function getWritableChunks($wootId = NULL, $restrictToCurrent = false)
{
/* Given a wootId to which the user has write-access,
* return the ids of the chunks to which the user can write.
* If restrictToCurrent is true, then the chunks should be restricted
* to those which have not been superseded by newer versions.
* If the wootId is omitted, then the chunks may be sourced from any woot.
*/
$restriction = is_admin() ? "1 " : "(wprm_UGrpID=" . get_user_id() . " or wprm_GroupID in (" . join(",", get_group_ids()) . ",-1)) and wprm_Type='RW' ";
if (!$restrictToCurrent) {
return mysql__select_array(PERMISSION_TABLE, "wprm_ChunkID", $restriction . ($wootId ? " and chunk_WootID={$wootId}" : ""));
} else {
return mysql__select_array(CHUNK_TABLE . " left join " . PERMISSION_TABLE . " on chunk_ID=wprm_ChunkID", "wprm_ChunkID", "{$restriction} and chunk_IsLatest" . ($wootId ? " and chunk_WootID={$wootId}" : "") . " and wprm_ChunkID is not null");
}
}
/**
* util to find like records
*
* @author Tom Murtagh
* @author Stephen White <*****@*****.**>
* @copyright (C) 2005-2013 University of Sydney
* @link http://Sydney.edu.au/Heurist
* @version 3.1.0
* @license http://www.gnu.org/licenses/gpl-3.0.txt GNU License 3.0
* @package Heurist academic knowledge management system
* @subpackage Records/Util
*/
function findFuzzyMatches($fields, $rec_types, $rec_id = NULL, $fuzziness = NULL)
{
if (!$fuzziness) {
$fuzziness = 0.5;
}
// Get some data about the matching data for the given record type
$types = mysql__select_assoc('defRecStructure left join defDetailTypes on rst_DetailTypeID=dty_ID', 'dty_ID', 'dty_Type', 'rst_RecTypeID=' . $rec_types[0] . ' and rst_RecordMatchOrder or rst_DetailTypeID=' . DT_NAME);
$fuzzyFields = array();
$strictFields = array();
foreach ($fields as $key => $vals) {
if (!preg_match('/^t:(\\d+)/', $key, $matches)) {
continue;
}
$rdt_id = $matches[1];
if (!@$types[$rdt_id]) {
continue;
}
if (!$vals) {
continue;
}
switch ($types[$rdt_id]) {
case "blocktext":
case "freetext":
case "urlinclude":
foreach ($vals as $val) {
if (trim($val)) {
array_push($fuzzyFields, array($rdt_id, trim($val)));
}
}
break;
case "integer":
case "float":
case "date":
case "year":
case "file":
case "enum":
case "boolean":
case "urlinclude":
case "relationtype":
case "resource":
foreach ($vals as $val) {
if (trim($val)) {
array_push($strictFields, array($rdt_id, trim($val)));
}
}
break;
case "separator":
// this should never happen since separators are not saved as details, skip if it does
// this should never happen since separators are not saved as details, skip if it does
case "relmarker":
// saw seems like relmarkers are external to the record and should not be part of matching
// saw seems like relmarkers are external to the record and should not be part of matching
case "fieldsetmarker":
case "calculated":
default:
continue;
}
}
if (count($fuzzyFields) == 0 && count($strictFields) == 0) {
return;
}
$groups = get_group_ids();
if (!is_array($groups)) {
$groups = array();
}
if (is_logged_in()) {
array_push($groups, get_user_id());
array_push($groups, 0);
}
$groupPred = count($groups) > 0 ? "rec_OwnerUGrpID in (" . join(",", $groups) . ") or " : "";
$tables = "records";
$predicates = "rec_RecTypeID={$rec_types['0']} and ! rec_FlagTemporary and ({$groupPred} not rec_NonOwnerVisibility='hidden')" . ($rec_id ? " and rec_ID != {$rec_id}" : "");
$N = 0;
foreach ($fuzzyFields as $field) {
list($rdt_id, $val) = $field;
$threshold = intval((strlen($val) + 1) * $fuzziness);
++$N;
$tables .= ", recDetails bd{$N}";
$predicates .= " and (bd{$N}.dtl_RecID=rec_ID and bd{$N}.dtl_DetailTypeID={$rdt_id} and limited_levenshtein(bd{$N}.dtl_Value, '" . addslashes($val) . "', {$threshold}) is not null)";
}
foreach ($strictFields as $field) {
list($rdt_id, $val) = $field;
++$N;
$tables .= ", recDetails bd{$N}";
$predicates .= " and (bd{$N}.dtl_RecID=rec_ID and bd{$N}.dtl_DetailTypeID={$rdt_id} and bd{$N}.dtl_Value = '" . addslashes($val) . "')";
}
$matches = array();
$res = mysql_query("select rec_ID as id, rec_Title as title, rec_Hash as hhash from {$tables} where {$predicates} order by rec_Title limit 100");
/*****DEBUG****/
//error_log("approx-matching: select rec_ID as id, rec_Title as title, rec_Hash as hhash from $tables where $predicates order by rec_Title limit 100");
while ($bib = mysql_fetch_assoc($res)) {
array_push($matches, $bib);
}
return $matches;
}
function insertWootPermissions($wootId, &$woot)
{
$myGroups = array(-1 => true);
foreach (get_group_ids() as $groupId) {
$myGroups[$groupId] = true;
}
$userHasReadWriteAccess = false;
$insertValues = array();
foreach ($woot["permissions"] as $permission) {
$permission["type"] = strtoupper($permission["type"]);
if (!preg_match('/^(RW|RO)$/', $permission["type"]) || !(@$permission["userId"] || @$permission["groupId"])) {
return array("success" => false, "errorType" => "invalid woot permissions");
}
if (@$permission["userId"] == -1) {
// automagic reference to userId -1 is converted to the owner's id
$permission["userId"] = $woot["woot_CreatorID"];
}
if (@$permission["groupId"]) {
if (!@$myGroups[$permission["groupId"]]) {
// trying to set a permission for a group we're not in ... ignore it
continue;
}
if ($permission["type"] == "RW") {
$userHasReadWriteAccess = true;
}
}
if (@$permission["userId"] == get_user_id() && $permission["type"] == "RW") {
$userHasReadWriteAccess = true;
}
$insertValues[@$permission["userId"] . "," . @$permission["groupId"]] = array("wrprm_WootID" => $wootId, "wrprm_UGrpID" => @$permission["userId"] ? $permission["userId"] : 0, "wrprm_GroupID" => @$permission["groupId"] ? $permission["groupId"] : 0, "wrprm_Type" => $permission["type"], "wrprm_CreatorID" => get_user_id(), "wrprm_Created" => array("now()"));
}
foreach ($insertValues as $values) {
mysql__insert(WOOT_PERMISSION_TABLE, $values);
}
if (!$userHasReadWriteAccess && !is_admin()) {
// Woah, hang on ... is the user REALLY trying to lock themselves out of this woot? Don't let them do THAT.
mysql__insert(WOOT_PERMISSION_TABLE, array("wrprm_WootID" => $wootId, "wrprm_UGrpID" => get_user_id(), "wrprm_Type" => "RW", "wrprm_CreatorID" => get_user_id(), "wrprm_Created" => array("now()")));
}
return array("success" => true);
}
function insertRecord($rtyID = null)
{
// check if there is preference for OwnerGroup and visibility
$addRecDefaults = @$_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']["display-preferences"]['addRecDefaults'];
if ($addRecDefaults) {
if ($addRecDefaults[1]) {
$userDefaultOwnerGroupID = intval($addRecDefaults[1]);
}
if ($addRecDefaults[2]) {
$userDefaultVisibility = $addRecDefaults[2];
}
}
$usrID = get_user_id();
//set owner to passed value else to NEWREC default if defined else to user
//ART $owner = @$_POST["owner"]?$_POST["owner"]:( defined("HEURIST_NEWREC_OWNER_ID") ? HEURIST_NEWREC_OWNER_ID : get_user_id());
//ART $owner = ((@$_POST["owner"] || @$_POST["owner"] === '0') ? intval($_POST["owner"]) :(defined('HEURIST_NEWREC_OWNER_ID') ? HEURIST_NEWREC_OWNER_ID : get_user_id()));
$owner = is_numeric(@$_POST['rec_owner']) ? intval($_POST['rec_owner']) : (is_numeric(@$userDefaultOwnerGroupID) ? $userDefaultOwnerGroupID : (defined('HEURIST_NEWREC_OWNER_ID') ? HEURIST_NEWREC_OWNER_ID : intval($usrID)));
$nonownervisibility = @$_POST['rec_visibility'] ? strtolower($_POST['rec_visibility']) : (@$userDefaultVisibility ? $userDefaultVisibility : (defined('HEURIST_NEWREC_ACCESS') ? HEURIST_NEWREC_ACCESS : 'viewable'));
//error_log(" in insertRecord");
// if non zero (everybody group, test if user is member, if not then set owner to user
if (intval($owner) != 0 && !in_array($owner, get_group_ids())) {
$owner = get_user_id();
}
// Try to insert anything in POST as details of a new Record.
// We do this by creating a stub record, and then updating it.
mysql__insert("Records", array("rec_Added" => date('Y-m-d H:i:s'), "rec_AddedByUGrpID" => get_user_id(), "rec_RecTypeID" => intval($rtyID), "rec_ScratchPad" => @$_POST["notes"] ? $_POST["notes"] : null, "rec_OwnerUGrpID" => $owner, "rec_NonOwnerVisibility" => $nonownervisibility, "rec_URL" => @$_POST["rec_url"] ? $_POST["rec_url"] : ""));
$_REQUEST["recID"] = $recID = mysql_insert_id();
if ($recID) {
//error_log(" in insertRecord recID = $recID");
if ($usrID) {
mysql__insert('usrBookmarks', array('bkm_recID' => $recID, 'bkm_Added' => date('Y-m-d H:i:s'), 'bkm_Modified' => date('Y-m-d H:i:s'), 'bkm_UGrpID' => $usrID));
}
updateRecord($recID, $rtyID);
return true;
} else {
return false;
}
}
function insert_update_Record($recID, $rectype, $details, $faims_id)
{
global $cntUpdated, $cntInsterted, $mysqli;
if ($recID > 0) {
//delete existing details
$query = "DELETE FROM recDetails where dtl_RecID=" . $recID;
if (!$mysqli->query($query)) {
$syserror = $mysqli->error;
print "<div style='color:red'> Error: Cannot delete record details " . $syserror . "</div>";
return null;
}
}
$ref = null;
//add-update Heurist record
$out = saveRecord($recID, $rectype, null, null, get_group_ids(), null, null, null, null, null, null, $details, null, null, null, null, null, $ref, $ref, 2);
if (@$out['error']) {
print "<br>Source record# " . $faims_id . " ";
print "=><div style='color:red'> Error: " . implode("; ", $out["error"]) . "</div>---<br>";
} else {
if ($recID) {
$cntUpdated++;
print "UPDATED as #" . $recID . "<br/>";
} else {
$cntInsterted++;
print "INSERTED as #" . $out["bibID"] . "<br/>";
$recID = $out["bibID"];
}
}
return $recID;
}
*
* If arguments xxx=yyy are supplied, set those for future display,
* and suppress normal output.
*
* Setting xxx=yyy will add class xxx-yyy to the body,
* but then setting xxx=xyz would add xxx-xyz INSTEAD.
*
* Preferences are currently stored in the $_SESSION[HEURIST_SESSION_DB_PREFIX.'heurist'], maybe they would eventually be in the DB.
*/
define('ISSERVICE', 1);
define("SAVE_URI", "disabled");
require_once dirname(__FILE__) . "/../connect/applyCredentials.php";
header("Content-type: text/javascript");
/* an array of the properties that may be set, and default values. */
$prefs = array("help" => "show", "advanced" => "hide", "input-visibility" => "all", "action-on-save" => "stay", "gigitiser-view" => "", "double-click-action" => "edit", "my-records-searches" => "show", "all-records-searches" => "show", "workgroup-searches" => "show", "left-panel-scroll" => 0, "record-search-string" => "", "record-search-type" => "", "record-search-scope" => "r-all", "record-search-last" => "", "search-result-style0" => "list", "search-result-style1" => "icons", "search-result-style2" => "icons", "search-result-style3" => "icons", "results-per-page" => 50, "scratchpad-bottom" => 0, "scratchpad-right" => 0, "scratchpad-width" => 0, "scratchpad-height" => 0, "scratchpad" => "hide", "addRecordDefaults" => "", "applicationPanel" => "open", "sidebarPanel" => "open", "leftWidth" => 180, "oldLeftWidth" => 180, "rightWidth" => 360, "oldRightWidth" => 360, "searchWidth" => 360, "oldSearchWidth" => 360, "viewerTab" => 0, "viewerCurrentTemplate" => "", "defaultPrintView" => "default", "showSelectedOnlyOnMapAndSmarty" => "all", "savedSearchDest" => "", "defaultSearch" => "sortby:-m after:\"1 week ago\" ", "searchQueryInBrowser" => "false", "favourites" => "Favourites", "loadRelatedOnSearch" => "true", "defaultRecentPointerSearch" => "true", "defaultMyBookmarksSearch" => "true", "showMyBookmarks" => "true", "autoSelectRelated" => "false", "autoDeselectOtherLevels" => "true", "relationship-optional-fields" => "false", "tagging-popup" => "true", "showAggregations" => "false", "showNavMenuAlways" => "false", "showFavouritesSearch" => "false", "mapbackground" => "", "report-output-limit" => "1000", "record-edit-date" => "");
foreach (get_group_ids() as $gid) {
$prefs["workgroup-searches-{$gid}"] = "hide";
}
session_start();
//save preference SAW - this supports multiple preference saving, need to consolidate tpreference saves on client side
$writeMode = false;
foreach ($_REQUEST as $property => $value) {
if (array_key_exists($property, $prefs)) {
$_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']["display-preferences"][$property] = $value;
// $writeMode = true;
}
}
// if ($writeMode) return; // suppress normal output
?>
//document.domain = "<?php
echo HEURIST_SERVER_NAME;
/**
* set_wg_and_vis: set ownership (person or workgroup) and visibility settings for currently selected records
*
* @param mixed $data
*/
function set_wg_and_vis($data)
{
$result = array();
if (is_admin()) {
$rec_ids = $data['rec_ids'];
$wg = intval(@$data['wg_id']);
$vis = $data['vis'];
if (($wg == -1 || $wg == 0 || $wg == get_user_id() || in_array($wg, get_group_ids())) && in_array(strtolower($vis), array('viewable', 'hidden', 'pending', 'public'))) {
mysql_connection_overwrite(DATABASE);
if ($wg === 0 && $vis === 'hidden') {
$vis = 'viewable';
}
if ($wg >= 0) {
$editable = ' rec_OwnerUGrpID = ' . $wg . ', ';
} else {
$editable = '';
}
$query = 'update Records set ' . $editable . 'rec_NonOwnerVisibility = "' . $vis . '"' . ' where rec_ID in (' . join(',', $rec_ids) . ')';
mysql_query($query);
if (mysql_error()) {
$result['problem'] = 'MySQL error: ' . addslashes(mysql_error()) . ' : visibility not reset';
} else {
$result['ok'] = mysql_affected_rows() . ' records updated';
}
} else {
$result['problem'] = 'Invalid arguments for workgoup or visibility';
}
} else {
$result['problem'] = 'Permission denied for workgroup or visibility setting';
}
return $result;
}
<script>
// rt, wg_id,vis, kwd, tags, restrict Access;
var defaults = [ <?php
echo $addRecDefaults ? $addRecDefaults : '';
?>
];
var usrID = <?php
echo get_user_id();
?>
;
var defAccess = '<?php
echo HEURIST_NEWREC_ACCESS ? HEURIST_NEWREC_ACCESS : "viewable";
?>
';
var defOwnerID = <?php
echo in_array(HEURIST_NEWREC_OWNER_ID, get_group_ids()) ? HEURIST_NEWREC_OWNER_ID : 0;
?>
;
$(document).ready(function() {
$("#show-adv-link").click(function() {
$(this).hide();
$('#advanced-section').show();
return false;
});
// assign onchange handle to update_link for values used in link
$("#rectype_elt, #restrict_elt, #rec_OwnerUGrpID, #tag, #rec_NonOwnerVisibility, #add-link-title, #add-link-tags").change(update_link);
if(defaults && defaults.length > 0){
if(defaults[0]){
$("#rectype_elt").val(defaults[0]);
}
if(defaults[2]){
function getDefaultOwnerAndibility($request)
{
//in session we store CSV string: record_type, owner usergroup, nonowner visibility, personal tags, wg tags, setting visibility in ui
$addRecDefaults = @$_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']["display-preferences"]['record-add-defaults'];
if ($addRecDefaults) {
if (!is_array($addRecDefaults)) {
$addRecDefaults = explode(',', $addRecDefaults);
}
} else {
$addRecDefaults = array();
}
//record type
if (@$addRecDefaults[0]) {
$userDefaultRectype = intval($addRecDefaults[0]);
} else {
$userDefaultRectype = '';
}
if (@$addRecDefaults[1]) {
$userDefaultOwnerGroupID = intval($addRecDefaults[1]);
}
if (@$addRecDefaults[2]) {
$userDefaultVisibility = trim(strtolower($addRecDefaults[2]), '"');
}
if (@$addRecDefaults[3]) {
$wgTags = trim($addRecDefaults[3], '"');
} else {
$wgTags = '';
}
if (@$addRecDefaults[4]) {
$personalTags = trim($addRecDefaults[4], '"');
$personalTags = str_replace('|', ',', $personalTags);
} else {
$personalTags = '';
}
if (@$addRecDefaults[5]) {
$settings_visible = intval($addRecDefaults[5]);
} else {
$settings_visible = 1;
}
//values in current request have higher rank
if ($request != null && is_array($request)) {
if (is_numeric(@$request['rec_owner']) && intval($request['rec_owner']) >= 0) {
$userDefaultOwnerGroupID = intval($request['rec_owner']);
}
if (@$request['rec_visibility']) {
$userDefaultVisibility = strtolower($request['rec_visibility']);
}
}
// if they are still unset take default value from sysIdentification
if (!isset($userDefaultOwnerGroupID) && defined('HEURIST_NEWREC_OWNER_ID')) {
$userDefaultOwnerGroupID = intval(HEURIST_NEWREC_OWNER_ID);
}
if (!isset($userDefaultVisibility) && defined('HEURIST_NEWREC_ACCESS')) {
$userDefaultVisibility = strtolower(HEURIST_NEWREC_ACCESS);
}
//final verification
if ($userDefaultOwnerGroupID != 0 && !in_array($userDefaultOwnerGroupID, get_group_ids())) {
$userDefaultOwnerGroupID = get_user_id();
}
if (!in_array($userDefaultVisibility, array('viewable', 'hidden', 'public', 'pending'))) {
$userDefaultVisibility = 'viewable';
}
$addRecDefaults = array($userDefaultRectype, $userDefaultOwnerGroupID, $userDefaultVisibility, $wgTags, $personalTags, $settings_visible);
return $addRecDefaults;
}