Пример #1
0
function getWritableChunks($wootId = NULL, $restrictToCurrent = false)
{
    /* Given a wootId to which the user has write-access,
     * return the ids of the chunks to which the user can write.
     * If restrictToCurrent is true, then the chunks should be restricted
     * to those which have not been superseded by newer versions.
     * If the wootId is omitted, then the chunks may be sourced from any woot.
     */
    $restriction = is_admin() ? "1 " : "(wprm_UGrpID=" . get_user_id() . " or wprm_GroupID in (" . join(",", get_group_ids()) . ",-1)) and wprm_Type='RW' ";
    if (!$restrictToCurrent) {
        return mysql__select_array(PERMISSION_TABLE, "wprm_ChunkID", $restriction . ($wootId ? " and chunk_WootID={$wootId}" : ""));
    } else {
        return mysql__select_array(CHUNK_TABLE . " left join " . PERMISSION_TABLE . " on chunk_ID=wprm_ChunkID", "wprm_ChunkID", "{$restriction} and chunk_IsLatest" . ($wootId ? " and chunk_WootID={$wootId}" : "") . " and wprm_ChunkID is not null");
    }
}
/**
* util to find like records
*
* @author      Tom Murtagh
* @author      Stephen White   <*****@*****.**>
* @copyright   (C) 2005-2013 University of Sydney
* @link        http://Sydney.edu.au/Heurist
* @version     3.1.0
* @license     http://www.gnu.org/licenses/gpl-3.0.txt GNU License 3.0
* @package     Heurist academic knowledge management system
* @subpackage  Records/Util
*/
function findFuzzyMatches($fields, $rec_types, $rec_id = NULL, $fuzziness = NULL)
{
    if (!$fuzziness) {
        $fuzziness = 0.5;
    }
    // Get some data about the matching data for the given record type
    $types = mysql__select_assoc('defRecStructure left join defDetailTypes on rst_DetailTypeID=dty_ID', 'dty_ID', 'dty_Type', 'rst_RecTypeID=' . $rec_types[0] . ' and rst_RecordMatchOrder or rst_DetailTypeID=' . DT_NAME);
    $fuzzyFields = array();
    $strictFields = array();
    foreach ($fields as $key => $vals) {
        if (!preg_match('/^t:(\\d+)/', $key, $matches)) {
            continue;
        }
        $rdt_id = $matches[1];
        if (!@$types[$rdt_id]) {
            continue;
        }
        if (!$vals) {
            continue;
        }
        switch ($types[$rdt_id]) {
            case "blocktext":
            case "freetext":
            case "urlinclude":
                foreach ($vals as $val) {
                    if (trim($val)) {
                        array_push($fuzzyFields, array($rdt_id, trim($val)));
                    }
                }
                break;
            case "integer":
            case "float":
            case "date":
            case "year":
            case "file":
            case "enum":
            case "boolean":
            case "urlinclude":
            case "relationtype":
            case "resource":
                foreach ($vals as $val) {
                    if (trim($val)) {
                        array_push($strictFields, array($rdt_id, trim($val)));
                    }
                }
                break;
            case "separator":
                // this should never happen since separators are not saved as details, skip if it does
            // this should never happen since separators are not saved as details, skip if it does
            case "relmarker":
                // saw seems like relmarkers are external to the record and should not be part of matching
            // saw seems like relmarkers are external to the record and should not be part of matching
            case "fieldsetmarker":
            case "calculated":
            default:
                continue;
        }
    }
    if (count($fuzzyFields) == 0 && count($strictFields) == 0) {
        return;
    }
    $groups = get_group_ids();
    if (!is_array($groups)) {
        $groups = array();
    }
    if (is_logged_in()) {
        array_push($groups, get_user_id());
        array_push($groups, 0);
    }
    $groupPred = count($groups) > 0 ? "rec_OwnerUGrpID in (" . join(",", $groups) . ") or " : "";
    $tables = "records";
    $predicates = "rec_RecTypeID={$rec_types['0']} and ! rec_FlagTemporary and ({$groupPred} not rec_NonOwnerVisibility='hidden')" . ($rec_id ? " and rec_ID != {$rec_id}" : "");
    $N = 0;
    foreach ($fuzzyFields as $field) {
        list($rdt_id, $val) = $field;
        $threshold = intval((strlen($val) + 1) * $fuzziness);
        ++$N;
        $tables .= ", recDetails bd{$N}";
        $predicates .= " and (bd{$N}.dtl_RecID=rec_ID and bd{$N}.dtl_DetailTypeID={$rdt_id} and limited_levenshtein(bd{$N}.dtl_Value, '" . addslashes($val) . "', {$threshold}) is not null)";
    }
    foreach ($strictFields as $field) {
        list($rdt_id, $val) = $field;
        ++$N;
        $tables .= ", recDetails bd{$N}";
        $predicates .= " and (bd{$N}.dtl_RecID=rec_ID and bd{$N}.dtl_DetailTypeID={$rdt_id} and bd{$N}.dtl_Value = '" . addslashes($val) . "')";
    }
    $matches = array();
    $res = mysql_query("select rec_ID as id, rec_Title as title, rec_Hash as hhash from {$tables} where {$predicates} order by rec_Title limit 100");
    /*****DEBUG****/
    //error_log("approx-matching: select rec_ID as id, rec_Title as title, rec_Hash as hhash from $tables where $predicates order by rec_Title limit 100");
    while ($bib = mysql_fetch_assoc($res)) {
        array_push($matches, $bib);
    }
    return $matches;
}
Пример #3
0
function insertWootPermissions($wootId, &$woot)
{
    $myGroups = array(-1 => true);
    foreach (get_group_ids() as $groupId) {
        $myGroups[$groupId] = true;
    }
    $userHasReadWriteAccess = false;
    $insertValues = array();
    foreach ($woot["permissions"] as $permission) {
        $permission["type"] = strtoupper($permission["type"]);
        if (!preg_match('/^(RW|RO)$/', $permission["type"]) || !(@$permission["userId"] || @$permission["groupId"])) {
            return array("success" => false, "errorType" => "invalid woot permissions");
        }
        if (@$permission["userId"] == -1) {
            // automagic reference to userId -1 is converted to the owner's id
            $permission["userId"] = $woot["woot_CreatorID"];
        }
        if (@$permission["groupId"]) {
            if (!@$myGroups[$permission["groupId"]]) {
                // trying to set a permission for a group we're not in ... ignore it
                continue;
            }
            if ($permission["type"] == "RW") {
                $userHasReadWriteAccess = true;
            }
        }
        if (@$permission["userId"] == get_user_id() && $permission["type"] == "RW") {
            $userHasReadWriteAccess = true;
        }
        $insertValues[@$permission["userId"] . "," . @$permission["groupId"]] = array("wrprm_WootID" => $wootId, "wrprm_UGrpID" => @$permission["userId"] ? $permission["userId"] : 0, "wrprm_GroupID" => @$permission["groupId"] ? $permission["groupId"] : 0, "wrprm_Type" => $permission["type"], "wrprm_CreatorID" => get_user_id(), "wrprm_Created" => array("now()"));
    }
    foreach ($insertValues as $values) {
        mysql__insert(WOOT_PERMISSION_TABLE, $values);
    }
    if (!$userHasReadWriteAccess && !is_admin()) {
        // Woah, hang on ... is the user REALLY trying to lock themselves out of this woot?  Don't let them do THAT.
        mysql__insert(WOOT_PERMISSION_TABLE, array("wrprm_WootID" => $wootId, "wrprm_UGrpID" => get_user_id(), "wrprm_Type" => "RW", "wrprm_CreatorID" => get_user_id(), "wrprm_Created" => array("now()")));
    }
    return array("success" => true);
}
function insertRecord($rtyID = null)
{
    // check if there is preference for OwnerGroup and visibility
    $addRecDefaults = @$_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']["display-preferences"]['addRecDefaults'];
    if ($addRecDefaults) {
        if ($addRecDefaults[1]) {
            $userDefaultOwnerGroupID = intval($addRecDefaults[1]);
        }
        if ($addRecDefaults[2]) {
            $userDefaultVisibility = $addRecDefaults[2];
        }
    }
    $usrID = get_user_id();
    //set owner to passed value else to NEWREC default if defined else to user
    //ART $owner = @$_POST["owner"]?$_POST["owner"]:( defined("HEURIST_NEWREC_OWNER_ID") ? HEURIST_NEWREC_OWNER_ID : get_user_id());
    //ART $owner = ((@$_POST["owner"] || @$_POST["owner"] === '0') ? intval($_POST["owner"]) :(defined('HEURIST_NEWREC_OWNER_ID') ? HEURIST_NEWREC_OWNER_ID : get_user_id()));
    $owner = is_numeric(@$_POST['rec_owner']) ? intval($_POST['rec_owner']) : (is_numeric(@$userDefaultOwnerGroupID) ? $userDefaultOwnerGroupID : (defined('HEURIST_NEWREC_OWNER_ID') ? HEURIST_NEWREC_OWNER_ID : intval($usrID)));
    $nonownervisibility = @$_POST['rec_visibility'] ? strtolower($_POST['rec_visibility']) : (@$userDefaultVisibility ? $userDefaultVisibility : (defined('HEURIST_NEWREC_ACCESS') ? HEURIST_NEWREC_ACCESS : 'viewable'));
    //error_log(" in insertRecord");
    // if non zero (everybody group, test if user is member, if not then set owner to user
    if (intval($owner) != 0 && !in_array($owner, get_group_ids())) {
        $owner = get_user_id();
    }
    // Try to insert anything in POST as details of a new Record.
    // We do this by creating a stub record, and then updating it.
    mysql__insert("Records", array("rec_Added" => date('Y-m-d H:i:s'), "rec_AddedByUGrpID" => get_user_id(), "rec_RecTypeID" => intval($rtyID), "rec_ScratchPad" => @$_POST["notes"] ? $_POST["notes"] : null, "rec_OwnerUGrpID" => $owner, "rec_NonOwnerVisibility" => $nonownervisibility, "rec_URL" => @$_POST["rec_url"] ? $_POST["rec_url"] : ""));
    $_REQUEST["recID"] = $recID = mysql_insert_id();
    if ($recID) {
        //error_log(" in insertRecord recID = $recID");
        if ($usrID) {
            mysql__insert('usrBookmarks', array('bkm_recID' => $recID, 'bkm_Added' => date('Y-m-d H:i:s'), 'bkm_Modified' => date('Y-m-d H:i:s'), 'bkm_UGrpID' => $usrID));
        }
        updateRecord($recID, $rtyID);
        return true;
    } else {
        return false;
    }
}
Пример #5
0
function insert_update_Record($recID, $rectype, $details, $faims_id)
{
    global $cntUpdated, $cntInsterted, $mysqli;
    if ($recID > 0) {
        //delete existing details
        $query = "DELETE FROM recDetails where dtl_RecID=" . $recID;
        if (!$mysqli->query($query)) {
            $syserror = $mysqli->error;
            print "<div style='color:red'> Error: Cannot delete record details " . $syserror . "</div>";
            return null;
        }
    }
    $ref = null;
    //add-update Heurist record
    $out = saveRecord($recID, $rectype, null, null, get_group_ids(), null, null, null, null, null, null, $details, null, null, null, null, null, $ref, $ref, 2);
    if (@$out['error']) {
        print "<br>Source record# " . $faims_id . "&nbsp;&nbsp;&nbsp;";
        print "=><div style='color:red'> Error: " . implode("; ", $out["error"]) . "</div>---<br>";
    } else {
        if ($recID) {
            $cntUpdated++;
            print "UPDATED as #" . $recID . "<br/>";
        } else {
            $cntInsterted++;
            print "INSERTED as #" . $out["bibID"] . "<br/>";
            $recID = $out["bibID"];
        }
    }
    return $recID;
}
 *
 * If arguments  xxx=yyy  are supplied, set those for future display,
 * and suppress normal output.
 *
 * Setting  xxx=yyy  will add class  xxx-yyy  to the body,
 * but then setting  xxx=xyz  would add  xxx-xyz  INSTEAD.
 *
 * Preferences are currently stored in the $_SESSION[HEURIST_SESSION_DB_PREFIX.'heurist'], maybe they would eventually be in the DB.
 */
define('ISSERVICE', 1);
define("SAVE_URI", "disabled");
require_once dirname(__FILE__) . "/../connect/applyCredentials.php";
header("Content-type: text/javascript");
/* an array of the properties that may be set, and default values. */
$prefs = array("help" => "show", "advanced" => "hide", "input-visibility" => "all", "action-on-save" => "stay", "gigitiser-view" => "", "double-click-action" => "edit", "my-records-searches" => "show", "all-records-searches" => "show", "workgroup-searches" => "show", "left-panel-scroll" => 0, "record-search-string" => "", "record-search-type" => "", "record-search-scope" => "r-all", "record-search-last" => "", "search-result-style0" => "list", "search-result-style1" => "icons", "search-result-style2" => "icons", "search-result-style3" => "icons", "results-per-page" => 50, "scratchpad-bottom" => 0, "scratchpad-right" => 0, "scratchpad-width" => 0, "scratchpad-height" => 0, "scratchpad" => "hide", "addRecordDefaults" => "", "applicationPanel" => "open", "sidebarPanel" => "open", "leftWidth" => 180, "oldLeftWidth" => 180, "rightWidth" => 360, "oldRightWidth" => 360, "searchWidth" => 360, "oldSearchWidth" => 360, "viewerTab" => 0, "viewerCurrentTemplate" => "", "defaultPrintView" => "default", "showSelectedOnlyOnMapAndSmarty" => "all", "savedSearchDest" => "", "defaultSearch" => "sortby:-m after:\"1 week ago\" ", "searchQueryInBrowser" => "false", "favourites" => "Favourites", "loadRelatedOnSearch" => "true", "defaultRecentPointerSearch" => "true", "defaultMyBookmarksSearch" => "true", "showMyBookmarks" => "true", "autoSelectRelated" => "false", "autoDeselectOtherLevels" => "true", "relationship-optional-fields" => "false", "tagging-popup" => "true", "showAggregations" => "false", "showNavMenuAlways" => "false", "showFavouritesSearch" => "false", "mapbackground" => "", "report-output-limit" => "1000", "record-edit-date" => "");
foreach (get_group_ids() as $gid) {
    $prefs["workgroup-searches-{$gid}"] = "hide";
}
session_start();
//save preference  SAW - this supports multiple preference saving, need to consolidate tpreference saves on client side
$writeMode = false;
foreach ($_REQUEST as $property => $value) {
    if (array_key_exists($property, $prefs)) {
        $_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']["display-preferences"][$property] = $value;
        //			$writeMode = true;
    }
}
//	if ($writeMode) return;	// suppress normal output
?>
//document.domain = "<?php 
echo HEURIST_SERVER_NAME;
Пример #7
0
/**
* set_wg_and_vis: set ownership (person or workgroup) and visibility settings for currently selected records
*
* @param mixed $data
*/
function set_wg_and_vis($data)
{
    $result = array();
    if (is_admin()) {
        $rec_ids = $data['rec_ids'];
        $wg = intval(@$data['wg_id']);
        $vis = $data['vis'];
        if (($wg == -1 || $wg == 0 || $wg == get_user_id() || in_array($wg, get_group_ids())) && in_array(strtolower($vis), array('viewable', 'hidden', 'pending', 'public'))) {
            mysql_connection_overwrite(DATABASE);
            if ($wg === 0 && $vis === 'hidden') {
                $vis = 'viewable';
            }
            if ($wg >= 0) {
                $editable = ' rec_OwnerUGrpID = ' . $wg . ', ';
            } else {
                $editable = '';
            }
            $query = 'update Records set ' . $editable . 'rec_NonOwnerVisibility = "' . $vis . '"' . ' where rec_ID in (' . join(',', $rec_ids) . ')';
            mysql_query($query);
            if (mysql_error()) {
                $result['problem'] = 'MySQL error: ' . addslashes(mysql_error()) . ' : visibility not reset';
            } else {
                $result['ok'] = mysql_affected_rows() . ' records updated';
            }
        } else {
            $result['problem'] = 'Invalid arguments for workgoup or visibility';
        }
    } else {
        $result['problem'] = 'Permission denied for workgroup or visibility setting';
    }
    return $result;
}
Пример #8
0
    <script>
      //		rt, wg_id,vis, kwd, tags, restrict Access;
      var defaults = [ <?php 
echo $addRecDefaults ? $addRecDefaults : '';
?>
];
      var usrID = <?php 
echo get_user_id();
?>
 ;
      var defAccess = '<?php 
echo HEURIST_NEWREC_ACCESS ? HEURIST_NEWREC_ACCESS : "viewable";
?>
';
      var defOwnerID = <?php 
echo in_array(HEURIST_NEWREC_OWNER_ID, get_group_ids()) ? HEURIST_NEWREC_OWNER_ID : 0;
?>
;
      $(document).ready(function() {
          $("#show-adv-link").click(function() {
              $(this).hide();
              $('#advanced-section').show();
              return false;
          });
          // assign onchange handle to update_link for values used in link
          $("#rectype_elt, #restrict_elt, #rec_OwnerUGrpID, #tag, #rec_NonOwnerVisibility, #add-link-title, #add-link-tags").change(update_link);
          if(defaults && defaults.length > 0){
            if(defaults[0]){
              $("#rectype_elt").val(defaults[0]);
            }
            if(defaults[2]){
Пример #9
0
function getDefaultOwnerAndibility($request)
{
    //in session we store CSV  string:  record_type, owner usergroup, nonowner visibility, personal tags, wg tags, setting visibility in ui
    $addRecDefaults = @$_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']["display-preferences"]['record-add-defaults'];
    if ($addRecDefaults) {
        if (!is_array($addRecDefaults)) {
            $addRecDefaults = explode(',', $addRecDefaults);
        }
    } else {
        $addRecDefaults = array();
    }
    //record type
    if (@$addRecDefaults[0]) {
        $userDefaultRectype = intval($addRecDefaults[0]);
    } else {
        $userDefaultRectype = '';
    }
    if (@$addRecDefaults[1]) {
        $userDefaultOwnerGroupID = intval($addRecDefaults[1]);
    }
    if (@$addRecDefaults[2]) {
        $userDefaultVisibility = trim(strtolower($addRecDefaults[2]), '"');
    }
    if (@$addRecDefaults[3]) {
        $wgTags = trim($addRecDefaults[3], '"');
    } else {
        $wgTags = '';
    }
    if (@$addRecDefaults[4]) {
        $personalTags = trim($addRecDefaults[4], '"');
        $personalTags = str_replace('|', ',', $personalTags);
    } else {
        $personalTags = '';
    }
    if (@$addRecDefaults[5]) {
        $settings_visible = intval($addRecDefaults[5]);
    } else {
        $settings_visible = 1;
    }
    //values in current request have higher rank
    if ($request != null && is_array($request)) {
        if (is_numeric(@$request['rec_owner']) && intval($request['rec_owner']) >= 0) {
            $userDefaultOwnerGroupID = intval($request['rec_owner']);
        }
        if (@$request['rec_visibility']) {
            $userDefaultVisibility = strtolower($request['rec_visibility']);
        }
    }
    // if they are still unset take default value from sysIdentification
    if (!isset($userDefaultOwnerGroupID) && defined('HEURIST_NEWREC_OWNER_ID')) {
        $userDefaultOwnerGroupID = intval(HEURIST_NEWREC_OWNER_ID);
    }
    if (!isset($userDefaultVisibility) && defined('HEURIST_NEWREC_ACCESS')) {
        $userDefaultVisibility = strtolower(HEURIST_NEWREC_ACCESS);
    }
    //final verification
    if ($userDefaultOwnerGroupID != 0 && !in_array($userDefaultOwnerGroupID, get_group_ids())) {
        $userDefaultOwnerGroupID = get_user_id();
    }
    if (!in_array($userDefaultVisibility, array('viewable', 'hidden', 'public', 'pending'))) {
        $userDefaultVisibility = 'viewable';
    }
    $addRecDefaults = array($userDefaultRectype, $userDefaultOwnerGroupID, $userDefaultVisibility, $wgTags, $personalTags, $settings_visible);
    return $addRecDefaults;
}