public function writeToPersistence() { if (empty($this->uuid)) { $this->uuid = io::uuid(); } $fields = array('objectdefinition', 'codename', 'html', 'label', 'parameter', 'uuid'); $sql_fields = ''; foreach ($fields as $field) { $sql_fields .= empty($sql_fields) ? '' : ', '; $sql_fields .= $field . '_mood="' . CMS_query::echap($this->{$field}) . '"'; } if ($this->id) { $sql = 'UPDATE mod_object_oembed_definition SET ' . $sql_fields . ' WHERE id_mood = ' . $this->id; } else { $sql = 'INSERT INTO mod_object_oembed_definition SET ' . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Can't save object"); return false; } elseif (!$this->id) { $this->id = $q->getLastInsertedID(); } }
/** * Writes object into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { if (!$this->_objectValues["uuid"]) { $this->_objectValues["uuid"] = io::uuid(); } //save data $sql_fields = "\n\t\t\tobject_id_mowd='" . SensitiveIO::sanitizeSQLString($this->_objectValues["objectID"]) . "',\n\t\t\tlabel_id_mowd='" . SensitiveIO::sanitizeSQLString($this->_objectValues["labelID"]) . "',\n\t\t\tdescription_id_mowd='" . SensitiveIO::sanitizeSQLString($this->_objectValues["descriptionID"]) . "',\n\t\t\tquery_mowd='" . SensitiveIO::sanitizeSQLString(serialize($this->_objectValues["query"])) . "',\n\t\t\tdefinition_mowd='" . SensitiveIO::sanitizeSQLString($this->_objectValues["definition"]) . "',\n\t\t\tcompiled_definition_mowd='" . SensitiveIO::sanitizeSQLString($this->_objectValues["compiledDefinition"]) . "',\n\t\t\tuuid_mowd='" . SensitiveIO::sanitizeSQLString($this->_objectValues["uuid"]) . "'\n\t\t"; if ($this->_ID) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_object_plugin_definition\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_mowd='" . $this->_ID . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_object_plugin_definition\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Can't save object"); return false; } elseif (!$this->_ID) { $this->_ID = $q->getLastInsertedID(); } //Clear polymod cache //CMS_cache::clearTypeCacheByMetas('polymod', array('module' => CMS_poly_object_catalog::getModuleCodenameForObjectType($this->getValue('objectID')))); CMS_cache::clearTypeCache('polymod'); //unset polymod structure in cache CMS_cache::clearTypeCache('atm-polymod-structure'); return true; }
/** * Writes the resource into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $this->_status->writeToPersistence(); $sql_fields = "\n\t\t\tstatus_res='" . $this->_status->getID() . "',\n\t\t\teditorsStack_res='" . SensitiveIO::sanitizeSQLString($this->_editors->getTextDefinition()) . "'\n\t\t"; if ($this->_id) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tresources\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_res='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tresources\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } return true; }
/** * Writes the page into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { parent::writeToPersistence(); $isNew = $this->_pageID === NULL; // Inform modules of the page creation $modules = CMS_modulesCatalog::getAll('id'); foreach ($modules as $codename => $module) { if (method_exists($module, 'pagePreSave')) { $module->pagePreSave($this, $isNew); } } //save page data $sql_fields = "\n\t\t\tresource_pag='" . parent::getID() . "',\n\t\t\tremindedEditorsStack_pag='" . SensitiveIO::sanitizeSQLString($this->_remindedEditors->getTextDefinition()) . "',\n\t\t\tlastReminder_pag='" . $this->_lastReminder->getDBValue() . "',\n\t\t\ttemplate_pag='" . $this->_templateID . "',\n\t\t\tlastFileCreation_pag='" . $this->_lastFileCreation->getDBValue() . "',\n\t\t\turl_pag='" . SensitiveIO::sanitizeSQLString($this->_pageURL) . "',\n\t\t\tprotected_pag='" . ($this->_protected ? 1 : 0) . "',\n\t\t\thttps_pag='" . ($this->_https ? 1 : 0) . "'\n\t\t"; if ($this->_pageID) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tpages\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_pag='" . $this->_pageID . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tpages\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_pageID) { $this->_pageID = $q->getLastInsertedID(); } //save base data if modified if ($this->_editedBaseData) { $sql_fields = "\n\t\t\t\tpage_pbd='" . $this->_pageID . "',\n\t\t\t\ttitle_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["title"]) . "',\n\t\t\t\tlinkTitle_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["linkTitle"]) . "',\n\t\t\t\tkeywords_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["keywords"]) . "',\n\t\t\t\tdescription_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["description"]) . "',\n\t\t\t\treminderPeriodicity_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["reminderPeriodicity"]) . "',\n\t\t\t\treminderOn_pbd='" . $this->_editedBaseData["reminderOn"]->getDBValue() . "',\n\t\t\t\treminderOnMessage_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["reminderOnMessage"]) . "',\n\t\t\t\tcategory_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["category"]) . "',\n\t\t\t\tauthor_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["author"]) . "',\n\t\t\t\treplyto_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["replyto"]) . "',\n\t\t\t\tcopyright_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["copyright"]) . "',\n\t\t\t\tlanguage_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["language"]) . "',\n\t\t\t\trobots_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["robots"]) . "',\n\t\t\t\tpragma_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["pragma"]) . "',\n\t\t\t\trefresh_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["refresh"]) . "',\n\t\t\t\tredirect_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["redirect"]->getTextDefinition()) . "',\n\t\t\t\trefreshUrl_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["refreshUrl"]) . "',\n\t\t\t\tmetas_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["metas"]) . "',\n\t\t\t\tcodename_pbd='" . SensitiveIO::sanitizeSQLString($this->_editedBaseData["codename"]) . "'\n\t\t\t"; if ($this->_baseDataID) { $sql = "\n\t\t\t\t\tupdate\n\t\t\t\t\t\tpagesBaseData_edited\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $sql_fields . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tid_pbd='" . $this->_baseDataID . "'\n\t\t\t\t"; } else { $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\tpagesBaseData_edited\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if (!$q->hasError() && !$this->_baseDataID) { $this->_baseDataID = $q->getLastInsertedID(); } } // Inform modules of the page creation $modules = CMS_modulesCatalog::getAll('id'); foreach ($modules as $codename => $module) { if (method_exists($module, 'pagePostSave')) { $module->pagePostSave($this, $isNew); } } return true; }
/** * Writes the news into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\tform_fld='" . SensitiveIO::sanitizeSQLString($this->_formID) . "',\n\t\t\tname_fld='" . SensitiveIO::sanitizeSQLString($this->_name) . "',\n\t\t\tlabel_fld='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\ttype_fld='" . SensitiveIO::sanitizeSQLString($this->_type) . "',\n\t\t\tdataValidation_fld='" . SensitiveIO::sanitizeSQLString($this->_dataValidation) . "',\n\t\t\tdefaultValue_fld='" . SensitiveIO::sanitizeSQLString($this->_value) . "',\n\t\t\trequired_fld='" . SensitiveIO::sanitizeSQLString($this->_required) . "',\n\t\t\tactive_fld='" . SensitiveIO::sanitizeSQLString($this->_active) . "',\n\t\t\torder_fld='" . SensitiveIO::sanitizeSQLString($this->_order) . "',\n\t\t\toptions_fld='" . SensitiveIO::sanitizeSQLString(serialize($this->_options)) . "',\n\t\t\tparams_fld='" . SensitiveIO::sanitizeSQLString(serialize($this->_params)) . "'\n\t\t\t"; if ($this->_fieldID) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_cms_forms_fields\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_fld='" . $this->_fieldID . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_cms_forms_fields\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Failed to write"); return false; } elseif (!$this->_fieldID) { $this->_fieldID = $q->getLastInsertedID(); } //then write options in a second query, (cause in the first query it cause a strange error with PDO /*$sql_fields = " options_fld=:options "; $sqlParameters = array( 'options' => serialize($this->_options), ); $sql = " update mod_cms_forms_fields set ".$sql_fields." where id_fld='".$this->_fieldID."' "; $q = new CMS_query(); $q->executePreparedQuery($sql, $sqlParameters); if ($q->hasError()) { $this->raiseError("Failed to write"); return false; }*/ return true; }
/** * Writes object into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { //get Order if needed if (!$this->_objectFieldValues["order"] && sensitiveIO::isPositiveInteger($this->_objectFieldValues["objectID"])) { $this->_objectFieldValues["order"] = $this->getFieldsNextOrder(); } if (!$this->_objectFieldValues["uuid"]) { $this->_objectFieldValues["uuid"] = io::uuid(); } $sql_fields = "\n\t\t\tobject_id_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["objectID"]) . "',\n\t\t\tlabel_id_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["labelID"]) . "',\n\t\t\tdesc_id_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["descriptionID"]) . "',\n\t\t\ttype_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["type"]) . "',\n\t\t\torder_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["order"]) . "',\n\t\t\tsystem_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["system"]) . "',\n\t\t\trequired_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["required"]) . "',\n\t\t\tindexable_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["indexable"]) . "',\n\t\t\tsearchlist_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["searchlist"]) . "',\n\t\t\tsearchable_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["searchable"]) . "',\n\t\t\tparams_mof='" . SensitiveIO::sanitizeSQLString(serialize($this->_objectFieldValues["params"])) . "',\n\t\t\tuuid_mof='" . SensitiveIO::sanitizeSQLString($this->_objectFieldValues["uuid"]) . "'\n\t\t"; //save data if ($this->_fieldID) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_object_field\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_mof='" . $this->_fieldID . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_object_field\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Can't save object"); return false; } elseif (!$this->_fieldID) { $this->_fieldID = $q->getLastInsertedID(); } //unset fields catalog in cache CMS_cache::clearTypeCache('atm-polymod-structure'); //Clear polymod cache //CMS_cache::clearTypeCacheByMetas('polymod', array('module' => CMS_poly_object_catalog::getModuleCodenameForField($this->_fieldID))); CMS_cache::clearTypeCache('polymod'); return true; }
/** * Writes the module into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\tlabel_mod='" . SensitiveIO::sanitizeSQLString($this->_labelMessageID) . "',\n\t\t\tcodename_mod='" . SensitiveIO::sanitizeSQLString($this->_codename) . "',\n\t\t\tadministrationFrontend_mod='" . SensitiveIO::sanitizeSQLString($this->_administrationFrontend) . "',\n\t\t\thasParameters_mod='" . SensitiveIO::sanitizeSQLString($this->_hasParameters) . "',\n\t\t\tisPolymod_mod='" . SensitiveIO::sanitizeSQLString($this->_isPolymod) . "'\n\t\t"; if ($this->_id) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmodules\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_mod='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmodules\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } //create module files for module $this->createModuleFiles(); return true; }
/** * Writes the contactData into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\tservice_cd='" . SensitiveIO::sanitizeSQLString($this->_service) . "',\n\t\t\tjobTitle_cd='" . SensitiveIO::sanitizeSQLString($this->_jobTitle) . "',\n\t\t\taddressField1_cd='" . SensitiveIO::sanitizeSQLString($this->_addressField1) . "',\n\t\t\taddressField2_cd='" . SensitiveIO::sanitizeSQLString($this->_addressField2) . "',\n\t\t\taddressField3_cd='" . SensitiveIO::sanitizeSQLString($this->_addressField3) . "',\n\t\t\tzip_cd='" . SensitiveIO::sanitizeSQLString($this->_zip) . "',\n\t\t\tcity_cd='" . SensitiveIO::sanitizeSQLString($this->_city) . "',\n\t\t\tstate_cd='" . SensitiveIO::sanitizeSQLString($this->_state) . "',\n\t\t\tcountry_cd='" . SensitiveIO::sanitizeSQLString($this->_country) . "',\n\t\t\tphone_cd='" . SensitiveIO::sanitizeSQLString($this->_phone) . "',\n\t\t\tcellphone_cd='" . SensitiveIO::sanitizeSQLString($this->_cellphone) . "',\n\t\t\tfax_cd='" . SensitiveIO::sanitizeSQLString($this->_fax) . "',\n\t\t\temail_cd='" . SensitiveIO::sanitizeSQLString($this->_email) . "',\n\t\t\tcompany_cd='" . SensitiveIO::sanitizeSQLString($this->_company) . "',\n\t\t\tgender_cd='" . SensitiveIO::sanitizeSQLString($this->_gender) . "'\n\t\t"; if ($this->_id) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tcontactDatas\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_cd='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tcontactDatas\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } return true; }
/** * Duplicate this block * Used to duplicate a CMS_page. * * @param CMS_page $destinationPage, the page receiving a copy of this block * @param boolean $public The precision needed for USERSPACE location * @return CMS_block object */ function duplicate(&$destinationPage, $public = false) { if (SensitiveIO::isPositiveInteger($this->_dbID) && $this->_file) { $table = $this->_getDataTableName(RESOURCE_LOCATION_USERSPACE, $public); //Copy linked file //In new file name, delete reference to old page and add refernce to new one $_newFilename = "p" . $destinationPage->getID() . io::substr($this->_file, io::strpos($this->_file, "_"), io::strlen($this->_file)); if (@is_file(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file) && @copy(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename) && @chmod(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename, octdec(FILES_CHMOD))) { //Public if ($public) { if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename, octdec(FILES_CHMOD))) { $this->raiseError("Duplicate, flash file copy failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename); } } //Save new datas $str_set = "\n\t\t\t\t\t\tpage='" . $destinationPage->getID() . "',\n\t\t\t\t\t\tclientSpaceID='" . $this->_clientSpaceID . "',\n\t\t\t\t\t\trowID='" . $this->_rowID . "',\n\t\t\t\t\t\tblockID='" . $this->_tagID . "',\n\t\t\t\t\t\tfile='" . SensitiveIO::sanitizeSQLString($_newFilename) . "',\n\t\t\t\t\t\twidth='" . SensitiveIO::sanitizeSQLString($this->_width) . "',\n\t\t\t\t\t\theight='" . SensitiveIO::sanitizeSQLString($this->_height) . "',\n\t\t\t\t\t\tname='" . SensitiveIO::sanitizeSQLString($this->_name) . "',\n\t\t\t\t\t\tversion='" . SensitiveIO::sanitizeSQLString($this->_version) . "',\n\t\t\t\t\t\tparams='" . SensitiveIO::sanitizeSQLString($this->_params) . "',\n\t\t\t\t\t\tflashvars='" . SensitiveIO::sanitizeSQLString($this->_flashvars) . "',\n\t\t\t\t\t\tattributes='" . SensitiveIO::sanitizeSQLString($this->_flashattributes) . "'\n\t\t\t\t"; $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\t" . $table . "\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t"; $q = new CMS_query($sql); if (!$q->hasError()) { //Table Edition $sql = "\n\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t" . $this->_getDataTableName(RESOURCE_LOCATION_EDITION, false) . "\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tid='" . $q->getLastInsertedID() . "',\n\t\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t\t"; $q = new CMS_query($sql); return !$q->hasError(); } else { $this->raiseError("Duplicate, SQL insertion of new flash failed: " . $sql); } } else { $this->raiseError("Duplicate, copy of file failed :" . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file); } } return false; }
/** * Writes object into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { if (!$this->_objectValues["uuid"]) { $this->_objectValues["uuid"] = io::uuid(); } //save data $sql_fields = "\n\t\t\tresource_usage_mod='" . SensitiveIO::sanitizeSQLString($this->_objectValues["resourceUsage"]) . "',\n\t\t\tlabel_id_mod='" . SensitiveIO::sanitizeSQLString($this->_objectValues["labelID"]) . "',\n\t\t\tdescription_id_mod='" . SensitiveIO::sanitizeSQLString($this->_objectValues["descriptionID"]) . "',\n\t\t\tadmineditable_mod='" . SensitiveIO::sanitizeSQLString($this->_objectValues["admineditable"]) . "',\n\t\t\tmodule_mod='" . SensitiveIO::sanitizeSQLString($this->_objectValues["module"]) . "',\n\t\t\tcomposedLabel_mod='" . SensitiveIO::sanitizeSQLString($this->_objectValues["composedLabel"]) . "',\n\t\t\tpreviewURL_mod='" . SensitiveIO::sanitizeSQLString($this->_objectValues["previewURL"]) . "',\n\t\t\tindexable_mod='" . SensitiveIO::sanitizeSQLString($this->_objectValues["indexable"]) . "',\n\t\t\tmultilanguage_mod='" . SensitiveIO::sanitizeSQLString($this->_objectValues["multilanguage"]) . "',\n\t\t\tindexURL_mod='" . SensitiveIO::sanitizeSQLString($this->_objectValues["indexURL"]) . "',\n\t\t\tcompiledIndexURL_mod='" . SensitiveIO::sanitizeSQLString($this->_objectValues["compiledIndexURL"]) . "',\n\t\t\tresultsDefinition_mod='" . SensitiveIO::sanitizeSQLString($this->_objectValues["resultsDefinition"]) . "',\n\t\t\tuuid_mod='" . SensitiveIO::sanitizeSQLString($this->_objectValues["uuid"]) . "'\n\t\t"; if ($this->_ID) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_object_definition\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_mod='" . $this->_ID . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_object_definition\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Can't save object"); return false; } elseif (!$this->_ID) { $this->_ID = $q->getLastInsertedID(); } //Clear polymod cache //CMS_cache::clearTypeCacheByMetas('polymod', array('module' => $this->_objectValues["module"])); CMS_cache::clearTypeCache('polymod'); //unset polymod structure in cache CMS_cache::clearTypeCache('atm-polymod-structure'); return true; }
/** * Writes the user Data into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $this->writeProfileToPersistence(); $this->_contactData->writeToPersistence(); //if deleted, must set the login to nothing, so this login could be reused in the future if ($this->_deleted) { $this->_login = ''; } $sql_fields = "\n\t\t\tactive_pru='" . $this->_active . "',\n\t\t\tdeleted_pru='" . $this->_deleted . "',\n\t\t\tlogin_pru='" . SensitiveIO::sanitizeSQLString($this->_login) . "',\n\t\t\tpassword_pru='" . SensitiveIO::sanitizeSQLString($this->_password) . "',\n\t\t\tfirstName_pru='" . SensitiveIO::sanitizeSQLString($this->_firstName) . "',\n\t\t\tlastName_pru='" . SensitiveIO::sanitizeSQLString($this->_lastName) . "',\n\t\t\tcontactData_pru='" . SensitiveIO::sanitizeSQLString($this->_contactData->getId()) . "',\n\t\t\tlanguage_pru='" . SensitiveIO::sanitizeSQLString($this->_language->getCode()) . "',\n\t\t\tprofile_pru='" . SensitiveIO::sanitizeSQLString(parent::getId()) . "',\n\t\t\talerts_pru='" . SensitiveIO::sanitizeSQLString($this->_alerts->getTextDefinition()) . "',\n\t\t\tfavorites_pru='" . SensitiveIO::sanitizeSQLString(implode(',', $this->_favorites)) . "'\n\t\t"; if ($this->_userId) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tprofilesUsers\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_pru='" . $this->_userId . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tprofilesUsers\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_userId) { $this->_userId = $q->getLastInsertedID(); } // Update validation catalog if ($this->_validationChange || $this->_deleted) { $sql = "\n\t\t\t\tdelete\n\t\t\t\tfrom\n\t\t\t\t\tprofilesUsers_validators\n\t\t\t\twhere\n\t\t\t\t\tuserId_puv='" . $this->_userId . "'\n\t\t\t\t"; $q = new CMS_query($sql); if ($this->_active) { //loop through validationClearances $validationClearances = parent::getValidationClearances(); $elements = $validationClearances->getElements(); $sql = ''; foreach ($elements as $value) { $sql .= $sql ? ', ' : ''; $sql .= "('" . $this->_userId . "' ,'" . $value[0] . "') "; } if ($sql) { $sql = "\n\t\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t\tprofilesUsers_validators (userId_puv, module_puv)\n\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t" . $sql; $q = new CMS_query($sql); } } $this->_validationChange = false; } //if deleted, must remove user from group list if ($this->_deleted) { $sql = "\n\t\t\t\tdelete\n\t\t\t\tfrom\n\t\t\t\t\tprofileUsersByGroup\n\t\t\t\twhere\n\t\t\t\t\tuserId_gu='" . $this->_userId . "'\n\t\t\t"; $q = new CMS_query($sql); } //Clear polymod cache //CMS_cache::clearTypeCacheByMetas('polymod', array('resource' => 'users')); CMS_cache::clearTypeCache('polymod'); return true; }
/** * Writes the news into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\tsending_rec='" . SensitiveIO::sanitizeSQLString($this->_senderID) . "',\n\t\t\tfield_rec='" . SensitiveIO::sanitizeSQLString($this->_fieldID) . "',\n\t\t\tvalue_rec='" . SensitiveIO::sanitizeSQLString($this->_value) . "'"; if ($this->_recordID) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_cms_forms_records\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_rec='" . $this->_recordID . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_cms_forms_records\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Failed to write"); return false; } elseif (!$this->_recordID) { $this->_recordID = $q->getLastInsertedID(); } return true; }
/** * Writes the subobject into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { if ($this->_public) { $this->raiseError("Can't write public object"); return false; } //save data $sql_fields = "\n\t\t\tobjectID='" . SensitiveIO::sanitizeSQLString($this->_objectID) . "',\n\t\t\tobjectFieldID='" . SensitiveIO::sanitizeSQLString($this->_objectFieldID) . "',\n\t\t\tobjectSubFieldID='" . SensitiveIO::sanitizeSQLString($this->_objectSubFieldID) . "',\n\t\t\tvalue='" . SensitiveIO::sanitizeSQLString($this->_value) . "'\n\t\t"; if ($this->_ID) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\t" . $this->getTableName() . "\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid='" . $this->_ID . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\t" . $this->getTableName() . "\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Can't save object"); return false; } elseif (!$this->_ID) { $this->_ID = $q->getLastInsertedID(); } return true; }
/** * Writes the toolbar into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\tcode_tool='" . SensitiveIO::sanitizeSQLString($this->_code) . "',\n\t\t\tlabel_tool='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\telements_tool='" . SensitiveIO::sanitizeSQLString(implode('|', $this->_toolbarElements)) . "'\n\t\t"; if ($this->_id) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\ttoolbars\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_tool='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\ttoolbars\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } return true; }
/** * Writes all objects values into persistence (MySQL for now), along with base data. * * @param boolean $withResource treat also the resource status (if object is a primary resource) default true * @param boolean $emailValidators send emails to validators (if object is a primary resource) default true * @param boolean $onlyCreateID create only the object ID (used to save fiels fields). Default false * @return boolean true on success, false on failure * @access public */ function writeToPersistence($treatResource = true, $emailValidators = true, $onlyCreateID = false) { global $cms_user; if ($this->_public) { $this->raiseError("Can't write public object"); return false; } if ($this->hasError()) { $this->raiseError("Can't write object with error"); return false; } $isNew = $this->_ID === NULL; // Inform modules of the object creation $modules = CMS_modulesCatalog::getAll('id'); foreach ($modules as $codename => $module) { if (method_exists($module, 'polyObjectPreSave')) { $module->polyObjectPreSave($this, $isNew); } } if (!$this->_ID) { //first, if object does not have ID, create one $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_object_polyobjects\n\t\t\t\tset\n\t\t\t\t\tobject_type_id_moo='" . SensitiveIO::sanitizeSQLString($this->_objectID) . "'\n\t\t\t\t"; $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Can't save object"); return false; } elseif (!$this->_ID) { //set ID $this->_ID = $q->getLastInsertedID(); //reload all sub objects definition to add ID $this->_populateSubObjectsDefinitions(); } if ($onlyCreateID) { return true; } } $forceSecondaryRessourcePublication = false; //if this object is a primary resource if ($this->_objectResourceStatus == 1) { if ($treatResource) { //add content edition status $this->addEdition(RESOURCE_EDITION_CONTENT, $cms_user); } //write parent to persistence parent::writeToPersistence(); //set $this->_resource $this->_resource->setValue(parent::getID()); //then save resource ID //set definition for resource $definition = array('objectID' => $this->_ID, 'fieldID' => 0, 'subFieldID' => 0); $this->_resource->setDefinition($definition); if (!$this->_resource->writeToPersistence()) { return false; } } elseif ($this->_objectResourceStatus == 2) { //if this object is a secondary resource //get all primary resource associated $primaryItems = CMS_poly_object_catalog::getPrimaryItemsWhichUsesSecondaryItem($this->_ID, true, false); if ($primaryItems) { foreach ($primaryItems as $primaryItem) { $primaryItem->writeToPersistence(); } } else { $forceSecondaryRessourcePublication = true; } } //save all subobjects foreach (array_keys($this->_objectValues) as $fieldID) { if (is_a($this->_objectValues[$fieldID], 'CMS_poly_object')) { //set definition for poly object field in $this->_polyObjectValues $definition = array('objectID' => $this->_ID, 'fieldID' => $fieldID, 'subFieldID' => 0); $this->_polyObjectValues[$fieldID]->setDefinition($definition); if (!$this->_polyObjectValues[$fieldID]->writeToPersistence()) { return false; } } else { //set sub fields definitions for other object fields $this->_objectValues[$fieldID]->setSubFieldsDefinition($this->_subObjectsDefinitions[$fieldID]); if (!$this->_objectValues[$fieldID]->writeToPersistence()) { return false; } } } //resource management if ($treatResource) { //get Object definition $objectDef = $this->getObjectDefinition(); //get module codename $polyModuleCodename = $objectDef->getValue('module'); //if object is not a resource, copy datas to public location if ($this->_objectResourceStatus != 1 && $this->_objectResourceStatus != 2 || $this->_objectResourceStatus == 2 && $forceSecondaryRessourcePublication) { $modulesCodes = new CMS_modulesCodes(); //add a call to all modules for before validation specific treatment $modulesCodes->getModulesCodes(MODULE_TREATMENT_BEFORE_VALIDATION_TREATMENT, '', $this, array('result' => VALIDATION_OPTION_ACCEPT, 'lastvalidation' => true, 'module' => $polyModuleCodename, 'action' => 'update')); //move resource datas to public location CMS_modulePolymodValidation::moveResourceData($polyModuleCodename, $this->getID(), RESOURCE_DATA_LOCATION_EDITED, RESOURCE_DATA_LOCATION_PUBLIC, true); //add a call to all modules for after validation specific treatment $modulesCodes->getModulesCodes(MODULE_TREATMENT_AFTER_VALIDATION_TREATMENT, '', $this, array('result' => VALIDATION_OPTION_ACCEPT, 'lastvalidation' => true, 'module' => $polyModuleCodename, 'action' => 'update')); } //if item is a primary resource, send emails to validators if ($this->_objectResourceStatus == 1) { if (APPLICATION_ENFORCES_WORKFLOW) { if (!NO_APPLICATION_MAIL && $emailValidators) { $validators = CMS_profile_usersCatalog::getValidators($polyModuleCodename); //get editors $editors = $this->getEditors(); $editorsIds = array(); foreach ($editors as $editor) { $editorsIds[] = $editor->getUserId(); } foreach ($validators as $validator) { //add script to send email for validator if needed CMS_scriptsManager::addScript($polyModuleCodename, array('task' => 'emailNotification', 'object' => $this->getID(), 'validator' => $validator->getUserId(), 'type' => 'validate', 'editors' => $editorsIds)); } //then launch scripts execution CMS_scriptsManager::startScript(); } } else { $validation = new CMS_resourceValidation($polyModuleCodename, RESOURCE_EDITION_CONTENT, $this); $mod = CMS_modulesCatalog::getByCodename($polyModuleCodename); $mod->processValidation($validation, VALIDATION_OPTION_ACCEPT); } //Log action $log = new CMS_log(); $language = $cms_user->getLanguage(); $log->logResourceAction(CMS_log::LOG_ACTION_RESOURCE_EDIT_CONTENT, $cms_user, $polyModuleCodename, $this->getStatus(), 'Item \'' . $this->getLabel() . '\' (' . $objectDef->getLabel($language) . ')', $this); } else { //Log action $log = new CMS_log(); $language = $cms_user->getLanguage(); $log->logMiscAction(CMS_log::LOG_ACTION_RESOURCE_EDIT_CONTENT, $cms_user, 'Item \'' . $this->getLabel() . '\' (' . $objectDef->getLabel($language) . ')', $polyModuleCodename); } //Clear polymod cache //CMS_cache::clearTypeCacheByMetas('polymod', array('module' => $polyModuleCodename)); CMS_cache::clearTypeCache('polymod'); } // Inform modules of the object creation $modules = CMS_modulesCatalog::getAll('id'); foreach ($modules as $codename => $module) { if (method_exists($module, 'polyObjectPostSave')) { $module->polyObjectPostSave($this, $isNew); } } return true; }
/** * Writes into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { if (!$this->_uuid) { $this->_uuid = io::uuid(); } $isNew = $this->_categoryID === NULL; // Inform modules of the object creation $modules = CMS_modulesCatalog::getAll('id'); foreach ($modules as $codename => $module) { if (method_exists($module, 'moduleCategoryPreSave')) { $module->moduleCategoryPreSave($this, $isNew); } } // Prepare SQL $sql_fields = "\n\t\t\tmodule_mca='" . SensitiveIO::sanitizeSQLString($this->_moduleCodename) . "',\n\t\t\troot_mca='" . SensitiveIO::sanitizeSQLString($this->_rootID) . "',\n\t\t\tparent_mca='" . SensitiveIO::sanitizeSQLString($this->_parentID) . "',\n\t\t\torder_mca='" . SensitiveIO::sanitizeSQLString($this->_order) . "',\n\t\t\ticon_mca='" . SensitiveIO::sanitizeSQLString($this->_icon) . "',\n\t\t\tuuid_mca='" . SensitiveIO::sanitizeSQLString($this->_uuid) . "',\n\t\t\tprotected_mca='" . ($this->_protected ? 1 : 0) . "'\n\t\t"; // Finish SQL if ($this->_categoryID) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmodulesCategories\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_mca='" . $this->_categoryID . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmodulesCategories\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_categoryID) { $this->_categoryID = $q->getLastInsertedID(); } //reset catalog info CMS_moduleCategories_catalog::getParentIdOf($this->_categoryID, true); // Update lineage again with current ID $lineage = (string) @implode(';', CMS_moduleCategories_catalog::getLineageOfCategory($this->_categoryID, true)); if ($this->_lineageFromDB != $lineage) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmodulesCategories\n\t\t\t\tset\n\t\t\t\t\tlineage_mca='" . SensitiveIO::sanitizeSQLString($lineage) . "'\n\t\t\t\twhere\n\t\t\t\t\tid_mca='" . $this->_categoryID . "'\n\t\t\t"; $q = new CMS_query($sql); //update siblings lineage if any if ($this->hasSiblings()) { $siblings = $this->getSiblings(); foreach ($siblings as $aSibling) { $aSibling->writeToPersistence(); } } } // Save translations // Number of languages availables depends on module // instead of languages initially stored into object // A way to support easily any new language if (is_array($this->_labels) && $this->_labels && $this->_categoryID) { $err = 0; // Insert each label foreach (CMS_languagesCatalog::getAllLanguages($this->_moduleCodename) as $aLanguage) { $lang = $aLanguage->getCode(); // Delete $sql = "\n\t\t\t\t\tdelete\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmodulesCategories_i18nm\n\t\t\t\t\twhere\n\t\t\t\t\t\tcategory_mcl='" . $this->_categoryID . "'\n\t\t\t\t\t\tand language_mcl='" . SensitiveIO::sanitizeSQLString($lang) . "'\n\t\t\t\t"; $qD = new CMS_query($sql); if ($qD->hasError()) { $err++; $this->raiseError("Error deleting label in language : `{$lang}`"); } // Insert $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\tmodulesCategories_i18nm\n\t\t\t\t\tset\n\t\t\t\t\t\tlanguage_mcl='" . SensitiveIO::sanitizeSQLString($lang) . "',\n\t\t\t\t\t\tcategory_mcl = " . $this->_categoryID . ",\n\t\t\t\t\t\tlabel_mcl='" . SensitiveIO::SanitizeSQLString(@$this->_labels[$lang]) . "',\n\t\t\t\t\t\tdescription_mcl='" . SensitiveIO::SanitizeSQLString(@$this->_descriptions[$lang]) . "',\n\t\t\t\t\t\tfile_mcl='" . SensitiveIO::SanitizeSQLString(@$this->_files[$lang]) . "'\n\t\t\t\t"; $q = new CMS_query($sql); if ($q->hasError()) { $err++; $this->raiseError("Error inserting label in language : `{$lang}`"); } } // have to repeat the call here $modules = CMS_modulesCatalog::getAll('id'); foreach ($modules as $codename => $module) { if (method_exists($module, 'moduleCategoryPostSave')) { $module->moduleCategoryPostSave($this, $isNew); } } //Clear polymod cache //CMS_cache::clearTypeCacheByMetas('polymod', array('module' => $this->_moduleCodename)); CMS_cache::clearTypeCache('polymod'); return $err <= 0; } $modules = CMS_modulesCatalog::getAll('id'); foreach ($modules as $codename => $module) { if (method_exists($module, 'moduleCategoryPostSave')) { $module->moduleCategoryPostSave($this, $isNew); } } //Clear polymod cache //CMS_cache::clearTypeCacheByMetas('polymod', array('module' => $this->_moduleCodename)); CMS_cache::clearTypeCache('polymod'); return true; }
/** * Writes the cmsprofile into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\tadministrationClearance_pr='" . SensitiveIO::sanitizeSQLString($this->_adminClearance) . "',\n\t\t\tpageClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($this->_pageClearances->getTextDefinition()) . "',\n\t\t\tvalidationClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($this->_validationClearances->getTextDefinition()) . "',\n\t\t\tmoduleClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($this->_moduleClearances->getTextDefinition()) . "',\n\t\t\ttemplateGroupsDeniedStack_pr='" . SensitiveIO::sanitizeSQLString($this->_templateGroupsDenied->getTextDefinition()) . "',\n\t\t\trowGroupsDeniedStack_pr='" . SensitiveIO::sanitizeSQLString($this->_rowGroupsDenied->getTextDefinition()) . "'\n\t\t"; if ($this->_id) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tprofiles\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_pr='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tprofiles\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } //pr($sql); $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } if (!sensitiveIO::isPositiveInteger($this->_moduleCategoriesClearances->getProfileID())) { $this->_moduleCategoriesClearances->setProfileID($this->_id); } // Write moduleCategories clearances to persistence also return $this->_moduleCategoriesClearances->writeToPersistence(); }
/** * Writes the news into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\tlanguages_snd='" . SensitiveIO::sanitizeSQLString($this->_languages) . "',\n\t\t\tuserID_snd='" . SensitiveIO::sanitizeSQLString($this->_userID) . "',\n\t\t\tclientIP_snd='" . SensitiveIO::sanitizeSQLString($this->_clientIP) . "',\n\t\t\tsessionID_snd='" . SensitiveIO::sanitizeSQLString($this->_sessionID) . "',\n\t\t\tuserAgent_snd='" . SensitiveIO::sanitizeSQLString($this->_userAgent) . "'"; // Date if (is_a($this->_dateInserted, 'CMS_date')) { $sql_fields .= ",\n\t\t\tdateInserted_snd='" . $this->_dateInserted->getDBValue() . "'"; } if ($this->_senderID) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_cms_forms_senders\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_snd='" . $this->_senderID . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_cms_forms_senders\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Failed to write"); return false; } elseif (!$this->_senderID) { $this->_senderID = $q->getLastInsertedID(); } return true; }
/** * Writes the object instance into persistance. * * @return integer the DB id of the inserted validation. * @access public */ function writeToPersistence() { //insert this one into persistence : first insert key data $sql = "\n\t\t\tinsert into\n\t\t\t\tresourceValidations\n\t\t\tset\n\t\t\t\tmodule_rv='" . $this->_moduleCodename . "',\n\t\t\t\teditions_rv='" . $this->_editions . "',\n\t\t\t\tresourceID_rv='" . $this->_resourceID . "'\n\t\t"; $q = new CMS_query($sql); $this->_id = $q->getLastInsertedID(); //then update with serialized string, which now will contain the id $sql = "\n\t\t\tupdate\n\t\t\t\tresourceValidations\n\t\t\tset\n\t\t\t\tserializedObject_rv='" . addslashes(serialize($this)) . "'\n\t\t\twhere\n\t\t\t\tid_rv='" . $this->_id . "'\n\t\t"; $q = new CMS_query($sql); }
/** * Writes object into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $valuesToSet = $this->_values; $ok = true; if (is_array($valuesToSet) && $valuesToSet) { //first update code allready known in DB if (is_array($this->_DBKnown) && $this->_DBKnown && $this->_ID) { foreach ($this->_DBKnown as $aKownCode) { $sql = "\n\t\t\t\t\t\tupdate\n\t\t\t\t\t\t\tmod_object_i18nm\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tvalue_i18nm='" . SensitiveIO::sanitizeSQLString($this->_values[$aKownCode]) . "'\n\t\t\t\t\t\twhere\n\t\t\t\t\t\t\tid_i18nm='" . $this->_ID . "'\n\t\t\t\t\t\t\tand code_i18nm='" . $aKownCode . "'\n\t\t\t\t\t"; $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Can't update value for code : " . $aKownCode); $ok = false; } else { unset($valuesToSet[$aKownCode]); } } } //then, add the rest of the values if (is_array($valuesToSet) && $valuesToSet) { foreach ($valuesToSet as $code => $value) { //save data $sql_fields = "\n\t\t\t\t\t\tcode_i18nm='" . SensitiveIO::sanitizeSQLString($code) . "',\n\t\t\t\t\t\tvalue_i18nm='" . SensitiveIO::sanitizeSQLString($value) . "'\n\t\t\t\t\t"; if ($this->_ID) { $sql = "\n\t\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t\tmod_object_i18nm\n\t\t\t\t\t\t\tset\n\t\t\t\t\t\t\t\tid_i18nm='" . $this->_ID . "',\n\t\t\t\t\t\t\t\t" . $sql_fields; } else { $sql = "\n\t\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t\tmod_object_i18nm\n\t\t\t\t\t\t\tset\n\t\t\t\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Can't save object"); $ok = false; } elseif (!$this->_ID) { $this->_ID = $q->getLastInsertedID(); } } } unset($GLOBALS["polyModule"]["i18nm"][$this->_ID]); return $ok; } else { $this->raiseError("No values to write"); return false; } }
/** * Writes the row into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { if (!$this->_uuid) { $this->_uuid = io::uuid(); } $sql_fields = "\n\t\t\tlabel_row='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\tdefinitionFile_row='" . SensitiveIO::sanitizeSQLString($this->_definitionFile) . "',\n\t\t\tmodulesStack_row='" . $this->_modules->getTextDefinition() . "',\n\t\t\tgroupsStack_row='" . SensitiveIO::sanitizeSQLString($this->_groups->getTextDefinition()) . "',\n\t\t\tuseable_row='" . SensitiveIO::sanitizeSQLString($this->_useable) . "',\n\t\t\tdescription_row='" . SensitiveIO::sanitizeSQLString($this->_description) . "',\n\t\t\ttplfilter_row='" . SensitiveIO::sanitizeSQLString(implode(';', $this->_tplfilter)) . "',\n\t\t\timage_row='" . SensitiveIO::sanitizeSQLString($this->_image) . "',\n\t\t\tuuid_row='" . SensitiveIO::sanitizeSQLString($this->_uuid) . "'\n\t\t"; if ($this->_id) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_standard_rows\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_row='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_standard_rows\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t"; } //pr($sql); $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } return true; }
/** * Writes the website into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { if (!sensitiveIO::isPositiveInteger($this->_order)) { //get max order $sql = "\n\t\t\t\tselect \n\t\t\t\t\tmax(order_web) as order_max\n\t\t\t\tfrom\n\t\t\t\t\twebsites\n\t\t\t"; $q = new CMS_query($sql); if ($q->hasError() || !$q->getNumRows()) { CMS_grandFather::raiseError('Error to get max order from websites table ... '); return false; } $this->_order = $q->getValue('order_max') + 1; } $sql_fields = "\n\t\t\tlabel_web='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\tcodename_web='" . SensitiveIO::sanitizeSQLString($this->_codename) . "',\n\t\t\turl_web='" . SensitiveIO::sanitizeSQLString($this->_url) . "',\n\t\t\taltdomains_web='" . SensitiveIO::sanitizeSQLString($this->_altdomains) . "',\n\t\t\taltredir_web='" . ($this->_altredir ? 1 : 0) . "',\n\t\t\troot_web='" . $this->_root->getID() . "',\n\t\t\tkeywords_web='" . SensitiveIO::sanitizeSQLString($this->_meta['keywords']) . "',\n\t\t\tdescription_web='" . SensitiveIO::sanitizeSQLString($this->_meta['description']) . "',\n\t\t\tcategory_web='" . SensitiveIO::sanitizeSQLString($this->_meta['category']) . "',\n\t\t\tauthor_web='" . SensitiveIO::sanitizeSQLString($this->_meta['author']) . "',\n\t\t\treplyto_web='" . SensitiveIO::sanitizeSQLString($this->_meta['replyto']) . "',\n\t\t\tcopyright_web='" . SensitiveIO::sanitizeSQLString($this->_meta['copyright']) . "',\n\t\t\tlanguage_web='" . SensitiveIO::sanitizeSQLString($this->_meta['language']) . "',\n\t\t\trobots_web='" . SensitiveIO::sanitizeSQLString($this->_meta['robots']) . "',\n\t\t\tfavicon_web='" . SensitiveIO::sanitizeSQLString($this->_meta['favicon']) . "',\n\t\t\tmetas_web='" . SensitiveIO::sanitizeSQLString($this->_meta['metas']) . "',\n\t\t\torder_web='" . SensitiveIO::sanitizeSQLString($this->_order) . "',\n\t\t\t403_web='" . SensitiveIO::sanitizeSQLString($this->_403) . "',\n\t\t\t404_web='" . SensitiveIO::sanitizeSQLString($this->_404) . "'\n\t\t"; if ($this->_id) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\twebsites\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_web='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\twebsites\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } //create the page directory if (!is_dir($this->getPagesPath(PATH_RELATIVETO_FILESYSTEM))) { @mkdir($this->getPagesPath(PATH_RELATIVETO_FILESYSTEM)); @chmod($this->getPagesPath(PATH_RELATIVETO_FILESYSTEM), octdec(DIRS_CHMOD)); } return true; }
/** * Write to persistence * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\t\tuser_log='" . SensitiveIO::sanitizeSQLString($this->_user->getUserId()) . "',\n\t\t\t\taction_log='" . SensitiveIO::sanitizeSQLString($this->_action) . "',\n\t\t\t\tdatetime_log='" . SensitiveIO::sanitizeSQLString($this->_datetime->getDBValue()) . "',\n\t\t\t\ttextData_log='" . SensitiveIO::sanitizeSQLString($this->_textData) . "',\n\t\t\t\tlabel_log='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\t\tmodule_log='" . SensitiveIO::sanitizeSQLString($this->_module) . "',\n\t\t\t\tresource_log='" . SensitiveIO::sanitizeSQLString($this->_resource) . "',\n\t\t\t\trsAfterLocation_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getLocation()) . "',\n\t\t\t\trsAfterProposedFor_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getProposedFor()) . "',\n\t\t\t\trsAfterEditions_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getEditions()) . "',\n\t\t\t\trsAfterValidationsRefused_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getValidationRefused()) . "',\n\t\t\t\trsAfterPublication_log='" . SensitiveIO::sanitizeSQLString($this->_resourceStatusAfter->getPublication()) . "'\t\n\t\t\t"; if ($this->_id) { $sql = "\n\t\t\t\t\tupdate\n\t\t\t\t\t\tlog\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $sql_fields . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tid_log='" . $this->_id . "'\n\t\t\t\t"; } else { $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\tlog\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } else { $this->_id = $q->getLastInsertedID(); } return true; }
/** * Duplicate this block * Used to duplicate a CMS_page. * * @param CMS_page $destinationPage, the page receiving a copy of this block * @param boolean $public The precision needed for USERSPACE location * @return CMS_block object */ function duplicate(&$destinationPage, $public = false) { if (SensitiveIO::isPositiveInteger($this->_dbID)) { $link = $this->_link; if ($link->hasValidHREF()) { if ($link->getLinkType() == RESOURCE_LINK_TYPE_FILE) { //get file path $file = $link->getFileLink(false, MOD_STANDARD_CODENAME, RESOURCE_DATA_LOCATION_EDITED, PATH_RELATIVETO_FILESYSTEM, true); $path = $link->getFileLink(true, MOD_STANDARD_CODENAME, RESOURCE_DATA_LOCATION_EDITED, PATH_RELATIVETO_FILESYSTEM, false); if ($file && file_exists($path . '/' . $file)) { //Copy linked file //In new file name, delete reference to old page and add refernce to new one $_newFilename = "p" . $destinationPage->getID() . io::substr($file, io::strpos($file, "_"), io::strlen($file)); if (@is_file(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $file) && CMS_file::copyTo(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $file, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename) && CMS_file::chmodFile(FILES_CHMOD, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename)) { //Public if ($public) { if (!is_file(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $file) || !CMS_file::copyTo(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $file, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename) || !CMS_file::chmodFile(FILES_CHMOD, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename)) { $this->raiseError("Duplicate, file copy failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $file); } } $link->setFileLink($_newFilename); } } } $table = $this->_getDataTableName(RESOURCE_LOCATION_USERSPACE, $public); //Save new datas $str_set = "\n\t\t\t\t\t\tpage='" . $destinationPage->getID() . "',\n\t\t\t\t\t\tclientSpaceID='" . $this->_clientSpaceID . "',\n\t\t\t\t\t\trowID='" . $this->_rowID . "',\n\t\t\t\t\t\tblockID='" . $this->_tagID . "',\n\t\t\t\t\t\ttype='CMS_block_link',\n\t\t\t\t\t\tvalue='" . SensitiveIO::sanitizeSQLString($link->getTextDefinition()) . "'\n\t\t\t\t"; $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\t" . $table . "\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t"; $q = new CMS_query($sql); if (!$q->hasError()) { //Table Edition $sql = "\n\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t" . $this->_getDataTableName(RESOURCE_LOCATION_EDITION, false) . "\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tid='" . $q->getLastInsertedID() . "',\n\t\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t\t"; $q = new CMS_query($sql); return !$q->hasError(); } else { $this->raiseError("Duplicate, SQL insertion of new filename failed: " . $sql); } } else { $this->raiseError("Duplicate, copy of file failed :" . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file); } } return false; }
/** * Writes the news into persistence (MySQL for now), along with base data. * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { //save data $closed = $this->_public === true ? 0 : 1; $sql_fields = "\n\t\t\towner_frm='" . $this->_ownerID . "',\n\t\t\tlanguage_frm='" . SensitiveIO::sanitizeSQLString($this->_language->getCode()) . "',\n\t\t\tname_frm='" . SensitiveIO::sanitizeSQLString($this->_name) . "',\n\t\t\tsource_frm='" . SensitiveIO::sanitizeSQLString($this->_source) . "',\n\t\t\tresponses_frm='" . SensitiveIO::sanitizeSQLString($this->_responses) . "',\n\t\t\tclosed_frm='" . $closed . "'"; if ($this->_formID) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tmod_cms_forms_formulars\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_frm='" . $this->_formID . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tmod_cms_forms_formulars\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { $this->raiseError("Failed to write"); return false; } elseif (!$this->_formID) { $this->_formID = $q->getLastInsertedID(); } //then create the 4 defaut actions for this form if hasn't any if (!$this->hasActions()) { //Form answer excedeed $alreadyFoldAction = new CMS_forms_action(); $alreadyFoldAction->setInteger("form", $this->_formID); $alreadyFoldAction->setInteger("type", CMS_forms_action::ACTION_ALREADY_FOLD); $alreadyFoldAction->setString("value", 'text'); $alreadyFoldAction->writeToPersistence(); //Save form results in DB $dbAction = new CMS_forms_action(); $dbAction->setInteger("form", $this->_formID); $dbAction->setInteger("type", CMS_forms_action::ACTION_DB); $dbAction->writeToPersistence(); //form OK $okAction = new CMS_forms_action(); $okAction->setInteger("form", $this->_formID); $okAction->setInteger("type", CMS_forms_action::ACTION_FORMOK); $okAction->setString("value", 'text'); $okAction->writeToPersistence(); //form NOK $nokAction = new CMS_forms_action(); $nokAction->setInteger("form", $this->_formID); $nokAction->setInteger("type", CMS_forms_action::ACTION_FORMNOK); $nokAction->setString("value", 'text'); $nokAction->writeToPersistence(); } return true; }
/** * Writes the group data into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { parent::writeToPersistence(); $sql_fields = "\n\t\t\tlabel_prg='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\tdescription_prg='" . SensitiveIO::sanitizeSQLString($this->_description) . "',\n\t\t\tprofile_prg='" . SensitiveIO::sanitizeSQLString(parent::getId()) . "'\n\t\t"; if ($this->_groupId) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tprofilesUsersGroups\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_prg='" . $this->_groupId . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tprofilesUsersGroups\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_groupId) { $this->_groupId = $q->getLastInsertedID(); } /* Delete all records and re-insert the good ones */ $sql = "\n\t\t\tdelete from\n\t\t\t\tprofileUsersByGroup\n\t\t\twhere\n\t\t\t\tgroupId_gu='" . $this->_groupId . "'\n\t\t"; $q = new CMS_query($sql); if (is_array($this->_users) && $this->_users) { $sql = ''; foreach ($this->_users as $user) { $sql .= $sql ? ', ' : ''; $sql .= "('" . $this->_groupId . "' ,'" . $user . "') "; } $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tprofileUsersByGroup (groupId_gu, userId_gu)\n\t\t\t\tvalues \n\t\t\t\t\t" . $sql; $q = new CMS_query($sql); } //Clear polymod cache //CMS_cache::clearTypeCacheByMetas('polymod', array('resource' => 'users')); CMS_cache::clearTypeCache('polymod'); return true; }
/** * Writes the template into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { $sql_fields = "\n\t\t\tlabel_pt='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\timage_pt='" . SensitiveIO::sanitizeSQLString($this->_image) . "',\n\t\t\tdefinitionFile_pt='" . SensitiveIO::sanitizeSQLString($this->_definitionFile) . "',\n\t\t\tgroupsStack_pt='" . SensitiveIO::sanitizeSQLString($this->_groups->getTextDefinition()) . "',\n\t\t\tmodulesStack_pt='" . SensitiveIO::sanitizeSQLString($this->_modules->getTextDefinition()) . "',\n\t\t\tinUse_pt='" . $this->_useable . "',\n\t\t\tdescription_pt='" . SensitiveIO::sanitizeSQLString($this->_description) . "',\n\t\t\twebsitesdenied_pt='" . SensitiveIO::sanitizeSQLString($this->_websitesdenied->getTextDefinition()) . "',\n\t\t\tprivate_pt='" . $this->_private . "',\n\t\t\tprintingCSOrder_pt='" . SensitiveIO::sanitizeSQLString(implode(";", $this->_printingClientSpaces)) . "'\n\t\t"; if ($this->_id) { // Some changes must be applied // to all private templates similar to this one using same xml file if ($this->_definitionFile) { $sql = "\n\t\t\t\t\tupdate\n\t\t\t\t\t\tpageTemplates\n\t\t\t\t\tset\n\t\t\t\t\t\tlabel_pt='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\t\t\t\timage_pt='" . SensitiveIO::sanitizeSQLString($this->_image) . "',\n\t\t\t\t\t\tgroupsStack_pt='" . SensitiveIO::sanitizeSQLString($this->_groups->getTextDefinition()) . "',\n\t\t\t\t\t\tmodulesStack_pt='" . SensitiveIO::sanitizeSQLString($this->_modules->getTextDefinition()) . "',\n\t\t\t\t\t\tprintingCSOrder_pt='" . SensitiveIO::sanitizeSQLString(implode(";", $this->_printingClientSpaces)) . "'\n\t\t\t\t\twhere\n\t\t\t\t\t\tdefinitionFile_pt like '" . SensitiveIO::sanitizeSQLString($this->_definitionFile) . "'\n\t\t\t\t"; $q = new CMS_query($sql); } $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tpageTemplates\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_pt='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tpageTemplates\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); //pr($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } return true; }
/** * Authenticate user * This method can * - authenticate user throught authentification process * - load already authenticated user in current session (or SSO) * - disconnect user * * @param array $params : indexed array of authentification parameters (default : nothing) * Accepted array keys are : * - authenticate : boolean : default true if disconnect is not set * - disconnect : boolean : default false * - login : string : user login to authenticate * - password : string : user password to authenticate * - remember : boolean : default false * - tokenName : string * - token : string * - type : string : type of authentification (admin|frontend) : default APPLICATION_USER_TYPE contant * - ... and any parameter needed by authentifications processes handled by modules * @return void * @access public * @static */ public static function authenticate($params = array()) { //first clean old sessions datas from database CMS_session::_cleanSessions(); // Get Zend Auth instance $auth = Zend_Auth::getInstance(); // Use CMS_auth as session storage space $auth->setStorage(new Zend_Auth_Storage_Session('atm-auth')); //set authentification type if (!isset($params['type'])) { $params['type'] = APPLICATION_USER_TYPE; } //set permanent auth status if (isset($params['remember']) && $params['remember']) { self::$_permanent = true; } else { $params['remember'] = false; } //clear auth storage if disconnection is queried and set default authenticate value if (isset($params['disconnect']) && $params['disconnect']) { //log disconection if user exists $storageValue = $auth->getStorage()->read(); if (io::isPositiveInteger($storageValue)) { //load user $user = CMS_profile_usersCatalog::getByID($storageValue); if ($user) { //log new session $log = new CMS_log(); $log->logMiscAction(CMS_log::LOG_ACTION_DISCONNECT, $user, 'IP: ' . @$_SERVER['REMOTE_ADDR'] . ', UA: ' . @$_SERVER['HTTP_USER_AGENT']); } } //clear session content CMS_session::deleteSession(true); if (!isset($params['authenticate'])) { $params['authenticate'] = false; } } else { $params['disconnect'] = false; if (!isset($params['authenticate'])) { $params['authenticate'] = true; } } //init authenticated boolean $authenticated = false; //keep old storage value, because storage will be reseted by each module authentification $storageValue = $auth->getStorage()->read(); //loop on each authentification types suupported foreach (array('credentials', 'session', 'cookie', 'sso') as $authType) { //load modules $modules = CMS_modulesCatalog::getAll('id'); //get last module $module = array_pop($modules); //set authentification type as param $params['authType'] = $authType; //then try it for each modules do { //if module has auth method, try it if (method_exists($module, 'getAuthAdapter')) { //overwrite auth storage value with old value $auth->getStorage()->write($storageValue); //get module auth adapter $authAdapter = $module->getAuthAdapter($params); //authenticate user self::$_result = $auth->authenticate($authAdapter); //To debug Auth process easily, discomment this line //CMS_grandFather::log($_SERVER['SCRIPT_NAME'].' - '.$module->getCodename().' - Auth type : '.$authType.'/'.$params['type'].' - Auth result : '.self::$_result->getCode().($auth->hasIdentity() ? ' - Identity : '.$auth->getIdentity() : '').' - Message : '.(sizeof(self::$_result->getMessages()) == 1 ? array_pop(self::$_result->getMessages()) : print_r(self::$_result->getMessages(), true))); switch (self::$_result->getCode()) { case Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND: //user crendentials does not exists (ex: no login/pass provided) //nothing for now break; case Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID: //invalid login/pass //nothing for now break; case Zend_Auth_Result::SUCCESS: if ($auth->hasIdentity()) { // get user from identity found $user = $authAdapter->getUser($auth->getIdentity()); //check if user is valid if (isset($user) && $user && !$user->hasError() && !$user->isDeleted() && $user->isActive()) { $authenticated = true; //overwrite auth identity with valid user Id $auth->getStorage()->write($user->getUserId()); } else { unset($user); } } break; case Zend_Auth_Result::FAILURE: //user found but has error during loading (user inactive or deleted) //nothing for now break; default: //other unidentified cases : thrown an error CMS_grandFather::raiseError('Authentification return code ' . self::$_result->getCode() . ' for module ' . $module->getCodename() . ' with parameters ' . print_r($params, true)); break; } } //get next last module $module = array_pop($modules); } while (!$authenticated && $module); //if user is authenticated, break authentification foreach if ($authenticated) { break; } } //if authenticated : set or refresh session datas in table, regenerate session Id if ($authenticated && $user) { $q = new CMS_query("\n\t\t\tselect \n\t\t\t\tid_ses, cookie_expire_ses\n\t\t\tfrom \n\t\t\t\tsessions \n\t\t\twhere \n\t\t\t\tphpid_ses='" . sensitiveIO::sanitizeSQLString(Zend_Session::getId()) . "' \n\t\t\t\tand user_ses='" . sensitiveIO::sanitizeSQLString($user->getUserId()) . "'"); //get old session Id $oldSessionId = Zend_Session::getId(); if ($q->getNumRows() > 0) { //if session already exists : update it //regenerate session Id randomly (arround 1/100 times) //removed : cause session instability /*if (!rand(0, 100)) { //session id should not be regenerated each times because in case of a lot of concurrent calls, session can be destroyed Zend_Session::regenerateId(); }*/ $r = $q->getArray(); $id = $r['id_ses']; //Cookie if (self::$_permanent || $r['cookie_expire_ses'] != '0000-00-00 00:00:00') { self::$_permanent = true; // Cookie expire in APPLICATION_COOKIE_EXPIRATION days $expires = time() + 60 * 60 * 24 * APPLICATION_COOKIE_EXPIRATION; CMS_session::setCookie(CMS_session::getAutoLoginCookieName(), base64_encode($id . '|' . Zend_Session::getId()), $expires); } //DB session $sql = "\n\t\t\t\t\tupdate \n\t\t\t\t\t\tsessions \n\t\t\t\t\tset\n\t\t\t\t\t\tlastTouch_ses=NOW(),\n\t\t\t\t\t\tuser_ses='" . sensitiveIO::sanitizeSQLString($user->getUserId()) . "',\n\t\t\t\t\t\tphpid_ses='" . sensitiveIO::sanitizeSQLString(Zend_Session::getId()) . "',\n\t\t\t\t\t\tremote_addr_ses='" . sensitiveIO::sanitizeSQLString(@$_SERVER['REMOTE_ADDR']) . "'"; if (self::$_permanent) { $sql .= ",\n\t\t\t\t\t\tcookie_expire_ses = DATE_ADD(NOW(), INTERVAL " . APPLICATION_COOKIE_EXPIRATION . " DAY)"; } $sql .= "\n\t\t\t\t\twhere\n\t\t\t\t\t \tid_ses='" . sensitiveIO::sanitizeSQLString($id) . "'"; $q = new CMS_query($sql); //if autologin : log it if (in_array(CMS_auth::AUTH_AUTOLOGIN_VALID, self::$_result->getMessages())) { //log autologin session $log = new CMS_log(); $log->logMiscAction(CMS_log::LOG_ACTION_AUTO_LOGIN, $user, 'IP: ' . @$_SERVER['REMOTE_ADDR'] . ', UA: ' . @$_SERVER['HTTP_USER_AGENT']); } } else { //otherwhise, create user session //regenerate session Id Zend_Session::regenerateId(); //delete old session record if any $q = new CMS_query("\n\t\t\t\t\tdelete\n\t\t\t\t\tfrom \n\t\t\t\t\t\tsessions \n\t\t\t\t\twhere \n\t\t\t\t\t\tphpid_ses='" . sensitiveIO::sanitizeSQLString($oldSessionId) . "'"); //insert new session record $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\tsessions\n\t\t\t\t\tset\n\t\t\t\t\t\tlastTouch_ses=NOW(),\n\t\t\t\t\t\tphpid_ses='" . sensitiveIO::sanitizeSQLString(Zend_Session::getId()) . "',\n\t\t\t\t\t\tuser_ses='" . sensitiveIO::sanitizeSQLString($user->getUserId()) . "',\n\t\t\t\t\t\tremote_addr_ses='" . sensitiveIO::sanitizeSQLString(@$_SERVER['REMOTE_ADDR']) . "'\n\t\t\t\t"; if (self::$_permanent) { $sql .= ",\n\t\t\t\t\tcookie_expire_ses = DATE_ADD(NOW(), INTERVAL " . APPLICATION_COOKIE_EXPIRATION . " DAY)"; } $q = new CMS_query($sql); if (!$q->hasError() && self::$_permanent) { // Cookie expire in APPLICATION_COOKIE_EXPIRATION days $expires = time() + 60 * 60 * 24 * APPLICATION_COOKIE_EXPIRATION; CMS_session::setCookie(CMS_session::getAutoLoginCookieName(), base64_encode($q->getLastInsertedID() . '|' . Zend_Session::getId()), $expires); } //log new session $log = new CMS_log(); $log->logMiscAction(CMS_log::LOG_ACTION_LOGIN, $user, 'Permanent cookie: ' . (self::$_permanent ? 'Yes' : 'No') . ', IP: ' . @$_SERVER['REMOTE_ADDR'] . ', UA: ' . @$_SERVER['HTTP_USER_AGENT']); } //set user as currently logged user self::$_userID = $user->getUserId(); } else { if (APPLICATION_USER_TYPE == "frontend" && APPLICATION_ENFORCES_ACCESS_CONTROL) { //set public user as currently logged user self::$_userID = ANONYMOUS_PROFILEUSER_ID; } } //for backward compatibility $_SESSION["cms_context"] = new CMS_context(); }
/** * Duplicate this block * Used to duplicate a CMS_page. * * @param CMS_page $destinationPage, the page receiving a copy of this block * @param boolean $public The precision needed for USERSPACE location * @return CMS_block object */ function duplicate(&$destinationPage, $public = false) { if (SensitiveIO::isPositiveInteger($this->_dbID) && $this->_file) { $table = $this->_getDataTableName(RESOURCE_LOCATION_USERSPACE, $public); //Copy linked file //In new file name, delete reference to old page and add refernce to new one $_newFilename = "p" . $destinationPage->getID() . io::substr($this->_file, io::strpos($this->_file, "_"), io::strlen($this->_file)); if (@is_file(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file) && @copy(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename) && @chmod(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newFilename, octdec(FILES_CHMOD))) { //Public if ($public) { if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $this->_file, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename, octdec(FILES_CHMOD))) { $this->raiseError("Duplicate, copy of new file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newFilename); } } $_newEnlargedFilename = ''; //With enlarged file if ($this->_enlargedFile != '') { $_newEnlargedFilename = "p" . $destinationPage->getID() . io::substr($this->_enlargedFile, io::strpos($this->_enlargedFile, "_"), io::strlen($this->_enlargedFile)); //Edited if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_enlargedFile, PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename, octdec(FILES_CHMOD))) { $this->raiseError("Duplicate, copy of new enlarged file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $_newEnlargedFilename); } //Public if ($public) { if (!@copy(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $this->_enlargedFile, PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename) || !@chmod(PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename, octdec(FILES_CHMOD))) { $this->raiseError("Duplicate, copy of new enlarged file failed : " . PATH_MODULES_FILES_STANDARD_FS . "/public/" . $_newEnlargedFilename); } } } //Save new datas $str_set = "\n\t\t\t\t\t\tpage='" . $destinationPage->getID() . "',\n\t\t\t\t\t\tclientSpaceID='" . $this->_clientSpaceID . "',\n\t\t\t\t\t\trowID='" . $this->_rowID . "',\n\t\t\t\t\t\tblockID='" . $this->_tagID . "',\n\t\t\t\t\t\tlabel='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($this->_label)) . "',\n\t\t\t\t\t\tfile='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($_newFilename)) . "',\n\t\t\t\t\t\texternalLink='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($this->_externalLink)) . "',\n\t\t\t\t\t\tenlargedFile='" . SensitiveIO::sanitizeSQLString(SensitiveIO::stripPHPTags($_newEnlargedFilename)) . "'\n\t\t\t\t"; $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\t" . $table . "\n\t\t\t\t\tset\n\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t"; $q = new CMS_query($sql); if (!$q->hasError()) { //Table Edition $sql = "\n\t\t\t\t\t\tinsert into\n\t\t\t\t\t\t\t" . $this->_getDataTableName(RESOURCE_LOCATION_EDITION, false) . "\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tid='" . $q->getLastInsertedID() . "',\n\t\t\t\t\t\t\t" . $str_set . "\n\t\t\t\t\t"; $q = new CMS_query($sql); return !$q->hasError(); } else { $this->raiseError("Duplicate, SQL insertion of new filename failed : " . $sql); } } else { $this->raiseError("Duplicate, copy of file failed :" . PATH_MODULES_FILES_STANDARD_FS . "/edited/" . $this->_file); } } return false; }
/** * Writes the resourceStatus into persistence (MySQL for now). * * @return boolean true on success, false on failure * @access public */ function writeToPersistence() { //first adjust publication and start publication date $this->_adjustPublication(); if ($this->_publicationDateStart->isNull()) { $this->_publicationDateStart->setNow(); } $sql_fields = "\n\t\t\tlocation_rs='" . SensitiveIO::sanitizeSQLString($this->_location) . "',\n\t\t\tproposedFor_rs='" . SensitiveIO::sanitizeSQLString($this->_proposedFor) . "',\n\t\t\teditions_rs='" . SensitiveIO::sanitizeSQLString($this->_editions) . "',\n\t\t\tvalidationsRefused_rs='" . SensitiveIO::sanitizeSQLString($this->_validationsRefused) . "',\n\t\t\tpublication_rs='" . SensitiveIO::sanitizeSQLString($this->_publication) . "',\n\t\t\tpublicationDateStart_rs='" . $this->_publicationDateStart->getDBValue() . "',\n\t\t\tpublicationDateEnd_rs='" . $this->_publicationDateEnd->getDBValue() . "',\n\t\t\tpublicationDateStartEdited_rs='" . $this->_publicationDateStartEdited->getDBValue() . "',\n\t\t\tpublicationDateEndEdited_rs='" . $this->_publicationDateEndEdited->getDBValue() . "'\n\t\t"; if ($this->_id) { $sql = "\n\t\t\t\tupdate\n\t\t\t\t\tresourceStatuses\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_rs='" . $this->_id . "'\n\t\t\t"; } else { $sql = "\n\t\t\t\tinsert into\n\t\t\t\t\tresourceStatuses\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields; } $q = new CMS_query($sql); if ($q->hasError()) { return false; } elseif (!$this->_id) { $this->_id = $q->getLastInsertedID(); } return true; }