public function change($name, $author, $symbol, $description, $documentation) { if (!$this->_user->entrycan("changeentry", $this)) { return false; } if (!$author && $this->_user->name()) { $author = $this->_user->name(); } $db = new CodeKBDatabase(); $db->dosql("UPDATE entries " . "SET name = '{$db->string($name)}', " . "author = '{$db->string($author)}', " . "symbol = '{$db->string($symbol)}', " . "description = '{$db->string($description)}', " . "documentation = '{$db->string($documentation)}', " . "modified = now()" . "WHERE id = {$db->number($this->_id)}"); if ($db->success()) { $this->_name = $name; $this->_author = $author; $this->_symbol = $symbol; $this->_description = $description; return true; } throw new CodeKBException(__METHOD__, "entry", "failedchange", $name); }
function buildsearchquery($type) { global $lang; $query = "SELECT DISTINCT entries.id, " . "entries.name, " . "entries.author, " . "entries.description, " . "entries.symbol, " . "entries.created, " . "entries.modified " . "FROM "; $keywords = preg_split("/\\s+/", trim($_POST['query'])); $count = count($keywords); if ($type == "pgsql") { for ($i = 0; $i < $count; $i++) { $query .= "entries_fti i" . $i . ", "; } } if (is_array($_POST['cats'])) { $query .= " entry_cat, "; } $query .= "entries WHERE "; if ($type == "pgsql") { $query .= "entries.oid = i0.id AND "; } if ($_POST['author']) { $query .= "lower(entries.author) = lower('" . CodeKBDatabase::string($_POST['author']) . "') AND "; } $a = 1; $b = count($_POST['cats']); while (is_array($_POST['cats']) && !is_null($val = array_shift($_POST['cats']))) { if ($a == 1) { $query .= "entries.id = entry_cat.entry AND ( "; } $query .= "entry_cat.cat = " . CodeKBDatabase::number($val) . " "; if ($a != $b) { $query .= "OR "; } else { $query .= ") AND "; } $a++; } if ($_POST['age'] != $lang['search']['all'] && $_POST['whichage']) { if ($_POST['whichage'] == $lang['sort']['sortbymodifydate']) { $wage = "modified"; } else { $wage = "created"; } switch ($_POST['age']) { case $lang['search']['1day']: $age = 86400; break; case $lang['search']['7days']: $age = 604800; break; case $lang['search']['1month']: $age = 2592000; break; case $lang['search']['3months']: $age = 7776000; break; case $lang['search']['6months']: $age = 15552000; break; case $lang['search']['1year']: $age = 31536000; break; default: $age = time(); } $query .= "entries." . CodeKBDatabase::string($wage) . " > '" . CodeKBDatabase::string(date("Y-m-d H:i:s", time() - $age)) . "' AND "; } $i = 0; if ($type == "mysql") { $query .= "("; } while (is_array($keywords) && !is_null($val = array_shift($keywords))) { if ($val == "*" || $val == "?") { $val = ""; } if ($type == "pgsql") { $query .= ($i == 0 ? "" : "AND ") . "i" . $i . ".string ~ lower('^" . CodeKBDatabase::string($val) . "') "; if ($i > 0) { $query .= "AND i" . ($i - 1) . ".id = i" . $i . ".id "; } $i++; } if ($type == "mysql") { $query .= ($i == 0 ? "" : "OR ") . " entries.description LIKE '%" . CodeKBDatabase::string($val) . "%' OR entries.documentation LIKE '%" . CodeKBDatabase::string($val) . "%' "; } $i++; } if ($type == "mysql") { $query .= ") "; } $sortorder = false; switch ($_POST['sort']) { case $lang['sort']['sortbycreatedate']: $sort = "entries.created"; break; case $lang['sort']['sortbymodifydate']: $sort = "entries.modified"; break; case $lang['sort']['sortbyname']: default: $sort = "entries.name"; } switch ($_POST['order']) { case $lang['sort']['descending']: $order = "DESC"; break; case $lang['sort']['ascending']: default: $order = "ASC"; } $query .= "ORDER BY " . $sort . " " . $order; echo $query; return $query; }
function change($name, $highlight, $symbol, $newupload = null) { // return values // 1 upload failed if (!$this->_user->entrycan("changeentry", $this->_entry)) { return false; } // Do we want to exchange our file with a new one? if ($newupload) { // First upload new one and then delete the old global $HTTP_POST_FILES; $fs_name = null; if (is_uploaded_file($HTTP_POST_FILES[$newupload]['tmp_name'])) { $fs_name = $this->upload($newupload); } if (!$fs_name) { throw new CodeKBException(__METHOD__, "file", "failedchange", $name, 1); } else { $size = $HTTP_POST_FILES[$newupload]['size']; } } else { $fs_name = $this->_fsname; $size = $this->_size; } $db = new CodeKBDatabase(); $db->dosql("UPDATE files " . "SET name = '{$db->string($name)}', " . "fs_name = '{$db->string($fs_name)}', " . "size = {$db->number($size)}, " . "highlight = '{$db->string($highlight)}', " . "symbol = '{$db->string($symbol)}', " . "modified = now() " . "WHERE id = {$db->number($this->_id)}"); if (!$db->success()) { throw new CodeKBException(__METHOD__, "file", "failedchange", $name); } // Remove old file if ($newupload) { $this->delink(); } $this->_name = $name; $this->_fs_name = $fs_name; $this->_size = $size; $this->_highlight = $highlight; $this->_symbol = $symbol; return true; }
function entrycan($what, &$entry, $cache = true) { // Do something for a bit more performance: // Cache the last request because we often query // just one entry per page static $lastentry; static $lastcat; if (is_null($entry)) { return false; } if (is_object($entry)) { $id = $entry->id(); } else { $id = $entry; } if ($cache && $id == $lastentry) { $array = $lastcat; } else { $db = new CodeKBDatabase(); $db->dosql("SELECT cat " . "FROM entry_cat " . "WHERE entry = {$db->number($id)}"); $lastentry = $id; $array = $db->all(); $lastcat = $array; } $succ = false; while (is_array($array) && ($val = array_pop($array))) { if ($this->can($what, $val['cat'], $cache)) { $succ = true; break; } } if ($succ) { return true; } return false; }
public function partgroup($user, $group) { $db = new CodeKBDatabase(); $db->dosql("DELETE FROM group_user " . "WHERE userid = {$db->number($user)} AND " . "groupid = {$db->number($group)}"); if ($db->success()) { return true; } throw new CodeKBException(__METHOD__, "admin", "failedpart"); }
public function delete(&$dbobj = null, $level = 0) { // return values // 1 aborted recursion // Are we at the first recursion level? if (is_null($dbobj)) { $first = true; $db = new CodeKBDatabase(); $db->start(); $dbobj =& $db; } else { $first = false; $db =& $dbobj; } if ($this->_id == 0 || !$this->_user->can("delcat", $this)) { $db->abort(); return false; } $entries = $this->listentries(); foreach ($entries as $val) { $tmpentry = new CodeKBEntry($val['id'], $this->_user); $tmpentry->delink($this->_id); unset($tmpentry); } $db->dosql("SELECT id " . "FROM categories " . "WHERE parent = {$db->number($this->_id)}", $level); while ($val = $db->row($level)) { $subcat = new CodeKBCategory($val['id'], $this->_user); if (!$subcat->delete($db, $level + 1)) { $db->abort(); throw new CodeKBException(__METHOD__, "category", "faileddel", null, 1); } unset($subcat); } $db->dosql("DELETE FROM rights " . "WHERE category = {$db->number($this->_id)}", $level); $db->dosql("DELETE FROM categories " . "WHERE id = {$db->number($this->_id)}", $level); if ($first) { $db->commit(); } else { return $db->success(); } if ($db->success()) { return true; } $db->abort(); throw new CodeKBException(__METHOD__, "category", "faileddel"); }