/**
*
*
*/
function getUserResByTag(folksoQuery $q, folksoDBconnect $dbc, folksoSession $fks)
{
$r = new folksoResponse();
try {
$u = $fks->userSession(null);
if (!$u instanceof folksoUser && !$q->is_param('user')) {
return $r->setError(404, 'No user');
} elseif ($q->is_param('user')) {
$u = new folksoUser($dbc);
// we create a user object anyway
$u->setUid($q->get_param('user'));
if (!$u->exists($q->get_param('user'))) {
return $r->setError(404, 'Missing or invalid user');
}
}
$i = new folksoDBinteract($dbc);
$uq = new folksoUserQuery();
$sql = $uq->resourcesByTag($q->tag, $u->userid);
$i->query($sql);
/* these are inside the try block because exists() hits the DB */
if ($i->rowCount == 0) {
if (isset($u->nick) || $u->exists()) {
return $r->setOk(204, 'User has no resources with this tag');
} else {
// no longer necessary
return $r->setError(404, 'Unknown user');
}
}
} catch (dbException $e) {
return $r->handleDBexception($e);
} catch (badUseridException $e) {
return $r->handleDBexception($e);
// TODO: update this with new class
}
$r->setOk(200, 'Found');
$df = new folksoDisplayFactory();
if ($q->content_type() == 'json') {
$dd = new folksoDataJson('resid', 'url', 'title');
} else {
$dd = $df->ResourceList('xml');
}
$r->t($dd->startform());
while ($row = $i->result->fetch_object()) {
$r->t($dd->line($row->id, htmlspecialchars($row->uri_raw), htmlspecialchars($row->title)));
}
$r->t($dd->endform());
return $r;
}
* @package Folkso
* @author Joseph Fahey
* @copyright 2009 Gnu Public Licence (GPL)
* @subpackage webinterface
*/
require_once 'folksoDBconnect.php';
require_once 'folksoDBinteract.php';
require_once 'folksoFabula.php';
require_once 'folksoAdmin.php';
require_once 'folksoUser.php';
require_once 'folksoSession.php';
require_once 'folksoClient.php';
$loc = new folksoFabula();
//$dbc = $loc->locDBC();
$test_dbc = new folksoDBconnect('localhost', 'tester_dude', 'testy', 'testostonomie');
$fks = new folksoSession($test_dbc);
if ($_COOKIE['folksosess']) {
$fks->setSid($_COOKIE['folksosess']);
} else {
// warning, dev only!!!!!
$fks->startSession('gustav-2009-001');
}
$u = $fks->userSession();
if (!$u instanceof folksoUser) {
print "Error not a logged user";
// header('Location: ' . $loc->loginPage());
exit;
}
$cl = new folksoClient('localhost', $loc->server_web_path . 'user.php', 'GET');
print $cl->method;
$cl->set_getfields(array('folksouid' => $u->userid, 'folksogetmytags' => 1));
/**
* rename tag
*
* rename, newname
*
*/
function renameTag(folksoQuery $q, folksoDBconnect $dbc, folksoSession $fks)
{
$r = new folksoResponse();
$u = $fks->userSession(null, 'folkso', 'admin');
if (!$u instanceof folksoUser || !$u->checkUserRight('folkso', 'admin')) {
return $r->unAuthorized($u);
}
try {
$i = new folksoDBinteract($dbc);
if (!$i->tagp($q->tag)) {
$r->setError(404, 'Tag not found', 'Nothing to rename. No such tag: ' . $q->tag);
return $r;
}
$query = "UPDATE tag\n SET tagdisplay = '" . $i->dbescape($q->get_param('newname')) . "', " . "tagnorm = normalize_tag('" . $i->dbescape($q->get_param('newname')) . "') " . "where ";
if (is_numeric($q->tag)) {
$query .= " id = " . $q->tag;
} else {
$query .= " tagnorm = normalize_tag('" . $i->dbescape($q->tag) . "')";
}
$i->query($query);
} catch (dbException $e) {
return $r->handleDBexception($e);
}
$r->setOk(204, 'Tag renamed');
return $r;
}
/**
* Web params: POST + note + delete
*
* "note" must be a numerical note id.
*/
function rmNote(folksoquery $q, folksoDBconnect $dbc, folksoSession $fks)
{
$r = new folksoResponse();
$u = $fks->userSession(null, 'folkso', 'redac');
if (!$u instanceof folksoUser || !$u->checkUserRight('folkso', 'redac')) {
return $r->unAuthorized($u);
}
try {
$i = new folksoDBinteract($dbc);
if (!is_numeric($q->get_param('note'))) {
$r->setError(400, 'Bad note argument', $q->get_param('note') . ' is not a number');
return $r;
}
$sql = "DELETE FROM note WHERE id = " . $q->get_param('note');
$i->query($sql);
} catch (dbException $e) {
return $r->handleDBexception($e);
}
$r->setOk(200, 'Deleted');
$r->t("The note " . $q->get_param('note') . " was deleted.");
return $r;
}
/**
* Based on the request received, checks each response object is
* checked to see if it is equiped to handle the request.
*/
public function Respond()
{
if (!$this->valid_method()) {
// some kind of error
header('HTTP/1.0 405');
print "NOT OK. Illegal request method for this resource.";
return;
}
if (!$this->validClientAddress($_SERVER['REMOTE_HOST'], $_SERVER['REMOTE_ADDR'])) {
header('HTTP/1.0 403');
print "Sorry, this not available to you";
return;
}
$q = new folksoQuery($_SERVER, $_GET, $_POST);
$realm = 'folkso';
$loc = new folksoFabula();
$dbc = $loc->locDBC();
$fks = new folksoSession($dbc);
/**
* $sid: session ID
*/
$sid = $_COOKIE['folksosess'] ? $_COOKIE['folksosess'] : $q->get_param('session');
try {
$fks->setSid($sid);
} catch (badSidException $e) {
if ($q->is_write_method()) {
header('HTTP/1.1 403 Login required');
// redirect instead
header('Location: ' . $loc->loginPage());
exit;
}
}
/* check each response object and run the response if activatep
returns true*/
$repflag = false;
if (count($this->responseObjects) === 0) {
trigger_error("No responseObjects available", E_USER_ERROR);
}
/** Walking the response objects **/
foreach ($this->responseObjects as $resp) {
if ($resp->activatep($q)) {
$repflag = true;
$resp->Respond($q, $dbc, $fks);
break;
}
}
/** check for no valid response **/
if (!$repflag) {
header('HTTP/1.1 400');
print "Client did not make a valid query. (folksoServer)";
// default response or error page...
}
}
