/** * Gets an issue list based on the given parameters. * * @param array $p_parameters * An array of ComparisonOperation objects * @param string $p_order * An array of columns and directions to order by * @param integer $p_count * The count of answers. * * @return array $debateAnswerAttachmentsList * An array of Attachment objects */ public static function GetList(array $p_parameters, $p_order = null, $p_start = 0, $p_limit = 0, &$p_count) { global $g_ado_db; if (!is_array($p_parameters)) { return null; } // adodb::selectLimit() interpretes -1 as unlimited if ($p_limit == 0) { $p_limit = -1; } // sets the where conditions foreach ($p_parameters as $param) { $comparisonOperation = self::ProcessListParameters($param); if (empty($comparisonOperation)) { continue; } if (strpos($comparisonOperation['left'], 'debate_nr') !== false) { $debate_nr = $comparisonOperation['right']; } if (strpos($comparisonOperation['left'], 'debateanswer_nr') !== false) { $debateanswer_nr = $comparisonOperation['right']; } } $sqlClauseObj = new SQLSelectClause(); // sets the columns to be fetched $tmpDebateAnswerAttachment = new DebateAnswerAttachment($language_id, $debate_nr); $columnNames = $tmpDebateAnswerAttachment->getColumnNames(true); foreach ($columnNames as $columnName) { $sqlClauseObj->addColumn($columnName); } // sets the main table for the query $mainTblName = $tmpDebateAnswerAttachment->getDbTableName(); $sqlClauseObj->setTable($mainTblName); unset($tmpDebateAnswerAttachment); if (empty($debateanswer_nr) || empty($debate_nr)) { return; } $sqlClauseObj->addWhere("fk_debate_nr = " . $g_ado_db->escape($debate_nr)); $sqlClauseObj->addWhere("fk_debateanswer_nr = " . $g_ado_db->escape($debateanswer_nr)); if (!is_array($p_order)) { $p_order = array(); } // sets the ORDER BY condition $p_order = count($p_order) > 0 ? $p_order : self::$s_defaultOrder; $order = self::ProcessListOrder($p_order); foreach ($order as $orderColumn => $orderDirection) { $sqlClauseObj->addOrderBy($orderColumn . ' ' . $orderDirection); } $sqlQuery = $sqlClauseObj->buildQuery(); // count all available results $countRes = $g_ado_db->Execute($sqlQuery); $p_count = $countRes->recordCount(); //get the wanted rows $debateAnswerAttachments = $g_ado_db->Execute($sqlQuery); // builds the array of debate objects $debateAnswerAttachmentsList = array(); while ($debateAnswerAttachment = $debateAnswerAttachments->FetchRow()) { $debateAnswerAttachment = new Attachment($debateAnswerAttachment['fk_attachment_id']); if ($debateAnswerAttachment->exists()) { $debateAnswerAttachmentsList[] = $debateAnswerAttachment; } } return $debateAnswerAttachmentsList; }
} // Remove any GET parameters if (($questionMark = strpos($attachment, '?')) !== false) { $attachment = substr($attachment, 0, $questionMark); } // Remove all attempts to get at other parts of the file system $attachment = str_replace('/../', '/', $attachment); $filename = urldecode(basename($attachment)); $extension = ''; if (($extensionStart = strrpos($attachment, '.')) !== false) { $extension = strtolower(substr($attachment, $extensionStart + 1)); $attachment = substr($attachment, 0, $extensionStart); } $attachmentId = (int) ltrim($attachment, " 0\t\n\r"); $attachmentObj = new Attachment($attachmentId); if (!$attachmentObj->exists()) { header('HTTP/1.0 404 Not Found'); echo 'Error 404: File not found'; exit; } header('Content-Type: ' . $attachmentObj->getMimeType()); if ($g_download == 1) { header('Content-Disposition: ' . $attachmentObj->getContentDisposition() . '; filename="' . $attachmentObj->getFileName()) . '"'; } else { if ($g_show_in_browser == 1) { header('Content-Disposition: inline; filename="' . $attachmentObj->getFileName()) . '"'; } else { if (!$attachmentObj->getContentDisposition() && strstr($attachmentObj->getMimeType(), 'image/') && (strstr($_SERVER['HTTP_ACCEPT'], $attachmentObj->getMimeType()) || strstr($_SERVER['HTTP_ACCEPT'], '*/*'))) { header('Content-Disposition: inline; filename="' . $attachmentObj->getFileName()) . '"'; } else { header('Content-Disposition: ' . $attachmentObj->getContentDisposition() . '; filename="' . $attachmentObj->getFileName()) . '"';
/** * Returns an article attachments list based on the given parameters. * * @param array $p_parameters * An array of ComparisonOperation objects * @param string $p_order * An array of columns and directions to order by * @param integer $p_start * The record number to start the list * @param integer $p_limit * The offset. How many records from $p_start will be retrieved. * @param integer $p_count * The total count of the elements; this count is computed without * applying the start ($p_start) and limit parameters ($p_limit) * * @return array $articleAttachmentsList * An array of Attachment objects */ public static function GetList(array $p_parameters, $p_order = null, $p_start = 0, $p_limit = 0, &$p_count, $p_skipCache = false) { global $g_ado_db; if (!$p_skipCache && CampCache::IsEnabled()) { $paramsArray['parameters'] = serialize($p_parameters); $paramsArray['order'] = is_null($p_order) ? 'null' : $p_order; $paramsArray['start'] = $p_start; $paramsArray['limit'] = $p_limit; $cacheListObj = new CampCacheList($paramsArray, __METHOD__); $articleAttachmentsList = $cacheListObj->fetchFromCache(); if ($articleAttachmentsList !== false && is_array($articleAttachmentsList)) { return $articleAttachmentsList; } } $hasArticleNr = false; $selectClauseObj = new SQLSelectClause(); $countClauseObj = new SQLSelectClause(); // sets the where conditions foreach ($p_parameters as $param) { $comparisonOperation = self::ProcessParameters($param); if (sizeof($comparisonOperation) < 1) { break; } if (strpos($comparisonOperation['left'], 'fk_article_number')) { $whereCondition = $g_ado_db->escapeOperation($comparisonOperation); $hasArticleNr = true; } elseif (strpos($comparisonOperation['left'], 'fk_language_id')) { $whereCondition = '(' . $comparisonOperation['left'] . ' IS NULL OR ' . $comparisonOperation['left'] . " = " . $g_ado_db->escape($comparisonOperation['right']) . ")"; } else { $whereCondition = $g_ado_db->escapeOperation($comparisonOperation); } $selectClauseObj->addWhere($whereCondition); $countClauseObj->addWhere($whereCondition); } // validates whether article number was given if ($hasArticleNr === false) { CampTemplate::singleton()->trigger_error('missed parameter Article ' . 'Number in statement list_article_attachments'); return; } // sets the columns to be fetched $tmpAttachment = new Attachment(); $columnNames = $tmpAttachment->getColumnNames(true); foreach ($columnNames as $columnName) { $selectClauseObj->addColumn($columnName); } $countClauseObj->addColumn('COUNT(*)'); // sets the main table for the query $selectClauseObj->setTable($tmpAttachment->getDbTableName()); $countClauseObj->setTable($tmpAttachment->getDbTableName()); unset($tmpAttachment); // adds the ArticleAttachments join and condition to the query $selectClauseObj->addTableFrom('ArticleAttachments'); $selectClauseObj->addWhere('ArticleAttachments.fk_attachment_id = Attachments.id'); $countClauseObj->addTableFrom('ArticleAttachments'); $countClauseObj->addWhere('ArticleAttachments.fk_attachment_id = Attachments.id'); if (!is_array($p_order)) { $p_order = array(); } // sets the order condition if any foreach ($p_order as $orderColumn => $orderDirection) { $selectClauseObj->addOrderBy($orderColumn . ' ' . $orderDirection); } // sets the limit $selectClauseObj->setLimit($p_start, $p_limit); // builds the query and executes it $selectQuery = $selectClauseObj->buildQuery(); $attachments = $g_ado_db->GetAll($selectQuery); if (is_array($attachments)) { $countQuery = $countClauseObj->buildQuery(); $p_count = $g_ado_db->GetOne($countQuery); // builds the array of attachment objects $articleAttachmentsList = array(); foreach ($attachments as $attachment) { $attchObj = new Attachment($attachment['id']); if ($attchObj->exists()) { $articleAttachmentsList[] = $attchObj; } } } else { $articleAttachmentsList = array(); $p_count = 0; } if (!$p_skipCache && CampCache::IsEnabled()) { $cacheListObj->storeInCache($articleAttachmentsList); } return $articleAttachmentsList; }