if (!$node) { $lastmod = date($cms_language->getDateFormat() . ' H:i:s', filemtime(PATH_REALROOT_FS . '/robots.txt')); $size = formatBytes(filesize(PATH_REALROOT_FS . '/robots.txt'), 2); $qtip = $cms_language->getMessage(MESSAGE_PAGE_FILE_LAST_UPDATE_SIZE, array($cms_language->getMessage(MESSAGE_PAGE_TXT), $lastmod, $size)); $nodes = array(array('text' => $cms_language->getJsMessage(MESSAGE_PAGE_WEBSITES_CSS), 'id' => 'css', 'leaf' => false, 'cls' => 'folder', 'qtip' => '', 'deletable' => false), array('text' => $cms_language->getJsMessage(MESSAGE_PAGE_WEBSITES_JS), 'id' => 'js', 'leaf' => false, 'cls' => 'folder', 'qtip' => '', 'deletable' => false), array('text' => 'robots.txt', 'id' => 'robots.txt', 'leaf' => true, 'cls' => 'atm-txt', 'qtip' => $qtip, 'deletable' => false)); $view->setContent($nodes); $view->show(); } $allowedFiles = array('less' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_STYLESHEET), 'class' => 'atm-css'), 'css' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_STYLESHEET), 'class' => 'atm-css'), 'xml' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_WYSIWYG), 'class' => 'atm-xml'), 'js' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_JAVASCRIPT), 'class' => 'atm-js'), 'txt' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_TXT), 'class' => 'atm-txt')); $nodes = array(); $currentDepth = count(explode('/', $node)); try { foreach (new DirectoryIterator(PATH_REALROOT_FS . '/' . $node) as $file) { $lastmod = date($cms_language->getDateFormat() . ' H:i:s', $file->getMTime()); if ($file->isFile() && $file->getFilename() != ".htaccess") { $extension = io::strtolower(pathinfo($file->getPathname(), PATHINFO_EXTENSION)); if (isset($allowedFiles[$extension])) { $size = formatBytes($file->getSize(), 2); $qtip = $cms_language->getMessage(MESSAGE_PAGE_FILE_LAST_UPDATE_SIZE, array($allowedFiles[$extension]['name'], $lastmod, $size)); $deletable = $extension != 'xml' && $file->isWritable(); $nodes[$file->getFilename()] = array('text' => $file->getFilename(), 'id' => $node . '/' . $file->getFilename(), 'leaf' => true, 'qtip' => $qtip, 'cls' => $allowedFiles[$extension]['class'], 'deletable' => $deletable); } } elseif ($file->isDir() && !$file->isDot()) { $qtip = $cms_language->getMessage(MESSAGE_PAGE_FOLDER_LAST_UPDATE) . ' ' . $lastmod; $nodes['-' . $file->getFilename()] = array('text' => $file->getFilename(), 'id' => $node . '/' . $file->getFilename(), 'qtip' => $qtip, 'leaf' => false, 'cls' => 'folder', 'expanded' => $currentDepth < $maxDepth, 'deletable' => false); } } } catch (Exception $e) { } ksort($nodes); $nodes = array_values($nodes);
/** * Module autoload handler * * @param string $classname the classname required for loading * @return string : the file to use for required classname * @access public */ function load($classname) { static $classes; if (!isset($classes)) { $classes = array('cms_forms_action' => PATH_MODULES_FS . "/" . MOD_CMS_FORMS_CODENAME . "/action.php", 'cms_forms_record' => PATH_MODULES_FS . "/" . MOD_CMS_FORMS_CODENAME . "/record.php", 'cms_forms_field' => PATH_MODULES_FS . "/" . MOD_CMS_FORMS_CODENAME . "/field.php", 'cms_forms_formular' => PATH_MODULES_FS . "/" . MOD_CMS_FORMS_CODENAME . "/form.php", 'cms_forms_search' => PATH_MODULES_FS . "/" . MOD_CMS_FORMS_CODENAME . "/formssearch.php", 'cms_forms_formularcategories' => PATH_MODULES_FS . "/" . MOD_CMS_FORMS_CODENAME . "/formcategories.php", 'cms_forms_sender' => PATH_MODULES_FS . "/" . MOD_CMS_FORMS_CODENAME . "/sender.php", 'cms_forms_sendingssearch' => PATH_MODULES_FS . "/" . MOD_CMS_FORMS_CODENAME . "/sendingssearch.php", 'cms_block_cms_forms' => PATH_MODULES_FS . "/" . MOD_CMS_FORMS_CODENAME . "/block.php"); } $file = ''; if (isset($classes[io::strtolower($classname)])) { $file = $classes[io::strtolower($classname)]; } return $file; }
/** * Set : an attribute * * @param string $k, The key of wanted attribute * @param string $v, the value corresponding to key * @return boolean true on success, false on failure * @access public */ function setAttribute($k, $v) { $this->_attributes[io::strtolower($k)] = str_replace('"', "", io::strtolower($v)); return true; }
/** * Set soap values * * @param integer $fieldID The field ID * @param $domdocument XML values to set * @param $itemId the ID of the polyobject item, if any (necessary for some fields (image, file, etc...) * @return boolean true or false * @access public */ function setSoapValues($fieldID, $domdocument, $itemId = '') { $view = CMS_view::getInstance(); $fieldValues = array(); // subfield foreach ($domdocument->childNodes as $childNode) { if ($childNode->nodeType == XML_ELEMENT_NODE) { switch ($childNode->tagName) { case 'subfield': //<subfield id="{int}" [name="{string}"] type="int|string|date|text|object|binary|category|user|group"> $subFieldId = $childNode->getAttribute('id'); if (!sensitiveIO::isPositiveInteger($subFieldId) && $subFieldId != 0) { $view->addError('Missing or invalid attribute id for subfield tag'); return false; } if (!isset($this->_subfields[$subFieldId])) { $view->addError('Unknown field id ' . $fieldId . ' for object ' . $this->_objectID); return false; } $fieldValues[$fieldID . '_' . $subFieldId] = trim(io::strtolower(APPLICATION_DEFAULT_ENCODING) != 'utf-8' ? utf8_decode($childNode->nodeValue) : $childNode->nodeValue); break; case 'object': //TODO break; default: $view->addError('Unknown xml tag ' . $childNode->tagName . ' to process.'); return false; break; } } else { if ($childNode->nodeType == XML_TEXT_NODE && trim($childNode->nodeValue)) { $view->addError('Unknown xml content tag ' . $childNode->nodeValue . ' to process.'); return false; } } } if (!$this->checkMandatory($fieldValues, '')) { $view->addError('Error of mandatory values for field ' . $fieldID); return false; } elseif (!$this->setValues($fieldValues, '', false, $itemId)) { return false; } return true; }
/** * Sorts files * * @param string $a * @param string $b * @return integer, 0 if nothing sorted */ function sort_files($a, $b) { if ($a['type'] != $b['type']) { return $a['type'] > $b['type'] ? -1 : 1; } elseif ($a['type'] == 5) { return strcmp(io::strtolower($a['name']), io::strtolower($b['name'])); } else { if ($a['ext'] != $b['ext']) { return strcmp($a['ext'], $b['ext']); } elseif ($a['stat'][7] != $b['stat'][7]) { return $a['stat'][7] > $b['stat'][7] ? -1 : 1; } else { return strcmp(io::strtolower($a['name']), io::strtolower($b['name'])); } } return 0; }
CMS_grandFather::raiseError('Queried file does not exists.'); $view->show(); } if (!is_file($file)) { //file creation $fileCreation = true; $extension = ''; $fileId = md5(rand()); $fileDefinition = ''; $labelField = "{\n\t\txtype:\t\t\t'textfield',\n\t\tvalue:\t\t\t'',\n\t\tname:\t\t\t'filelabel',\n\t\tfieldLabel:\t\t'{$cms_language->getJsMessage(MESSAGE_PAGE_LABEL)}',\n\t\tborder:\t\t\tfalse,\n\t\tbodyStyle: \t\t'padding-bottom:10px'\n\t},"; $anchor = '-110'; $action = 'create'; } else { //file edition $fileCreation = false; $extension = io::strtolower(pathinfo($file, PATHINFO_EXTENSION)); if (!isset($allowedFiles[$extension])) { CMS_grandFather::raiseError('Action on this type of file is not allowed.'); $view->show(); } $fileId = md5($file); $file = new CMS_file($file); $fileDefinition = $file->readContent(); $labelField = ''; $anchor = '-60'; $action = 'update'; } if (strtolower(APPLICATION_DEFAULT_ENCODING) == 'utf-8') { if (!io::isUTF8($fileDefinition)) { $fileDefinition = utf8_encode($fileDefinition); }
/** * Start the scripts process queue. * Remove the lock file then relaunch the script if force is true * * @param boolean $force Set to true if you wish to remove the lock file before launch * @return void * @access public * @static */ static function startScript($force = false) { if (USE_BACKGROUND_REGENERATOR) { $forceRestart = ''; if ($force) { $forceRestart = ' -F'; } elseif (processManager::hasRunningScript()) { return false; } //test if we're on windows or linux, for the output redirection if (APPLICATION_IS_WINDOWS) { if (realpath(PATH_PHP_CLI_WINDOWS) === false) { CMS_grandFather::raiseError("Unknown CLI location : " . PATH_PHP_CLI_WINDOWS . ", please check your configuration."); return false; } // Create the BAT file $command = '@echo off' . "\r\n" . 'start /B /LOW ' . realpath(PATH_PHP_CLI_WINDOWS) . ' ' . realpath(PATH_PACKAGES_FS . '\\scripts\\script.php') . ' -m ' . REGENERATION_THREADS . $forceRestart; $replace = array('program files (x86)' => 'progra~2', 'program files' => 'progra~1', 'documents and settings' => 'docume~1'); $command = str_ireplace(array_keys($replace), $replace, $command); if (!@touch(PATH_WINDOWS_BIN_FS . "/script.bat")) { CMS_grandFather::_raiseError("CMS_scriptsManager : startScript : Create file error : " . PATH_WINDOWS_BIN_FS . "/script.bat"); return false; } $fh = @fopen(PATH_WINDOWS_BIN_FS . "/script.bat", "wb"); if (is_resource($fh)) { if (!@fwrite($fh, $command, io::strlen($command))) { CMS_grandFather::raiseError("Save file error : script.bat"); } @fclose($fh); } $WshShell = new COM("WScript.Shell"); $oExec = $WshShell->Run(str_ireplace(array_keys($replace), $replace, realpath(PATH_WINDOWS_BIN_FS . '\\script.bat')), 0, false); } else { $error = ''; if (!defined('PATH_PHP_CLI_UNIX') || !PATH_PHP_CLI_UNIX) { $return = CMS_patch::executeCommand('which php 2>&1', $error); if ($error) { CMS_grandFather::raiseError('Error when finding php CLI with command "which php", please check your configuration : ' . $error); return false; } if (io::substr($return, 0, 1) != '/') { CMS_grandFather::raiseError('Can\'t find php CLI with command "which php", please check your configuration.'); return false; } $return = CMS_patch::executeCommand("cd " . PATH_REALROOT_FS . "; php " . PATH_PACKAGES_FS . "/scripts/script.php -m " . REGENERATION_THREADS . $forceRestart . " > /dev/null 2>&1 &", $error); if ($error) { CMS_grandFather::raiseError('Error during execution of script command (cd ' . PATH_REALROOT_FS . '; php ' . PATH_PACKAGES_FS . '/scripts/script.php -m ' . REGENERATION_THREADS . $forceRestart . '), please check your configuration : ' . $error); return false; } } else { $return = CMS_patch::executeCommand(PATH_PHP_CLI_UNIX . ' -v 2>&1', $error); if ($error) { CMS_grandFather::raiseError('Error when testing php CLI with command "' . PATH_PHP_CLI_UNIX . ' -v", please check your configuration : ' . $error); return false; } if (io::strpos(io::strtolower($return), '(cli)') === false) { CMS_grandFather::raiseError(PATH_PHP_CLI_UNIX . ' is not the CLI version'); return false; } $return = CMS_patch::executeCommand("cd " . PATH_REALROOT_FS . "; " . PATH_PHP_CLI_UNIX . " " . PATH_PACKAGES_FS . "/scripts/script.php -m " . REGENERATION_THREADS . $forceRestart . " > /dev/null 2>&1 &", $error); if ($error) { CMS_grandFather::raiseError('Error during execution of script command (cd ' . PATH_REALROOT_FS . '; ' . PATH_PHP_CLI_UNIX . ' ' . PATH_PACKAGES_FS . '/scripts/script.php -m ' . REGENERATION_THREADS . $forceRestart . '), please check your configuration : ' . $error); return false; } } //CMS_grandFather::log($return); //CMS_grandFather::log("cd ".PATH_REALROOT_FS."; php ".PATH_PACKAGES_FS."/scripts/script.php -m ".REGENERATION_THREADS.$forceRestart." > /dev/null 2>&1 &"); //@system("cd ".PATH_REALROOT_FS."; php ".PATH_PACKAGES_FS."/scripts/script.php -m ".REGENERATION_THREADS.$forceRestart." > /dev/null 2>&1 &"); } } else { CMS_session::setSessionVar('start_script', true); } }
/** * For a given category, return options tag list (for a select tag) of all sub categories * * @param array $values : parameters values array(parameterName => parameterValue) in : * selected : the category id which is selected (optional) * usedcategories : display only used categories (optional, default : true) * usedbyitemsids : display only categories used by items list. Accept array of items ids or list of ids (comma separated). Used only if 'usedcategories' is active (optional, default : false) * editableonly : display only editable categories (optional, default : false) * root : the category id to use as root (optional) * crosslanguage : returned categories do not filter by language and return all categories even if current language has no label (default : false) * @param multidimentionnal array $tags : xml2Array content of atm-function tag (nothing for this one) * @return string : options tag list * @access public */ function selectOptions($values, $tags) { global $cms_language; if (!isset($values['usedcategories']) || $values['usedcategories'] == 'true' || $values['usedcategories'] == '1') { $usedCategories = true; if (isset($values['usedbyitemsids']) && is_array($values['usedbyitemsids'])) { $usedByItemsIds = $values['usedbyitemsids']; } elseif (isset($values['usedbyitemsids']) && is_string($values['usedbyitemsids'])) { $usedByItemsIds = explode(',', $values['usedbyitemsids']); } else { $usedByItemsIds = false; } } else { $usedCategories = false; $usedByItemsIds = false; } $disableCategories = array(); if (isset($values['disable'])) { $disableCategories = explode(';', $values['disable']); if (count($disableCategories) == 1) { $disableCategories = explode(',', $values['disable']); } } if (!isset($values['editableonly']) || $values['editableonly'] == 'false' || $values['editableonly'] == '0') { $editableOnly = false; } else { $editableOnly = true; } if (!isset($values['crosslanguage']) || $values['crosslanguage'] == 'false' || $values['crosslanguage'] == '0') { $crossLanguage = false; } else { $crossLanguage = true; } if (isset($values['root']) && sensitiveIO::isPositiveInteger($values['root'])) { $rootCategory = $values['root']; } else { $rootCategory = false; } $maxlevel = isset($values['maxlevel']) ? (int) $values['maxlevel'] : 0; $categories = $this->getAllCategoriesAsArray($cms_language, $usedCategories, false, $editableOnly, $rootCategory, false, $usedByItemsIds, $crossLanguage); $return = ""; if (is_array($categories) && $categories) { //natsort objects by name case insensitive if (isset($values['sort']) && (io::strtolower($values['sort']) == 'asc' || io::strtolower($values['sort']) == 'desc')) { uasort($categories, array('CMS_object_categories', '_natecasecomp')); if (io::strtolower($values['sort']) == 'desc') { $categories = array_reverse($categories, true); } } foreach ($categories as $catID => $catLabel) { // Disable categories if (is_array($disableCategories) && $disableCategories) { $lineage = CMS_moduleCategories_catalog::getLineageOfCategory($catID); foreach ($disableCategories as $disableCategory) { if (SensitiveIO::isPositiveInteger($disableCategory) && in_array($disableCategory, $lineage)) { continue; } } } //max level if ($maxlevel) { if (substr_count($catLabel, '- ') >= $maxlevel) { continue; } } $selected = isset($values['selected']) && $catID == $values['selected'] ? ' selected="selected"' : ''; $return .= '<option title="' . io::htmlspecialchars($catLabel) . '" value="' . $catID . '"' . $selected . '>' . $catLabel . '</option>'; } } return $return; }
/** * Get all available languages codes from ISO 639-1 standard * Static function. * * @return array(code => label) * @access public */ function getAllLanguagesCodes() { if (!file_exists(PATH_PACKAGES_FS . '/files/iso639-1.txt')) { return array(); } $codeFile = new CMS_file(PATH_PACKAGES_FS . '/files/iso639-1.txt'); $languagesCodes = $codeFile->readContent('array'); $return = array(); foreach ($languagesCodes as $languagesCode) { if (substr($languagesCode, 0, 1) != '#') { list($code, $label) = explode("\t", $languagesCode); if (io::strtolower(APPLICATION_DEFAULT_ENCODING) != 'utf-8') { $label = utf8_decode($label); } $return[$code] = ucfirst($label); } } return $return; }
/** * set object Values * * @param array $values : the POST result values * @param string prefixname : the prefix used for post names * @param boolean newFormat : new automne v4 format (default false for compatibility) * @param integer $objectID : the current object id. Must be set, but default is blank for compatibility with other objects * @return boolean true on success, false on failure * @access public */ function setValues($values, $prefixName, $newFormat = false, $objectID = '') { if (!sensitiveIO::isPositiveInteger($objectID)) { $this->raiseError('ObjectID must be a positive integer : ' . $objectID); return false; } //get field parameters $params = $this->getParamsValues(); //get module codename $moduleCodename = CMS_poly_object_catalog::getModuleCodenameForField($this->_field->getID()); if ($newFormat) { //delete old images ? //thumbnail if ($this->_subfieldValues[0]->getValue() && (!$values[$prefixName . $this->_field->getID() . '_0'] || pathinfo($values[$prefixName . $this->_field->getID() . '_0'], PATHINFO_BASENAME) != $this->_subfieldValues[0]->getValue())) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $this->_subfieldValues[0]->setValue(''); } //image zoom if ($this->_subfieldValues[2]->getValue() && (!isset($values[$prefixName . $this->_field->getID() . '_2']) || !$values[$prefixName . $this->_field->getID() . '_2'] || pathinfo($values[$prefixName . $this->_field->getID() . '_2'], PATHINFO_BASENAME) != $this->_subfieldValues[2]->getValue())) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $this->_subfieldValues[2]->setValue(''); } //set label from label field if (!$this->_subfieldValues[1]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_1']))) { return false; } //image zoom (if needed) if ((!isset($values[$prefixName . $this->_field->getID() . '_makeZoom']) || $values[$prefixName . $this->_field->getID() . '_makeZoom'] != 1) && isset($values[$prefixName . $this->_field->getID() . '_2']) && $values[$prefixName . $this->_field->getID() . '_2'] && io::strpos($values[$prefixName . $this->_field->getID() . '_2'], PATH_UPLOAD_WR . '/') !== false) { $filename = $values[$prefixName . $this->_field->getID() . '_2']; //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //destroy old image if any if ($this->_subfieldValues[2]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $this->_subfieldValues[2]->setValue(''); } //move and rename uploaded file $filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $filename); $basename = pathinfo($filename, PATHINFO_BASENAME); //set thumbnail $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $zoomBasename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($basename)); if (io::strlen($zoomBasename) > 255) { $zoomBasename = sensitiveIO::ellipsis($zoomBasename, 255, '-', true); } $zoomFilename = $path . '/' . $zoomBasename; CMS_file::moveTo($filename, $zoomFilename); CMS_file::chmodFile(FILES_CHMOD, $zoomFilename); //set it if (!$this->_subfieldValues[2]->setValue($zoomBasename)) { return false; } } //thumbnail if ($values[$prefixName . $this->_field->getID() . '_0'] && io::strpos($values[$prefixName . $this->_field->getID() . '_0'], PATH_UPLOAD_WR . '/') !== false) { $filename = $values[$prefixName . $this->_field->getID() . '_0']; //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //destroy old image if any if ($this->_subfieldValues[0]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $this->_subfieldValues[0]->setValue(''); } //move and rename uploaded file $filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $filename); $basename = pathinfo($filename, PATHINFO_BASENAME); //set thumbnail $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $newBasename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($basename)); //rename image $path_parts = pathinfo($newBasename); $extension = io::strtolower($path_parts['extension']); $newBasename = io::substr($path_parts['basename'], 0, -(io::strlen($extension) + 1)) . '_thumbnail.' . $extension; if (io::strlen($newBasename) > 255) { $newBasename = sensitiveIO::ellipsis($newBasename, 255, '-', true); } $newFilename = $path . '/' . $newBasename; //move file from upload dir to new dir CMS_file::moveTo($filename, $newFilename); CMS_file::chmodFile(FILES_CHMOD, $newFilename); //if we use original image as image zoom, set it if (isset($values[$prefixName . $this->_field->getID() . '_makeZoom']) && $values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) { $zoomFilename = str_replace('_thumbnail.' . $extension, '.' . $extension, $newFilename); //copy image as zoom CMS_file::copyTo($newFilename, $zoomFilename); $zoomBasename = pathinfo($zoomFilename, PATHINFO_BASENAME); //set image zoom if (!$this->_subfieldValues[2]->setValue($zoomBasename)) { return false; } } //resize thumbnail if needed if ($params['maxWidth'] > 0 || $params['maxHeight'] > 0) { $oImage = new CMS_image($newFilename); //get current file size $sizeX = $oImage->getWidth(); $sizeY = $oImage->getHeight(); //check thumbnail size if ($params['maxWidth'] && $sizeX > $params['maxWidth'] || $params['maxHeight'] && $sizeY > $params['maxHeight']) { $newSizeX = $sizeX; $newSizeY = $sizeY; // Check width if ($params['maxWidth'] && $newSizeX > $params['maxWidth']) { $newSizeY = round($params['maxWidth'] * $newSizeY / $newSizeX); $newSizeX = $params['maxWidth']; } if ($params['maxHeight'] && $newSizeY > $params['maxHeight']) { $newSizeX = round($params['maxHeight'] * $newSizeX / $newSizeY); $newSizeY = $params['maxHeight']; } if (!$oImage->resize($newSizeX, $newSizeY, $newFilename)) { return false; } } } //set thumbnail if (!$this->_subfieldValues[0]->setValue($newBasename)) { return false; } } // If label not set yet, set it /*if(!$this->_subfieldValues[1]->getValue()){ if($this->_subfieldValues[0]->getValue()){ $this->_subfieldValues[1]->setValue($this->_subfieldValues[0]->getValue()); } }*/ //if we had an imagezoom, check his size if ($this->_subfieldValues[2]->getValue() && ($params['maxZoomWidth'] > 0 || $params['maxZoomHeight'] > 0)) { //resize zoom if needed $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $basename = $this->_subfieldValues[2]->getValue(); $filename = $path . '/' . $basename; $extension = io::strtolower(pathinfo($basename, PATHINFO_EXTENSION)); $oImage = new CMS_image($filename); //get current file size $sizeX = $oImage->getWidth(); $sizeY = $oImage->getHeight(); //check zoom size if ($params['maxZoomWidth'] && $sizeX > $params['maxZoomWidth'] || $params['maxZoomHeight'] && $sizeY > $params['maxZoomHeight']) { $newSizeX = $sizeX; $newSizeY = $sizeY; // Check width if ($params['maxZoomWidth'] && $newSizeX > $params['maxZoomWidth']) { $newSizeY = round($params['maxZoomWidth'] * $newSizeY / $newSizeX); $newSizeX = $params['maxZoomWidth']; } if ($params['maxZoomHeight'] && $newSizeY > $params['maxZoomHeight']) { $newSizeX = round($params['maxZoomHeight'] * $newSizeX / $newSizeY); $newSizeY = $params['maxZoomHeight']; } if (!$oImage->resize($newSizeX, $newSizeY, $filename)) { return false; } } } //update files infos if needed if ($this->_subfieldValues[0]->getValue() && file_exists(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue())) { $file = new CMS_file(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $imageDatas = array('filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension()); } else { $imageDatas = array('filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'extension' => ''); } $imageDatas['module'] = $moduleCodename; $imageDatas['visualisation'] = RESOURCE_DATA_LOCATION_EDITED; if ($params['useDistinctZoom'] || $this->_subfieldValues[2]->getValue()) { //update files infos if needed if ($this->_subfieldValues[2]->getValue() && file_exists(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue())) { $file = new CMS_file(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $zoomDatas = array('filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension()); } else { $zoomDatas = array('filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'extension' => ''); } $zoomDatas['module'] = $moduleCodename; $zoomDatas['visualisation'] = RESOURCE_DATA_LOCATION_EDITED; } else { $zoomDatas = ''; } $content = array('datas' => array('polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_0]' => $imageDatas, 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_2]' => $zoomDatas, 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_1]' => sensitiveIO::decodeEntities($this->_subfieldValues[1]->getValue()))); $view = CMS_view::getInstance(); $view->addContent($content); return true; } else { //Old format //delete old images ? if (isset($values[$prefixName . $this->_field->getID() . '_delete']) && $values[$prefixName . $this->_field->getID() . '_delete'] == 1) { if ($this->_subfieldValues[0]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $this->_subfieldValues[0]->setValue(''); } elseif (isset($values[$prefixName . $this->_field->getID() . '_0_hidden']) && $values[$prefixName . $this->_field->getID() . '_0_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_0_hidden']); $this->_subfieldValues[0]->setValue(''); } if ($this->_subfieldValues[2]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $this->_subfieldValues[2]->setValue(''); } elseif (isset($values[$prefixName . $this->_field->getID() . '_2_hidden']) && $values[$prefixName . $this->_field->getID() . '_2_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_2_hidden']); $this->_subfieldValues[2]->setValue(''); } } //set label from label field if (!$this->_subfieldValues[1]->setValue(io::htmlspecialchars(@$values[$prefixName . $this->_field->getID() . '_1']))) { return false; } //thumbnail if (isset($_FILES[$prefixName . $this->_field->getID() . '_0']) && $_FILES[$prefixName . $this->_field->getID() . '_0']['name'] && !$_FILES[$prefixName . $this->_field->getID() . '_0']['error']) { //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($_FILES[$prefixName . $this->_field->getID() . '_0']["name"], PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //set label as image name if none set /*if (!$values[$prefixName.$this->_field->getID().'_1']) { if (!$this->_subfieldValues[1]->setValue(io::htmlspecialchars($_FILES[$prefixName.$this->_field->getID().'_0']["name"]))) { return false; } }*/ //destroy all old images if any if ($this->_subfieldValues[0]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $this->_subfieldValues[0]->setValue(''); } elseif (isset($values[$prefixName . $this->_field->getID() . '_0_hidden']) && $values[$prefixName . $this->_field->getID() . '_0_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_0_hidden']); $this->_subfieldValues[0]->setValue(''); } if ($this->_subfieldValues[2]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $this->_subfieldValues[2]->setValue(''); } elseif (isset($values[$prefixName . $this->_field->getID() . '_2_hidden']) && $values[$prefixName . $this->_field->getID() . '_2_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_2_hidden']); $this->_subfieldValues[2]->setValue(''); } //set thumbnail (resize it if needed) //create thumbnail path $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $filename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($_FILES[$prefixName . $this->_field->getID() . '_0']["name"])); if (io::strlen($filename) > 255) { $filename = sensitiveIO::ellipsis($filename, 255, '-', true); } //move uploaded file $fileDatas = CMS_file::uploadFile($prefixName . $this->_field->getID() . '_0', PATH_TMP_FS); if ($fileDatas['error']) { return false; } if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) { return false; } if ($params['maxWidth'] > 0) { $oImage = new CMS_image($path . "/" . $filename); //get current file size $sizeX = $oImage->getWidth(); $sizeY = $oImage->getHeight(); //check thumbnail size if ($sizeX > $params['maxWidth'] || $sizeY > $params['maxHeight']) { $newSizeX = $sizeX; $newSizeY = $sizeY; // Check width if ($params['maxWidth'] && $newSizeX > $params['maxWidth']) { $newSizeY = round($params['maxWidth'] * $newSizeY / $newSizeX); $newSizeX = $params['maxWidth']; } if ($params['maxHeight'] && $newSizeY > $params['maxHeight']) { $newSizeX = round($params['maxHeight'] * $newSizeX / $newSizeY); $newSizeY = $params['maxHeight']; } //resize image $srcfilepath = $path . "/" . $filename; $path_parts = pathinfo($srcfilepath); $thumbnailFilename = io::substr($path_parts['basename'], 0, -(io::strlen($path_parts['extension']) + 1)) . '_thumbnail.' . $path_parts['extension']; $destfilepath = $path . "/" . $thumbnailFilename; $extension = io::strtolower($path_parts['extension']); if (!$oImage->resize($newSizeX, $newSizeY, $destfilepath)) { return false; } //if we use original image as image zoom, set it if ($values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) { //set image zoom if (!$this->_subfieldValues[2]->setValue($filename)) { return false; } } else { //destroy original image unlink($srcfilepath); } //set resized thumbnail if (!$this->_subfieldValues[0]->setValue($thumbnailFilename)) { return false; } } else { //no need to resize thumbnail (below the maximum width), so set it if (!$this->_subfieldValues[0]->setValue($filename)) { return false; } //if we use original image as image zoom, set it if ($values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) { //set image zoom if (!$this->_subfieldValues[2]->setValue($filename)) { return false; } } } } else { //no need to resize thumbnail, so set it if (!$this->_subfieldValues[0]->setValue($filename)) { return false; } //if we use original image as image zoom, set it if ($values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) { //set image zoom if (!$this->_subfieldValues[2]->setValue($filename)) { return false; } } } } elseif (isset($_FILES[$prefixName . $this->_field->getID() . '_0']) && $_FILES[$prefixName . $this->_field->getID() . '_0']['name'] && $_FILES[$prefixName . $this->_field->getID() . '_0']['error'] != 0) { return false; } elseif (isset($values[$prefixName . $this->_field->getID() . '_0_hidden']) && $values[$prefixName . $this->_field->getID() . '_0_hidden'] && (!isset($values[$prefixName . $this->_field->getID() . '_delete']) || $values[$prefixName . $this->_field->getID() . '_delete'] != 1)) { //set label as image name if none set if (!$this->_subfieldValues[0]->setValue($values[$prefixName . $this->_field->getID() . '_0_hidden'])) { return false; } } //image zoom (if needed) if (isset($values[$prefixName . $this->_field->getID() . '_makeZoom']) && $values[$prefixName . $this->_field->getID() . '_makeZoom'] != 1 && isset($_FILES[$prefixName . $this->_field->getID() . '_2']['name']) && $_FILES[$prefixName . $this->_field->getID() . '_2']['name'] && !$_FILES[$prefixName . $this->_field->getID() . '_2']['error']) { //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($_FILES[$prefixName . $this->_field->getID() . '_2']["name"], PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //create thumbnail path $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $filename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($_FILES[$prefixName . $this->_field->getID() . '_2']["name"])); if (io::strlen($filename) > 255) { $filename = sensitiveIO::ellipsis($filename, 255, '-', true); } //move uploaded file $fileDatas = CMS_file::uploadFile($prefixName . $this->_field->getID() . '_2', PATH_TMP_FS); if ($fileDatas['error']) { return false; } if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) { return false; } //set it if (!$this->_subfieldValues[2]->setValue($filename)) { return false; } } elseif (isset($_FILES[$prefixName . $this->_field->getID() . '_2']) && $_FILES[$prefixName . $this->_field->getID() . '_2']['name'] && $_FILES[$prefixName . $this->_field->getID() . '_2']['error'] != 0) { return false; } elseif (isset($values[$prefixName . $this->_field->getID() . '_2_hidden']) && $values[$prefixName . $this->_field->getID() . '_2_hidden'] && (!isset($values[$prefixName . $this->_field->getID() . '_delete']) || $values[$prefixName . $this->_field->getID() . '_delete'] != 1)) { if (!$this->_subfieldValues[2]->setValue($values[$prefixName . $this->_field->getID() . '_2_hidden'])) { return false; } } return true; } }
$statusValues = sensitiveIO::jsonEncode($statusValues); $searchPanel .= "{\n\t\txtype:\t\t\t\t'combo',\n\t\tname:\t\t\t\t'status_{$object->getID()}',\n\t\thiddenName:\t\t \t'status_{$object->getID()}',\n\t\tforceSelection:\t\ttrue,\n\t\tfieldLabel:\t\t\t'Publication',\n\t\tmode:\t\t\t\t'local',\n\t\ttriggerAction:\t\t'all',\n\t\tvalueField:\t\t\t'id',\n\t\tdisplayField:\t\t'label',\n\t\tvalue:\t\t\t\t'{$statusValue}',\n\t\tanchor:\t\t\t\t'-20px',\n\t\tstore:\t\t\t\tnew Ext.data.JsonStore({\n\t\t\tfields:\t\t\t\t['id', 'label'],\n\t\t\tdata:\t\t\t\t{$statusValues}\n\t\t}),\n\t\tallowBlank:\t\t \tfalse,\n\t\tselectOnFocus:\t\ttrue,\n\t\teditable:\t\t\tfalse,\n\t\tvalidateOnBlur:\t\tfalse,\n\t\tlisteners:\t\t\t{'valid':moduleObjectWindow.search}\n\t},"; } // Build sort select $items_possible['objectID'] = $cms_language->getMessage(MESSAGE_PAGE_FIELD_CREATION_DATE, false, MOD_POLYMOD_CODENAME); //Ordre de création // check if primary resource to add publication dates if ($object->isPrimaryResource()) { $items_possible['publication date before'] = $cms_language->getMessage(MESSAGE_PAGE_FIELD_PUBLICATION_DATE, false, MOD_POLYMOD_CODENAME); //Date de début de publication } // build array of possible sort types $possible_sorts = array('cms_object_boolean', 'cms_object_string', 'cms_object_date', 'cms_object_file', 'cms_object_image', 'cms_object_language', 'cms_object_integer', 'cms_object_usergroup'); // check witch fields are sortable foreach ($objectFields as $fieldID => $field) { if (in_array(io::strtolower(get_class($field->getTypeObject())), $possible_sorts)) { $items_possible[$field->getID()] = $field->getLabel($cms_language); } } // check if there are other sortable object than creation date if (count($items_possible) > 1) { $sortValue = CMS_session::getSessionVar('sort_' . $object->getID()); $sortValue = $sortValue ? $sortValue : 'objectID'; $sortValues = array(); foreach ($items_possible as $key => $label) { $sortValues[] = array('id' => $key, 'label' => $label); } $sortValues = sensitiveIO::jsonEncode($sortValues); $sortItem = "{\n\t\txtype:\t\t\t\t'combo',\n\t\tname:\t\t\t\t'sort_{$object->getID()}',\n\t\thiddenName:\t\t \t'sort_{$object->getID()}',\n\t\tforceSelection:\t\ttrue,\n\t\tfieldLabel:\t\t\t'{$cms_language->getJSMessage(MESSAGE_PAGE_FIELD_SORT, false, MOD_POLYMOD_CODENAME)}',\n\t\tmode:\t\t\t\t'local',\n\t\ttriggerAction:\t\t'all',\n\t\tvalueField:\t\t\t'id',\n\t\tdisplayField:\t\t'label',\n\t\tvalue:\t\t\t\t'{$sortValue}',\n\t\tanchor:\t\t\t\t'98%',\n\t\tstore:\t\t\t\tnew Ext.data.JsonStore({\n\t\t\tfields:\t\t\t\t['id', 'label'],\n\t\t\tdata:\t\t\t\t{$sortValues}\n\t\t}),\n\t\tallowBlank:\t\t \tfalse,\n\t\tselectOnFocus:\t\ttrue,\n\t\teditable:\t\t\tfalse,\n\t\tvalidateOnBlur:\t\tfalse,\n\t\tlisteners:\t\t\t{'valid':moduleObjectWindow.search}\n\t}"; } else { $sortItem = "{\n\t\txtype:\t\t\t\t'textfield',\n\t\tfieldLabel:\t\t\t'{$cms_language->getJSMessage(MESSAGE_PAGE_FIELD_SORT, false, MOD_POLYMOD_CODENAME)}',\n\t\tanchor:\t\t\t\t'98%',\n\t\tdisabled:\t\t\ttrue,\n\t\tvalue:\t\t\t\t'{$items_possible['objectID']}',\n\t\tlisteners:\t\t\t{'valid':moduleObjectWindow.search}\n\t}";
/** * Get all JS locales for current user (in current language) * * @return string : JS locales * @access public */ public static function getJSLocales() { $locales = ''; $user = CMS_session::getUser(); if (!$user) { return $locales; } //add all JS locales $language = $user->getLanguage(); $languageCode = $language->getCode(); //Get Ext locales if ($languageCode != 'en') { //english is defined as default language so we should not add it again $extLocaleFile = PATH_MAIN_FS . '/ext/src/locale/ext-lang-' . $languageCode . '.js'; if (file_exists($extLocaleFile)) { $fileContent = file_get_contents($extLocaleFile); //remove BOM if any if (substr($fileContent, 0, 3) == '') { $fileContent = substr($fileContent, 3); } $locales .= io::strtolower(APPLICATION_DEFAULT_ENCODING) != 'utf-8' ? utf8_decode($fileContent) : $fileContent; } } //add Automne locales $locales .= $language->getMessage(self::MESSAGE_USER_JS_LOCALES); return $locales; }
/** * Module autoload handler * * @param string $classname the classname required for loading * @return string : the file to use for required classname * @access public */ function load($classname) { static $classes; if (!isset($classes)) { $classes = array('cms_poly_object_field' => PATH_MODULES_FS . '/polymod/polyobjects/poly_object_field.php', 'cms_poly_object' => PATH_MODULES_FS . '/polymod/polyobjects/poly_object.php', 'cms_poly_object_definition' => PATH_MODULES_FS . '/polymod/polyobjects/poly_object_definition.php', 'cms_poly_object_catalog' => PATH_MODULES_FS . '/polymod/polyobjects/poly_object_catalog.php', 'cms_multi_poly_object' => PATH_MODULES_FS . '/polymod/polyobjects/multi_poly_object.php', 'cms_object_search' => PATH_MODULES_FS . '/polymod/object_search.php', 'cms_poly_plugin_definitions' => PATH_MODULES_FS . '/polymod/poly_plugin_definition.php', 'cms_object_i18nm' => PATH_MODULES_FS . '/polymod/object_i18nm.php', 'cms_polymod_definition_parsing' => PATH_MODULES_FS . '/polymod/poly_definition_parsing.php', 'cms_poly_module_structure' => PATH_MODULES_FS . '/polymod/poly_module_structure.php', 'cms_poly_rss_definitions' => PATH_MODULES_FS . '/polymod/poly_rss_definition.php', 'cms_block_polymod' => PATH_MODULES_FS . '/polymod/block.php', 'cms_poly_definition_functions' => PATH_MODULES_FS . '/polymod/poly_definition_functions.php', 'cms_xmltag_if' => PATH_MODULES_FS . '/polymod/tags/if.php', 'cms_xmltag_else' => PATH_MODULES_FS . '/polymod/tags/else.php', 'cms_xmltag_start' => PATH_MODULES_FS . '/polymod/tags/start.php', 'cms_xmltag_end' => PATH_MODULES_FS . '/polymod/tags/end.php', 'cms_xmltag_setvar' => PATH_MODULES_FS . '/polymod/tags/setvar.php', 'cms_polymod_oembed_definition' => PATH_MODULES_FS . '/polymod/poly_oembed_definition.php', 'cms_polymod_oembed_definition_catalog' => PATH_MODULES_FS . '/polymod/poly_oembed_definition_catalog.php'); } $file = ''; if (isset($classes[io::strtolower($classname)])) { $file = $classes[io::strtolower($classname)]; } elseif (io::strpos($classname, 'CMS_object_') === 0 && file_exists(PATH_MODULES_FS . '/polymod/objects/object_' . io::substr($classname, 11) . '.php')) { $file = PATH_MODULES_FS . '/polymod/objects/object_' . io::substr($classname, 11) . '.php'; } elseif (io::strpos($classname, 'CMS_subobject_') === 0 && file_exists(PATH_MODULES_FS . '/polymod/subobjects/subobject_' . io::substr($classname, 14) . '.php')) { $file = PATH_MODULES_FS . '/polymod/subobjects/subobject_' . io::substr($classname, 14) . '.php'; } return $file; }
*/ //force loading module cms_forms if (!class_exists('CMS_module_cms_forms')) { die('Cannot find cms_forms module ...'); } //set current page ID $mod_cms_forms["pageID"] = '{{pageID}}'; //Instanciate Form $form = new CMS_forms_formular($mod_cms_forms["formID"]); //Instanciate language $cms_language = $form->getLanguage(); //Instanciate field error Ids $cms_forms_error_ids = array(); //Form actions treatment if ($form->getID() && $form->isPublic()) { if (io::strtolower(APPLICATION_XHTML_DTD) != io::strtolower('<!DOCTYPE html>')) { echo '<a name="formAnchor' . $form->getID() . '"></a>'; } else { echo '<div id="formAnchor' . $form->getID() . '"></div>'; } //Create or append (from header) form required message if (isset($cms_forms_token[$form->getID()]) && $cms_forms_token[$form->getID()]) { $cms_forms_error_msg[$form->getID()] .= $cms_language->getMessage(CMS_forms_formular::MESSAGE_CMS_FORMS_TOKEN_EXPIRED, false, MOD_CMS_FORMS_CODENAME); } //Create or append (from header) form required message if (isset($cms_forms_required[$form->getID()]) && $cms_forms_required[$form->getID()] && is_array($cms_forms_required[$form->getID()])) { $cms_forms_error_msg[$form->getID()] .= $cms_language->getMessage(CMS_forms_formular::MESSAGE_CMS_FORMS_REQUIRED_FIELDS, false, MOD_CMS_FORMS_CODENAME) . '<ul>'; foreach ($cms_forms_required[$form->getID()] as $fieldName) { $field = $form->getFieldByName($fieldName, true); $cms_forms_error_msg[$form->getID()] .= '<li>' . $field->getAttribute('label') . '</li>'; $cms_forms_error_ids[] .= $field->generateFieldIdDatas();
public static function DOMElementToString($domelement, $contentOnly = false) { if (!is_a($domelement, "DOMElement")) { CMS_grandFather::raiseError('Domelement is not a DOMElement instance'); return false; } static $autoClosedTagsList; if (!$autoClosedTagsList) { $xml2Array = new CMS_xml2Array(); $tagsList = $xml2Array->getAutoClosedTagsList(); $autoClosedTagsList = implode($tagsList, '|'); } $output = ''; if ($contentOnly) { $output = ''; foreach ($domelement->childNodes as $node) { $output .= $node->ownerDocument->saveXML($node, LIBXML_NOEMPTYTAG); } } else { $output = $domNode->ownerDocument->saveXML($domNode, LIBXML_NOEMPTYTAG); } //convert output encoding if needed if (io::isUTF8($output)) { if (io::strtolower(APPLICATION_DEFAULT_ENCODING) != 'utf-8') { $output = utf8_decode($output); } } else { if (io::strtolower(APPLICATION_DEFAULT_ENCODING) == 'utf-8') { $output = utf8_encode($output); } } //to correct a bug in libXML < 2.6.27 if (LIBXML_VERSION < 20627 && strpos($output, '&#x') !== false) { $output = preg_replace_callback('/(&#x[0-9A-Z]+;)/U', create_function('$matches', 'return io::decodeEntities($matches[0]);'), $output); } //replace tags like <br></br> by auto closed tags and strip cariage return arround entities $output = preg_replace(array('#\\n(&[a-z]+;)\\n#U', '#<(' . $autoClosedTagsList . ')([^>]*)></\\1>#U'), array('\\1', '<\\1\\2/>'), $output); return $output; }
/** * get an object value * * @param string $name : the name of the value to get * @param string $parameters (optional) : parameters for the value to get * @return mixed : the object values structure * @access public */ function getValue($name, $parameters = '') { global $cms_language; // @TODOV4 : Manage language into database ! $languages = array(); $languages['fr'] = array('January' => 'Janvier', 'February' => 'Février', 'March' => 'Mars', 'April' => 'Avril', 'May' => 'Mai', 'June' => 'Juin', 'July' => 'Juillet', 'August' => 'Août', 'September' => 'Septembre', 'October' => 'Octobre', 'November' => 'Novembre', 'December' => 'Décembre', 'Monday' => 'Lundi', 'Tuesday' => 'Mardi', 'Wednesday' => 'Mercredi', 'Thursday' => 'Jeudi', 'Friday' => 'Vendredi', 'Saturday' => 'Samedi', 'Sunday' => 'Dimanche', 'Jan' => 'Jan', 'Feb' => 'Fév', 'Mar' => 'Mar', 'Apr' => 'Avr', 'May' => 'Mai', 'Jun' => 'Jui', 'Jul' => 'Jui', 'Aug' => 'Aoû', 'Sep' => 'Sep', 'Oct' => 'Oct', 'Nov' => 'Nov', 'Dec' => 'Déc', 'Mon' => 'Lun', 'Tue' => 'Mar', 'Wed' => 'Mer', 'Thu' => 'Jeu', 'Fri' => 'Ven', 'Sat' => 'Sam', 'Sun' => 'Dim'); switch ($name) { case 'id': return (string) $this->_ID; break; case 'label': if ($parameters == 'js') { return sensitiveIO::sanitizeJSString($this->getLabel()); } else { return $this->getLabel(); } break; case 'objectname': return $this->getFieldLabel($cms_language); break; case 'objectdescription': return $this->getFieldDesc($cms_language); break; case 'objecttype': return $this->_objectID; break; case 'resource': if ($this->_objectResourceStatus == 1) { return parent::getID(); } return; break; case 'formatedDateStart': if ($this->_objectResourceStatus == 1) { $date = parent::getPublicationDateStart(); if (io::strtolower($parameters) == 'rss') { $date = date('r', $date->getTimeStamp()); } else { $date = date($parameters, $date->getTimeStamp()); if (is_object($cms_language) && isset($languages[$cms_language->getCode()])) { $date = str_replace(array_keys($languages[$cms_language->getCode()]), $languages[$cms_language->getCode()], $date); } } return io::htmlspecialchars($date); } break; case 'formatedDateEnd': if ($this->_objectResourceStatus == 1) { $date = parent::getPublicationDateEnd(); if (is_a($date, 'CMS_date')) { if (io::strtolower($parameters) == 'rss') { $date = date('r', $date->getTimeStamp()); } else { $date = date($parameters, $date->getTimeStamp()); if (is_object($cms_language) && isset($languages[$cms_language->getCode()])) { $date = str_replace(array_keys($languages[$cms_language->getCode()]), $languages[$cms_language->getCode()], $date); } } return io::htmlspecialchars($date); } } break; case 'dateStartNotNull': if ($this->_objectResourceStatus == 1) { $date = parent::getPublicationDateStart(); return !$date->isNull(); } break; case 'dateStartTimestamp': if ($this->_objectResourceStatus == 1) { $date = parent::getPublicationDateStart(); return $date->getTimestamp(); } break; case 'dateEndNotNull': if ($this->_objectResourceStatus == 1) { $date = parent::getPublicationDateEnd(); return !$date->isNull(); } break; case 'dateEndTimestamp': if ($this->_objectResourceStatus == 1) { $date = parent::getPublicationDateEnd(); return $date->getTimestamp(); } break; //field related values, may not exists ... //field related values, may not exists ... case 'fieldID': if (!is_a($this->_field, 'CMS_poly_object_field')) { $this->raiseError("Can't get 'fieldID' value for an object which is not a field of another object ..."); return ''; } return $this->_field->getID(); break; case 'description': if (!is_a($this->_field, 'CMS_poly_object_field')) { $this->raiseError("Can't get 'description' value for an object which is not a field of another object ..."); return ''; } return io::htmlspecialchars($this->_field->getFieldDescription($cms_language)); break; case 'required': if (!is_a($this->_field, 'CMS_poly_object_field')) { $this->raiseError("Can't get 'required' value for an object which is not a field of another object ..."); return false; } return $this->_field->getValue("required") ? true : false; break; case 'fieldname': if (!is_a($this->_field, 'CMS_poly_object_field')) { $this->raiseError("Can't get 'fieldname' value for an object which is not a field of another object ..."); return ''; } //get label of current field $fieldLabel = new CMS_object_i18nm($this->_field->getValue("labelID")); return $fieldLabel->getValue($cms_language->getCode()); break; default: $this->raiseError("Unknown value to get : " . $name); return false; break; } }
if (file_exists($file)) { $file = new CMS_file($file); if ($file->setContent($definition) && $file->writeToPersistence()) { $log = new CMS_log(); $log->logMiscAction(CMS_log::LOG_ACTION_TEMPLATE_EDIT_FILE, $cms_user, "File : " . $node); $content = array('success' => true); $cms_message = $cms_language->getMessage(MESSAGE_ACTION_UPDATE_FILE, array($node)); } else { $cms_message = $cms_language->getMessage(MESSAGE_ERROR_UPDATE_FILE) . ' ' . $node; } } break; case 'create': if (is_dir($file) && $filelabel) { if (!is_file($file . '/' . $filelabel)) { $extension = io::strtolower(pathinfo($file . '/' . $filelabel, PATHINFO_EXTENSION)); if (isset($allowedFiles[$extension])) { $file = new CMS_file($file . '/' . $filelabel); if ($file->setContent($definition) && $file->writeToPersistence()) { $log = new CMS_log(); $log->logMiscAction(CMS_log::LOG_ACTION_TEMPLATE_EDIT_FILE, $cms_user, "File : " . $node . '/' . $filelabel); $content = array('success' => true); $cms_message = $cms_language->getMessage(MESSAGE_ACTION_CREATE_FILE, array($filelabel)); } else { $cms_message = $cms_language->getMessage(MESSAGE_ERROR_UPDATE_FILE) . ' ' . $filelabel; } } else { $cms_message = $cms_language->getMessage(MESSAGE_ERROR_CREATE_FILE_EXTENSION, array($filelabel)); } } else { $cms_message = $cms_language->getMessage(MESSAGE_ERROR_CREATE_FILE_EXISTS, array($filelabel));
$query = @parse_url($pageUrl, PHP_URL_QUERY); $fragment = @parse_url($pageUrl, PHP_URL_FRAGMENT); $panelURL = $cms_page->getURL() . ($query ? '?' . $query : '') . ($fragment ? '#' . $fragment : ''); } else { $panelURL = $cms_page->getURL(); } //check for website host $pageHost = @parse_url($panelURL, PHP_URL_HOST); if ($pageHost && $_SERVER['HTTP_HOST'] && io::strtolower($httpHost) != io::strtolower($pageHost)) { //page host is not the same of current host so change it to avoid JS restriction $panelURL = str_replace($pageHost, $httpHost, $panelURL); } //check for website protocol $pageScheme = @parse_url($panelURL, PHP_URL_SCHEME); $currentScheme = isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] && strtolower($_SERVER["HTTPS"]) != 'off' ? 'https' : 'http'; if ($pageScheme && $currentScheme != io::strtolower($pageScheme)) { $panelURL = str_replace($pageScheme . '://', $currentScheme . '://', $panelURL); } } break; case 'nopages': $panelTitle = APPLICATION_LABEL; $panelDisabled = 'false'; $panelTipTitle = APPLICATION_LABEL; $panelTip = $cms_language->getJSMessage(MESSAGE_PAGE_NO_PAGES_RIGHTS); $panelURL = PATH_ADMIN_WR . '/no-pages.php'; $allowFrameNav = 'true'; break; case 'norights': $panelTitle = APPLICATION_LABEL; $panelDisabled = 'false';
/** * Get the module parameters. Search for a file name "CODENAME_rc.xml" in PATH_MODULES_FS * * @param string $onlyOne The name of a single parameter wanted * @return array(string=>string) The parameters from the file, or false if no file found * @access public */ function getParameters($onlyOne = false, $withType = false, $reset = false) { if ($this->_hasParameters) { if ($reset) { unset($moduleParameters); } if (!isset($moduleParameters[$this->_codename])) { $filename = PATH_MODULES_FS . "/" . $this->_codename . "_rc.xml"; if (file_exists($filename)) { $paramsFileContent = @file_get_contents(realpath($filename)); $moduleParameters[$this->_codename] = array(); if ($paramsFileContent) { $file = new CMS_DOMDocument(); $file->loadXML($paramsFileContent); $paramTags = $file->getElementsByTagName('param'); foreach ($paramTags as $paramTag) { $value = io::strtolower(APPLICATION_DEFAULT_ENCODING) != 'utf-8' ? utf8_decode(trim($paramTag->nodeValue)) : trim($paramTag->nodeValue); if ($withType && $paramTag->hasAttribute("type")) { $moduleParameters[$this->_codename][$paramTag->getAttribute("name")] = array($value, $paramTag->getAttribute("type")); } else { $moduleParameters[$this->_codename][$paramTag->getAttribute("name")] = trim($value); } } } } else { $this->raiseError('Malformed definition file : ' . PATH_MODULES_FS . '/' . $this->_codename . '_rc.xml'); $moduleParameters[$this->_codename] = array(); } } //return all or only one of the parameters if ($onlyOne && isset($moduleParameters[$this->_codename][$onlyOne])) { return $moduleParameters[$this->_codename][$onlyOne]; } elseif ($onlyOne) { return ''; } else { return $moduleParameters[$this->_codename]; } } else { return false; } }
/** * get websites for a given domain or false if none found * * @param string $domain : the domain to found website of * @return array(CMS_website) * @access public */ static function getWebsitesFromDomain($domain, &$isAlt = false) { //get all websites $websites = CMS_websitesCatalog::getAll('order'); $matchWebsites = array(); foreach ($websites as $website) { if (io::strtolower($domain) == io::strtolower(@parse_url($website->getURL(), PHP_URL_HOST))) { $matchWebsites[$website->getID()] = $website; } else { $altDomains = $website->getAltDomains(); foreach ($altDomains as $altDomain) { if (io::strtolower($domain) == io::strtolower(@parse_url($altDomain, PHP_URL_HOST))) { $isAlt = true; $matchWebsites[$website->getID()] = $website; } } } } return $matchWebsites; }
/** * Module autoload handler * * @param string $classname the classname required for loading * @return string : the file to use for required classname * @access public */ function load($classname) { static $classes; if (!isset($classes)) { $classes = array('cms_resource_cms_aliases' => PATH_MODULES_FS . '/cms_aliases/resource.php'); } $file = ''; if (isset($classes[io::strtolower($classname)])) { $file = $classes[io::strtolower($classname)]; } return $file; }
/** * Execute a SQL script * * @param $script, string : the CMS_file::FILE_SYSTEM SQL script filename * This script can be SQL export provided by phpMyadmin or mysqldump, etc. * @param simulation : boolean, if true, only do a read of the script and if it contain sql data, return true. * @return boolean, true on success, false on failure * @access public */ function executeSqlScript($script, $simulation = false) { //include PMA import functions require_once PATH_PACKAGES_FS . '/files/sqlDump.php'; //read mysql version and set needed constant/vars for phpMyAdmin $q = new CMS_query('SELECT VERSION() AS version'); $version = $q->getValue('version'); $match = explode('.', $version); //read mysql file $query = PMA_readFile($script); //first, detect SQL file encoding $isUTF8 = io::isUTF8($query); //then, change charset declaration inside sql queries to match current Automne charset if (strtolower(APPLICATION_DEFAULT_ENCODING) != 'utf-8') { //if Automne is not in utf8, then table charset must be in latin1 $query = str_ireplace(' CHARSET=utf8', ' CHARSET=latin1', $query); $query = str_ireplace('TYPE=MyISAM;', 'TYPE=MyISAM CHARSET=latin1;', $query); } else { //if Automne is in utf8, then table charset must be in utf8 $query = str_ireplace(' CHARSET=latin1', ' CHARSET=utf8', $query); $query = str_ireplace('TYPE=MyISAM;', 'TYPE=MyISAM CHARSET=utf8;', $query); } //finally, clean it and split queries PMA_splitSqlFile($queries, $query, (int) sprintf('%d%02d%02d', $match[0], $match[1], intval($match[2]))); if (!$simulation) { //set connection charset accordingly to file charset if ($isUTF8) { $q = new CMS_query("SET NAMES 'utf8'"); } else { $q = new CMS_query("SET NAMES 'latin1'"); } //execute all queries $ok = true; foreach ($queries as $aQuery) { $q = new CMS_query($aQuery); $ok = $q->hasError() ? false : $ok; } //set connection charset accordingly to file charset if ($isUTF8) { $q = new CMS_query("SET NAMES 'latin1'"); } else { $q = new CMS_query("SET NAMES 'utf8'"); } } else { $ok = is_array($queries) && $queries ? true : false; } //reset connection charset if (io::strtolower(APPLICATION_DEFAULT_ENCODING) == 'utf-8') { //set connection to utf-8 charset $q = new CMS_query("SET NAMES 'utf8'"); } else { $q = new CMS_query("SET NAMES 'latin1'"); } return $ok; }
/** * Recursive method to convert given DOMNode (from CMS_array2Xml) to an array * Used by XML_ARRAY2XML_FORMAT mode * * @param DOMNode $domElement The dom element to convert * @return array * @access public */ private function _xml2Array($domElement, $encoding) { $array = array(); if (is_object($domElement)) { foreach ($domElement->childNodes as $node) { if ($node->nodeType == XML_ELEMENT_NODE && $node->hasChildNodes()) { if ($node->childNodes->length > 1) { $value = $this->_xml2Array($node, $encoding); } else { $value = $node->textContent; //check encoding and transcode if current encoding is iso (not needed otherwise) if (io::strtolower(APPLICATION_DEFAULT_ENCODING) != 'utf-8') { $value = utf8_decode($value); } } } else { $value = $node->textContent; //check encoding and transcode if current encoding is iso (not needed otherwise) if (io::strtolower(APPLICATION_DEFAULT_ENCODING) != 'utf-8') { $value = utf8_decode($value); } } if ($node->nodeType == XML_ELEMENT_NODE && $node->attributes->length == 1) { foreach ($node->attributes as $name => $attribute) { $array[$attribute->value] = $value; } } elseif ($value && (is_array($value) || trim($value))) { $array[$node->nodeName] = $value; } } } return $array; }
/** * Gets the data from the module * * @param string $codename The module codename * @param CMS_language &$language The language of the administration frontend * @param CMS_page &$page the page parsed * @param integer $visualizationMode the visualization mode * @return string the data from the rows. * @access public */ function getClientspaceData($codename, &$language, &$page, $visualizationMode) { // Prints wanted template $tpl_name = "mod_" . $codename . "_" . io::strtolower($this->_attributes["type"]) . ".php"; if (!is_file(PATH_TEMPLATES_FS . "/" . $tpl_name)) { $this->raiseError("Not a valid file found : " . $tpl_name); return false; } else { $data = $this->_parseTemplateForParameters($tpl_name); } //make sure all template caracters are in UTF-8 if (strtolower(APPLICATION_DEFAULT_ENCODING) == 'utf-8') { $data = mb_convert_encoding($data, 'UTF-8', 'ISO-8859-1'); } // Add attributes // Foreach attribute, adds a line to $data, after first php tag if (is_array($this->_attributes) && $this->_attributes) { $attrs = ''; while (list($k, $v) = each($this->_attributes)) { //Foreach attribute, Adding a line to $data, after first php tag $attrs .= '$mod_' . $codename . '["' . $k . '"] = ' . var_export($v, true) . ';' . "\n"; } // At least declare array of attributes to erase any previous one $data = '<?php' . "\n" . '$mod_' . $codename . ' = array();' . "\n" . $attrs . '?>' . "\n" . $data; } return $data; }
/** * Get HTML meta tags for a given page * * @param boolean $public Do we want the edited or public value ? (default : false => edited). * @param array $tags the tags names to activate/desactivate (by default all tags are present if they have content) * array('description' => false) * @return string : HTML meta tags infos infos * @access public */ function getMetaTags($public = false, $tags = array()) { $website = $this->getWebsite(); $favicon = ''; $metaDatas = ''; if (!is_object($website)) { return ''; } if (!isset($tags['icon']) || $tags['icon']) { if ($website->getMeta('favicon')) { $infos = pathinfo($website->getMeta('favicon')); if ($infos['extension']) { switch ($infos['extension']) { case 'ico': $type = 'image/x-icon'; break; case 'jpg': $type = 'image/jpeg'; break; case 'gif': $type = 'image/gif'; break; case 'png': $type = 'image/png'; break; default: $type = 'application/octet-stream'; break; } } else { $type = 'application/octet-stream'; } $metaDatas .= '<?php echo \'<link rel="icon" type="' . $type . '" href="\'.CMS_websitesCatalog::getCurrentDomain().\'' . PATH_REALROOT_WR . $website->getMeta('favicon') . '" />\'."\\n"; ?>' . "\n"; } elseif (file_exists(PATH_REALROOT_FS . '/favicon.ico')) { $metaDatas .= '<?php echo \'<link rel="icon" type="image/x-icon" href="\'.CMS_websitesCatalog::getCurrentDomain().\'' . PATH_REALROOT_WR . '/favicon.ico" />\'."\\n"; ?>' . "\n"; } elseif (file_exists(PATH_REALROOT_FS . '/img/favicon.png')) { $metaDatas .= '<?php echo \'<link rel="icon" type="image/png" href="\'.CMS_websitesCatalog::getCurrentDomain().\'' . PATH_REALROOT_WR . '/img/favicon.png" />\'."\\n"; ?>' . "\n"; } } if ((!isset($tags['description']) || $tags['description']) && $this->getDescription($public)) { $metaDatas .= ' <meta name="description" content="' . io::htmlspecialchars($this->getDescription($public), ENT_COMPAT) . '" />' . "\n"; } if ((!isset($tags['keywords']) || $tags['keywords']) && $this->getKeywords($public)) { $metaDatas .= ' <meta name="keywords" content="' . io::htmlspecialchars($this->getKeywords($public), ENT_COMPAT) . '" />' . "\n"; } if (io::strtolower(APPLICATION_XHTML_DTD) != io::strtolower('<!DOCTYPE html>')) { if ((!isset($tags['category']) || $tags['category']) && $this->getCategory($public)) { $metaDatas .= ' <meta name="category" content="' . io::htmlspecialchars($this->getCategory($public), ENT_COMPAT) . '" />' . "\n"; } if ((!isset($tags['robots']) || $tags['robots']) && $this->getRobots($public)) { $metaDatas .= ' <meta name="robots" content="' . io::htmlspecialchars($this->getRobots($public), ENT_COMPAT) . '" />' . "\n"; } if ((!isset($tags['language']) || $tags['language']) && $this->getLanguage($public)) { $metaDatas .= ' <meta name="language" content="' . io::htmlspecialchars($this->getLanguage($public), ENT_COMPAT) . '" />' . "\n"; } if (!isset($tags['identifier-url']) || $tags['identifier-url']) { $metaDatas .= ' <?php echo \'<meta name="identifier-url" content="\'.CMS_websitesCatalog::getCurrentDomain().\'' . PATH_REALROOT_WR . '" />\'."\\n"; ?>' . "\n"; } if ((!isset($tags['revisit-after']) || $tags['revisit-after']) && $this->getReminderPeriodicity($public) && $this->getReminderPeriodicity($public) > 0) { $metaDatas .= ' <meta name="revisit-after" content="' . $this->getReminderPeriodicity($public) . ' days" />' . "\n"; } if ((!isset($tags['pragma']) || $tags['pragma']) && $this->getPragma($public)) { $metaDatas .= ' <meta http-equiv="pragma" content="no-cache" />' . "\n"; } if ((!isset($tags['refresh']) || $tags['refresh']) && $this->getRefresh($public)) { $metaDatas .= ' <meta http-equiv="refresh" content="' . io::htmlspecialchars($this->getRefresh($public), ENT_COMPAT) . '" />' . "\n"; } } if (!NO_PAGES_EXTENDED_META_TAGS) { if ((!isset($tags['author']) || $tags['author']) && $this->getAuthor($public)) { $metaDatas .= ' <meta name="author" content="' . io::htmlspecialchars($this->getAuthor($public), ENT_COMPAT) . '" />' . "\n"; } if (io::strtolower(APPLICATION_XHTML_DTD) != io::strtolower('<!DOCTYPE html>')) { if ((!isset($tags['reply-to']) || $tags['reply-to']) && $this->getReplyto($public)) { $metaDatas .= ' <meta name="reply-to" content="' . io::htmlspecialchars($this->getReplyto($public), ENT_COMPAT) . '" />' . "\n"; } if ((!isset($tags['copyright']) || $tags['copyright']) && $this->getCopyright($public)) { $metaDatas .= ' <meta name="copyright" content="' . io::htmlspecialchars($this->getCopyright($public), ENT_COMPAT) . '" />' . "\n"; } } } if (!isset($tags['generator']) || $tags['generator']) { $metaDatas .= ' <meta name="generator" content="' . CMS_grandFather::SYSTEM_LABEL . '" />' . "\n"; } if ($this->getMetas($public)) { $metaDatas .= $this->getMetas($public) . "\n"; } return $metaDatas; }
/** * Search groups * Static function. * * @param string search : search group by lastname, firstname or login * @param string letter : search group by first lastname letter * @param integer userId : search group which user belongs to * @param string order : order by fieldname (without suffix). default : label * @param integer start : search start offset * @param integer limit : search limit (default : 0 : unlimited) * @param boolean returnObjects : return CMS_profile_usersGroup objects (default) or array of groupId * @return array(CMS_profile_usersGroup) * @access public */ static function search($search = '', $letter = '', $userId = false, $groupsIds = array(), $order = '', $direction = 'asc', $start = 0, $limit = 0, $returnObjects = true, &$score = array()) { $start = (int) $start; $limit = (int) $limit; $direction = in_array(io::strtolower($direction), array('asc', 'desc')) ? io::strtolower($direction) : 'asc'; $keywordsWhere = $letterWhere = $groupWhere = $orderClause = $orderBy = ''; $select = 'id_prg'; if ($search) { //clean user keywords (never trust user input, user is evil) $keyword = strtr($search, ",;", " "); $words = array(); $words = array_map("trim", array_unique(explode(" ", io::strtolower($keyword)))); $cleanedWords = array(); foreach ($words as $aWord) { if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) { $aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord); $cleanedWords[] = $aWord; } } if (!$cleanedWords) { //if no words after cleaning, return return array(); } foreach ($cleanedWords as $cleanedWord) { $keywordsWhere .= $keywordsWhere ? ' and ' : ''; $keywordsWhere .= " label_prg like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'"; } //$keywordsWhere = ' ('; $select .= " , MATCH (label_prg, description_prg) AGAINST ('" . sensitiveIO::sanitizeSQLString($search) . "') as m "; $keywordsWhere = " (MATCH (label_prg, description_prg) AGAINST ('" . sensitiveIO::sanitizeSQLString($search) . "') or (" . $keywordsWhere . "))"; } if ($letter && io::strlen($letter) === 1) { $letterWhere .= $keywordsWhere ? ' and ' : ''; $letterWhere .= " label_prg like '" . sensitiveIO::sanitizeSQLString($letter) . "%'"; } if ($userId && sensitiveIO::isPositiveInteger($userId)) { $userGroups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($userId, true); if (!$userGroups) { return array(); } $groupWhere .= $keywordsWhere || $letterWhere ? ' and ' : ''; $groupWhere .= " id_prg in (" . implode(',', $userGroups) . ")"; } if ($groupsIds) { $groupWhere .= $keywordsWhere || $letterWhere || $groupWhere ? ' and ' : ''; $groupWhere .= " id_prg in (" . sensitiveIO::sanitizeSQLString(implode(',', $groupsIds)) . ")"; } if ($order != 'score') { if ($order) { $found = false; $sql = "DESCRIBE profilesUsersGroups"; $q = new CMS_query($sql); while ($field = $q->getValue('Field')) { if ($field == $order . '_prg') { $found = true; } } if ($found) { $orderBy = $order . '_prg'; } else { $orderBy = 'label_prg'; } } else { $orderBy = 'label_prg'; } if ($orderBy) { $orderClause = "order by\n\t\t\t\t\t" . $orderBy . "\n\t\t\t\t\t" . $direction; } } else { $orderClause = " order by m " . $direction; } $sql = "\n\t\t\tselect\n\t\t\t\t" . $select . "\n\t\t\tfrom\n\t\t\t\tprofilesUsersGroups\n\t\t\t" . ($keywordsWhere || $letterWhere || $groupWhere ? 'where' : '') . "\n\t\t\t" . $keywordsWhere . "\n\t\t\t" . $letterWhere . "\n\t\t\t" . $groupWhere . "\n\t\t\t" . $orderClause . "\n\t\t"; if ($limit) { $sql .= "limit \n\t\t\t\t" . $start . ", " . $limit; } $q = new CMS_query($sql); //pr($sql); //pr($q->getNumRows()); $groups = array(); while ($r = $q->getArray()) { $id = $r['id_prg']; //set match score if exists if (isset($r['m'])) { $score[$id] = $r['m']; } if ($returnObjects) { $group = CMS_profile_usersGroupsCatalog::getById($id); if (is_a($group, "CMS_profile_usersGroup") && !$group->hasError()) { $groups[] = $group; } } else { $groups[] = $id; } } return $groups; }
/** * Sets the image. Can be empty. Must have the gif, jpg, jpeg or png extension. * * @param string $image the image to set * @return boolean true on success, false on failure. * @access public */ function setImage($image = 'nopicto.gif') { if (!trim($image)) { $image = 'nopicto.gif'; } $extension = io::substr($image, strrpos($image, ".") + 1); if (SensitiveIO::isInSet(io::strtolower($extension), array("jpg", "jpeg", "gif", "png"))) { $this->_image = $image; return true; } else { $this->_image = 'nopicto.gif'; return true; } }
/** * Initiates connection with the database. * * @param integer $id DB id * @return void * @access private */ private function _connect($dsn, $user, $pass) { $connectID = md5($dsn . $user . $pass); if (!isset(self::$_connection[$connectID])) { if (!defined('PDO::MYSQL_ATTR_USE_BUFFERED_QUERY')) { $this->raiseError('PDO MySQL driver not loaded ... please check your PHP configuration.'); if (SYSTEM_DEBUG) { die('<pre><b>' . self::SYSTEM_LABEL . ' ' . AUTOMNE_VERSION . ' error : PDO MySQL driver not loaded ... please check your PHP configuration.' . "</b></pre>\n"); } exit; } try { self::$_connection[$connectID] = new PDO($dsn, $user, $pass, array(PDO::ATTR_PERSISTENT => APPLICATION_DB_PERSISTENT_CONNNECTION, PDO::ERRMODE_EXCEPTION => true, PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true)); } catch (PDOException $e) { unset(self::$_connection[$connectID]); $this->raiseError($e->getMessage()); if (SYSTEM_DEBUG) { die('<pre><b>' . self::SYSTEM_LABEL . ' ' . AUTOMNE_VERSION . ' error : ' . $e->getMessage() . "</b></pre>\n"); } exit; } if (io::strtolower(APPLICATION_DEFAULT_ENCODING) == 'utf-8') { //set connection to utf-8 charset $q = new CMS_query("SET NAMES 'utf8'"); } else { $q = new CMS_query("SET NAMES 'latin1'"); } } $this->_db = self::$_connection[$connectID]; return true; }
/** * Get all searched objects ids * * @access private * @return array of object ids unsorted */ protected function _getIds() { $IDs = array(); $statusSuffix = $this->_public ? "_public" : "_edited"; //loop on each conditions foreach ($this->_whereConditions as $type => $typeWhereConditions) { foreach ($typeWhereConditions as $whereConditionsValues) { $value = $whereConditionsValues['value']; $operator = $whereConditionsValues['operator']; $sql = ''; switch ($type) { case "object": //add previously found IDs to where clause $where = $IDs ? ' and id_moo in (' . $this->_getSQLTmpList() . ')' : ''; //to remove deleted objects from results $sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tid_moo as objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_object_polyobjects\n\t\t\t\t\twhere\n\t\t\t\t\t\tobject_type_id_moo = '" . $this->_object->getID() . "'\n\t\t\t\t\t\tand deleted_moo = '0'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t"; break; case "item": //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; //check operator $supportedOperator = array('=', '!=', '>=', '>', '<=', '<'); if ($operator && !in_array($operator, $supportedOperator)) { $this->raiseError("Unknown search operator : " . $operator . ", use default search instead"); $operator = false; } if (!$operator) { $operator = '='; } $sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_text" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " '" . $value . "'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " '" . $value . "'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_string" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " '" . $value . "'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_date" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " '" . $value . "'\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t"; break; case "items": //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; //check operator $supportedOperator = array('in', 'not in'); if ($operator && !in_array($operator, $supportedOperator)) { $this->raiseError("Unknown search operator : " . $operator . ", use default search instead"); $operator = false; } if (!$operator) { $operator = 'in'; } //no values to found so break search if ((!is_array($value) || !$value) && $operator == 'in') { $IDs = array(); break; } //no filter to do so break search if ((!is_array($value) || !$value) && $operator == 'not in') { break; } $sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_text" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_string" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\tunion distinct\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_date" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID " . $operator . " (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t"; break; case "profile": //if user has no right on module, he cannot search object on it if (!$value->hasModuleClearance($this->_object->getValue('module'), CLEARANCE_MODULE_VIEW)) { break; } //if object has categories, check rights on it if ($this->_object->hasCategories()) { //get field of categories for searched object type (assume it uses categories) $categoriesFields = CMS_poly_object_catalog::objectHasCategories($this->_object->getId()); //BUG : in websites without APPLICATION_ENFORCES_ACCESS_CONTROL, backend rights on categories are checked on visibility instead of edition if (!$this->_public) { $clearance = CLEARANCE_MODULE_EDIT; $strict = true; } else { $clearance = CLEARANCE_MODULE_VIEW; $strict = false; } //get a list of all viewvable categories for current user $cats = array_keys(CMS_moduleCategories_catalog::getViewvableCategoriesForProfile($value, $this->_object->getValue('module'), true, $clearance, $strict)); foreach ($categoriesFields as $categoriesField) { //load category field if not exists if (!isset($this->_fieldsDefinitions[$categoriesField]) || !is_object($this->_fieldsDefinitions[$categoriesField])) { //get object fields definition $this->_fieldsDefinitions = CMS_poly_object_catalog::getFieldsDefinition($this->_object->getID()); } if (!isset($this->_fieldsDefinitions[$categoriesField])) { break; } //we can see objects without categories only if is not public or field is not required and user has admin right on module if ($this->_public && !$this->_fieldsDefinitions[$categoriesField]->getValue('required') || !$this->_public && $value->hasModuleClearance($this->_object->getValue('module'), CLEARANCE_MODULE_EDIT)) { //add deleted cats to searchs $viewvableCats = array_merge(CMS_moduleCategories_catalog::getDeletedCategories($this->_object->getValue('module')), $cats); //add zero value for objects without categories $viewvableCats[] = 0; } else { $viewvableCats = $cats; //add zero value for objects without categories $viewvableCats[] = 0; } //if no viewvable categories, user has no rights to view anything if (!$viewvableCats) { break; } $removedIDs = array(); //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; $sqlTmp = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '" . $categoriesField . "'\n\t\t\t\t\t\t\t\t\tand value not in (" . @implode(',', $viewvableCats) . ")\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t"; $qTmp = new CMS_query($sqlTmp); while ($r = $qTmp->getArray()) { if ($r['objectID'] && isset($IDs[$r['objectID']])) { $removedIDs[$r['objectID']] = $r['objectID']; } } //add (again) ids which has a category visible and a category not visible if ($removedIDs) { $sqlTmp = "\n\t\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t\tobjectFieldID = '" . $categoriesField . "'\n\t\t\t\t\t\t\t\t\t\tand value in (" . @implode(',', $viewvableCats) . ")\n\t\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t"; $qTmp = new CMS_query($sqlTmp); while ($r = $qTmp->getArray()) { if ($r['objectID'] && isset($removedIDs[$r['objectID']])) { unset($removedIDs[$r['objectID']]); } } //then finally remove ids foreach ($removedIDs as $idToRemove) { unset($IDs[$idToRemove]); } } //if no IDs break if (!$IDs) { break; } //if field is required and if it is a public search, object must have this category in DB if ($this->_fieldsDefinitions[$categoriesField]->getValue('required') && $this->_public) { //update tmp table with found ids $this->_updateTmpList($IDs); $sqlTmp = "\n\t\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t\tobjectFieldID = '" . $categoriesField . "'\n\t\t\t\t\t\t\t\t\t\tand objectID in (" . $this->_getSQLTmpList() . ")\n\t\t\t\t\t\t\t\t"; $qTmp = new CMS_query($sqlTmp); $IDs = array(); while ($r = $qTmp->getArray()) { $IDs[$r['objectID']] = $r['objectID']; } } //if no IDs break if (!$IDs) { break; } } //if no IDs break if (!$IDs) { break; } } elseif (!$this->_public && !$value->hasModuleClearance($this->_object->getValue('module'), CLEARANCE_MODULE_EDIT)) { break; } elseif ($this->_public && !$value->hasModuleClearance($this->_object->getValue('module'), CLEARANCE_MODULE_VIEW)) { break; } //update tmp table with found ids $this->_updateTmpList($IDs); //add previously found IDs to where clause $where = $IDs ? ' id_moo in (' . $this->_getSQLTmpList() . ')' : ''; $sql = "\n\t\t\t\t\t\tselect\n\t\t\t\t\t\t\tdistinct id_moo as objectID\n\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\tmod_object_polyobjects\n\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t"; break; case "keywords": if ($value) { //check operators $supportedOperator = array('any', 'all', 'phrase', 'beginswith'); if ($operator && !in_array($operator, $supportedOperator)) { $this->raiseError("Unkown search operator : " . $operator . ", use default search instead"); $operator = 'any'; } elseif (!$operator) { $operator = 'any'; } //if ASE module exists (and is active) and object is indexed, and search is public, use it to do this search if ($operator == 'any' && class_exists('CMS_module_ase') && CMS_module_ase::isActive() && $this->_object->getValue('indexable') && $this->_public) { //get language code for stemming $languageCode = ''; if ($languageFieldIDs = CMS_poly_object_catalog::objectHasLanguageField($this->_object->getID())) { $languageFieldID = array_shift($languageFieldIDs); //if any query use this field, use the queried value for stemming strategy if (isset($this->_whereConditions[$languageFieldID]) && $this->_whereConditions[$languageFieldID]) { $languageCode = $this->_whereConditions[$languageFieldID][0]['value']; } } //otherwise, we use current language if (!$languageCode) { global $cms_language; $languageCode = $cms_language->getCode(); } if (!$languageCode) { $languageCode = io::strtolower(APPLICATION_DEFAULT_LANGUAGE); } $module = $this->_object->getValue('module'); //create Xapian search object $search = new CMS_XapianQuery(trim($value), array($module), $languageCode, true); //load module interface if (!($moduleInterface = CMS_ase_interface_catalog::getModuleInterface($module))) { $this->raiseError('No active Xapian interface for module : ' . $module); return false; } //add previously found IDs to search filters $moduleInterface->addFilter('items', $IDs); //set module interface to search engine $search->setModuleInterface($module, $moduleInterface); //set page number and max results for xapian query //we must do a complete search all the time so we start from page 0 $page = 0; //we limit to a maximum of 1000 results $maxResults = 1000; //then search if (!$search->query($page, $maxResults)) { $this->raiseError('Error in Xapian query for search : ' . io::htmlspecialchars($value)); return false; } //pr($search->getQueryDesc(true)); //if no results : break if (!$search->getMatchesNumbers()) { break; } $xapianResults = $search->getMatches(); } else { //get fields if (!isset($this->_fieldsDefinitions[$type]) || !is_object($this->_fieldsDefinitions[$type])) { //get object fields definition $this->_fieldsDefinitions = CMS_poly_object_catalog::getFieldsDefinition($this->_object->getID()); } //search only in "searchable" fields $fields = array(); $aseExists = class_exists('CMS_module_ase') && CMS_module_ase::isActive() && $this->_object->getValue('indexable') ? true : false; foreach ($this->_fieldsDefinitions as $fieldDefinition) { if ($fieldDefinition->getValue($aseExists ? 'indexable' : 'searchable')) { $fields[] = $fieldDefinition->getID(); } } if (!$fields) { //if no fields after cleaning, return break; } //add previously found IDs to where clause $where = $IDs ? ' objectID in (' . $this->_getSQLTmpList() . ') and ' : ''; //filter on specified fields $where .= $fields ? ' objectFieldID in (' . implode(',', $fields) . ') and ' : ''; //clean user keywords (never trust user input, user is evil) $value = strtr($value, ",;", " "); $words = array(); $words = array_map("trim", array_unique(explode(" ", $value))); $cleanedWords = array(); foreach ($words as $aWord) { if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) { $aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord); $cleanedWords[] = $aWord; } } if (!$cleanedWords) { //if no words after cleaning, return break; } switch ($operator) { case 'any': $where .= '('; //then add keywords $count = '0'; foreach ($cleanedWords as $aWord) { $where .= $count ? ' or ' : ''; $count++; $where .= "value like '%" . $aWord . "%'"; if (htmlentities($aWord) != $aWord) { $where .= " or value like '%" . htmlentities($aWord) . "%'"; } } $where .= ')'; break; case 'all': $where .= '('; //then add keywords $count = '0'; foreach ($cleanedWords as $aWord) { $where .= $count ? ' and ' : ''; $count++; if (htmlentities($aWord) != $aWord) { $where .= "(value like '%" . $aWord . "%' or value like '%" . htmlentities($aWord) . "%')"; } else { $where .= "value like '%" . $aWord . "%'"; } } $where .= ')'; break; case 'phrase': $value = str_replace(array('%', '_'), array('\\%', '\\_'), trim($value)); if (htmlentities($value) != $value) { $where .= "(value like '%" . $value . "%' or value like '%" . htmlentities($value) . "%')"; } else { $where .= "value like '%" . $value . "%'"; } break; case 'beginswith': $value = str_replace(array('%', '_'), array('\\%', '\\_'), trim($value)); if (htmlentities($value) != $value) { $where .= "(value like '" . $value . "%' or value like '" . htmlentities($value) . "%')"; } else { $where .= "value like '" . $value . "%'"; } break; } $sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_text" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\tunion distinct\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\tunion distinct\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_string" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\tunion distinct\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_date" . $statusSuffix . "\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t"; } } break; case "publication date after": // Date start //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; $sql = "\n\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\tand publicationDateStart_rs >= '" . $value->getDBValue(true) . "'\n\t\t\t\t\t\t\t\tand publicationDateStart_rs != '0000-00-00'\n\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t"; break; case "publication date before": // Date End //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; $sql = "\n\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\tand publicationDateStart_rs <= '" . $value->getDBValue(true) . "'\n\t\t\t\t\t\t\t\tand publicationDateStart_rs != '0000-00-00'\n\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t"; break; case "publication date end": // End Date of publication //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; $sql = "\n\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\tand (publicationDateEnd_rs >= '" . $value->getDBValue(true) . "'\n\t\t\t\t\t\t\t\tor publicationDateEnd_rs = '0000-00-00')\n\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t"; break; case "status": // Publication status //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; switch ($value) { case 'online': $sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\t\tand location_rs='" . RESOURCE_LOCATION_USERSPACE . "'\n\t\t\t\t\t\t\t\t\tand publication_rs='" . RESOURCE_PUBLICATION_PUBLIC . "'\n\t\t\t\t\t\t\t\t\tand publicationDateStart_rs <= '" . date('Y-m-d') . "'\n\t\t\t\t\t\t\t\t\tand publicationDateStart_rs != '0000-00-00'\n\t\t\t\t\t\t\t\t\tand (publicationDateEnd_rs >= '" . date('Y-m-d') . "'\n\t\t\t\t\t\t\t\t\tor publicationDateEnd_rs = '0000-00-00')\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t"; break; case 'offline': $sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\t\tand (publication_rs='" . RESOURCE_PUBLICATION_NEVERVALIDATED . "' or publication_rs='" . RESOURCE_PUBLICATION_VALIDATED . "')\n\t\t\t\t\t\t\t\t\tand (publicationDateStart_rs > '" . date('Y-m-d') . "' or publicationDateEnd_rs < '" . date('Y-m-d') . "')\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t"; break; case 'validated': $sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\t\tand editions_rs=0\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t"; break; case 'awaiting': $sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\t\tand editions_rs!=0\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\t"; break; } break; default: //add previously found IDs to where clause $where = $IDs ? ' and objectID in (' . $this->_getSQLTmpList() . ')' : ''; if (!isset($this->_fieldsDefinitions[$type]) || !is_object($this->_fieldsDefinitions[$type])) { //get object fields definition $this->_fieldsDefinitions = CMS_poly_object_catalog::getFieldsDefinition($this->_object->getID()); } //get type object for field if (isset($this->_fieldsDefinitions[$type])) { $objectField = $this->_fieldsDefinitions[$type]->getTypeObject(); $sql = $objectField->getFieldSearchSQL($type, $value, $operator, $where, $this->_public); } else { $this->raiseError('Unknown field ' . $type . ' to filter with value ' . print_r($value, true)); } break; } if ($sql || isset($xapianResults) || isset($fullTextResults)) { if ($sql) { //pr($sql); //$this->raiseError($sql); $q = new CMS_query($sql); $IDs = array(); if (!$q->hasError()) { while ($id = $q->getValue('objectID')) { $IDs[$id] = $id; } } } elseif (isset($xapianResults)) { $IDs = array(); foreach ($xapianResults as $id) { $IDs[$id] = $id; } //if we only have objectID as orderCondition or if order by relevance is queried, use order provided by Xapian if (isset($this->_orderConditions['objectID']) && $this->_orderConditions['objectID'] && sizeof($this->_orderConditions) <= 1 || isset($this->_orderConditions['relevance']) && $this->_orderConditions['relevance']) { if ($this->_orderConditions['relevance'] == 'desc') { $this->_orderConditions = array('itemsOrdered' => array('order' => array_reverse($IDs, true))); } else { $this->_orderConditions = array('itemsOrdered' => array('order' => $IDs)); } if (isset($this->_orderConditions['relevance']) && $this->_orderConditions['relevance']) { unset($this->_orderConditions['relevance']); } } } else { //if we only have objectID as orderCondition or if order by relevance is queried, use order provided by MySQL Fulltext if (isset($this->_orderConditions['relevance']) && $this->_orderConditions['relevance']) { if ($this->_orderConditions['relevance'] == 'desc') { $this->_orderConditions = array('itemsOrdered' => array('order' => array_reverse($fullTextResults, true))); } else { $this->_orderConditions = array('itemsOrdered' => array('order' => $fullTextResults)); } unset($this->_orderConditions['relevance']); } } //if no results, no need to continue if (!$IDs) { $IDs = array(); $this->_numRows = 0; return $IDs; } //update tmp table with found ids $this->_updateTmpList($IDs); } else { //if no sql request, then no results (can be used by 'profile'), no need to continue $IDs = array(); $this->_numRows = sizeof($IDs); return $IDs; } } } $this->_numRows = sizeof($IDs); return $IDs; }
/** * Search users * Static function. * * @param string search : search user by lastname, firstname or login * @param string letter : search user by first lastname letter * @param integer group : search user by group ID * @param string order : order by fieldname (without suffix). default : lastname, firstname * @param integer start : search start offset * @param integer limit : search limit (default : 0 : unlimited) * @param boolean activeOnly : return only active users (default : false) * @param boolean returnObjects : return CMS_profile_user objects (default) or array of userId * @return array(CMS_profile_user) * @access public */ static function search($search = '', $letter = '', $group = '', $order = '', $direction = 'asc', $start = 0, $limit = 0, $activeOnly = false, $returnObjects = true, &$score = array()) { $start = (int) $start; $limit = (int) $limit; $group = (int) $group; $direction = in_array(io::strtolower($direction), array('asc', 'desc')) ? io::strtolower($direction) : 'asc'; $keywordsWhere = $letterWhere = $groupWhere = $orderBy = $orderClause = $idWhere = ''; $select = 'id_pru'; if (io::strpos($search, ':noroot:') !== false) { $idWhere = " and id_pru != '" . ROOT_PROFILEUSER_ID . "'"; $search = trim(str_replace(':noroot:', '', $search)); } if (io::substr($search, 0, 5) == 'user:'******'" . sensitiveIO::sanitizeSQLString(io::substr($search, 5)) . "'"; $search = ''; } if (io::substr($search, 0, 6) == 'group:' && sensitiveIO::isPositiveInteger(io::substr($search, 6))) { $group = io::substr($search, 6); $search = ''; } if ($search) { //clean user keywords (never trust user input, user is evil) $keyword = strtr($search, ",;", " "); $words = array(); $words = array_map("trim", array_unique(explode(" ", io::strtolower($keyword)))); $cleanedWords = array(); foreach ($words as $aWord) { if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) { $aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord); if (htmlentities($aWord) != $aWord) { $cleanedWords[] = htmlentities($aWord); } $cleanedWords[] = $aWord; } } if (!$cleanedWords) { //if no words after cleaning, return return array(); } foreach ($cleanedWords as $cleanedWord) { $keywordsWhere .= $keywordsWhere ? " and " : ''; $keywordsWhere .= " (\n\t\t\t\t\tlastName_pru like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\tor firstName_pru like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\tor login_pru like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t)"; } $keywordsWhere = ' and ((' . $keywordsWhere . ')'; $select .= " , MATCH (lastName_pru, firstName_pru, login_pru) AGAINST ('" . sensitiveIO::sanitizeSQLString($search) . "') as m "; $keywordsWhere .= " or MATCH (lastName_pru, firstName_pru, login_pru) AGAINST ('" . sensitiveIO::sanitizeSQLString($search) . "') )"; } if ($letter && io::strlen($letter) === 1) { $letterWhere = " and lastName_pru like '" . sensitiveIO::sanitizeSQLString($letter) . "%'"; } if ($group) { $groupUsers = CMS_profile_usersGroupsCatalog::getGroupUsers($group, false); if (!$groupUsers) { return array(); } $groupWhere = " and id_pru in (" . implode(',', $groupUsers) . ")"; } if ($order != 'score') { if ($order) { $found = false; $sql = "DESCRIBE profilesUsers"; $q = new CMS_query($sql); while ($field = $q->getValue('Field')) { if ($field == $order . '_pru') { $found = true; } } if ($found) { $orderBy = $order . '_pru'; } else { $orderBy = 'lastName_pru,firstName_pru'; } } else { $orderBy = 'lastName_pru,firstName_pru'; } if ($orderBy) { $orderClause = "order by\n\t\t\t\t\t" . $orderBy . "\n\t\t\t\t\t" . $direction; } } elseif ($search) { $orderClause = " order by m " . $direction; } $sql = "\n\t\t\tselect\n\t\t\t\t" . $select . "\n\t\t\tfrom\n\t\t\t\tprofilesUsers\n\t\t\twhere \n\t\t\t deleted_pru='0'\n\t\t\t" . ($activeOnly ? " and active_pru='1' " : '') . "\n\t\t\t" . $keywordsWhere . "\n\t\t\t" . $letterWhere . "\n\t\t\t" . $groupWhere . "\n\t\t\t" . $idWhere . "\n\t\t\t" . $orderClause . "\n\t\t"; if ($limit) { $sql .= "limit \n\t\t\t\t" . $start . ", " . $limit; } $q = new CMS_query($sql); //pr($sql); //pr($q->getNumRows()); $users = array(); while ($r = $q->getArray()) { $id = $r['id_pru']; //set match score if exists if (isset($r['m'])) { $score[$id] = $r['m']; } if ($returnObjects) { $usr = CMS_profile_usersCatalog::getByID($id); if (is_a($usr, "CMS_profile_user") && !$usr->hasError()) { if ($activeOnly && $usr->isActive() || !$activeOnly) { $users[] = $usr; } } } else { $users[] = $id; } } //pr($score); return $users; }