function sparql($I)
{
##Parse the query and build the dataset
#global $timer;
if (is_file(S3DB_SERVER_ROOT . '/pearlib/Benchmark/Timer.php')) {
require_once S3DB_SERVER_ROOT . '/pearlib/Benchmark/Timer.php';
$timer = new Benchmark_Timer();
$timer->start();
}
extract($I);
##To use SPARQL with ARC library, we will need it to work with a remote endpoint. That means that we do not want to configure ARC as a datastore, but rather to retrieve the data from s3db deployments, convert it to RDF and then use ARC to run the query on it
/* ARC2 static class inclusion */
ini_set("include_path", S3DB_SERVER_ROOT . "/pearlib/arc" . PATH_SEPARATOR . ini_get("include_path"));
include_once "ARC2.php";
$s3ql['url'] = $in['url'] != '' ? $in['url'] : $default_uri;
$s3ql['key'] = $in['key'] != '' ? $in['key'] : get_user_key($user_id, $db);
$q = $in['query'];
list($query, $triples, $prefixes) = parse_sparql_query($q, $s3ql);
$bq .= "PREFIX " . implode("\n PREFIX ", $query['prefix']) . "\n ";
$bq .= "SELECT " . $query['select'][0] . "\n ";
$bq .= "FROM" . implode(" FROM ", $query['from']) . "\n ";
$bq .= "WHERE " . $query['where'][0] . "\n ";
preg_match_all('(\\?[A-Za-z0-9]+) ', $bq, $vars);
if ($vars[0]) {
$vars = array_unique($vars[0]);
$sparql_vars = implode(" ", $vars);
}
if ($query['select'][0] != "" && $query['select'][0] != "*") {
$outputCols = explode(" ", trim($query['select'][0]));
$outputCols = array_filter($outputCols);
$outputCols = array_intersect($vars, $outputCols);
}
$sparql = ereg_replace("FROM(.*)WHERE", "WHERE", $bq);
#lets preprocess the order by which the must be queries must be performed to optimize speedness
list($iterations, $scrambled) = iterationOrder($triples, $prefixes, true);
##$rdf_results will contain the totality of triples retrieved from s3db;
##Start a rdf-api model
$iterations = array_values($iterations);
$rdf = S3DB_URI_BASE . '/s3dbcore/model.n3';
#base s3db rdf model
$filename = md5($rdf);
$file_place = $GLOBALS['uploads'] . '/';
#$queryModel = rdf2php($rdf);
#$data = $queryModel->sparqlQuery($sparql);
#echo '<pre>';print_r($data);exit;
if ($timer) {
$timer->setMarker('Core model read into results');
}
$rdf_results = array();
$performedQueries = array();
$r = 0;
foreach ($iterations as $it => $triples2query) {
$S3QL = array();
$S3QLfinal = array();
foreach ($triples2query as $i => $tripleInd) {
$tripleString = $tripleInd;
list($subject, $predicate, $object) = explode(' ', trim($tripleString));
$subject = ereg_replace('^<|>$', '', $subject);
$predicate = ereg_replace('^<|>$', '', $predicate);
$object = ereg_replace('^<|>$', '', $object);
$triple = compact('subject', 'predicate', 'object');
#sparql triple is used to calculate the values of the variables in the triple
#$sparql_triple = $sparql_prefixes_default.' SELECT * WHERE { '.ltrim($tripleString).' . }';
#now lets interpret the triple to explore the space of possible queries on S3QL
$pack = compact('triple', 's3ql', 'user_id', 'db', 'prefixes', 'varType', 'discoveredData', 'it', 'varTypeWhere', 'collected_data', 'performedQueries');
$sp = sparql_navigator($pack);
extract($sp);
# if($timer) $timer->setMarker('Built query '.$i);
##Remove queries that were already performed
if ($S3QL[0]) {
foreach ($S3QL as $s => $q) {
$S3QLfinal[] = $q;
$queried_elements[] = $element[$s];
}
$localQueries[$tripleString] = $localQueries[0];
$remoteQueries[$tripleString] = $remoteQueries[0];
$localQueries = array_filter($localQueries);
$remoteQueries = array_filter($remoteQueries);
}
}
$S3QL = $S3QLfinal;
##Remove repeated queries
$S3QL = array_unique($S3QL);
#if only the s3ql is requested, we can return it now
if ($in['output'] == 'S3QL') {
foreach ($localQueries as $sparqlVersion => $s3qlVersion) {
$Q[]['S3QL'] = S3QLQuery($s3qlVersion);
}
foreach ($remoteQueries as $rq) {
$Q[]['S3QL'] = $rq;
}
$root = 's3ql';
#root is just the word that xml should parse as the root for each entry
$data = $Q;
$cols = array('S3QL');
$format = $in['format'] == '' ? 'html' : $in['format'];
$z = compact('data', 'cols', 'format', 'root');
$out = outputFormat($z);
return array(true, $out);
}
#If paralel library is activated, use it for the data. Otherwise use the custom version
#$query_answers_file = 'sparql_query_ans'.rand(100,200); $a=fopen($query_answers_file, 'a');
if (!empty($S3QL)) {
if (extension_loaded('curl') && $goparallel) {
// Create cURL handlers
if ($timer) {
$timer->setMarker('Starting queries from group ' . $it);
}
foreach ($S3QL as $k => $url) {
$qURL = $url;
$ch[$k] = curl_init();
// Set options
curl_setopt($ch[$k], CURLOPT_URL, $qURL . '&format=php');
curl_setopt($ch[$k], CURLOPT_RETURNTRANSFER, 1);
}
$mh = curl_multi_init();
foreach ($S3QL as $k => $url) {
curl_multi_add_handle($mh, $ch[$k]);
}
$running = null;
do {
curl_multi_exec($mh, $running);
if ($timer) {
$timer->setMarker('Query ' . $k . ' of group ' . $it . ' executed');
}
} while ($running > 0);
foreach ($S3QL as $k => $url) {
$answer[$k] = curl_multi_getcontent($ch[$k]);
if (!empty($answer[$k])) {
#@fwrite($a, $answer[$k]);
##This is what takes the longest after the query, can it be replaced?
$ans = unserialize($answer[$k]);
$letter = $queried_elements[$r][0];
if (empty($ans)) {
##is this query part is not optional, then the result will be null
##TO BE DEVELOPED SOON
} else {
$rdf_results[$letter][] = $ans;
}
$r++;
##Add the triples to already existing triples
#Line up the answer with the model
if ($timer) {
$timer->setMarker('Query ' . $it . '=>' . $k . ' converted to php ');
}
}
}
curl_multi_close($mh);
####Time count
#$time_end = microtime(true);
#$time = $time_end - $time_start;
#echo "Query took ".$time." seconds\n";exit;
###
} else {
#Now solve the remaining triples with the constants found in this one
if (is_array($localQueries) && !empty($localQueries)) {
foreach ($localQueries as $sparql_triple => $s3ql) {
$s3ql = array_filter(array_diff_key($s3ql, array('url' => '')));
$answer = localQ($s3ql);
if (!empty($answer)) {
$rdfanswer = rdf2php($answer);
#Line up the answer with the model
$queryModel->addModel($rdfanswer);
#Now perform the query on the small model to find a constant for the remaining queries
#list($data,$discovered, $discoveredData,$queryModel) = executeQuery($queryModel,$sparql_triple,$discovered,$format);
}
}
}
if (is_array($remoteQueries) && !empty($remoteQueries)) {
foreach ($remoteQueries as $remoteQuery) {
$answer = remoteQ($remoteQuery);
if (!empty($answer)) {
$rdfanswer = rdf2php($answer);
#Line up the answer with the model
$queryModel->addModel($rdfanswer);
#Now perform the query on the small model to find a constant for the remaining queries
#list($data,$discovered, $discoveredData,$queryModel) = executeQuery($queryModel,$sparql_triple,$discovered,$format);
}
}
}
}
}
}
##Get the data from the file
##Now, add the dictionary data
if ($complete) {
include_once S3DB_SERVER_ROOT . '/s3dbcore/dictionary.php';
$s3qlN = compact('user_id', 'db');
$s3qlN['from'] = 'link';
$s3qlN['format'] = 'php';
$links = query_user_dictionaries($s3qlN, $db, $user_id);
$links = unserialize($links);
$rdf_results['E'][0] = $links;
$s3qlN = compact('user_id', 'db');
$s3qlN['from'] = 'namespaces';
$s3qlN['format'] = 'php';
$ns = query_user_dictionaries($s3qlN, $db, $user_id);
$ns = unserialize($ns);
if ($timer) {
$timer->setMarker('Dictionary links retrieved');
}
}
##Convert the result into an RDF file
$data_triples = array();
if (is_array($rdf_results)) {
foreach ($rdf_results as $letter => $results2rdfize) {
$dont_skip_core_name = false;
$dont_skip_serialized = true;
if (ereg('S', $letter)) {
$dont_skip_serialized = false;
}
if (ereg('C|R|P', $letter)) {
$dont_skip_core_name = true;
}
foreach ($results2rdfize as $k => $data) {
$tmp_triples = rdf_encode($data, $letter, 'array', $s3ql['db'], $ns, $collected_data, $dont_skip_serialized, $dont_skip_core_name);
if (is_array($tmp_triples)) {
$data_triples = array_merge($data_triples, $tmp_triples);
}
}
}
}
if (!empty($data_triples)) {
$tmp['ns'] = $prefixes;
/*
#this one for turtle
$parser = ARC2::getComponent('TurtleParser', $a);
$index = ARC2::getSimpleIndex($triples, false) ; # false -> non-flat version
$rdf_doc = $parser->toTurtle($index,$prefixes);
*/
$parser = ARC2::getComponent('RDFXMLParser', $tmp);
$index = ARC2::getSimpleIndex($data_triples, false);
/* false -> non-flat version */
$rdf_doc = $parser->toRDFXML($index, $prefixes);
$filename = S3DB_SERVER_ROOT . '/tmp/' . random_string(15) . '.rdf';
$rr = fopen($filename, 'a+');
fwrite($rr, $rdf_doc);
fclose($rr);
if ($timer) {
$timer->setMarker(count($data_triples) . ' triples written to file ' . $filename);
}
##The better strategy would be to let the client cpu resolve the query; return the graphs with the rdf so that a sparql on the client can handle it
if ($return_file_name) {
if (filesize($filename) > 0) {
return array(true, $filename);
} else {
return array(false);
}
exit;
}
if ($redirect) {
##And now use an external service ( I gave up with ARC) to parse the query
$url2search = str_replace(S3DB_SERVER_ROOT, S3DB_URI_BASE, $filename);
##Giving up on ARC, surrender to sparql.com
$remote_endpoint = "http://sparql.org/sparql?query=";
$bq = ereg_replace("FROM <.*>", "FROM <" . $url2search . ">", $bq);
$bq = urlencode($bq);
$remote_endpoint .= $bq . '&default-graph-uri=&stylesheet=/xml-to-html.xsl';
return array(true, $remote_endpoint);
}
#echo $filename;exit;
#And finally perform the query on the model.
$queryModel = rdf2php($filename);
$format = $in['format'] != '' ? $in['format'] : 'html';
unlink($filename);
if ($timer) {
$timer->setMarker('Data converted to a model the rdf-api can query');
}
if (eregi('^(sparql-xml|sparql-html)$', $format)) {
switch ($format) {
case 'sparql-xml':
$result = $queryModel->sparqlQuery($sparql, 'XML');
break;
case 'sparql-html':
$result = $queryModel->sparqlQuery($sparql, 'HTML');
if ($_REQUEST['su3d']) {
$timer->stop();
$profiling = $timer->getProfiling();
echo "Query took " . $profiling[count($profiling) - 1]['total'] . ' sec';
}
break;
}
if ($result) {
return array(true, $result);
} else {
return false;
}
} elseif ($format == 'html.form') {
$form .= '
<html>
<head>
</head><body>
<form method="GET" action="sparql.php" id="sparqlform">
<h5>Target Deployment(s)</h5>
<input type="hidden" name="key" value="' . $s3ql['key'] . '"/>
<input type="hidden" name="format" value="' . $_REQUEST['format'] . '"/>
<input type = "text" id="url" size = "100%" value="' . $GLOBALS['url'] . '" name="url">
<h5>SPARQL <a href="http://www.w3.org/TR/rdf-sparql-query/" target="_blank">(help!!)</a></h5>
<br />
<textarea cols="100" id="sparql" rows="10" name = "query">' . stripslashes($sparql) . '</textarea><br />
<input type="submit" value="SPARQL this!" id="submitsparql"></body>
</form>
';
$form .= '<br />' . count($data) . " rows";
$form .= '<br />Query took ' . (strtotime(date('His')) - $start) . ' sec';
if (count($data) > 0) {
return array(true, $form);
} else {
return array(false);
}
} else {
#and output the result according to requested format
$data = $queryModel->sparqlQuery($sparql);
if ($timer) {
$timer->setMarker('Query on SPARQL data executed by rdf-api.');
}
if (is_array($outputCols) && !empty($outputCols)) {
##only this one are to be shown in the final result
$vars = $outputCols;
}
$cleanCols = array();
foreach ($vars as $varname) {
$cleanCols[] = ereg_replace('^\\?', '', $varname);
}
$outputData = array();
if (is_array($data)) {
foreach ($data as $s => $sparql_line) {
foreach ($sparql_line as $sparql_var => $sparql_var_value) {
if ($sparql_var_value->uri != '') {
$outputData[$s][ereg_replace('^\\?', '', $sparql_var)] = $sparql_var_value->uri;
} elseif ($sparql_var_value->label != '') {
$outputData[$s][ereg_replace('^\\?', '', $sparql_var)] = $sparql_var_value->label;
} else {
$outputData[$s][ereg_replace('^\\?', '', $sparql_var)] = "";
}
}
}
}
if ($timer) {
$timer->setMarker('Data converted in a format that fun outputformat can read');
}
#$timer ->display();
#root is just the word that xml should parse as the root for each entry
$root = 'sparql';
if ($timer) {
$timer->setMarker('All variables fitted into their places to represent in the final output');
}
$data = $outputData;
$cols = $cleanCols;
if ($_REQUEST['su3d']) {
$timer->stop();
$profiling = $timer->getProfiling();
echo "Query took " . $profiling[count($profiling) - 1]['total'] . ' sec<br>';
}
$z = compact('data', 'cols', 'format', 'root');
$out = outputFormat($z);
echo $out;
exit;
if (count($data) > 0) {
return array(true, $out);
} else {
return array(false);
}
}
} else {
return array(false);
}
#else {
#$out= formatReturn($GLOBALS['error_codes']['no_results'], 'Your query did not return any results.', $format,'');
#}
}
if ($format == '') {
$format = 'html';
}
#if a key has been provided, validate the key
include_once 'core.header.php';
include_once S3DB_SERVER_ROOT . '/s3dbcore/api.php';
include_once S3DB_SERVER_ROOT . '/s3dbcore/dictionary.php';
##Example insert query
#$q['from']='namespace';
#$q['where']['qname']='mged';
#$q['where']['URL']='http://mged.sourceforge.net/ontologies/MGEDOntology.1.3.0.1.owl';
#$s3ql['from'] = 'link';
#$s3ql['where']['URI']='I11206';
#$s3ql['where']['relation']='rdfs:seeAlso';
#$s3ql['where']['value']='mged:array';
if (!$_REQUEST['query']) {
$s3ql = compact('user_id', 'db');
$s3ql['from'] = 'link';
}
#now, if query is not empyt, read it, parse it, interpret it.
if ($_REQUEST['query']) {
$query = $_REQUEST['query'];
$q = compact('query', 'format', 'key', 'user_proj', 'user_id', 'db');
$s3ql = parse_xml_query($q);
##now interpret the query
$s3ql['db'] = $db;
$s3ql['user_id'] = $user_id;
$s3ql['format'] = $format;
}
$msg = query_user_dictionaries($s3ql, $db, $user_id, $format);
echo $msg;
function outputFormat($z)
{
##$z = compact('data','cols', 'format');
extract($z);
if (!ereg('json|php|xml|rdf|n3|sif|turtle', $format)) {
if ($format == 'html.pretty') {
$format = 'html';
echo '<script type="text/javascript">
<!--
function paintRows(){
lines = document.getElementsByTagName(\'tr\');
lines[0].setAttribute("style", "font-weight: bold");
for (i=0; i<lines.length; i=i+2) {lines[i].style.backgroundColor = \'#CCFFFF\'}
for (i=1; i<lines.length; i=i+2)
{lines[i].style.backgroundColor = \'#FFFFFF\'};
}
//-->
</script>';
echo '<body onload = paintRows()>';
} elseif (ereg('html.(.*)', $format, $css)) {
$format = 'html';
$style = @stream_get_contents(@fopen($css[1], 'r'));
echo '<style type="text/css">';
echo $style;
echo '</style>';
}
$format = get_parser_characters($format);
#Fetch the cols of what is to be returned
if ($s3ql['select'] != '') {
$P['out'] = urldecode($s3ql['select']);
$P['SQLfun'] = ereg_replace("\\(.*\\)", "", $P['out']);
if ($P['out'] == $P['SQLfun']) {
$P['SQLfun'] = '';
}
}
#else {
# $P['out'] = implode(',',array_keys($data[0]));
#}
#After the query, resume the cols that are supposed to be displayed. Remove the sensitivy cols that should not be displayed
if ($P['out'] != '' && $P['out'] != '*') {
if ($P['SQLfun'] == 'distinct') {
$P['out'] = str_replace(array($P['SQLfun'], "(", ")"), "", $P['out']);
}
$cols = array_map('trimmit', explode(',', $P['out']));
}
#echo '<pre>';print_r($cols);exit;
$c = 0;
foreach ($cols as $i => $name) {
$pCol = $name;
#if($c==count($cols)-1)
if ($c < count($cols) - 1) {
$header .= trim($pCol) . $format['middle'];
} else {
$header .= trim($pCol);
}
$c++;
}
$x = array('data' => $data, 'format' => $format, 'header' => $header, 'columns' => $cols);
return display($x);
#exit;
} else {
#if dictionary is requested, get the namespaces
if ($namespaces_needed) {
$s3qlN = compact('user_id', 'db');
$s3qlN['from'] = 'namespaces';
$formatN = 'array';
$namespaces = query_user_dictionaries($s3qlN, $db, $user_id, $formatN);
if ($timer) {
$timer->setMarker('Namespaces retrieved');
}
}
if ($_REQUEST['out'] == 'header' || $format == 'json' && $_SERVER['HTTPS']) {
header("Pragma: public");
header("Expires: 0");
// set expiration time
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
#header("Content-Type: ".$ext."");
// use the Content-Disposition header to supply a recommended filename and
// force the browser to display the save dialog.
header("Content-Disposition: attachment; filename=s3db." . $format . "");
header("Content-Transfer-Encoding: binary");
}
if ($format == 'json') {
#$callback = ($_REQUEST['jsonp']=='')?'s3db_json':$_REQUEST['jsonp'];
$callback = $_REQUEST['jsonp'] == '' ? $_REQUEST['callback'] == '' ? 's3db_json' : $_REQUEST['callback'] : $_REQUEST['jsonp'];
$onLoad = $_REQUEST['onload'] == '' ? '' : '; ' . stripslashes($_REQUEST['onload']) . (ereg('\\(.*\\)', $_REQUEST['onload']) ? '' : '()');
$jsonpp = $_REQUEST['jsonpp'] == '' ? '' : ', "' . $_REQUEST['jsonpp'] . '"';
return $callback . '(' . json_encode($data) . $jsonpp . ')' . $onLoad;
exit;
} elseif ($format == 'php') {
return serialize($data);
#echo '$data = ';
#print_r($data);
exit;
} elseif ($format == 'xml') {
#header("Content-type: application/xml");
return xml_encode($data, $letter, $root, $namespaces);
exit;
} elseif (ereg('rdf|n3|turtle', $format)) {
if (!in_array(S3DB_SERVER_ROOT . '/rdfheader.inc.php', get_included_files())) {
include_once S3DB_SERVER_ROOT . '/rdfheader.inc.php';
}
return rdf_encode($data, $letter, $format, $db, $namespaces);
exit;
} elseif ($format == 'sif') {
return tab_encode($data, $returnFields);
exit;
}
}
if (is_array($s3qlOut) && !empty($s3qlOut)) {
#this menas data was removed
return formatReturn($GLOBALS['error_codes']['no_permission_message'], "User does not have permission to access resource(s)", $s3ql['format']);
}
}
function selectQuery($D)
{
global $timer;
extract($D);
if ($s3ql['from'] == 'deployment') {
$data[0] = array('mothership' => $GLOBALS['s3db_info']['deployment']['mothership'], 'deployment_id' => $GLOBALS['s3db_info']['deployment']['Did'], 'self' => '1', 'description' => $GLOBALS['s3db_info']['server']['site_intro'], 'url' => S3DB_URI_BASE, 'message' => 'Successfully connected to deployment ' . $GLOBALS['s3db_info']['deployment']['Did'] . '. Please provice a key to query the data (for example: ' . ($_SERVER['https'] == 'on' ? 'https://' : 'http://') . $def . S3DB_URI_BASE . '/URI.php?key=xxxxxxxx. For syntax specification and instructions refer to http://s3db.org/');
#return $data;
}
#echo '<pre>';print_r($s3ql);
if (in_array($s3ql['from'], array_keys($GLOBALS['plurals']))) {
$s3ql['from'] = $GLOBALS['plurals'][$s3ql['from']];
}
#echo '<pre>';print_r($s3ql);exit;
if ($s3ql['from'] == 'classes') {
$s3ql['from'] = 'collections';
}
if ($s3ql['from'] == 'instances') {
$s3ql['from'] = 'items';
}
if ($s3ql['from'] == 'keys' && $_SESSION['db'] == '') {
return formatReturn($GLOBALS['error_codes']['not_a_query'], 'Access keys cannot be queried in the API.', $s3ql['format'], '');
exit;
}
if (eregi('^t', $s3ql['shared'])) {
$shared = true;
#shared being set to true will tell s3ql that he should not only retrieved uid native to the upstream resource being queried, but those that propagate toward it
$s3ql = array_delete($s3ql, 'shared');
}
if ($s3ql['from'] == 'permission' && $user_id != 1) {
return formatReturn($GLOBALS['error_codes']['no_permission_message'], 'User cannot query permissions.', $s3ql['format'], '');
exit;
}
if (eregi('^t', $s3ql['shared'])) {
$shared = true;
#shared being set to true will tell s3ql that he should not only retrieved uid native to the upstream resource being queried, but those that propagate toward it
$s3ql = array_delete($s3ql, 'shared');
}
if (eregi('complete', $s3ql['display'])) {
$complete = true;
#complete will tell s3ql that dictionary terms should be added to the output
$s3ql = array_delete($s3ql, 'display');
}
$target = $s3ql['from'];
$letter = strtoupper(substr($s3ql['from'], 0, 1));
$table = strval($target);
$element = $target;
$cols = $GLOBALS['dbstruct'][$target];
$element_id = $s3ql['where'][$GLOBALS['s3ids'][$element]];
if ($table != '' && !in_array($table, array_keys($GLOBALS['dbstruct']))) {
return formatReturn($GLOBALS['error_codes']['not_a_query'], 'Not a valid query.', '', $s3ql['format']);
}
#manage data in select
#echo '<pre>';print_r($s3ql);
#array_keys contains the things to replace and array_values the replacements
if ($s3ql['select'] != '' && $s3ql['select'] != '*') {
$s3ql_out = ereg_replace(' ', '', $s3ql['select']);
#take out all the spaces
$returnFields = explode(',', $s3ql_out);
if (!ereg($GLOBALS['s3ids'][$element], $s3ql['select'])) {
if (ereg('count|max|min', $s3ql['select'])) {
$SQLfun = ereg_replace("\\(.*\\)", "", $select);
$SQLfun = ereg_replace("count as count", "count", $SQLfun);
$s3ql['select'] = '*';
} else {
$s3ql['select'] .= ',' . $GLOBALS['s3ids'][$element];
}
}
##Because of the new code, will also have to add the parent ids to the query
#$parents = $GLOBALS['inherit'][$GLOBALS['s3ids'][$element]];
$parents = $GLOBALS['inherit'][$GLOBALS['COREids'][$GLOBALS['singulars'][$element]]];
##duuuhhh
if (is_array($parents)) {
foreach ($parents as $p) {
if (!in_array($p, $returnFields)) {
$s3ql['select'] .= ',' . str_replace($toreplace, $replacements, $p);
}
}
}
} else {
$s3ql['select'] = '*';
}
#echo $s3ql['select'];exit;
#echo '<pre>';print_r($s3ql);exit;
$toreplace = array_keys($GLOBALS['s3map'][$target]);
$replacements = array_values($GLOBALS['s3map'][$target]);
#to replace query str with replacements, remove the spaces and explode by commas
$select = explode(',', str_replace(' ', '', $s3ql['select']));
foreach ($select as $s_key => $str_select) {
if (in_array($str_select, $toreplace)) {
$select[$s_key] = $replacements[array_search($str_select, $toreplace)];
}
}
#echo '<pre>';print_r($select);exit;
$s3ql['select'] = implode(',', array_unique($select));
#$s3ql['select'] = str_replace($toreplace, $replacements, $s3ql['select']);
#echo '<pre>';print_r($s3ql['select']);
$select = urldecode($s3ql['select']);
$select = eregi_replace('uid', $GLOBALS['s3ids'][$element] . ' as uid', $select);
$select = eregi_replace('uri', $GLOBALS['s3ids'][$element] . ' as uri', $select);
$select = eregi_replace('(,).*permissionOnResource', '', $select);
#echo $P['out'].$P['SQLfun'];
if ($select == $SQLfun) {
$SQLfun = '';
}
#$s3ql_where_keys = str_replace(array('item_id', 'collection_id'), array('instance_id', 'class_id'), array_keys($s3ql['where']));
#$s3ql['where'] = array_combine($s3ql_where_keys, $s3ql['where']);
#transofrmt s3ql and get the return Fields
$tranformed = S3QLselectTransform(compact('s3ql', 'db', 'user_id'));
extract($tranformed);
#anything that is queried must also go come out in the select
if ($s3ql['where'] && $select != '*') {
foreach ($s3ql['where'] as $more_outputs => $more_value) {
if (!substr($select, $more_outputs)) {
$select .= "," . str_replace($toreplace, $replacements, $more_outputs);
}
}
}
##for statements, select must find file_name a well so that it is transofmred into a link
if ($letter == 'S' && !ereg('file_name', $select)) {
$select .= ',file_name';
}
$s3ql['select'] = $select;
if ($timer) {
$timer->setMarker('queryInterpreted');
}
#If there is any sort of S3 UID in the query, check its score when compared to the from
$score = array('D' => '7', 'G' => '6', 'U' => '5', 'P' => '4', 'C' => '3', 'R' => '3', 'I' => '2', 'S' => '1');
$fromScore = $score[strtoupper(substr($target, 0, 1))];
$s3Ids = array_merge($GLOBALS['COREids'], array('rulelog' => 'rule_id', 'statementlog' => 'statement_id'));
#echo '<pre>';print_r($s3ql);
$shared_with_query = array();
foreach ($s3Ids as $COREelement => $COREelement_id) {
if ($s3ql['where'][$COREelement_id] != '' && !ereg('^~|regexp', $s3ql['where'][$COREelement_id])) {
$id_name = $COREelement_id;
$id_letter = strtoupper(substr($id_name, 0, 1));
$whereScore[strtoupper(substr($id_name, 0, 1)) . $s3ql['where'][$COREelement_id]] = $score[strtoupper(substr($id_name, 0, 1))];
#when idNameScore is < $fromScore, then we know: we are trying to query all resources that can view another particular resource (for example,all users that can view project x
#echo $id_name;exit;
$uid = strtoupper(substr($COREelement, 0, 1)) . $s3ql['where'][$COREelement_id];
$uid_info = uid($uid);
#Use URIinfo to find all data about this resource
$element_info = URIinfo($uid, $user_id, $key, $db, $timer);
$WhereInfo[$uid_info['uid']] = $element_info;
if (!is_array($element_info)) {
return formatReturn($GLOBALS['error_codes']['something_does_not_exist'], $uid . ' does not exist', $s3ql['format'], '');
exit;
} elseif ($id_letter != strtoupper(substr($element, 0, 1))) {
##Shared_with is any UID that can eb shared with any of the elements being requested (for example, Collection_id is shared_with Project, but Project_id is not shared with Project
array_push($shared_with_query, $uid);
#do permissions on this uid propagate?
#echo '<pre>';print_r($whereScore);exit;
} else {
$self_id = $s3ql['where'][$COREelement_id];
if (!$element_info['view']) {
return formatReturn($GLOBALS['error_codes']['no_permission_message'], 'User does not have permission on ' . $uid, $s3ql['format'], '');
exit;
}
}
}
}
#echo '<pre>';print_r($WhereInfo);exit;
if ($self_id != '') {
$data[0] = $element_info;
if (ereg('^(U|G)$', $letter) && count($WhereInfo) == 2) {
$whereId = array_diff(array_keys($WhereInfo), array($letter . $self_id));
$D = array('shared_with' => $letter . $self_id, 'uid' => $whereId[0], 'strictsharedwith' => 1, 'strictuid' => 1, 'db' => $db, 'user_id' => $user_id, 'stream' => 'upstream', 'timer' => $timer);
##Look for shared_with in uid instead of uid in shared_with
#echo 'ola';exit;
#$data[0]['permissionOnResource']=permission4Resource($D);
$p = array('shared_with' => $letter . $self_id, 'uid' => $whereId[0]);
$hasP = has_permission($p, $db);
$effective_permission_resource = permission4resource(array('user_id' => $self_id, 'shared_with' => $letter . $self_id, 'db' => $db, 'uid' => $whereId[0], 'strictsharedwith' => 1, 'strictuid' => 1, 'timer' => $timer, 'toFindInfo' => $WhereInfo[$whereId[0]]));
if ($hasP || $effective_permission_resource != '') {
$data[0]['permissionOnResource'] = $effective_permission_resource;
$data[0]['assigned_permissionOnEntity'] = $hasP != "" ? $hasP : '---';
$data[0]['effective_permissionOnEntity'] = $effective_permission_resource;
} else {
return array();
}
}
} else {
#echo 'ola';exit;
#start building the query:
$user_query = "select " . $select . " from s3db_" . $GLOBALS['s3tables'][$table];
if (!user_is_admin($user_id, $db)) {
$cols = array_diff($cols, array('account_pwd', 'account_phone', 'account_email', 'project_folder'));
}
#remove a few cols from query
if ($timer) {
$timer->setMarker('user is admin check');
}
#echo $user_id;exit;
## echo $user_query;exit;
#now add some constrains necessary due to the type of resource
if (!(user_is_admin($user_id, $db) && $s3ql['where']['status'] == 'I')) {
if (ereg('projects|classes|instances|rules|statements', $target)) {
$status = "status!='I' and ";
}
}
$user_query_const .= " where " . $status . $GLOBALS['s3ids'][$target] . "!='0'";
###
#Filter query according to the element being requested
$user_query_const .= filterByElement($s3ql, $user_id, $db);
if ($user_query_const) {
$user_query .= $user_query_const;
} else {
exit;
}
if ($timer) {
$timer->setMarker('query filter');
}
if ($shared && !empty($shared_with_query) && strtoupper(substr($target, 0, 1)) != 'U') {
#the "shared with" are the upstream resources being queried. These may or not be in the permissions table (if the are remote). This basically finds not only elements that were created within a certain uid (for example Ix of Cx), but those that were later shared with that uid (for example Iy created within Cy but later shared with Iy)
$uidQuery = simpleQueryUID($shared_with_query, $element, $db);
if ($uidQuery) {
extract($uidQuery);
if (!ereg('G', $letter)) {
#query groups has a special syntax, it is already included in the query
$user_query .= $finalUID;
}
##IS IT INCREASING THE QUERY TIME ABSURDELLY?
}
#else { #Go on with the regular query
# return formatReturn($GLOBALS['error_codes']['no_results'], 'Your query on '.$target.' did not return any results', $format,'');
# }
if ($timer) {
$timer->setMarker('Query to find shared UID');
}
}
#now constrainthe query to resources that user cann access. Check for inherited permissions and direct permissions. Project is connected to deployment, rule and class to project, and so on. (see S3DB third report for the schema)
#Fetch the cols of what is to be returned. Check for SqL functions. This will only affect the output
if ($s3ql['select'] != '') {
$out = urldecode($s3ql['select']);
$SQLfun = ereg_replace("\\(.*\\)", "", $out);
$SQLfun = ereg_replace("count as count", "count", $SQLfun);
$P['out'] . $P['SQLfun'];
if ($out == $SQLfun) {
$SQLfun = '';
} else {
$extracol = $out;
}
}
#echo $SQLfun;
#Extract from the s3ql the value that are part of the syntax and assume the rest are the SQL extras (limit, creted_by, etc)
$syntax = array('key', 'select', 'from', 'where', 'format');
foreach ($s3ql as $i => $value) {
if (!in_array($i, $syntax) && $value != '') {
$SQLextra[$i] = ' ' . ereg_replace('_', ' ', $i) . ' ' . $value;
}
}
#echo '<pre>';print_r($SQLextra);exit;
#if there is orderby, move to the beginnign of the array
if ($SQLextra['order_by'] != '') {
$SQLextra = array_merge(array('order_by' => $SQLextra['order_by']), $SQLextra);
}
if (is_array($SQLextra)) {
foreach ($SQLextra as $key => $value) {
$query_extra .= $value;
}
}
#Put in $P the values of what is queried, add to cols, if not already there, whatever is queried. Check if there are regular expressions anywhere. equalit will be replace by the regular expression
$cols = $GLOBALS['dbstruct'][$table];
foreach ($cols as $col) {
if ($s3ql['where'][$col] != '') {
if (!in_array($col, $GLOBALS['COREids']) && $col != $GLOBALS['COREids'][$element]) {
$user_query_fields .= ' and ' . $col . ' ' . parse_regexp($s3ql['where'][$col]);
}
$P[$col] = parse_regexp($s3ql['where'][$col]);
}
}
#when the default query is performed, that is, not shared ids are requested, the query is faster is core_id are added
if (!$shared) {
if (is_array($s3ql['where']) && !empty($s3ql['where'])) {
foreach ($s3ql['where'] as $q_field => $q_value) {
if (in_array($q_field, $GLOBALS['COREids']) || $q_field == $GLOBALS['COREids'][$element]) {
$sql_col = str_replace($toreplace, $replacements, $q_field);
if (!ereg('U|G', $letter)) {
## Users and groups do not have the reousrce in the users table
$user_query_fields .= ' and ' . $sql_col . ' ' . parse_regexp($q_value);
} else {
#Because users queries do not include the parent_id in the talbe itself, they will involve a query in perm table
#$u_uid=letter($q_field).$q_value;
}
}
}
}
}
#glue them together.
$user_query .= $user_query_fields . $query_extra;
if ($timer) {
$timer->setMarker('done building query');
}
###Finally perform the query on whatever table is specified
#$user_query = "select * from s3db_resource where resource_class_id = '389';";
#if($_REQUEST['su3d']){
#echo $user_query;
#$timer->display();
#exit;
#}
##run it
#complete query on LOCAL resources
$db->query($user_query, __LINE__, __FILE__);
$dbdata = get_object_vars($db);
if ($timer) {
$timer->setMarker('done with query');
}
if ($dbdata['Errno'] != '0') {
return formatReturn($GLOBALS['error_codes']['something_went_wrong'], $dbdata['Error'], $format, '');
}
#put it in a nice structured variable
$cols = $GLOBALS['dbstruct'][$target];
if (is_array($returnFields) && $extracol == '') {
$cols = array_unique(array_merge($cols, $returnFields));
}
#echo '<pre>';print_r($cols);
while ($db->next_record()) {
#echo '<pre>';print_r($db);
$resultStr .= "\$data[] = Array(";
if ($extracol != '') {
$resultStr .= "'" . $extracol . "'=>'" . $db->f($SQLfun) . "',";
}
foreach ($cols as $col) {
$resultStr .= "'" . $col . "'=>'" . addslashes($db->f($col)) . "'";
if ($col != end($cols)) {
$resultStr .= ",";
}
if ($col == $GLOBALS['s3ids'][$target]) {
$retrieved['ids_str'] .= $retrieved['ids_str'] == '' ? $db->f($col) : '|' . $db->f($col);
}
}
$resultStr .= ");";
}
#echo $resultStr;
#evaluate the long string
eval($resultStr);
if (is_array($data)) {
$data = array_filter($data);
}
if ($timer) {
$timer->setMarker('query results captured');
}
#more often than not, a query is made that retrieves all rules/collection data; this data can be reused for permission migration
if ($user_query_fields == "" && $SQLextra == "") {
$all_data[letter($target)] = $data;
}
#BEFORE outputting data, are there any remote resources where the user is allowed?
$ucode = strtoupper(substr($element, 0, 1));
$ucode_and_id = $ucode . $element_id;
##Added ability to search locally on april 15 2008 to optimize queries
###Added ability to seeek permissions from file on jan 12 2009 to speed permissiosn query
if (!ereg('users|groups|projects|keys|rulelog|statementlog|permission', $s3ql['from']) && !ereg('true|1', $s3ql['where']['local'])) {
#REMOTE USERS< GROUPS< PROJECTS ARE INSERTED INTO DEPLOYMENT,M NO NEED TO FIND THEM AGAIN
##Added ability to search locally on april 15 to optimize queries
###Added ability to seeek permissions from file on jan 12 2009 to speed permissiosn query
list($remoteIDS, $local_not_native) = remotePermissions(compact('s3ql', 'self_id', 'uidQuery', 'permissionsQuery', 'user_id', 'db', 'timer', 'shared_with_query', 'user_self_query', 'letter'));
if ($timer) {
$timer->setMarker('remote permisions queried');
}
##NOTE: Local_not_native data need to be retrieve as well
if (is_array($remoteIDS) && !empty($remoteIDS)) {
foreach ($remoteIDS as $rem_id) {
#$rem_uid = substr($rem_id['uid'],1,strlen($rem_id['uid']));
$rem_uid = $rem_id['uid'];
$rem_resource_data = URIinfo($rem_uid, $user_id, $s3ql['key'], $db);
#echo '<pre>';print_r($rem_resource_data);exit;
if (is_array($rem_resource_data)) {
$rem_resource_data['shared_with'] = $rem_id['shared_with'];
$rem_resource_data['uid'] = $rem_id['uid'];
$rem_resource_data['permission_level'] = $rem_id['permission_level'];
}
#echo '<pre>';print_r($rem_resource_data);exit;
#concatenate them in the results; THIS SHOWS ONLY REMOTE RESOURCES THAT ARE AVAILABLE AT THE MOMENT!
if (is_array($s3ql['where'])) {
foreach ($s3ql['where'] as $query_field => $query_value) {
if ($query_value != $rem_resource_data[$query_field]) {
if (!in_array($query_field, $GLOBALS['COREids'])) {
$rem_resource_data = array();
}
}
}
}
if (is_array($data) && is_array($rem_resource_data)) {
array_push($data, $rem_resource_data);
} elseif (is_array($rem_resource_data) && !empty($rem_resource_data)) {
$data[] = $rem_resource_data;
}
}
if ($timer) {
$timer->setMarker('Remote data retrieved');
}
}
}
if (is_array($data)) {
$data = array_filter($data);
}
#now we're ready to display the data
$pack = compact('data', 'whereScore', 'WhereInfo', 'fromScore', 's3ql', 'key', 'target', 'db', 'user_id', 'cols', 'returnFields', 's3ql_out', 'target', 'uidQuery', 'timer', 'shared_with_query', 'all_data', 'letter', 'model');
if (!ereg('keys|accesslog|rulelog|statementlog|permission', $s3ql['from'])) {
$data = includeAllData($pack);
}
}
##if complete was requested, let's retrieve every link and distribute accordingly rather that querying by uid, would would take much longer
if ($complete) {
$alluid = array();
foreach ($data as $kuid => $data_info) {
array_push($alluid, $letter . $data_info[$GLOBALS['s3ids'][$element]]);
}
include_once S3DB_SERVER_ROOT . '/s3dbcore/dictionary.php';
$s3qlL = compact('user_id', 'db');
$s3qlL['from'] = 'links';
$formatL = 'array';
$links = query_user_dictionaries($s3qlL, $db, $user_id, $formatL);
if (is_array($links) && !empty($links)) {
foreach ($links as $moreData) {
if ($moreData['uid'] != '') {
$foundIt = array_search($moreData['uid'], $alluid);
if ($foundIt) {
$data[$foundIt]['links'][$moreData['relation']] = $moreData['value'];
}
#$data[$moreData['uid']]['links'][$moreData['relation']]=$moreData['value'];
}
}
}
if ($timer) {
$timer->setMarker('Dictionary data included!');
}
}
if (is_array($data) && !empty($data)) {
$data = array_combine(range(0, count($data) - 1), $data);
return $data;
} else {
#$emptycols = array(array_combine($cols, array_fill(1,count($cols), '')));
#echo '<pre>';print_r($emptycols);exit;
return array();
#return formatReturn($GLOBALS['error_codes']['no_results'], 'Your query returned no results', $format,'');
}
}
