function xanth_db_install_settings()
{
//settings
xanth_db_query("\r\n\t\tCREATE TABLE settings (\r\n\t\tsite_name VARCHAR(256) NOT NULL,\r\n\t\tsite_description VARCHAR(512) NOT NULL,\r\n\t\tsite_keywords VARCHAR(128) NOT NULL,\r\n\t\tsite_theme VARCHAR(32) NOT NULL\r\n\t\t)TYPE=InnoDB");
xanth_db_query("INSERT INTO settings (site_name,site_description,site_keywords,site_theme) VALUES ('','','','')");
$access = new xAccessRule('manage settings', 'Settings');
$access->insert();
}
function xanth_db_install_view_mode()
{
//visual element
xanth_db_query("\r\n\t\tCREATE TABLE visual_element (\r\n\t\tname VARCHAR(32) NOT NULL,\r\n\t\tPRIMARY KEY (name)\r\n\t\t)TYPE=InnoDB");
//display mode
xanth_db_query("\r\n\t\tCREATE TABLE view_mode (\r\n\t\tid INT UNSIGNED AUTO_INCREMENT,\r\n\t\tname VARCHAR(32) NOT NULL,\r\n\t\trelative_visual_element VARCHAR(32) NOT NULL,\r\n\t\tdefault_for_element TINYINT UNSIGNED NOT NULL,\r\n\t\tdisplay_procedure TEXT NOT NULL,\r\n\t\tPRIMARY KEY (id),\r\n\t\tINDEX(relative_visual_element),\r\n\t\tFOREIGN KEY (relative_visual_element) REFERENCES visual_element(name) ON DELETE CASCADE\r\n\t\t)TYPE=InnoDB");
//access rule
$access = new xAccessRule('manage view_mode', 'View Mode');
$access->insert();
}
function xanth_db_install_category()
{
//category
xanth_db_query("\r\n\t\tCREATE TABLE category (\r\n\t\tid INT UNSIGNED NOT NULL AUTO_INCREMENT,\r\n\t\ttitle VARCHAR(255) NOT NULL,\r\n\t\tdescription TEXT NOT NULL,\r\n\t\tview_mode_id INT UNSIGNED,\r\n\t\tparent_id INT UNSIGNED,\r\n\t\tPRIMARY KEY (id),\r\n\t\tUNIQUE(title),\r\n\t\tINDEX(parent_id),\r\n\t\tINDEX(view_mode_id),\r\n\t\tFOREIGN KEY(parent_id) REFERENCES category(id) ON DELETE CASCADE,\r\n\t\tFOREIGN KEY(view_mode_id) REFERENCES view_mode(id) ON DELETE SET NULL\r\n\t\t)TYPE=InnoDB");
//category to entry type
xanth_db_query("\r\n\t\tCREATE TABLE category_to_entry_type (\r\n\t\tcat_id INT UNSIGNED NOT NULL,\r\n\t\tentry_type VARCHAR(32) NOT NULL,\r\n\t\tUNIQUE(cat_id,entry_type),\r\n\t\tINDEX(cat_id),\r\n\t\tINDEX(entry_type),\r\n\t\tFOREIGN KEY(cat_id) REFERENCES category(id) ON DELETE CASCADE,\r\n\t\tFOREIGN KEY(entry_type) REFERENCES entry_type(name) ON DELETE CASCADE\r\n\t\t)TYPE=InnoDB");
//install some access rule
$access = new xAccessRule('manage category', 'Category');
$access->insert();
}
function xanth_db_install_entry_type()
{
//entry type
xanth_db_query("\r\n\t\tCREATE TABLE entry_type (\r\n\t\tname VARCHAR(32) NOT NULL,\r\n\t\tview_mode_id INT UNSIGNED,\r\n\t\tPRIMARY KEY (name),\r\n\t\tINDEX(view_mode_id),\r\n\t\tFOREIGN KEY (view_mode_id) REFERENCES view_mode(id) ON DELETE SET NULL\r\n\t\t)TYPE=InnoDB");
$access = new xAccessRule('manage entry type', 'Entry Type');
$access->insert();
//some default tipes
$type = new xEntryType('StaticEntry');
$type->insert();
}
function xanth_db_install_theme()
{
//theme
xanth_db_query("\r\n\t\tCREATE TABLE theme (\r\n\t\tname VARCHAR(32) NOT NULL,\r\n\t\tPRIMARY KEY (name)\r\n\t\t)TYPE=InnoDB");
//theme to elements
xanth_db_query("\r\n\t\tCREATE TABLE theme_to_elements (\r\n\t\ttheme_name VARCHAR(32) NOT NULL,\r\n\t\tvisual_element VARCHAR(32) NOT NULL,\r\n\t\tview_mode INT UNSIGNED NOT NULL,\r\n\t\tUNIQUE (theme_name,visual_element),\r\n\t\tINDEX(theme_name),INDEX(visual_element),INDEX(view_mode),\r\n\t\tFOREIGN KEY (theme_name) REFERENCES theme(name) ON DELETE CASCADE,\r\n\t\tFOREIGN KEY (visual_element) REFERENCES visual_element(name) ON DELETE CASCADE,\r\n\t\tFOREIGN KEY (view_mode) REFERENCES view_mode(id) ON DELETE CASCADE\r\n\t\t)TYPE=InnoDB");
//theme to elements
xanth_db_query("\r\n\t\tCREATE TABLE theme_area (\r\n\t\tname VARCHAR(32) NOT NULL,\r\n\t\tview_mode INT UNSIGNED,\r\n\t\tPRIMARY KEY (name),\r\n\t\tINDEX(view_mode),\r\n\t\tFOREIGN KEY (view_mode) REFERENCES view_mode(id) ON DELETE SET NULL\r\n\t\t)TYPE=InnoDB");
//register new visual element
$element = new xVisualElement('area');
$element->insert();
//...and the default view mode
$proc = '
$output = \'\';
foreach($boxes as $box)
{
$output .= "<div class=\\"box\\">$box</div>";
}
return $output;
';
$view = new xViewMode(0, 'Default area view', 'area', TRUE, $proc);
$view->insert();
//content area view mode
$proc = '
return $page_content;
';
$content_view = new xViewMode(0, 'Content area view', 'area', FALSE, $proc);
$content_view->insert();
//footer area view mode
$proc = '
return \'Page created with \'. xPageElement::get_db_query_count() .\' queries in \'.xPageElement::get_execution_time().\' seconds\';
';
$foot_view = new xViewMode(0, 'Footer area view', 'area', FALSE, $proc);
$foot_view->insert();
//default theme areas
$area = new xThemeArea('sidebar left');
$area->insert();
$area = new xThemeArea('content', $content_view->id);
$area->insert();
$area = new xThemeArea('footer', $foot_view->id);
$area->insert();
//access rule
$access = new xAccessRule('manage theme', 'Theme');
$access->insert();
}
function xanth_db_install_box()
{
//box
xanth_db_query("\r\n\t\tCREATE TABLE box (\r\n\t\tname VARCHAR(64) NOT NULL,\r\n\t\ttitle VARCHAR(255),\r\n\t\tcontent TEXT,\r\n\t\tcontent_format VARCHAR(64) NOT NULL,\r\n\t\tarea VARCHAR(32),\r\n\t\tis_user_defined TINYINT NOT NULL,\r\n\t\tPRIMARY KEY(name),\r\n\t\tINDEX(content_format),\r\n\t\tFOREIGN KEY(content_format) REFERENCES content_format(name)\r\n\t\t)TYPE=InnoDB");
//install a new visual element
$element = new xVisualElement('box');
$element->insert();
//...and the default view mode
$proc = '
return \'<strong>\' . $this->title .\'</strong> <br />\' . $this->content;
';
$view = new xViewMode(0, 'Default box view', 'box', TRUE, $proc);
$view->insert();
//another view mode for box
$proc = '
return $this->content;
';
$view = new xViewMode(0, 'Box view without title', 'box', FALSE, $proc);
$view->insert();
//install some access rule
$access = new xAccessRule('manage box', 'Box');
$access->insert();
}
function xanth_db_install_entry()
{
//entry
xanth_db_query("\r\n\t\tCREATE TABLE entry (\r\n\t\tid INT UNSIGNED NOT NULL AUTO_INCREMENT,\r\n\t\ttitle VARCHAR(256) NOT NULL,\r\n\t\ttype VARCHAR(32) NOT NULL,\r\n\t\tauthor VARCHAR(64) NOT NULL,\r\n\t\tcontent TEXT NOT NULL,\r\n\t\tcontent_format VARCHAR(64) NOT NULL,\r\n\t\tpublished TINYINT NOT NULL,\r\n\t\tdescription VARCHAR(512) NOT NULL,\r\n\t\tkeywords VARCHAR(128) NOT NULL,\r\n\t\tcreation_time TIMESTAMP NOT NULL,\r\n\t\tPRIMARY KEY (id),\r\n\t\tINDEX(type),\r\n\t\tINDEX(content_format),\r\n\t\tFOREIGN KEY(content_format) REFERENCES content_format(name) ON DELETE RESTRICT,\r\n\t\tFOREIGN KEY(type) REFERENCES entry_type(name) ON DELETE RESTRICT\r\n\t\t)TYPE=InnoDB");
//category to entry
xanth_db_query("\r\n\t\tCREATE TABLE categorytoentry (\r\n\t\tentryId INT UNSIGNED NOT NULL,\r\n\t\tcatId INT UNSIGNED NOT NULL,\r\n\t\tUNIQUE(entryId,catId),\r\n\t\tINDEX(entryId),\r\n\t\tINDEX(catId),\r\n\t\tFOREIGN KEY(entryId) REFERENCES entry(id) ON DELETE CASCADE,\r\n\t\tFOREIGN KEY(catId) REFERENCES category(id) ON DELETE CASCADE\r\n\t\t)TYPE=InnoDB");
//install a new visual element
$element = new xVisualElement('entry');
$element->insert();
//...and the default view mode
$proc = '
return \'<div class="title">\'.$this->title.\'</div><div class="body">\'.$this->content.\'</div>\';
';
$view = new xViewMode(0, 'Default entry view', 'entry', TRUE, $proc);
$view->insert();
//install some access rule
$access = new xAccessRule('view entry', 'Entry');
$access->insert();
$access = new xAccessRule('create entry', 'Entry');
$access->insert();
$access = new xAccessRule('edit entry', 'Entry');
$access->insert();
}
/**
*
*/
function check_current_user_access($access_rule)
{
if (xanth_conf_get('debug', FALSE)) {
if (!xAccessRule::exists($access_rule)) {
xanth_log(LOG_LEVEL_DEBUG, 'Access rule "' . $access_rule . '" does not exists', 'User');
}
}
$userid = xUser::get_current_userid();
if ($userid !== NULL) {
//if user has admin role bypass check
$result = xanth_db_query("SELECT * FROM user_to_role WHERE userid = %d AND roleName = '%s'", $userid, 'administrator');
if ($row = xanth_db_fetch_array($result)) {
return TRUE;
}
//select other roles
$result = xanth_db_query("SELECT role_access_rule.access_rule FROM user_to_role,role_access_rule WHERE \r\n\t\t\t\tuser_to_role.userid = %d AND (role_access_rule.roleName = user_to_role.roleName OR role_access_rule.roleName = '%s') \r\n\t\t\t\tAND\trole_access_rule.access_rule = '%s'", $userid, 'authenticated', $access_rule);
} else {
$result = xanth_db_query("SELECT role_access_rule.access_rule FROM role_access_rule WHERE \r\n\t\t\t\trole_access_rule.roleName = '%s' AND role_access_rule.access_rule = '%s'", 'anonymous', $access_rule);
}
if ($row = xanth_db_fetch_array($result)) {
return TRUE;
}
return FALSE;
}
