public function replace($option = null)
{
$this->id = null;
if (empty($this->table)) {
return false;
}
$attributes = array_merge($this->_qualifiers, $this->_attributes);
if (empty($attributes)) {
return false;
}
$pairs = $attributes;
foreach ($pairs as $key => $value) {
if (is_null($value)) {
$pairs[$key] = 'NULL';
}
}
$attributeFields = $this->_capsulateFields(array_keys($attributes));
if (in_array(POD::dbms(), array('MySQL', 'MySQLi', 'SQLite3'))) {
// Those supports 'REPLACE'
$this->_query = 'REPLACE INTO ' . $this->table . ' (' . implode(',', $attributeFields) . ') VALUES(' . implode(',', $pairs) . ')';
if ($option == 'count') {
return POD::queryCount($this->_query);
}
if (POD::query($this->_query)) {
$this->id = POD::insertId();
return true;
}
return false;
} else {
$this->_query = 'SELECT * FROM ' . $this->table . $this->_makeWhereClause() . ' LIMIT 1';
if (POD::queryExistence($this->_query)) {
return $this->update($option);
} else {
return $this->insert($option);
}
}
}
static function add($email, $name)
{
global $database, $service, $user, $blog;
if (empty($email)) {
return 1;
}
if (!preg_match('/^[^@]+@([-a-zA-Z0-9]+\\.)+[-a-zA-Z0-9]+$/', $email)) {
return 2;
}
if (strcmp($email, Utils_Unicode::lessenAsEncoding($email, 64)) != 0) {
return 11;
}
$loginid = POD::escapeString(Utils_Unicode::lessenAsEncoding($email, 64));
$name = POD::escapeString(Utils_Unicode::lessenAsEncoding($name, 32));
$password = User::__generatePassword();
$authtoken = md5(User::__generatePassword());
if (POD::queryExistence("SELECT * FROM {$database['prefix']}Users WHERE loginid = '{$loginid}'")) {
return 9;
// User already exists.
}
if (POD::queryCell("SELECT COUNT(*) FROM {$database['prefix']}Users WHERE name = '{$name}'")) {
$name = $name . '.' . time();
}
$result = POD::query("INSERT INTO {$database['prefix']}Users (userid, loginid, password, name, created, lastlogin, host) VALUES (" . (User::__getMaxUserId() + 1) . ", '{$loginid}', '" . md5($password) . "', '{$name}', UNIX_TIMESTAMP(), 0, " . getUserId() . ")");
if (empty($result)) {
return 11;
}
$result = POD::query("INSERT INTO {$database['prefix']}UserSettings (userid, name, value) VALUES ('" . User::getUserIdByEmail($loginid) . "', 'AuthToken', '{$authtoken}')");
if (empty($result)) {
return 11;
}
return true;
}
<input type="radio" id="publishedPreserve" class="radio" name="published" value="2" <?php
echo isset($entry['appointed']) ? 'checked="checked"' : '';
?>
/><label for="publishedPreserve" onclick="document.getElementById('appointed').select()"><?php
echo _t('예약');
?>
</label>
<input type="text" id="appointed" class="input-text" name="appointed" value="<?php
echo Timestamp::format5(isset($entry['appointed']) ? $entry['appointed'] : $entry['published']);
?>
" onfocus="document.getElementById('editor-form').published[document.getElementById('editor-form').published.length - 1].checked = true" onkeypress="return preventEnter(event);" />
</div>
</dd>
</dl>
<?php
$countResult = POD::queryExistence("SELECT id FROM {$database['prefix']}Entries WHERE blogid = " . getBlogId() . " AND visibility = 3");
?>
<dl id="status-line" class="line">
<dt><span class="label"><?php
echo _t('공개여부');
?>
</span></dt>
<dd>
<div id="status-private" class="status-private"><input type="radio" id="visibility_private" class="radio" name="visibility" value="0"<?php
echo abs($entry['visibility']) == 0 ? ' checked="checked"' : '';
?>
/><label for="visibility_private"><?php
echo _t('비공개');
?>
</label></div>
<div id="status-protected" class="status-protected"<?php
function doesExist($id)
{
global $database;
if (!Validator::number($id, 1)) {
return false;
}
return POD::queryExistence("SELECT id FROM {$database['prefix']}Entries WHERE blogid = " . getBlogId() . " AND id = {$id} AND category = -2 AND draft = 0");
}
function setSecondaryDomain($blogid, $domain)
{
$ctx = Model_Context::getInstance();
requireModel('blog.feed');
$domain = Utils_Unicode::lessenAsEncoding(strtolower(trim($domain)), 64);
if ($domain == $ctx->getProperty('blog.secondaryDomain')) {
return 0;
}
if (empty($domain)) {
Setting::setBlogSettingGlobal('secondaryDomain', '');
} else {
if (Validator::domain($domain)) {
if (POD::queryExistence("SELECT * FROM " . $ctx->getProperty('database.prefix') . "BlogSettings \n\t\t\tWHERE blogid <> {$blogid} \n\t\t\t\tAND name = 'secondaryDomain'\n\t\t\t\tAND (value = '{$domain}' OR value = '" . (substr($domain, 0, 4) == 'www.' ? substr($domain, 4) : 'www.' . $domain) . "')")) {
return 1;
}
Setting::setBlogSettingGlobal('secondaryDomain', $domain);
} else {
return 2;
}
}
$ctx->setProperty('blog.secondaryDomain', $domain);
clearFeed();
return 0;
}
function addFeed($blogid, $group = 0, $url, $getEntireFeed = true, $htmlURL = '', $blogTitle = '', $blogDescription = '')
{
global $database;
if (strpos(strtolower($url), 'http://') !== 0) {
$url = 'http://' . $url;
}
$url = rtrim($url, '/');
$escapedURL = POD::escapeString($url);
if (POD::queryExistence("SELECT f.id FROM {$database['prefix']}Feeds f, {$database['prefix']}FeedGroups g, {$database['prefix']}FeedGroupRelations r WHERE r.blogid = {$blogid} AND r.blogid = g.blogid AND r.feed = f.id AND r.groupid = g.id AND f.xmlurl = '{$escapedURL}'")) {
return 1;
}
if ($id = POD::queryCell("SELECT id FROM {$database['prefix']}Feeds WHERE xmlurl = '{$escapedURL}'")) {
POD::query("INSERT INTO {$database['prefix']}FeedGroupRelations VALUES({$blogid}, {$id}, {$group})");
return 0;
}
if ($getEntireFeed) {
list($status, $feed, $xml) = getRemoteFeed($url);
if ($status > 0) {
return $status;
}
$id = POD::queryCell("SELECT max(id) FROM {$database['prefix']}Feeds");
if (!$id) {
$id = 0;
}
$id++;
POD::query("INSERT INTO {$database['prefix']}Feeds VALUES({$id}, '{$feed['xmlurl']}', '{$feed['blogURL']}', '{$feed['title']}', '{$feed['description']}', '{$feed['language']}', {$feed['modified']})");
POD::query("INSERT INTO {$database['prefix']}FeedGroupRelations VALUES({$blogid}, {$id}, {$group})");
saveFeedItems($id, $xml);
} else {
$htmlURL = POD::escapeString(Utils_Unicode::lessenAsEncoding($htmlURL));
$blogTitle = POD::escapeString(Utils_Unicode::lessenAsEncoding($blogTitle));
$blogDescription = POD::escapeString(Utils_Unicode::lessenAsEncoding(stripHTML($blogDescription)));
$id = POD::queryCell("SELECT max(id) FROM {$database['prefix']}Feeds");
if (!$id) {
$id = 0;
}
$id++;
POD::query("INSERT INTO {$database['prefix']}Feeds VALUES({$id}, '{$escapedURL}', '{$htmlURL}', '{$blogTitle}', '{$blogDescription}', 'en-US', 0)");
POD::query("INSERT INTO {$database['prefix']}FeedGroupRelations VALUES({$blogid}, {$id}, {$group})");
}
return 0;
}
function changeCategoryOfEntries($blogid, $entries, $category)
{
global $database;
requireModel("blog.category");
requireModel("blog.feed");
$targets = array_unique(preg_split('/,/', $entries, -1, PREG_SPLIT_NO_EMPTY));
$effectedCategories = array();
if (count($targets) < 1 || !is_numeric($category)) {
return false;
}
if ($category == -1) {
// Check Keyword duplication
foreach ($targets as $entryId) {
$title = POD::queryCell("SELECT title FROM {$database['prefix']}Entries WHERE blogid = {$blogid} AND id = {$entryId} AND draft = 0");
if (is_null($title)) {
return false;
}
if (POD::queryExistence("SELECT id FROM {$database['prefix']}Entries WHERE blogid = {$blogid} AND id <> {$entryId} AND draft = 0 AND title = '{$title}' AND category = -1") == true) {
return false;
}
}
} else {
$parent = getParentCategoryId($blogid, $categoryId);
array_push($effectedCategories, $parent);
}
foreach ($targets as $entryId) {
list($effectedCategoryId, $oldVisibility) = POD::queryRow("SELECT category, visibility FROM {$database['prefix']}Entries WHERE blogid = {$blogid} AND id = {$entryId} AND draft = 0");
$visibility = $oldVisibility;
if ($category < 0) {
if ($visibility == 1) {
$visibility = 0;
}
if ($visibility == 3) {
$visibility = 2;
}
}
if ($oldVisibility == 3 && $visibility != 3) {
syndicateEntry($entryId, 'delete');
}
POD::execute("UPDATE {$database['prefix']}Entries SET category = {$category} , visibility = {$visibility} WHERE blogid = {$blogid} AND id = {$entryId}");
if (!in_array($effectedCategoryId, $effectedCategories)) {
array_push($effectedCategories, $effectedCategoryId);
$parent = getParentCategoryId($blogid, $effectedCategoryId);
if (!is_null($parent)) {
array_push($effectedCategories, $parent);
}
}
}
$effected = false;
foreach ($effectedCategories as $effectedCategory) {
updateEntriesOfCategory($blogid, $effectedCategory);
$effected = true;
}
if (updateEntriesOfCategory($blogid, $category)) {
if ($effected) {
clearFeed();
CacheControl::flushDBCache('comment');
CacheControl::flushDBCache('trackback');
}
return true;
}
return false;
}
function modifyCategory($blogid, $id, $name, $bodyid)
{
$ctx = Model_Context::getInstance();
requireModel('blog.feed');
if ($id == 0) {
checkRootCategoryExistence($blogid);
}
if (empty($name) && empty($bodyid)) {
return false;
}
$row = POD::queryRow("SELECT p.name, p.id\n\t\tFROM " . $ctx->getProperty('database.prefix') . "Categories c\n\t\tLEFT JOIN " . $ctx->getProperty('database.prefix') . "Categories p ON c.parent = p.id\n\t\tWHERE c.blogid = {$blogid} AND c.id = {$id}");
$label = $row['name'];
// $parentId = $row['id'];
// if (!empty($parentId)) {
// $parentStr = "AND parent = $parentId";
// } else
// $parentStr = 'AND parent is null';
$name = POD::escapeString(Utils_Unicode::lessenAsEncoding($name, 127));
$bodyid = POD::escapeString(Utils_Unicode::lessenAsEncoding($bodyid, 20));
if (POD::queryExistence("SELECT name\n\t\tFROM " . $ctx->getProperty('database.prefix') . "Categories\n\t\tWHERE blogid = {$blogid} AND name = '" . $name . "' AND bodyid = '" . $bodyid . "'")) {
return false;
}
$label = POD::escapeString(Utils_Unicode::lessenAsEncoding(empty($label) ? $name : "{$label}/{$name}", 255));
$sql = "SELECT *\n\t\tFROM " . $ctx->getProperty('database.prefix') . "Categories\n\t\tWHERE blogid = {$blogid}\n\t\t\tAND id = {$id}";
// $sql = "SELECT count(*) FROM ".$ctx->getProperty('database.prefix')."Categories WHERE blogid = $blogid AND name='$name' $parentStr";
if (POD::queryExistence($sql) == false) {
return false;
}
$result = POD::query("UPDATE " . $ctx->getProperty('database.prefix') . "Categories\n\t\tSET name = '{$name}',\n\t\t\tlabel = '{$label}',\n\t\t\tbodyid = '{$bodyid}'\n\t\tWHERE blogid = {$blogid}\n\t\t\tAND id = {$id}");
if ($result) {
clearFeed();
}
updateEntriesOfCategory($blogid, $id);
CacheControl::flushCategory($id);
return $result ? true : false;
}
function deleteComment($blogid, $id, $entry, $password)
{
global $database;
if (!is_numeric($id)) {
return false;
}
if (!is_numeric($entry)) {
return false;
}
$guestcomment = false;
if (POD::queryExistence("SELECT * FROM {$database['prefix']}Comments WHERE blogid = {$blogid} AND id = {$id} AND replier IS NULL")) {
$guestcomment = true;
}
$wherePassword = '';
$sql = "DELETE FROM {$database['prefix']}Comments\n\t\tWHERE blogid = {$blogid}\n\t\t\tAND id = {$id}\n\t\t\tAND entry = {$entry}";
if (!doesHaveOwnership()) {
if (Acl::getIdentity('openid') && empty($password)) {
$wherePassword = '******'' . Acl::getIdentity('openid') . '\'';
} else {
if ($guestcomment == false) {
if (!doesHaveMembership()) {
return false;
}
$wherePassword = '******' . getUserId();
} else {
$wherePassword = '******'' . md5($password) . '\'';
}
}
}
if (POD::queryCount($sql . $wherePassword)) {
CacheControl::flushCommentRSS($entry);
CacheControl::flushDBCache('comment');
updateCommentsOfEntry($blogid, $entry);
return true;
}
return false;
}
public function replace($option = null)
{
$this->id = null;
if (empty($this->table)) {
return false;
}
$this->_called = true;
// Use first qualifiers when multiple conditions exist.
$qualifiers = array();
if (!empty($this->_qualifiers)) {
foreach ($this->_qualifiers as $key => $index) {
$qualifiers[$key] = reset($index);
}
}
$attributes = array_merge($qualifiers, $this->_attributes);
if (empty($attributes)) {
return false;
}
$pairs = $attributes;
foreach ($pairs as $key => $value) {
if (is_null($value)) {
$pairs[$key] = 'NULL';
}
}
$attributeFields = $this->_capsulateFields(array_keys($attributes));
if (in_array(POD::dbms(), array('MySQLnd', 'MySQLi', 'SQLite3'))) {
// Those supports 'REPLACE'
$this->_query = 'REPLACE INTO ' . $this->_getTableName() . ' (' . implode(',', $attributeFields) . ') VALUES(' . implode(',', $pairs) . ')';
if ($option == 'count') {
return POD::queryCount($this->_query);
}
$result = POD::query($this->_query);
if ($result) {
$this->id = POD::insertId();
$this->_manage_pool_stack();
return true;
}
return false;
} else {
$this->_query = 'SELECT * FROM ' . $this->_getTableName() . $this->_makeWhereClause() . ' LIMIT 1';
$result = POD::queryExistence($this->_query);
if ($result) {
return $this->update($option);
} else {
return $this->insert($option);
}
}
}
function addBlog($blogid, $userid, $identify)
{
global $database, $service;
if (empty($userid)) {
$userid = 1;
// If no userid, choose the service administrator.
} else {
if (!POD::queryExistence("SELECT userid\n\t\t\tFROM {$database['prefix']}Users\n\t\t\tWHERE userid = " . $userid)) {
return 3;
}
// 3: No user exists with specific userid
}
if (!empty($blogid)) {
// If blogid,
if (!POD::queryExistence("SELECT blogid\n\t\t\tFROM {$database['prefix']}BlogSettings\n\t\t\tWHERE blogid = " . $blogid)) {
return 2;
// 2: No blog exists with specific blogid
}
// Thus, blog and user exists. Now combine both.
$result = POD::query("INSERT INTO {$database['prefix']}Privileges\n\t\t\t(blogid,userid,acl,created,lastlogin) \n\t\t\tVALUES({$blogid}, {$userid}, 0, UNIX_TIMESTAMP(), 0)");
return $result;
} else {
// If no blogid, create a new blog.
if (!preg_match('/^[a-zA-Z0-9]+$/', $identify)) {
return 4;
}
// Wrong Blog name
$identify = POD::escapeString(UTF8::lessenAsEncoding($identify, 32));
$blogName = $identify;
$result = POD::queryCount("SELECT * \n\t\t\tFROM {$database['prefix']}ReservedWords\n\t\t\tWHERE word = '{$blogName}'");
if ($result && $result > 0) {
return 60;
// Reserved blog name.
}
$result = POD::queryCount("SELECT value \n\t\t\tFROM {$database['prefix']}BlogSettings \n\t\t\tWHERE name = 'name' AND value = '{$blogName}'");
if ($result && $result > 0) {
return 61;
// Same blogname is already exists.
}
$blogid = POD::queryCell("SELECT max(blogid)\n\t\t\tFROM {$database['prefix']}BlogSettings") + 1;
$baseTimezone = POD::escapeString($service['timezone']);
$basicInformation = array('name' => $identify, 'defaultDomain' => 0, 'title' => '', 'description' => '', 'logo' => '', 'logoLabel' => '', 'logoWidth' => 0, 'logoHeight' => 0, 'useFeedViewOnCategory' => 1, 'useSloganOnPost' => 1, 'useSloganOnCategory' => 1, 'useSloganOnTag' => 1, 'entriesOnPage' => 10, 'entriesOnList' => 10, 'entriesOnRSS' => 10, 'commentsOnRSS' => 10, 'publishWholeOnRSS' => 1, 'publishEolinSyncOnRSS' => 1, 'allowWriteOnGuestbook' => 1, 'allowWriteDblCommentOnGuestbook' => 1, 'visibility' => 2, 'language' => $service['language'], 'blogLanguage' => $service['language'], 'timezone' => $baseTimezone);
$isFalse = false;
foreach ($basicInformation as $fieldname => $fieldvalue) {
if (setBlogSettingDefault($fieldname, $fieldvalue, $blogid) === false) {
$isFalse = true;
}
}
if ($isFalse == true) {
POD::query("DELETE FROM {$database['prefix']}BlogSettings WHERE blogid = {$blogid}");
return 12;
}
if (!POD::query("INSERT INTO {$database['prefix']}SkinSettings (blogid) VALUES ({$blogid})")) {
deleteBlog($blogid);
return 13;
}
if (!POD::query("INSERT INTO {$database['prefix']}FeedSettings \n\t\t\t(blogid) VALUES ({$blogid})")) {
deleteBlog($blogid);
return 62;
}
if (!POD::query("INSERT INTO {$database['prefix']}FeedGroups \n\t\t\t(blogid, id) \n\t\t\tVALUES ({$blogid}, 0)")) {
deleteBlog($blogid);
return 62;
}
setBlogSetting('defaultEditor', 'modern', $blogid);
setBlogSetting('defaultFormatter', 'ttml', $blogid);
//Combine user and blog.
if (POD::query("INSERT INTO {$database['prefix']}Privileges \n\t\t\t(blogid,userid,acl,created,lastlogin) \n\t\t\tVALUES({$blogid}, {$userid}, 16, UNIX_TIMESTAMP(), 0)")) {
setDefaultPost($blogid, $userid);
return true;
} else {
return 65;
}
}
//return true; // unreachable code
}
/// See the GNU General Public License for more details. (/documents/LICENSE, /documents/COPYRIGHT)
$IV = array('GET' => array('mark' => array('int', 0, 2, 'default' => 0), 'command' => array('string', 'mandatory' => false)), 'POST' => array('mark' => array('int', 0, 2, 'default' => 0), 'command' => array('string', 'mandatory' => false)));
require ROOT . '/library/preprocessor.php';
importlib("model.blog.entry");
requireStrictRoute();
// TeamBlog ACL check whether or not current user can edit this post.
if (Acl::check('group.writers') === false && !empty($suri['id'])) {
if (getUserIdOfEntry(getBlogId(), $suri['id']) != getUserId()) {
@header("location:" . $context->getProperty('uri.blog') . "/owner/entry");
exit;
}
}
//$isAjaxRequest = checkAjaxRequest();
if (!isset($_GET['command'])) {
$temp = setEntryStar($suri['id'], isset($_GET['mark']) ? $_GET['mark'] : 1) == true ? 0 : 1;
$countResult = POD::queryExistence("SELECT id \n\t\t\tFROM {$database['prefix']}Entries \n\t\t\tWHERE blogid = " . getBlogId() . " AND starred = " . $_GET['mark']);
if ($countResult == false) {
$countResult = 0;
} else {
$countResult = 1;
fireEvent('ChangeStarred', $_GET['mark'], $suri['id']);
}
Respond::PrintResult(array('error' => $temp), false);
} else {
switch ($_GET['command']) {
case "unmark":
$_GET['command'] = 1;
break;
case "mark":
$_GET['command'] = 2;
break;
function isFiltered($type, $value)
{
global $database;
switch ($type) {
case 'ip':
$ip = explode('.', $value);
$conditions = array();
for ($i = 1; $i <= 4; $i++) {
$pattern = array_slice($ip, 0, $i);
if (($num = count($pattern)) < 4) {
for ($j = 0; $j < 4 - $num; $j++) {
$pattern[] = '*';
}
}
$conditions[] = 'pattern = "' . POD::escapeString(implode('.', $pattern)) . '"';
}
if (!empty($conditions)) {
$conditions = ' AND (' . implode(' OR ', $conditions) . ')';
} else {
$conditions = ' AND 1 = 0';
}
return POD::queryExistence("SELECT * FROM {$database['prefix']}Filters WHERE blogid = " . getBlogId() . " AND filtertype = 'ip'" . $conditions . ' LIMIT 1');
default:
$type = POD::escapeString($type);
$value = POD::escapeString(strtolower($value));
return POD::queryExistence("SELECT * FROM {$database['prefix']}Filters WHERE blogid = " . getBlogId() . " AND filtertype = '{$type}' AND '{$value}' LIKE CONCAT('%', LOWER(pattern), '%') LIMIT 1");
}
}
function doesExist($name)
{
global $database;
if (!Validator::filename($name)) {
return null;
}
return POD::queryExistence("SELECT parent FROM {$database['prefix']}Attachments WHERE blogid = " . getBlogId() . " AND name = '{$name}'");
}
function doesAcceptTrackback($id)
{
global $database;
$this->init();
if (!Validator::number($id, 1)) {
return false;
}
return POD::queryExistence("SELECT id \n\t\t\tFROM {$database['prefix']}Entries \n\t\t\tWHERE blogid = " . $this->blogid . " AND id = {$id} AND draft = 0 AND visibility > 0 AND category >= 0 AND accepttrackback = 1");
}
} else {
showCheckupMessage(false);
}
}
if (!doesExistTable($database['prefix'] . 'Widgets')) {
$changed = true;
echo '<li>', _text('위젯 기능 및 오픈소셜 지원을 위한 테이블을 만듭니다'), ': ';
$query = "\n\t\tCREATE TABLE {$database['prefix']}Widgets (\n\t\t id int(11) NOT NULL default 1,\n\t\t blogid int(11) NOT NULL default 1,\n\t\t title varchar(64) NOT NULL default 'Widget',\n\t\t author varchar(32) NOT NULL default 'Textcube',\n\t\t email varchar(32) DEFAULT NULL,\n\t\t screenshot varchar(128) DEFAULT NULL,\n\t\t thumbnail varchar(128) DEFAULT NULL,\n\t\t titleurl varchar(128) DEFAULT NULL,\n\t\t authorlink varchar(128) default null,\n\t\t authorlocation varchar(32) default null,\n\t\t authorphoto varchar(128) DEFAULT NULL,\n\t\t height int(11) DEFAULT NULL,\n\t\t scrolling int(1) default 0,\n\t\t feature varchar(32) default 'opensocial',\n\t\t content text NOT NULL default '',\n\t\t PRIMARY KEY(id),\n\t\t KEY(blogid)\n\t\t) TYPE=MyISAM\n\t\t";
if (POD::execute($query . ' DEFAULT CHARSET=utf8') || POD::execute($query)) {
showCheckupMessage(true);
} else {
showCheckupMessage(false);
}
}
/* From Textcube 1.8.4 */
if (!POD::queryExistence("DESC {$database['prefix']}RemoteResponseLogs responsetype")) {
$changed = true;
echo '<li>', _text('트랙백과 핑백의 출력을 위하여 필드 속성을 변경합니다.'), ': ';
if (POD::execute("ALTER TABLE {$database['prefix']}RemoteResponseLogs CHANGE type responsetype ENUM('trackback','pingback') NOT NULL DEFAULT 'trackback'")) {
showCheckupMessage(true);
} else {
showCheckupMessage(false);
}
}
if (Setting::getServiceSetting('useNewPluginSetting', false, true) != true) {
$changed = true;
echo '<li>', _text('플러그인 환경 설정 저장 방식을 변경합니다.'), ': ';
$query = DBModel::getInstance();
$query->reset('Plugins');
if ($candidates = $query->getAll()) {
foreach ($candidates as $c) {
