/**
* Edit a URL
*
* @param string $url
* @param string $title
* @param string $desc
* @param string $private optional, can be Y or N, defaults to users preferred setting
* @param string $clip (optional)
* @param string $clippath (optional) - only used by Firefox plugin
* @param string $cliphtml (optional) - only used by Firefox plugin
* @param string $createdfrom (optional)
* @param string $identifier (optional)
* @return URL object (this) (or Error object)
*/
function edit($url, $title, $desc, $private = 'Y', $clip = "", $clippath = "", $cliphtml = "", $createdfrom = "", $identifier = "")
{
global $DB, $CFG, $USER, $HUB_SQL, $HUB_CACHE;
try {
$this->canedit();
} catch (Exception $e) {
return access_denied_error();
}
if (isset($HUB_CACHE)) {
$HUB_CACHE->deleteData($this->urlid . $this->style);
}
$dt = time();
$currentuser = '';
if (isset($USER->userid)) {
$currentuser = $USER->userid;
}
$params = array();
$params[0] = $currentuser;
$params[1] = $url;
//added check to make sure the edit does not duplicate an existing item
$qry1 = "";
if ($clippath != "") {
$params[2] = $clippath;
$qry1 = $HUB_SQL->DATAMODEL_URL_EDIT_CHECK_CLIPPATH;
} else {
$params[2] = $clip;
$qry1 = $HUB_SQL->DATAMODEL_URL_EDIT_CHECK_CLIP;
}
$resArray = $DB->select($qry1, $params);
if ($resArray !== false) {
$count = count($resArray);
$runUpdate = false;
if ($count > 0) {
for ($i = 0; $i < $count; $i++) {
$array = $resArray[$i];
if ($this->urlid != $array['URLID']) {
return database_error($LNG->CORE_URL_EXISTS_ALREADY);
} else {
$runUpdate = true;
}
break;
}
} else {
// so you can edit the url when the parent Resource node has the url changed
$runUpdate = true;
}
if ($runUpdate) {
$this->urlid = getUniqueID();
$params = array();
$params[0] = $dt;
$params[1] = $url;
$params[2] = $clip;
$params[3] = $desc;
$params[4] = $title;
$params[5] = $private;
$params[6] = $clippath;
$params[7] = $cliphtml;
$params[8] = $createdfrom;
$params[9] = $identifier;
$params[10] = $this->urlid;
$res = $DB->insert($HUB_SQL->DATAMODEL_URL_EDIT, $params);
if (!$res) {
return database_error();
} else {
if (!auditURL($USER->userid, $this->urlid, "", $url, $title, $desc, $clip, $clippath, $cliphtml, "", $CFG->actionEdit, format_object('xml', $this))) {
return database_error("URL Audit entry failed");
}
}
}
} else {
return database_error();
}
return $this->load();
}
/**
* Add new connection to the database
*
* @param string $fromnodeid
* @param string $fromroleid
* @param string $linktypeid
* @param string $tonodeid
* @param string $toroleid
* @param string $private
* @param string $description
* @return Connection object (this) (or Error object)
*/
function add($fromnodeid, $fromroleid, $linktypeid, $tonodeid, $toroleid, $private, $description = "")
{
global $DB, $CFG, $USER, $HUB_SQL;
$dt = time();
//check user can add connection
try {
$this->canadd();
} catch (Exception $e) {
return access_denied_error();
}
//check user owns and can edit the 2 nodes sent.
try {
$fromnode = new CNode($fromnodeid);
$fromnode = $fromnode->load();
//$fromnode->canedit();
} catch (Exception $e) {
//return access_denied_error();
}
try {
$tonode = new CNode($tonodeid);
$tonode = $tonode->load();
//$tonode->canedit();
} catch (Exception $e) {
//return access_denied_error();
}
//ensure roles and linktype exist for the current user
// roles can belong to other users (? Why should they here)
/*
try {
$fr = new Role($fromroleid);
$fr = $fr->load();
$fr->canedit();
} catch (Exception $e){
$fr->add($fr->name);
$fromroleid = $tr->roleid;
}
try {
$tr = new Role($toroleid);
$tr = $tr->load();
$tr->canedit();
} catch (Exception $e){
$tr->add($tr->name);
$toroleid = $tr->roleid;
}
*/
try {
$lt = new LinkType($linktypeid);
$lt = $lt->load();
$lt->canedit();
} catch (Exception $e) {
$lt->add($lt->label, $lt->grouplabel);
$linktypeid = $lt->linktypeid;
}
$currentuser = '';
if (isset($USER->userid)) {
$currentuser = $USER->userid;
}
$params = array();
$params[0] = $currentuser;
$params[1] = $linktypeid;
$params[2] = $fromnodeid;
$params[3] = $tonodeid;
$params[4] = $fromroleid;
$params[5] = $toroleid;
$resArray = $DB->select($HUB_SQL->DATAMODEL_CONNECTION_SELECT_CHECK, $params);
$count = count($resArray);
if ($resArray !== false) {
if ($count > 0) {
for ($i = 0; $i < $count; $i++) {
$array = $resArray[$i];
$this->connid = $array['TripleID'];
return $this->load();
}
} else {
$this->connid = getUniqueID();
$params = array();
$params[0] = $this->connid;
$params[1] = $currentuser;
$params[2] = $dt;
$params[3] = $dt;
$params[4] = $linktypeid;
$params[5] = $fromnodeid;
$params[6] = $tonodeid;
$params[7] = $fromroleid;
$params[8] = $toroleid;
$params[9] = $fromnode->name;
$params[10] = $tonode->name;
$params[11] = $private;
$params[12] = $description;
$res = $DB->insert($HUB_SQL->DATAMODEL_CONNECTION_INSERT, $params);
if (!$res) {
return database_error();
}
}
} else {
return database_error();
}
//now clear the users cache
//clearUserCache();
$temp = $this->load();
if (!auditConnection($USER->userid, $temp->connid, "", $fromnodeid, $tonodeid, $linktypeid, $fromroleid, $toroleid, $CFG->actionAdd, format_object('xml', $temp))) {
return database_error();
}
return $temp;
}
/**
* Add a new audit entry into the search audit table.
*
* @param string $userid The unique userid for the person making the entry
* @param string $searchtext the text searched on.
* @param string $tagsonly was tagsonly set on the search
* @param string $type where has the search been run from (default 'main')
* allowed challenge/issue/solution/evidence/resource/user/userchallenge/userissue/usersolution/userevidence/userresource/usercomment
* @param string $typeitemid this can be a userid when the search was run from a user page, or a node id when the tags search started from a node.
* @return boolean
*/
function auditSearch($userid, $searchtext, $tagsonly, $type = 'main', $typeitemid = '')
{
global $DB, $HUB_SQL;
$modificationDate = time();
$searchid = getUniqueID();
$params = array();
$params[0] = $searchid;
$params[1] = $userid;
$params[2] = $searchtext;
$params[3] = $modificationDate;
$params[4] = $tagsonly;
$params[5] = $type;
$params[6] = $typeitemid;
$res = $DB->insert($HUB_SQL->AUDIT_SEARCH_INSERT, $params);
if (!$res) {
return "";
}
return $searchid;
}
/**
* add a link type to the database
*
* @param string $label
* @param string $linktypegroup
* @return LinkType object (this) (or Error object)
*/
function add($label, $linktypegroup)
{
global $DB, $CFG, $USER, $LNG, $HUB_SQL;
//check user can add
try {
$this->canadd();
} catch (Exception $e) {
return access_denied_error();
}
$currentuser = '';
if (isset($USER->userid)) {
$currentuser = $USER->userid;
}
// check linktypegroup is valid
$params = array();
$params[0] = $linktypegroup;
$resArray = $DB->select($HUB_SQL->DATAMODEL_LINKTYPE_ADD_GROUP_CHECK, $params);
if ($resArray !== false) {
$count = count($resArray);
if ($count != 1) {
return database_error($LNG->ERROR_LINKTYPE_GROUP_NAME);
} else {
for ($i = 0; $i < $count; $i++) {
$array = $resArray[$i];
$linktypegroupid = $array['LinkTypeGroupID'];
}
$dt = time();
$params = array();
$params[0] = $label;
$params[1] = $currentuser;
$params[2] = $CFG->defaultUserID;
$resArray2 = $DB->select($HUB_SQL->DATAMODEL_LINKTYPE_ADD_CHECK, $params);
if ($resArray2) {
$count2 = count($resArray2);
if ($count2 != 0) {
for ($j = 0; $j < $count2; $j++) {
$array2 = $resArray2[$j];
$this->linktypeid = $array2['LinkTypeID'];
}
return $this->load();
}
} else {
return database_error();
}
//insert the link type
$this->linktypeid = getUniqueID();
$params = array();
$params[0] = $this->linktypeid;
$params[1] = $currentuser;
$params[2] = $label;
$params[3] = $dt;
$res = $DB->insert($HUB_SQL->DATAMODEL_LINKTYPE_ADD, $params);
if (!$res) {
return database_error();
}
$params = array();
$params[0] = $linktypegroupid;
$params[1] = $this->linktypeid;
$params[2] = $currentuser;
$params[3] = $dt;
$res = $DB->insert($HUB_SQL->DATAMODEL_LINKTYPE_ADD_GROUP, $params);
if (!$res) {
return database_error();
}
return $this->load();
}
} else {
return database_error();
}
return $this;
}
/**
* Add new tag to the database
* If the tag already exists, then this will be returned instead
*
* @param string $tagname
* @returnTag object (this) (or Error object)
*/
function add($tagname)
{
global $DB, $CFG, $USER, $HUB_SQL;
$tagname = trim($tagname);
if ($tagname == "") {
return;
}
try {
$this->canadd();
} catch (Exception $e) {
return access_denied_error();
}
$currentuser = '';
if (isset($USER->userid)) {
$currentuser = $USER->userid;
}
$params = array();
$params[0] = $tagname;
$params[1] = $currentuser;
$resArray = $DB->select($HUB_SQL->DATAMODEL_TAG_ADD_CHECK, $params);
if ($resArray !== false) {
$count = count($resArray);
if ($count > 0) {
for ($i = 0; $i < $count; $i++) {
$array = $resArray[$i];
$this->tagid = $array['TagID'];
}
return $this->load();
} else {
$this->tagid = getUniqueID();
$dt = time();
$params = array();
$params[0] = $this->tagid;
$params[1] = $currentuser;
$params[2] = $dt;
$params[3] = $tagname;
$res = $DB->insert($HUB_SQL->DATAMODEL_TAG_ADD, $params);
if (!$res) {
return database_error();
}
}
} else {
return database_error();
}
return $this->load();
}
/**
* Set users invitation code
*
*/
function setInvitationCode()
{
global $DB, $HUB_SQL;
$code = getUniqueID();
$params = array();
$params[0] = $code;
$params[1] = $this->userid;
$res = $DB->insert($HUB_SQL->DATAMODEL_USER_INVITATION_CODE_UPDATE, $params);
if (!$res) {
return "";
} else {
return $code;
}
}
/**
* Add new Comment node to the database - does not check for duplication
*
* @param string $name
* @param string $desc optional, default to empty string.
* @param string $private optional, can be Y or N, defaults to user's private data option
* @param string $nodetypeid optional, the id of the nodetype this node is. Defaults to 'Comment' node type.
* @param string $image optional, optional, the local server path to the image used for this node. Defaults to empty string.
* @param string $thumb optional, the local server path to the thumbnail of the image used for this node. Defaults to empty string
* @return Node object (this) (or Error object)
*/
function addComment($name, $desc = "", $private = "", $nodetypeid = "", $image = "", $thumb = "")
{
global $DB, $CFG, $USER, $HUB_SQL;
try {
$this->canadd();
} catch (Exception $e) {
return access_denied_error();
}
$dt = time();
$this->nodeid = getUniqueID();
if ($private == "") {
$private = $USER->privatedata;
}
if ($nodetypeid === "") {
$role = getRoleByName('Comment');
$nodetypeid = $role->roleid;
}
$currentuser = '';
if (isset($USER->userid)) {
$currentuser = $USER->userid;
}
$params = array();
$params[0] = $this->nodeid;
$params[1] = $currentuser;
$params[2] = $dt;
$params[3] = $dt;
$params[4] = $name;
$params[5] = $desc;
$params[6] = $private;
$params[7] = $nodetypeid;
$params[8] = $image;
$params[9] = $thumb;
$res = $DB->insert($HUB_SQL->DATAMODEL_NODE_ADD_COMMENT, $params);
if (!$res) {
return database_error();
} else {
$temp = $this->load();
auditIdea($USER->userid, $temp->nodeid, $name, $desc, $CFG->actionAdd, format_object('xml', $temp));
return $temp;
}
}
/**
* Add new user authentication entry to database
*
* @param string $userid
* @param string $provider
* @param string $provideruid
* @param string $email (optional, when awaiting validation for Facebook LinkedIn where no email given)
* @param $registrationKey (optional, when awaiting validation for Facebook LinkedIn where no email given)
* @return UserAuthentication object (this) (or Error object)
*/
function add($userid, $provider, $provideruid, $email = "", $registrationKey = "")
{
global $DB, $CFG, $HUB_SQL;
$dt = time();
$this->authid = getUniqueID();
$params = array();
$params[0] = $this->authid;
$params[1] = $userid;
$params[2] = $dt;
$params[3] = $provider;
$params[4] = $provideruid;
$params[5] = $email;
$params[6] = $registrationKey;
$res = $DB->insert($HUB_SQL->DATAMODEL_USER_AUTH_ADD, $params);
if (!$res) {
return database_error();
} else {
$this->load();
return $this;
}
}
/**
* Adds a new group
*
* @param string $groupname
* @return Group object (this)
*/
function add($groupname)
{
global $DB, $CFG, $USER, $HUB_SQL;
//check user can add a group
try {
$this->canadd();
} catch (Exception $e) {
return access_denied_error();
}
//check group name doesn't already exist
$ge = $this->groupNameExists($groupname);
if ($ge instanceof Error) {
return $ge;
}
// add the 'user' (group)
$user = new User();
$password = crypt(getUniqueID());
//dummy (non-blank) password
$isGroup = 'Y';
$user = $user->add("", $groupname, $password, "", $isGroup, $CFG->AUTH_TYPE_EVHUB, "", $CFG->USER_STATUS_ACTIVE, $CFG->DEFAULT_GROUP_PHOTO);
if (!$user instanceof Error) {
$dt = time();
//now add the user who created the group as an admin
$params = array();
$params[0] = $user->userid;
$params[1] = $USER->userid;
$params[2] = $dt;
$params[3] = 'Y';
$res = $DB->insert($HUB_SQL->DATAMODEL_GROUP_ADD, $params);
if (!$res) {
return database_error();
} else {
$this->groupid = $user->userid;
$this->load();
$this->loadmembers();
return $this;
}
} else {
return $user;
}
}
/**
* Add new role to the database
* If the role already exists, then this will be returned instead
*
* @param string $rolename
* @param string $image, optional parameter local path to an image file (uploaded onto server).
* @return Role object (this) (or Error object)
*/
function add($rolename, $image = null)
{
global $DB, $CFG, $USER, $HUB_SQL;
try {
$this->canadd();
} catch (Exception $e) {
return access_denied_error();
}
$currentuser = '';
if (isset($USER->userid)) {
$currentuser = $USER->userid;
}
$params = array();
$params[0] = $currentuser;
$params[1] = $rolename;
$resArray = $DB->select($HUB_SQL->DATAMODEL_ROLE_ADD_CHECK, $params);
if ($resArray !== false) {
$count = count($resArray);
if ($count > 0) {
for ($i = 0; $i < $count; $i++) {
$array = $resArray[$i];
$this->roleid = $array['NodeTypeID'];
}
return $this->load();
} else {
$this->roleid = getUniqueID();
$dt = time();
$params = array();
$params[0] = $this->roleid;
$params[1] = $currentuser;
$params[2] = $dt;
$params[3] = $rolename;
$params[4] = $image;
$res = $DB->insert($HUB_SQL->DATAMODEL_ROLE_ADD, $params);
if ($res) {
// add to group
$params = array();
$params[0] = $CFG->defaultRoleGroupID;
$params[1] = $this->roleid;
$params[2] = $currentuser;
$params[3] = $dt;
$res2 = $DB->insert($HUB_SQL->DATAMODEL_ROLE_GROUP_ADD, $params);
if (!$res2) {
return database_error();
}
} else {
return database_error();
}
}
} else {
return database_error();
}
return $this->load();
}
/**
* Create an obfuscation record in the database for the given key and request url.
*
* @param $obfuscationkey the obfuscation key used in the cipher when creating the CIF data.
* @param $obfuscationiv the obfuscation iv used in the cipher when creating the CIF data.
* @param $request the url of the data api call that will use this record.
* @return an associative array with 'dataid' for the data api call and 'obfuscationid' for the user api call if successful or Error object if record creation failed.
*/
function createObfuscationEntry($obfuscationkey, $obfuscationiv, $request)
{
global $DB, $HUB_SQL;
$dt = time();
$id = getUniqueID();
$dataid = getUniqueID();
$params = array();
$params[0] = $id;
$params[1] = $obfuscationkey;
$params[2] = $obfuscationiv;
$params[3] = $request;
$params[4] = $dataid;
$params[5] = $dt;
$res = $DB->insert($HUB_SQL->DATAMODEL_UTIL_ADD_OBFUSCATION, $params);
if (!$res) {
return database_error();
} else {
$array = array();
$array['obfuscationid'] = $id;
$array['dataid'] = $dataid;
return $array;
}
}
$qry .= "INSERT INTO `NodeTypeGrouping` VALUES ('" . $defaultrolegroup . "','" . $solutionid . "','" . $userid . "',0);";
$qry .= "INSERT INTO `NodeTypeGrouping` VALUES ('" . $defaultrolegroup . "','" . $issueid . "','" . $userid . "',0);";
$qry .= "INSERT INTO `NodeTypeGrouping` VALUES ('" . $defaultrolegroup . "','" . $proid . "','" . $userid . "',0);";
$qry .= "INSERT INTO `NodeTypeGrouping` VALUES ('" . $defaultrolegroup . "','" . $conid . "','" . $userid . "',0);";
/** News into the System Role Group */
$qry .= "INSERT INTO `NodeTypeGrouping` VALUES ('" . $systemrolegroup . "','" . $newsid . "','" . $userid . "',0);";
if (!$mysqli->multi_query($qry)) {
if ($mysqli->errno) {
echo "Error adding nodetypes into nodetype groups: " . $mysqli->error . "<br>";
}
} else {
while ($mysqli->next_result()) {
}
$mysqli->close();
// add News/System Admin user
$userid2 = getUniqueID();
$photo2 = 'systemadmin.png';
$qry = "INSERT INTO Users (\n\t\t\t\t\t\t\t\t\t\tUserID,\n\t\t\t\t\t\t\t\t\t\tCreationDate,\n\t\t\t\t\t\t\t\t\t\tModificationDate,\n\t\t\t\t\t\t\t\t\t\tEmail,\n\t\t\t\t\t\t\t\t\t\tName,\n\t\t\t\t\t\t\t\t\t\tPassword,\n\t\t\t\t\t\t\t\t\t\tWebsite,\n\t\t\t\t\t\t\t\t\t\tPrivate,\n\t\t\t\t\t\t\t\t\t\tLastLogin,\n\t\t\t\t\t\t\t\t\t\tIsAdministrator,\n\t\t\t\t\t\t\t\t\t\tIsGroup,\n\t\t\t\t\t\t\t\t\t\tAuthType,\n\t\t\t\t\t\t\t\t\t\tDescription,\n\t\t\t\t\t\t\t\t\t\tPhoto )\n\t\t\t\t\t\t\t\t\tVALUES (\n\t\t\t\t\t\t\t\t\t\t'" . $userid2 . "',\n\t\t\t\t\t\t\t\t\t\t" . $dt . ",\n\t\t\t\t\t\t\t\t\t\t" . $dt . ",\n\t\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string($email2, $DB->conn) . "',\n\t\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string($fullname2, $DB->conn) . "',\n\t\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string(crypt($password2), $DB->conn) . "',\n\t\t\t\t\t\t\t\t\t\t'',\n\t\t\t\t\t\t\t\t\t\t'N',\n\t\t\t\t\t\t\t\t\t\t" . $dt . ",\n\t\t\t\t\t\t\t\t\t\t'Y',\n\t\t\t\t\t\t\t\t\t\t'N',\n\t\t\t\t\t\t\t\t\t\t'debatehub',\n\t\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string($description2, $DB->conn) . "',\n\t\t\t\t\t\t\t\t\t\t'" . mysql_real_escape_string($photo2, $DB->conn) . "')";
$res = mysql_query($qry, $DB->conn);
if (!$res) {
echo "error adding system admin user.<br>";
} else {
// add the default roles for System Admin user
$sql = "INSERT INTO NodeType (NodeTypeID,UserID,Name,CreationDate,Image) ";
$sql .= "SELECT concat(left(nt.Name,15),'" . $userid2 . "'), '" . $userid2 . "', nt.Name, UNIX_TIMESTAMP(), nt.Image FROM NodeType nt ";
$sql .= "WHERE nt.UserID='" . $userid . "'";
$res = mysql_query($sql, $DB->conn);
if (!$res) {
echo "error adding default node type data to System Admin user.<br>";
} else {
//add the default groupings for these
<?php
if (emailExists($signUpEmail)) {
echo "<h3>Sorry, your e-mail address has been used previously.<br/> Check customer service to reactivate your account.</h3>";
} else {
$unique_login = getUniqueID($customerUserName);
if ($unique_login != $customerUserName) {
echo "<h3>Your login name already used. Please choose different name.<br/> If you account expires, check customer service to reactivate your account.<br/></h3>";
}
$query = "INSERT INTO my_CustomerInfo (\n \tcustomer_title,customer_fname, customer_lname, customer_address, customer_postalCode, customer_city, customer_province,customer_phone,customer_email, customer_userName, customer_password\n \t)\n \tVALUES (\n \t'{$signUptitle}', '{$signUpFirstName}', '{$signUpLastName}', '{$signUpAddress}', '{$signUpPcode}',\n \t'{$signUpCityName}', '{$signUpProvName}', '{$signUpPhone}', '{$signUpEmail}', '{$customerUserName}', '{$customerPasswordPcode}'\n \t);";
$customers = mysql_query($query) or die(mysql_error());
echo "<h3>Thank you sign up. We will be providing our upcoming promotion as soon as possible.</h3>";
}
function emailExists($signUpEmail)
{
$query = "SELECT * FROM my_CustomerInfo WHERE customer_email = '{$signUpEmail}'";
$customers = mysql_query($query) or die(mysql_error());
$numRecords = mysql_num_rows($customers);
if ($numRecords > 0) {
return true;
} else {
return false;
}
}
function getUniqueID($customerUserName)
{
$unique_login = $customerUserName;
$query = "SELECT * FROM my_CustomerInfo WHERE customer_userName = '******'";
$customers = mysql_query($query) or die(mysql_error());
$numRecords = mysql_num_rows($customers);
for ($i = 0; $numRecords > 0; $i++) {