/**
* Check if a row is owned by a user
*
* Abstracts the //owned by// operation. It works properly also on
* missing info and fully supports the "ownership_expiration" property.
*
* @param array &$row The subject row
* @param int|null $user A user id or null to use the logged user
* @return bool true if $row is owned by $user, false if it is
* not owned, null on errors
* @internal
*/
private function _isOwner(&$row, $user = null)
{
if (!array_key_exists($this->owner_field, $row)) {
// No owner field found: error
return null;
}
isset($user) || ($user = TIP::getUserId());
if ($row[$this->owner_field] != $user) {
// Owner and user do not match: return "not owned row" condition
return false;
}
if ($this->privilege == TIP_PRIVILEGE_MANAGER || $this->privilege == TIP_PRIVILEGE_ADMIN || is_null($this->ownership_expiration)) {
// Ownership does not expire: return "owned row" condition
return true;
}
if (!array_key_exists($this->creation_field, $row)) {
// Ownership expiration set but creation field not found: error
return null;
}
// Check if the ownership expired
$creation = TIP::getTimestamp($row[$this->creation_field], 'sql');
if (is_null($creation)) {
// TIP::getTimestamp() failed: error
return null;
}
$expiration = strtotime($this->ownership_expiration, $creation);
if ($expiration === false) {
// strtotime() failed (wrong expiration format?): error
return null;
}
// The row is owned only if now is before the expiration time
return time() < $expiration;
}
/**
* The "main" function
*
* The starting point of the TIP system. This must be called somewhere from
* your index.php.
*/
public function go()
{
// Configure the locale
$locale_module = $this->shared_modules['locale'];
if (TIP::setLocaleId(TIP::getOption($locale_module, 'locale'))) {
date_default_timezone_set(TIP::getOption($locale_module, 'timezone'));
}
// Executes the action
if ($this->_request['module'] && $this->_request['action']) {
if (is_null($module =& TIP_Type::getInstance($this->_request['module'], false))) {
TIP::notifyError('module');
} else {
if (isset($this->_request['id'])) {
// Now the module is loaded: force id type casting
$id_type = $module->getProperty('id_type');
isset($id_type) || ($id_type = 'integer');
settype($this->_request['id'], $id_type);
$this->keys['ID'] = $this->_request['id'];
}
if (is_null($module->callAction($this->_request['action']))) {
TIP::notifyError(is_null(TIP::getUserId()) ? 'reserved' : 'denied');
}
}
} elseif ($this->_request['module']) {
TIP::notifyError('noaction');
} elseif ($this->_request['action']) {
TIP::notifyError('nomodule');
} elseif (TIP_AHAH) {
// AHAH request without module/action specified: perform a test
$this->content = "<pre>\n" . TIP::toHtml(print_r($_SERVER, true)) . "\n</pre>\n";
}
if (TIP_AHAH) {
// AHAH request: output the page and return
header('Content-Type: application/xml');
echo $this->content;
return;
}
// Generates the page: body must be called before the head because
// some head tags can be modified by body templates
$body = $this->tagRun($this->body_template);
echo str_replace('{locale}', TIP::getLocaleId('-'), $this->incipit);
$this->run($this->head_template);
echo $body . $this->explicit;
$this->_session_started && HTTP_Session2::pause();
}
/**
* Check if $params is the current user id
*
* Expands to true if the current logged-in user id equals to $params or
* false otherwise.
*/
protected function tagIs($params)
{
return (int) $params === TIP::getUserId() ? 'true' : 'false';
}
/**
* Add automatic defaults to $this->_defaults
*/
private function _addAutomaticDefaults()
{
if (array_key_exists('_user', $this->fields)) {
$this->_defaults['_user'] = TIP::getUserId();
}
}
/**
* Append a log
*
* Appends a log message to the data source of the logger object.
*
* @param string $severity The text of the log
* @param string $message A custom message
*/
public function log($severity, $message)
{
static $running = false;
// The running flag avoid recursive calls to log()
if ($running) {
return false;
} else {
$running = true;
}
// Generate the backtrace
$bt = debug_backtrace();
// Carefully scans the backtrace to find useful informations
// and store them in the $code array
$code = array('origin' => '', 'tag' => '', 'action' => '', 'template' => '', 'data' => '');
foreach ($bt as $n => $trace) {
$function = isset($trace['function']) ? strtolower($trace['function']) : '';
if (!isset($code['origin'])) {
// Skip the log wrappers
if ($function == 'log' || $function == 'warning' || $function == 'error' || $function == 'fatal') {
continue;
}
$code['origin'] = "{$trace['file']} on line {$trace['line']}";
}
if ($function == 'gettag') {
if (!array_key_exists('tag', $code)) {
$module = $trace['class'];
$name = $trace['args'][0];
$params = $trace['args'][1];
if (strlen($params) > 80) {
$params = substr($params, 0, 77) . '...';
}
$code['tag'] = "{$module}::getTag({$name}, {$params})";
}
continue;
} elseif ($function == 'callaction') {
if (!array_key_exists('action', $code)) {
$module = $trace['class'];
$action = $trace['args'][0];
$code['action'] = "{$module}::callAction({$action})";
}
continue;
}
$class = isset($trace['class']) ? strtolower($trace['class']) : '';
if ($class == 'tip_template') {
if (!array_key_exists('template', $code)) {
$last =& $bt[$n - 1];
if (is_object($last['args'][0])) {
$template =& $last['args'][0];
$method = $last['function'];
$code['template'] = "{$template} on method {$method}";
}
}
continue;
} elseif ($class == 'tip_data') {
if (!array_key_exists('data', $code)) {
$last =& $bt[$n - 1];
if (is_object($last['args'][0])) {
$data =& $last['args'][0];
$method = $last['function'];
$code['data'] = "{$data} on method {$method}";
}
}
continue;
}
}
unset($bt);
$context = array('user' => TIP::getUserId(), 'when' => TIP::formatDate('datetime_sql'), 'severity' => $severity, 'message' => $message);
$this->_cache[] = array_merge($context, $code);
$running = false;
return true;
}
/**
* Refresh the current user
*
* Refreshes the user id cache of TIP::getUserId() and the privileges
* of the yet loaded module.
*/
private function _refreshUser()
{
// Refresh the new user id cache
TIP::getUserId(true);
// Refresh the privileges of the yet loaded modules
$this->_refreshModule(TIP_Type::singleton('module'));
}
/**
* Start the session
*/
public static function startSession()
{
require_once 'HTTP/Session2.php';
$user_id = TIP::getUserId();
if ($user_id) {
// For a logged in user, use the special TIP container
HTTP_Session2::useCookies(false);
HTTP_Session2::setContainer('TIP');
HTTP_Session2::start('TIP_Session', $user_id);
} else {
// For anonymous users, cookie with an automatic session id is used
HTTP_Session2::useCookies(true);
HTTP_Session2::start('TIP_Session');
}
HTTP_Session2::setExpire(time() + 3600 * 4);
if (HTTP_Session2::isExpired()) {
HTTP_Session2::destroy();
TIP::notifyInfo('session');
}
}
private function _getUser()
{
if (!array_key_exists('UID', $this->keys)) {
if (!is_null($user = $this->fromGet('id')) && $this->privilege < TIP_PRIVILEGE_MANAGER && $user == TIP::getUserId()) {
TIP::notifyError('denied');
$user = null;
}
$this->keys['UID'] = $user;
}
return $this->keys['UID'];
}
/**
* 'on_process' callback for flag actions
*
* Flags this row, that is set an enum "yes/no" field to "yes".
* The flagging operation can be useful, for instance, for
* signaling suspected content.
*
* @param array &$row The row to flag
* @return bool true on success or false on errors
*/
public function _onFlag(&$old_row)
{
if (!isset($this->flag_field)) {
// No flag field defined: silently returns true
return true;
}
$flagger = TIP::getUserId();
$flagged = @$old_row[$this->owner_field];
$row[$this->flag_field] = 'yes';
if (isset($this->flagger_field)) {
$row[$this->flagger_field] = $flagger;
}
if (isset($this->flagon_field)) {
$row[$this->flagon_field] = TIP::formatDate('datetime_sql');
}
if (!$this->data->updateRow($row, $old_row)) {
return false;
}
$user = TIP_Application::getSharedModule('user');
if (!$user) {
// User module not available: no statistic update required
return true;
}
// Update statistics of the flagging user
if (isset($flagger, $this->flaggee_field)) {
$user->increment($this->flaggee_field);
}
// Update statistics of the flagged user
if (isset($flagged, $this->flagged_field) && !is_null($view = $user->startDataView($user->getProperty('data')->rowFilter($flagged)))) {
$row = $view->current();
$user->endView();
if (!is_null($row)) {
$old_row = $row;
++$row[$this->flagged_field];
$user->getProperty('data')->updateRow($row, $old_row);
}
}
return true;
}
