Пример #1
0
 function buildPermissionsArray($force = 0, $down = 0)
 {
     if (!$force && $this->builtPermissions) {
         return;
     }
     $scope = get_class($this);
     $site = $this->owning_site;
     $id = $this->id;
     // the SQL queries for obtaining the permissions vary with the scope type. Thus, we have 4 cases, 1 for each scope type.
     // editors can be either institute, everyone, a username or a ugroup name
     // we need two queries for any one scope
     // CASE 1: scope is SITE
     if ($scope == 'site') {
         $query = "\nSELECT\n\tuser_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,\n\tMAKE_SET(IFNULL((permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\nFROM\n\tsite\n\t\tINNER JOIN\n\tsite_editors ON\n\t\tsite_id = " . $this->id . "\n\t\t\tAND\n\t\tsite_id = FK_site\n\t\tLEFT JOIN\n\tuser ON\n\t\tsite_editors.FK_editor = user_id\n\t\tLEFT JOIN\n\tugroup ON\n\t\tsite_editors.FK_editor = ugroup_id\n\t\tLEFT JOIN\n\tpermission ON\n\t\tsite_id  = FK_scope_id\n\t\t\tAND\n\t\tpermission_scope_type = 'site'\n\t\t\tAND\n\t\tpermission.FK_editor <=> site_editors.FK_editor\n\t\t\tAND\n\t\tpermission_editor_type = site_editors_type\n";
     } else {
         if ($scope == 'section') {
             $query = "\nSELECT\n\tuser_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,\n\tMAKE_SET(IFNULL((p1.permission_value+0),0) | IFNULL((p2.permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\nFROM\n\tsite\n\t\tINNER JOIN\n\tsection\n\t\tON site_id = section.FK_site\n\t\t\tAND\n\t\tsection_id = " . $this->id . "\n\t\tINNER JOIN\n\tsite_editors ON\n\t\tsite_id = site_editors.FK_site\n\t\tLEFT JOIN\n\tuser ON\n\t\tsite_editors.FK_editor = user_id\n\t\tLEFT JOIN\n\tugroup ON\n\t\tsite_editors.FK_editor = ugroup_id\n\t\tLEFT JOIN\n\tpermission as p1 ON\n\t\tsite_id  = p1.FK_scope_id\n\t\t\tAND\n\t\tp1.permission_scope_type = 'site'\n\t\t\tAND\n\t\tp1.FK_editor <=> site_editors.FK_editor\n\t\t\tAND\n\t\tp1.permission_editor_type = site_editors_type\n\t\tLEFT JOIN \n\tpermission as p2 ON\n\t\tsection_id  = p2.FK_scope_id\n\t\t\tAND\n\t\tp2.permission_scope_type = 'section'\n\t\t\tAND\n\t\tp2.FK_editor <=> site_editors.FK_editor\n\t\t\tAND\n\t\tp2.permission_editor_type = site_editors_type\n";
         } else {
             if ($scope == 'page') {
                 $query = "\nSELECT\n\tuser_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,\n\tMAKE_SET(IFNULL((p1.permission_value+0),0) | IFNULL((p2.permission_value+0),0) | IFNULL((p3.permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\nFROM\n\tsite\n\t\tINNER JOIN\n\tsection\n\t\tON site_id = section.FK_site\n\t\tINNER JOIN\n\tpage\n\t\tON section_id = page.FK_section\n\t\t\tAND\n\t\tpage_id = " . $this->id . "\n\t\tINNER JOIN\n\tsite_editors ON\n\t\tsite_id = site_editors.FK_site\n\t\tLEFT JOIN\n\tuser ON\n\t\tsite_editors.FK_editor = user_id\n\t\tLEFT JOIN\n\tugroup ON\n\t\tsite_editors.FK_editor = ugroup_id\n\t\tLEFT JOIN\n\tpermission as p1 ON\n\t\tsite_id  = p1.FK_scope_id\n\t\t\tAND\n\t\tp1.permission_scope_type = 'site'\n\t\t\tAND\n\t\tp1.FK_editor <=> site_editors.FK_editor\n\t\t\tAND\n\t\tp1.permission_editor_type = site_editors_type\n\t\tLEFT JOIN \n\tpermission as p2 ON\n\t\tsection_id  = p2.FK_scope_id\n\t\t\tAND\n\t\tp2.permission_scope_type = 'section'\n\t\t\tAND\n\t\tp2.FK_editor <=> site_editors.FK_editor\n\t\t\tAND\n\t\tp2.permission_editor_type = site_editors_type\n\t\tLEFT JOIN\n\tpermission as p3 ON\n\t\tpage_id  = p3.FK_scope_id\n\t\t\tAND\n\t\tp3.permission_scope_type = 'page'\n\t\t\tAND\n\t\tp3.FK_editor <=> site_editors.FK_editor\n\t\t\tAND\n\t\tp3.permission_editor_type = site_editors_type\n";
             } else {
                 if ($scope == 'story') {
                     $query = "\n\t\t\t\tSELECT\n\t\t\t\t\tuser_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,\n\t\t\t\t\tMAKE_SET(IFNULL((p1.permission_value+0),0) | IFNULL((p2.permission_value+0),0) | IFNULL((p3.permission_value+0),0) | IFNULL((p4.permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\n\t\t\t\tFROM\n\t\t\t\t\tsite\n\t\t\t\t\t\tINNER JOIN\n\t\t\t\t\tsection\n\t\t\t\t\t\tON site_id = section.FK_site\n\t\t\t\t\t\tINNER JOIN\n\t\t\t\t\tpage\n\t\t\t\t\t\tON section_id = page.FK_section\n\t\t\t\t\t\tINNER JOIN\n\t\t\t\t\tstory\n\t\t\t\t\t\tON page_id = story.FK_page\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tstory_id = '" . addslashes($this->id) . "'\n\t\t\t\t\t\tINNER JOIN\n\t\t\t\t\tsite_editors ON\n\t\t\t\t\t\tsite_id = site_editors.FK_site\n\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\tuser ON\n\t\t\t\t\t\tsite_editors.FK_editor = user_id\n\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\tugroup ON\n\t\t\t\t\t\tsite_editors.FK_editor = ugroup_id\n\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\tpermission as p1 ON\n\t\t\t\t\t\tsite_id  = p1.FK_scope_id\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp1.permission_scope_type = 'site'\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp1.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp1.permission_editor_type = site_editors_type\n\t\t\t\t\t\tLEFT JOIN \n\t\t\t\t\tpermission as p2 ON\n\t\t\t\t\t\tsection_id  = p2.FK_scope_id\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp2.permission_scope_type = 'section'\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp2.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp2.permission_editor_type = site_editors_type\n\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\tpermission as p3 ON\n\t\t\t\t\t\tpage_id  = p3.FK_scope_id\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp3.permission_scope_type = 'page'\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp3.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp3.permission_editor_type = site_editors_type\n\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\tpermission as p4 ON\n\t\t\t\t\t\tstory_id = p4.FK_scope_id\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp4.permission_scope_type = 'story'\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp4.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp4.permission_editor_type = site_editors_type\n\t\t\t\t";
                 }
             }
         }
     }
     // execute the query
     //		echo $query;
     $r = db_query($query);
     //echo "Query result: ".$r."<br />";
     // reset the editor array
     if ($r) {
         $this->editors = array();
         $this->permissions = array();
     }
     // for every permisson entry, add it to the permissions array
     while ($row = db_fetch_assoc($r)) {
         // decode 'final_permissions';
         // 'final_permissions' is a field returned by the query and contains a string of the form "'a','vi','e'" etc.
         $a = array();
         $dbPerms = explode(",", $row[permissions]);
         $a[v] = in_array('v', $dbPerms);
         $a[a] = in_array('a', $dbPerms);
         $a[e] = in_array('e', $dbPerms);
         $a[d] = in_array('d', $dbPerms);
         $a[di] = in_array('di', $dbPerms);
         // Trash the db perms variable.
         $dbPerms = NULL;
         unset($dbPerms);
         // if the editor is a user then the editor's name is just the user name
         // if the editor is 'institute' or 'everyone' then set the editor's name correspondingly
         if ($row[editor_type] == 'user') {
             $t_editor = $row[editor];
         } else {
             if ($row[editor_type] == 'ugroup') {
                 $t_editor = $row[editor2];
             } else {
                 $t_editor = $row[editor_type];
             }
         }
         // Everyone and institute can't have add, edit, or delete permissions.
         // Somehow, these were added sometimes. If this is the case, prevent
         // these from being set and reset those for the site.
         if ($t_editor == 'everyone' || $t_editor == 'institute') {
             // If we have a bad permission, do cleanup.
             if ($a[a] || $a[e] || $a[d]) {
                 // Make sure that zeros get passed on.
                 $a[a] = 0;
                 $a[e] = 0;
                 $a[d] = 0;
                 // Clean up the permissions
                 $this->owningSiteObj->setUserPermissionDown('add', $t_editor, 0);
                 $this->owningSiteObj->setUserPermissionDown('edit', $t_editor, 0);
                 $this->owningSiteObj->setUserPermissionDown('delete', $t_editor, 0);
                 $this->owningSiteObj->updatePermissionsDB(TRUE);
             }
         }
         //			echo "<br /><br />Editor: $t_editor; Add: $a[a]; Edit: $a[e]; Delete: $a[d]; View: $a[v];  Discuss: $a[di];";
         // set the permissions for this editor
         //			$this->permissions[strtolower($t_editor)] = array(
         $this->permissions[$t_editor] = array(permissions::ADD() => $a[a] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::ADD()], permissions::EDIT() => $a[e] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::EDIT()], permissions::DELETE() => $a[d] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::DELETE()], permissions::VIEW() => $a[v] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::VIEW()], permissions::DISCUSS() => $a[di] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::DISCUSS()]);
         // now add the editor to the editor array
         //			$this->editors[]=strtolower($t_editor);
         if ($t_editor) {
             $this->editors[] = $t_editor;
         }
     }
     //		print_r($this->permissions);
     $this->builtPermissions = 1;
     if ($down) {
         $ar = $this->_object_arrays[$scope];
         if ($ar) {
             $a =& $this->{$ar};
             if ($a) {
                 foreach ($a as $i => $o) {
                     $a[$i]->buildPermissionsArray($force, $down);
                 }
             }
         }
     }
 }
Пример #2
0
 function fetchSiteAtOnceForeverAndEverAndDontForgetThePermissionsAsWell_Amen($_section_id = 0, $_page_id = 0, $quick = false)
 {
     if ($this->site_does_not_exist) {
         return false;
     }
     if ($this->fetched_forever_and_ever) {
         return $this->id;
     }
     // no $full or $force here, always fetch everything, be strong and stubborn damnit!
     // connect to db and initialize data array
     global $dbuser, $dbpass, $dbdb, $dbhost;
     db_connect($dbhost, $dbuser, $dbpass, $dbdb);
     // delete temporary tables if they already exist
     $query = "DROP TABLE IF EXISTS t_sites";
     db_query($query);
     $query = "DROP TABLE IF EXISTS t_sections";
     db_query($query);
     $query = "DROP TABLE IF EXISTS t_pages";
     db_query($query);
     $query = "DROP TABLE IF EXISTS t_stories";
     db_query($query);
     // now, create the temporary tables. each table stores all siteunit ids for this site.
     // all stories for this site
     $query = "\n\t\t\tCREATE TEMPORARY TABLE t_stories(\n\t\t\t\tUNIQUE uniq (site_id,section_id,page_id,story_id),\n\t\t\t\tKEY site_id (site_id),\n\t\t\t\tKEY section_id (section_id),\n\t\t\t\tKEY page_id (page_id),\n\t\t\t\tKEY story_id (story_id)\n\t\t\t) TYPE=MyISAM\n\t\t\tSELECT\n\t\t\t\tsite_id, section_id, page_id, story_id, section_order, page_order, story_order\n\t\t\tFROM\n\t\t\t\tsite\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tsection ON FK_site = site_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tpage ON FK_section = section_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tstory ON FK_page = page_id\n\t\t\tWHERE\n\t\t\t\tsite_id = '" . addslashes($this->id) . "' \n\t\t";
     db_query($query);
     // all pages for this site
     $query = "\n\t\t\tCREATE TEMPORARY TABLE t_pages (\n\t\t\t\tUNIQUE uniq (site_id, section_id, page_id),\n\t\t\t\tKEY site_id (site_id),\n\t\t\t\tKEY section_id (section_id),\n\t\t\t\tKEY page_id (page_id)\n\t\t\t)\n\t\t\tSELECT\n\t\t\t\tDISTINCT site_id, section_id, page_id, section_order, page_order\n\t\t\tFROM\n\t\t\t\tt_stories\n\t\t";
     db_query($query);
     // all sections for this site
     $query = "\n\t\t\tCREATE TEMPORARY TABLE t_sections (\n\t\t\t\tUNIQUE uniq (site_id, section_id),\n\t\t\t\tKEY site_id (site_id),\n\t\t\t\tKEY section_id (section_id)\n\t\t\t)\n\t\t\tSELECT\n\t\t\t\tDISTINCT site_id, section_id, section_order\n\t\t\tFROM\n\t\t\t\tt_pages\n\t\t";
     db_query($query);
     // all sites for this site, i.e. just this site
     $query = "\n\t\t\tCREATE TEMPORARY TABLE t_sites (\n\t\t\t\tUNIQUE uniq (site_id),\n\t\t\t\tKEY site_id (site_id)\n\t\t\t)\n\t\t\tSELECT\n\t\t\t\tDISTINCT site_id\n\t\t\tFROM\n\t\t\t\tt_sections\n\t\t";
     db_query($query);
     // create the object hierarchy
     $this->data = array();
     $query = "SELECT site_id, section_id FROM t_sections ORDER BY section_order";
     $r = db_query($query);
     while ($a = db_fetch_assoc($r)) {
         if ($a[section_id] != null) {
             $section =& new section($this->name, $a[section_id], $this);
             $this->sections[$a[section_id]] =& $section;
             $this->data[sections][] = $a[section_id];
             $this->fetched[sections] = 1;
         }
     }
     $query = "SELECT site_id, section_id, page_id FROM t_pages ORDER BY\tpage_order";
     $r = db_query($query);
     while ($a = db_fetch_assoc($r)) {
         if ($a[section_id] != null && $a[page_id] != null) {
             $section =& $this->sections[$a[section_id]];
             $page =& new page($this->name, $a[section_id], $a[page_id], $section);
             $section->pages[$a[page_id]] =& $page;
             $section->data[pages][] = $a[page_id];
             $section->fetched[pages] = 1;
         }
     }
     $query = "SELECT site_id, section_id, page_id, story_id FROM t_stories ORDER BY\tstory_order";
     $r = db_query($query);
     while ($a = db_fetch_assoc($r)) {
         if ($a[section_id] != null && $a[page_id] != null && $a[story_id] != null) {
             $section =& $this->sections[$a[section_id]];
             $page =& $section->pages[$a[page_id]];
             $story =& new story($this->name, $a[section_id], $a[page_id], $a[story_id], $page);
             $page->stories[$a[story_id]] =& $story;
             $page->data[stories][] = $a[story_id];
             $page->fetched[stories] = 1;
         }
     }
     // first, fetch the site
     $query = "\n\t\t\tSELECT  site_title AS title, DATE_FORMAT(site_activate_tstamp, '%Y-%m-%d') AS activatedate, DATE_FORMAT(site_deactivate_tstamp, '%Y-%m-%d') AS deactivatedate,\n\t\t\t\t\tsite_active AS active, site_listed AS listed, " . ($quick ? "" : "site_theme AS theme, site_themesettings AS themesettings, site_header AS header, site_footer AS footer, ") . "site_updated_tstamp AS editedtimestamp, site_created_tstamp AS addedtimestamp,\n\t\t\t\t\tuser_createdby.user_uname AS addedby, user_updatedby.user_uname AS editedby, slot_name as name, slot_type AS type\n\t\t\tFROM \n\t\t\t\tt_sites\n\t\t\t\t\tINNER JOIN\n\t\t\t\tsite\n\t\t\t\t\tON t_sites.site_id = site.site_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_createdby\n\t\t\t\t\tON FK_createdby = user_createdby.user_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_updatedby\n\t\t\t\t\tON FK_updatedby = user_updatedby.user_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tslot\n\t\t\t\t\tON site.site_id = slot.FK_site\n\t\t";
     $r = db_query($query);
     $a = db_fetch_assoc($r);
     array_change_key_case($a);
     // make all keys lower case
     // for each field returned by the query
     foreach ($a as $field => $value) {
         // make sure we have defined this field in the _allfields array
         if (in_array($field, $this->_allfields)) {
             // decode if necessary
             if (in_array($field, $this->_encode)) {
                 $value = stripslashes(urldecode($value));
             }
             $this->data[$field] = $value;
             $this->fetched[$field] = 1;
         } else {
             echo "ERROR: field {$field} not in _allfields!!!<br />";
         }
     }
     $this->fetcheddown = 1;
     $this->fetched_forever_and_ever = 1;
     // now, create section objects and fetch them
     $query = "\n\t\t\tSELECT  \n\t\t\t\tsection.section_id AS section_id" . ($quick ? " " : ", section_display_type AS type, section_title AS title, DATE_FORMAT(section_activate_tstamp, '%Y-%m-%d') AS activatedate, DATE_FORMAT(section_deactivate_tstamp, '%Y-%m-%d') AS deactivatedate,\n\t\t\t\tsection_active AS active, section_locked AS locked, section_updated_tstamp AS editedtimestamp,\n\t\t\t\tsection_created_tstamp AS addedtimestamp,\n\t\t\t\tuser_createdby.user_uname AS addedby, user_updatedby.user_uname AS editedby, '" . addslashes($this->name) . "' as site_id,\n\t\t\t\tmedia_tag AS url ") . "FROM \n\t\t\t\tt_sections\n\t\t\t\t\tINNER JOIN\n\t\t\t\tsection\n\t\t\t\t\tON t_sections.section_id = section.section_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_createdby\n\t\t\t\t\tON section.FK_createdby = user_createdby.user_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_updatedby\n\t\t\t\t\tON section.FK_updatedby = user_updatedby.user_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tmedia\n\t\t\t\t\tON FK_media = media_id\n\t\t";
     $r = db_query($query);
     while ($a = db_fetch_assoc($r)) {
         $section =& $this->sections[$a[section_id]];
         foreach ($a as $field => $value) {
             // make sure we have defined this field in the _allfields array
             if ($field == 'section_id' || in_array($field, $section->_allfields)) {
                 // decode if necessary
                 if (in_array($field, $section->_encode)) {
                     $value = stripslashes(urldecode($value));
                 }
                 $section->data[$field] = $value;
                 $section->fetched[$field] = 1;
             } else {
                 echo "ERROR: field {$field} not in _allfields!!!<br />";
             }
         }
         $section->fetcheddown = 1;
         $section->fetched_forever_and_ever = 1;
     }
     // now, create page objects and fetch them
     $query = "\n\t\t\tSELECT\n\t\t\t\tt_pages.section_id AS section_id, page.page_id AS page_id" . ($quick ? " " : ", \n\t\t\t\tpage_display_type AS type, \n\t\t\t\tpage_title AS title, \n\t\t\t\tpage_text AS text, \n\t\t\t\tDATE_FORMAT(page_activate_tstamp, '%Y-%m-%d') AS activatedate, \n\t\t\t\tDATE_FORMAT(page_deactivate_tstamp, '%Y-%m-%d') AS deactivatedate,\n\t\t\t\tpage_active AS active, \n\t\t\t\tpage_story_order AS storyorder, \n\t\t\t\tpage_show_creator AS showcreator, \n\t\t\t\tpage_show_date AS showdate, \n\t\t\t\tpage_show_hr AS showhr,\t\n\t\t\t\tpage_archiveby AS archiveby, \n\t\t\t\tpage_locked AS locked,\n\t\t\t\tpage_updated_tstamp AS editedtimestamp, \n\t\t\t\tpage_created_tstamp AS addedtimestamp,\n\t\t\t\tpage_ediscussion AS ediscussion,\n\t\t\t\tuser_createdby.user_uname AS addedby, \n\t\t\t\tuser_updatedby.user_uname AS editedby, \n\t\t\t\t'" . addslashes($this->name) . "' as site_id, \n\t\t\t\tmedia_tag AS url, \n\t\t\t\tpage_location AS location,\n\t\t\t\tpage_show_editor AS showeditor") . "\n\t\t\tFROM \n\t\t\t\tt_pages\n\t\t\t\t\tINNER JOIN \n\t\t\t\tpage\n\t\t\t\t\tON t_pages.page_id = page.page_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_createdby\n\t\t\t\t\tON page.FK_createdby = user_createdby.user_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_updatedby\n\t\t\t\t\tON page.FK_updatedby = user_updatedby.user_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tmedia\n\t\t\t\t\tON page.FK_media = media_id\n\t\t";
     if ($_section_id) {
         $query = $query . " WHERE section_id = '" . addslashes($_section_id) . "'";
     }
     $r = db_query($query);
     while ($a = db_fetch_assoc($r)) {
         array_change_key_case($a);
         // make all keys lower case
         $page =& $this->sections[$a[section_id]]->pages[$a[page_id]];
         foreach ($a as $field => $value) {
             // make sure we have defined this field in the _allfields array
             if ($field == 'page_id' || in_array($field, $page->_allfields)) {
                 // decode if necessary
                 if (in_array($field, $page->_encode)) {
                     $value = stripslashes(urldecode($value));
                 }
                 $page->data[$field] = $value;
                 $page->fetched[$field] = 1;
             } else {
                 echo "ERROR: field {$field} not in _allfields!!!<br />";
             }
         }
         $page->fetcheddown = 1;
         $page->fetched_forever_and_ever = 1;
     }
     // now, create story objects and fetch them
     $query = "\n\t\t\tSELECT\n\t\t\t\tt_stories.section_id AS section_id, \n\t\t\t\tt_stories.page_id AS page_id, \n\t\t\t\tstory.story_id AS story_id" . ($quick ? " " : ", story_display_type AS type, \n\t\t\t\tstory_title AS title, \n\t\t\t\tDATE_FORMAT(story_activate_tstamp, '%Y-%m-%d') AS activatedate, \n\t\t\t\tDATE_FORMAT(story_deactivate_tstamp, '%Y-%m-%d') AS deactivatedate,\n\t\t\t\tstory_active AS active, \n\t\t\t\tstory_locked AS locked, \n\t\t\t\tstory_updated_tstamp AS editedtimestamp, \n\t\t\t\tstory_created_tstamp AS addedtimestamp,\n\t\t\t\tstory_discussable AS discuss, \n\t\t\t\tstory_discussemail AS discussemail,\n\t\t\t\tstory_discusslabel AS discusslabel,\n\t\t\t\tstory_discussdisplay AS discussdisplay, \n\t\t\t\tstory_discussauthor AS discussauthor, \n\t\t\t\tstory_category AS category, \n\t\t\t\tstory_text_type AS texttype, \n\t\t\t\tstory_text_short AS shorttext,\n\t\t\t\tstory_text_long AS longertext,\n\t\t\t\tmedia_tag AS url,\n\t\t\t\tuser_createdby.user_uname AS addedby, \n\t\t\t\tuser_updatedby.user_uname AS editedby, \n\t\t\t\t'" . $this->name . "' as site_id ") . "FROM\n\t\t\t\tt_stories\n\t\t\t\t\tINNER JOIN\n\t\t\t\tstory\n\t\t\t\t\tON t_stories.story_id = story.story_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_createdby\n\t\t\t\t\tON story.FK_createdby = user_createdby.user_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_updatedby\n\t\t\t\t\tON story.FK_updatedby = user_updatedby.user_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tmedia\n\t\t\t\t\tON story.FK_media = media_id\t\t\n\t\t";
     if ($_section_id) {
         $query = $query . " WHERE section_id = '" . addslashes($_section_id) . "'";
         if ($_page_id) {
             $query = $query . " AND page_id = '" . addslashes($_page_id) . "'";
         }
     }
     $r = db_query($query);
     while ($a = db_fetch_assoc($r)) {
         array_change_key_case($a);
         // make all keys lower case
         $story =& $this->sections[$a[section_id]]->pages[$a[page_id]]->stories[$a[story_id]];
         foreach ($a as $field => $value) {
             // make sure we have defined this field in the _allfields array
             if ($field == 'story_id' || in_array($field, $story->_allfields)) {
                 // decode if necessary
                 if (in_array($field, $story->_encode)) {
                     $value = stripslashes(urldecode($value));
                 }
                 $story->data[$field] = $value;
                 $story->fetched[$field] = 1;
             } else {
                 echo "ERROR: field {$field} not in _allfields!!!<br />";
             }
         }
         $story->fetcheddown = 1;
         $story->fetched_forever_and_ever = 1;
     }
     $query = "\n\t\t\tSELECT\n\t\t\t\tuser_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,\n\t\t\t\tMAKE_SET(IFNULL((permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\n\t\t\tFROM\n\t\t\t\tt_sites\n\t\t\t\t\tINNER JOIN\n\t\t\t\tsite_editors ON\n\t\t\t\t\tsite_id = FK_site\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tuser\n\t\t\t\t\tON site_editors.FK_editor = user_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tugroup\n\t\t\t\t\tON site_editors.FK_editor = ugroup_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tpermission ON\n\t\t\t\t\tsite_id  = FK_scope_id\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_scope_type = 'site'\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_editor_type = site_editors_type\n\t\t";
     $r = db_query($query);
     $this->editors = array();
     $this->permissions = array();
     $this->cachedPermissions = array();
     // for every permisson entry, add it to the permissions array
     while ($row = db_fetch_assoc($r)) {
         // decode 'final_permissions';
         // 'final_permissions' is a field returned by the query and contains a string of the form "'a','vi','e'" etc.
         $a = array();
         $a[a] = strpos($row[permissions], 'a') !== false ? 1 : 0;
         // look for 'a' in 'final_permissions'
         $a[e] = strpos($row[permissions], 'e') !== false ? 1 : 0;
         // !== is very important here, because a position 0 is interpreted by != as FALSE
         $a[d] = strpos($row[permissions], 'd') !== false && strpos($row[permissions], 'd') !== strpos($row[permissions], 'di') ? 1 : 0;
         $a[v] = strpos($row[permissions], 'v') !== false ? 1 : 0;
         $a[di] = strpos($row[permissions], 'di') !== false ? 1 : 0;
         // if the editor is a user then the editor's name is just the user name
         // if the editor is 'institute' or 'everyone' then set the editor's name correspondingly
         if ($row[editor_type] == 'user') {
             $t_editor = $row[editor];
         } else {
             if ($row[editor_type] == 'ugroup') {
                 $t_editor = $row[editor2];
             } else {
                 $t_editor = $row[editor_type];
             }
         }
         // 			echo "<br /><br />Editor: $t_editor; Add: $a[a]; Edit: $a[e]; Delete: $a[d]; View: $a[v];  Discuss: $a[di]; On the Site";
         // set the permissions for this editor
         $this->permissions[$t_editor] = array(permissions::ADD() => $a[a] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::ADD()], permissions::EDIT() => $a[e] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::EDIT()], permissions::DELETE() => $a[d] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::DELETE()], permissions::VIEW() => $a[v] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::VIEW()], permissions::DISCUSS() => $a[di] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::DISCUSS()]);
         if ($a[v]) {
             $this->canview[$t_editor] = 1;
         }
         /*			$this->cachedPermissions = array(
         				$t_editor."ADD"=>$a[a], 
         				$t_editor."EDIT"=>$a[e], 
         				$t_editor."DELETE"=>$a[d], 
         				$t_editor."VIEW"=>$a[v], 
         				$t_editor."DISCUSS"=>$a[di]
         			);*/
         // now add the editor to the editor array
         $this->editors[] = $t_editor;
     }
     // now, inherit the permissions to the children
     foreach (array_keys($this->sections) as $key => $section_id) {
         $this->sections[$section_id]->editors = $this->editors;
         $this->sections[$section_id]->permissions = $this->permissions;
     }
     $this->builtPermissions = 1;
     $query = "\n\t\t\tSELECT\n\t\t\t\tsection_id, user_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,\n\t\t\t\tMAKE_SET(IFNULL((permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\n\t\t\tFROM\n\t\t\t\tt_sections\n\t\t\t\t\tINNER JOIN\n\t\t\t\tsite_editors ON\n\t\t\t\t\tsite_id = site_editors.FK_site\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tuser ON\n\t\t\t\t\tsite_editors.FK_editor = user_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tugroup ON\n\t\t\t\t\tsite_editors.FK_editor = ugroup_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tpermission ON\n\t\t\t\t\tsection_id  = FK_scope_id\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_scope_type = 'section'\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_editor_type = site_editors_type\n\t\t";
     $r = db_query($query);
     // for every permisson entry, add it to the permissions array
     while ($row = db_fetch_assoc($r)) {
         // decode 'final_permissions';
         // 'final_permissions' is a field returned by the query and contains a string of the form "'a','vi','e'" etc.
         $a = array();
         if (strpos($row[permissions], 'a') !== false) {
             $a[permissions::ADD()] = 1;
         }
         // look for 'a' in 'final_permissions'
         if (strpos($row[permissions], 'e') !== false) {
             $a[permissions::EDIT()] = 1;
         }
         // !== is very important here, because a position 0 is interpreted by != as FALSE
         if (strpos($row[permissions], 'd') !== false && strpos($row[permissions], 'd') !== strpos($row[permissions], 'di')) {
             $a[permissions::DELETE()] = 1;
         }
         if (strpos($row[permissions], 'v') !== false) {
             $a[permissions::VIEW()] = 1;
         }
         if (strpos($row[permissions], 'di') !== false) {
             $a[permissions::DISCUSS()] = 1;
         }
         // if the editor is a user then the editor's name is just the user name
         // if the editor is 'institute' or 'everyone' then set the editor's name correspondingly
         if ($row[editor_type] == 'user') {
             $t_editor = $row[editor];
         } else {
             if ($row[editor_type] == 'ugroup') {
                 $t_editor = $row[editor2];
             } else {
                 $t_editor = $row[editor_type];
             }
         }
         //			echo "<br /><br />Editor: $t_editor; Add: $a[a]; Edit: $a[e]; Delete: $a[d]; View: $a[v];  Discuss: $a[di]; on Section ".$row[section_id];
         foreach ($a as $key => $value) {
             $this->sections[$row[section_id]]->permissions[$t_editor][$key] = 1;
         }
         if ($a[permissions::VIEW()] && !$this->canview[$t_editor]) {
             $this->canview[$t_editor] = 1;
         }
     }
     // now, inherit the permissions to the children
     foreach (array_keys($this->sections) as $key1 => $section_id) {
         foreach (array_keys($this->sections[$section_id]->pages) as $key2 => $page_id) {
             $this->sections[$section_id]->pages[$page_id]->editors = $this->sections[$section_id]->editors;
             $this->sections[$section_id]->pages[$page_id]->permissions = $this->sections[$section_id]->permissions;
         }
         $this->sections[$section_id]->builtPermissions = 1;
     }
     $query = "\n\t\t\tSELECT\n\t\t\t\tsection_id, page_id, user_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,\n\t\t\t\tMAKE_SET(IFNULL((permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\n\t\t\tFROM\n\t\t\t\tt_pages\n\t\t\t\t\tINNER JOIN\n\t\t\t\tsite_editors ON\n\t\t\t\t\tsite_id = site_editors.FK_site\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tuser ON\n\t\t\t\t\tsite_editors.FK_editor = user_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tugroup ON\n\t\t\t\t\tsite_editors.FK_editor = ugroup_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tpermission ON\n\t\t\t\t\tpage_id  = FK_scope_id\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_scope_type = 'page'\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_editor_type = site_editors_type\n\t\t";
     $r = db_query($query);
     // for every permisson entry, add it to the permissions array
     while ($row = db_fetch_assoc($r)) {
         // decode 'final_permissions';
         // 'final_permissions' is a field returned by the query and contains a string of the form "'a','vi','e'" etc.
         $a = array();
         if (strpos($row[permissions], 'a') !== false) {
             $a[permissions::ADD()] = 1;
         }
         // look for 'a' in 'final_permissions'
         if (strpos($row[permissions], 'e') !== false) {
             $a[permissions::EDIT()] = 1;
         }
         // !== is very important here, because a position 0 is interpreted by != as FALSE
         if (strpos($row[permissions], 'd') !== false && strpos($row[permissions], 'd') !== strpos($row[permissions], 'di')) {
             $a[permissions::DELETE()] = 1;
         }
         if (strpos($row[permissions], 'v') !== false) {
             $a[permissions::VIEW()] = 1;
         }
         if (strpos($row[permissions], 'di') !== false) {
             $a[permissions::DISCUSS()] = 1;
         }
         // if the editor is a user then the editor's name is just the user name
         // if the editor is 'institute' or 'everyone' then set the editor's name correspondingly
         if ($row[editor_type] == 'user') {
             $t_editor = $row[editor];
         } else {
             if ($row[editor_type] == 'ugroup') {
                 $t_editor = $row[editor2];
             } else {
                 $t_editor = $row[editor_type];
             }
         }
         //			echo "<br /><br />Editor: $t_editor; Add: $a[a]; Edit: $a[e]; Delete: $a[d]; View: $a[v];  Discuss: $a[di];";
         foreach ($a as $key => $value) {
             $this->sections[$row[section_id]]->pages[$row[page_id]]->permissions[$t_editor][$key] = 1;
         }
         if ($a[permissions::VIEW()] && !$this->canview[$t_editor]) {
             $this->canview[$t_editor] = 1;
         }
     }
     // now, inherit the permissions to the children
     foreach (array_keys($this->sections) as $key1 => $section_id) {
         foreach (array_keys($this->sections[$section_id]->pages) as $key2 => $page_id) {
             foreach (array_keys($this->sections[$section_id]->pages[$page_id]->stories) as $key3 => $story_id) {
                 $this->sections[$section_id]->pages[$page_id]->stories[$story_id]->editors = $this->sections[$section_id]->pages[$page_id]->editors;
                 $this->sections[$section_id]->pages[$page_id]->stories[$story_id]->permissions = $this->sections[$section_id]->pages[$page_id]->permissions;
                 $this->sections[$section_id]->pages[$page_id]->stories[$story_id]->builtPermissions = 1;
             }
             $this->sections[$section_id]->pages[$page_id]->builtPermissions = 1;
         }
     }
     $query = "\n\t\t\tSELECT\n\t\t\t\tsection_id, page_id, story_id, user_uname as editor, ugroup_name as editor2,  site_editors_type as editor_type, permission_id,\n\t\t\t\tMAKE_SET(IFNULL((permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\n\t\t\tFROM\n\t\t\t\tt_stories\n\t\t\t\t\tINNER JOIN\n\t\t\t\tsite_editors ON\n\t\t\t\t\tsite_id = site_editors.FK_site\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tuser ON\n\t\t\t\t\tsite_editors.FK_editor = user_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tugroup ON\n\t\t\t\t\tsite_editors.FK_editor = ugroup_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tpermission ON\n\t\t\t\t\tstory_id = FK_scope_id\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_scope_type = 'story'\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_editor_type = site_editors_type\n\t\t";
     $r = db_query($query);
     // for every permisson entry, add it to the permissions array
     while ($row = db_fetch_assoc($r)) {
         // decode 'final_permissions';
         // 'final_permissions' is a field returned by the query and contains a string of the form "'a','vi','e'" etc.
         $a = array();
         //			printpre($row);
         // if the editor is a user then the editor's name is just the user name
         // if the editor is 'institute' or 'everyone' then set the editor's name correspondingly
         if ($row[editor_type] == 'user') {
             $t_editor = $row[editor];
         } else {
             if ($row[editor_type] == 'ugroup') {
                 $t_editor = $row[editor2];
             } else {
                 $t_editor = $row[editor_type];
             }
         }
         // Everyone and institute can't have add, edit, or delete permissions.
         // Somehow, these were added sometimes. If this is the case, prevent
         // these from being set and reset those for the site.
         if ($t_editor == 'everyone' || $t_editor == 'institute') {
             // If we have a bad permission, do cleanup.
             if (strpos($row[permissions], 'a') !== false || strpos($row[permissions], 'e') !== false || strpos($row[permissions], 'd') !== false && strpos($row[permissions], 'd') !== strpos($row[permissions], 'di')) {
                 printError("Invalid add, edit, or delete permissions for {$t_editor}: permissionId - " . $row[permission_id] . "; permission - " . $row[permissions] . "\n<br />Cleaning up Database.");
                 // Clean up the permissions
                 $this->owningSiteObj->setUserPermissionDown('add', $t_editor, 0);
                 $this->owningSiteObj->setUserPermissionDown('edit', $t_editor, 0);
                 $this->owningSiteObj->setUserPermissionDown('delete', $t_editor, 0);
                 $this->owningSiteObj->updatePermissionsDB(TRUE);
                 if (is_numeric($row[permission_id])) {
                     if ($row[permissions] != 'd') {
                         $cleanupQuery = "UPDATE permission SET  permission_value='di' WHERE permission_id='" . addslashes($row[permission_id]) . "'";
                     } else {
                         $cleanupQuery = "DELETE FROM permission WHERE permission_id='" . addslashes($row[permission_id]) . "'";
                     }
                     $cleanupResult = db_query($cleanupQuery);
                 }
             }
         } else {
             if (strpos($row[permissions], 'a') !== false) {
                 $a[permissions::ADD()] = 1;
             }
             // look for 'a' in 'final_permissions'
             if (strpos($row[permissions], 'e') !== false) {
                 $a[permissions::EDIT()] = 1;
             }
             // !== is very important here, because a position 0 is interpreted by != as FALSE
             if (strpos($row[permissions], 'd') !== false && strpos($row[permissions], 'd') !== strpos($row[permissions], 'di')) {
                 $a[permissions::DELETE()] = 1;
             }
         }
         if (strpos($row[permissions], 'v') !== false) {
             $a[permissions::VIEW()] = 1;
         }
         if (strpos($row[permissions], 'di') !== false) {
             $a[permissions::DISCUSS()] = 1;
         }
         //			print_r($a); //debug
         //			echo "<br /><br />Editor: $t_editor; Add: $a[a]; Edit: $a[e]; Delete: $a[d]; View: $a[v];  Discuss: $a[di]; On story id ".$row[story_id];
         foreach ($a as $key => $value) {
             $this->sections[$row[section_id]]->pages[$row[page_id]]->stories[$row[story_id]]->permissions[$t_editor][$key] = 1;
         }
         if ($a[permissions::VIEW()] && !$this->canview[$t_editor]) {
             $this->canview[$t_editor] = 1;
         }
     }
     return $this->id;
 }