protected function addConditionsForPrivateContent($CNF, $oProfileAuthor)
{
// add conditions for private content
$oPrivacy = BxDolPrivacy::getObjectInstance($CNF['OBJECT_PRIVACY_VIEW']);
$a = $oPrivacy ? $oPrivacy->getContentPublicAsCondition($oProfileAuthor ? $oProfileAuthor->id() : 0) : array();
if (isset($a['restriction'])) {
$this->aCurrent['restriction'] = array_merge($this->aCurrent['restriction'], $a['restriction']);
}
if (isset($a['join'])) {
$this->aCurrent['join'] = array_merge($this->aCurrent['join'], $a['join']);
}
$this->setProcessPrivateContent(false);
}
protected function _getSqlPartsEventsList($aParams)
{
$sJoinClause = $sWhereClause = "";
if (isset($aParams['active'])) {
$sWhereClause .= $this->prepare("AND `{$this->_sTable}`.`active`=? ", (int) $aParams['active']);
}
//--- Apply modules or handlers filter
$sWhereModuleFilter = '';
if (!empty($aParams['modules']) && is_array($aParams['modules'])) {
$sWhereModuleFilter = "AND `" . $this->_sTable . "`.`type` IN (" . $this->implode_escape($aParams['modules']) . ") ";
}
if ($sWhereModuleFilter == '') {
$aHidden = $this->_oConfig->getHandlersHidden();
$sWhereModuleFilter = !empty($aHidden) && is_array($aHidden) ? "AND `" . $this->_sTableHandlers . "`.`id` NOT IN (" . $this->implode_escape($aHidden) . ") " : "";
}
if ($sWhereModuleFilter != '') {
$sWhereClause .= $sWhereModuleFilter;
}
//--- Check flag 'New'
if (!empty($aParams['new']) && !empty($aParams['owner_id'])) {
$sSql = $this->prepare("SELECT `event_id` FROM `" . $this->_sTableEvt2Usr . "` WHERE `user_id`=? LIMIT 1", (int) $aParams['owner_id']);
$iId = (int) $this->getOne($sSql);
$sWhereClause .= $this->prepare("AND `{$this->_sTable}`.`id`>? ", $iId);
}
//--- Apply privacy filter
$oPrivacy = BxDolPrivacy::getObjectInstance($this->_oConfig->getObject('privacy_view'));
$aQueryParts = $oPrivacy->getContentByGroupAsSQLPart(BX_DOL_PG_ALL);
$sWhereClause .= $aQueryParts['where'] . " ";
//--- Check type
if (!empty($aParams['owner_id'])) {
switch ($aParams['type']) {
case BX_BASE_MOD_NTFS_TYPE_OWNER:
$sWhereClause .= $this->prepare("AND `{$this->_sTable}`.`owner_id`=? ", $aParams['owner_id']);
break;
case BX_BASE_MOD_NTFS_TYPE_OBJECT_OWNER:
$sWhereClause .= $this->prepare("AND `{$this->_sTable}`.`owner_id`<>`{$this->_sTable}`.`object_owner_id` AND `{$this->_sTable}`.`object_owner_id`=? ", $aParams['owner_id']);
break;
case BX_BASE_MOD_NTFS_TYPE_CONNECTIONS:
$oConnection = BxDolConnection::getObjectInstance($this->_oConfig->getObject('conn_subscriptions'));
$aQueryParts = $oConnection->getConnectedContentAsSQLParts($this->_sPrefix . "events", 'owner_id', $aParams['owner_id']);
$sJoinClause .= ' ' . $aQueryParts['join'];
break;
}
}
return array($sJoinClause, $sWhereClause);
}
/**
* Get Select element with available groups.
*
* @param string $sObject privacy object name.
* @param integer $iOwnerId object's owner ID.
* @param array $aParams an array of custom selector's params (dynamic_groups - an array of arrays('key' => group_id, 'value' => group_title), title - the title to be used for generated field).
* @return an array with Select element description.
*/
public static function getGroupChooser($sObject, $iOwnerId = 0, $aParams = array())
{
$oPrivacy = BxDolPrivacy::getObjectInstance($sObject);
if (empty($oPrivacy)) {
return array();
}
$sModule = $oPrivacy->_aObject['module'];
$sAction = $oPrivacy->_aObject['action'];
if ($iOwnerId == 0) {
$iOwnerId = bx_get_logged_profile_id();
}
$sValue = $oPrivacy->_oDb->getDefaultGroupByUser($sModule, $sAction, $iOwnerId);
if (empty($sValue)) {
$sValue = $oPrivacy->_oDb->getDefaultGroup($sModule, $sAction);
}
$aValues = array();
$aGroups = $oPrivacy->_oDb->getGroupsBy(array('type' => 'active'));
foreach ($aGroups as $aGroup) {
if ((int) $aGroup['active'] == 0) {
continue;
}
$aValues[] = array('key' => $aGroup['id'], 'value' => _t($aGroup['title']));
}
if (isset($aParams['dynamic_groups']) && is_array($aParams['dynamic_groups'])) {
$aValues = array_merge($aValues, $aParams['dynamic_groups']);
}
$sName = self::getFieldName($sAction);
$sTitle = isset($aParams['title']) && !empty($aParams['title']) ? $aParams['title'] : '';
if (empty($sTitle)) {
$sTitle = $oPrivacy->_oDb->getTitle($sModule, $sAction);
$sTitle = _t(!empty($sTitle) ? $sTitle : '_' . $sName);
}
return array('type' => 'select', 'name' => $sName, 'caption' => $sTitle, 'value' => $sValue, 'values' => $aValues, 'checker' => array('func' => 'avail', 'error' => _t('_ps_ferr_incorrect_select')), 'db' => array('pass' => 'Int'));
}
function __construct($sMode = '', $aParams = array())
{
parent::__construct($sMode, $aParams);
$this->aCurrent = array('name' => 'bx_posts', 'object_metatags' => 'bx_posts', 'title' => _t('_bx_posts_page_title_browse'), 'table' => 'bx_posts_posts', 'ownFields' => array('id', 'title', 'text', 'thumb', 'author', 'added'), 'searchFields' => array('title', 'text'), 'restriction' => array('author' => array('value' => '', 'field' => 'author', 'operator' => '='), 'status' => array('value' => 'active', 'field' => 'status', 'operator' => '=')), 'paginate' => array('perPage' => getParam('bx_posts_per_page_browse'), 'start' => 0), 'sorting' => 'last', 'rss' => array('title' => '', 'link' => '', 'image' => '', 'profile' => 0, 'fields' => array('Guid' => 'link', 'Link' => 'link', 'Title' => 'title', 'DateTimeUTS' => 'added', 'Desc' => 'text')), 'ident' => 'id');
$this->sFilterName = 'bx_posts_filter';
$this->oModule = $this->getMain();
$oProfileAuthor = null;
$CNF =& $this->oModule->_oConfig->CNF;
switch ($sMode) {
case 'author':
bx_import('BxDolProfile');
$oProfileAuthor = BxDolProfile::getInstance((int) $aParams['author']);
if (!$oProfileAuthor) {
$this->isError = true;
break;
}
$this->aCurrent['restriction']['author']['value'] = $oProfileAuthor->id();
$this->sBrowseUrl = 'page.php?i=' . $CNF['URI_AUTHOR_ENTRIES'] . '&profile_id={profile_id}';
$this->aCurrent['title'] = _t('_bx_posts_page_title_browse_by_author');
$this->aCurrent['rss']['link'] = 'modules/?r=posts/rss/' . $sMode . '/' . $oProfileAuthor->id();
break;
case 'public':
bx_import('BxDolPermalinks');
$this->sBrowseUrl = BxDolPermalinks::getInstance()->permalink($CNF['URL_HOME']);
$this->aCurrent['title'] = _t('_bx_posts_page_title_browse_recent');
$this->aCurrent['rss']['link'] = 'modules/?r=posts/rss/' . $sMode;
break;
case 'popular':
bx_import('BxDolPermalinks');
$this->sBrowseUrl = BxDolPermalinks::getInstance()->permalink($CNF['URL_POPULAR']);
$this->aCurrent['title'] = _t('_bx_posts_page_title_browse_popular');
$this->aCurrent['rss']['link'] = 'modules/?r=posts/rss/' . $sMode;
$this->aCurrent['sorting'] = 'popular';
break;
case '':
// search results
$this->sBrowseUrl = BX_DOL_SEARCH_KEYWORD_PAGE;
$this->aCurrent['title'] = _t('_bx_posts');
$this->aCurrent['paginate']['perPage'] = 3;
unset($this->aCurrent['rss']);
break;
default:
$sMode = '';
$this->isError = true;
}
// add replaceable markers and replace them
if ($oProfileAuthor) {
$this->addMarkers($oProfileAuthor->getInfo());
// profile info is replacable
$this->addMarkers(array('profile_id' => $oProfileAuthor->id()));
// profile id is replacable
$this->addMarkers(array('display_name' => $oProfileAuthor->getDisplayName()));
// profile display name is replacable
}
$this->sBrowseUrl = $this->_replaceMarkers($this->sBrowseUrl);
$this->aCurrent['title'] = $this->_replaceMarkers($this->aCurrent['title']);
// add conditions for private content
bx_import('BxDolPrivacy');
$oPrivacy = BxDolPrivacy::getObjectInstance($CNF['OBJECT_PRIVACY_VIEW']);
$a = $oPrivacy ? $oPrivacy->getContentPublicAsCondition($oProfileAuthor ? $oProfileAuthor->id() : 0) : array();
if (isset($a['restriction'])) {
$this->aCurrent['restriction'] = array_merge($this->aCurrent['restriction'], $a['restriction']);
}
if (isset($a['join'])) {
$this->aCurrent['join'] = array_merge($this->aCurrent['join'], $a['join']);
}
$this->setProcessPrivateContent(false);
}
/**
* @return CHECK_ACTION_RESULT_ALLOWED if access is granted or error message if access is forbidden. So make sure to make strict(===) checking.
*/
public function checkAllowedView($aDataEntry, $isPerformAction = false)
{
$CNF =& $this->_oConfig->CNF;
// moderator and owner always have access
if ($aDataEntry[$CNF['FIELD_AUTHOR']] == $this->_iProfileId || $this->_isModerator($isPerformAction)) {
return CHECK_ACTION_RESULT_ALLOWED;
}
// check ACL
$aCheck = checkActionModule($this->_iProfileId, 'view entry', $this->getName(), $isPerformAction);
if ($aCheck[CHECK_ACTION_RESULT] !== CHECK_ACTION_RESULT_ALLOWED) {
return $aCheck[CHECK_ACTION_MESSAGE];
}
// check privacy
if (!empty($CNF['OBJECT_PRIVACY_VIEW'])) {
bx_import('BxDolPrivacy');
$oPrivacy = BxDolPrivacy::getObjectInstance($CNF['OBJECT_PRIVACY_VIEW']);
if ($oPrivacy && !$oPrivacy->check($aDataEntry[$CNF['FIELD_ID']])) {
return _t('_sys_access_denied_to_private_content');
}
}
return CHECK_ACTION_RESULT_ALLOWED;
}
/**
* Get database field name for action.
*
* @param string $sObject privacy object name.
* @param string $sAction action name.
* @return string with field name.
*/
public static function getFieldName($sObject, $sAction = '')
{
$oPrivacy = BxDolPrivacy::getObjectInstance($sObject);
if (empty($oPrivacy)) {
return '';
}
if (empty($sAction)) {
$sAction = $oPrivacy->_aObject['action'];
}
return $oPrivacy->convertActionToField($sAction);
}
protected function _getSqlPartsEventsList($aParams)
{
$sJoinClause = "";
$sWhereClause = "AND `{$this->_sTable}`.`hidden`='0' ";
if (isset($aParams['active'])) {
$sWhereClause .= $this->prepare("AND `{$this->_sTable}`.`active`=? ", (int) $aParams['active']);
}
//--- Apply filter
if (isset($aParams['filter'])) {
$sWhereClause .= $this->_getFilterAddon($aParams['owner_id'], $aParams['filter']);
}
//--- Apply timeline
if (isset($aParams['timeline']) && !empty($aParams['timeline'])) {
$iYear = (int) $aParams['timeline'];
$sWhereClause .= $this->prepare("AND `date`<=? ", mktime(23, 59, 59, 12, 31, $iYear));
}
//--- Apply modules or handlers filter
$sWhereModuleFilter = '';
if (!empty($aParams['modules']) && is_array($aParams['modules'])) {
$sWhereModuleFilter = "AND `" . $this->_sTable . "`.`type` IN (" . $this->implode_escape($aParams['modules']) . ") ";
}
if ($sWhereModuleFilter == '') {
$aHidden = $this->_oConfig->getHandlersHidden();
$sWhereModuleFilter = !empty($aHidden) && is_array($aHidden) ? "AND `" . $this->_sTableHandlers . "`.`id` NOT IN (" . $this->implode_escape($aHidden) . ") " : "";
}
if ($sWhereModuleFilter != '') {
$sWhereClause .= $sWhereModuleFilter;
}
//--- Apply privacy filter
$oPrivacy = BxDolPrivacy::getObjectInstance($this->_oConfig->getObject('privacy_view'));
$aQueryParts = $oPrivacy->getContentByGroupAsSQLPart(BX_DOL_PG_ALL);
$sWhereClause .= $aQueryParts['where'] . " ";
//--- Check type
switch ($aParams['type']) {
case BX_BASE_MOD_NTFS_TYPE_OWNER:
if (empty($aParams['owner_id'])) {
break;
}
$sWhereClause .= $this->prepare("AND `{$this->_sTable}`.`owner_id`=? ", $aParams['owner_id']);
break;
case BX_BASE_MOD_NTFS_TYPE_CONNECTIONS:
if (empty($aParams['owner_id'])) {
break;
}
$oConnection = BxDolConnection::getObjectInstance($this->_oConfig->getObject('conn_subscriptions'));
$aQueryParts = $oConnection->getConnectedContentAsSQLParts($this->_sPrefix . "events", 'owner_id', $aParams['owner_id']);
$sJoinClause .= ' ' . $aQueryParts['join'];
$iUserId = bx_get_logged_profile_id();
$sCommonPostPrefix = $this->_oConfig->getPrefix('common_post');
$sWhereClause .= "AND IF(SUBSTRING(`{$this->_sTable}`.`type`, 1, " . strlen($sCommonPostPrefix) . ") = '" . $sCommonPostPrefix . "', `{$this->_sTable}`.`object_id` <> " . $iUserId . ", 1) ";
break;
case BX_BASE_MOD_NTFS_TYPE_PUBLIC:
$sCommonPostPrefix = $this->_oConfig->getPrefix('common_post');
$sWhereClause .= "AND SUBSTRING(`{$this->_sTable}`.`type`, 1, " . strlen($sCommonPostPrefix) . ") <> '" . $sCommonPostPrefix . "' ";
break;
}
return array($sJoinClause, $sWhereClause);
}
function getComment($mixedCmt, $aBp = array(), $aDp = array())
{
$iCmtId = is_array($mixedCmt) ? (int) $mixedCmt['cmt_id'] : (int) $mixedCmt;
$oPrivacy = BxDolPrivacy::getObjectInstance('comments_view');
if (!$oPrivacy->check($iCmtId)) {
return '';
}
return parent::getComment($mixedCmt, $aBp, $aDp);
}
