/** * utility function to pass individual item links to a caller * * @param $args['itemids'] array of item ids to get * @return array Array containing the itemlink(s) for the item(s). */ function publications_userapi_getitemlinks($args) { $itemlinks = array(); sys::import('xaraya.structures.query'); $xartable = xarDB::getTables(); $q = new Query('SELECT', $xartable['publications']); $q->addfield('id'); $q->addfield('title'); $q->addfield('description'); $q->addfield('pubtype_id'); $q->in('state', array(3, 4)); if (!empty($args['itemids'])) { $itemids = explode(',', $args['itemids']); $q->in('id', $itemids); } $q->addorder('title'); $q->run(); $result = $q->output(); if (empty($result)) { return $itemlinks; } foreach ($result as $item) { if (empty($item['title'])) { $item['title'] = xarML('Display Publication'); } $itemlinks[$item['id']] = array('url' => xarModURL('publications', 'user', 'display', array('id' => $item['id'])), 'title' => $item['title'], 'label' => $item['description']); } return $itemlinks; }
/** * Publications Module * * @package modules * @subpackage publications module * @category Third Party Xaraya Module * @version 2.0.0 * @copyright (C) 2011 Netspan AG * @license GPL {@link http://www.gnu.org/licenses/gpl.html} * @author Marc Lutolf <*****@*****.**> */ function publications_adminapi_delete($args) { // Get arguments from argument array extract($args); // Argument check if (!isset($itemid)) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'publication ID', 'admin', 'delete', 'Publications'); throw new BadParameterException(null, $msg); } $ids = !is_array($itemid) ? explode(',', $itemid) : $itemid; if (!isset($deletetype)) { $deletetype = 0; } sys::import('xaraya.structures.query'); $table = xarDB::getTables(); switch ($deletetype) { case 0: default: $q = new Query('UPDATE', $table['publications']); $q->addfield('state', 0); break; case 10: $q = new Query('DELETE', $table['publications']); break; } $q->in('id', $ids); if (!$q->run()) { return false; } return true; }
function publications_userapi_pageintrees($args) { extract($args); if (!isset($pid) || !is_numeric($pid) || !isset($tree_roots) || !is_array($tree_roots)) { return false; } $xartable = xarDB::getTables(); $dbconn = xarDB::getConn(); // For the page to be somewhere in a tree, identified by the root of that tree, // it's xar_left column must be between the xar_left and xar_right columns // of the tree root. $query = 'SELECT COUNT(*)' . ' FROM ' . $xartable['publications'] . ' AS testpage' . ' INNER JOIN ' . $xartable['publications'] . ' AS testtrees' . ' ON testpage.leftpage_id BETWEEN testtrees.leftpage_id AND testtrees.rightpage_id' . ' AND testtrees.id IN (?' . str_repeat(',?', count($tree_roots) - 1) . ')' . ' WHERE testpage.id = ?'; // Add the pid onto the tree roots to form the full bind variable set. $tree_roots[] = $pid; $result = $dbconn->execute($query, $tree_roots); if (!$result || $result->EOF) { return false; } list($count) = $result->fields; if ($count > 0) { return true; } else { return false; } }
/** * @returns int (calendar id on success, false on failure) */ function calendar_adminapi_create_calendars($args) { extract($args); // argument check if (!isset($calname)) { $msg = xarML('Calendar name not specified', 'admin', 'create', 'calendar'); throw new Exception($msg); } // TODO: should I move these two issets to the admin function // admin/create_calendars.php? --amoro if (!isset($mod_id)) { $module = xarController::$request->getInfo(); $mod_id = xarMod::getRegID($module[0]); } if (!isset($role_id)) { $role_id = xarSession::getVar('role_id'); } // Load up database details. $dbconn = xarDB::getConn(); $xartable = xarDB::getTables(); $caltable = $xartable['calendars']; // Insert instance details. $nextId = $dbconn->GenId($caltable); $query = 'INSERT INTO ' . $caltable . ' ( xar_id, xar_role_id, xar_mod_id, xar_name ) VALUES (?, ?, ?, ?)'; $result =& $dbconn->Execute($query, array($nextId, $role_id, $mod_id, $calname)); if (!$result) { return; } // Get ID of row inserted. $calendid = $dbconn->PO_Insert_ID($caltable, 'xar_id'); // If not database type also add file info // Allow duplicate files here, to make it easier to delete them // WARNING: if somebody changes this you should also change the // delete function to avoid major dataloss!!! --amoro if ($addtype != 'db') { $filestable = $xartable['calfiles']; $cal_filestable = $xartable['calendars_files']; $nextID = $dbconn->GenId($filestable); $query = 'INSERT INTO ' . $filestable . ' ( xar_id, xar_path ) VALUES (?, ?)'; $result =& $dbconn->Execute($query, array($nextID, $fileuri)); // Get ID of row inserted. $fileid = $dbconn->PO_Insert_ID($filestable, 'xar_id'); $query = 'INSERT INTO ' . $cal_filestable . ' ( xar_calendars_id, xar_files_id ) VALUES (?, ?)'; $result =& $dbconn->Execute($query, array($calendid, $fileid)); } return $calendid; }
/** * Create a new publication type * * @param $args['name'] name of the publication type * @param $args['descr'] description of the publication type * @param $args['config'] configuration of the publication type * @return int publication type ID on success, false on failure */ function publications_adminapi_createpubtype($args) { // Get arguments from argument array extract($args); // Argument check - make sure that all required arguments are present // and in the right format, if not then set an appropriate error // message and return // Note : since we have several arguments we want to check here, we'll // report all those that are invalid at the same time... $invalid = array(); if (!isset($name) || !is_string($name) || empty($name)) { $invalid[] = 'name'; } if (!isset($config) || !is_array($config) || count($config) == 0) { $invalid[] = 'configuration'; } if (count($invalid) > 0) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', join(', ', $invalid), 'admin', 'createpubtype', 'Publications'); throw new BadParameterException(null, $msg); } if (empty($descr)) { $descr = $name; } // Publication type names *must* be lower-case for now $name = strtolower($name); // Security check - we require ADMIN rights here if (!xarSecurityCheck('AdminPublications')) { return; } if (!xarModAPILoad('publications', 'user')) { return; } // Make sure we have all the configuration fields we need $pubfields = xarModAPIFunc('publications', 'user', 'getpubfields'); foreach ($pubfields as $field => $value) { if (!isset($config[$field])) { $config[$field] = ''; } } // Get database setup $dbconn = xarDB::getConn(); $xartable = xarDB::getTables(); $pubtypestable = $xartable['publication_types']; // Get next ID in table $nextId = $dbconn->GenId($pubtypestable); // Insert the publication type $query = "INSERT INTO {$pubtypestable} (pubtype_id, pubtypename,\n pubtypedescr, pubtypeconfig)\n VALUES (?,?,?,?)"; $bindvars = array($nextId, $name, $descr, serialize($config)); $result =& $dbconn->Execute($query, $bindvars); if (!$result) { return; } // Get ptid to return $ptid = $dbconn->PO_Insert_ID($pubtypestable, 'pubtype_id'); // Don't call creation hooks here... //xarModCallHooks('item', 'create', $ptid, 'ptid'); return $ptid; }
function calendar_userapi_getevents($args) { extract($args); $xartable = xarDB::getTables(); $q = new Query('SELECT'); $q->addtable($xartable['calendar_event']); $q->ge('start_time', $day->thisDay(TRUE)); $q->lt('start_time', $day->nextDay(TRUE)); if (!$q->run()) { return; } return $q->output(); }
/** * Delete a publication type * * @param $args['ptid'] ID of the publication type * @return bool true on success, false on failure */ function publications_adminapi_deletepubtype($args) { // Get arguments from argument array extract($args); // Argument check - make sure that all required arguments are present // and in the right format, if not then set an appropriate error // message and return if (!isset($ptid) || !is_numeric($ptid) || $ptid < 1) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'publication type ID', 'admin', 'deletepubtype', 'Publications'); throw new BadParameterException(null, $msg); } // Security check - we require ADMIN rights here if (!xarSecurityCheck('AdminPublications', 1, 'Publication', "{$ptid}:All:All:All")) { return; } // Load user API to obtain item information function if (!xarModAPILoad('publications', 'user')) { return; } // Get current publication types $pubtypes = xarModAPIFunc('publications', 'user', 'get_pubtypes'); if (!isset($pubtypes[$ptid])) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'publication type ID', 'admin', 'deletepubtype', 'Publications'); throw new BadParameterException(null, $msg); } // Get database setup $dbconn = xarDB::getConn(); $xartable = xarDB::getTables(); $pubtypestable = $xartable['publication_types']; // Delete the publication type $query = "DELETE FROM {$pubtypestable}\n WHERE pubtype_id = ?"; $result =& $dbconn->Execute($query, array($ptid)); if (!$result) { return; } $publicationstable = $xartable['publications']; // Delete all publications for this publication type $query = "DELETE FROM {$publicationstable}\n WHERE pubtype_id = ?"; $result =& $dbconn->Execute($query, array($ptid)); if (!$result) { return; } // TODO: call some kind of itemtype delete hooks here, once we have those //xarModCallHooks('itemtype', 'delete', $ptid, // array('module' => 'publications', // 'itemtype' =>'ptid')); return true; }
/** * Given an itemid, get the publication type * CHECKME: use get in place of this function? */ function publications_userapi_getitempubtype($args) { if (empty($args['itemid'])) { throw new MissingParameterException('itemid'); } sys::import('xaraya.structures.query'); $xartables = xarDB::getTables(); $q = new Query('SELECT', $xartables['publications']); $q->addfield('pubtype_id'); $q->eq('id', $args['itemid']); if (!$q->run()) { return; } $result = $q->row(); if (empty($result)) { return 0; } return $result['pubtype_id']; }
/** * Given an itemid, get the publication type * CHECKME: use get in place of this function? */ function publications_userapi_getpubtypeaccess($args) { if (empty($args['name'])) { throw new MissingParameterException('name'); } sys::import('xaraya.structures.query'); $xartables = xarDB::getTables(); $q = new Query('SELECT', $xartables['publications_types']); $q->addfield('access'); $q->eq('name', $args['name']); if (!$q->run()) { return; } $result = $q->row(); if (empty($result)) { return "a:0:{}"; } return $result['access']; }
/** * get the number of publications per publication type * @param $args['state'] array of requested status(es) for the publications * @return array array(id => count), or false on failure */ function publications_userapi_getpubcount($args) { if (!empty($args['state'])) { $statestring = 'all'; } else { if (is_array($args['state'])) { sort($args['state']); $statestring = join('+', $args['state']); } else { $statestring = $args['state']; } } if (xarVarIsCached('Publications.PubCount', $statestring)) { return xarVarGetCached('Publications.PubCount', $statestring); } $pubcount = array(); $dbconn = xarDB::getConn(); $tables = xarDB::getTables(); sys::import('xaraya.structures.query'); $q = new Query('SELECT', $tables['publications']); $q->addfield('pubtype_id'); $q->addfield('COUNT(state) AS count'); $q->addgroup('pubtype_id'); if (!empty($args['state'])) { } else { if (is_array($args['state'])) { $q->in('state', $args['state']); } else { $q->eq('state', $args['state']); } } // $q->qecho(); if (!$q->run()) { return; } $pubcount = array(); foreach ($q->output() as $key => $value) { $pubcount[$value['pubtype_id']] = $value['count']; } xarVarSetCached('Publications.PubCount', $statestring, $pubcount); return $pubcount; }
public function encode(xarRequest $request) { if ($request->getType() == 'admin') { return parent::encode($request); } $params = $request->getFunctionArgs(); $path = array(); switch ($request->getFunction()) { case 'search': $path[] = 'search'; $path = array_merge($path, $params); break; case 'view': $path[] = 'view'; if (isset($params['ptid'])) { if (xarModVars::get('publications', 'usetitleforurl')) { // Get all publication types present if (empty($this->pubtypes)) { $this->pubtypes = xarModAPIFunc('publications', 'user', 'get_pubtypes'); } // Match to the function token foreach ($this->pubtypes as $id => $pubtype) { if ($params['ptid'] == $id) { $path[] = strtolower($pubtype['description']); break; } } } else { $path[] = $params['ptid']; } } unset($params['ptid']); break; case 'viewmap': $path[] = 'viewmap'; $params = array(); break; case 'display': if (isset($params['itemid'])) { sys::import('xaraya.structures.query'); xarModLoad('publications'); $xartables = xarDB::getTables(); $q = new Query('SELECT', $xartables['publications']); $q->eq('id', $params['itemid']); $q->addfield('pubtype_id'); $q->addfield('name'); $q->addfield('id'); $q->run(); $result = $q->row(); if (xarModVars::get('publications', 'usetitleforurl')) { // Get all publication types present if (empty($this->pubtypes)) { $this->pubtypes = xarModAPIFunc('publications', 'user', 'get_pubtypes'); } if (!empty($result['pubtype_id'])) { $path[] = strtolower($this->pubtypes[$result['pubtype_id']]['description']); } if (!empty($result['name'])) { $path[] = strtolower($result['name']); } } else { if (!empty($result['id'])) { $path[] = $result['id']; } } } $params = array(); break; case 'main': // We need a page ID to continue, for now. // TODO: allow this to be expanded to page names. if (empty($params['pid'])) { return; } static $pages = NULL; // The components of the path. // $get = $args; // Get the page tree that includes this page. // TODO: Do some kind of cacheing on a tree-by-tree basis to prevent // fetching this too many times. Every time any tree is fetched, anywhere // in this module, it should be added to the cache so it can be used again. // For now we are going to fetch all pages, without DD, to cut down on // the number of queries, although we are making an assumption that the // number of pages is not going to get too high. if (empty($pages)) { // Fetch all pages, with no DD required. $pages = xarMod::apiFunc('publications', 'user', 'getpages', array('dd_flag' => false, 'key' => 'pid')); } // Check that the pid is a valid page. if (!isset($pages[$params['pid']])) { return; } $use_shortest_paths = xarModVars::get('publications', 'shortestpath'); // Consume the pid from the get parameters. $pid = $params['pid']; unset($params['pid']); // 'Consume' the function now we know we have enough information. // unset($params['func']); // Follow the tree up to the root. $pid_follow = $pid; while ($pages[$pid_follow]['parent_key'] != 0) { // TODO: could do with an API to get all aliases for a given module in one go. if (!empty($use_shortest_paths) && xarModGetAlias($pages[$pid_follow]['name']) == 'publications') { break; } array_unshift($path, $pages[$pid_follow]['name']); $pid_follow = $pages[$pid_follow]['parent_key']; } // Do the final path part. array_unshift($path, $pages[$pid_follow]['name']); // If the base path component is not the module alias, then add the // module name to the start of the path. if (xarModGetAlias($pages[$pid_follow]['name']) != 'publications') { // array_unshift($path, 'publications'); } // Now we have the basic path, we can check if there are any custom // URL handlers to handle the remainder of the GET parameters. // The handler is placed into the xarencodeapi API directory, and will // return two arrays: 'path' with path components and 'get' with // any unconsumed (or new) get parameters. if (!empty($pages[$pid]['encode_url'])) { $extra = xarMod::apiFunc('publications', 'encode', $pages[$pid]['encode_url'], $get, false); if (!empty($extra)) { // The handler has supplied some further short URL path components. if (!empty($extra['path'])) { $path = array_merge($path, $extra['path']); } // Assume it has consumed some GET parameters too. // Take what is left (i.e. unconsumed). if (isset($extra['get']) && is_array($extra['get'])) { $get = $extra['get']; } } } break; default: return; break; } // Encode the processed params $request->setFunction($this->getFunction($path)); // Send the unprocessed params back $request->setFunctionArgs($params); return parent::encode($request); }
/** * count number of items depending on additional module criteria * * @param array group * @return array number of items with descriptors */ function publications_adminapi_getstats($args) { extract($args); $allowedfields = array('pubtype_id', 'state', 'owner', 'locale', 'pubdate_year', 'pubdate_month', 'pubdate_day'); if (empty($group)) { $group = array(); } $newfields = array(); $newgroups = array(); foreach ($group as $field) { if (empty($field) || !in_array($field, $allowedfields)) { continue; } if ($field == 'pubdate_year') { $dbtype = xarDB::getType(); switch ($dbtype) { case 'mysql': $newfields[] = "LEFT(FROM_UNIXTIME(start_date),4) AS myyear"; $newgroups[] = "myyear"; break; case 'postgres': $newfields[] = "TO_CHAR(ABSTIME(start_date),'YYYY') AS myyear"; // CHECKME: do we need to use TO_CHAR(...) for the group field too ? $newgroups[] = "myyear"; break; case 'mssql': $newfields[] = "LEFT(CONVERT(VARCHAR,DATEADD(ss,start_date,'1/1/1970'),120),4) as myyear"; $newgroups[] = "LEFT(CONVERT(VARCHAR,DATEADD(ss,start_date,'1/1/1970'),120),4)"; break; // TODO: Add SQL queries for Oracle, etc. // TODO: Add SQL queries for Oracle, etc. default: continue; } } elseif ($field == 'pubdate_month') { $dbtype = xarDB::getType(); switch ($dbtype) { case 'mysql': $newfields[] = "LEFT(FROM_UNIXTIME(start_date),7) AS mymonth"; $newgroups[] = "mymonth"; break; case 'postgres': $newfields[] = "TO_CHAR(ABSTIME(start_date),'YYYY-MM') AS mymonth"; // CHECKME: do we need to use TO_CHAR(...) for the group field too ? $newgroups[] = "mymonth"; break; case 'mssql': $newfields[] = "LEFT(CONVERT(VARCHAR,DATEADD(ss,start_date,'1/1/1970'),120),7) as mymonth"; $newgroups[] = "LEFT(CONVERT(VARCHAR,DATEADD(ss,start_date,'1/1/1970'),120),7)"; break; // TODO: Add SQL queries for Oracle, etc. // TODO: Add SQL queries for Oracle, etc. default: continue; } } elseif ($field == 'pubdate_day') { $dbtype = xarDB::getType(); switch ($dbtype) { case 'mysql': $newfields[] = "LEFT(FROM_UNIXTIME(start_date),10) AS myday"; $newgroups[] = "myday"; break; case 'postgres': $newfields[] = "TO_CHAR(ABSTIME(start_date),'YYYY-MM-DD') AS myday"; // CHECKME: do we need to use TO_CHAR(...) for the group field too ? $newgroups[] = "myday"; break; case 'mssql': $newfields[] = "LEFT(CONVERT(VARCHAR,DATEADD(ss,start_date,'1/1/1970'),120),10) as myday"; $newgroups[] = "LEFT(CONVERT(VARCHAR,DATEADD(ss,start_date,'1/1/1970'),120),10)"; break; // TODO: Add SQL queries for Oracle, etc. // TODO: Add SQL queries for Oracle, etc. default: continue; } } else { $newfields[] = $field; $newgroups[] = $field; } } if (empty($newfields) || count($newfields) < 1) { $newfields = array('pubtype_id', 'state', 'owner'); $newgroups = array('pubtype_id', 'state', 'owner'); } // Database information $dbconn = xarDB::getConn(); $xartables = xarDB::getTables(); $query = 'SELECT ' . join(', ', $newfields) . ', COUNT(*) FROM ' . $xartables['publications'] . ' GROUP BY ' . join(', ', $newgroups) . ' ORDER BY ' . join(', ', $newgroups); $result =& $dbconn->Execute($query); if (!$result) { return; } $stats = array(); while (!$result->EOF) { if (count($newfields) > 3) { list($field1, $field2, $field3, $field4, $count) = $result->fields; $stats[$field1][$field2][$field3][$field4] = $count; } elseif (count($newfields) == 3) { list($field1, $field2, $field3, $count) = $result->fields; $stats[$field1][$field2][$field3] = $count; } elseif (count($newfields) == 2) { list($field1, $field2, $count) = $result->fields; $stats[$field1][$field2] = $count; } elseif (count($newfields) == 1) { list($field1, $count) = $result->fields; $stats[$field1] = $count; } $result->MoveNext(); } $result->Close(); return $stats; }
function publications_admin_updateconfig() { // Confirm authorisation code if (!xarSecConfirmAuthKey()) { return; } // Get parameters //A lot of these probably are bools, still might there be a need to change the template to return //'true' and 'false' to use those... if (!xarVarFetch('settings', 'array', $settings, array(), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('usetitleforurl', 'int', $usetitleforurl, xarModVars::get('publications', 'usetitleforurl'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultstate', 'isset', $defaultstate, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultsort', 'isset', $defaultsort, 'date', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('usealias', 'int', $usealias, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('ptid', 'isset', $ptid, xarModVars::get('publications', 'defaultpubtype'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('multilanguage', 'int', $multilanguage, 0, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('tab', 'str:1:10', $data['tab'], 'global', XARVAR_NOT_REQUIRED)) { return; } if (!xarSecurityCheck('AdminPublications', 1, 'Publication', "{$ptid}:All:All:All")) { return; } if ($data['tab'] == 'global') { if (!xarVarFetch('defaultpubtype', 'isset', $defaultpubtype, 1, XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('sortpubtypes', 'isset', $sortpubtypes, 'id', XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultlanguage', 'str:1:100', $defaultlanguage, xarModVars::get('publications', 'defaultlanguage'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('debugmode', 'checkbox', $debugmode, xarModVars::get('publications', 'debugmode'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultfrontpage', 'str', $defaultfrontpage, xarModVars::get('publications', 'defaultfrontpage'), XARVAR_NOT_REQUIRED)) { return; } if (!xarVarFetch('defaultbackpage', 'str', $defaultbackpage, xarModVars::get('publications', 'defaultbackpage'), XARVAR_NOT_REQUIRED)) { return; } xarModVars::set('publications', 'defaultpubtype', $defaultpubtype); xarModVars::set('publications', 'sortpubtypes', $sortpubtypes); xarModVars::set('publications', 'defaultlanguage', $defaultlanguage); xarModVars::set('publications', 'debugmode', $debugmode); xarModVars::set('publications', 'usealias', $usealias); xarModVars::set('publications', 'usetitleforurl', $usetitleforurl); xarModVars::set('publications', 'defaultfrontpage', $defaultfrontpage); xarModVars::set('publications', 'defaultbackpage', $defaultbackpage); // Allow multilanguage only if the languages property is present sys::import('modules.dynamicdata.class.properties.registration'); $types = PropertyRegistration::Retrieve(); if (isset($types[30039])) { xarModVars::set('publications', 'multilanguage', $multilanguage); } else { xarModVars::set('publications', 'multilanguage', 0); } // Get the special pages. foreach (array('defaultpage', 'errorpage', 'notfoundpage', 'noprivspage') as $special_name) { unset($special_id); if (!xarVarFetch($special_name, 'id', $special_id, 0, XARVAR_NOT_REQUIRED)) { return; } xarModVars::set('publications', $special_name, $special_id); } if (xarDB::getType() == 'mysql') { if (!xarVarFetch('fulltext', 'isset', $fulltext, '', XARVAR_NOT_REQUIRED)) { return; } $oldval = xarModVars::get('publications', 'fulltextsearch'); $index = 'i_' . xarDB::getPrefix() . '_publications_fulltext'; if (empty($fulltext) && !empty($oldval)) { // Get database setup $dbconn = xarDB::getConn(); $xartable = xarDB::getTables(); $publicationstable = $xartable['publications']; // Drop fulltext index on publications table $query = "ALTER TABLE {$publicationstable} DROP INDEX {$index}"; $result =& $dbconn->Execute($query); if (!$result) { return; } xarModVars::set('publications', 'fulltextsearch', ''); } elseif (!empty($fulltext) && empty($oldval)) { $searchfields = array('title', 'description', 'summary', 'body1', 'notes'); // $searchfields = explode(',',$fulltext); // Get database setup $dbconn = xarDB::getConn(); $xartable = xarDB::getTables(); $publicationstable = $xartable['publications']; // Add fulltext index on publications table $query = "ALTER TABLE {$publicationstable} ADD FULLTEXT {$index} (" . join(', ', $searchfields) . ")"; $result =& $dbconn->Execute($query); if (!$result) { return; } xarModVars::set('publications', 'fulltextsearch', join(',', $searchfields)); } } // Module settings $data['module_settings'] = xarMod::apiFunc('base', 'admin', 'getmodulesettings', array('module' => 'publications')); $data['module_settings']->setFieldList('items_per_page, use_module_alias, module_alias_name, enable_short_urls, user_menu_link', 'use_module_icons'); $isvalid = $data['module_settings']->checkInput(); if (!$isvalid) { return xarTplModule('base', 'admin', 'modifyconfig', $data); } else { $itemid = $data['module_settings']->updateItem(); } // Pull the base category ids from the template and save them $picker = DataPropertyMaster::getProperty(array('name' => 'categorypicker')); $picker->checkInput('basecid'); } elseif ($data['tab'] == 'pubtypes') { // Get the publication type for this display and save the settings to it $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $ptid)); $configsettings = $pubtypeobject->properties['configuration']->getValue(); $checkbox = DataPropertyMaster::getProperty(array('name' => 'checkbox')); $boxes = array('show_hitount', 'show_ratings', 'show_keywords', 'show_comments', 'show_prevnext', 'show_archives', 'show_publinks', 'show_pubcount', 'show_map', 'prevnextart', 'dot_transform', 'title_transform', 'show_categories', 'show_catcount', 'show_prevnext', 'allow_translations'); foreach ($boxes as $box) { $isvalid = $checkbox->checkInput($box); if ($isvalid) { $settings[$box] = $checkbox->value; } } // foreach ($configsettings as $key => $value) // if (!isset($settings[$key])) $settings[$key] = 0; $isvalid = true; // Get the default access rules $access = DataPropertyMaster::getProperty(array('name' => 'access')); $validprop = $access->checkInput("access_add"); $addaccess = $access->value; $isvalid = $isvalid && $validprop; $validprop = $access->checkInput("access_display"); $displayaccess = $access->value; $isvalid = $isvalid && $validprop; $validprop = $access->checkInput("access_modify"); $modifyaccess = $access->value; $isvalid = $isvalid && $validprop; $validprop = $access->checkInput("access_delete"); $deleteaccess = $access->value; $isvalid = $isvalid && $validprop; $allaccess = array('add' => $addaccess, 'display' => $displayaccess, 'modify' => $modifyaccess, 'delete' => $deleteaccess); $pubtypeobject->properties['access']->setValue(serialize($allaccess)); $pubtypeobject->properties['configuration']->setValue(serialize($settings)); $pubtypeobject->updateItem(array('itemid' => $ptid)); $pubtypes = xarModAPIFunc('publications', 'user', 'get_pubtypes'); if ($usealias) { xarModSetAlias($pubtypes[$ptid]['name'], 'publications'); } else { xarModDelAlias($pubtypes[$ptid]['name'], 'publications'); } } elseif ($data['tab'] == 'redirects') { $redirects = DataPropertyMaster::getProperty(array('name' => 'array')); $redirects->display_column_definition['value'] = array(array("From", "To"), array(2, 2), array("", ""), array("", "")); $isvalid = $redirects->checkInput("redirects"); xarModVars::set('publications', 'redirects', $redirects->value); } xarController::redirect(xarModURL('publications', 'admin', 'modifyconfig', array('ptid' => $ptid, 'tab' => $data['tab']))); return true; }
public function getEvents($start_time, $end_time, $role_id) { // get all the events. need to improve this query and combine it with the query in the template $xartable = xarDB::getTables(); $q = new Query('SELECT', $xartable['calendar_event']); $q->ge('start_time', $start_time); $q->lt('start_time', $end_time); $q->eq('role_id', $role_id); // $q->qecho(); if (!$q->run()) { return; } return $q->output(); }
/** * Delete a calendar from database * Usage : if (xarMod::apiFunc('calendar', 'admin', 'delete', $calendar)) {...} * * @param $args['calid'] ID of the calendar * @returns bool * @return true on success, false on failure */ function calendar_adminapi_delete_calendar($args) { // Get arguments from argument array extract($args); // Argument check if (!isset($calid)) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'calendar ID', 'admin', 'delete', 'Calendar'); throw new Exception($msg); } // TODO: Security check /* if (!xarMod::apiLoad('calendar', 'user')) return; $args['mask'] = 'DeleteCalendars'; if (!xarMod::apiFunc('calendar','user','checksecurity',$args)) { $msg = xarML('Not authorized to delete #(1) items', 'Calendar'); throw new Exception($msg); } */ // Call delete hooks for categories, hitcount etc. $args['module'] = 'calendar'; $args['itemid'] = $calid; xarModCallHooks('item', 'delete', $calid, $args); // Get database setup $dbconn = xarDB::getConn(); $xartable = xarDB::getTables(); $calendarstable = $xartable['calendars']; $cal_filestable = $xartable['calendars_files']; $calfiles = $xartable['calfiles']; // Get files associated with that calendar $query = "SELECT xar_files_id FROM {$cal_filestable}\n WHERE xar_calendars_id = ? LIMIT 1 "; $result =& $dbconn->Execute($query, array($calid)); if (!$result) { return; } for (; !$result->EOF; $result->MoveNext()) { // there should be only one result list($file_id) = $result->fields; } if (isset($file_id) || !empty($file_id)) { $query = "DELETE FROM {$calfiles}\n WHERE xar_id = ?"; $result =& $dbconn->Execute($query, array($file_id)); if (!$result) { return; } } // Delete item $query = "DELETE FROM {$calendarstable}\n WHERE xar_id = ?"; $result =& $dbconn->Execute($query, array($calid)); if (!$result) { return; } $query = "DELETE FROM {$cal_filestable}\n WHERE xar_calendars_id = ?"; $result =& $dbconn->Execute($query, array($calid)); if (!$result) { return; } $result->Close(); return true; }
function publications_userapi_getpages($args) { extract($args); if (!xarVarValidate('enum:id:index:name:left:right', $key, true)) { $key = 'index'; } // Define if we are looking for the number of pages or the pages themselves $count = empty($count) ? false : true; // Assemble the query sys::import('xaraya.structures.query'); $xartable = xarDB::getTables(); $q = new Query(); $q->addtable($xartable['publications'], 'tpages'); $q->addtable($xartable['publications_types'], 'pt'); $q->join('pt.id', 'tpages.pubtype_id'); if ($count) { $q->addfield('COUNT(*)'); } else { $q->setdistinct(true); $q->addfield('tpages.id AS id'); $q->addfield('tpages.name AS name'); $q->addfield('tpages.title AS title'); $q->addfield('tpages.pubtype_id AS ptid'); $q->addfield('tpages.parent_id AS base_id'); $q->addfield('tpages.sitemap_flag AS sitemap_flag'); $q->addfield('tpages.menu_flag AS menu_flag'); $q->addfield('tpages.locale AS locale'); $q->addfield('tpages.leftpage_id AS leftpage_id'); $q->addfield('tpages.rightpage_id AS rightpage_id'); $q->addfield('tpages.parentpage_id AS parentpage'); $q->addfield('tpages.access AS access'); $q->addfield('tpages.state AS status'); $q->addfield('pt.description AS pubtype_name'); } if (isset($baseonly)) { $q->eq('tpages.parent_id', 0); } if (isset($name)) { $q->eq('tpages.name', (string) $name); } if (isset($status)) { // If a list of statuses have been provided, then select for any of them. if (strpos($status, ',') === false) { $numeric_status = convert_status($status); $q->eq('tpages.state', strtoupper($status)); } else { $statuses = explode(',', strtoupper($status)); $numeric_statuses = array(); foreach ($statuses as $stat) { $numeric_statuses[] = convert_status($stat); } $q->in('tpages.state', $numeric_statuses); } } if (isset($id)) { $q->eq('tpages.id', (int) $id); $where[] = 'tpages.id = ?'; $bind[] = (int) $id; } elseif (!empty($ids)) { $addwhere = array(); foreach ($ids as $myid) { if (!empty($myid) && is_numeric($myid)) { $addwhere[] = (int) $myid; } } $q->in('tpages.state', $addwhere); } if (isset($itemtype)) { $q->eq('tpages.pubtype_id', (int) $itemtype); } if (isset($parent)) { $q->eq('tpages.parentpage_id', (int) $parent); } // Used to retrieve descendants. if (isset($left_range) && is_array($left_range)) { $q->between('tpages.leftpage_id', $left_range); } // Used to prune a single branch of the tree. if (isset($left_exclude) && is_array($left_exclude)) { //'tpages.leftpage_id NOT between ? AND ?' - does not work on some databases $c[] = $q->plt('tpages.leftpage_id', (int) $left_exclude[0]); $c[] = $q->pgt('tpages.leftpage_id', (int) $left_exclude[1]); $q->qor($c); unset($c); } // Used to retrieve ancestors. if (isset($wrap_range) && is_numeric($wrap_range)) { $c[] = $q->ple('tpages.leftpage_id', (int) $wrap_range[0]); $c[] = $q->pge('tpages.leftpage_id', (int) $left_range[1]); // can't be right: this is an array $q->qand($c); unset($c); } // If the request is to fetch a tree that *contains* a particular // page, then add the extra sub-queries in here. if (!empty($tree_contains_id) || !empty($tree_contains_name)) { $q->addtable($xartable['publications'], 'tpages_member'); if (!empty($tree_contains_id)) { $q->eq('tpages_member.id', (int) $tree_contains_id); } if (!empty($tree_contains_name)) { $q->eq('tpages_member.name', (int) $tree_contains_name); } if (!empty($tree_ancestors)) { // We don't want the complete tree for the matching pages - just // their ancestors. This is useful for checking paths, without // fetching complete trees. $q->between('tpages_member.leftpage_id', 'expr:tpages.leftpage_id AND tpages.rightpage_id'); } else { // Join to find the root page of the tree containing the required page. // This matches the complete tree for the root under the selected page. $q->addtable($xartable['publications'], 'tpages_root'); $q->le('tpages_root.leftpage_id', 'expr:tpages_member.leftpage_id'); $q->ge('tpages_root.rightpage_id', 'expr:tpages_member.rightpage_id'); $q->between('tpages.leftpage_id', 'expr:tpages_root.leftpage_id AND tpages_root.rightpage_id'); $q->eq('tpages_root.parentpage_id', 0); } } // This ordering cannot be changed // We want the pages in the order of the hierarchy. if (empty($count)) { $q->setorder('tpages.leftpage_id', 'ASC'); } // $q->qecho(); $q->run(); if ($count) { $pages = count($q->output()); } else { $index = 0; $id2key = array(); $pages = array(); // Get all the page type details. $pagetypes = xarMod::apiFunc('publications', 'user', 'get_pubtypes', array('key' => 'id')); foreach ($q->output() as $row) { $id = (int) $row['id']; // At this point check the privileges of the page fetched. // To prevent broken trees, if a page is not assessible, prune // (ie discard) descendant pages of that page. Descendants will have // a left value between the left and right values of the // inaccessible page. if (!empty($prune_left)) { if ($row['leftpage_id'] <= $prune_left) { // The current page is still a descendant of the unprivileged page. continue; } else { // We've reached a non-descendant - stop pruning now. $prune_left = 0; } } // JDJ 2008-06-11: now only need ViewPublicationsPage to be able to select the page, // but ReadPublicationsPage to actually read it. // The lowest privilege will be inherited, so one page with only View privilege // will cause all descendent pages to have, at most, view privilege. // We still need to fetch full details of these view-only pages, but we must flag // then up in some way (status?). Displaying any of these pages would instead just // show the 'no privs' page. // Define admin access sys::import('modules.dynamicdata.class.properties.master'); $accessproperty = DataPropertyMaster::getProperty(array('name' => 'access')); $typename = $pagetypes[$row['ptid']]['name']; $args = array('instance' => $row['name'] . ":" . $typename, 'level' => 800); $adminaccess = $accessproperty->check($args); $info = unserialize($row['access']); if (!empty($info['view_access'])) { // Decide whether the current user can create blocks of this type $args = array('module' => 'publications', 'component' => 'Page', 'instance' => $name . ":" . $typename, 'group' => $info['view_access']['group'], 'level' => $info['view_access']['level']); if (!$accessproperty->check($args)) { // Save the right value. We need to skip all subsequent // pages until we get to a page to the right of this one. // The pages will be in 'left' order, so the descendants // will be contiguous and will immediately follow this page. $prune_left = $rightpage_id; // Don't get this unless you are an admin if (!$adminaccess) { continue; } } } if (!empty($overview_only_left) && $row['leftpage_id'] <= $overview_only_left) { // We have got past the overview-only page, so can reset the flag. $overview_only_left = 0; } if (!empty($info['display_access'])) { $args = array('module' => 'publications', 'component' => 'Page', 'instance' => $name . ":" . $typename, 'group' => $info['display_access']['group'], 'level' => $info['display_access']['level']); if (!$accessproperty->check($args)) { // We have reached a page that allows only overview access. // Flag all pages with the restricted view until we get past this page. $overview_only_left = $row['rightpage_id']; // Don't get this unless you are an admin if (!$adminaccess) { continue; } } } if (!xarSecurityCheck('ReadPublications', 0, 'Page', $row['name'] . ':' . $typename, 'publications')) { // We have reached a page that allows only overview access. // Flag all pages with the restricted view until we get past this page. $overview_only_left = $row['rightpage_id']; } // Note: ['parent_id'] is the parent page ID, // but ['parent'] is the parent item key in the // pages array. $id2key[(int) $id] = ${$key}; if ($key == 'id') { $parent_key = (int) $row['parentpage']; } else { if (isset($id2key[$row['parentpage']])) { $parent_key = $id2key[$row['parentpage']]; } else { $parent_key = 0; } } $row['key'] = ${$key}; $row['access'] = $info; $row['parent_key'] = (int) $parent_key; $row['left'] = (int) $row['leftpage_id']; $row['right'] = (int) $row['rightpage_id']; unset($row['leftpage_id']); unset($row['rightpage_id']); $pages[${$key}] = $row; $index += 1; } } return $pages; }
/** * Publications Module * * @package modules * @subpackage publications module * @category Third Party Xaraya Module * @version 2.0.0 * @copyright (C) 2011 Netspan AG * @license GPL {@link http://www.gnu.org/licenses/gpl.html} * @author Marc Lutolf <*****@*****.**> */ function publications_admin_clone() { if (!xarSecurityCheck('ManagePublications')) { return; } if (!xarVarFetch('name', 'isset', $objectname, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('ptid', 'isset', $ptid, NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('itemid', 'isset', $data['itemid'], NULL, XARVAR_DONT_SET)) { return; } if (!xarVarFetch('confirm', 'int', $confirm, 0, XARVAR_DONT_SET)) { return; } if (empty($data['itemid'])) { return xarResponse::NotFound(); } // If a pubtype ID was passed, get the name of the pub object if (isset($ptid)) { $pubtypeobject = DataObjectMaster::getObject(array('name' => 'publications_types')); $pubtypeobject->getItem(array('itemid' => $ptid)); $objectname = $pubtypeobject->properties['name']->value; } if (empty($objectname)) { return xarResponse::NotFound(); } sys::import('modules.dynamicdata.class.objects.master'); $data['object'] = DataObjectMaster::getObject(array('name' => $objectname)); if (empty($data['object'])) { return xarResponse::NotFound(); } // Security if (!$data['object']->checkAccess('update')) { return xarResponse::Forbidden(xarML('Clone #(1) is forbidden', $object->label)); } $data['object']->getItem(array('itemid' => $data['itemid'])); $data['authid'] = xarSecGenAuthKey(); $data['name'] = $data['object']->properties['name']->value; $data['label'] = $data['object']->label; xarTplSetPageTitle(xarML('Clone Publication #(1) in #(2)', $data['itemid'], $data['label'])); if ($confirm) { if (!xarSecConfirmAuthKey()) { return; } // Get the name for the clone if (!xarVarFetch('newname', 'str', $newname, "", XARVAR_NOT_REQUIRED)) { return; } if (empty($newname)) { $newname = $data['name'] . "_copy"; } if ($newname == $data['name']) { $newname = $data['name'] . "_copy"; } $newname = strtolower(str_ireplace(" ", "_", $newname)); // Create the clone $data['object']->properties['name']->setValue($newname); $data['object']->properties['id']->setValue(0); $cloneid = $data['object']->createItem(array('itemid' => 0)); // Create the clone's translations if (!xarVarFetch('clone_translations', 'int', $clone_translations, 0, XARVAR_NOT_REQUIRED)) { return; } if ($clone_translations) { // Get the info on all the objects to be cloned sys::import('xaraya.structures.query'); $tables = xarDB::getTables(); $q = new Query(); $q->addtable($tables['publications'], 'p'); $q->addtable($tables['publications_types'], 'pt'); $q->join('p.pubtype_id', 'pt.id'); $q->eq('parent_id', $data['itemid']); $q->addfield('p.id AS id'); $q->addfield('pt.name AS name'); $q->run(); // Clone each one foreach ($q->output() as $item) { $object = DataObjectMaster::getObject(array('name' => $item['name'])); $object->getItem(array('itemid' => $item['id'])); $object->properties['parent']->value = $cloneid; $object->properties['id']->value = 0; $object->createItem(array('itemid' => 0)); } } // Redirect if we came from somewhere else $current_listview = xarSession::getVar('publications_current_listview'); if (!empty($return_url)) { xarController::redirect($return_url); } elseif (!empty($current_listview)) { xarController::redirect($current_listview); } else { xarController::redirect(xarModURL('publications', 'user', 'view')); } return true; } return $data; }
/** * Update a publication type * * @param id $args['ptid'] ID of the publication type * @param string $args['name'] name of the publication type (not allowed here) * @param string $args['description'] description of the publication type * @param array $args['config'] configuration of the publication type * @return bool true on success, false on failure */ function publications_adminapi_updatepubtype($args) { // Get arguments from argument array extract($args); // Argument check - make sure that all required arguments are present // and in the right format, if not then set an appropriate error // message and return // Note : since we have several arguments we want to check here, we'll // report all those that are invalid at the same time... $invalid = array(); if (!isset($ptid) || !is_numeric($ptid) || $ptid < 1) { $invalid[] = 'publication type ID'; } /* if (!isset($name) || !is_string($name) || empty($name)) { $invalid[] = 'name'; } */ if (!isset($descr) || !is_string($descr) || empty($descr)) { $invalid[] = 'description'; } if (!isset($config) || !is_array($config) || count($config) == 0) { $invalid[] = 'configuration'; } if (count($invalid) > 0) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', join(', ', $invalid), 'admin', 'updatepubtype', 'Publications'); throw new BadParameterException(null, $msg); } // Security check - we require ADMIN rights here if (!xarSecurityCheck('AdminPublications', 1, 'Publication', "{$ptid}:All:All:All")) { return; } // Load user API to obtain item information function if (!xarModAPILoad('publications', 'user')) { return; } // Get current publication types $pubtypes = xarModAPIFunc('publications', 'user', 'get_pubtypes'); if (!isset($pubtypes[$ptid])) { $msg = xarML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'publication type ID', 'admin', 'updatepubtype', 'Publications'); throw new BadParameterException(null, $msg); } // Make sure we have all the configuration fields we need $pubfields = xarModAPIFunc('publications', 'user', 'getpubfields'); foreach ($pubfields as $field => $value) { if (!isset($config[$field])) { $config[$field] = ''; } } // Get database setup $dbconn = xarDB::getConn(); $xartable = xarDB::getTables(); $pubtypestable = $xartable['publication_types']; // Update the publication type (don't allow updates on name) $query = "UPDATE {$pubtypestable}\n SET pubtypedescr = ?,\n pubtypeconfig = ?\n WHERE pubtype_id = ?"; $bindvars = array($descr, serialize($config), $ptid); $result =& $dbconn->Execute($query, $bindvars); if (!$result) { return; } return true; }
/** * Publications Module * * @package modules * @subpackage publications module * @category Third Party Xaraya Module * @version 2.0.0 * @copyright (C) 2011 Netspan AG * @license GPL {@link http://www.gnu.org/licenses/gpl.html} * @author Marc Lutolf <*****@*****.**> */ function publications_userapi_gettranslationid($args) { if (!isset($args['id'])) { throw new BadParameterException('id'); } if (empty($args['id'])) { return 0; } // We can check on a full locale or just a partial one (excluding charset) if (empty($args['partiallocale'])) { $args['partiallocale'] = 0; } // We can look for a specific translation if (empty($args['locale'])) { $locale = xarUserGetNavigationLocale(); } else { $locale = $args['locale']; } sys::import('xaraya.structures.query'); if ($args['partiallocale']) { $parts = explode('.', $locale); $locale = $parts[0]; } $xartable = xarDB::getTables(); if (empty($args['locale'])) { // Return the id of the translation if it exists, or else the base document $q = new Query('SELECT', $xartable['publications']); $q->addfield('id'); $q->eq('locale', $locale); $c[] = $q->peq('id', $args['id']); $c[] = $q->peq('parent_id', $args['id']); $q->qor($c); if (!$q->run()) { return $args['id']; } $result = $q->row(); if (empty($result)) { return $args['id']; } return $result['id']; } elseif ($args['locale'] == xarUserGetNavigationLocale()) { // No need to look further return $args['id']; } elseif ($args['locale'] == xarModVars::get('publications', 'defaultlanguage')) { // Force getting the base document $q = new Query('SELECT', $xartable['publications']); $q->addfield('parent_id'); $q->eq('id', $args['id']); if (!$q->run()) { return $args['id']; } $result = $q->row(); if (empty($result)) { return $args['id']; } // If this was already the base document, return its ID if (empty($result['parent_id'])) { return $args['id']; } // Else return the parent ID return $result['parent_id']; } else { // Force getting another translation $q = new Query('SELECT'); $q->addtable($xartable['publications'], 'p1'); $q->addtable($xartable['publications'], 'p2'); $q->join('p2.parent_id', 'p1.parent_id'); $q->addfield('p2.id'); $q->eq('p2.locale', $locale); $q->eq('p1.id', $args['id']); if (!$q->run()) { return $args['id']; } $result = $q->row(); if (empty($result)) { return $args['id']; } return $result['id']; } if (xarUserGetVar('uname') == 'random') { $xartable = xarDB::getTables(); $q = new Query('SELECT'); $q->addtable($xartable['publications'], 'p1'); $q->addtable($xartable['publications'], 'p2'); $q->join('p2.id', 'p1.parent_id'); $q->addfield('p1.id'); $c[] = $q->peq('p1.id', $args['id']); $c[] = $q->peq('p1.parent_id', $args['id']); $c[] = $q->peq('p2.id', $args['id']); $q->qor($c); $d[] = $q->peq('p1.locale', $args['locale']); $d[] = $q->peq('p2.locale', $args['locale']); $q->qor($d); if (!$q->run()) { return $args['id']; } $q->qecho(); $result = $q->row(); if (empty($result)) { return $args['id']; } return $result['id']; } }
/** * Get pages relative to a given page * * Filters: * Add an arg of the type $args['filter_foo'] = bar * will add a condition to the SELECT as * WHERE foo = bar * */ function publications_userapi_get_sitemap_pages($args) { if (empty($args['itemid'])) { $args['itemid'] = 0; } if (empty($args['scope'])) { $args['scope'] = 'descendants'; } if ($args['itemid'] == 0 && $args['scope'] == 'descendants') { $args['scope'] = 'all'; } if (empty($args['sort'])) { $args['sort'] = 0; } // Make sure we have the base translation id if (!empty($args['itemid'])) { $args['itemid'] = xarMod::apiFunc('publications', 'user', 'gettranslationid', array('id' => $args['itemid'], 'locale' => xarModVars::get('publications', 'defaultlanguage'))); } // Identify any filters $filters = array(); foreach ($args as $k => $v) { if (strpos($k, 'filter_') === 0) { $argname = substr($k, 7); $filters[$argname] = $v; } } $xartable = xarDB::getTables(); sys::import('xaraya.structures.query'); $q = new Query(); $q->addtable($xartable['publications'], 'p'); switch ($args['scope']) { case 'all': $q->gt('p.leftpage_id', 0); break; case 'descendants': $q->addtable($xartable['publications'], 'root'); $q->eq('root.id', $args['itemid']); $q->le('root.leftpage_id', 'expr:p.leftpage_id'); $q->ge('root.rightpage_id', 'expr:p.rightpage_id'); break; case 'children': $q->eq('p.parentpage_id', $args['itemid']); break; case 'siblings': $q->addtable($xartable['publications'], 'p1'); $q->join('p.parentpage_id', 'p1.parentpage_id'); $q->eq('p1.id', $args['itemid']); break; } if (!empty($args['itemtype'])) { $q->eq('p.pubtype_id', $args['itemtype']); } $q->eq('p.sitemap_flag', 1); $q->gt('p.state', 2); $q->addfield('p.id AS id'); $q->addfield('p.name AS name'); $q->addfield('p.title AS title'); $q->addfield('p.description AS description'); $q->addfield('p.sitemap_source_flag AS sitemap_source_flag'); $q->addfield('p.sitemap_alias AS sitemap_alias'); $q->addfield('p.pubtype_id AS pubtype_id'); $q->addfield('p.rightpage_id AS rightpage_id'); // Add any fiters we found foreach ($filters as $k => $v) { $q->eq('p.' . $k, $v); } // We can force alpha sorting, or else sort according to tree position if ($args['sort']) { $q->setorder('p.title'); } else { $q->setorder('p.leftpage_id'); } // $q->qecho(); $q->run(); $pages = $q->output(); $depthstack = array(); foreach ($pages as $key => $page) { // Calculate the relative nesting level. // 'depth' is 0-based. Top level (root node) is zero. if (!empty($depthstack)) { while (!empty($depthstack) && end($depthstack) < $page['rightpage_id']) { array_pop($depthstack); } } $depthstack[$page['id']] = $page['rightpage_id']; $pages[$key]['depth'] = empty($depthstack) ? 0 : count($depthstack) - 1; // This item is the path for each page, based on page IDs. // It is effectively a list of ancestor IDs for a page. // FIXME: some paths seem to get a '0' root ID. They should only have real page IDs. $pages[$key]['idpath'] = array_keys($depthstack); $pathstack[$key] = $page['name']; // This item is the path for each page, based on names. // Imploding it can give a directory-style path, which is handy // in admin pages and reports. $pages[$key]['namepath'] = $pathstack; } // If we are looking for translations rather than base documents, then find what translations are available and substitute them // CHECKME: is there a better way? // If there is no translation the base document remains. Is this desired outcome? if (!empty($pages) && xarModVars::get('publications', 'defaultlanguage') != xarUserGetNavigationLocale()) { $indexedpages = array(); foreach ($pages as $v) { $indexedpages[$v['id']] = $v; } $ids = array_keys($indexedpages); $q = new Query(); $q->addtable($xartable['publications']); $q->addfield('id'); $q->addfield('parent_id'); $q->addfield('name'); $q->addfield('title'); $q->addfield('description'); $q->addfield('sitemap_source_flag'); $q->addfield('sitemap_alias'); $q->addfield('pubtype_id'); $q->in('parent_id', $ids); $q->eq('locale', xarUserGetNavigationLocale()); // Add any fiters we found foreach ($filters as $k => $v) { $q->eq($k, $v); } $q->run(); foreach ($q->output() as $row) { // Copy the name and id paths so we don't have to recalculate them $row['depth'] = $indexedpages[$row['parent_id']]['depth']; $row['idpath'] = $indexedpages[$row['parent_id']]['idpath']; $row['namepath'] = $indexedpages[$row['parent_id']]['namepath']; // Add the entire row to the result pages $indexedpages[$row['parent_id']] = $row; } $pages =& $indexedpages; } return $pages; }
function publications_treeapi_moveitem($args) { extract($args); $dbconn = xarDB::getConn(); $xartable = xarDB::getTables(); // Obtain current information on the reference item $refitem = xarMod::apiFunc('publications', 'user', 'getpage', array('pid' => $refid)); $query = 'SELECT xar_left, xar_right, xar_parent' . ' FROM ' . $tablename . ' WHERE ' . $idname . ' = ?'; // Run the query (reference item). $result = $dbconn->execute($query, array($refid)); if (!$result) { return; } if ($result->EOF) { $msg = xarML('Reference item "#(1)" does not exist', $refid); throw new BadParameterException(null, $msg); } list($ref_left, $ref_right, $ref_parent) = $result->fields; // Run the query (item to be moved). $result = $dbconn->execute($query, array((int) $itemid)); if (!$result) { return; } if ($result->EOF) { $msg = xarML('Moving item "#(1)" does not exist', $itemid); throw new BadParameterException(null, $msg); } list($item_left, $item_right, $item_parent) = $result->fields; // Checking if the reference ID is of a child or itself if ($ref_left >= $item_left && $ref_left <= $item_right) { $msg = xarML('Group references siblings'); throw new BadParameterException(null, $msg); } // Find the point of insertion. switch (strtolower($offset)) { case 'lastchild': // last child of reference item $insertion_point = $ref_right; break; case 'after': // after reference item, same level $insertion_point = $ref_right + 1; break; case 'firstchild': // first child reference item $insertion_point = $ref_left + 1; break; case 'before': // before reference item, same level $insertion_point = $ref_left; break; default: $msg = xarML('Offset not "#(1)" valid', $offset); throw new BadParameterException(null, $msg); } $size = $item_right - $item_left + 1; $distance = $insertion_point - $item_left; // If necessary to move then evaluate if ($distance != 0) { if ($distance > 0) { // moving forward $distance = $insertion_point - $item_right - 1; $deslocation_outside = -$size; $between_string = $item_right + 1 . ' AND ' . ($insertion_point - 1); } else { // $distance < 0 (moving backward) $deslocation_outside = $size; $between_string = $insertion_point . ' AND ' . ($item_left - 1); } // This seems SQL-92 standard... Its a good test to see if // the databases we are supporting are complying with it. This can be // broken down in 3 simple UPDATES which shouldnt be a problem with any database. $query = 'UPDATE ' . $tablename . ' SET xar_left = CASE' . ' WHEN xar_left BETWEEN ' . $item_left . ' AND ' . $item_right . ' THEN xar_left + (' . $distance . ')' . ' WHEN xar_left BETWEEN ' . $between_string . ' THEN xar_left + (' . $deslocation_outside . ')' . ' ELSE xar_left' . ' END,' . ' xar_right = CASE' . ' WHEN xar_right BETWEEN ' . $item_left . ' AND ' . $item_right . ' THEN xar_right + (' . $distance . ')' . ' WHEN xar_right BETWEEN ' . $between_string . ' THEN xar_right + (' . $deslocation_outside . ')' . ' ELSE xar_right' . ' END'; $result = $dbconn->execute($query); if (!$result) { return; } // Find the right parent for this item. if (strtolower($offset) == 'lastchild' || strtolower($offset) == 'firstchild') { $parent_id = $refid; } else { $parent_id = $ref_parent; } // Update parent id $query = 'UPDATE ' . $tablename . ' SET xar_parent = ?' . ' WHERE ' . $idname . ' = ?'; $result = $dbconn->execute($query, array((int) $parent_id, (int) $itemid)); if (!$result) { return; } } return true; }
/** * return the field names and correct values for querying (or joining on) * the publications table * example 1 : SELECT ..., $title, $body1,... * FROM $table * WHERE $title LIKE 'Hello world%' * AND $where * * example 2 : SELECT ..., $title, $body1,... * FROM ... * LEFT JOIN $table * ON $field = <name of articleid field in your module> * WHERE ... * AND $title LIKE 'Hello world%' * AND $where * * Note : the following arguments are all optional : * * @param $args['ids'] optional array of ids that we are selecting on * @param $args['owner'] the ID of the author * @param $args['ptid'] publication type ID (for news, sections, reviews, ...) or array of pubtype IDs * @param $args['state'] array of requested status(es) for the publications * @param $args['search'] search text parameter(s) * @param $args['searchfields'] array of fields to search in * @param $args['searchtype'] start, end, like, eq, gt, ... (TODO) * @param $args['pubdate'] publications published in a certain year (YYYY), month (YYYY-MM) or day (YYYY-MM-DD) * @param $args['startdate'] publications published at startdate or later * (unix timestamp format) * @param $args['enddate'] publications published before enddate * (unix timestamp format) * @param $args['where'] additional where clauses (myfield gt 1234) * @param $args['locale'] language/locale (if not using multi-sites, categories etc.) * @return array('table' => 'nuke_publications', * 'field' => 'nuke_publications.id', * 'where' => 'nuke_publications.id IN (...)', * 'title' => 'nuke_publications.title', * ... * 'body1' => 'nuke_publications.body1') */ function publications_userapi_leftjoin($args) { // Get arguments from argument array extract($args); // Optional argument if (empty($ids) || !is_array($ids)) { $ids = array(); } // Note : no security checks here // Table definition $xartable = xarDB::getTables(); $dbconn = xarDB::getConn(); $publicationstable = $xartable['publications']; $leftjoin = array(); // Add available columns in the publications table (for now) $columns = array('id', 'name', 'title', 'description', 'summary', 'owner', 'pubtype_id', 'notes', 'state', 'body1', 'locale', 'create_date', 'start_date'); foreach ($columns as $column) { $leftjoin[$column] = $publicationstable . '.' . $column; } // Specify LEFT JOIN ... ON ... [WHERE ...] parts $leftjoin['table'] = $publicationstable; $leftjoin['field'] = $leftjoin['id']; // Specify the WHERE part // FIXME: <mrb> someone better informed about this should replace // the xar-varprepforstore with qstr() method where appropriate $whereclauses = array(); if (!empty($owner) && is_numeric($owner)) { $whereclauses[] = $leftjoin['owner'] . ' = ' . $owner; } if (!empty($ptid)) { if (is_numeric($ptid)) { $whereclauses[] = $leftjoin['pubtype_id'] . ' = ' . $ptid; } elseif (is_array($ptid) && count($ptid) > 0) { $seenptid = array(); foreach ($ptid as $id) { if (empty($id) || !is_numeric($id)) { continue; } $seenptid[$id] = 1; } if (count($seenptid) == 1) { $ptids = array_keys($seenptid); $whereclauses[] = $leftjoin['pubtypeid'] . ' = ' . $ptids[0]; } elseif (count($seenptid) > 1) { $ptids = join(', ', array_keys($seenptid)); $whereclauses[] = $leftjoin['pubtypeid'] . ' IN (' . $ptids . ')'; } } } if (!empty($state) && is_array($state)) { if (count($state) == 1 && is_numeric($state[0])) { $whereclauses[] = $leftjoin['state'] . ' = ' . $state[0]; } elseif (count($state) > 1) { $allstate = join(', ', $state); $whereclauses[] = $leftjoin['state'] . ' IN (' . $allstate . ')'; } } if (!empty($pubdate)) { // published in a certain year if (preg_match('/^(\\d{4})$/', $pubdate, $matches)) { $startdate = gmmktime(0, 0, 0, 1, 1, $matches[1]); $enddate = gmmktime(0, 0, 0, 1, 1, $matches[1] + 1); if ($enddate > time()) { $enddate = time(); } // published in a certain month } elseif (preg_match('/^(\\d{4})-(\\d+)$/', $pubdate, $matches)) { $startdate = gmmktime(0, 0, 0, $matches[2], 1, $matches[1]); // PHP allows month > 12 :-) $enddate = gmmktime(0, 0, 0, $matches[2] + 1, 1, $matches[1]); if ($enddate > time()) { $enddate = time(); } // published in a certain day } elseif (preg_match('/^(\\d{4})-(\\d+)-(\\d+)$/', $pubdate, $matches)) { $startdate = gmmktime(0, 0, 0, $matches[2], $matches[3], $matches[1]); // PHP allows day > 3x :-) $enddate = gmmktime(0, 0, 0, $matches[2], $matches[3] + 1, $matches[1]); if ($enddate > time()) { $enddate = time(); } // published at a certain timestamp } elseif (preg_match('/^(\\d+)$/', $pubdate, $matches)) { if ($pubdate <= time()) { $whereclauses[] = $leftjoin['create_date'] . ' = ' . $pubdate; } } } if (!empty($startdate) && is_numeric($startdate)) { $whereclauses[] = $leftjoin['create_date'] . ' >= ' . $startdate; } /* if (!empty($enddate) && is_numeric($enddate)) { $whereclauses[] = $leftjoin['create_date'] . ' < ' . $enddate; } */ /* Example: automatically filter by the current locale - cfr. bug 3454 if (empty($locale)) { $locale = xarMLSGetCurrentLocale(); } */ if (!empty($locale) && is_string($locale)) { $whereclauses[] = $leftjoin['locale'] . " = " . $dbconn->qstr($locale); } if (count($ids) > 0) { $allids = join(', ', $ids); $whereclauses[] = $publicationstable . '.id IN (' . $allids . ')'; } if (!empty($where)) { // find all single-quoted pieces of text and replace them first, to allow where clauses // like : title eq 'this and that' and body1 eq 'here or there' $idx = 0; $found = array(); if (preg_match_all("/'(.*?)'/", $where, $matches)) { foreach ($matches[1] as $match) { $found[$idx] = $match; $match = preg_quote($match); $match = str_replace("#", "\\#", $match); $where = trim(preg_replace("#'{$match}'#", "'~{$idx}~'", $where)); $idx++; } } // cfr. BL compiler - adapt as needed (I don't think == and === are accepted in SQL) $findLogic = array(' eq ', ' ne ', ' lt ', ' gt ', ' id ', ' nd ', ' le ', ' ge '); $replaceLogic = array(' = ', ' != ', ' < ', ' > ', ' = ', ' != ', ' <= ', ' >= '); $where = str_replace($findLogic, $replaceLogic, $where); $parts = preg_split('/\\s+(and|or)\\s+/', $where, -1, PREG_SPLIT_DELIM_CAPTURE); $join = ''; $mywhere = ''; foreach ($parts as $part) { if ($part == 'and' || $part == 'or') { $join = $part; continue; } $pieces = preg_split('/\\s+/', $part); $name = array_shift($pieces); // sanity check on SQL if (count($pieces) < 2) { continue; } if (isset($leftjoin[$name])) { // Note: this is a potential security hole, so don't allow end-users to // fill in the where clause without filtering quotes etc. ! if (empty($idx)) { $mywhere .= $join . ' ' . $leftjoin[$name] . ' ' . join(' ', $pieces) . ' '; } else { $mywhere .= $join . ' ' . $leftjoin[$name] . ' '; foreach ($pieces as $piece) { // replace the pieces again if necessary if (preg_match("#'~(\\d+)~'#", $piece, $matches) && isset($found[$matches[1]])) { $original = $found[$matches[1]]; $piece = preg_replace("#'~(\\d+)~'#", "'{$original}'", $piece); } $mywhere .= $piece . ' '; } } } } if (!empty($mywhere)) { $whereclauses[] = '(' . $mywhere . ')'; } } if (empty($searchfields)) { $searchfields = array('title', 'description', 'summary', 'body1'); } if (!empty($search)) { // TODO : improve + make use of full-text indexing for recent MySQL versions ? $normal = array(); $find = array(); // 0. Check for "'equal whole string' searchType" if (!empty($searchtype) && $searchtype == 'equal whole string') { $normal[] = $search; $search = ""; $searchtype = 'eq'; } // 0. Check for fulltext or fulltext boolean searchtypes (MySQL only) // CHECKME: switch to other search type if $search is less than min. length ? if (!empty($searchtype) && substr($searchtype, 0, 8) == 'fulltext') { $fulltext = xarModVars::get('publications', 'fulltextsearch'); if (!empty($fulltext)) { $fulltextfields = explode(',', $fulltext); } else { $fulltextfields = array(); } $matchfields = array(); foreach ($fulltextfields as $field) { if (empty($leftjoin[$field])) { continue; } $matchfields[] = $leftjoin[$field]; } // TODO: switch mode automatically if + - etc. are detected ? $matchmode = ''; if ($searchtype == 'fulltext boolean') { $matchmode = ' IN BOOLEAN MODE'; } $find[] = 'MATCH (' . join(', ', $matchfields) . ') AGAINST (' . $dbconn->qstr($search) . $matchmode . ')'; // Add this to field list too when sorting by relevance in boolean mode (cfr. getall() sort) $leftjoin['relevance'] = 'MATCH (' . join(', ', $matchfields) . ') AGAINST (' . $dbconn->qstr($search) . $matchmode . ') AS relevance'; // check if we have any other fields to search in $morefields = array_diff($searchfields, $fulltextfields); if (!empty($morefields)) { // FIXME: sort order may not be by relevance if we mix fulltext with other searches $searchfields = $morefields; $searchtype = ''; } else { // we're done here $searchfields = array(); $search = ''; } } // 1. find quoted text if (preg_match_all('#"(.*?)"#', $search, $matches)) { foreach ($matches[1] as $match) { $normal[] = $match; $match = preg_quote($match); $search = trim(preg_replace("#\"{$match}\"#", '', $search)); } } if (preg_match_all("/'(.*?)'/", $search, $matches)) { foreach ($matches[1] as $match) { $normal[] = $match; $match = preg_quote($match); $search = trim(preg_replace("#'{$match}'#", '', $search)); } } // 2. find mandatory +text to include // 3. find mandatory -text to exclude // 4. find normal text $more = preg_split('/\\s+/', $search, -1, PREG_SPLIT_NO_EMPTY); $normal = array_merge($normal, $more); foreach ($normal as $text) { // TODO: use XARADODB to escape wildcards (and use portable ones) ?? $text = str_replace('%', '\\%', $text); $text = str_replace('_', '\\_', $text); foreach ($searchfields as $field) { if (empty($leftjoin[$field])) { continue; } if (empty($searchtype) || $searchtype == 'like') { $find[] = $leftjoin[$field] . " LIKE " . $dbconn->qstr('%' . $text . '%'); } elseif ($searchtype == 'start') { $find[] = $leftjoin[$field] . " LIKE " . $dbconn->qstr($text . '%'); } elseif ($searchtype == 'end') { $find[] = $leftjoin[$field] . " LIKE " . $dbconn->qstr('%' . $text); } elseif ($searchtype == 'eq') { $find[] = $leftjoin[$field] . " = " . $dbconn->qstr($text); } else { // TODO: other search types ? $find[] = $leftjoin[$field] . " LIKE " . $dbconn->qstr('%' . $text . '%'); } } } $whereclauses[] = '(' . join(' OR ', $find) . ')'; } if (count($whereclauses) > 0) { $leftjoin['where'] = join(' AND ', $whereclauses); } else { $leftjoin['where'] = ''; } return $leftjoin; }
function calendar_user_day() { $data = xarMod::apiFunc('calendar', 'user', 'getUserDateTimeInfo'); $DayEvents = new Calendar_Day($data['cal_year'], $data['cal_month'], $data['cal_day'], CALENDAR_FIRST_DAY_OF_WEEK); $args = array('day' => &$Day); $day_endts = $DayEvents->getTimestamp() + xarModVars::get('calendar', 'day_end') + 3600; // $events = xarMod::apiFunc('icalendar','user','getevents',$args); // get all the events. need to improve this query $xartable = xarDB::getTables(); $q = new Query('SELECT', $xartable['calendar_event']); // $q->qecho(); if (!$q->run()) { return; } $events = $q->output(); // Do some calculations to complete the entries' info $slots = array(); // Loop through the events $eventcount = count($events); for ($j = 0; $j < $eventcount; $j++) { // make sure events don't go past the end of the day $events[$j]['end_time'] = min($events[$j]['end_time'], $day_endts); $placed = false; $slotcount = count($slots); for ($i = 0; $i < $slotcount; $i++) { if ($events[$j]['start_time'] >= $slots[$i][1]) { foreach ($slots as $slot) { $events[$slot[0]]['neighbors'] = $slotcount; } $thisslot = $i; $slots = array(0 => array($j, $events[$j]['end_time'])); $placed = true; break; } } if (!$placed) { $thisslot = $slotcount; $slots[] = array($j, $events[$j]['end_time']); } $events[$j]['place'] = $thisslot; } foreach ($slots as $slot) { $events[$slot[0]]['neighbors'] = $slotcount; } //foreach($events as $event) {var_dump($event);echo "<br />";} /* $selection = array(); foreach ( $entries as $entry ) { $Hour = new Calendar_Hour(2000,1,1,1); $Hour->setTimeStamp($entry['start_time']); // Create the decorator, passing it the Hour $event = new Event($Hour); // Attach the payload $event->setEntry($entry); // Add the decorator to the selection $selection[] = $event; } */ $DayDecorator = new DayEvent_Decorator($DayEvents); $DayDecorator->build($events); $data['Day'] =& $DayDecorator; $data['cal_sdow'] = CALENDAR_FIRST_DAY_OF_WEEK; return $data; }