public static function save($code, $value, $lang = null)
{
// Save specific locale value by given key
if (!$lang) {
$lang = self::getLanguage();
}
// Check if locale already exists
$sql = new SqlManager();
$sql->setQuery("\n\t\t\tSELECT code FROM locale \n\t\t\tWHERE code = '{{code}}' \n\t\t\tAND language = {{lang}}\n\t\t\tLIMIT 1");
$sql->bindParam('{{code}}', $code);
$sql->bindParam('{{lang}}', $lang, "int");
$check = $sql->result();
$loc = array('code' => $sql->escape($code), 'language' => $sql->escape($lang, "int"), 'text' => $sql->escape($value), 'lastchanged' => DateManager::now());
// Either update database or insert new entry for given locale
if (!$check['code']) {
$loc['created'] = DateManager::now();
$sql->insert("locale", $loc);
} else {
$sql->update("locale", $loc);
}
// Refresh cache to make sure new locale entry will be used
$cachekey = "locale:" . $lang;
Cache::clear($cachekey);
self::load($lang);
}
public function applyRules()
{
$sql = new SqlManager();
$sql->setQuery("\n\t\t\tSELECT * FROM rewrite\n\t\t\tWHERE request = '{{url}}'\n\t\t\t");
$sql->bindParam("{{url}}", $this->request_url);
$rule = $sql->result();
if (isset($rule['rewrite'])) {
$this->target_url = $rule['rewrite'];
$this->data = $rule;
}
}
public function set($name, $value)
{
// Set config and update database
$sql = new SqlManager();
$set = array("name" => $name, "user_id" => $this->user, "value" => $value);
if (isset($this->config[$name])) {
$sql->update("config", $set);
} else {
$sql->insert("config", $set);
}
$this->config[$name] = $value;
}
function saveUploadData($db, $metadata)
{
global $dataMap, $fpConfig;
$dbConnected = $db != NULL;
if (!$dbConnected) {
$db = new SqlManager($fpConfig);
}
if ($db->offline) {
return -1;
}
//TODO: use remap between exif data and db row?
//step 1: insert record based on image EXIF metadata
if (!isset($metadata["upload_id"])) {
$data = arrayRemap($metadata, $dataMap);
// $data["meal"] = selectMeal($data["image_date_taken"]);
} else {
//step 2: update record based on form data
$data = $metadata;
}
$data["username"] = fpCurrentUsername();
$data["table"] = "user_upload";
$result = $db->saveRow($data);
if (!$dbConnected) {
$db->disconnect();
}
return $result;
}
public function create(array $data, array $meta = array())
{
// Create new user from given data array
$sql = new SqlManager();
if (isset($data['password'])) {
// Save password as bcrypt hash``
$data['password'] = Crypt::createHash($data['password']);
}
$sql->insert("user", $data);
$id = $sql->getLastInsertID();
// Save meta data
foreach ($meta as $key => $value) {
Meta::save("user", $id, $key, $value);
}
// Return database ID of added user
return $id;
}
public static function save($type, $id, $data)
{
$data['object_type'] = $type;
$data['object_id'] = $id;
$sql = new SqlManager();
if (!isset($data['id'])) {
$sql->insert("version", $data);
} else {
$sql->setQuery("\n\t\t\t\tSELECT id FROM version\n\t\t\t\tWHERE id = {{id}}\n\t\t\t\tLIMIT 1\n\t\t\t\t");
$sql->bindParam("{{id}}", $data['id']);
$check = $sql->result();
if (isset($check['id'])) {
$sql->update("version", $data);
} else {
$sql->insert("version", $data);
}
}
}
public static function load($name, $parent = null, $level = 0, $maxlevel = 0)
{
$assortment = array();
$sql = new SqlManager();
if (is_null($parent)) {
$sql->setQuery("\n\t\t\t\tSELECT assortment.*, COUNT(*) AS cnt FROM assortment\n\t\t\t\tLEFT JOIN meta ON (meta.name = 'assortment' AND meta.value = assortment.id)\n\t\t\t\tWHERE assortment.name = '{{name}}'\n\t\t\t\t\tAND assortment.parent_id IS NULL\n\t\t\t\tGROUP BY assortment.id\n\t\t\t\tORDER BY assortment.sortkey ASC\n\t\t\t\t");
} else {
$sql->setQuery("\n\t\t\t\tSELECT assortment.*, COUNT(*) AS count FROM assortment\n\t\t\t\tLEFT JOIN meta ON (meta.name = 'assortment' AND meta.value = assortment.id)\n\t\t\t\tWHERE assortment.name = '{{name}}'\n\t\t\t\t\tAND assortment.parent_id = {{parent}}\n\t\t\t\tGROUP BY assortment.id\n\t\t\t\tORDER BY assortment.sortkey ASC\n\t\t\t\t");
$sql->bindParam("{{parent}}", $parent, "int");
}
$sql->bindParam("{{name}}", $name);
$sql->execute();
$i = 0;
while ($row = $sql->fetch()) {
$assortment[$i] = $row;
if ($level < $maxlevel) {
$assortment[$i]['_children'] = self::load($name, $row['id'], $level + 1, $maxlevel);
$assortment[$i]['count'] += $assortment[$i]['_children']['cnt'];
}
$i++;
}
return $assortment;
}
public function check()
{
// Check rights for setup instance
// Check if neccessary fields are all set
if (!$this->table) {
throw new Exception("Table not set!");
return;
}
if (!$this->id) {
throw new Exception("ID not set!");
return;
}
if (!is_object($this->user)) {
throw new Exception("User not set!");
return;
}
// Check users access rights to any object
$cachekey = "access:" . $this->table . ":" . $this->id . ":" . $this->user->getID();
$this->access = Cache::load($cachekey);
if (is_null($this->access)) {
// No cache found, load access rights from database
$this->access = true;
$sql = new SqlManager();
$sql->setQuery("\n\t\t\t\tSELECT * FROM access\n\t\t\t\tWHERE object_table = '{{table}}'\n\t\t\t\t\tAND object_id = {{id}}\n\t\t\t\t");
$sql->bindParam("{{table}}", $this->table);
$sql->bindParam("{{id}}", $this->id, "int");
$sql->execute();
$rulescnt = 0;
while ($row = $sql->fetch()) {
$rulescnt++;
switch ($row['access_type']) {
case "password":
// Check somehow if user entered password already
$this->access = false;
$this->access_data = $row;
break;
case "usergroup":
// Check if user is part of the usergroup
if (!in_array($row['access_key'], $this->user->getUserGroups())) {
$this->access = false;
$this->access_data = $row;
}
break;
default:
$this->access = false;
break;
}
if ($this->access) {
// If one of the access settings allows access, it's enough
// Stop loop
$this->access_data = array();
break;
}
}
if ($this->access && count($this->parents) > 0) {
foreach ($this->parents as $parent) {
$check = $this->parents[count($this->parents) - 1];
unset($this->parents[count($this->parents) - 1]);
$check = new AccessOfficer($this->table, $check, $this->user, $this->parents);
$this->access = $check->check();
$this->access_data = $check->getAccessData();
}
}
// Save determined access in cahce for later use
Cache::save($cachekey, $this->access);
}
return $this->access;
}
public static function removeFromID($metaid)
{
// Remove specific meta data by given meta.id
$sql = new SqlManager();
$delete = array("id" => $id);
$sql->delete("meta", $delete);
}
public function loadElements($parent = null)
{
// Get elements to loaded content from the database for given parent id
// Is used recursiv to load the hierarchical structure of the content elements
if (!isset($this->id)) {
throw new Exception("Cannot get content elements! No content set!");
return;
}
// Try from cache first
$elements = array();
// No cache found, load from database
$sql = new SqlManager();
if ($parent > 0) {
$sql->setQuery("SELECT * FROM element WHERE object_table = 'content' AND object_id = {{id}} AND parent_id = {{parent}} ORDER BY sortkey");
$sql->bindParam("{{parent}}", $parent, "int");
} else {
$sql->setQuery("SELECT * FROM element WHERE object_table = 'content' AND object_id = {{id}} AND parent_id IS NULL ORDER BY sortkey");
}
$sql->bindParam("{{id}}", $this->id, "int");
$sql->execute();
while ($element = $sql->fetch()) {
if (!isset($elements[$element['position']])) {
$elements[$element['position']] = array();
}
$element['parameters'] = unserialize($element['parameters']);
$index = count($elements[$element['position']]);
$elements[$element['position']][$index] = $element;
// Created parent-children array tree
$elements[$element['position']][$index]['_children'] = $this->loadElements($element['id']);
}
return $elements;
}
//response: image metadata from EXIF and url.
//echo jsValue($fpConfig, true, true);
$username = fpCurrentUsername();
$upload_id = reqParam("upload_id");
debugVar("username", true);
debug("Request", $_REQUEST);
debug("GET request", $_GET);
debug("POST request", $_POST);
debug("POST files", $_FILES, true);
if (!$username) {
return errorMessage("Not logged in.");
}
if (!$upload_id) {
return errorMessage("No File deleted.");
}
$db = new SqlManager($fpConfig);
if ($db->offline) {
return errorMessage("DB offline. No File deleted.");
}
//if profile filters( Q_ ) : demographic
//otherwise: personal
$params = array("table" => "user_upload");
addVarsToArray($params, "username upload_id");
//$results = demographicPortrait($db, $params);
$success = $db->delete($params);
$message = $success ? "record {$upload_id} deleted." : "record id {$upload_id} not deleted.";
$db->disconnect();
//TODO delete image file: check if other records for this user use this filename. if only 1, delete file and its thumbs.
$response = array();
addVarsToArray($response, "success message upload_id");
$response["time"] = getTimer(true);
public function userRegister($request)
{
// Register new user from request
if (empty($request['username'])) {
return array("message" => array("type" => "error", "code" => "MandatoryInputMissing"), "missing_fields" => "username");
}
$sql = new SqlManager();
$sql->setQuery("SELECT * FROM user WHERE username = '******'");
$sql->bindParam("{{username}}", $request['username']);
$check = $sql->result();
if (isset($check['id'])) {
return array("message" => array("type" => "error", "code" => "UsernameUsed"));
}
$newuser = new User();
$id = $newuser->create(array("username" => $request['username']));
if (!$id) {
return array("message" => array("type" => "error", "code" => "UnknownError"));
}
$newuser->load($id);
$groups = array();
if (isset($request['usergroups'])) {
$groups = split(",", $request['usergroups']);
}
foreach ($groups as $group) {
Meta::save("user", $newuser->getID(), "usergroup", $group);
}
$newuser->createAuthCode();
return array("redirect" => array("url" => "/bestaetige-account", "post" => array("username" => $request['username'])));
}
public function initPlugins()
{
// Init installed and actived plugins
$sql = new SqlManager();
$sql->setQuery("SELECT * FROM plugin WHERE active = 1");
$sql->execute();
while ($plugin = $sql->fetch()) {
// Check plugin core file
$path = __DIR__ . "/" . $this->plugin_root . "/" . strtolower($plugin['name']) . "/" . $plugin['name'] . ".php";
if (is_file($path)) {
// ... and include it
include_once $path;
// Then check for class and init method and call if possible
if (class_exists($plugin['name'])) {
$instance = new $plugin['name']();
if (method_exists($instance, "init")) {
$instance->init();
} else {
throw new Exception("Init method in plugin '{$plugin['name']}' core file not found!");
}
} else {
throw new Exception("Class for plugin '{$plugin['name']} not found!");
}
} else {
throw new Exception("Core file for plugin '{$plugin['name']}' not found!");
}
}
}
private static function sqlWhere(&$params = null)
{
$sql = "";
$sep = "WHERE";
setIfNull($params, $_REQUEST);
//TODO: list of reserved keywords. check if params are valid columm names
unset($params["debug"]);
unset($params["table"]);
unset($params["group_by"]);
unset($params["order_by"]);
unset($params["limit"]);
$where = arrayExtract($params, "where");
foreach ($params as $key => $param) {
$sql .= " {$sep} " . SqlManager::sqlCondition($params, $key, true);
$sep = "AND";
}
if ($where) {
$sql .= " {$sep} {$where}";
}
return $sql;
}