/**
* Send a message (DB control)
* @param int $sender_srl member_srl of sender
* @param int $receiver_srl member_srl of receiver_srl
* @param string $title
* @param string $content
* @param boolean $sender_log (default true)
* @return Object
*/
function sendMessage($sender_srl, $receiver_srl, $title, $content, $sender_log = TRUE)
{
// Encode the title and content.
$title = htmlspecialchars($title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
$content = removeHackTag($content);
$title = utf8_mbencode($title);
$content = utf8_mbencode($content);
$message_srl = getNextSequence();
$related_srl = getNextSequence();
// messages to save in the sendor's message box
$sender_args = new stdClass();
$sender_args->sender_srl = $sender_srl;
$sender_args->receiver_srl = $receiver_srl;
$sender_args->message_type = 'S';
$sender_args->title = $title;
$sender_args->content = $content;
$sender_args->readed = 'N';
$sender_args->regdate = date("YmdHis");
$sender_args->message_srl = $message_srl;
$sender_args->related_srl = $related_srl;
$sender_args->list_order = $sender_args->message_srl * -1;
// messages to save in the receiver's message box
$receiver_args = new stdClass();
$receiver_args->message_srl = $related_srl;
$receiver_args->related_srl = 0;
$receiver_args->list_order = $related_srl * -1;
$receiver_args->sender_srl = $sender_srl;
if (!$receiver_args->sender_srl) {
$receiver_args->sender_srl = $receiver_srl;
}
$receiver_args->receiver_srl = $receiver_srl;
$receiver_args->message_type = 'R';
$receiver_args->title = $title;
$receiver_args->content = $content;
$receiver_args->readed = 'N';
$receiver_args->regdate = date("YmdHis");
// Call a trigger (before)
$trigger_obj = new stdClass();
$trigger_obj->sender_srl = $sender_srl;
$trigger_obj->receiver_srl = $receiver_srl;
$trigger_obj->message_srl = $message_srl;
$trigger_obj->related_srl = $related_srl;
$trigger_obj->title = $title;
$trigger_obj->content = $content;
$trigger_obj->sender_log = $sender_log;
$trigger_output = ModuleHandler::triggerCall('communication.sendMessage', 'before', $trigger_obj);
if (!$trigger_output->toBool()) {
return $trigger_output;
}
$oDB = DB::getInstance();
$oDB->begin();
// messages to save in the sendor's message box
if ($sender_srl && $sender_log) {
$output = executeQuery('communication.sendMessage', $sender_args);
if (!$output->toBool()) {
$oDB->rollback();
return $output;
}
}
// messages to save in the receiver's message box
$output = executeQuery('communication.sendMessage', $receiver_args);
if (!$output->toBool()) {
$oDB->rollback();
return $output;
}
// Call a trigger (after)
ModuleHandler::triggerCall('communication.sendMessage', 'after', $trigger_obj);
$oDB->commit();
// create a flag that message is sent (in file format)
$this->updateFlagFile($receiver_srl);
return new Object(0, 'success_sended');
}
/**
* Update the document
* @param object $source_obj
* @param object $obj
* @param bool $manual_updated
* @return object
*/
function updateDocument($source_obj, $obj, $manual_updated = FALSE)
{
if (!$manual_updated && !checkCSRF()) {
return new Object(-1, 'msg_invalid_request');
}
if (!$source_obj->document_srl || !$obj->document_srl) {
return new Object(-1, 'msg_invalied_request');
}
if (!$obj->status && $obj->is_secret == 'Y') {
$obj->status = 'SECRET';
}
if (!$obj->status) {
$obj->status = 'PUBLIC';
}
// Call a trigger (before)
$output = ModuleHandler::triggerCall('document.updateDocument', 'before', $obj);
if (!$output->toBool()) {
return $output;
}
// begin transaction
$oDB =& DB::getInstance();
$oDB->begin();
$oModuleModel = getModel('module');
if (!$obj->module_srl) {
$obj->module_srl = $source_obj->get('module_srl');
}
$module_srl = $obj->module_srl;
$module_info = $oModuleModel->getModuleInfoByModuleSrl($module_srl);
$document_config = $oModuleModel->getModulePartConfig('document', $module_srl);
if (!$document_config) {
$document_config = new stdClass();
}
if (!isset($document_config->use_history)) {
$document_config->use_history = 'N';
}
$bUseHistory = $document_config->use_history == 'Y' || $document_config->use_history == 'Trace';
if ($bUseHistory) {
$args = new stdClass();
$args->history_srl = getNextSequence();
$args->document_srl = $obj->document_srl;
$args->module_srl = $module_srl;
if ($document_config->use_history == 'Y') {
$args->content = $source_obj->get('content');
}
$args->nick_name = $source_obj->get('nick_name');
$args->member_srl = $source_obj->get('member_srl');
$args->regdate = $source_obj->get('last_update');
$args->ipaddress = $source_obj->get('ipaddress');
$output = executeQuery("document.insertHistory", $args);
} else {
$obj->ipaddress = $source_obj->get('ipaddress');
}
// List variables
if ($obj->comment_status) {
$obj->commentStatus = $obj->comment_status;
}
if (!$obj->commentStatus) {
$obj->commentStatus = 'DENY';
}
if ($obj->commentStatus == 'DENY') {
$this->_checkCommentStatusForOldVersion($obj);
}
if ($obj->allow_trackback != 'Y') {
$obj->allow_trackback = 'N';
}
if ($obj->homepage) {
$obj->homepage = removeHackTag($obj->homepage);
if (!preg_match('/^[a-z]+:\\/\\//i', $obj->homepage)) {
$obj->homepage = 'http://' . $obj->homepage;
}
}
if ($obj->notify_message != 'Y') {
$obj->notify_message = 'N';
}
// can modify regdate only manager
$grant = Context::get('grant');
if (!$grant->manager) {
unset($obj->regdate);
}
// Serialize the $extra_vars
if (!is_string($obj->extra_vars)) {
$obj->extra_vars = serialize($obj->extra_vars);
}
// Remove the columns for automatic saving
unset($obj->_saved_doc_srl);
unset($obj->_saved_doc_title);
unset($obj->_saved_doc_content);
unset($obj->_saved_doc_message);
$oDocumentModel = getModel('document');
// Set the category_srl to 0 if the changed category is not exsiting.
if ($source_obj->get('category_srl') != $obj->category_srl) {
$category_list = $oDocumentModel->getCategoryList($obj->module_srl);
if (!$category_list[$obj->category_srl]) {
$obj->category_srl = 0;
}
}
// Change the update order
$obj->update_order = getNextSequence() * -1;
// Hash the password if it exists
if ($obj->password) {
$obj->password = getModel('member')->hashPassword($obj->password);
}
// If an author is identical to the modifier or history is used, use the logged-in user's information.
$logged_info = Context::get('logged_info');
if (Context::get('is_logged') && !$manual_updated && $module_info->use_anonymous != 'Y') {
if ($source_obj->get('member_srl') == $logged_info->member_srl) {
$obj->member_srl = $logged_info->member_srl;
$obj->user_name = htmlspecialchars_decode($logged_info->user_name);
$obj->nick_name = htmlspecialchars_decode($logged_info->nick_name);
$obj->email_address = $logged_info->email_address;
$obj->homepage = $logged_info->homepage;
}
}
// For the document written by logged-in user however no nick_name exists
if ($source_obj->get('member_srl') && !$obj->nick_name) {
$obj->member_srl = $source_obj->get('member_srl');
$obj->user_name = $source_obj->get('user_name');
$obj->nick_name = $source_obj->get('nick_name');
$obj->email_address = $source_obj->get('email_address');
$obj->homepage = $source_obj->get('homepage');
}
// If the tile is empty, extract string from the contents.
$obj->title = htmlspecialchars($obj->title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
settype($obj->title, "string");
if ($obj->title == '') {
$obj->title = cut_str(strip_tags($obj->content), 20, '...');
}
// If no tile extracted from the contents, leave it untitled.
if ($obj->title == '') {
$obj->title = 'Untitled';
}
// Remove XE's own tags from the contents.
$obj->content = preg_replace('!<\\!--(Before|After)(Document|Comment)\\(([0-9]+),([0-9]+)\\)-->!is', '', $obj->content);
// if use editor of nohtml, Remove HTML tags from the contents.
if (!$manual_updated) {
if (Mobile::isFromMobilePhone() && $obj->use_editor != 'Y') {
if ($obj->use_html != 'Y') {
$obj->content = htmlspecialchars($obj->content, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
$obj->content = nl2br($obj->content);
} else {
$oEditorModel = getModel('editor');
$editor_config = $oEditorModel->getEditorConfig($obj->module_srl);
if (strpos($editor_config->sel_editor_colorset, 'nohtml') !== FALSE) {
$obj->content = preg_replace('/\\<br(\\s*)?\\/?\\>/i', PHP_EOL, $obj->content);
$obj->content = htmlspecialchars($obj->content, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
$obj->content = str_replace(array("\r\n", "\r", "\n"), '<br />', $obj->content);
}
}
}
// Change not extra vars but language code of the original document if document's lang_code is different from author's setting.
if ($source_obj->get('lang_code') != Context::getLangType()) {
// Change not extra vars but language code of the original document if document's lang_code doesn't exist.
if (!$source_obj->get('lang_code')) {
$lang_code_args = new stdClass();
$lang_code_args->document_srl = $source_obj->get('document_srl');
$lang_code_args->lang_code = Context::getLangType();
$output = executeQuery('document.updateDocumentsLangCode', $lang_code_args);
} else {
$extra_content = new stdClass();
$extra_content->title = $obj->title;
$extra_content->content = $obj->content;
$document_args = new stdClass();
$document_args->document_srl = $source_obj->get('document_srl');
$document_output = executeQuery('document.getDocument', $document_args);
$obj->title = $document_output->data->title;
$obj->content = $document_output->data->content;
}
}
// Remove iframe and script if not a top adminisrator in the session.
if ($logged_info->is_admin != 'Y') {
$obj->content = removeHackTag($obj->content);
}
// if temporary document, regdate is now setting
if ($source_obj->get('status') == $this->getConfigStatus('temp')) {
$obj->regdate = date('YmdHis');
}
// Fix encoding of non-BMP UTF-8 characters.
$obj->title = utf8_mbencode($obj->title);
$obj->content = utf8_mbencode($obj->content);
// Insert data into the DB
$output = executeQuery('document.updateDocument', $obj);
if (!$output->toBool()) {
$oDB->rollback();
return $output;
}
// Remove all extra variables
$extra_vars = array();
if (Context::get('act') != 'procFileDelete') {
$this->deleteDocumentExtraVars($source_obj->get('module_srl'), $obj->document_srl, null, Context::getLangType());
// Insert extra variables if the document successfully inserted.
$extra_keys = $oDocumentModel->getExtraKeys($obj->module_srl);
if (count($extra_keys)) {
foreach ($extra_keys as $idx => $extra_item) {
$value = NULL;
if (isset($obj->{'extra_vars' . $idx})) {
$tmp = $obj->{'extra_vars' . $idx};
if (is_array($tmp)) {
$value = implode('|@|', $tmp);
} else {
$value = trim($tmp);
}
} else {
if (isset($obj->{$extra_item->name})) {
$value = trim($obj->{$extra_item->name});
}
}
if ($value == NULL) {
continue;
}
$extra_vars[$extra_item->name] = $value;
$this->insertDocumentExtraVar($obj->module_srl, $obj->document_srl, $idx, $value, $extra_item->eid);
}
}
// Inert extra vars for multi-language support of title and contents.
if ($extra_content->title) {
$this->insertDocumentExtraVar($obj->module_srl, $obj->document_srl, -1, $extra_content->title, 'title_' . Context::getLangType());
}
if ($extra_content->content) {
$this->insertDocumentExtraVar($obj->module_srl, $obj->document_srl, -2, $extra_content->content, 'content_' . Context::getLangType());
}
}
// Update the category if the category_srl exists.
if ($source_obj->get('category_srl') != $obj->category_srl || $source_obj->get('module_srl') == $logged_info->member_srl) {
if ($source_obj->get('category_srl') != $obj->category_srl) {
$this->updateCategoryCount($obj->module_srl, $source_obj->get('category_srl'));
}
if ($obj->category_srl) {
$this->updateCategoryCount($obj->module_srl, $obj->category_srl);
}
}
// Call a trigger (after)
if ($obj->update_log_setting === 'Y') {
$obj->extra_vars = serialize($extra_vars);
if ($this->grant->manager) {
$obj->is_admin = 'Y';
}
$update_output = $this->insertDocumentUpdateLog($obj, $source_obj);
if (!$update_output->toBool()) {
$oDB->rollback();
return $update_output;
}
}
ModuleHandler::triggerCall('document.updateDocument', 'after', $obj);
// commit
$oDB->commit();
// Remove the thumbnail file
FileHandler::removeDir(sprintf('files/thumbnails/%s', getNumberingPath($obj->document_srl, 3)));
$output->add('document_srl', $obj->document_srl);
//remove from cache
Rhymix\Framework\Cache::delete('document_item:' . getNumberingPath($obj->document_srl) . $obj->document_srl);
return $output;
}
/**
* Fix the comment
* @param object $obj
* @param bool $is_admin
* @param bool $manual_updated
* @return object
*/
function updateComment($obj, $is_admin = FALSE, $manual_updated = FALSE)
{
if (!$manual_updated && !checkCSRF()) {
return new Object(-1, 'msg_invalid_request');
}
if (!is_object($obj)) {
$obj = new stdClass();
}
$obj->__isupdate = TRUE;
// call a trigger (before)
$output = ModuleHandler::triggerCall('comment.updateComment', 'before', $obj);
if (!$output->toBool()) {
return $output;
}
// create a comment model object
$oCommentModel = getModel('comment');
// get the original data
$source_obj = $oCommentModel->getComment($obj->comment_srl);
if (!$source_obj->getMemberSrl()) {
$obj->member_srl = $source_obj->get('member_srl');
$obj->user_name = $source_obj->get('user_name');
$obj->nick_name = $source_obj->get('nick_name');
$obj->email_address = $source_obj->get('email_address');
$obj->homepage = $source_obj->get('homepage');
}
// check if permission is granted
if (!$is_admin && !$source_obj->isGranted()) {
return new Object(-1, 'msg_not_permitted');
}
if ($obj->password) {
$obj->password = getModel('member')->hashPassword($obj->password);
}
if ($obj->homepage) {
$obj->homepage = removeHackTag($obj->homepage);
if (!preg_match('/^[a-z]+:\\/\\//i', $obj->homepage)) {
$obj->homepage = 'http://' . $obj->homepage;
}
}
// set modifier's information if logged-in and posting author and modifier are matched.
$logged_info = Context::get('logged_info');
if (Context::get('is_logged')) {
if ($source_obj->member_srl == $logged_info->member_srl) {
$obj->member_srl = $logged_info->member_srl;
$obj->user_name = $logged_info->user_name;
$obj->nick_name = $logged_info->nick_name;
$obj->email_address = $logged_info->email_address;
$obj->homepage = $logged_info->homepage;
}
}
// if nick_name of the logged-in author doesn't exist
if ($source_obj->get('member_srl') && !$obj->nick_name) {
$obj->member_srl = $source_obj->get('member_srl');
$obj->user_name = $source_obj->get('user_name');
$obj->nick_name = $source_obj->get('nick_name');
$obj->email_address = $source_obj->get('email_address');
$obj->homepage = $source_obj->get('homepage');
}
if (!$obj->content) {
$obj->content = $source_obj->get('content');
}
// remove Rhymix's wn tags from contents
$obj->content = preg_replace('!<\\!--(Before|After)(Document|Comment)\\(([0-9]+),([0-9]+)\\)-->!is', '', $obj->content);
// if use editor of nohtml, Remove HTML tags from the contents.
if (!$manual_updated) {
if (Mobile::isFromMobilePhone() && $obj->use_editor != 'Y') {
if ($obj->use_html != 'Y') {
$obj->content = htmlspecialchars($obj->content, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
$obj->content = nl2br($obj->content);
} else {
$oEditorModel = getModel('editor');
$editor_config = $oEditorModel->getEditorConfig($obj->module_srl);
if (strpos($editor_config->sel_comment_editor_colorset, 'nohtml') !== FALSE) {
$obj->content = preg_replace('/\\<br(\\s*)?\\/?\\>/i', PHP_EOL, $obj->content);
$obj->content = htmlspecialchars($obj->content, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
$obj->content = str_replace(array("\r\n", "\r", "\n"), '<br />', $obj->content);
}
}
}
// remove iframe and script if not a top administrator on the session
if ($logged_info->is_admin != 'Y') {
$obj->content = removeHackTag($obj->content);
}
$obj->content = utf8_mbencode($obj->content);
// begin transaction
$oDB = DB::getInstance();
$oDB->begin();
// Update
$output = executeQuery('comment.updateComment', $obj);
if (!$output->toBool()) {
$oDB->rollback();
return $output;
}
// call a trigger (after)
ModuleHandler::triggerCall('comment.updateComment', 'after', $obj);
// commit
$oDB->commit();
$output->add('comment_srl', $obj->comment_srl);
return $output;
}
