public function doExecute()
{
// if supplied in url, use that (for future API use)
$username = $this->request->getProperty("username");
if (!$username) {
// default to logged in user
$username = $this->request->getSession("username");
}
// default names for if we have to create a new category.
// can be sent with HTTP request, otherwise we have hard coded defaults.
$strNewSubject = $this->registry->getConfig("default_collection_name", false, "My Saved Databases");
$strNormalizedSubject = Xerxes_Data_Category::normalize($strNewSubject);
// we can only do this if we have a real user (not temp user)
if ($username == null || !Xerxes_Framework_Restrict::isAuthenticatedUser($this->request)) {
throw new Xerxes_Exception_AccessDenied("text_collections_error_not_logged_in");
}
$objData = new Xerxes_DataMap();
//$arrResults = $objData->getUserCreatedCategories($username, "id");
$arrResults = $objData->getUserCreatedCategories($username);
// find the default one, if present.
$redirectCategory = null;
for ($i = 0; $i < count($arrResults); $i++) {
$iCat = $arrResults[$i];
if ($iCat->normalized == $strNormalizedSubject) {
$redirectCategory = $iCat;
break;
}
}
// Couldn't find it? Have to make one.
if (empty($redirectCategory)) {
//Create one
$redirectCategory = $this->addDefaultCollection($objData, $username);
}
/* This doesn't work right yet, although it's a nice idea.
else {
// Okay, let's make sure our default category has at least one
// section, which it always ought to, but data corruption sometimes,
// and we can fix it up. Got to refetch it to get it's subcategories.
$redirectCategory = $objData->getSubject( $redirectCategory->normalized, null, Xerxes_DataMap::userCreatedMode, $redirectCategory->username);
if ( count($redirectCategory->subcategories) == 0) {
// add the default one
$this->addDefaultSubcategory($objData, $redirectCategory);
}
}*/
// and redirect
$url = $this->request->url_for(array('base' => 'collections', 'action' => 'subject', 'username' => $username, 'subject' => $redirectCategory->normalized));
$this->request->setRedirect($url);
return 1;
}
public function doExecute()
{
// If supplied in URL, use that (for future API use).
// Nevermind, this is a privacy problem until we right access
// controls for that future API use.
//$username = $this->request->getProperty("username");
//if ( ! $username ) {
// default to logged in user
$username = $this->request->getSession("username");
//}
// we can only do this if we have a real user (not temp user), otherwise
// just add no XML.
if ($username == null || !Xerxes_Framework_Restrict::isAuthenticatedUser($this->request)) {
return 0;
}
$objXml = new DOMDOcument();
$objData = new Xerxes_DataMap();
$arrResults = $objData->getUserCreatedCategories($username);
$x = 1;
if (count($arrResults) > 0) {
$objXml->loadXML("<userCategories />");
foreach ($arrResults as $objCategoryData) {
$objCategory = $objXml->createElement("category");
$objCategory->setAttribute("position", $x);
foreach ($objCategoryData->properties() as $key => $value) {
if ($value != null) {
$objElement = $objXml->createElement("{$key}", Xerxes_Framework_Parser::escapeXml($value));
$objCategory->appendChild($objElement);
}
}
// add the url for the category
$arrParams = array("base" => "collections", "action" => "subject", "username" => $username, "subject" => $objCategoryData->normalized);
$url = Xerxes_Framework_Parser::escapeXml($this->request->url_for($arrParams));
$objElement = $objXml->createElement("url", $url);
$objCategory->appendChild($objElement);
$objXml->documentElement->appendChild($objCategory);
$x++;
}
}
$this->request->addDocument($objXml);
return 1;
}
/**
* Determines if the database is searchable by user
*
* @param Xerxes_Data_Database $db
* @param Xerxes_Framework_Request $objRequest Xerxes request object
* @param Xerxes_Framework_Registry $objRegistry Xerxes registry object
* @return unknown
*/
public static function dbSearchableForUser(Xerxes_Data_Database $db, $objRequest, $objRegistry)
{
$allowed = "";
if ($db->searchable != 1) {
//nobody can search it!
$allowed = false;
} elseif ($db->guest_access != "") {
//anyone can search it!
$allowed = true;
} elseif (count($db->group_restrictions) > 0) {
// they have to be authenticated, and in a group that is included
// in the restrictions, or in an ip address associated with a
// restricted group.
$allowed = Xerxes_Framework_Restrict::isAuthenticatedUser($objRequest) && array_intersect($_SESSION["user_groups"], $db->group_restrictions);
if (!$allowed) {
// not by virtue of a login, but now check for ip address
$ranges = array();
foreach ($db->get("group_restrictions") as $group) {
$ranges[] = $objRegistry->getGroupLocalIpRanges($group);
}
$allowed = Xerxes_Framework_Restrict::isIpAddrInRanges($objRequest->getServer('REMOTE_ADDR'), implode(",", $ranges));
}
} else {
// ordinary generally restricted resource. they need to be
// an authenticated user, or in the local ip range.
if (Xerxes_Framework_Restrict::isAuthenticatedUser($objRequest) || Xerxes_Framework_Restrict::isIpAddrInRanges($objRequest->getServer('REMOTE_ADDR'), $objRegistry->getConfig("LOCAL_IP_RANGE"))) {
$allowed = true;
}
}
return $allowed;
}
/**
* Retrieve master XML and all request paramaters
*
* @param bool $bolHideServer [optional] true will exclude the server variables from the response, default false
*
* @return DOMDocument
*/
public function toXML($bolHideServer = false)
{
$objRegistry = Xerxes_Framework_Registry::getInstance();
// add the url parameters and session and server global arrays
// to the master xml document
$objXml = new DOMDocument();
$objXml->loadXML("<request />");
// session and server global arrays will have parent elements
// but querystring and cookie params will be at the root of request
$this->addElement($objXml, $objXml->documentElement, $this->arrParams);
// add the session global array
$objSession = $objXml->createElement("session");
$objXml->documentElement->appendChild($objSession);
$this->addElement($objXml, $objSession, $_SESSION);
// we might add some calculated thigns to xml that aren't actually
// stored in session.
// okay, yeah, we already have group memberships listed from the session,
// but it doesn't have all the data we need, plus we need to stick
// group memberships by virtue of IP address.
$objAuth = $objXml->createElement("authorization_info");
$objXml->documentElement->appendChild($objAuth);
// are they an affiliated user at all, meaning either logged in or
// ip recognized?
$authUser = Xerxes_Framework_Restrict::isAuthenticatedUser($this);
$authIP = Xerxes_Framework_Restrict::isIpAddrInRanges($this->getServer('REMOTE_ADDR'), $objRegistry->getConfig("local_ip_range"));
$objElement = $objXml->createElement("affiliated", $authUser || $authIP ? "true" : "false");
$objElement->setAttribute("user_account", $authUser ? "true" : "false");
$objElement->setAttribute("ip_addr", $authIP ? "true" : "false");
$objAuth->appendChild($objElement);
// now each group
$arrGroups = $objRegistry->userGroups();
if ($arrGroups != null) {
foreach ($objRegistry->userGroups() as $group) {
$authUser = array_key_exists("user_groups", $_SESSION) && is_array($_SESSION["user_groups"]) && in_array($group, $_SESSION["user_groups"]);
$authIP = Xerxes_Framework_Restrict::isIpAddrInRanges($this->getServer('REMOTE_ADDR'), $objRegistry->getGroupLocalIpRanges($group));
$objElement = $objXml->createElement("group", $authUser || $authIP ? "true" : "false");
$objElement->setAttribute("id", $group);
$objElement->setAttribute("display_name", $objRegistry->getGroupDisplayName($group));
$objElement->setAttribute("user_account", $authUser ? "true" : "false");
$objElement->setAttribute("ip_addr", $authIP ? "true" : "false");
$objAuth->appendChild($objElement);
}
}
// add the server global array, but only if the request
// asks for it, for security purposes
if ($bolHideServer == true) {
$objServer = $objXml->createElement("server");
$objXml->documentElement->appendChild($objServer);
$this->addElement($objXml, $objServer, $_SERVER);
}
// add to the master xml document
$this->addDocument($objXml);
// once added, now return the master xml document
return $this->xml;
}
public function doExecute()
{
$objXml = new DOMDocument();
$objXml->loadXML("<navbar />");
### saved records link
$arrLink = array("base" => "folder");
// make sure there is no return if coming from login to prevent a spider
// from thinking this is a different page
if ($this->request->getProperty("base") != "authenticate") {
$arrLink["return"] = $this->request->getServer("REQUEST_URI");
}
$savedRecordsLink = $this->addNavbarElement($objXml, "saved_records", $arrLink);
// add numSavedRecords and sessionSavedRecords for proper icon display
$objData = new Xerxes_DataMap();
$num = $objData->totalRecords($this->request->getSession("username"));
$savedRecordsLink->setAttribute("numSavedRecords", (string) $num);
$savedRecordsLink->setAttribute("numSessionSavedRecords", Xerxes_Helper::numMarkedSaved());
### my collections (i.e., databases)
$arrCollectionUrl = array("base" => "collections", "action" => "list");
if (Xerxes_Framework_Restrict::isAuthenticatedUser($this->request)) {
$arrCollectionUrl["username"] = $this->request->getSession("username");
}
$this->addNavbarElement($objXml, "saved_collections", $arrCollectionUrl);
### authentication
// tell it to force an https url if so configured.
$force_secure_login = false;
if ($this->registry->getConfig("secure_login", false) == "true") {
$force_secure_login = true;
}
// login
$this->addNavbarElement($objXml, "login", array("base" => "authenticate", "action" => "login", "return" => $this->request->getServer("REQUEST_URI")), $force_secure_login);
// logout
$this->addNavbarElement($objXml, "logout", array("base" => "authenticate", "action" => "logout", "return" => $this->request->getServer("REQUEST_URI")));
### db alphabetical list
$this->addNavbarElement($objXml, "database_list", array("base" => "databases", "action" => "alphabetical"));
### languages
$languages = $this->registry->getConfig("LANGUAGES", false);
if ($languages != null) {
// map locales to language codes
foreach ($languages as $language) {
$order = NULL;
$code = NULL;
foreach ($language->attributes() as $name => $val) {
if ($name == "code") {
$code = (string) $val;
}
if ($name == "locale") {
$locale = (string) $val;
if ($locale == '') {
$locale = 'C';
}
}
}
$locales[$code] = $locale;
}
$languages_xml = $objXml->createElement("languages");
$objXml->documentElement->appendChild($languages_xml);
$language_names = Xerxes_Framework_Languages::getInstance();
foreach ($languages->language as $language) {
$code = (string) $language["code"];
$readable_name = $language_names->getNameFromCode("iso_639_2B_code", $code, $locales[$code]);
$native_name = $language_names->getNameFromCode("iso_639_2B_code", $code);
$language_node = $objXml->createElement("language");
$languages_xml->appendChild($language_node);
$language_node->setAttribute("code", $code);
$language_node->setAttribute("name", $readable_name);
$language_node->setAttribute("native_name", $native_name);
$language_node->setAttribute("locale", $locales[$code]);
// link back to home page
$current_params = $this->request->getURIProperties();
// this page
// this is necessary on the home page
if (!array_key_exists("base", $current_params)) {
$current_params["base"] = "";
}
// subject pages can't support a swap, so send user back to home page
if (($current_params["base"] == "databases" || $current_params["base"] == "embed") && array_key_exists("subject", $current_params)) {
$current_params = array();
$current_params["base"] = "";
}
// add the languages
$current_params["lang"] = $code;
// with language set
$url = $this->request->url_for($current_params);
$language_node->setAttribute("url", $url);
}
}
$this->request->addDocument($objXml);
return 1;
}
