols);
$rows = array();
while ($row = $db->get_assoc_row($results)) {
$row['Display'] = Kit::ValidateParam($row['Display'], _STRING);
$row['Media'] = Kit::ValidateParam($row['Name'], _STRING);
$row['NumberPlays'] = Kit::ValidateParam($row['NumberPlays'], _INT);
$row['DurationSec'] = Kit::ValidateParam($row['Duration'], _INT);
$row['Duration'] = sec2hms(Kit::ValidateParam($row['Duration'], _INT));
$row['MinStart'] = DateManager::getLocalDate(strtotime(Kit::ValidateParam($row['MinStart'], _STRING)));
$row['MaxEnd'] = DateManager::getLocalDate(strtotime(Kit::ValidateParam($row['MaxEnd'], _STRING)));
$rows[] = $row;
}
Theme::Set('table_rows', $rows);
Theme::Set('table_media_shown', Theme::RenderReturn('table_render'));
// Media on Layouts Ran
$SQL = "SELECT display.Display, layout.Layout, IFNULL(media.Name, 'Text/Rss/Webpage') AS Name, COUNT(StatID) AS NumberPlays, SUM(TIME_TO_SEC(TIMEDIFF(end, start))) AS Duration, MIN(start) AS MinStart, MAX(end) AS MaxEnd ";
$SQL .= ' FROM stat ';
$SQL .= ' INNER JOIN display ON stat.DisplayID = display.DisplayID ';
$SQL .= ' INNER JOIN layout ON layout.LayoutID = stat.LayoutID ';
$SQL .= ' LEFT OUTER JOIN media ON media.MediaID = stat.MediaID ';
$SQL .= " WHERE stat.type = 'media' ";
$SQL .= sprintf(" AND stat.end > '%s' ", $fromDt);
$SQL .= sprintf(" AND stat.start <= '%s' ", $toDt);
$SQL .= ' AND stat.displayID IN (' . implode(',', $display_ids) . ') ';
if ($mediaId != 0) {
$SQL .= sprintf(" AND media.MediaID = %d ", $mediaId);
}
if ($displayId != 0) {
$SQL .= sprintf(" AND stat.displayID = %d ", $displayId);
}
$SQL .= "GROUP BY display.Display, layout.Layout, IFNULL(media.Name, 'Text/Rss/Webpage') ";
$SQL .= "ORDER BY display.Display, layout.Layout, IFNULL(media.Name, 'Text/Rss/Webpage')";
if (!($results = $this->db->query($SQL))) {
trigger_error($db->error());
trigger_error(__('Unable to get Library Media Ran'), E_USER_ERROR);
}
$cols = array(array('name' => 'Display', 'title' => __('Display')), array('name' => 'Layout', 'title' => __('Layout')), array('name' => 'Media', 'title' => __('Media')), array('name' => 'NumberPlays', 'title' => __('Number of Plays')), array('name' => 'DurationSec', 'title' => __('Total Duration (s)')), array('name' => 'Duration', 'title' => __('Total Duration')), array('name' => 'MinStart', 'title' => __('First Shown')), array('name' => 'MaxEnd', 'title' => __('Last Shown')));
Theme::Set('table_cols', $cols);
$rows = array();
while ($row = $db->get_assoc_row($results)) {
$row['Display'] = Kit::ValidateParam($row['Display'], _STRING);
$row['Layout'] = Kit::ValidateParam($row['Layout'], _STRING);
$row['Media'] = Kit::ValidateParam($row['Name'], _STRING);
$row['NumberPlays'] = Kit::ValidateParam($row['NumberPlays'], _INT);
$row['DurationSec'] = Kit::ValidateParam($row['Duration'], _INT);
$row['Duration'] = sec2hms(Kit::ValidateParam($row['Duration'], _INT));
$row['MinStart'] = DateManager::getLocalDate(strtotime(Kit::ValidateParam($row['MinStart'], _STRING)));
$row['MaxEnd'] = DateManager::getLocalDate(strtotime(Kit::ValidateParam($row['MaxEnd'], _STRING)));
$rows[] = $row;
}
Theme::Set('table_rows', $rows);
Theme::Set('table_media_on_layouts_shown', Theme::RenderReturn('table_render'));
$output = Theme::RenderReturn('stats_page_grid');
$response->SetGridResponse($output);
$response->paging = false;
$response->Respond();
}
/**
* List of Displays this user has access to view
*/
public function DisplayList($sort_order = array('displayid'), $filter_by = array(), $auth_level = 'view')
{
$SQL = 'SELECT display.displayid, ';
$SQL .= ' display.display, ';
$SQL .= ' displaygroup.description, ';
$SQL .= ' layout.layout, ';
$SQL .= ' display.loggedin, ';
$SQL .= ' IFNULL(display.lastaccessed, 0) AS lastaccessed, ';
$SQL .= ' display.inc_schedule, ';
$SQL .= ' display.licensed, ';
$SQL .= ' display.email_alert, ';
$SQL .= ' displaygroup.DisplayGroupID, ';
$SQL .= ' display.ClientAddress, ';
$SQL .= ' display.MediaInventoryStatus, ';
$SQL .= ' display.MacAddress, ';
$SQL .= ' display.client_type, ';
$SQL .= ' display.client_version, ';
$SQL .= ' display.client_code, ';
$SQL .= ' display.screenShotRequested, ';
$SQL .= ' display.storageAvailableSpace, ';
$SQL .= ' display.storageTotalSpace, ';
$SQL .= ' currentLayout.layout AS currentLayout, ';
$SQL .= ' currentLayout.layoutId AS currentLayoutId ';
$SQL .= ' FROM display ';
$SQL .= ' INNER JOIN lkdisplaydg ON lkdisplaydg.DisplayID = display.DisplayID ';
$SQL .= ' INNER JOIN displaygroup ON displaygroup.DisplayGroupID = lkdisplaydg.DisplayGroupID ';
$SQL .= ' LEFT OUTER JOIN layout ON layout.layoutid = display.defaultlayoutid ';
$SQL .= ' LEFT OUTER JOIN layout currentLayout ON currentLayout.layoutId = display.currentLayoutId';
if (Kit::GetParam('displaygroupid', $filter_by, _INT) != 0) {
// Restrict to a specific display group
$SQL .= sprintf(' WHERE displaygroup.displaygroupid = %d ', Kit::GetParam('displaygroupid', $filter_by, _INT));
} else {
// Restrict to display specific groups
$SQL .= ' WHERE displaygroup.IsDisplaySpecific = 1 ';
}
// Filter by Display ID?
if (Kit::GetParam('displayid', $filter_by, _INT) != 0) {
$SQL .= sprintf(' AND display.displayid = %d ', Kit::GetParam('displayid', $filter_by, _INT));
}
// Filter by Display Name?
if (Kit::GetParam('display', $filter_by, _STRING) != '') {
// convert into a space delimited array
$names = explode(' ', Kit::GetParam('display', $filter_by, _STRING));
foreach ($names as $searchName) {
// Not like, or like?
if (substr($searchName, 0, 1) == '-') {
$SQL .= " AND (display.display NOT LIKE '%" . sprintf('%s', ltrim($this->db->escape_string($searchName), '-')) . "%') ";
} else {
$SQL .= " AND (display.display LIKE '%" . sprintf('%s', $this->db->escape_string($searchName)) . "%') ";
}
}
}
if (Kit::GetParam('macAddress', $filter_by, _STRING) != '') {
$SQL .= sprintf(' AND display.macaddress LIKE \'%s\' ', '%' . $this->db->escape_string(Kit::GetParam('macAddress', $filter_by, _STRING)) . '%');
}
// Exclude a group?
if (Kit::GetParam('exclude_displaygroupid', $filter_by, _INT) != 0) {
$SQL .= " AND display.DisplayID NOT IN ";
$SQL .= " (SELECT display.DisplayID ";
$SQL .= " FROM display ";
$SQL .= " INNER JOIN lkdisplaydg ";
$SQL .= " ON lkdisplaydg.DisplayID = display.DisplayID ";
$SQL .= sprintf(" WHERE lkdisplaydg.DisplayGroupID = %d ", Kit::GetParam('exclude_displaygroupid', $filter_by, _INT));
$SQL .= " )";
}
// Filter by client version
if (Kit::GetParam('clientVersion', $filter_by, _STRING) != '') {
$clientVersion = '%' . $this->db->escape_string(Kit::GetParam('clientVersion', $filter_by, _STRING)) . '%';
$SQL .= sprintf(" AND (display.client_version LIKE '%s' OR display.client_type LIKE '%s') ", $clientVersion, $clientVersion);
}
// Sorting?
if (is_array($sort_order)) {
$SQL .= 'ORDER BY ' . implode(',', $sort_order);
}
Debug::sql($SQL, $filter_by);
if (!($result = $this->db->query($SQL))) {
trigger_error($this->db->error());
return false;
}
$displays = array();
while ($row = $this->db->get_assoc_row($result)) {
$displayItem = array();
// Validate each param and add it to the array.
$displayItem['displayid'] = Kit::ValidateParam($row['displayid'], _INT);
$displayItem['display'] = Kit::ValidateParam($row['display'], _STRING);
$displayItem['description'] = Kit::ValidateParam($row['description'], _STRING);
$displayItem['layout'] = Kit::ValidateParam($row['layout'], _STRING);
$displayItem['loggedin'] = Kit::ValidateParam($row['loggedin'], _INT);
$displayItem['lastaccessed'] = Kit::ValidateParam($row['lastaccessed'], _STRING);
$displayItem['inc_schedule'] = Kit::ValidateParam($row['inc_schedule'], _INT);
$displayItem['licensed'] = Kit::ValidateParam($row['licensed'], _INT);
$displayItem['email_alert'] = Kit::ValidateParam($row['email_alert'], _INT);
$displayItem['displaygroupid'] = Kit::ValidateParam($row['DisplayGroupID'], _INT);
$displayItem['clientaddress'] = Kit::ValidateParam($row['ClientAddress'], _STRING);
$displayItem['mediainventorystatus'] = Kit::ValidateParam($row['MediaInventoryStatus'], _INT);
$displayItem['macaddress'] = Kit::ValidateParam($row['MacAddress'], _STRING);
$displayItem['client_type'] = Kit::ValidateParam($row['client_type'], _STRING);
$displayItem['client_version'] = Kit::ValidateParam($row['client_version'], _STRING);
$displayItem['client_code'] = Kit::ValidateParam($row['client_code'], _STRING);
$displayItem['screenShotRequested'] = Kit::ValidateParam($row['screenShotRequested'], _INT);
$displayItem['storageAvailableSpace'] = Kit::ValidateParam($row['storageAvailableSpace'], _INT);
$displayItem['storageTotalSpace'] = Kit::ValidateParam($row['storageTotalSpace'], _INT);
$displayItem['currentLayoutId'] = Kit::ValidateParam($row['currentLayoutId'], _INT);
$displayItem['currentLayout'] = Kit::ValidateParam($row['currentLayout'], _STRING);
$auth = $this->DisplayGroupAuth($displayItem['displaygroupid'], true);
if ($auth->view) {
// If auth level = edit and we don't have edit, then leave them off
if ($auth_level == 'edit' && !$auth->edit) {
continue;
}
$displayItem['view'] = (int) $auth->view;
$displayItem['edit'] = (int) $auth->edit;
$displayItem['del'] = (int) $auth->del;
$displayItem['modifypermissions'] = (int) $auth->modifyPermissions;
$displays[] = $displayItem;
}
}
return $displays;
}
public static function entries($sortOrder = array(), $filterBy = array())
{
$entries = array();
// Default sort order
if (count($sortOrder) <= 0) {
$sortOrder = array('username');
}
try {
$dbh = PDOConnect::init();
$params = array();
$SQL = '
SELECT `user`.userId, userName, userTypeId, loggedIn, email, homePage, lastAccessed, newUserWizard, retired, `userGroups`.groupId, `userGroups`.libraryQuota
FROM `user`
LEFT OUTER JOIN (
SELECT `group`.groupId, `group`.libraryQuota, `lkusergroup`.userId
FROM `lkusergroup`
INNER JOIN `group`
ON `group`.groupId = `lkusergroup`.groupId
AND `group`.isUserSpecific = 1
) userGroups
ON userGroups.userId = `user`.userId
WHERE 1 = 1
';
// User Id Provided?
if (Kit::GetParam('userId', $filterBy, _INT) != 0) {
$SQL .= " AND user.userId = :userId ";
$params['userId'] = Kit::GetParam('userId', $filterBy, _INT);
}
// User Type Provided
if (Kit::GetParam('userTypeId', $filterBy, _INT) != 0) {
$SQL .= " AND user.userTypeId = :userTypeId ";
$params['userTypeId'] = Kit::GetParam('userTypeId', $filterBy, _INT);
}
// User Name Provided
if (Kit::GetParam('userName', $filterBy, _STRING) != '') {
$SQL .= " AND user.userName LIKE :userName ";
$params['userName'] = '******' . Kit::GetParam('userName', $filterBy, _STRING) . '%';
}
// Groups Provided
$groups = Kit::GetParam('groupIds', $filterBy, _ARRAY_INT);
if (count($groups) > 0) {
$SQL .= " AND user.userId IN (SELECT userId FROM `lkusergroup` WHERE groupid IN (" . implode($groups, ',') . ")) ";
}
// Retired users?
if (Kit::GetParam('retired', $filterBy, _INT) != -1) {
$SQL .= " AND user.retired = :retired ";
$params['retired'] = Kit::GetParam('retired', $filterBy, _INT);
}
// Sorting?
if (is_array($sortOrder)) {
$SQL .= 'ORDER BY ' . implode(',', $sortOrder);
}
Debug::sql($SQL, $params);
$sth = $dbh->prepare($SQL);
$sth->execute($params);
foreach ($sth->fetchAll() as $row) {
$user = new Userdata();
$user->userId = Kit::ValidateParam($row['userId'], _INT);
$user->userName = Kit::ValidateParam($row['userName'], _STRING);
$user->userTypeId = Kit::ValidateParam($row['userTypeId'], _INT);
$user->loggedIn = Kit::ValidateParam($row['loggedIn'], _INT);
$user->email = Kit::ValidateParam($row['email'], _STRING);
$user->homePage = Kit::ValidateParam($row['homePage'], _STRING);
$user->lastAccessed = Kit::ValidateParam($row['lastAccessed'], _INT);
$user->newUserWizard = Kit::ValidateParam($row['newUserWizard'], _INT);
$user->retired = Kit::ValidateParam($row['retired'], _INT);
$user->groupId = Kit::ValidateParam($row['groupId'], _INT);
$user->libraryQuota = Kit::ValidateParam($row['libraryQuota'], _INT);
$entries[] = $user;
}
return $entries;
} catch (Exception $e) {
Debug::LogEntry('error', $e->getMessage(), get_class(), __FUNCTION__);
return false;
}
}