function buildPermissionsArray($force = 0, $down = 0)
{
if (!$force && $this->builtPermissions) {
return;
}
$scope = get_class($this);
$site = $this->owning_site;
$id = $this->id;
// the SQL queries for obtaining the permissions vary with the scope type. Thus, we have 4 cases, 1 for each scope type.
// editors can be either institute, everyone, a username or a ugroup name
// we need two queries for any one scope
// CASE 1: scope is SITE
if ($scope == 'site') {
$query = "\nSELECT\n\tuser_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,\n\tMAKE_SET(IFNULL((permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\nFROM\n\tsite\n\t\tINNER JOIN\n\tsite_editors ON\n\t\tsite_id = " . $this->id . "\n\t\t\tAND\n\t\tsite_id = FK_site\n\t\tLEFT JOIN\n\tuser ON\n\t\tsite_editors.FK_editor = user_id\n\t\tLEFT JOIN\n\tugroup ON\n\t\tsite_editors.FK_editor = ugroup_id\n\t\tLEFT JOIN\n\tpermission ON\n\t\tsite_id = FK_scope_id\n\t\t\tAND\n\t\tpermission_scope_type = 'site'\n\t\t\tAND\n\t\tpermission.FK_editor <=> site_editors.FK_editor\n\t\t\tAND\n\t\tpermission_editor_type = site_editors_type\n";
} else {
if ($scope == 'section') {
$query = "\nSELECT\n\tuser_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,\n\tMAKE_SET(IFNULL((p1.permission_value+0),0) | IFNULL((p2.permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\nFROM\n\tsite\n\t\tINNER JOIN\n\tsection\n\t\tON site_id = section.FK_site\n\t\t\tAND\n\t\tsection_id = " . $this->id . "\n\t\tINNER JOIN\n\tsite_editors ON\n\t\tsite_id = site_editors.FK_site\n\t\tLEFT JOIN\n\tuser ON\n\t\tsite_editors.FK_editor = user_id\n\t\tLEFT JOIN\n\tugroup ON\n\t\tsite_editors.FK_editor = ugroup_id\n\t\tLEFT JOIN\n\tpermission as p1 ON\n\t\tsite_id = p1.FK_scope_id\n\t\t\tAND\n\t\tp1.permission_scope_type = 'site'\n\t\t\tAND\n\t\tp1.FK_editor <=> site_editors.FK_editor\n\t\t\tAND\n\t\tp1.permission_editor_type = site_editors_type\n\t\tLEFT JOIN \n\tpermission as p2 ON\n\t\tsection_id = p2.FK_scope_id\n\t\t\tAND\n\t\tp2.permission_scope_type = 'section'\n\t\t\tAND\n\t\tp2.FK_editor <=> site_editors.FK_editor\n\t\t\tAND\n\t\tp2.permission_editor_type = site_editors_type\n";
} else {
if ($scope == 'page') {
$query = "\nSELECT\n\tuser_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,\n\tMAKE_SET(IFNULL((p1.permission_value+0),0) | IFNULL((p2.permission_value+0),0) | IFNULL((p3.permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\nFROM\n\tsite\n\t\tINNER JOIN\n\tsection\n\t\tON site_id = section.FK_site\n\t\tINNER JOIN\n\tpage\n\t\tON section_id = page.FK_section\n\t\t\tAND\n\t\tpage_id = " . $this->id . "\n\t\tINNER JOIN\n\tsite_editors ON\n\t\tsite_id = site_editors.FK_site\n\t\tLEFT JOIN\n\tuser ON\n\t\tsite_editors.FK_editor = user_id\n\t\tLEFT JOIN\n\tugroup ON\n\t\tsite_editors.FK_editor = ugroup_id\n\t\tLEFT JOIN\n\tpermission as p1 ON\n\t\tsite_id = p1.FK_scope_id\n\t\t\tAND\n\t\tp1.permission_scope_type = 'site'\n\t\t\tAND\n\t\tp1.FK_editor <=> site_editors.FK_editor\n\t\t\tAND\n\t\tp1.permission_editor_type = site_editors_type\n\t\tLEFT JOIN \n\tpermission as p2 ON\n\t\tsection_id = p2.FK_scope_id\n\t\t\tAND\n\t\tp2.permission_scope_type = 'section'\n\t\t\tAND\n\t\tp2.FK_editor <=> site_editors.FK_editor\n\t\t\tAND\n\t\tp2.permission_editor_type = site_editors_type\n\t\tLEFT JOIN\n\tpermission as p3 ON\n\t\tpage_id = p3.FK_scope_id\n\t\t\tAND\n\t\tp3.permission_scope_type = 'page'\n\t\t\tAND\n\t\tp3.FK_editor <=> site_editors.FK_editor\n\t\t\tAND\n\t\tp3.permission_editor_type = site_editors_type\n";
} else {
if ($scope == 'story') {
$query = "\n\t\t\t\tSELECT\n\t\t\t\t\tuser_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,\n\t\t\t\t\tMAKE_SET(IFNULL((p1.permission_value+0),0) | IFNULL((p2.permission_value+0),0) | IFNULL((p3.permission_value+0),0) | IFNULL((p4.permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\n\t\t\t\tFROM\n\t\t\t\t\tsite\n\t\t\t\t\t\tINNER JOIN\n\t\t\t\t\tsection\n\t\t\t\t\t\tON site_id = section.FK_site\n\t\t\t\t\t\tINNER JOIN\n\t\t\t\t\tpage\n\t\t\t\t\t\tON section_id = page.FK_section\n\t\t\t\t\t\tINNER JOIN\n\t\t\t\t\tstory\n\t\t\t\t\t\tON page_id = story.FK_page\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tstory_id = '" . addslashes($this->id) . "'\n\t\t\t\t\t\tINNER JOIN\n\t\t\t\t\tsite_editors ON\n\t\t\t\t\t\tsite_id = site_editors.FK_site\n\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\tuser ON\n\t\t\t\t\t\tsite_editors.FK_editor = user_id\n\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\tugroup ON\n\t\t\t\t\t\tsite_editors.FK_editor = ugroup_id\n\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\tpermission as p1 ON\n\t\t\t\t\t\tsite_id = p1.FK_scope_id\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp1.permission_scope_type = 'site'\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp1.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp1.permission_editor_type = site_editors_type\n\t\t\t\t\t\tLEFT JOIN \n\t\t\t\t\tpermission as p2 ON\n\t\t\t\t\t\tsection_id = p2.FK_scope_id\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp2.permission_scope_type = 'section'\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp2.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp2.permission_editor_type = site_editors_type\n\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\tpermission as p3 ON\n\t\t\t\t\t\tpage_id = p3.FK_scope_id\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp3.permission_scope_type = 'page'\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp3.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp3.permission_editor_type = site_editors_type\n\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\tpermission as p4 ON\n\t\t\t\t\t\tstory_id = p4.FK_scope_id\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp4.permission_scope_type = 'story'\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp4.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\tp4.permission_editor_type = site_editors_type\n\t\t\t\t";
}
}
}
}
// execute the query
// echo $query;
$r = db_query($query);
//echo "Query result: ".$r."<br />";
// reset the editor array
if ($r) {
$this->editors = array();
$this->permissions = array();
}
// for every permisson entry, add it to the permissions array
while ($row = db_fetch_assoc($r)) {
// decode 'final_permissions';
// 'final_permissions' is a field returned by the query and contains a string of the form "'a','vi','e'" etc.
$a = array();
$dbPerms = explode(",", $row[permissions]);
$a[v] = in_array('v', $dbPerms);
$a[a] = in_array('a', $dbPerms);
$a[e] = in_array('e', $dbPerms);
$a[d] = in_array('d', $dbPerms);
$a[di] = in_array('di', $dbPerms);
// Trash the db perms variable.
$dbPerms = NULL;
unset($dbPerms);
// if the editor is a user then the editor's name is just the user name
// if the editor is 'institute' or 'everyone' then set the editor's name correspondingly
if ($row[editor_type] == 'user') {
$t_editor = $row[editor];
} else {
if ($row[editor_type] == 'ugroup') {
$t_editor = $row[editor2];
} else {
$t_editor = $row[editor_type];
}
}
// Everyone and institute can't have add, edit, or delete permissions.
// Somehow, these were added sometimes. If this is the case, prevent
// these from being set and reset those for the site.
if ($t_editor == 'everyone' || $t_editor == 'institute') {
// If we have a bad permission, do cleanup.
if ($a[a] || $a[e] || $a[d]) {
// Make sure that zeros get passed on.
$a[a] = 0;
$a[e] = 0;
$a[d] = 0;
// Clean up the permissions
$this->owningSiteObj->setUserPermissionDown('add', $t_editor, 0);
$this->owningSiteObj->setUserPermissionDown('edit', $t_editor, 0);
$this->owningSiteObj->setUserPermissionDown('delete', $t_editor, 0);
$this->owningSiteObj->updatePermissionsDB(TRUE);
}
}
// echo "<br /><br />Editor: $t_editor; Add: $a[a]; Edit: $a[e]; Delete: $a[d]; View: $a[v]; Discuss: $a[di];";
// set the permissions for this editor
// $this->permissions[strtolower($t_editor)] = array(
$this->permissions[$t_editor] = array(permissions::ADD() => $a[a] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::ADD()], permissions::EDIT() => $a[e] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::EDIT()], permissions::DELETE() => $a[d] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::DELETE()], permissions::VIEW() => $a[v] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::VIEW()], permissions::DISCUSS() => $a[di] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::DISCUSS()]);
// now add the editor to the editor array
// $this->editors[]=strtolower($t_editor);
if ($t_editor) {
$this->editors[] = $t_editor;
}
}
// print_r($this->permissions);
$this->builtPermissions = 1;
if ($down) {
$ar = $this->_object_arrays[$scope];
if ($ar) {
$a =& $this->{$ar};
if ($a) {
foreach ($a as $i => $o) {
$a[$i]->buildPermissionsArray($force, $down);
}
}
}
}
}
function fetchSiteAtOnceForeverAndEverAndDontForgetThePermissionsAsWell_Amen($_section_id = 0, $_page_id = 0, $quick = false)
{
if ($this->site_does_not_exist) {
return false;
}
if ($this->fetched_forever_and_ever) {
return $this->id;
}
// no $full or $force here, always fetch everything, be strong and stubborn damnit!
// connect to db and initialize data array
global $dbuser, $dbpass, $dbdb, $dbhost;
db_connect($dbhost, $dbuser, $dbpass, $dbdb);
// delete temporary tables if they already exist
$query = "DROP TABLE IF EXISTS t_sites";
db_query($query);
$query = "DROP TABLE IF EXISTS t_sections";
db_query($query);
$query = "DROP TABLE IF EXISTS t_pages";
db_query($query);
$query = "DROP TABLE IF EXISTS t_stories";
db_query($query);
// now, create the temporary tables. each table stores all siteunit ids for this site.
// all stories for this site
$query = "\n\t\t\tCREATE TEMPORARY TABLE t_stories(\n\t\t\t\tUNIQUE uniq (site_id,section_id,page_id,story_id),\n\t\t\t\tKEY site_id (site_id),\n\t\t\t\tKEY section_id (section_id),\n\t\t\t\tKEY page_id (page_id),\n\t\t\t\tKEY story_id (story_id)\n\t\t\t) TYPE=MyISAM\n\t\t\tSELECT\n\t\t\t\tsite_id, section_id, page_id, story_id, section_order, page_order, story_order\n\t\t\tFROM\n\t\t\t\tsite\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tsection ON FK_site = site_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tpage ON FK_section = section_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tstory ON FK_page = page_id\n\t\t\tWHERE\n\t\t\t\tsite_id = '" . addslashes($this->id) . "' \n\t\t";
db_query($query);
// all pages for this site
$query = "\n\t\t\tCREATE TEMPORARY TABLE t_pages (\n\t\t\t\tUNIQUE uniq (site_id, section_id, page_id),\n\t\t\t\tKEY site_id (site_id),\n\t\t\t\tKEY section_id (section_id),\n\t\t\t\tKEY page_id (page_id)\n\t\t\t)\n\t\t\tSELECT\n\t\t\t\tDISTINCT site_id, section_id, page_id, section_order, page_order\n\t\t\tFROM\n\t\t\t\tt_stories\n\t\t";
db_query($query);
// all sections for this site
$query = "\n\t\t\tCREATE TEMPORARY TABLE t_sections (\n\t\t\t\tUNIQUE uniq (site_id, section_id),\n\t\t\t\tKEY site_id (site_id),\n\t\t\t\tKEY section_id (section_id)\n\t\t\t)\n\t\t\tSELECT\n\t\t\t\tDISTINCT site_id, section_id, section_order\n\t\t\tFROM\n\t\t\t\tt_pages\n\t\t";
db_query($query);
// all sites for this site, i.e. just this site
$query = "\n\t\t\tCREATE TEMPORARY TABLE t_sites (\n\t\t\t\tUNIQUE uniq (site_id),\n\t\t\t\tKEY site_id (site_id)\n\t\t\t)\n\t\t\tSELECT\n\t\t\t\tDISTINCT site_id\n\t\t\tFROM\n\t\t\t\tt_sections\n\t\t";
db_query($query);
// create the object hierarchy
$this->data = array();
$query = "SELECT site_id, section_id FROM t_sections ORDER BY section_order";
$r = db_query($query);
while ($a = db_fetch_assoc($r)) {
if ($a[section_id] != null) {
$section =& new section($this->name, $a[section_id], $this);
$this->sections[$a[section_id]] =& $section;
$this->data[sections][] = $a[section_id];
$this->fetched[sections] = 1;
}
}
$query = "SELECT site_id, section_id, page_id FROM t_pages ORDER BY\tpage_order";
$r = db_query($query);
while ($a = db_fetch_assoc($r)) {
if ($a[section_id] != null && $a[page_id] != null) {
$section =& $this->sections[$a[section_id]];
$page =& new page($this->name, $a[section_id], $a[page_id], $section);
$section->pages[$a[page_id]] =& $page;
$section->data[pages][] = $a[page_id];
$section->fetched[pages] = 1;
}
}
$query = "SELECT site_id, section_id, page_id, story_id FROM t_stories ORDER BY\tstory_order";
$r = db_query($query);
while ($a = db_fetch_assoc($r)) {
if ($a[section_id] != null && $a[page_id] != null && $a[story_id] != null) {
$section =& $this->sections[$a[section_id]];
$page =& $section->pages[$a[page_id]];
$story =& new story($this->name, $a[section_id], $a[page_id], $a[story_id], $page);
$page->stories[$a[story_id]] =& $story;
$page->data[stories][] = $a[story_id];
$page->fetched[stories] = 1;
}
}
// first, fetch the site
$query = "\n\t\t\tSELECT site_title AS title, DATE_FORMAT(site_activate_tstamp, '%Y-%m-%d') AS activatedate, DATE_FORMAT(site_deactivate_tstamp, '%Y-%m-%d') AS deactivatedate,\n\t\t\t\t\tsite_active AS active, site_listed AS listed, " . ($quick ? "" : "site_theme AS theme, site_themesettings AS themesettings, site_header AS header, site_footer AS footer, ") . "site_updated_tstamp AS editedtimestamp, site_created_tstamp AS addedtimestamp,\n\t\t\t\t\tuser_createdby.user_uname AS addedby, user_updatedby.user_uname AS editedby, slot_name as name, slot_type AS type\n\t\t\tFROM \n\t\t\t\tt_sites\n\t\t\t\t\tINNER JOIN\n\t\t\t\tsite\n\t\t\t\t\tON t_sites.site_id = site.site_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_createdby\n\t\t\t\t\tON FK_createdby = user_createdby.user_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_updatedby\n\t\t\t\t\tON FK_updatedby = user_updatedby.user_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tslot\n\t\t\t\t\tON site.site_id = slot.FK_site\n\t\t";
$r = db_query($query);
$a = db_fetch_assoc($r);
array_change_key_case($a);
// make all keys lower case
// for each field returned by the query
foreach ($a as $field => $value) {
// make sure we have defined this field in the _allfields array
if (in_array($field, $this->_allfields)) {
// decode if necessary
if (in_array($field, $this->_encode)) {
$value = stripslashes(urldecode($value));
}
$this->data[$field] = $value;
$this->fetched[$field] = 1;
} else {
echo "ERROR: field {$field} not in _allfields!!!<br />";
}
}
$this->fetcheddown = 1;
$this->fetched_forever_and_ever = 1;
// now, create section objects and fetch them
$query = "\n\t\t\tSELECT \n\t\t\t\tsection.section_id AS section_id" . ($quick ? " " : ", section_display_type AS type, section_title AS title, DATE_FORMAT(section_activate_tstamp, '%Y-%m-%d') AS activatedate, DATE_FORMAT(section_deactivate_tstamp, '%Y-%m-%d') AS deactivatedate,\n\t\t\t\tsection_active AS active, section_locked AS locked, section_updated_tstamp AS editedtimestamp,\n\t\t\t\tsection_created_tstamp AS addedtimestamp,\n\t\t\t\tuser_createdby.user_uname AS addedby, user_updatedby.user_uname AS editedby, '" . addslashes($this->name) . "' as site_id,\n\t\t\t\tmedia_tag AS url ") . "FROM \n\t\t\t\tt_sections\n\t\t\t\t\tINNER JOIN\n\t\t\t\tsection\n\t\t\t\t\tON t_sections.section_id = section.section_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_createdby\n\t\t\t\t\tON section.FK_createdby = user_createdby.user_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_updatedby\n\t\t\t\t\tON section.FK_updatedby = user_updatedby.user_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tmedia\n\t\t\t\t\tON FK_media = media_id\n\t\t";
$r = db_query($query);
while ($a = db_fetch_assoc($r)) {
$section =& $this->sections[$a[section_id]];
foreach ($a as $field => $value) {
// make sure we have defined this field in the _allfields array
if ($field == 'section_id' || in_array($field, $section->_allfields)) {
// decode if necessary
if (in_array($field, $section->_encode)) {
$value = stripslashes(urldecode($value));
}
$section->data[$field] = $value;
$section->fetched[$field] = 1;
} else {
echo "ERROR: field {$field} not in _allfields!!!<br />";
}
}
$section->fetcheddown = 1;
$section->fetched_forever_and_ever = 1;
}
// now, create page objects and fetch them
$query = "\n\t\t\tSELECT\n\t\t\t\tt_pages.section_id AS section_id, page.page_id AS page_id" . ($quick ? " " : ", \n\t\t\t\tpage_display_type AS type, \n\t\t\t\tpage_title AS title, \n\t\t\t\tpage_text AS text, \n\t\t\t\tDATE_FORMAT(page_activate_tstamp, '%Y-%m-%d') AS activatedate, \n\t\t\t\tDATE_FORMAT(page_deactivate_tstamp, '%Y-%m-%d') AS deactivatedate,\n\t\t\t\tpage_active AS active, \n\t\t\t\tpage_story_order AS storyorder, \n\t\t\t\tpage_show_creator AS showcreator, \n\t\t\t\tpage_show_date AS showdate, \n\t\t\t\tpage_show_hr AS showhr,\t\n\t\t\t\tpage_archiveby AS archiveby, \n\t\t\t\tpage_locked AS locked,\n\t\t\t\tpage_updated_tstamp AS editedtimestamp, \n\t\t\t\tpage_created_tstamp AS addedtimestamp,\n\t\t\t\tpage_ediscussion AS ediscussion,\n\t\t\t\tuser_createdby.user_uname AS addedby, \n\t\t\t\tuser_updatedby.user_uname AS editedby, \n\t\t\t\t'" . addslashes($this->name) . "' as site_id, \n\t\t\t\tmedia_tag AS url, \n\t\t\t\tpage_location AS location,\n\t\t\t\tpage_show_editor AS showeditor") . "\n\t\t\tFROM \n\t\t\t\tt_pages\n\t\t\t\t\tINNER JOIN \n\t\t\t\tpage\n\t\t\t\t\tON t_pages.page_id = page.page_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_createdby\n\t\t\t\t\tON page.FK_createdby = user_createdby.user_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_updatedby\n\t\t\t\t\tON page.FK_updatedby = user_updatedby.user_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tmedia\n\t\t\t\t\tON page.FK_media = media_id\n\t\t";
if ($_section_id) {
$query = $query . " WHERE section_id = '" . addslashes($_section_id) . "'";
}
$r = db_query($query);
while ($a = db_fetch_assoc($r)) {
array_change_key_case($a);
// make all keys lower case
$page =& $this->sections[$a[section_id]]->pages[$a[page_id]];
foreach ($a as $field => $value) {
// make sure we have defined this field in the _allfields array
if ($field == 'page_id' || in_array($field, $page->_allfields)) {
// decode if necessary
if (in_array($field, $page->_encode)) {
$value = stripslashes(urldecode($value));
}
$page->data[$field] = $value;
$page->fetched[$field] = 1;
} else {
echo "ERROR: field {$field} not in _allfields!!!<br />";
}
}
$page->fetcheddown = 1;
$page->fetched_forever_and_ever = 1;
}
// now, create story objects and fetch them
$query = "\n\t\t\tSELECT\n\t\t\t\tt_stories.section_id AS section_id, \n\t\t\t\tt_stories.page_id AS page_id, \n\t\t\t\tstory.story_id AS story_id" . ($quick ? " " : ", story_display_type AS type, \n\t\t\t\tstory_title AS title, \n\t\t\t\tDATE_FORMAT(story_activate_tstamp, '%Y-%m-%d') AS activatedate, \n\t\t\t\tDATE_FORMAT(story_deactivate_tstamp, '%Y-%m-%d') AS deactivatedate,\n\t\t\t\tstory_active AS active, \n\t\t\t\tstory_locked AS locked, \n\t\t\t\tstory_updated_tstamp AS editedtimestamp, \n\t\t\t\tstory_created_tstamp AS addedtimestamp,\n\t\t\t\tstory_discussable AS discuss, \n\t\t\t\tstory_discussemail AS discussemail,\n\t\t\t\tstory_discusslabel AS discusslabel,\n\t\t\t\tstory_discussdisplay AS discussdisplay, \n\t\t\t\tstory_discussauthor AS discussauthor, \n\t\t\t\tstory_category AS category, \n\t\t\t\tstory_text_type AS texttype, \n\t\t\t\tstory_text_short AS shorttext,\n\t\t\t\tstory_text_long AS longertext,\n\t\t\t\tmedia_tag AS url,\n\t\t\t\tuser_createdby.user_uname AS addedby, \n\t\t\t\tuser_updatedby.user_uname AS editedby, \n\t\t\t\t'" . $this->name . "' as site_id ") . "FROM\n\t\t\t\tt_stories\n\t\t\t\t\tINNER JOIN\n\t\t\t\tstory\n\t\t\t\t\tON t_stories.story_id = story.story_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_createdby\n\t\t\t\t\tON story.FK_createdby = user_createdby.user_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tuser AS user_updatedby\n\t\t\t\t\tON story.FK_updatedby = user_updatedby.user_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tmedia\n\t\t\t\t\tON story.FK_media = media_id\t\t\n\t\t";
if ($_section_id) {
$query = $query . " WHERE section_id = '" . addslashes($_section_id) . "'";
if ($_page_id) {
$query = $query . " AND page_id = '" . addslashes($_page_id) . "'";
}
}
$r = db_query($query);
while ($a = db_fetch_assoc($r)) {
array_change_key_case($a);
// make all keys lower case
$story =& $this->sections[$a[section_id]]->pages[$a[page_id]]->stories[$a[story_id]];
foreach ($a as $field => $value) {
// make sure we have defined this field in the _allfields array
if ($field == 'story_id' || in_array($field, $story->_allfields)) {
// decode if necessary
if (in_array($field, $story->_encode)) {
$value = stripslashes(urldecode($value));
}
$story->data[$field] = $value;
$story->fetched[$field] = 1;
} else {
echo "ERROR: field {$field} not in _allfields!!!<br />";
}
}
$story->fetcheddown = 1;
$story->fetched_forever_and_ever = 1;
}
$query = "\n\t\t\tSELECT\n\t\t\t\tuser_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,\n\t\t\t\tMAKE_SET(IFNULL((permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\n\t\t\tFROM\n\t\t\t\tt_sites\n\t\t\t\t\tINNER JOIN\n\t\t\t\tsite_editors ON\n\t\t\t\t\tsite_id = FK_site\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tuser\n\t\t\t\t\tON site_editors.FK_editor = user_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tugroup\n\t\t\t\t\tON site_editors.FK_editor = ugroup_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tpermission ON\n\t\t\t\t\tsite_id = FK_scope_id\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_scope_type = 'site'\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_editor_type = site_editors_type\n\t\t";
$r = db_query($query);
$this->editors = array();
$this->permissions = array();
$this->cachedPermissions = array();
// for every permisson entry, add it to the permissions array
while ($row = db_fetch_assoc($r)) {
// decode 'final_permissions';
// 'final_permissions' is a field returned by the query and contains a string of the form "'a','vi','e'" etc.
$a = array();
$a[a] = strpos($row[permissions], 'a') !== false ? 1 : 0;
// look for 'a' in 'final_permissions'
$a[e] = strpos($row[permissions], 'e') !== false ? 1 : 0;
// !== is very important here, because a position 0 is interpreted by != as FALSE
$a[d] = strpos($row[permissions], 'd') !== false && strpos($row[permissions], 'd') !== strpos($row[permissions], 'di') ? 1 : 0;
$a[v] = strpos($row[permissions], 'v') !== false ? 1 : 0;
$a[di] = strpos($row[permissions], 'di') !== false ? 1 : 0;
// if the editor is a user then the editor's name is just the user name
// if the editor is 'institute' or 'everyone' then set the editor's name correspondingly
if ($row[editor_type] == 'user') {
$t_editor = $row[editor];
} else {
if ($row[editor_type] == 'ugroup') {
$t_editor = $row[editor2];
} else {
$t_editor = $row[editor_type];
}
}
// echo "<br /><br />Editor: $t_editor; Add: $a[a]; Edit: $a[e]; Delete: $a[d]; View: $a[v]; Discuss: $a[di]; On the Site";
// set the permissions for this editor
$this->permissions[$t_editor] = array(permissions::ADD() => $a[a] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::ADD()], permissions::EDIT() => $a[e] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::EDIT()], permissions::DELETE() => $a[d] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::DELETE()], permissions::VIEW() => $a[v] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::VIEW()], permissions::DISCUSS() => $a[di] || $this->permissions[$t_editor] && $this->permissions[$t_editor][permissions::DISCUSS()]);
if ($a[v]) {
$this->canview[$t_editor] = 1;
}
/* $this->cachedPermissions = array(
$t_editor."ADD"=>$a[a],
$t_editor."EDIT"=>$a[e],
$t_editor."DELETE"=>$a[d],
$t_editor."VIEW"=>$a[v],
$t_editor."DISCUSS"=>$a[di]
);*/
// now add the editor to the editor array
$this->editors[] = $t_editor;
}
// now, inherit the permissions to the children
foreach (array_keys($this->sections) as $key => $section_id) {
$this->sections[$section_id]->editors = $this->editors;
$this->sections[$section_id]->permissions = $this->permissions;
}
$this->builtPermissions = 1;
$query = "\n\t\t\tSELECT\n\t\t\t\tsection_id, user_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,\n\t\t\t\tMAKE_SET(IFNULL((permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\n\t\t\tFROM\n\t\t\t\tt_sections\n\t\t\t\t\tINNER JOIN\n\t\t\t\tsite_editors ON\n\t\t\t\t\tsite_id = site_editors.FK_site\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tuser ON\n\t\t\t\t\tsite_editors.FK_editor = user_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tugroup ON\n\t\t\t\t\tsite_editors.FK_editor = ugroup_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tpermission ON\n\t\t\t\t\tsection_id = FK_scope_id\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_scope_type = 'section'\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_editor_type = site_editors_type\n\t\t";
$r = db_query($query);
// for every permisson entry, add it to the permissions array
while ($row = db_fetch_assoc($r)) {
// decode 'final_permissions';
// 'final_permissions' is a field returned by the query and contains a string of the form "'a','vi','e'" etc.
$a = array();
if (strpos($row[permissions], 'a') !== false) {
$a[permissions::ADD()] = 1;
}
// look for 'a' in 'final_permissions'
if (strpos($row[permissions], 'e') !== false) {
$a[permissions::EDIT()] = 1;
}
// !== is very important here, because a position 0 is interpreted by != as FALSE
if (strpos($row[permissions], 'd') !== false && strpos($row[permissions], 'd') !== strpos($row[permissions], 'di')) {
$a[permissions::DELETE()] = 1;
}
if (strpos($row[permissions], 'v') !== false) {
$a[permissions::VIEW()] = 1;
}
if (strpos($row[permissions], 'di') !== false) {
$a[permissions::DISCUSS()] = 1;
}
// if the editor is a user then the editor's name is just the user name
// if the editor is 'institute' or 'everyone' then set the editor's name correspondingly
if ($row[editor_type] == 'user') {
$t_editor = $row[editor];
} else {
if ($row[editor_type] == 'ugroup') {
$t_editor = $row[editor2];
} else {
$t_editor = $row[editor_type];
}
}
// echo "<br /><br />Editor: $t_editor; Add: $a[a]; Edit: $a[e]; Delete: $a[d]; View: $a[v]; Discuss: $a[di]; on Section ".$row[section_id];
foreach ($a as $key => $value) {
$this->sections[$row[section_id]]->permissions[$t_editor][$key] = 1;
}
if ($a[permissions::VIEW()] && !$this->canview[$t_editor]) {
$this->canview[$t_editor] = 1;
}
}
// now, inherit the permissions to the children
foreach (array_keys($this->sections) as $key1 => $section_id) {
foreach (array_keys($this->sections[$section_id]->pages) as $key2 => $page_id) {
$this->sections[$section_id]->pages[$page_id]->editors = $this->sections[$section_id]->editors;
$this->sections[$section_id]->pages[$page_id]->permissions = $this->sections[$section_id]->permissions;
}
$this->sections[$section_id]->builtPermissions = 1;
}
$query = "\n\t\t\tSELECT\n\t\t\t\tsection_id, page_id, user_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,\n\t\t\t\tMAKE_SET(IFNULL((permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\n\t\t\tFROM\n\t\t\t\tt_pages\n\t\t\t\t\tINNER JOIN\n\t\t\t\tsite_editors ON\n\t\t\t\t\tsite_id = site_editors.FK_site\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tuser ON\n\t\t\t\t\tsite_editors.FK_editor = user_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tugroup ON\n\t\t\t\t\tsite_editors.FK_editor = ugroup_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tpermission ON\n\t\t\t\t\tpage_id = FK_scope_id\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_scope_type = 'page'\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_editor_type = site_editors_type\n\t\t";
$r = db_query($query);
// for every permisson entry, add it to the permissions array
while ($row = db_fetch_assoc($r)) {
// decode 'final_permissions';
// 'final_permissions' is a field returned by the query and contains a string of the form "'a','vi','e'" etc.
$a = array();
if (strpos($row[permissions], 'a') !== false) {
$a[permissions::ADD()] = 1;
}
// look for 'a' in 'final_permissions'
if (strpos($row[permissions], 'e') !== false) {
$a[permissions::EDIT()] = 1;
}
// !== is very important here, because a position 0 is interpreted by != as FALSE
if (strpos($row[permissions], 'd') !== false && strpos($row[permissions], 'd') !== strpos($row[permissions], 'di')) {
$a[permissions::DELETE()] = 1;
}
if (strpos($row[permissions], 'v') !== false) {
$a[permissions::VIEW()] = 1;
}
if (strpos($row[permissions], 'di') !== false) {
$a[permissions::DISCUSS()] = 1;
}
// if the editor is a user then the editor's name is just the user name
// if the editor is 'institute' or 'everyone' then set the editor's name correspondingly
if ($row[editor_type] == 'user') {
$t_editor = $row[editor];
} else {
if ($row[editor_type] == 'ugroup') {
$t_editor = $row[editor2];
} else {
$t_editor = $row[editor_type];
}
}
// echo "<br /><br />Editor: $t_editor; Add: $a[a]; Edit: $a[e]; Delete: $a[d]; View: $a[v]; Discuss: $a[di];";
foreach ($a as $key => $value) {
$this->sections[$row[section_id]]->pages[$row[page_id]]->permissions[$t_editor][$key] = 1;
}
if ($a[permissions::VIEW()] && !$this->canview[$t_editor]) {
$this->canview[$t_editor] = 1;
}
}
// now, inherit the permissions to the children
foreach (array_keys($this->sections) as $key1 => $section_id) {
foreach (array_keys($this->sections[$section_id]->pages) as $key2 => $page_id) {
foreach (array_keys($this->sections[$section_id]->pages[$page_id]->stories) as $key3 => $story_id) {
$this->sections[$section_id]->pages[$page_id]->stories[$story_id]->editors = $this->sections[$section_id]->pages[$page_id]->editors;
$this->sections[$section_id]->pages[$page_id]->stories[$story_id]->permissions = $this->sections[$section_id]->pages[$page_id]->permissions;
$this->sections[$section_id]->pages[$page_id]->stories[$story_id]->builtPermissions = 1;
}
$this->sections[$section_id]->pages[$page_id]->builtPermissions = 1;
}
}
$query = "\n\t\t\tSELECT\n\t\t\t\tsection_id, page_id, story_id, user_uname as editor, ugroup_name as editor2, site_editors_type as editor_type, permission_id,\n\t\t\t\tMAKE_SET(IFNULL((permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions\n\t\t\tFROM\n\t\t\t\tt_stories\n\t\t\t\t\tINNER JOIN\n\t\t\t\tsite_editors ON\n\t\t\t\t\tsite_id = site_editors.FK_site\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tuser ON\n\t\t\t\t\tsite_editors.FK_editor = user_id\n\t\t\t\t\tLEFT JOIN\n\t\t\t\tugroup ON\n\t\t\t\t\tsite_editors.FK_editor = ugroup_id\n\t\t\t\t\tINNER JOIN\n\t\t\t\tpermission ON\n\t\t\t\t\tstory_id = FK_scope_id\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_scope_type = 'story'\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission.FK_editor <=> site_editors.FK_editor\n\t\t\t\t\t\tAND\n\t\t\t\t\tpermission_editor_type = site_editors_type\n\t\t";
$r = db_query($query);
// for every permisson entry, add it to the permissions array
while ($row = db_fetch_assoc($r)) {
// decode 'final_permissions';
// 'final_permissions' is a field returned by the query and contains a string of the form "'a','vi','e'" etc.
$a = array();
// printpre($row);
// if the editor is a user then the editor's name is just the user name
// if the editor is 'institute' or 'everyone' then set the editor's name correspondingly
if ($row[editor_type] == 'user') {
$t_editor = $row[editor];
} else {
if ($row[editor_type] == 'ugroup') {
$t_editor = $row[editor2];
} else {
$t_editor = $row[editor_type];
}
}
// Everyone and institute can't have add, edit, or delete permissions.
// Somehow, these were added sometimes. If this is the case, prevent
// these from being set and reset those for the site.
if ($t_editor == 'everyone' || $t_editor == 'institute') {
// If we have a bad permission, do cleanup.
if (strpos($row[permissions], 'a') !== false || strpos($row[permissions], 'e') !== false || strpos($row[permissions], 'd') !== false && strpos($row[permissions], 'd') !== strpos($row[permissions], 'di')) {
printError("Invalid add, edit, or delete permissions for {$t_editor}: permissionId - " . $row[permission_id] . "; permission - " . $row[permissions] . "\n<br />Cleaning up Database.");
// Clean up the permissions
$this->owningSiteObj->setUserPermissionDown('add', $t_editor, 0);
$this->owningSiteObj->setUserPermissionDown('edit', $t_editor, 0);
$this->owningSiteObj->setUserPermissionDown('delete', $t_editor, 0);
$this->owningSiteObj->updatePermissionsDB(TRUE);
if (is_numeric($row[permission_id])) {
if ($row[permissions] != 'd') {
$cleanupQuery = "UPDATE permission SET permission_value='di' WHERE permission_id='" . addslashes($row[permission_id]) . "'";
} else {
$cleanupQuery = "DELETE FROM permission WHERE permission_id='" . addslashes($row[permission_id]) . "'";
}
$cleanupResult = db_query($cleanupQuery);
}
}
} else {
if (strpos($row[permissions], 'a') !== false) {
$a[permissions::ADD()] = 1;
}
// look for 'a' in 'final_permissions'
if (strpos($row[permissions], 'e') !== false) {
$a[permissions::EDIT()] = 1;
}
// !== is very important here, because a position 0 is interpreted by != as FALSE
if (strpos($row[permissions], 'd') !== false && strpos($row[permissions], 'd') !== strpos($row[permissions], 'di')) {
$a[permissions::DELETE()] = 1;
}
}
if (strpos($row[permissions], 'v') !== false) {
$a[permissions::VIEW()] = 1;
}
if (strpos($row[permissions], 'di') !== false) {
$a[permissions::DISCUSS()] = 1;
}
// print_r($a); //debug
// echo "<br /><br />Editor: $t_editor; Add: $a[a]; Edit: $a[e]; Delete: $a[d]; View: $a[v]; Discuss: $a[di]; On story id ".$row[story_id];
foreach ($a as $key => $value) {
$this->sections[$row[section_id]]->pages[$row[page_id]]->stories[$row[story_id]]->permissions[$t_editor][$key] = 1;
}
if ($a[permissions::VIEW()] && !$this->canview[$t_editor]) {
$this->canview[$t_editor] = 1;
}
}
return $this->id;
}
