/**
* Get array of contacts data by Email
*
* @param string $data
* @return array of CMS_profile_user
* @access public
*/
static function getByEmail($data)
{
if (!SensitiveIO::isValidEmail($data)) {
CMS_grandFather::raiseError('$data must be a valid email : ' . $data);
return array();
}
$aUsers = array();
//create the request to look for the data
$sql = 'select `id_cd`
from `contactDatas`
where `email_cd` = "' . sensitiveIO::sanitizeSQLString($data) . '"';
//launching the request
$q = new CMS_query($sql);
//checking if ok and looping on results
if (!$q->hasError()) {
while (($oTmpUserId = $q->getValue("id_cd")) !== false) {
//creating the user and filling the data
$oTmpUser = CMS_profile_usersCatalog::getByID($oTmpUserId);
if (!$oTmpUser->hasError()) {
$oTmpUser->getContactData();
if (!$oTmpUser->hasError()) {
$aUsers[] = $oTmpUser;
}
}
}
unset($oTmpUser, $oTmpUserId);
}
return $aUsers;
}
/**
* Returns a resourceValidation object instance from a DB id or from GetValidationByID function if exists.
* Static function.
*
* @param integer $id the id of the saved object
* @return resourceValidation the instance unserialized, false if not found.
* @access public
*/
static function getValidationInstance($id, $user = false)
{
if (!SensitiveIO::isPositiveInteger($id) && base64_decode($id) && $user) {
//load validation form encoded ID (new validations system)
$decodedID = explode('||', base64_decode($id));
$module = CMS_modulesCatalog::getByCodename($decodedID[0]);
$editions = $decodedID[1];
$resourceID = $decodedID[2];
if (isset($module) && isset($editions) && isset($resourceID)) {
return $module->getValidationByID($resourceID, $user, $editions);
}
}
$sql = "\n\t\t\tselect\n\t\t\t\tserializedObject_rv as data\n\t\t\tfrom\n\t\t\t\tresourceValidations\n\t\t\twhere\n\t\t\t\tid_rv='" . $id . "'\n\t\t";
$q = new CMS_query($sql);
if ($q->getNumRows()) {
$instance = unserialize(stripslashes($q->getValue("data")));
$instance->setID($id);
return $instance;
} else {
parent::raiseError("Unknown id : " . $id);
return false;
}
}
/**
* Get the search.
*
* @param integer $searchType : the type of the search (see constants)
* @return array of CMS_page the result pages
* @access public
*/
function getSearch($keywords, $user, $public = false, $withPageContent = false)
{
if (is_a($user, 'CMS_profile_user')) {
$cms_language = $user->getLanguage();
} else {
$cms_language = new CMS_language('fr');
}
$results = array();
$count = 0;
/*$messages = array();
$message = '';*/
$where = $order = '';
$foundLinkToIDs = $foundLinkFromIDs = $foundPagesFromTemplate = $foundPagesFromRow = $matches = array();
// Clean keywords
$keywords = SensitiveIO::sanitizeSQLString($keywords);
$keywords = strtr($keywords, ",;", " ");
$blocks = array();
$blocks = array_map("trim", array_unique(explode(" ", $keywords)));
$cleanedBlocks = array();
foreach ($blocks as $block) {
if ($block !== '' || sensitiveIO::isPositiveInteger($block)) {
$block = str_replace(array('%', '_'), array('\\%', '\\_'), $block);
$cleanedBlocks[] = $block;
}
}
// Separate block codes
if ($cleanedBlocks) {
$allDatas = array();
$allCodes = CMS_search::getAllCodes();
foreach ($allCodes as $code) {
$datas = array();
foreach (array_keys($cleanedBlocks) as $key) {
if (strstr($cleanedBlocks[$key], $code . ':')) {
$datas[] = $cleanedBlocks[$key];
unset($cleanedBlocks[$key]);
}
}
if ($datas) {
$allDatas[$code] = $datas;
}
}
$allDatas[self::SEARCH_TYPE_DEFAULT] = $cleanedBlocks;
// Get IDs from all specific codes
$foundIDs = array();
$allLinksNumber = 0;
foreach ($allCodes as $code) {
switch ($code) {
case self::SEARCH_TYPE_LINKTO:
if (isset($allDatas[self::SEARCH_TYPE_LINKTO])) {
$foundLinkToIDs = array();
$where = '';
$count = 0;
foreach ($allDatas[self::SEARCH_TYPE_LINKTO] as $block) {
$tabValues = explode(':', $block);
if (SensitiveIO::isPositiveInteger($tabValues[1])) {
$where .= $count ? ' or ' : '';
$count++;
$where .= " start_lre = '" . $tabValues[1] . "' ";
}
}
if ($where) {
$select = ' stop_lre ';
$from = 'linx_real_public';
$sql = "\n\t\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\t\t" . $select . "\n\t\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\t\t" . $from . "\n\t\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t\t" . $where;
$q = new CMS_query($sql);
$arr = array();
while ($arr = $q->getArray()) {
$foundLinkToIDs[] = $arr["stop_lre"];
}
// Count links number
$allLinksNumber += count($foundLinkToIDs);
$where = $select = '';
}
}
break;
case self::SEARCH_TYPE_LINKFROM:
if (isset($allDatas[self::SEARCH_TYPE_LINKFROM])) {
$foundLinkFromIDs = array();
$where = '';
$count = 0;
/*$messagesIDs = array();*/
foreach ($allDatas[self::SEARCH_TYPE_LINKFROM] as $block) {
$tabValues = explode(':', $block);
if (SensitiveIO::isPositiveInteger($tabValues[1])) {
$where .= $count ? ' or ' : '';
$count++;
$where .= " stop_lre = '" . $tabValues[1] . "' ";
}
}
if ($where) {
$select = ' start_lre ';
$from = 'linx_real_public';
$sql = "\n\t\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\t\t" . $select . "\n\t\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\t\t" . $from . "\n\t\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t\t" . $where;
$q = new CMS_query($sql);
$arr = array();
while ($arr = $q->getArray()) {
$foundLinkFromIDs[] = $arr["start_lre"];
}
// Count links number
$allLinksNumber += count($foundLinkFromIDs);
$where = $select = '';
}
}
break;
case self::SEARCH_TYPE_TEMPLATE:
if (isset($allDatas[self::SEARCH_TYPE_TEMPLATE])) {
$foundPagesFromTemplate = array();
foreach ($allDatas[self::SEARCH_TYPE_TEMPLATE] as $block) {
$tabValues = explode(':', $block);
if (SensitiveIO::isPositiveInteger($tabValues[1])) {
$foundPagesFromTemplate = array_unique(array_merge(CMS_pageTemplatesCatalog::getPagesByTemplate($tabValues[1]), $foundPagesFromTemplate));
}
}
$allLinksNumber += count($foundPagesFromTemplate);
}
break;
case self::SEARCH_TYPE_ROW:
if (isset($allDatas[self::SEARCH_TYPE_ROW])) {
$foundPagesFromRow = array();
foreach ($allDatas[self::SEARCH_TYPE_ROW] as $block) {
$tabValues = explode(':', $block);
if (SensitiveIO::isPositiveInteger($tabValues[1])) {
$foundPagesFromRow = array_unique(array_merge(CMS_rowsCatalog::getPagesByRow($tabValues[1]), CMS_rowsCatalog::getPagesByRow($tabValues[1], false, true), $foundPagesFromRow));
}
}
$allLinksNumber += count($foundPagesFromRow);
}
break;
}
}
$foundIDs = array_unique(array_merge($foundLinkToIDs, $foundLinkFromIDs, $foundPagesFromTemplate, $foundPagesFromRow));
// Main sql requests (for pageId, pages codenames and keywords)
if ($allDatas[self::SEARCH_TYPE_DEFAULT]) {
$count = 0;
$where = '';
foreach ($allDatas[self::SEARCH_TYPE_DEFAULT] as $key => $block) {
if (SensitiveIO::isPositiveInteger($block)) {
$where .= $count ? ' or ' : '';
$count++;
$where .= " (page_pbd like '%" . $block . "%')";
unset($allDatas[self::SEARCH_TYPE_DEFAULT][$key]);
}
}
$order = '';
if ($allDatas[self::SEARCH_TYPE_DEFAULT]) {
$suffix = $public ? '_public' : '_edited';
if (!$withPageContent) {
//Search in page metadatas
//$count = 0;
foreach ($allDatas[self::SEARCH_TYPE_DEFAULT] as $block) {
$where .= $count ? ' or ' : '';
$count++;
$where .= " (\n\t\t\t\t\t\t\t\ttitle_pbd like '%" . $block . "%'\n\t\t\t\t\t\t\t\tor linkTitle_pbd like '%" . $block . "%'\n\t\t\t\t\t\t\t\tor keywords_pbd like '%" . $block . "%'\n\t\t\t\t\t\t\t\tor description_pbd like '%" . $block . "%'\n\t\t\t\t\t\t\t\tor category_pbd like '%" . $block . "%'\n\t\t\t\t\t\t\t\tor codename_pbd = '" . $block . "'\n\t\t\t\t\t\t\t)";
}
if ($foundIDs) {
$where .= " and page_pbd in (" . implode($foundIDs, ',') . ") ";
}
// Set SQL
$sql = "\n\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\tpage_pbd\n\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\tpagesBaseData" . $suffix . "\n\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t" . $where . "\n\t\t\t\t\t\t";
$q = new CMS_query($sql);
//pr($sql);
$results = array();
$count = 0;
$foundIDs = array();
while ($id = $q->getValue('page_pbd')) {
$foundIDs[] = $id;
}
$order = "\n\t\t\t\t\t \t\torder by title_pbd asc\n\t\t\t\t\t\t";
} else {
//Search in page content (fulltext search)
$keywords = implode(' ', $allDatas[self::SEARCH_TYPE_DEFAULT]);
$selects = array('pagesBaseData' . $suffix => array('page' => 'page_pbd', 'match' => 'title_pbd,linkTitle_pbd,keywords_pbd,description_pbd,codename_pbd'), 'blocksVarchars' . $suffix => array('page' => 'page', 'match' => 'value'), 'blocksTexts' . $suffix => array('page' => 'page', 'match' => 'value', 'entities' => true), 'blocksImages' . $suffix => array('page' => 'page', 'match' => 'label'), 'blocksFiles' . $suffix => array('page' => 'page', 'match' => 'label'));
$matches = array();
foreach ($selects as $table => $select) {
// Set SQL
$sql = "\n\t\t\t\t\t\t\t\tselect \n\t\t\t\t\t\t\t\t\t" . $select['page'] . " as pageId, MATCH (" . $select['match'] . ") AGAINST ('" . sensitiveIO::sanitizeSQLString($keywords) . "') as m1\n\t\t\t\t\t\t\t\t\t" . (isset($select['entities']) && $keywords != htmlentities($keywords) ? " , MATCH (" . $select['match'] . ") AGAINST ('" . sensitiveIO::sanitizeSQLString(htmlentities($keywords)) . "') as m2 " : '') . "\n\t\t\t\t\t\t\t\tfrom \n\t\t\t\t\t\t\t\t\t" . $table . "\n\t\t\t\t\t\t\t\twhere \n\t\t\t\t\t\t\t\t\tMATCH (" . $select['match'] . ") AGAINST ('" . sensitiveIO::sanitizeSQLString($keywords) . "')\n\t\t\t\t\t\t\t\t\t" . (isset($select['entities']) && $keywords != htmlentities($keywords) ? " or MATCH (" . $select['match'] . ") AGAINST ('" . sensitiveIO::sanitizeSQLString(htmlentities($keywords)) . "') " : '') . "\n\t\t\t\t\t\t\t\t";
//pr($sql);
$q = new CMS_query($sql);
while ($r = $q->getArray()) {
if (!isset($matches[$r['pageId']]) || isset($matches[$r['pageId']]) && $r['m1'] > $matches[$r['pageId']]) {
$matches[$r['pageId']] = $r['m1'];
}
if (isset($r['m2']) && (!isset($matches[$r['pageId']]) || isset($matches[$r['pageId']]) && $r['m2'] > $matches[$r['pageId']])) {
$matches[$r['pageId']] = $r['m2'];
}
}
}
//sort page Ids by relevance
arsort($matches, SORT_NUMERIC);
//$matches = array_keys($matches);
$order = "\n\t\t\t\t\t \t\torder by field(page_pbd, " . implode(',', array_reverse(array_keys($matches))) . ") desc\n\t\t\t\t\t\t";
$foundIDs = $foundIDs ? array_intersect(array_keys($matches), $foundIDs) : array_keys($matches);
}
} else {
$order = " order by page_pbd ";
}
}
if ($foundIDs) {
$select = ' page_pbd ';
$from = $public ? 'pagesBaseData_public' : 'pagesBaseData_edited';
$where .= $where && $foundIDs ? " and " : '';
$where .= $foundIDs ? " page_pbd in (" . implode($foundIDs, ',') . ") " : '';
if ($where) {
// Set SQL
$sql = "\n\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t" . $select . "\n\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t" . $from . "\n\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t" . $where . "\n\t\t\t\t\t\t" . $order . "\n\t\t\t\t\t";
$q = new CMS_query($sql);
//pr($sql);
$results = array();
$count = 0;
while ($arr = $q->getArray()) {
$id = $arr["page_pbd"];
if ($user->hasPageClearance($id, CLEARANCE_PAGE_VIEW)) {
$count++;
$results[$id] = $id;
}
}
}
}
} else {
// No results
$count = 0;
}
return array('nbresult' => $count, 'nblinksresult' => $allLinksNumber, 'results' => $results, 'score' => $matches);
}
/**
* Get toolbar by code
*
* @param string $code the toolbar code to get
* @param CMS_profile_user $user the toolbar elements to set
* @return array the toolbars
* @access public
* @static
*/
function getByCode($code, &$user)
{
$sql = "\n\t\t\tselect\n\t\t\t\tid_tool\n\t\t\tfrom\n\t\t\t\ttoolbars\n\t\t\twhere\n\t\t\t\tcode_tool = '" . sensitiveIO::sanitizeSQLString($code) . "'\n\t\t";
$q = new CMS_query($sql);
return $q->getNumRows() ? new CMS_wysiwyg_toolbar($q->getValue("id_tool"), $user) : false;
}
/**
* Search messages
* Static function.
*
* @param string module : module to search messages
* @param string search : search message by value
* @param array languagesOnly : limit search to given languages codes
* @param array options : search options
* @param string direction : search is ordered by results id. Specify order direction (asc or desc). Default : asc
* @param integer start : search start offset
* @param integer limit : search limit (default : 0 : unlimited)
* @param integer resultsnb : return results count by reference
* @return array(id => msg)
* @access public
*/
static function searchMessages($module, $search = '', $languagesOnly = array(), $options = array(), $direction = 'asc', $start = 0, $limit = 0, &$resultsnb)
{
$start = (int) $start;
$limit = (int) $limit;
$direction = in_array(io::strtolower($direction), array('asc', 'desc')) ? io::strtolower($direction) : 'asc';
$emptyOnly = $idsOnly = false;
if (is_array($options)) {
$emptyOnly = isset($options['empty']) && $options['empty'] ? true : false;
$idsOnly = isset($options['ids']) && is_array($options['ids']) ? $options['ids'] : false;
}
$keywordsWhere = $languagesWhere = $emptyWhere = $orderBy = $orderClause = $idsWhere = '';
//get ids for which one message is missing
if ($emptyOnly) {
$qLanguages = new CMS_query("\n\t\t\t\tselect \n\t\t\t\t\tdistinct language_mes\n\t\t\t\tfrom \n\t\t\t\t\tmessages\n\t\t\t\twhere\n\t\t\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t");
$qIds = new CMS_query("\n\t\t\t\tselect \n\t\t\t\t\tdistinct id_mes\n\t\t\t\tfrom \n\t\t\t\t\tmessages\n\t\t\t\twhere\n\t\t\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t");
$allIds = $qIds->getAll(PDO::FETCH_COLUMN | PDO::FETCH_UNIQUE, 0);
$missingIds = array();
while ($language = $qLanguages->getValue('language_mes')) {
$qLang = new CMS_query("\n\t\t\t\t\tselect \n\t\t\t\t\t\tdistinct id_mes\n\t\t\t\t\tfrom \n\t\t\t\t\t\tmessages\n\t\t\t\t\twhere\n\t\t\t\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t\t\t\tand language_mes='" . $language . "'\n\t\t\t\t\t\tand message_mes != ''\n\t\t\t\t");
$ids = $qLang->getAll(PDO::FETCH_COLUMN | PDO::FETCH_UNIQUE, 0);
$missingIds = array_merge($missingIds, array_diff($allIds, $ids));
}
if (!$missingIds) {
$resultsnb = 0;
return array();
}
$emptyWhere = ' and id_mes in (' . implode($missingIds, ',') . ')';
}
if ($idsOnly) {
$idsWhere = ' and id_mes in (' . io::sanitizeSQLString(implode($idsOnly, ',')) . ')';
}
if ($search) {
//clean user keywords (never trust user input, user is evil)
$search = strtr($search, ",;", " ");
if (isset($options['phrase']) && $options['phrase']) {
$search = str_replace(array('%', '_'), array('\\%', '\\_'), $search);
if (htmlentities($search) != $search) {
$keywordsWhere .= " and (\n\t\t\t\t\t\tmessage_mes like '%" . sensitiveIO::sanitizeSQLString($search) . "%' or message_mes like '%" . sensitiveIO::sanitizeSQLString(htmlentities($search)) . "%'\n\t\t\t\t\t)";
} else {
$keywordsWhere .= " and message_mes like '%" . sensitiveIO::sanitizeSQLString($search) . "%'";
}
} else {
$words = array();
$words = array_map("trim", array_unique(explode(" ", io::strtolower($search))));
$cleanedWords = array();
foreach ($words as $aWord) {
if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) {
$aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord);
$cleanedWords[] = $aWord;
}
}
if (!$cleanedWords) {
//if no words after cleaning, return
return array();
}
foreach ($cleanedWords as $cleanedWord) {
$keywordsWhere .= $keywordsWhere ? " and " : '';
if (htmlentities($aWord) != $aWord) {
$keywordsWhere .= " (\n\t\t\t\t\t\t\tmessage_mes like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%' or message_mes like '%" . sensitiveIO::sanitizeSQLString(htmlentities($cleanedWord)) . "%'\n\t\t\t\t\t\t)";
} else {
$keywordsWhere .= " (\n\t\t\t\t\t\t\tmessage_mes like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\t\t)";
}
}
$keywordsWhere = ' and (' . $keywordsWhere . ')';
}
}
if (is_array($languagesOnly) && $languagesOnly) {
$languagesWhere = ' and language_mes in (\'' . implode($languagesOnly, '\',\'') . '\')';
}
$orderClause = "order by\n\t\t\tid_mes\n\t\t\t" . $direction;
$sql = "\n\t\t\tselect\n\t\t\t\tid_mes as id\n\t\t\tfrom\n\t\t\t\tmessages\n\t\t\twhere \n\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t" . $keywordsWhere . "\n\t\t\t" . $languagesWhere . "\n\t\t\t" . $emptyWhere . "\n\t\t\t" . $idsWhere . "\n\t\t";
$q = new CMS_query($sql);
if (!$q->getNumRows()) {
$resultsnb = 0;
return array();
}
$messageIds = array();
$messageIds = $q->getAll(PDO::FETCH_COLUMN | PDO::FETCH_UNIQUE, 0);
$sql = "\n\t\t\tselect\n\t\t\t\tid_mes as id,\n\t\t\t\tmodule_mes as module,\n\t\t\t\tlanguage_mes as language,\n\t\t\t\tmessage_mes as message\n\t\t\tfrom\n\t\t\t\tmessages\n\t\t\twhere \n\t\t\t\tmodule_mes = '" . io::sanitizeSQLString($module) . "'\n\t\t\t\tand id_mes in (" . implode($messageIds, ',') . ")\n\t\t\t\t" . $orderClause . "\n\t\t";
$q = new CMS_query($sql);
if (!$q->getNumRows()) {
$resultsnb = 0;
return array();
}
$messageGroups = array();
$messageGroups = $q->getAll(PDO::FETCH_GROUP | PDO::FETCH_ASSOC);
$resultsnb = count($messageGroups);
if ($limit) {
$messageGroups = array_slice($messageGroups, $start, $limit, true);
}
$messages = array();
foreach ($messageGroups as $key => $messageGroup) {
$messages[$key]['id'] = $key;
foreach ($messageGroup as $message) {
$messages[$key][$message['language']] = $message['message'];
}
}
return $messages;
}
/**
* Return options tag list (for a select tag) of all float values for this field
*
* @param array $values : parameters values array(parameterName => parameterValue) in :
* selected : the float value which is selected (optional)
* @param multidimentionnal array $tags : xml2Array content of atm-function tag (nothing for this one)
* @return string : options tag list
* @access public
*/
function selectOptions($values, $tags)
{
$return = "";
$fieldID = $this->_field->getID();
$allValues = array();
$status = $this->_public ? 'public' : 'edited';
// Search all values for this field
$sql = "select\n distinct value\n from\n mod_subobject_string_" . $status . "\n where\n objectFieldID='" . $fieldID . "'\n\t\t";
$q = new CMS_query($sql);
while (($value = $q->getValue('value')) !== false) {
if ($value) {
$allValues[$value] = $value;
}
}
if (is_array($allValues) && $allValues) {
natsort($allValues);
foreach ($allValues as $id => $label) {
$selected = $id == $values['selected'] ? ' selected="selected"' : '';
$return .= '<option title="' . io::htmlspecialchars($label) . '" value="' . $id . '"' . $selected . '>' . $label . '</option>';
}
}
return $return;
}
/**
* Get form field by it's name
*
* @param string $fieldName : the form field name to get
* @param boolean $outputobjects : return array of CMS_forms_field instead of array of ids (default : false)
* @param boolean $withDesactivedFields : add desactived fields to returned list (default : false)
* @access public
* @return array of CMS_forms_field
*/
function getFieldByName($fieldName, $outputobjects = false, $withDesactivedFields = false)
{
$sql = "\n\t\t\tselect\n\t\t\t\tid_fld as id\n\t\t\tfrom\n\t\t\t\tmod_cms_forms_fields\n\t\t\twhere\n\t\t\t\tform_fld='" . $this->getID() . "'\n\t\t\t\tand name_fld='" . sensitiveIO::sanitizeSQLString($fieldName) . "'\n\t\t";
if (!$withDesactivedFields) {
$sql .= " and active_fld = '1'";
}
$q = new CMS_query($sql);
if ($q->getNumRows()) {
if ($outputobjects) {
return new CMS_forms_field($q->getValue('id'));
} else {
return $q->getValue('id');
}
}
}
/**
* Get all the letters that have a least one group with a title beginning with
* Static function.
*
* @return array(string)
* @access public
*/
static function getLettersForTitle()
{
$sql = "\n\t\t\tselect\n\t\t\t\tleft(label_prg, 1) as initial\n\t\t\tfrom\n\t\t\t\tprofilesUsersGroups\n\t\t\tgroup by\n\t\t\t\tinitial\n\t\t\torder by\n\t\t\t\tinitial\n\t\t";
$q = new CMS_query($sql);
$letters = array();
while (($letter = $q->getValue("initial")) !== false) {
if (trim($letter)) {
$letters[] = ucfirst($letter);
}
}
return $letters;
}
/**
* Return alias page URL if exists for a given page
*
* @param mixed $page the page or page Id to get URL of
* @param constant $relativeTo Return the alias path relative from webroot (default) or from filesystem (PATH_RELATIVETO_FILESYSTEM)
* @return string : the alias page url or false if none found
* @access public
*/
function getPageURL($page, $relativeTo = PATH_RELATIVETO_WEBROOT)
{
$pageId = is_object($page) ? $page->getID() : $page;
$sql = "\n\t\t\tselect \n\t\t\t\tid_ma\n\t\t\tfrom\n\t\t\t\tmod_cms_aliases\n\t\t\twhere\n\t\t\t\tpage_ma='" . io::sanitizeSQLString($pageId) . "'\n\t\t\t\tand replace_ma = 1";
$q = new CMS_query($sql);
if (!$q->getNumRows()) {
return false;
}
$alias = CMS_module_cms_aliases::getById($q->getValue('id_ma'));
if (!$alias || $alias->hasError()) {
return false;
}
return $alias->getPath(true, $relativeTo);
}
/**
* Apply group profile to all users belonging in this group
* This method must be as fast as possible
*
* @return void
* @access public
*/
function applyToUsers()
{
if (!$this->_users) {
return true;
}
// class users by groups they belong to
$usersByGroups = array();
foreach ($this->_users as $userId) {
$userGroupsIds = CMS_profile_usersGroupsCatalog::getGroupsOfUser($userId, true);
ksort($userGroupsIds);
$usersByGroups[implode(',', $userGroupsIds)][] = $userId;
}
ksort($usersByGroups);
$profiles = array();
//then loop through usersByGroups to compute rights of each combination of groups
foreach ($usersByGroups as $groupsIds => $usersIds) {
$groupIds = explode(',', $groupsIds);
$groupStack = $oldGroupStack = '';
$profile = null;
foreach ($groupIds as $groupId) {
$oldGroupStack = $groupStack;
$groupStack .= $groupStack ? ',' . $groupId : $groupId;
if ($groupStack && isset($profiles[$groupStack])) {
//already computed : do nothing
} elseif ($oldGroupStack && isset($profiles[$oldGroupStack])) {
$profile = clone $profiles[$oldGroupStack];
//get last computation
} else {
$profile = new CMS_profile();
}
if ($profile) {
//add group clearances
$group = CMS_profile_usersGroupsCatalog::getById($groupId);
if ($group && !$group->hasError()) {
$profile->addPageClearances($group->getPageClearances());
$profile->addModuleClearances($group->getModuleClearances());
$profile->addModuleCategoriesClearancesStack($group->getModuleCategoriesClearancesStack());
$profile->addValidationClearances($group->getValidationClearances());
$profile->addAdminClearance($group->getAdminClearance());
$profile->addTemplateGroupsDenied($group->getTemplateGroupsDenied());
$profile->addRowGroupsDenied($group->getRowGroupsDenied());
//store profile
$profiles[$groupStack] = $profile;
}
}
}
}
// Delete old categories clearances first (to speedup further inserts)
$q = new CMS_query("select profile_pru from profilesUsers where id_pru in (" . implode(',', $this->_users) . ")");
while (($id = $q->getValue('profile_pru')) !== false) {
$qdel = new CMS_query("delete from modulesCategories_clearances where profile_mcc ='" . SensitiveIO::sanitizeSQLString($id) . "'");
}
//then loop through usersByGroups to apply rights of users by groups
foreach ($usersByGroups as $groupsIds => $usersIds) {
//get profile for groups
if (isset($profiles[$groupsIds])) {
$profile = $profiles[$groupsIds];
//get profilesIds for users
$q = new CMS_query("select profile_pru from profilesUsers where id_pru in (" . implode(',', $usersIds) . ")");
$usersProfilesIds = array();
while (($id = $q->getValue('profile_pru')) !== false) {
$usersProfilesIds[] = $id;
}
if ($usersProfilesIds) {
//Update profiles
$pagesClearancesStack = $profile->getPageClearances();
$validationClearancesStack = $profile->getValidationClearances();
$moduleClearancesStack = $profile->getModuleClearances();
$templateGroupsDenied = $profile->getTemplateGroupsDenied();
$rowGroupsDenied = $profile->getRowGroupsDenied();
$q = new CMS_query("\n\t\t\t\t\t\tupdate\n\t\t\t\t\t\t\tprofiles\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tadministrationClearance_pr='" . SensitiveIO::sanitizeSQLString($profile->getAdminClearance()) . "',\n\t\t\t\t\t\t\tpageClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($pagesClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\tvalidationClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($validationClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\tmoduleClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($moduleClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\ttemplateGroupsDeniedStack_pr='" . SensitiveIO::sanitizeSQLString($templateGroupsDenied->getTextDefinition()) . "',\n\t\t\t\t\t\t\trowGroupsDeniedStack_pr='" . SensitiveIO::sanitizeSQLString($rowGroupsDenied->getTextDefinition()) . "'\n\t\t\t\t\t\twhere\n\t\t\t\t\t\t\tid_pr in (" . implode(',', $usersProfilesIds) . ")\n\t\t\t\t\t");
//Update categories clearances
$moduleCategoriesClearanceStack = $profile->getModuleCategoriesClearancesStack();
// Insert new ones
$elements = $moduleCategoriesClearanceStack->getElements();
if (is_array($elements) && $elements) {
$values = '';
foreach ($usersProfilesIds as $userProfileId) {
foreach ($elements as $v) {
$values .= $values ? ',' : '';
$values .= "('" . $userProfileId . "', '" . $v[0] . "', '" . $v[1] . "')";
}
}
$sql = "\n\t\t\t\t\t\t\tinsert into modulesCategories_clearances\n\t\t\t\t\t\t\t\t(profile_mcc, category_mcc, clearance_mcc)\n\t\t\t\t\t\t\tvalues " . $values . "\n\t\t\t\t\t\t";
$q = new CMS_query($sql);
}
}
}
}
//Clear polymod cache
CMS_cache::clearTypeCache('polymod');
return true;
}
/**
* Finds an Object Definition based on the uuid
*
* @param string $uuid The object uuid to look for
* @return CMS_poly_object_definition|boolean
* @access public
*/
public static function getDefinitionFromUuid($uuid)
{
if (!$uuid) {
CMS_grandFather::raiseError("uuid must be set");
return false;
}
$q = new CMS_query("\n\t\t\tselect\n\t\t\t\tid_mod\n\t\t\tfrom\n\t\t\t\tmod_object_definition\n\t\t\twhere\n\t\t\t\tuuid_mod='" . io::sanitizeSQLString($uuid) . "'\n\t\t");
return $q->getNumRows() == 1 ? new CMS_poly_object_definition($q->getValue('id_mod')) : false;
}
/**
* This category contains any sibling ?
*
* @access public
* @return boolean
*/
function hasSiblings()
{
$items = array();
$sql = "\n\t\t\tselect\n\t\t\t\tcount(*) as c\n\t\t\tfrom\n\t\t\t\tmodulesCategories\n\t\t\twhere\n\t\t\t\tparent_mca='" . $this->_categoryID . "'\n\t\t";
$q = new CMS_query($sql);
return (int) $q->getValue("c") > 0;
}
/**
* Writes the website into persistence (MySQL for now).
*
* @return boolean true on success, false on failure
* @access public
*/
function writeToPersistence()
{
if (!sensitiveIO::isPositiveInteger($this->_order)) {
//get max order
$sql = "\n\t\t\t\tselect \n\t\t\t\t\tmax(order_web) as order_max\n\t\t\t\tfrom\n\t\t\t\t\twebsites\n\t\t\t";
$q = new CMS_query($sql);
if ($q->hasError() || !$q->getNumRows()) {
CMS_grandFather::raiseError('Error to get max order from websites table ... ');
return false;
}
$this->_order = $q->getValue('order_max') + 1;
}
$sql_fields = "\n\t\t\tlabel_web='" . SensitiveIO::sanitizeSQLString($this->_label) . "',\n\t\t\tcodename_web='" . SensitiveIO::sanitizeSQLString($this->_codename) . "',\n\t\t\turl_web='" . SensitiveIO::sanitizeSQLString($this->_url) . "',\n\t\t\taltdomains_web='" . SensitiveIO::sanitizeSQLString($this->_altdomains) . "',\n\t\t\taltredir_web='" . ($this->_altredir ? 1 : 0) . "',\n\t\t\troot_web='" . $this->_root->getID() . "',\n\t\t\tkeywords_web='" . SensitiveIO::sanitizeSQLString($this->_meta['keywords']) . "',\n\t\t\tdescription_web='" . SensitiveIO::sanitizeSQLString($this->_meta['description']) . "',\n\t\t\tcategory_web='" . SensitiveIO::sanitizeSQLString($this->_meta['category']) . "',\n\t\t\tauthor_web='" . SensitiveIO::sanitizeSQLString($this->_meta['author']) . "',\n\t\t\treplyto_web='" . SensitiveIO::sanitizeSQLString($this->_meta['replyto']) . "',\n\t\t\tcopyright_web='" . SensitiveIO::sanitizeSQLString($this->_meta['copyright']) . "',\n\t\t\tlanguage_web='" . SensitiveIO::sanitizeSQLString($this->_meta['language']) . "',\n\t\t\trobots_web='" . SensitiveIO::sanitizeSQLString($this->_meta['robots']) . "',\n\t\t\tfavicon_web='" . SensitiveIO::sanitizeSQLString($this->_meta['favicon']) . "',\n\t\t\tmetas_web='" . SensitiveIO::sanitizeSQLString($this->_meta['metas']) . "',\n\t\t\torder_web='" . SensitiveIO::sanitizeSQLString($this->_order) . "',\n\t\t\t403_web='" . SensitiveIO::sanitizeSQLString($this->_403) . "',\n\t\t\t404_web='" . SensitiveIO::sanitizeSQLString($this->_404) . "'\n\t\t";
if ($this->_id) {
$sql = "\n\t\t\t\tupdate\n\t\t\t\t\twebsites\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields . "\n\t\t\t\twhere\n\t\t\t\t\tid_web='" . $this->_id . "'\n\t\t\t";
} else {
$sql = "\n\t\t\t\tinsert into\n\t\t\t\t\twebsites\n\t\t\t\tset\n\t\t\t\t\t" . $sql_fields;
}
$q = new CMS_query($sql);
if ($q->hasError()) {
return false;
} elseif (!$this->_id) {
$this->_id = $q->getLastInsertedID();
}
//create the page directory
if (!is_dir($this->getPagesPath(PATH_RELATIVETO_FILESYSTEM))) {
@mkdir($this->getPagesPath(PATH_RELATIVETO_FILESYSTEM));
@chmod($this->getPagesPath(PATH_RELATIVETO_FILESYSTEM), octdec(DIRS_CHMOD));
}
return true;
}
if (!$error && $return) {
$content .= '<code>' . str_replace("\n", '<br />', $return) . '</code>';
}
$content .= '
</fieldset>';
}
//Daily Routine
if ($mysqlOk) {
$modules = CMS_modulesCatalog::getAll();
$drContent = '';
foreach ($modules as $aModule) {
//see if the action was done today
$sql = "\n\t\t\tselect\n\t\t\t\t*\n\t\t\tfrom\n\t\t\t\tactionsTimestamps\n\t\t\twhere\n\t\t\t\ttype_at='DAILY_ROUTINE'\n\t\t\t\tand module_at='" . io::sanitizeSQLString($aModule->getCodename()) . "'\n\t\t";
$q = new CMS_query($sql);
if ($q->getNumRows()) {
$drContent .= '<li class="atm-pic-ok">OK for "' . $aModule->getLabel($cms_language) . '". Last execution: ' . $q->getValue('date_at') . '</li>';
}
}
if ($drContent) {
$content .= '<br />
<fieldset style="padding:5px;">
<legend>Test Daily Routine</legend>
<ul class="atm-server">
' . $drContent . '
</ul>
</fieldset>';
}
}
$content = sensitiveIO::sanitizeJSString($content);
//Files tab
$filescontent = '
/**
* Does a row exists with given parameters
* this method is use by fromArray import method to know if an imported row already exist or not
*
* @param string $module The module codename to check
* @param string $uuid The row uuid to check
* @return mixed : integer id if exists, false otherwise
* @access public
*/
static function rowExists($module, $uuid)
{
if (!$module) {
CMS_grandFather::raiseError("module must be set");
return false;
}
if (!$uuid) {
CMS_grandFather::raiseError("uuid must be set");
return false;
}
$q = new CMS_query("\n\t\t\tselect \n\t\t\t\tid_row\n\t\t\tfrom \n\t\t\t\tmod_standard_rows \n\t\t\twhere\n\t\t\t\tuuid_row='" . io::sanitizeSQLString($uuid) . "'\n\t\t\t\tand (modulesStack_row like '" . io::sanitizeSQLString($module) . ";%'\n\t\t\t\t\tor modulesStack_row = '" . io::sanitizeSQLString($module) . "'\n\t\t\t\t\tor modulesStack_row like '%;" . io::sanitizeSQLString($module) . "'\n\t\t\t\t\tor modulesStack_row like '%;" . io::sanitizeSQLString($module) . ";%'\n\t\t\t\t)\n\t\t");
if ($q->getNumRows()) {
return $q->getValue('id_row');
}
return false;
}
/**
* Returns all categories IDs who has used by forms
*
* @param CMS_language $language, restrict to language (default : false)
* @access public
* @return array(interger id => integer id) the object ids
* @static
*/
function getAllUsedCategoriesForField($language = false)
{
$sql = "\n\t\t\tselect\n\t\t\t\tdistinct category_fca as cat\n\t\t\tfrom\n\t\t\t\tmod_cms_forms_categories,\n\t\t\t\tmod_cms_forms_formulars\n\t\t\twhere\n\t\t\t\tform_fca = id_frm\n\t\t";
if (is_a($language, 'CMS_language')) {
$sql .= " and language_frm='" . $language->getCode() . "'";
}
$q = new CMS_query($sql);
$r = array();
if ($q->getNumRows()) {
while ($catID = $q->getValue('cat')) {
$r[$catID] = $catID;
}
}
return $r;
}
/**
* Returns The instance of the website whose page is a root of, or false if page is not a website root
* Static function.
*
* @param CMS_page|integer $root The supposed root page or root page ID
* @return CMS_website the website whose page is a root, or false
* @access public
*/
static function getWebsiteFromRoot($root)
{
static $roots;
if (is_object($root)) {
$rootID = $root->getID();
} elseif (sensitiveIO::isPositiveInteger($root)) {
$rootID = $root;
} else {
CMS_grandFather::raiseError('Root must be instance of CMS_page or valid root ID');
return false;
}
if (!isset($roots[$rootID])) {
$sql = "\n\t\t\t\tselect\n\t\t\t\t\tid_web\n\t\t\t\tfrom\n\t\t\t\t\twebsites\n\t\t\t\twhere\n\t\t\t\t\troot_web='" . $rootID . "'\n\t\t\t";
$q = new CMS_query($sql);
if ($q->getNumRows()) {
$roots[$rootID] = CMS_websitesCatalog::getByID($q->getValue("id_web"));
} else {
$roots[$rootID] = false;
}
}
return $roots[$rootID];
}
/**
* Clean old sessions datas
*
* @return void
* @access private
*/
protected function _cleanSessions()
{
//fetch all deletable sessions
$sql = "\n\t\t\tselect\n\t\t\t\t*\n\t\t\tfrom\n\t\t\t\tsessions\n\t\t\twhere\n\t\t\t\t(\n\t\t\t\t\tUNIX_TIMESTAMP(NOW())-UNIX_TIMESTAMP(lastTouch_ses) > " . io::sanitizeSQLString(APPLICATION_SESSION_TIMEOUT) . "\n\t\t\t\t\tand cookie_expire_ses = '0000-00-00 00:00:00'\n\t\t\t\t) OR (\n\t\t\t\t\tcookie_expire_ses != '0000-00-00 00:00:00'\n\t\t\t\t\tand TO_DAYS(NOW()) >= cookie_expire_ses\n\t\t\t\t)\n\t\t";
$q = new CMS_query($sql);
if ($q->getNumRows()) {
// Remove locks
while ($usr = $q->getValue("user_ses")) {
$sql = "\n\t\t\t\t\tdelete from \n\t\t\t\t\t\tlocks \n\t\t\t\t\twhere \n\t\t\t\t\t\tlocksmithData_lok='" . io::sanitizeSQLString($usr) . "'\n\t\t\t\t";
$qry = new CMS_query($sql);
}
// Delete all old sessions
$sql = "\n\t\t\t\tdelete from\n\t\t\t\t\tsessions \n\t\t\t\twhere\n\t\t\t\t\t(\n\t\t\t\t\t\tUNIX_TIMESTAMP(NOW())-UNIX_TIMESTAMP(lastTouch_ses) > " . io::sanitizeSQLString(APPLICATION_SESSION_TIMEOUT) . "\n\t\t\t\t\t\tand cookie_expire_ses = '0000-00-00 00:00:00'\n\t\t\t\t\t) or (\n\t\t\t\t\t\tcookie_expire_ses != '0000-00-00 00:00:00'\n\t\t\t\t\t\tand TO_DAYS(NOW()) >= cookie_expire_ses\n\t\t\t\t\t)\n\t\t\t";
$q = new CMS_query($sql);
}
}
/**
* Execute a SQL script
*
* @param $script, string : the CMS_file::FILE_SYSTEM SQL script filename
* This script can be SQL export provided by phpMyadmin or mysqldump, etc.
* @param simulation : boolean, if true, only do a read of the script and if it contain sql data, return true.
* @return boolean, true on success, false on failure
* @access public
*/
function executeSqlScript($script, $simulation = false)
{
//include PMA import functions
require_once PATH_PACKAGES_FS . '/files/sqlDump.php';
//read mysql version and set needed constant/vars for phpMyAdmin
$q = new CMS_query('SELECT VERSION() AS version');
$version = $q->getValue('version');
$match = explode('.', $version);
//read mysql file
$query = PMA_readFile($script);
//first, detect SQL file encoding
$isUTF8 = io::isUTF8($query);
//then, change charset declaration inside sql queries to match current Automne charset
if (strtolower(APPLICATION_DEFAULT_ENCODING) != 'utf-8') {
//if Automne is not in utf8, then table charset must be in latin1
$query = str_ireplace(' CHARSET=utf8', ' CHARSET=latin1', $query);
$query = str_ireplace('TYPE=MyISAM;', 'TYPE=MyISAM CHARSET=latin1;', $query);
} else {
//if Automne is in utf8, then table charset must be in utf8
$query = str_ireplace(' CHARSET=latin1', ' CHARSET=utf8', $query);
$query = str_ireplace('TYPE=MyISAM;', 'TYPE=MyISAM CHARSET=utf8;', $query);
}
//finally, clean it and split queries
PMA_splitSqlFile($queries, $query, (int) sprintf('%d%02d%02d', $match[0], $match[1], intval($match[2])));
if (!$simulation) {
//set connection charset accordingly to file charset
if ($isUTF8) {
$q = new CMS_query("SET NAMES 'utf8'");
} else {
$q = new CMS_query("SET NAMES 'latin1'");
}
//execute all queries
$ok = true;
foreach ($queries as $aQuery) {
$q = new CMS_query($aQuery);
$ok = $q->hasError() ? false : $ok;
}
//set connection charset accordingly to file charset
if ($isUTF8) {
$q = new CMS_query("SET NAMES 'latin1'");
} else {
$q = new CMS_query("SET NAMES 'utf8'");
}
} else {
$ok = is_array($queries) && $queries ? true : false;
}
//reset connection charset
if (io::strtolower(APPLICATION_DEFAULT_ENCODING) == 'utf-8') {
//set connection to utf-8 charset
$q = new CMS_query("SET NAMES 'utf8'");
} else {
$q = new CMS_query("SET NAMES 'latin1'");
}
return $ok;
}
/**
* Does a category exists with given parameters
* this method is use by fromArray import method to know if an imported category already exist or not
*
* @param string $module The module codename to check
* @param string $uuid The category uuid to check
* @return mixed : integer id if exists, false otherwise
* @access public
*/
static function categoryExists($module, $uuid)
{
if (!$module) {
CMS_grandFather::raiseError("module must be set");
return false;
}
if (!$uuid) {
CMS_grandFather::raiseError("uuid must be set");
return false;
}
$q = new CMS_query("\n\t\t\tselect \n\t\t\t\tid_mca\n\t\t\tfrom \n\t\t\t\tmodulesCategories \n\t\t\twhere\n\t\t\t\tuuid_mca='" . io::sanitizeSQLString($uuid) . "'\n\t\t\t\tand module_mca='" . io::sanitizeSQLString($module) . "'\n\t\t");
if ($q->getNumRows()) {
return $q->getValue('id_mca');
}
return false;
}
/**
* Get the number of scripts left. It's a snapshot, it changes often (hopefully)
*
* @return void
* @access public
* @static
*/
static function getScriptsNumberLeft()
{
$sql = "\n\t\t\tselect\n\t\t\t\tcount(id_reg) as nb\n\t\t\tfrom\n\t\t\t\tregenerator\n\t\t";
$q = new CMS_query($sql);
return $q->getValue("nb");
}
/**
* Test user auto login from cookie values
*
* @return boolean true if autologin accepted, false otherwise
* @access private
*/
function _autoLogin()
{
$attrs = @explode("|", base64_decode($_COOKIE[CMS_session::getAutoLoginCookieName()]));
$id_ses = (int) $attrs[0];
$session_id = $attrs[1];
if ($id_ses > 0 && $session_id) {
$sql = "\n\t\t\t\tselect\n\t\t\t\t\t*\n\t\t\t\tfrom\n\t\t\t\t\tsessions\n\t\t\t\twhere\n\t\t\t\t\tid_ses = '" . SensitiveIO::sanitizeSQLString($id_ses) . "'\n\t\t\t\t\tand phpid_ses = '" . SensitiveIO::sanitizeSQLString($session_id) . "'\n\t\t\t\t\tand cookie_expire_ses != '0000-00-00 00:00:00'\n\t\t\t";
if (CHECK_REMOTE_IP_MASK && isset($_SERVER['REMOTE_ADDR'])) {
//Check for a range in IPv4 or for the exact address in IPv6
if (filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
$a_ip_seq = explode(".", $_SERVER['REMOTE_ADDR']);
$sql .= "and remote_addr_ses like '" . SensitiveIO::sanitizeSQLString($a_ip_seq[0] . "." . $a_ip_seq[1] . ".") . "%'\n\t\t\t\t\t";
} else {
$sql .= "and remote_addr_ses = '" . SensitiveIO::sanitizeSQLString($_SERVER['REMOTE_ADDR']) . "'\n\t\t\t\t\t";
}
}
$q = new CMS_query($sql);
if ($q->getNumRows() == 1) {
$this->_user = CMS_profile_usersCatalog::getByID($q->getValue('user_ses'));
if ($this->_user && !$this->_user->hasError() && !$this->_user->isDeleted() && $this->_user->isActive()) {
$this->_messages[] = self::AUTH_AUTOLOGIN_VALID;
$this->_result = new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $this->_user->getUserId(), $this->_messages);
return true;
} else {
$this->_messages[] = self::AUTH_AUTOLOGIN_INVALID_USER;
$this->_result = new Zend_Auth_Result(Zend_Auth_Result::FAILURE, null, $this->_messages);
}
}
}
return false;
}
/**
* Return the next field order for current object ID
*
* @return array of CMS_object_fields
* @access public
* @static
*/
function getFieldsNextOrder()
{
if (sensitiveIO::isPositiveInteger($this->_objectFieldValues["objectID"])) {
$sql = "\n\t\t\t\tselect\n\t\t\t\t\tmax(order_mof) as maxOrder\n\t\t\t\tfrom\n\t\t\t\t\tmod_object_field\n\t\t\t\twhere\n\t\t\t\t\tobject_id_mof = '" . $this->_objectFieldValues["objectID"] . "'\n\t\t\t";
$q = new CMS_query($sql);
return $q->getValue("maxOrder") + 1;
}
return 1;
}
/**
* Sort and limit found ids by orders and limit clauses
* This method limit results to existant objects too
*
* @access private
* @return array of object ids sorted
*/
protected function _sortIds()
{
$statusSuffix = $this->_public ? "_public" : "_edited";
$ids = array();
if ($this->_orderConditions) {
//reverse order conditions (needed to get natural order)
$orderConditions = array_reverse($this->_orderConditions, true);
//loop on each order conditions
foreach ($orderConditions as $type => $value) {
$sql = '';
if (!isset($value['direction']) || !$value['direction']) {
$value['direction'] = 'asc';
}
if (!isset($value['operator']) || !$value['operator']) {
$value['operator'] = '';
}
$direction = $value['direction'];
$operator = $value['operator'];
//add previously found ids to where clause
if (is_array($this->_resultsIds) && $this->_resultsIds) {
//update tmp table with found ids
$this->_updateTmpList($this->_resultsIds);
$where = ' and objectID in (' . $this->_getSQLTmpList() . ')';
} else {
$where = '';
}
switch ($type) {
case "publication date after":
// Date start
// Date start
case "publication date before":
// Date start
// Date start
case "publication date start":
// Date start
$sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\torder by publicationDateStart_rs " . $direction;
break;
case "publication date end":
// Date end
$sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\t\t\t\tresources,\n\t\t\t\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tobjectFieldID = '0'\n\t\t\t\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\t\t\t\tand status_res=id_rs\n\t\t\t\t\t\t\t\t\t{$where}\n\t\t\t\t\t\t\t\torder by publicationDateEnd_rs " . $direction;
break;
case 'objectID':
$ids = $ids ? $ids : $this->_resultsIds;
ksort($ids, SORT_NUMERIC);
$ids = $direction == 'asc' ? $ids : array_reverse($ids, true);
break;
case 'itemsOrdered':
$orderedIds = $direction == 'asc' ? $this->_orderConditions['itemsOrdered']['order'] : array_reverse($this->_orderConditions['itemsOrdered']['order'], true);
$ids = array_intersect($orderedIds, $ids ? $ids : $this->_resultsIds);
unset($orderedIds);
break;
case 'random':
$tmpIds = $ids ? $ids : $this->_resultsIds;
shuffle($tmpIds);
$ids = array();
foreach ($tmpIds as $id) {
$ids[$id] = $id;
}
break;
case "relevance":
//this order condition is replaced by an itemsOrdered order at the end of _getIds method
break;
default:
if (sensitiveIO::isPositiveInteger($type)) {
if (!isset($this->_fieldsDefinitions[$type]) || !is_object($this->_fieldsDefinitions[$type])) {
//get object fields definition
$this->_fieldsDefinitions = CMS_poly_object_catalog::getFieldsDefinition($this->_object->getID());
}
if (isset($this->_fieldsDefinitions[$type])) {
//get type object for field
$objectField = $this->_fieldsDefinitions[$type]->getTypeObject();
$operator = isset($operator) ? $operator : '';
$sql = $objectField->getFieldOrderSQL($type, $direction, $operator, $where, $this->_public);
} else {
$this->raiseError('Unknown field ' . $type . ' to use as order with value ' . print_r($value, true));
}
}
break;
}
if ($sql) {
if (isset($ids) && $ids) {
$sql .= " , field(objectID, " . implode(',', array_reverse($ids)) . ") desc ";
}
$q = new CMS_query($sql);
$orderedIds = array();
if (!$q->hasError()) {
//save ordered ids
while ($id = $q->getValue('objectID')) {
$orderedIds[$id] = $id;
}
}
$ids = $orderedIds;
}
}
} else {
$ids = $this->_resultsIds;
}
//check for results existance in objects datas tables
if ($ids) {
//update tmp table with found ids
$this->_updateTmpList($ids);
$where = ' objectID in (' . $this->_getSQLTmpList() . ')';
$sql = "\n\t\t\t\tselect\n\t\t\t\t\tdistinct objectID\n\t\t\t\tfrom\n\t\t\t\t\tmod_subobject_text" . $statusSuffix . "\n\t\t\t\twhere\n\t\t\t\t\t{$where}\n\t\t\t\tunion distinct\n\t\t\t\tselect\n\t\t\t\t\tdistinct objectID\n\t\t\t\tfrom\n\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\twhere\n\t\t\t\t\t{$where}\n\t\t\t\tunion distinct\n\t\t\t\tselect\n\t\t\t\t\tdistinct objectID\n\t\t\t\tfrom\n\t\t\t\t\tmod_subobject_string" . $statusSuffix . "\n\t\t\t\twhere\n\t\t\t\t\t{$where}\n\t\t\t\tunion distinct\n\t\t\t\tselect\n\t\t\t\t\tdistinct objectID\n\t\t\t\tfrom\n\t\t\t\t\tmod_subobject_date" . $statusSuffix . "\n\t\t\t\twhere\n\t\t\t\t\t{$where}\n\t\t\t";
$q = new CMS_query($sql);
if ($q->getNumRows() != count($ids)) {
$foundIds = $q->getAll(PDO::FETCH_COLUMN, 0);
if ($foundIds) {
$ids = array_intersect($ids, $foundIds);
//update count of results
$this->_numRows = sizeof($ids);
} else {
$ids = array();
$this->_numRows = 0;
}
}
}
//Limit results if needed
if ($ids && $this->_numRows > 0 && $this->_itemsPerPage > 0) {
$ids = array_slice($ids, $this->_page * $this->_itemsPerPage, $this->_itemsPerPage, true);
}
return $ids;
}
/**
* Get all form fields
*
* @param integer $formID : the form id for wanted fields
* @param boolean $outputobjects : return array of CMS_forms_field instead of array of ids (default : false)
* @param boolean $withDesactivedFields : add desactived fields to returned list (default : false)
* @access public
* @return array of CMS_forms_field
*/
function getAll($formID, $outputobjects = false, $withDesactivedFields = false)
{
if (!sensitiveIO::isPositiveInteger($formID)) {
$this->raiseError("FormID must be a positive integer : " . $formID);
return false;
}
$sql = "\n\t\t\tselect\n\t\t\t\tid_fld as id\n\t\t\tfrom\n\t\t\t\tmod_cms_forms_fields\n\t\t\twhere\n\t\t\t\tform_fld='" . $formID . "'\n\t\t";
if (!$withDesactivedFields) {
$sql .= " and active_fld = '1'";
}
$sql .= " order by order_fld asc";
$q = new CMS_query($sql);
$return = array();
while ($id = $q->getValue('id')) {
if ($outputobjects) {
$return[$id] = new CMS_forms_field($id);
} else {
$return[$id] = $id;
}
}
return $return;
}
/**
* Gets the module validations Info for the given editions and user
*
* @param CMS_user $user The user we want the validations for
* @param integer $editions The editions we want the validations of
* @param boolean $returnCount only return the count of validations
* @return array(CMS_resourceValidation) The resourceValidations objects, false if noen found
* @access public
*/
function getValidationsInfoByEditions(&$user, $editions, $returnCount = false)
{
$language = $user->getLanguage();
$validations = array();
$validationsCount = 0;
if (is_array($this->_resourceInfo) && $this->_resourceInfo) {
$primaryResource = $this->getPrimaryResourceInfo();
if ($editions & RESOURCE_EDITION_CONTENT) {
//content and/or base data change
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\t" . $primaryResource['key'] . " as id\n\t\t\t\t\tfrom\n\t\t\t\t\t\t" . $primaryResource['tableName'] . "_edited,\n\t\t\t\t\t\tresources,\n\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\twhere\n\t\t\t\t\t\t" . $primaryResource['resource'] . " = id_res\n\t\t\t\t\t\tand status_res = id_rs\n\t\t\t\t\t\tand location_rs = '" . RESOURCE_LOCATION_USERSPACE . "'\n\t\t\t\t\t\tand proposedFor_rs = 0\n\t\t\t\t\t\tand (editions_rs & " . RESOURCE_EDITION_CONTENT . "\n\t\t\t\t\t\t\t\tand not (validationsRefused_rs & " . RESOURCE_EDITION_CONTENT . "))\n\t\t\t\t";
$q = new CMS_query($sql);
if ($returnCount) {
$validationsCount += $q->getNumRows();
} else {
while ($id = $q->getValue("id")) {
$validation = new CMS_resourceValidationInfo($this->_codename, RESOURCE_EDITION_CONTENT, $id);
if (!$validation->hasError()) {
$validation->setValidationTypeLabel($language->getMessage($this->getModuleValidationLabel("edition"), false, $this->_codename));
$validations[] = $validation;
}
}
}
}
if ($editions & RESOURCE_EDITION_LOCATION) {
//Location change
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\t" . $primaryResource['key'] . " as id\n\t\t\t\t\tfrom\n\t\t\t\t\t\t" . $primaryResource['tableName'] . "_edited,\n\t\t\t\t\t\tresources,\n\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\twhere\n\t\t\t\t\t\t" . $primaryResource['resource'] . " = id_res\n\t\t\t\t\t\tand status_res = id_rs\n\t\t\t\t\t\tand location_rs = '" . RESOURCE_LOCATION_USERSPACE . "'\n\t\t\t\t\t\tand proposedFor_rs != 0\n\t\t\t\t\t\tand not (validationsRefused_rs & " . RESOURCE_EDITION_LOCATION . ")\n\t\t\t\t";
$q = new CMS_query($sql);
if ($returnCount) {
$validationsCount += $q->getNumRows();
} else {
while ($id = $q->getValue("id")) {
$validation = new CMS_resourceValidationInfo($this->_codename, RESOURCE_EDITION_LOCATION, $id);
if (!$validation->hasError()) {
$validation->setValidationTypeLabel($language->getMessage($this->getModuleValidationLabel("locationChange"), false, $this->_codename));
$validations[] = $validation;
}
}
}
}
}
return $returnCount ? $validationsCount : $validations;
}
/**
* Get the pages based on this template or templates clones
*
* @param boolean $withClones : get also all pages based on the clones (default : false)
* @return array(CMS_page) The pages
* @access private
*/
function getPages($withClones = false)
{
if (!$this->_id || !$this->_definitionFile) {
return array();
}
if ($withClones) {
$sql = "\n\t\t\t\tselect\n\t\t\t\t\tid_pag\n\t\t\t\tfrom\n\t\t\t\t\tpages,\n\t\t\t\t\tpageTemplates\n\t\t\t\twhere\n\t\t\t\t\ttemplate_pag=id_pt\n\t\t\t\t\tand definitionFile_pt = '" . $this->_definitionFile . "'\n\t\t\t";
} else {
$sql = "\n\t\t\t\tselect\n\t\t\t\t\tid_pag\n\t\t\t\tfrom\n\t\t\t\t\tpages\n\t\t\t\twhere\n\t\t\t\t\ttemplate_pag='" . $this->_id . "'\n\t\t\t";
}
$q = new CMS_query($sql);
$pages = array();
while ($id = $q->getValue("id_pag")) {
$pg = CMS_tree::getPageByID($id);
if (!$pg->hasError()) {
$pages[] = $pg;
}
}
return $pages;
}
/**
* Move the clientSpaces data from one location to another for a template
*
* @param integer $tagID the tag ID of the client space tag
* @param string $locationFrom The starting location, among the available RESOURCE_DATA_LOCATION
* @param string $locationTo The ending location, among the available RESOURCE_DATA_LOCATION
* @param boolean $copyOnly If set to true, the deletion from the originating tables and dirs won't occur
* @param boolean $forceblank If set to false, the page will be checked before removing all content of the clientspace to alert user and get confirmation. In this case, method return false until this parameter is set to true
* @return boolean true on success, false on failure
* @access public
*/
static function moveClientSpaces($templateID, $locationFrom, $locationTo, $copyOnly = false, $forceblank = false)
{
if (!SensitiveIO::isInSet($locationFrom, CMS_resource::getAllDataLocations()) || !SensitiveIO::isInSet($locationTo, CMS_resource::getAllDataLocations())) {
CMS_grandFather::raiseError("Locations are not in the set");
return false;
}
switch ($locationFrom) {
case RESOURCE_DATA_LOCATION_ARCHIVED:
$table_from = "mod_standard_clientSpaces_archived";
break;
case RESOURCE_DATA_LOCATION_DELETED:
$table_from = "mod_standard_clientSpaces_deleted";
break;
case RESOURCE_DATA_LOCATION_PUBLIC:
$table_from = "mod_standard_clientSpaces_public";
break;
case RESOURCE_DATA_LOCATION_EDITED:
$table_from = "mod_standard_clientSpaces_edited";
break;
case RESOURCE_DATA_LOCATION_EDITION:
$table_from = "mod_standard_clientSpaces_edition";
break;
}
switch ($locationTo) {
case RESOURCE_DATA_LOCATION_ARCHIVED:
$table_to = "mod_standard_clientSpaces_archived";
break;
case RESOURCE_DATA_LOCATION_DELETED:
$table_to = "mod_standard_clientSpaces_deleted";
break;
case RESOURCE_DATA_LOCATION_PUBLIC:
$table_to = "mod_standard_clientSpaces_public";
break;
case RESOURCE_DATA_LOCATION_EDITED:
$table_to = "mod_standard_clientSpaces_edited";
break;
case RESOURCE_DATA_LOCATION_EDITION:
$table_to = "mod_standard_clientSpaces_edition";
break;
}
//check for blank page
if (!$forceblank && $locationFrom == RESOURCE_DATA_LOCATION_EDITION && $locationTo == RESOURCE_DATA_LOCATION_EDITED) {
$sql = "\n\t\t\t\tselect\n\t\t\t\t\tcount(*) as c\n\t\t\t\tfrom\n\t\t\t\t\t" . $table_from . "\n\t\t\t\twhere\n\t\t\t\t\ttemplate_cs='" . $templateID . "'";
$q = new CMS_query($sql);
if ($q->getValue('c') == 0) {
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tcount(*) as c\n\t\t\t\t\tfrom\n\t\t\t\t\t\t" . $table_to . "\n\t\t\t\t\twhere\n\t\t\t\t\t\ttemplate_cs='" . $templateID . "'";
$q = new CMS_query($sql);
if ($q->getValue('c') != 0) {
return false;
}
}
}
//delete all in the destination table just incase and insert
if ($locationTo != RESOURCE_DATA_LOCATION_DEVNULL) {
$sql = "\n\t\t\t\tdelete from\n\t\t\t\t\t" . $table_to . "\n\t\t\t\twhere\n\t\t\t\t\ttemplate_cs='" . $templateID . "'\n\t\t\t";
$q = new CMS_query($sql);
$sql = "\n\t\t\t\tinsert into\n\t\t\t\t\t" . $table_to . "\n\t\t\t\t\tselect\n\t\t\t\t\t\t*\n\t\t\t\t\tfrom\n\t\t\t\t\t\t" . $table_from . "\n\t\t\t\t\twhere\n\t\t\t\t\t\ttemplate_cs='" . $templateID . "'\n\t\t\t";
$q = new CMS_query($sql);
}
if (!$copyOnly) {
//delete from the starting table
$sql = "\n\t\t\t\tdelete from\n\t\t\t\t\t" . $table_from . "\n\t\t\t\twhere\n\t\t\t\t\ttemplate_cs='" . $templateID . "'\n\t\t\t";
$q = new CMS_query($sql);
}
return true;
}
/**
* Gets a validation for a given item
*
* @param integer $itemID The item we want the validations for
* @param CMS_user $user The user we want the validations for
* @param integer $getEditionType The validation type we want.
* by default function return RESOURCE_EDITION_LOCATION then RESOURCE_EDITION_CONTENT then RESOURCE_EDITION_SIBLINGSORDER
* @return array(CMS_resourceValidation) The resourceValidations objects, false if none found for the given user.
* @access public
*/
function getValidationByID($itemID, &$user, $getEditionType = false)
{
if (!$user instanceof CMS_profile_user) {
$this->raiseError("User is not a valid CMS_profile_user object");
return false;
}
if (!$user->hasValidationClearance($this->_codename)) {
return false;
}
if (CMS_poly_object_catalog::hasPrimaryResource($this->getCodename())) {
//get object type ID
$objectID = CMS_poly_object_catalog::getPrimaryResourceObjectType($this->getCodename());
//get viewvable objects list for current user
if (CMS_poly_object_catalog::objectHasCategories($objectID)) {
$objects = CMS_poly_object_catalog::getAllObjects($objectID, false, array(), false);
//$where = (is_array($objects) && $objects) ? ' and objectID in ('.implode(',',$objects).')' : '';
if (is_array($objects) && $objects) {
$where = ' and objectID in (' . implode(',', $objects) . ')';
} else {
return false;
}
} else {
$where = '';
}
$this->getPrimaryResourceDefinition();
if (!$getEditionType) {
$getEditionType = RESOURCE_EDITION_LOCATION + RESOURCE_EDITION_CONTENT;
}
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tobjectID as id,\n\t\t\t\t\t\tlocation_rs as location,\n\t\t\t\t\t\tproposedFor_rs as proposedFor,\n\t\t\t\t\t\tvalidationsRefused_rs as validationsRefused,\n\t\t\t\t\t\teditions_rs as editions,\n\t\t\t\t\t\tmod_subobject_integer_edited.id as fieldID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer_edited,\n\t\t\t\t\t\tmod_object_polyobjects,\n\t\t\t\t\t\tresources,\n\t\t\t\t\t\tresourceStatuses\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID = '" . $itemID . "'\n\t\t\t\t\t\tand value = id_res\n\t\t\t\t\t\tand object_type_id_moo = '" . $objectID . "'\n\t\t\t\t\t\tand id_moo = objectID\n\t\t\t\t\t\tand objectFieldID = 0\n\t\t\t\t\t\tand objectSubFieldID = 0\n\t\t\t\t\t\tand status_res = id_rs\n\t\t\t\t\t\t{$where}\n\t\t\t\t";
$q = new CMS_query($sql);
if ($q->getNumRows() >= 1) {
$r = $q->getArray();
$id = $r["id"];
//here, this is an ugly hack to resolve a strange bug (multiple resources for an unique object).
//not time to found the real cause for now ...
if ($q->getNumRows() > 1) {
while ($exceptionFiledID = $q->getValue('fieldID')) {
$sql_delete = "delete from mod_subobject_integer_edited where id = '" . $exceptionFiledID . "'";
$q_delete = new CMS_query($sql_delete);
}
}
//search the type of edition
//RESOURCE_EDITION_LOCATION
if ($r["location"] == RESOURCE_LOCATION_USERSPACE && $r["proposedFor"] != 0 && !($r["validationsRefused"] & RESOURCE_EDITION_LOCATION) && $getEditionType & RESOURCE_EDITION_LOCATION) {
$language = $user->getLanguage();
$item = $this->getResourceByID($id);
$validation = new CMS_resourceValidation($this->_codename, RESOURCE_EDITION_LOCATION, $item);
if (!$validation->hasError()) {
$validation->setValidationTypeLabel($language->getMessage(self::MESSAGE_MOD_POLYMOD_VALIDATION_LOCATIONCHANGE, array($this->_primaryResourceObjectDefinition->getLabel($language)), MOD_POLYMOD_CODENAME));
$validation->setValidationLabel($language->getMessage(self::MESSAGE_MOD_POLYMOD_VALIDATION_LOCATIONCHANGE_OFRESOURCE, array($this->_primaryResourceObjectDefinition->getLabel($language)), MOD_POLYMOD_CODENAME) . " " . io::decodeEntities($item->{$this->_resourceNameMethod}()));
$validation->setValidationShortLabel(io::decodeEntities($item->{$this->_resourceNameMethod}()));
$previzURL = $item->getPrevizPageURL();
if ($previzURL) {
$validation->addHelpUrl($language->getMessage(self::MESSAGE_PAGE_ACTION_PREVIZ), $previzURL);
}
$validation->setEditorsStack($item->getEditorsStack());
return $validation;
} else {
return false;
}
//RESOURCE_EDITION_CONTENT
} elseif ($r["location"] == RESOURCE_LOCATION_USERSPACE && $r["proposedFor"] == 0 && ($r["editions"] & RESOURCE_EDITION_CONTENT && !($r["validationsRefused"] & RESOURCE_EDITION_CONTENT)) && $getEditionType & RESOURCE_EDITION_CONTENT) {
$language = $user->getLanguage();
$editions = $r["editions"];
//RESOURCE_EDITION_CONTENT
$item = $this->getResourceByID($id);
$validation = new CMS_resourceValidation($this->_codename, $editions, $item);
if (!$validation->hasError()) {
$validation->setValidationTypeLabel($language->getMessage(self::MESSAGE_MOD_POLYMOD_VALIDATION_EDITION, array($this->_primaryResourceObjectDefinition->getLabel($language)), MOD_POLYMOD_CODENAME));
$validation->setValidationLabel($language->getMessage(self::MESSAGE_MOD_POLYMOD_VALIDATION_EDITION_OFRESOURCE, array($this->_primaryResourceObjectDefinition->getLabel($language)), MOD_POLYMOD_CODENAME) . " " . io::decodeEntities($item->{$this->_resourceNameMethod}()));
$validation->setValidationShortLabel(io::decodeEntities($item->{$this->_resourceNameMethod}()));
$previzURL = $item->getPrevizPageURL();
if ($previzURL) {
$validation->addHelpUrl($language->getMessage(self::MESSAGE_PAGE_ACTION_PREVIZ), $previzURL);
}
$validation->setEditorsStack($item->getEditorsStack());
return $validation;
} else {
return false;
}
}
} elseif ($q->getNumRows() == 0) {
return false;
} else {
$this->raiseError("Can't have more than one item for a given ID");
return false;
}
} else {
return false;
}
}
/**
* Get field search SQL request (used by class CMS_object_search)
*
* @param integer $fieldID : this field id in object (aka $this->_field->getID())
* @param integer $value : the category value to search
* @param string $operator : additionnal search operator
* @param string $where : where clauses to add to SQL
* @param boolean $public : values are public or edited ? (default is edited)
* @return string : the SQL request
* @access public
*/
function getFieldSearchSQL($fieldID, $value, $operator, $where, $public = false)
{
$statusSuffix = $public ? "_public" : "_edited";
$supportedOperator = array('editableOnly', 'strict', 'not in', 'not in strict');
if ($operator && !in_array($operator, $supportedOperator)) {
$this->raiseError("Unkown search operator : " . $operator . ", use default search instead");
$operator = false;
}
if ($operator == 'editableOnly') {
global $cms_user;
//get module codename
$moduleCodename = CMS_poly_object_catalog::getModuleCodenameForField($this->_field->getID());
//get a list of all viewvable categories for current user
$editableCats = array_keys(CMS_moduleCategories_catalog::getViewvableCategoriesForProfile($cms_user, $moduleCodename, true, true));
//if no viewvable categories, user has no rights to view anything
if (!$editableCats) {
return false;
}
//add previously found IDs to where clause
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t\tand value in (" . @implode(',', $editableCats) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t";
$q = new CMS_query($sql);
$IDs = array();
if (!$q->hasError()) {
while ($id = $q->getValue('objectID')) {
$IDs[$id] = $id;
}
}
//if no results, no need to continue
if (!$IDs) {
return false;
}
$where = $IDs ? ' and objectID in (' . implode(',', $IDs) . ')' : '';
}
if ($value == CMS_moduleCategory::LINEAGE_PARK_POSITION) {
//if it is a public search, and field is mandatory, no objects should be returned
if ($this->_field->getValue('required') && $public) {
return false;
}
$module = CMS_poly_object_catalog::getModuleCodenameForField($fieldID);
//add deleted cats to searchs
$viewvableCats = CMS_moduleCategories_catalog::getDeletedCategories($module);
//add zero value for objects without categories
$viewvableCats[] = 0;
//get object type id
$objectID = CMS_poly_object_catalog::getObjectIDForField($fieldID);
//first we get objects with deleted or no categories (value 0)
$sqlTmp = "\n\t\t\t\tselect\n\t\t\t\t\tdistinct objectID\n\t\t\t\tfrom\n\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\twhere\n\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\tand value in (" . implode(',', $viewvableCats) . ")\n\t\t\t\t\t{$where}\n\t\t\t\t";
$qTmp = new CMS_query($sqlTmp);
$deletedIDs = array();
while ($r = $qTmp->getArray()) {
if ($r['objectID']) {
$deletedIDs[$r['objectID']] = $r['objectID'];
}
}
//then if we get objects with no categories at all (not referenced in mod_subobject_integer table)
$sqlTmp = "\n\t\t\t\tselect\n\t\t\t\t\tdistinct objectID\n\t\t\t\tfrom\n\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\twhere\n\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t{$where}\n\t\t\t\t";
$qTmp = new CMS_query($sqlTmp);
$noCatsIDs = $catsIDs = array();
while ($r = $qTmp->getArray()) {
if ($r['objectID']) {
$catsIDs[$r['objectID']] = $r['objectID'];
}
}
$IDs = array();
if (preg_match_all('#\\d+#', $where, $IDs)) {
$IDs = array_shift($IDs);
}
$noCatsIDs = array_diff($IDs, $catsIDs);
$IDs = array_merge($deletedIDs, $noCatsIDs);
//if no results, no need to continue
if (!$IDs) {
return false;
}
//then we mix the too results and we return it as a fake SQL request to keep system compatibility
$sql = "\n\t\t\t\tselect\n\t\t\t\t\tdistinct id_moo as objectID\n\t\t\t\tfrom\n\t\t\t\t\tmod_object_polyobjects\n\t\t\t\twhere \n\t\t\t\t\tid_moo in (" . implode(',', $IDs) . ")\n\t\t\t\t";
} else {
if ($operator == 'strict') {
if (!is_array($value)) {
$value = array($value);
}
//get categories searched
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\tmodulesCategories\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t\tand id_mca = value\n\t\t\t\t\t\tand value in (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t";
} elseif ($operator == 'not in strict') {
if (!is_array($value)) {
$value = array($value);
}
//get categories searched
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\tmodulesCategories\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t\tand id_mca = value\n\t\t\t\t\t\tand value not in (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t";
} else {
if (!is_array($value)) {
$value = array($value);
}
$lineages = array();
foreach ($value as $catID) {
if ($catID) {
//get lineage of category searched
$lineages[] = CMS_moduleCategories_catalog::getLineageOfCategoryAsString($catID);
}
}
$sql = '';
if ($operator == 'not in') {
foreach ($lineages as $lineage) {
$sql .= $sql ? ' and ' : '';
$sql .= "\n\t\t\t\t\t\tlineage_mca != '" . SensitiveIO::sanitizeSQLString($lineage) . "'\n\t\t\t\t\t\tand lineage_mca not like '" . SensitiveIO::sanitizeSQLString($lineage) . ";%' ";
}
} else {
foreach ($lineages as $lineage) {
$sql .= $sql ? ' or ' : '';
$sql .= "\n\t\t\t\t\t\tlineage_mca = '" . SensitiveIO::sanitizeSQLString($lineage) . "'\n\t\t\t\t\t\tor lineage_mca like '" . SensitiveIO::sanitizeSQLString($lineage) . ";%' ";
}
}
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\tmodulesCategories\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t\tand id_mca=value\n\t\t\t\t\t\t" . ($sql ? " and (" . $sql . ") " : '') . "\n\t\t\t\t\t\t{$where}";
}
}
return $sql;
}
