Page MenuHomeIn-Portal Phabricator
Files F1168604

in-portal
No OneTemporary
Actions

File Metadata

Created
Thu, Sep 25, 1:18 AM

in-portal
View Options

Index: trunk/kernel/units/general/helpers/permissions_helper.php
===================================================================
--- trunk/kernel/units/general/helpers/permissions_helper.php (revision 4839)
+++ trunk/kernel/units/general/helpers/permissions_helper.php (revision 4840)
@@ -1,217 +1,367 @@
<?php
class kPermissionsHelper extends kHelper {
/**
* Current set of permissions for group being edited
*
* @var Array
*/
var $Permissions = Array();
function LoadPermissions($prefix)
{
$object =& $this->Application->recallObject($prefix.'-perm', null, Array('skip_autoload' => true));
$foreign_key = $this->Application->getUnitOption($prefix.'-perm', 'ForeignKey');
$foreign_value = $this->Application->GetVar($prefix.'_id');
$sql = 'SELECT *
FROM '.$object->TableName.'
WHERE '.$foreign_key.' = '.$foreign_value;
$permissions = $this->Conn->Query($sql, 'Permission');
$this->Permissions = Array();
foreach ($permissions as $perm_name => $perm_options) {
$perm_record['value'] = $perm_options['PermissionValue'];
$perm_record['id'] = $perm_options['PermissionId'];
$this->Permissions[$perm_name] = $perm_record;
}
}
function getPermissionValue($perm_name)
{
return getArrayValue($this->Permissions, $perm_name) ? $this->Permissions[$perm_name]['value'] : 0;
}
function getPermissionID($perm_name)
{
return getArrayValue($this->Permissions, $perm_name) ? $this->Permissions[$perm_name]['id'] : 0;
}
/**
* This is old permission like ADMIN or LOGIN
*
* @param string $section_name
* @param string $perm_name
* @return bool
*/
function isOldPermission($section_name, $perm_name)
{
return $section_name == 'in-portal:root' && $perm_name != 'view';
}
/**
* Returns permission names to check based on event name and item prefix (main item or subitem)
*
* @param kEvent $event
* @return Array
*/
function getPermissionByEvent(&$event, $perm_mapping)
{
$top_prefix = $event->getEventParam('top_prefix');
$pefix_type = ($top_prefix == $event->Prefix) ? 'self' : 'subitem';
$perm_mapping = getArrayValue($perm_mapping, $event->Name);
if (!$perm_mapping[$pefix_type]) {
trigger_error('Permission mappings not defined for event <b>'.$top_prefix.' <- '.$event->Prefix.':'.$event->Name.'</b>', E_USER_ERROR);
}
if ($perm_mapping[$pefix_type] === true) {
// event is defined in mapping but is not checked by permissions
return true;
}
return explode('|', $perm_mapping[$pefix_type]);
}
/**
- * Checks permissions of user
+ * Common event permission checking method
*
* @param kEvent $event
*/
- function CheckPermission(&$event, $perm_mapping)
+ function CheckEventPermission(&$event, $perm_mapping)
{
$section = $event->getSection();
if (preg_match('/^CATEGORY:(.*)/', $section)) {
- return $this->CheckCategoryPermission($event, $perm_mapping);
+ return $this->CheckEventCategoryPermission($event, $perm_mapping);
}
$top_prefix = $event->getEventParam('top_prefix');
$check_perms = $this->getPermissionByEvent($event, $perm_mapping);
if ($check_perms === true) {
// event is defined in mapping but is not checked by permissions
return true;
}
$perm_status = false;
foreach ($check_perms as $perm_name) {
// check if at least one of required permissions is set
$perm_name = $section.'.'.$perm_name;
- $perm_status = $this->Application->CheckPermission($perm_name, 1);
+ $perm_status = $this->CheckPermission($perm_name, 1);
if (($perm_name == $section.'.add') && $perm_status && ($top_prefix == $event->Prefix)) {
// main item, add permission allowed, but ID is > 0, then deny permission
// how to get id here
}
if ($perm_status) {
return $perm_status;
}
}
if (!$perm_status) {
if ($this->Application->isDebugMode()) {
// for debugging purposes
$event->SetRedirectParam('section', $section);
$event->SetRedirectParam('main_prefix', $top_prefix);
$event->SetRedirectParam('event_name', $event->Name);
$event->SetRedirectParam('next_template', $this->Application->GetVar('t'));
}
$event->status = erPERM_FAIL;
}
return $perm_status;
}
/**
- * Check permissions
+ * Checks non-system permission on event per category basis
*
* @param kEvent $event
*/
- function CheckCategoryPermission(&$event, $event_perm_mapping)
+ function CheckEventCategoryPermission(&$event, $event_perm_mapping)
{
- // would be better to check this too, but we have no such ermission for now
- /*if ($event->Name == 'OnRateProduct') {
- return $this->Application->CheckPermission('PRODUCT.RATE', 0);
- }*/
-
// mapping between specific permissions and common permissions
$perm_mapping = Array('add' => 'ADD', 'edit' => 'MODIFY', 'delete' => 'DELETE', 'view' => 'VIEW');
$top_prefix = $event->getEventParam('top_prefix');
$event_handler =& $this->Application->recallObject($event->Prefix.'_EventHandler');
if ($event->Prefix != $top_prefix) {
$top_event = new kEvent($top_prefix.':'.$event->Name);
$id = $event_handler->getPassedID($top_event);
}
else {
$id = $event_handler->getPassedID($event);
}
$item_prefix = $this->Application->getUnitOption($top_prefix, 'PermItemPrefix');
// 1. get primary category of category item
$id_field = $this->Application->getUnitOption($top_prefix, 'IDField');
$table_name = $this->Application->getUnitOption($top_prefix, 'TableName');
$ci_table = $this->Application->getUnitOption($top_prefix.'-ci', 'TableName');
if (!$id) {
// item being created -> check by current (before editing started, saved in OnPreCreate event) category permissions
$category_id = $this->Application->RecallVar('m_cat_id');
}
else {
// item being edited -> check by it's primary category permissions
$sql = 'SELECT ci.CategoryId
FROM '.$table_name.' main_table
LEFT JOIN '.$ci_table.' ci ON ci.ItemResourceId = main_table.ResourceId
WHERE (main_table.'.$id_field.' = '.$id.') AND (ci.PrimaryCat = 1)';
$category_id = $this->Conn->GetOne($sql);
}
if ((substr($event->Name, 0, 9) == 'OnPreSave') || ($event->Name == 'OnSave')) {
if ($event_handler->isNewItemCreate($event)) {
- return $this->Application->CheckPermission($item_prefix.'.ADD', 0, $category_id);
+ return $this->CheckPermission($item_prefix.'.ADD', 0, $category_id);
}
else {
- return $this->Application->CheckPermission($item_prefix.'.ADD', 0, $category_id) || $this->Application->CheckPermission($item_prefix.'.MODIFY', 0, $category_id);
+ return $this->CheckPermission($item_prefix.'.ADD', 0, $category_id) || $this->CheckPermission($item_prefix.'.MODIFY', 0, $category_id);
}
}
$perm_status = false;
$check_perms = $this->getPermissionByEvent($event, $event_perm_mapping);
if ($check_perms === true) {
// event is defined in mapping but is not checked by permissions
return true;
}
foreach ($check_perms as $perm_name) {
// check if at least one of required permissions is set
if (!isset($perm_mapping[$perm_name])) {
// not mapped permission (e.g. advanced:approve) -> skip
continue;
}
$perm_name = $item_prefix.'.'.$perm_mapping[$perm_name];
- echo 'event_name: '.$event->Name.'; permission: '.$perm_name.'<br />';
- $perm_status = $this->Application->CheckPermission($perm_name, 0, $category_id);
+ $this->showDebug('Event <b>'.$event->Name.'</b> permission(-s): <b>'.$perm_name.'</b>');
+ $perm_status = $this->CheckPermission($perm_name, 0, $category_id);
if ($perm_status) {
return $perm_status;
}
}
if (!$perm_status) {
$event->SetRedirectParam('index_file', 'index.php'); // because called from browse.php
if ($this->Application->isDebugMode()) {
// for debugging purposes
$event->SetRedirectParam('section', $event->getSection());
$event->SetRedirectParam('main_prefix', $top_prefix);
$event->SetRedirectParam('event_name', $event->Name);
$event->SetRedirectParam('next_template', $this->Application->GetVar('t'));
}
$event->status = erPERM_FAIL;
}
return $perm_status;
}
+
+ function showDebug($text)
+ {
+ if (!$this->Application->isDebugMode()) return true;
+ echo $text.'<br />';
+ }
+
+ function TagPermissionCheck($params, $tag_name)
+ {
+ $perm_event = getArrayValue($params, 'perm_event');
+ $permission_groups = getArrayValue($params, 'permissions');
+
+ if ($permission_groups) {
+ $this->showDebug('Tag <b>'.$tag_name.'</b> permission(-s): '.$permission_groups);
+ $permission_groups = explode('|', $permission_groups);
+ $group_has_permission = false;
+ foreach ($permission_groups as $permission_group) {
+ $permissions = explode(',', $permission_group);
+ $has_permission = true;
+ foreach ($permissions as $permission) {
+ $has_permission = $has_permission && $this->CheckPermission($permission, isset($params['system']) && $params['system'] ? 1 : 0);
+ }
+ $group_has_permission = $group_has_permission || $has_permission;
+
+ if ($group_has_permission) {
+ return true;
+ }
+ }
+ return false;
+ }
+ elseif ($perm_event) {
+ list($prefix, $event) = explode(':', $perm_event);
+ $event_handler =& $this->Application->recallObject($prefix.'_EventHandler');
+ return $event_handler->CheckPermission( new kEvent($perm_event) );
+ }
+
+ return true;
+ }
+
+ /**
+ * Returns no permission template to redirect to
+ *
+ * @param Array $params
+ * @return Array
+ */
+ function getPermissionTemplate($params)
+ {
+ $t = $this->Application->GetVar('t');
+ if ($next_t = getArrayValue($params, 'next_template')) {
+ $t = $next_t;
+ }
+
+ if (!$this->Application->LoggedIn()) {
+ $redirect_template = $params['login_template'];
+ $redirect_params = Array('next_template' => $t);
+ }
+ else {
+ if (isset($params['no_permissions_template'])) {
+ $redirect_template = $params['no_permissions_template'];
+ }
+ else {
+ $redirect_template = $this->Application->IsAdmin() ? 'no_permission' : $this->Application->ConfigValue('NoPermissionTemplate');
+ }
+
+ $redirect_params = $this->Application->isDebugMode() ? Array('from_template' => 1, 'perms' => $params['permissions'], 'next_template' => $t) : Array();
+ }
+
+ return Array($redirect_template, $redirect_params);
+ }
+
+ /**
+ * Check current user permissions based on it's group permissions in specified category (for non-system permissions) or just checks if system permission is set
+ *
+ * @param string $name permission name
+ * @param int $cat_id category id, current used if not specified
+ * @param int $type permission type {1 - system, 0 - per category}
+ * @return int
+ */
+ function CheckPermission($name, $type = 1, $cat_id = null)
+ {
+ if ($this->Application->GetVar('u_id') == -1) {
+ // "root" is allowed anywhere
+ return $name == 'SYSTEM_ACCESS.READONLY' ? 0 : 1;
+ }
+
+ if ($type == 1) {
+ // "system" permission are always checked per "Home" category (ID = 0)
+ $cat_id = 0;
+ }
+
+ if (!isset($cat_id)) {
+ $cat_id = $this->Application->GetVar('m_cat_id');
+ }
+
+ $cache_key = $name.'|'.$type.'|'.$cat_id;
+ $perm_value = $this->Application->getCache('permissions', $cache_key);
+ if ($perm_value !== false) {
+ return $perm_value;
+ }
+
+ // perm cache is build only based on records in db, that's why if permission is not explicitly denied, then
+ // that (perm cache creator) code thinks that it is allowed & adds corresponding record and code below will
+ // return incorrect results
+
+ /*if (preg_match('/(.*)\.VIEW$/', $name) && ($type == 0)) {
+ // cached view permission of category: begin
+ $sql = 'SELECT perm_cache.PermId
+ FROM '.TABLE_PREFIX.'PermCache perm_cache
+ LEFT JOIN '.TABLE_PREFIX.'PermissionConfig perm_config ON perm_cache.PermId = perm_config.PermissionConfigId
+ WHERE (perm_config.PermissionName = '.$this->Conn->qstr($name).' AND perm_cache.CategoryId = '.$cat_id.')';
+
+ $view_filters = Array();
+ $groups = explode(',', $this->Application->RecallVar('UserGroups'));
+ foreach ($groups as $group) {
+ $view_filters[] = 'FIND_IN_SET('.$group.', perm_cache.ACL) || ((NOT FIND_IN_SET('.$group.', perm_cache.DACL)) AND perm_cache.ACL = \'\')';
+ }
+ $sql .= ' AND ('.implode(' OR ', $view_filters).')';
+ $perm_value = $this->Conn->GetOne($sql) ? 1 : 0;
+
+ $this->Application->setCache('permissions', $cache_key, $perm_value);
+ return $perm_value;
+ // cached view permission of category: end
+ }*/
+
+ if ($cat_id == 0) {
+ $cat_hierarchy = Array(0);
+ }
+ else {
+ $sql = 'SELECT ParentPath
+ FROM '.$this->Application->getUnitOption('c', 'TableName').'
+ WHERE CategoryId = '.$cat_id;
+ $cat_hierarchy = $this->Conn->GetOne($sql);
+ $cat_hierarchy = explode('|', $cat_hierarchy);
+ array_shift($cat_hierarchy);
+ array_pop($cat_hierarchy);
+ $cat_hierarchy = array_reverse($cat_hierarchy);
+ array_push($cat_hierarchy, 0);
+ }
+
+ $perm_value = 0;
+ $groups = $this->Application->RecallVar('UserGroups');
+ foreach ($cat_hierarchy as $category_id) {
+ $sql = 'SELECT PermissionValue
+ FROM '.TABLE_PREFIX.'Permissions
+ WHERE Permission = "'.$name.'" AND CatId = '.$category_id.' AND GroupId IN ('.$groups.') AND Type = '.$type;
+ $res = $this->Conn->GetOne($sql);
+ if ($res !== false) {
+ $perm_value = $res;
+ break;
+ }
+ }
+
+ $this->Application->setCache('permissions', $cache_key, $perm_value);
+ return $perm_value;
+ }
}
?>
\ No newline at end of file
Property changes on: trunk/kernel/units/general/helpers/permissions_helper.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.6
\ No newline at end of property
+1.7
\ No newline at end of property
Index: trunk/admin/browse.php
===================================================================
--- trunk/admin/browse.php (revision 4839)
+++ trunk/admin/browse.php (revision 4840)
@@ -1,439 +1,444 @@
<?php
##############################################################
##In-portal ##
##############################################################
## In-portal ##
## Intechnic Corporation ##
## All Rights Reserved, 1998-2002 ##
## ##
## No portion of this code may be copied, reproduced or ##
## otherwise redistributed without proper written ##
## consent of Intechnic Corporation. Violation will ##
## result in revocation of the license and support ##
## privileges along maximum prosecution allowed by law. ##
##############################################################
function k4getmicrotime()
{
list($usec, $sec) = explode(" ", microtime());
return ((float)$usec + (float)$sec);
}
$start = k4getmicrotime();
// new startup: begin
define('REL_PATH', 'admin');
$relation_level = count( explode('/', REL_PATH) );
define('FULL_PATH', realpath(dirname(__FILE__) . str_repeat('/..', $relation_level) ) );
require_once FULL_PATH.'/kernel/startup.php';
// new startup: end
if($application->GetVar('Action') == 'm_paste') define('REDIRECT_REQUIRED',1); // this script can issue redirect header
define('REQUIRE_LAYER_HEADER', 1);
$b_topmargin = "0";
//$b_header_addon = "<DIV style='position:relative; z-Index: 1; background-color: #ffffff; padding-top:1px;'><div style='position:absolute; width:100%;top:0px;' align='right'><img src='images/logo_bg.gif'></div><img src='images/spacer.gif' width=1 height=15><br><div style='z-Index:1; position:relative'>";
require_login();
$indexURL = $rootURL."index.php";
$homeURL = "javascript:AdminCatNav('".$_SERVER["PHP_SELF"]."?env=".BuildEnv()."');";
$m_var_list_update["cat"] = 0;
unset($m_var_list_update["cat"]);
$envar = "env=" . BuildEnv();
if($objCatList->CurrentCategoryID()>0)
{
$c = $objCatList->CurrentCat();
$upURL = "javascript:AdminCatNav('".$c->Admin_Parent_Link()."');";
}
else
$upURL = $_SERVER["PHP_SELF"]."?".$envar;
//admin only util
$pathtolocal = $pathtoroot."kernel/";
require_once ($pathtoroot.$admin."/include/elements.php");
//require_once ($pathtoroot."kernel/admin/include/navmenu.php");
require_once ($pathtolocal."admin/include/navmenu.php");
require_once($pathtoroot.$admin."/browse/toolbar.php");
$m = GetModuleArray();
foreach($m as $key=>$value)
{
$path = $pathtoroot.$value."admin/include/parser.php";
if(file_exists($path))
{
//echo "<!-- $path -->";
@include_once($path);
}
}
$application->InitParser();
$cat_templates = $objModules->ExecuteFunction('GetModuleInfo', 'catalog_template');
foreach ($cat_templates as $a_mod => $a_template) {
if (!$a_template) continue;
- $a_var = $a_mod.'_TAB_HTML';
- $$a_var = $application->ParseBlock(Array('name'=>$a_template), 0, true);
+
+ $module_prefix = $application->findModule('Name', $a_mod, 'Var');
+ $view_perm = $application->getUnitOption($module_prefix, 'PermItemPrefix').'.VIEW';
+ if ($application->CheckPermission($view_perm, 0)) {
+ $a_var = $a_mod.'_TAB_HTML';
+ $$a_var = $application->ParseBlock(Array('name'=>$a_template), 0, true);
+ }
}
//$application->SetVar('t', 'in-commerce/products/products_catalog');
if( !defined('IS_INSTALL') ) define('IS_INSTALL', 0);
if( !IS_INSTALL ) require_login();
//Set Section
$section = 'in-portal:browse';
//Set Environment Variable
//echo $objCatList->ItemsOnClipboard()." Categories on the clipboard<br>\n";
//echo $objTopicList->ItemsOnClipboard()." Topics on the clipboard<br>\n";
//echo $objLinkList->ItemsOnClipboard()." Links on the clipboard<br>\n";
//echo $objArticleList->ItemsOnClipboard()." Articles on the clipboard<br>\n";
// save last category visited
$objSession->SetVariable('prev_category', $objSession->GetVariable('last_category') );
$objSession->SetVariable('last_category', $objCatList->CurrentCategoryID() );
/* // for testing
$last_cat = $objSession->GetVariable('last_category');
$prev_cat = $objSession->GetVariable('prev_category');
echo "Last CAT: [$last_cat]<br>";
echo "Prev CAT: [$prev_cat]<br>";
*/
$SearchType = $objSession->GetVariable("SearchType");
if(!strlen($SearchType))
$SearchType = "all";
$SearchLabel = "la_SearchLabel";
if( GetVar('SearchWord') !== false ) $objSession->SetVariable('admin_seach_words', GetVar('SearchWord') );
$SearchWord = $objSession->GetVariable('admin_seach_words');
// where should all edit popups submit changes
$objSession->SetVariable("ReturnScript", basename($_SERVER['PHP_SELF']) );
$charset = GetRegionalOption('Charset');
$m_tag_processor =& $application->recallObject('m_TagProcessor');
$base_href = $m_tag_processor->Base_Ref();
/* page header */
print <<<END
<html>
<head>
<title>In-portal</title>
$base_href
<meta http-equiv="content-type" content="text/html;charset=$charset">
<meta http-equiv="Pragma" content="no-cache">
<script language="JavaScript">
imagesPath='$imagesURL'+'/';
</script>
END;
require_once($pathtoroot.$admin."/include/mainscript.php");
print <<<END
<script type="text/javascript">
if (window.opener != null) {
theMainScript.CloseAndRefreshParent();
}
</script>
END;
print <<<END
<script src="$browseURL/toolbar.js"></script>
<script src="$browseURL/checkboxes_new.js"></script>
<script language="JavaScript1.2" src="$browseURL/fw_menu.js"></script>
<script language="javascript" src="incs/script.js"></script>
<link rel="stylesheet" type="text/css" href="$browseURL/checkboxes.css">
<link rel="stylesheet" type="text/css" href="$cssURL/style.css">
<link rel="stylesheet" type="text/css" href="$browseURL/toolbar.css">
END;
load_module_styles();
if( !isset($list) ) $list = '';
if(($SearchType=="categories" || $SearchType="all") && strlen($list))
{
int_SectionHeader(NULL,NULL,NULL,admin_language("la_Title_SearchResults"));
}
else
int_SectionHeader();
$filter = false; // always initialize variables before use
if($objSession->GetVariable("SearchWord") != '') {
$filter = true;
}
else {
$bit_combo = $objModules->ExecuteFunction('GetModuleInfo', 'all_bitmask');
$bit_combo = $objModules->MergeReturn($bit_combo);
foreach($bit_combo['VarName'] as $mod_name => $VarName)
{
//echo "VarName: [$VarName] = [".$objConfig->Get($VarName)."], ALL = [".$bit_combo['Bits'][$mod_name]."]<br>";
if( $objConfig->Get($VarName) )
if( $objConfig->Get($VarName) != $bit_combo['Bits'][$mod_name] )
{
$filter = true;
break;
}
}
}
?>
</div>
<!-- alex mark -->
<table class="toolbar" height="30" cellspacing="0" cellpadding="0" width="100%" border="0">
<tbody>
<tr>
<td>
<div name="toolBar" id="mainToolBar">
<tb:button action="upcat" title="<?php echo admin_language("la_ToolTip_Up"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="homecat" title="<?php echo admin_language("la_ToolTip_Home"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:separator ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="new_cat" title="<?php echo admin_language("la_ToolTip_New_Category"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="editcat" title="<?php echo admin_language("la_ToolTip_Edit_Current_Category"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<?php
foreach($NewButtons as $btn)
{
print '<tb:button action="'.$btn['Action'].'" title="'.$btn['Alt'].'" ImagePath="'.$btn['ImagePath'].'" ';
if (getArrayValue($btn, 'Tab')) print 'tab="'.$btn['Tab'].'"';
print ">\n";
}
?>
<tb:button action="edit" title="<?php echo admin_language("la_ToolTip_Edit"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="delete" title="<?php echo admin_language("la_ToolTip_Delete"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:separator ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="approve" title="<?php echo admin_language("la_ToolTip_Approve"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="decline" title="<?php echo admin_language("la_ToolTip_Decline"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:separator ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="export" title="<?php echo admin_language("la_ToolTip_Export"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:separator ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="rebuild_cache" title="<?php echo admin_language("la_ToolTip_RebuildCategoryCache"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:separator ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="cut" title="<?php echo admin_language("la_ToolTip_Cut"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="copy" title="<?php echo admin_language("la_ToolTip_Copy"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="paste" title="<?php echo admin_language("la_ToolTip_Paste"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:separator ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="move_up" title="<?php echo admin_language("la_ToolTip_Move_Up"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="move_down" title="<?php echo admin_language("la_ToolTip_Move_Down"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:separator ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="print" title="<?php echo admin_language("la_ToolTip_Print"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="view" title="<?php echo admin_language("la_ToolTip_View"); ?>" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
</div>
</td>
</tr>
</tbody>
</table>
<table cellspacing="0" cellpadding="0" width="100%" bgcolor="#e0e0da" border="0" class="tableborder_full_a">
<tbody>
<tr>
<td><img height="15" src="<?php echo $imagesURL; ?>/arrow.gif" width="15" align="middle" border="0">
<span class="navbar"><?php $attribs["admin"]=1; print m_navbar($attribs); ?></span>
</td>
<td align="right">
<FORM METHOD="POST" ACTION="<?php echo $_SERVER["PHP_SELF"]."?".$envar; ?>" NAME="admin_search" ID="admin_search"><INPUT ID="SearchScope" NAME="SearchScope" type="hidden" VALUE="<?php echo $objSession->GetVariable("SearchScope"); ?>"><INPUT ID="SearchType" NAME="SearchType" TYPE="hidden" VALUE="<?php echo $objSession->GetVariable("SearchType"); ?>"><INPUT ID="NewSearch" NAME="NewSearch" TYPE="hidden" VALUE="0"><INPUT TYPE="HIDDEN" NAME="Action" value="m_Exec_Search">
<table cellspacing="0" cellpadding="0"><tr>
<td><?php echo admin_language($SearchLabel); ?>&nbsp;</td>
<td><input ID="SearchWord" type="text" value="<?php echo inp_htmlize($SearchWord,1); ?>" name="SearchWord" size="10" style="border-width: 1; border-style: solid; border-color: 999999"></td>
<td><img id="imgSearch" action="search_b" src="<?php echo $imagesURL."/toolbar/";?>/icon16_search.gif" title="<?php echo admin_language("la_ToolTip_Search"); ?>" align="absMiddle" onclick="this.action = this.getAttribute('action'); actionHandler(this);" src="<?php echo $imagesURL."/toolbar/";?>/arrow16.gif" onmouseover="this.src='<?php echo $imagesURL."/toolbar/";?>/icon16_search_f2.gif'" onmouseout="this.src='<?php echo $imagesURL."/toolbar/";?>/icon16_search.gif'" style="cursor:hand" width="22" width="22"><!--<img action="search_a" title="<?php echo admin_language("la_ToolTip_Search"); ?>" align="absMiddle" onclick="this.action = this.getAttribute('action'); actionHandler(this);" src="<?php echo $imagesURL."/toolbar/";?>/arrow16.gif" onmouseover="this.src='<?php echo $imagesURL."/toolbar/";?>/arrow16_f2.gif'" onmouseout="this.src='<?php echo $imagesURL."/toolbar/";?>/arrow16.gif'" style="cursor:hand">-->
<img action="search_c" src="<?php echo $imagesURL."/toolbar/";?>/icon16_search_reset.gif" title="<?php echo admin_language("la_ToolTip_Search"); ?>" align="absMiddle" onclick="document.all.SearchWord.value = ''; this.action = this.getAttribute('action'); actionHandler(this);" onmouseover="this.src='<?php echo $imagesURL."/toolbar/";?>/icon16_search_reset_f2.gif'" onmouseout="this.src='<?php echo $imagesURL."/toolbar/";?>/icon16_search_reset.gif'" style="cursor:hand" width="22" width="22">&nbsp;
</td>
</tr></table>
</FORM>
<!--tb:button action="search_b" title="<?php echo admin_language("la_ToolTip_Search"); ?>" align="right" ImagePath="<?php echo $imagesURL."/toolbar/";?>">
<tb:button action="search_a" title="<?php echo admin_language("la_ToolTip_Search"); ?>" align="right" ImagePath="<?php echo $imagesURL."/toolbar/";?>"-->
</td>
</tr>
</tbody>
</table>
<?php if ($filter) { ?>
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="toolbar">
<tr>
<td valign="top">
<?php int_hint_red(admin_language("la_Warning_Filter")); ?>
</td>
</tr>
</table>
<?php } ?>
<br>
<!-- CATEGORY DIVIDER -->
<?php
$OrderBy = $objCatList->QueryOrderByClause(TRUE,TRUE,TRUE);
$objCatList->Clear();
$IsSearch = FALSE;
if($SearchType == 'categories' || $SearchType == 'all')
{
$list = $objSession->GetVariable("SearchWord");
$SearchQuery = $objCatList->AdminSearchWhereClause($list);
if(strlen($SearchQuery))
{
$SearchQuery = " (".$SearchQuery.") ";
if( strlen($CatScopeClause) ) {
$SearchQuery .= " AND ParentId = ".$objCatList->CurrentCategoryID();//" AND ".$CatScopeClause;
}
$objCatList->LoadCategories($SearchQuery.$CategoryFilter,$OrderBy);
$IsSearch = TRUE;
}
else
$objCatList->LoadCategories("ParentId=".$objCatList->CurrentCategoryID()." ".$CategoryFilter,$OrderBy);
}
else
$objCatList->LoadCategories("ParentId=".$objCatList->CurrentCategoryID()." ".$CategoryFilter, $OrderBy);
$TotalItemCount += $objCatList->QueryItemCount;
?>
<?php
$e = $Errors->GetAdminUserErrors();
if(count($e)>0)
{
echo "<table cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" border=\"0\">";
for($ex = 0; $ex<count($e);$ex++)
{
echo "<tr><td width=\100%\" class=\"error\">".prompt_language($e[$ex])."</td></tr>";
}
echo "</TABLE><br>";
}
?>
<table cellspacing="0" cellpadding="0" width="100%" border="0">
<tbody>
<tr>
<td width="138" height="20" nowrap="nowrap" class="active_tab" onclick="toggleCategoriesB(this)" id="cats_tab">
<table cellspacing="0" cellpadding="0" width="100%" border="0">
<tr>
<td id="l_cat" background="<?php echo $imagesURL; ?>/itemtabs/tab_active_l.gif" class="left_tab">
<img src="<?php echo $imagesURL; ?>/itemtabs/divider_up.gif" width="20" height="20" border="0" align="absmiddle">
</td>
<td id="m_cat" nowrap background="<?php echo $imagesURL; ?>/itemtabs/tab_active.gif" class="tab_class">
<?php echo admin_language("la_ItemTab_Categories"); ?>:&nbsp;
</td>
<td id="m1_cat" align="right" valign="top" background="<?php echo $imagesURL; ?>/itemtabs/tab_active.gif" class="tab_class">
<span class="cats_stats">(<?php echo $objCatList->QueryItemCount; ?>)</span>&nbsp;
</td>
<td id="r_cat" background="<?php echo $imagesURL; ?>/itemtabs/tab_active_r.gif" class="right_tab">
<img src="<?php echo $imagesURL; ?>/spacer.gif" width="21" height="20">
</td>
</tr>
</table>
</td>
<td>&nbsp;</td>
</tr>
</tbody>
</table>
<div class="divider" style="" id="categoriesDevider"><img width="1" height="1" src="<?php echo $imagesURL; ?>/spacer.gif"></div>
</DIV>
</div>
<DIV style="background-color: #ffffff; position: relative; padding-top: 1px; top: -1px; z-Index:0" id="firstContainer">
<DIV style="background-color: #ffffff; position: relative; padding-top: 1px; top: -1px; z-Index:2" id="secondContainer">
<!-- CATEGORY OUTPUT START -->
<div id="categories" tabtitle="Categories">
<form id="categories_form" name="categories_form" action="" method="post">
<input type="hidden" name="Action">
<?php
if($IsSearch)
{
$template = "cat_search_element.tpl";
}
else {
$template = "cat_element.tpl";
}
print adListSubCats($objCatList->CurrentCategoryID(),$template);
?>
</form>
</div>
<BR>
<!-- CATEGORY OUTPUT END -->
<?php
print $ItemTabs->TabRow();
if(count($ItemTabs->Tabs))
{
?>
<div class="divider" id="tabsDevider"><img width=1 height=1 src="images/spacer.gif"></div>
<?php
}
?>
</DIV>
<?php
unset($m);
//echo $application->ParseBlock(Array('name'=>'kernel_form_start'), 0, true);
$m = GetModuleArray("admin");
foreach($m as $key=>$value)
{
$path = $pathtoroot.$value."admin/browse.php";
if(file_exists($path))
{
//echo "\n<!-- $path -->\n";
include_once($path);
}
}
//echo $application->ParseBlock(Array('name'=>'kernel_form_end'), 0, true);
$admin = $objConfig->Get("AdminDirectory");
if(!strlen($admin)) $admin = "admin";
?>
<form method="post" action="<?php echo $rootURL.$admin; ?>/browse.php?env=<?php echo BuildEnv(); ?>" name="viewmenu">
<input type="hidden" name="fieldname" value="">
<input type="hidden" name="varvalue" value="">
<input type="hidden" name="varvalue2" value="">
<input type="hidden" name="Action" value="">
</form>
</DIV>
<!-- END CODE-->
<script language="JavaScript">
InitPage();
cats_on = theMainScript.GetCookie('cats_tab_on');
if (cats_on == 0) {
toggleCategoriesB(document.getElementById('cats_tab'), true);
}
tabs_on = theMainScript.GetCookie('tabs_on');
if (tabs_on == '1' || tabs_on == null) {
if(default_tab.length == 0 || default_tab == 'categories' )
{
cookie_start = theMainScript.GetCookie('active_tab');
if (cookie_start != null) start_tab = cookie_start;
if(start_tab!=null) {
//alert('ok');
toggleTabB(start_tab, true);
}
}
else
{
//alert('ok');
toggleTabB(default_tab,true);
}
}
d = document.getElementById('SearchWord');
if(d)
{
d.onkeyup = function(event) {
if(window.event.keyCode==13)
{
var el = document.getElementById('imgSearch');
el.onclick();
}
}
}
</script>
<?php
$objSession->SetVariable("HasChanges", 0);
int_footer();
?>
\ No newline at end of file
Property changes on: trunk/admin/browse.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.32
\ No newline at end of property
+1.33
\ No newline at end of property
Index: trunk/core/kernel/processors/main_processor.php
===================================================================
--- trunk/core/kernel/processors/main_processor.php (revision 4839)
+++ trunk/core/kernel/processors/main_processor.php (revision 4840)
@@ -1,851 +1,838 @@
<?php
class kMainTagProcessor extends TagProcessor {
function Init($prefix, $special, $event_params = null)
{
parent::Init($prefix, $special, $event_params);
$actions =& $this->Application->recallObject('kActions');
$actions->Set('t', $this->Application->GetVar('t'));
$actions->Set('sid', $this->Application->GetSID());
$actions->Set('m_opener', $this->Application->GetVar('m_opener') );
}
/**
* Used to handle calls where tag name
* match with existing php function name
*
* @param Tag $tag
* @return string
*/
function ProcessTag(&$tag)
{
if ($tag->Tag=='include') $tag->Tag='MyInclude';
return parent::ProcessTag($tag);
}
/**
* Creates <base href ..> HTML tag for all templates
* affects future css, js files and href params of links
*
* @return string
* @access public
*/
function Base_Ref()
{
$url = $this->Application->BaseURL().substr(THEMES_PATH,1).'/';
return '<base href="'.$url.'" />';
}
/**
* Returns base url for web-site
*
* @return string
* @access public
*/
function BaseURL()
{
return $this->Application->BaseURL();
}
function TemplatesBase($params)
{
return $this->Application->BaseURL().THEMES_PATH;
}
function ProjectBase($params)
{
return $this->Application->BaseURL();
}
/*function Base($params)
{
return $this->Application->BaseURL().$params['add'];
}*/
/**
* Used to create link to any template.
* use "pass" paramter if "t" tag to specify
* prefix & special of object to be represented
* in resulting url
*
* @param Array $params
* @return string
* @access public
*/
function T($params)
{
//by default link to current template
$t = $this->SelectParam($params, 't,template');
unset($params['t']);
unset($params['template']);
$prefix=isset($params['prefix']) ? $params['prefix'] : ''; unset($params['prefix']);
$index_file = isset($params['index_file']) ? $params['index_file'] : null; unset($params['index_file']);
return $this->Application->HREF($t, $prefix, $params, $index_file);
}
function Link($params)
{
if (isset($params['template'])) {
$params['t'] = $params['template'];
unset($params['template']);
}
if (!isset($params['pass']) && !isset($params['no_pass'])) $params['pass'] = 'm';
if (isset($params['no_pass'])) unset($params['no_pass']);
if( $this->Application->GetVar('admin') ) $params['admin'] = 1;
return $this->T($params);
}
function Env($params)
{
$t = $params['template'];
unset($params['template']);
return $this->Application->BuildEnv($t, $params, 'm', null, false);
}
function FormAction($params)
{
return $this->Application->ProcessParsedTag('m', 't', Array( 'pass'=>'all,m' ) );
}
/*// NEEDS TEST
function Config($params)
{
return $this->Application->ConfigOption($params['var']);
}
function Object($params)
{
$name = $params['name'];
$method = $params['method'];
$tmp =& $this->Application->recallObject($name);
if ($tmp != null) {
if (method_exists($tmp, $method))
return $tmp->$method($params);
else
echo "Method $method does not exist in object ".get_class($tmp)." named $name<br>";
}
else
echo "Object $name does not exist in the appliaction<br>";
}*/
/**
* Tag, that always returns true.
* For parser testing purposes
*
* @param Array $params
* @return bool
* @access public
*/
function True($params)
{
return true;
}
/**
* Tag, that always returns false.
* For parser testing purposes
*
* @param Array $params
* @return bool
* @access public
*/
function False($params)
{
return false;
}
/**
* Returns block parameter by name
*
* @param Array $params
* @return stirng
* @access public
*/
function Param($params)
{
//$parser =& $this->Application->recallObject('TemplateParser');
$res = $this->Application->Parser->GetParam($params['name']);
if ($res === false) $res = '';
if (isset($params['plus']))
$res += $params['plus'];
return $res;
}
/**
* Gets value of specified field from specified prefix_special and set it as parser param
*
* @param Array $params
*/
/*function SetParam($params)
{
// <inp2:m_SetParam param="custom_name" src="cf:FieldName"/>
list($prefix_special, $field_name) = explode(':', $params['src']);
$object =& $this->Application->recallObject($prefix_special);
$name = $this->SelectParam($params, 'param,name,var');
$this->Application->Parser->SetParam($name, $object->GetField($field_name) );
}*/
/**
* Compares block parameter with value specified
*
* @param Array $params
* @return bool
* @access public
*/
function ParamEquals($params)
{
//$parser =& $this->Application->recallObject('TemplateParser');
$name = $this->SelectParam($params, 'name,var,param');
$value = $params['value'];
return ($this->Application->Parser->GetParam($name) == $value);
}
/*function PHP_Self($params)
{
return $HTTP_SERVER_VARS['PHP_SELF'];
}
*/
/**
* Returns session variable value by name
*
* @param Array $params
* @return string
* @access public
*/
function Recall($params)
{
$ret = $this->Application->RecallVar( $this->SelectParam($params,'name,var,param') );
$ret = ($ret === false && isset($params['no_null'])) ? '' : $ret;
if( getArrayValue($params,'special') || getArrayValue($params,'htmlchars')) $ret = htmlspecialchars($ret);
if ( getArrayValue($params, 'urlencode') ) $ret = urlencode($ret);
return $ret;
}
// bad style to store something from template to session !!! (by Alex)
// Used here only to test how session works, nothing more
function Store($params)
{
//echo"Store $params[name]<br>";
$name = $params['name'];
$value = $params['value'];
$this->Application->StoreVar($name,$value);
}
/**
* Sets application variable value(-s)
*
* @param Array $params
* @access public
*/
function Set($params)
{
foreach ($params as $param => $value) {
$this->Application->SetVar($param, $value);
}
}
/**
* Increment application variable
* specified by number specified
*
* @param Array $params
* @access public
*/
function Inc($params)
{
$this->Application->SetVar($params['param'], $this->Application->GetVar($params['param']) + $params['by']);
}
/**
* Retrieves application variable
* value by name
*
* @param Array $params
* @return string
* @access public
*/
function Get($params)
{
$ret = $this->Application->GetVar($this->SelectParam($params, 'name,var,param'), '');
return getArrayValue($params, 'htmlchars') ? htmlspecialchars($ret) : $ret;
}
/**
* Retrieves application constant
* value by name
*
* @param Array $params
* @return string
* @access public
*/
function GetConst($params)
{
return defined($this->SelectParam($params, 'name,const')) ? constant($this->SelectParam($params, 'name,const,param')) : '';
}
/**
* Retrieves configuration variable value by name
*
* @param Array $params
* @return string
* @access public
*/
function GetConfig($params)
{
$config_name = $this->SelectParam($params, 'name,var');
$ret = $this->Application->ConfigValue($config_name);
if( getArrayValue($params, 'escape') ) $ret = addslashes($ret);
return $ret;
}
function ConfigEquals($params)
{
$option = $this->SelectParam($params, 'name,option,var');
return $this->Application->ConfigValue($option) == getArrayValue($params, 'value');
}
/**
* Creates all hidden fields
* needed for kernel_form
*
* @param Array $params
* @return string
* @access public
*/
function DumpSystemInfo($params)
{
$actions =& $this->Application->recallObject('kActions');
$actions->Set('t', $this->Application->GetVar('t') );
$params = $actions->GetParams();
$o='';
foreach ($params AS $name => $val)
{
$o .= "<input type='hidden' name='$name' id='$name' value='$val'>\n";
}
return $o;
}
function GetFormHiddens($params)
{
$sid = $this->Application->GetSID();
$t = $this->SelectParam($params, 'template,t');
unset($params['template']);
$env = $this->Application->BuildEnv($t, $params, 'm', null, false);
$o = '';
if ( $this->Application->RewriteURLs() )
{
$session =& $this->Application->recallObject('Session');
if ($session->NeedQueryString()) {
$o .= "<input type='hidden' name='sid' id='sid' value='$sid'>\n";
}
}
else {
$o .= "<input type='hidden' name='env' id='env' value='$env'>\n";
}
return $o;
}
function Odd_Even($params)
{
$odd = $params['odd'];
$even = $params['even'];
if (!isset($params['var'])) {
$var = 'odd_even';
}
else {
$var = $params['var'];
}
if ($this->Application->GetVar($var) == 'even') {
if (!isset($params['readonly']) || !$params['readonly']) {
$this->Application->SetVar($var, 'odd');
}
return $even;
}
else {
if (!isset($params['readonly']) || !$params['readonly']) {
$this->Application->SetVar($var, 'even');
}
return $odd;
}
}
/**
* Returns phrase translation by name
*
* @param Array $params
* @return string
* @access public
*/
function Phrase($params)
{
// m:phrase name="phrase_name" default="Tr-alala" updated="2004-01-29 12:49"
if (array_key_exists('default', $params)) return $params['default']; //backward compatibility
$translation = $this->Application->Phrase($this->SelectParam($params, 'label,name,title'));
if (getArrayValue($params, 'escape')) {
$translation = htmlspecialchars($translation);
$translation = str_replace('\'', '&#39;', $translation);
$translation = addslashes($translation);
}
return $translation;
}
// for tabs
function is_active($params)
{
$test_templ = $this->SelectParam($params, 'templ,template,t');
if ( !getArrayValue($params,'allow_empty') )
{
$if_true=getArrayValue($params,'true') ? $params['true'] : 1;
$if_false=getArrayValue($params,'false') ? $params['false'] : 0;
}
else
{
$if_true=$params['true'];
$if_false=$params['false'];
}
if ( preg_match("/^".str_replace('/', '\/', $test_templ)."/", $this->Application->GetVar('t'))) {
return $if_true;
}
else {
return $if_false;
}
}
function IsNotActive($params)
{
return !$this->is_active($params);
}
function IsActive($params)
{
return $this->is_active($params);
}
function is_t_active($params)
{
return $this->is_active($params);
}
function CurrentTemplate($params)
{
return $this->is_active($params);
}
/**
* Checks if session variable
* specified by name value match
* value passed as parameter
*
* @param Array $params
* @return string
* @access public
*/
function RecallEquals($params)
{
$name = $this->SelectParam($params, 'name,var');
$value = $params['value'];
return ($this->Application->RecallVar($name) == $value);
}
/**
* Checks if application variable
* specified by name value match
* value passed as parameter
*
* @param Array $params
* @return bool
* @access public
*/
function GetEquals($params)
{
$name = $this->SelectParam($params, 'var,name,param');
$value = $params['value'];
if ($this->Application->GetVar($name) == $value) {
return 1;
}
}
/**
* Includes template
* and returns it's
* parsed version
*
* @param Array $params
* @return string
* @access public
*/
function MyInclude($params)
{
$BlockParser =& $this->Application->makeClass('TemplateParser');
$BlockParser->SetParams($params);
$parser =& $this->Application->Parser;
$this->Application->Parser =& $BlockParser;
$t = $this->SelectParam($params, 't,template,block,name');
$t = eregi_replace("\.tpl$", '', $t);
$templates_cache =& $this->Application->recallObject('TemplatesCache');
$res = $BlockParser->Parse( $templates_cache->GetTemplateBody($t, getArrayValue($params, 'is_silent')), $t );
if ( !$BlockParser->DataExists && (isset($params['data_exists']) || isset($params['block_no_data'])) ) {
if ($block_no_data = getArrayValue($params, 'block_no_data')) {
$res = $BlockParser->Parse(
$templates_cache->GetTemplateBody($block_no_data, getArrayValue($params, 'is_silent') ),
$t
);
}
else {
$res = '';
}
}
$this->Application->Parser =& $parser;
$this->Application->Parser->DataExists = $this->Application->Parser->DataExists || $BlockParser->DataExists;
return $res;
}
function ModuleInclude($params)
{
$ret = '';
$block_params = Array('is_silent' => 2); // don't make fatal errors in case if template is missing
$current_template = $this->Application->GetVar('t');
foreach ($this->Application->ModuleInfo as $module_name => $module_data) {
$module_key = strtolower($module_name);
if ($module_name == 'In-Portal') {
$module_prefix = '';
}
else {
$module_prefix = $this->Application->IsAdmin() ? $module_key.'/' : $module_data['TemplatePath'].'/';
}
$block_params['t'] = $module_prefix.$this->SelectParam($params, $module_key.'_template,'.$module_key.'_t,template,t');
if ($block_params['t'] == $current_template) continue;
$no_data = $this->SelectParam($params, $module_key.'_block_no_data,block_no_data');
if ($no_data) {
$block_params['block_no_data'] = $module_prefix.'/'.$no_data;
}
$ret .= $this->MyInclude($block_params);
}
return $ret;
}
/*function Kernel_Scripts($params)
{
return '<script type="text/javascript" src="'.PROTOCOL.SERVER_NAME.BASE_PATH.'/kernel3/js/grid.js"></script>';
}*/
/*function GetUserPermission($params)
{
// echo"GetUserPermission $params[name]";
if ($this->Application->RecallVar('user_type') == 1)
return 1;
else {
$perm_name = $params[name];
$aPermissions = unserialize($this->Application->RecallVar('user_permissions'));
if ($aPermissions)
return $aPermissions[$perm_name];
}
}*/
/**
* Set's parser block param value
*
* @param Array $params
* @access public
*/
function AddParam($params)
{
$parser =& $this->Application->Parser; // recallObject('TemplateParser');
foreach ($params as $param => $value) {
$this->Application->SetVar($param, $value);
$parser->SetParam($param, $value);
$parser->AddParam('/\$'.$param.'/', $value);
}
}
/*function ParseToVar($params)
{
$var = $params['var'];
$tagdata = $params['tag'];
$parser =& $this->Application->Parser; //recallObject('TemplateParser');
$res = $this->Application->ProcessTag($tagdata);
$parser->SetParam($var, $res);
$parser->AddParam('/\$'.$var.'/', $res);
return '';
}*/
/*function TagNotEmpty($params)
{
$tagdata = $params['tag'];
$res = $this->Application->ProcessTag($tagdata);
return $res != '';
}*/
/*function TagEmpty($params)
{
return !$this->TagNotEmpty($params);
}*/
/**
* Parses block and returns result
*
* @param Array $params
* @return string
* @access public
*/
function ParseBlock($params)
{
$parser =& $this->Application->Parser; // recallObject('TemplateParser');
return $parser->ParseBlock($params);
}
function RenderElement($params)
{
return $this->ParseBlock($params);
}
/**
* Checks if debug mode is on
*
* @return bool
* @access public
*/
function IsDebugMode()
{
return $this->Application->isDebugMode();
}
function MassParse($params)
{
$qty = $params['qty'];
$block = $params['block'];
$mode = $params['mode'];
$o = '';
if ($mode == 'func') {
$func = create_function('$params', '
$o = \'<tr>\';
$o.= \'<td>a\'.$params[\'param1\'].\'</td>\';
$o.= \'<td>a\'.$params[\'param2\'].\'</td>\';
$o.= \'<td>a\'.$params[\'param3\'].\'</td>\';
$o.= \'<td>a\'.$params[\'param4\'].\'</td>\';
$o.= \'</tr>\';
return $o;
');
for ($i=1; $i<$qty; $i++) {
$block_params['param1'] = rand(1, 10000);
$block_params['param2'] = rand(1, 10000);
$block_params['param3'] = rand(1, 10000);
$block_params['param4'] = rand(1, 10000);
$o .= $func($block_params);
}
return $o;
}
$block_params['name'] = $block;
for ($i=0; $i<$qty; $i++) {
$block_params['param1'] = rand(1, 10000);
$block_params['param2'] = rand(1, 10000);
$block_params['param3'] = rand(1, 10000);
$block_params['param4'] = rand(1, 10000);
$block_params['passed'] = $params['passed'];
$block_params['prefix'] = 'm';
$o.= $this->Application->ParseBlock($block_params, 1);
}
return $o;
}
function LoggedIn($params)
{
return $this->Application->LoggedIn();
}
/**
+ * Allows to check if permission exists directly in template and perform additional actions if required
+ *
+ * @param Array $params
+ * @return bool
+ */
+ function CheckPermission($params)
+ {
+ $perm_helper =& $this->Application->recallObject('PermissionsHelper');
+ return $perm_helper->TagPermissionCheck($params, 'm_CheckPermission');
+ }
+
+ /**
* Checks if user is logged in and if not redirects it to template passed
*
* @param Array $params
*/
function RequireLogin($params)
{
$t = $this->Application->GetVar('t');
if ($next_t = getArrayValue($params, 'next_template')) {
$t = $next_t;
}
- if ($permission_groups = getArrayValue($params, 'permissions')) {
- echo 'PermGroups: '.$permission_groups.'<br />';
- $permission_groups = explode('|', $permission_groups);
- $group_has_permission = false;
- foreach ($permission_groups as $permission_group) {
- $permissions = explode(',', $permission_group);
- $has_permission = true;
- foreach ($permissions as $permission) {
- $has_permission = $has_permission && $this->Application->CheckPermission($permission, isset($params['system']) && $params['system'] ? 1 : 0);
- }
- $group_has_permission = $group_has_permission || $has_permission;
-
- if ($group_has_permission) {
- return;
- }
- }
-
- if (!$this->Application->LoggedIn()) {
- $this->Application->Redirect( $params['login_template'], Array('next_template'=>$t) );
- }
- else {
- if (isset($params['no_permissions_template'])) {
- $t = $params['no_permissions_template'];
- }
- else {
- $t = $this->Application->IsAdmin() ? 'no_permission' : $this->Application->ConfigValue('NoPermissionTemplate');
- }
-
- $redirect_params = $this->Application->isDebugMode() ? Array('from_template' => 1, 'perms' => $params['permissions'], 'next_template' => $this->Application->GetVar('t')) : Array();
- $this->Application->Redirect($t, $redirect_params);
- }
+ // check by permissions: begin
+ $perm_helper =& $this->Application->recallObject('PermissionsHelper');
+ $perm_status = $perm_helper->TagPermissionCheck($params, 'm_RequireLogin');
+ if (!$perm_status) {
+ list($redirect_template, $redirect_params) = $perm_helper->getPermissionTemplate($params);
+ $this->Application->Redirect($redirect_template, $redirect_params);
}
-
- $condition = getArrayValue($params,'condition');
- if(!$condition)
- {
+ // check by permissions: end
+
+ // check by configuration value: begin
+ $condition = getArrayValue($params, 'condition');
+ if (!$condition) {
$condition = true;
}
- else
- {
- if( substr($condition,0,1) == '!' )
- {
- $condition = !$this->Application->ConfigValue( substr($condition,1) );
+ else {
+ if (substr($condition, 0, 1) == '!') {
+ $condition = !$this->Application->ConfigValue(substr($condition, 1));
}
- else
- {
+ else {
$condition = $this->Application->ConfigValue($condition);
}
}
-
+ // check by configuration value: end
+
+ // check by belonging to group: begin
$group = $this->SelectParam($params, 'group');
$group_access = true;
if ($group) {
$conn =& $this->Application->GetADODBConnection();
$group_id = $conn->GetOne('SELECT GroupId FROM '.TABLE_PREFIX.'PortalGroup WHERE Name = '.$conn->qstr($group));
if ($group_id) {
$groups = explode(',', $this->Application->RecallVar('UserGroups'));
$group_access = in_array($group_id, $groups);
}
}
-
- if( (!$this->Application->LoggedIn() || !$group_access) && $condition )
- {
+ // check by belonging to group: end
+
+ if ((!$this->Application->LoggedIn() || !$group_access) && $condition) {
if ( $this->Application->LoggedIn() && !$group_access) {
$this->Application->Redirect( $params['no_group_perm_template'], Array('next_template'=>$t) );
}
$redirect_params = Array('next_template' => $t);
$session_expired = $this->Application->GetVar('expired');
if ($session_expired) {
$redirect_params['expired'] = $session_expired;
}
- $this->Application->Redirect( $params['login_template'], $redirect_params);
+ $this->Application->Redirect($params['login_template'], $redirect_params);
}
}
function IsMember($params)
{
$group = getArrayValue($params, 'group');
$conn =& $this->Application->DB;
$group_id = $conn->GetOne('SELECT GroupId FROM '.TABLE_PREFIX.'PortalGroup WHERE Name = '.$conn->qstr($group));
if ($group_id) {
$groups = explode(',', $this->Application->RecallVar('UserGroups'));
$group_access = in_array($group_id, $groups);
}
return $group_access;
}
/**
* Checks if SSL is on and redirects to SSL URL if needed
* If SSL_URL is not defined in config - the tag does not do anything
* If for_logged_in_only="1" exits if user is not logged in.
* If called without params forces https right away. If called with by_config="1" checks the
* Require SSL setting from General Config and if it is ON forces https
*
* @param unknown_type $params
*/
function CheckSSL($params)
{
$ssl = $this->Application->ConfigValue('SSL_URL');
if (!$ssl) return; //SSL URL is not set - no way to require SSL
$require = false;
if ($params['mode'] == 'required') {
$require = true;
if (isset($params['for_logged_in_only']) && $params['for_logged_in_only'] && !$this->Application->LoggedIn()) {
$require = false;
}
if (isset($params['condition'])) {
if (!$this->Application->ConfigValue($params['condition'])) {
$require = false;
}
}
}
$http_query =& $this->Application->recallObject('HTTPQuery');
$pass = $http_query->getRedirectParams();
if ($require) {
if (PROTOCOL == 'https://') {
$this->Application->SetVar('__KEEP_SSL__', 1);
return;
}
$this->Application->Redirect('', array_merge_recursive2($pass, Array('__SSL__' => 1)));
}
else {
if (PROTOCOL == 'https://' && $this->Application->ConfigValue('Force_HTTP_When_SSL_Not_Required')) {
if ($this->Application->GetVar('__KEEP_SSL__')) return;
$this->Application->Redirect('', array_merge_recursive2($pass, Array('__SSL__' => 0)));
}
}
}
function ConstOn($params)
{
$name = $this->SelectParam($params,'name,const');
return $this->Application->isDebugMode() && dbg_ConstOn($name);
}
function SetDefaultCategory($params)
{
$module_name = $params['module'];
$module =& $this->Application->recallObject('mod.'.$module_name);
$this->Application->SetVar('m_cat_id', $module->GetDBField('RootCat') );
}
function XMLTemplate($params)
{
define('DBG_SKIP_REPORTING', 1);
$lang =& $this->Application->recallObject('lang.current');
header('Content-type: text/xml; charset='.$lang->GetDBField('Charset'));
}
}
?>
Property changes on: trunk/core/kernel/processors/main_processor.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.52
\ No newline at end of property
+1.53
\ No newline at end of property
Index: trunk/core/kernel/event_handler.php
===================================================================
--- trunk/core/kernel/event_handler.php (revision 4839)
+++ trunk/core/kernel/event_handler.php (revision 4840)
@@ -1,328 +1,328 @@
<?php
/**
* Note:
* 1. When adressing variables from submit containing
* Prefix_Special as part of their name use
* $event->getPrefixSpecial(true) instead of
* $event->Prefix_Special as usual. This is due PHP
* is converting "." symbols in variable names during
* submit info "_". $event->getPrefixSpecial optional
* 1st parameter returns correct corrent Prefix_Special
* for variables beeing submitted such way (e.g. variable
* name that will be converted by PHP: "users.read_only_id"
* will be submitted as "users_read_only_id".
*
* 2. When using $this->Application-LinkVar on variables submitted
* from form which contain $Prefix_Special then note 1st item. Example:
* LinkVar($event->getPrefixSpecial(true).'_varname',$event->Prefix_Special.'_varname')
*
*/
/**
* Default event handler. Mostly abstract class
*
*/
class kEventHandler extends kBase {
/**
* In case if event should be handled with mehod,
* which name differs from event name, then it
* should be specified here.
* key - event name, value - event method
*
* @var Array
* @access protected
*/
var $eventMethods = Array();
/**
* Defines mapping vs event names and permission names
*
* @var Array
*/
var $permMapping = Array();
/**
* Define alternative event processing method names
*
* @see $eventMethods
* @access protected
*/
function mapEvents()
{
}
/**
* Allows to override standart permission mapping
*
*/
function mapPermissions()
{
}
function getPrefixSpecial()
{
trigger_error('Usage of getPrefixSpecial() this method is forbidden in kEventHandler class children. Use $event->getPrefixSpecial(true); instead', E_USER_ERROR);
}
/**
* Set's prefix and special
*
* @param string $prefix
* @param string $special
* @access public
*/
function Init($prefix,$special)
{
parent::Init($prefix,$special);
$this->mapEvents();
$this->mapPermissions();
}
/**
* Process Event
*
* @param kEvent $event
* @access public
*/
function processEvent(&$event)
{
$event_name=$event->Name;
if( isset($this->eventMethods[$event_name]) ) $event_name=$this->eventMethods[$event_name];
if( method_exists($this,$event_name) )
{
$this->$event_name($event);
}
else
{
trigger_error('event <b>'.$event->Name.'</b> not implemented in class <b>'.get_class($this).'</b>', E_USER_ERROR);
}
}
/**
* Sample dummy event
*
* @param kEvent $event
* @access protected
*/
function OnBuild(&$event)
{
/*echo 'building: <br>';
print_pre($event);*/
}
/**
* Returns to previous template in opener stack
*
* @param kEvent $event
*/
function OnGoBack(&$event)
{
$event->SetRedirectParam('opener', 'u');
}
/**
* Apply some special processing to
* object beeing recalled before using
* it in other events that call prepareObject
*
* @param Object $object
* @param kEvent $event
* @access protected
*/
function prepareObject(&$object, &$event)
{
// processing here
}
/**
* Creates new event as child of
* event passed as $event param
*
* @param kEvent $event
* @access protected
*/
function &inheritEvent(&$event, $name=null)
{
$child_event = new kEvent();
$child_event->MasterEvent =& $event;
$child_event->Prefix=$event->Prefix;
$child_event->Special=$event->Special;
$child_event->Prefix_Special=$event->Prefix_Special;
$child_event->Name = $name;
return $child_event;
}
/**
* Created url part for this module
*
* @param kEvent $event
*/
function BuildEnv(&$event)
{
$prefix_special = $event->getPrefixSpecial();
$url_params = $event->getEventParam('url_params');
$pass_events = $event->getEventParam('pass_events');
$query_vars = $this->Application->getUnitOption($event->Prefix, 'QueryString');
$event_key = array_search('event', $query_vars);
if ($event_key) {
// pass through event of this prefix
unset($query_vars[$event_key]);
}
if (!getArrayValue($url_params, $prefix_special.'_event')) {
// if empty event, then remove it from url
unset( $url_params[$prefix_special.'_event'] );
}
//if pass events is off and event is not implicity passed
if ( !$pass_events && !isset($url_params[$prefix_special.'_event']) )
{
unset($url_params[$prefix_special.'_event']); // remove event from url if requested
//otherwise it will use value from get_var
}
if(!$query_vars) return true;
$processed_params = Array();
foreach($query_vars as $index => $var_name)
{
//if value passed in params use it, otherwise use current from application
$var_name = $prefix_special.'_'.$var_name;
$processed_params[$var_name] = isset( $url_params[$var_name] ) ? $url_params[$var_name] : $this->Application->GetVar($var_name);
if ( isset($url_params[$var_name]) ) unset( $url_params[$var_name] );
}
$ret = '';
if($processed_params[$prefix_special.'_Page'] > 1)
{
$ret .= $processed_params[$prefix_special.'_Page'].'/';
}
if ($processed_params[$prefix_special.'_id']) {
// this allows to fill 3 cache records with one query (see this method for details)
$category_id = isset($url_params['m_cat_id']) ? $url_params['m_cat_id'] : $this->Application->GetVar('m_cat_id');
$category_filename = $this->Application->getFilename('c', $category_id);
// if template is also item template of category, then remove template
$template = getArrayValue($url_params, 't');
$item_template = $this->Application->getCache('item_templates', $category_id);
if ($template == $item_template || strtolower($template) == '__default__') {
unset($url_params['t']);
}
// get item's filename
$filename = $this->Application->getFilename($event->Prefix, $processed_params[$prefix_special.'_id'] );
if($filename !== false) $ret .= $filename.'/';
}
if( getArrayValue($processed_params, $prefix_special.'_Reviews_Page') > 1)
{
if($processed_params[$prefix_special.'_id']) $ret = rtrim($ret, '/');
$ret .= '_'.$processed_params[$prefix_special.'_Reviews_Page'].'/';
}
$event->setEventParam('url_params', $url_params);
$event->setEventParam('env_string', strtolower($ret) );
}
/**
* Process mod_rewrite url part left after previous parser
*
* @param kEvent $event
*/
function ParseEnv(&$event)
{
// <module_page>/<item_filename>_<reviews_page>
$url_parts = $event->getEventParam('url_parts');
$defaults = Array('id' => 0, 'Page' => 1, 'Reviews_Page' => 1);
foreach ($defaults as $var_name => $var_value)
{
$this->Application->SetVar($event->getPrefixSpecial().'_'.$var_name, $var_value);
}
if (!$url_parts) {
// $event->status = erFAIL;
return false;
}
$ret = '';
$url_part = array_shift($url_parts);
// match module page
if( is_numeric($url_part) )
{
$this->Application->SetVar( $event->getPrefixSpecial().'_Page', $url_part);
$url_part = $url_parts ? array_shift($url_parts) : '';
}
if (!$url_part) {
$event->setEventParam('url_parts', $url_parts);
// $event->status = erFAIL;
return true;
}
// match module reviews page
if( preg_match('/(.*)_([\d]+)$/', $url_part, $rets) )
{
$url_part = $rets[1];
$this->Application->SetVar( $event->getPrefixSpecial().'_Reviews_Page', $rets[2]);
}
// match item's filename
$db =& $this->Application->GetADODBConnection();
$id_field = $this->Application->getUnitOption($event->Prefix, 'IDField');
$table = $this->Application->getUnitOption($event->Prefix, 'TableName');
$sql = 'SELECT item_table.'.$id_field.'
FROM '.$table.' item_table
LEFT JOIN '.TABLE_PREFIX.'CategoryItems cat_items ON item_table.ResourceId = cat_items.ItemResourceId
WHERE (item_table.Filename = '.$db->qstr($url_part).') AND (cat_items.CategoryId = '.$this->Application->GetVar('m_cat_id').')';
$item_id = $db->GetOne($sql);
if($item_id !== false)
{
$this->Application->SetVar($event->getPrefixSpecial().'_id', $item_id);
}
else
{
array_unshift($url_parts, $url_part);
$event->status = erFAIL;
}
$event->setEventParam('url_parts', $url_parts);
}
/**
* Checks permissions of user
*
* @param kEvent $event
*/
function CheckPermission(&$event)
{
$perm_helper =& $this->Application->recallObject('PermissionsHelper');
- return $perm_helper->CheckPermission($event, $this->permMapping);
+ return $perm_helper->CheckEventPermission($event, $this->permMapping);
}
/**
* Occurs, when config was parsed, allows to change config data dynamically
*
* @param kEvent $event
*/
function OnAfterConfigRead(&$event)
{
// readonly, for hooking only!
}
}
?>
\ No newline at end of file
Property changes on: trunk/core/kernel/event_handler.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.29
\ No newline at end of property
+1.30
\ No newline at end of property
Index: trunk/core/kernel/db/db_connection.php
===================================================================
--- trunk/core/kernel/db/db_connection.php (revision 4839)
+++ trunk/core/kernel/db/db_connection.php (revision 4840)
@@ -1,591 +1,590 @@
<?php
/**
* Multi database connection class
*
*/
class kDBConnection {
/**
* Current database type
*
* @var string
* @access private
*/
var $dbType = 'mysql';
/**
* Created connection handle
*
* @var resource
* @access private
*/
var $connectionID = null;
/**
* Handle of currenty processed recordset
*
* @var resource
* @access private
*/
var $queryID = null;
/**
* DB type specific function mappings
*
* @var Array
* @access private
*/
var $metaFunctions = Array();
/**
* Function to handle sql errors
*
* @var string
* @access private
*/
var $errorHandler = '';
/**
* Error code
*
* @var int
* @access private
*/
var $errorCode = 0;
/**
* Error message
*
* @var string
* @access private
*/
var $errorMessage = '';
/**
* Defines if database connection
* operations should generate debug
* information
*
* @var bool
*/
var $debugMode=false;
/**
* Last query to database
*
* @var string
*/
var $lastQuery = '';
/**
* Initializes connection class with
* db type to used in future
*
* @param string $dbType
* @return DBConnection
* @access public
*/
function kDBConnection($dbType, $errorHandler = '')
{
$this->dbType = $dbType;
$this->initMetaFunctions();
if(!$errorHandler)
{
$this->errorHandler = Array(&$this,'handleError');
}
else
{
$this->errorHandler=$errorHandler;
}
}
/**
* Set's custom error
*
* @param int $code
* @param string $msg
* @access public
*/
function setError($code,$msg)
{
$this->errorCode=$code;
$this->errorMessage=$msg;
}
/**
* Checks if previous query execution
* raised an error.
*
* @return bool
* @access public
*/
function hasError()
{
return !($this->errorCode == 0);
}
/**
* Caches function specific to requested
* db type
*
* @access private
*/
function initMetaFunctions()
{
$ret = Array();
switch($this->dbType)
{
case 'mysql':
$ret = Array(); // only define functions, that name differs from "dbType_<meta_name>"
break;
}
$this->metaFunctions = $ret;
}
/**
* Get's function for specific db type
* based on it's meta name
*
* @param string $name
* @return string
* @access private
*/
function getMetaFunction($name)
{
if( !isset($this->metaFunctions[$name]) )
{
if(function_exists($this->dbType.'_'.$name)) return $this->dbType.'_'.$name;
}
else
{
return $this->dbType.$name;
}
return false;
}
/**
* Try to connect to database server
* using specified parameters and set
* database to $db if connection made
*
* @param string $host
* @param string $user
* @param string $pass
* @param string $db
* @access public
*/
function Connect($host,$user,$pass,$db,$force_new=false)
{
$func = $this->getMetaFunction('connect');
$this->connectionID = $func($host,$user,$pass,$force_new) or die('Can\'t connect to db');
if($this->connectionID)
{
$this->setDB($db);
$this->showError();
}
}
function ReConnect($host,$user,$pass,$db)
{
$func = $this->getMetaFunction('close');
$func($this->connectionID);
$this->Connect($host,$user,$pass,$db);
}
/**
* Shows error message from previous operation
* if it failed
*
* @access private
*/
function showError($sql='')
{
$this->setError(0,''); // reset error
if($this->connectionID)
{
$func = $this->getMetaFunction('errno'); $this->errorCode = $func($this->connectionID);
if($this->hasError())
{
$func = $this->getMetaFunction('error'); $this->errorMessage = $func($this->connectionID);
if(is_array($this->errorHandler))
{
$func = $this->errorHandler[1];
$ret = $this->errorHandler[0]->$func($this->errorCode,$this->errorMessage,$sql);
}
else
{
$func = $this->errorHandler;
$ret = $func($this->errorCode,$this->errorMessage,$sql);
}
if(!$ret) exit;
}
}
}
/**
* Default error handler for sql errors
*
* @param int $code
* @param string $msg
* @param string $sql
* @return bool
* @access private
*/
function handleError($code,$msg,$sql)
{
echo '<b>Processing SQL</b>: '.$sql.'<br>';
echo '<b>Error ('.$code.'):</b> '.$msg.'<br>';
return false;
}
/**
* Set's database name for connection
* to $new_name
*
* @param string $new_name
* @return bool
* @access public
*/
function setDB($new_name)
{
if(!$this->connectionID) return false;
$func = $this->getMetaFunction('select_db');
return $func($new_name);
}
/**
* Returns first field of first line
* of recordset if query ok or false
* otherwise
*
* @param string $sql
* @param int $offset
* @return string
* @access public
*/
function GetOne($sql, $offset = 0)
{
$row = $this->GetRow($sql, $offset);
if(!$row) return false;
return array_shift($row);
}
/**
* Returns first row of recordset
* if query ok, false otherwise
*
* @param stirng $sql
* @param int $offset
* @return Array
* @access public
*/
function GetRow($sql, $offset = 0)
{
$sql .= ' '.$this->getLimitClause($offset, 1);
$ret = $this->Query($sql);
if(!$ret) return false;
return array_shift($ret);
}
/**
* Returns 1st column of recordset as
* one-dimensional array or false otherwise
* Optional parameter $key_field can be used
* to set field name to be used as resulting
* array key
*
* @param string $sql
* @param string $key_field
* @return Array
* @access public
*/
function GetCol($sql, $key_field = null)
{
$rows = $this->Query($sql);
if(!$rows) return $rows;
$i = 0; $row_count = count($rows);
$ret = Array();
if(isset($key_field))
{
while ($i < $row_count)
{
$ret[$rows[$i][$key_field]] = array_shift($rows[$i]);
$i++;
}
}
else
{
while ($i < $row_count)
{
$ret[] = array_shift($rows[$i]);
$i++;
}
}
return $ret;
}
/**
* Queries db with $sql query supplied
* and returns rows selected if any, false
* otherwise. Optional parameter $key_field
* allows to set one of the query fields
* value as key in string array.
*
* @param string $sql
* @param string $key_field
* @return Array
*/
function Query($sql,$key_field = null)
{
$this->lastQuery = $sql;
if($this->debugMode) return $this->debugQuery($sql,$key_field);
$query_func = $this->getMetaFunction('query');
$this->queryID = $query_func($sql,$this->connectionID);
if( is_resource($this->queryID) )
{
$ret = Array();
$fetch_func = $this->getMetaFunction('fetch_assoc');
if( isset($key_field) )
{
while( ($row = $fetch_func($this->queryID)) )
{
$ret[$row[$key_field]] = $row;
}
}
else
{
while( ($row = $fetch_func($this->queryID)) )
{
$ret[] = $row;
}
}
$this->Destroy();
return $ret;
}
$this->showError($sql);
return false;
}
function ChangeQuery($sql)
{
$this->Query($sql);
return $this->errorCode==0 ? true : false;
}
function debugQuery($sql, $key_field = null)
{
global $debugger;
$query_func = $this->getMetaFunction('query');
// set 1st checkpoint: begin
$isSkipTable=true;
- $profileSQLs=defined('DBG_SQL_PROFILE')&&DBG_SQL_PROFILE;
+ $profileSQLs=defined('DBG_SQL_PROFILE') && DBG_SQL_PROFILE;
if($profileSQLs)
{
- $isSkipTable=isSkipTable($sql);
- if(!$isSkipTable)
- {
- $queryID=$debugger->generateID();
- $debugger->profileStart('sql_'.$queryID, $debugger->formatSQL($sql) );
+ $isSkipTable = isSkipTable($sql);
+ if (!$isSkipTable) {
+ $queryID = $debugger->generateID();
+ $debugger->profileStart('sql_'.$queryID, $debugger->formatSQL($sql));
}
}
// set 1st checkpoint: end
- $this->queryID = $query_func($sql,$this->connectionID);
+ $this->queryID = $query_func($sql, $this->connectionID);
if( is_resource($this->queryID) )
{
$ret = Array();
$fetch_func = $this->getMetaFunction('fetch_assoc');
if( isset($key_field) )
{
while( ($row = $fetch_func($this->queryID)) )
{
$ret[$row[$key_field]] = $row;
}
}
else
{
while( ($row = $fetch_func($this->queryID)) )
{
$ret[] = $row;
}
}
// set 2nd checkpoint: begin
if(!$isSkipTable) {
$debugger->profileFinish('sql_'.$queryID);
$debugger->profilerAddTotal('sql', 'sql_'.$queryID);
}
$this->Destroy();
// set 2nd checkpoint: end
return $ret;
}
else {
// set 2nd checkpoint: begin
if(!$isSkipTable) {
$debugger->profileFinish('sql_'.$queryID);
$debugger->profilerAddTotal('sql', 'sql_'.$queryID);
}
// set 2nd checkpoint: end
}
$this->showError($sql);
return false;
}
/**
* Free memory used to hold recordset handle
*
* @access private
*/
function Destroy()
{
if($this->queryID)
{
$free_func = $this->getMetaFunction('free_result');
$free_func($this->queryID);
$this->queryID = null;
}
}
/**
* Returns auto increment field value from
* insert like operation if any, zero otherwise
*
* @return int
* @access public
*/
function getInsertID()
{
$func = $this->getMetaFunction('insert_id');
return $func($this->connectionID);
}
/**
* Returns row count affected by last query
*
* @return int
* @access public
*/
function getAffectedRows()
{
$func = $this->getMetaFunction('affected_rows');
return $func($this->connectionID);
}
/**
* Returns LIMIT sql clause part for specific db
*
* @param int $offset
* @param int $rows
* @return string
* @access private
*/
function getLimitClause($offset, $rows)
{
if(!($rows > 0)) return '';
switch ($this->dbType) {
default:
return 'LIMIT '.$offset.','.$rows;
break;
}
}
/**
* Correctly quotes a string so that all strings are escaped. We prefix and append
* to the string single-quotes.
* An example is $db->qstr("Don't bother",magic_quotes_runtime());
*
* @param s the string to quote
* @param [magic_quotes] if $s is GET/POST var, set to get_magic_quotes_gpc().
* This undoes the stupidity of magic quotes for GPC.
*
* @return quoted string to be sent back to database
*/
function qstr($s,$magic_quotes=false)
{
$replaceQuote = "\\'";
if (!$magic_quotes)
{
if ($replaceQuote[0] == '\\')
{
// only since php 4.0.5
$s = str_replace(array('\\',"\0"),array('\\\\',"\\\0"),$s);
//$s = str_replace("\0","\\\0", str_replace('\\','\\\\',$s));
}
return "'".str_replace("'",$replaceQuote,$s)."'";
}
// undo magic quotes for "
$s = str_replace('\\"','"',$s);
if($replaceQuote == "\\'") // ' already quoted, no need to change anything
{
return "'$s'";
}
else // change \' to '' for sybase/mssql
{
$s = str_replace('\\\\','\\',$s);
return "'".str_replace("\\'",$replaceQuote,$s)."'";
}
}
/**
* Returns last error code occured
*
* @return int
*/
function getErrorCode()
{
return $this->errorCode;
}
/**
* Returns last error message
*
* @return string
* @access public
*/
function getErrorMsg()
{
return $this->errorMessage;
}
function doInsert($fields_hash, $table, $type = 'INSERT')
{
$fields_sql = '';
$values_sql = '';
foreach ($fields_hash as $field_name => $field_value) {
$fields_sql .= '`'.$field_name.'`,';
$values_sql .= $this->qstr($field_value).',';
}
$fields_sql = preg_replace('/(.*),$/', '\\1', $fields_sql);
$values_sql = preg_replace('/(.*),$/', '\\1', $values_sql);
$sql = strtoupper($type).' INTO `'.$table.'` ('.$fields_sql.') VALUES ('.$values_sql.')';
return $this->ChangeQuery($sql);
}
function doUpdate($fields_hash, $table, $key_clause)
{
if (!$fields_hash) return true;
$fields_sql = '';
foreach ($fields_hash as $field_name => $field_value) {
$fields_sql .= '`'.$field_name.'` = '.$this->qstr($field_value).',';
}
$fields_sql = preg_replace('/(.*),$/', '\\1', $fields_sql);
$sql = 'UPDATE `'.$table.'` SET '.$fields_sql.' WHERE '.$key_clause;
return $this->ChangeQuery($sql);
}
}
?>
\ No newline at end of file
Property changes on: trunk/core/kernel/db/db_connection.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.11
\ No newline at end of property
+1.12
\ No newline at end of property
Index: trunk/core/kernel/application.php
===================================================================
--- trunk/core/kernel/application.php (revision 4839)
+++ trunk/core/kernel/application.php (revision 4840)
@@ -1,2117 +1,2077 @@
<?php
/**
* Basic class for Kernel3-based Application
*
* This class is a Facade for any other class which needs to deal with Kernel3 framework.<br>
* The class incapsulates the main run-cycle of the script, provide access to all other objects in the framework.<br>
* <br>
* The class is a singleton, which means that there could be only one instance of KernelApplication in the script.<br>
* This could be guranteed by NOT calling the class constuctor directly, but rather calling KernelApplication::Instance() method,
* which returns an instance of the application. The method gurantees that it will return exactly the same instance for any call.<br>
* See singleton pattern by GOF.
* @package kernel4
*/
class kApplication {
/**
* Is true, when Init method was called already, prevents double initialization
*
* @var bool
*/
var $InitDone = false;
/**
* Holds internal TemplateParser object
* @access private
* @var TemplateParser
*/
var $Parser;
/**
* Holds parser output buffer
* @access private
* @var string
*/
var $HTML;
/**
* Prevents request from beeing proceeded twice in case if application init is called mere then one time
*
* @var bool
* @todo This is not good anyway (by Alex)
*/
var $RequestProcessed = false;
/**
* The main Factory used to create
* almost any class of kernel and
* modules
*
* @access private
* @var kFactory
*/
var $Factory;
/**
* All ConfigurationValues table content (hash) here
*
* @var Array
* @access private
*/
var $ConfigHash = Array();
/**
* Ids of config variables used in current run (for caching)
*
* @var Array
* @access private
*/
var $ConfigCacheIds = array();
/**
* Reference to debugger
*
* @var Debugger
*/
var $Debugger = null;
/**
* Holds all phrases used
* in code and template
*
* @var PhrasesCache
*/
var $Phrases;
/**
* Modules table content, key - module name
*
* @var Array
*/
var $ModuleInfo = Array();
/**
* Holds DBConnection
*
* @var kDBConnection
*/
var $Conn = null;
/**
* Maintains list of user-defined error handlers
*
* @var Array
*/
var $errorHandlers = Array();
// performance needs:
/**
* Holds a refererence to httpquery
*
* @var kHttpQuery
*/
var $HttpQuery = null;
/**
* Holds a reference to UnitConfigReader
*
* @var kUnitConfigReader
*/
var $UnitConfigReader = null;
/**
* Holds a reference to Session
*
* @var kSession
*/
var $Session = null;
/**
* Holds a ref to kEventManager
*
* @var kEventManager
*/
var $EventManager = null;
var $Application = null;
var $CompilationCache = array(); //used when compiling templates
var $CachedProcessors = array(); //used when running compiled templates
/**
* Returns kApplication instance anywhere in the script.
*
* This method should be used to get single kApplication object instance anywhere in the
* Kernel-based application. The method is guranteed to return the SAME instance of kApplication.
* Anywhere in the script you could write:
* <code>
* $application =& kApplication::Instance();
* </code>
* or in an object:
* <code>
* $this->Application =& kApplication::Instance();
* </code>
* to get the instance of kApplication. Note that we call the Instance method as STATIC - directly from the class.
* To use descendand of standard kApplication class in your project you would need to define APPLICATION_CLASS constant
* BEFORE calling kApplication::Instance() for the first time. If APPLICATION_CLASS is not defined the method would
* create and return default KernelApplication instance.
* @static
* @access public
* @return kApplication
*/
function &Instance()
{
static $instance = false;
if(!$instance)
{
safeDefine('APPLICATION_CLASS', 'kApplication');
$class = APPLICATION_CLASS;
$instance = new $class();
$instance->Application =& $instance;
}
return $instance;
}
/**
* Initializes the Application
*
* @access public
* @see kHTTPQuery
* @see Session
* @see TemplatesCache
* @return bool Was Init actually made now or before
*/
function Init()
{
if($this->InitDone) return false;
if( defined('DEBUG_MODE') && $this->isDebugMode() && dbg_ConstOn('DBG_PROFILE_MEMORY') )
{
$this->Debugger->appendMemoryUsage('Application before Init:');
}
if( !$this->isDebugMode() && !constOn('DBG_ZEND_PRESENT') )
{
error_reporting(0);
ini_set('display_errors', 0);
}
if( !constOn('DBG_ZEND_PRESENT') )
{
$error_handler = set_error_handler( Array(&$this,'handleError') );
if($error_handler) $this->errorHandlers[] = $error_handler;
}
$this->Conn = new kDBConnection(SQL_TYPE, Array(&$this, 'handleSQLError') );
$this->Conn->Connect(SQL_SERVER, SQL_USER, SQL_PASS, SQL_DB);
$this->Conn->debugMode = $this->isDebugMode();
$this->Factory = new kFactory();
$this->registerDefaultClasses();
$this->Phrases = new PhrasesCache();
$this->EventManager =& $this->Factory->makeClass('EventManager');
$this->Factory->Storage['EventManager'] =& $this->EventManager;
$this->RegisterDefaultBuildEvents();
$this->SetDefaultConstants();
$this->UnitConfigReader =& $this->recallObject('kUnitConfigReader');
$this->UnitConfigReader->scanModules(MODULES_PATH);
$this->registerModuleConstants();
// extracted out of SetDefaultConstants because it uses ConfigValue which is read only in UnitConfigReader (optimization)
$this->SetAdminDirectory();
$rewrite_on = $this->ConfigValue('UseModRewrite');
// admin=1 - when front is browsed using admin session
$admin_on = getArrayValue($_REQUEST, 'admin') || $this->IsAdmin();
define('MOD_REWRITE', $rewrite_on && !$admin_on ? 1 : 0);
$this->HttpQuery =& $this->recallObject('HTTPQuery');
$this->Session =& $this->recallObject('Session');
$this->HttpQuery->AfterInit();
$this->UnitConfigReader->AfterConfigRead();
$this->LoadCache();
$this->InitConfig();
// Module items are recalled during url parsing & PhrasesCache is needed already there,
// because it's used in their build events. That's why phrases cache initialization is
// called from kHTTPQuery in case when mod_rewrite is used
if (!$this->RewriteURLs()) {
$this->Phrases = new PhrasesCache();
}
$this->Phrases->Init('phrases');
if(!$this->RecallVar('UserGroups')) {
$session =& $this->recallObject('Session');
$user_groups = trim($session->GetField('GroupList'), ',');
if (!$user_groups) $user_groups = $this->ConfigValue('User_GuestGroup');
$this->StoreVar('UserGroups', $user_groups);
}
if ($this->GetVar('m_cat_id') === false) $this->SetVar('m_cat_id', 0);
if( !$this->RecallVar('curr_iso') ) $this->StoreVar('curr_iso', $this->GetPrimaryCurrency() );
$this->SetVar('visits_id', $this->RecallVar('visit_id') );
$language =& $this->recallObject( 'lang.current', null, Array('live_table' => true) );
$this->HandleEvent( new kEvent('visits:OnRegisterVisit') );
$this->ValidateLogin();
if($this->isDebugMode()) {
$this->Debugger->profileFinish('kernel4_startup');
}
$this->InitDone = true;
return true;
}
/**
* Returns module information. Searches module by requested field
*
* @param string $field
* @param mixed $value
* @param string field value to returns, if not specified, then return all fields
* @param string field to return
* @param string field case-insensitive compare
* @return Array
*/
function findModule($field, $value, $return_field = null, $ci=false)
{
$found = false;
foreach ($this->ModuleInfo as $module_name => $module_info) {
if ($ci) {
if (strtolower($module_info[$field]) == strtolower($value)) {
$found = true;
break;
}
}
else {
if ($module_info[$field] == $value) {
$found = true;
break;
}
}
}
if ($found) {
return isset($return_field) ? $module_info[$return_field] : $module_info;
}
return false;
}
function refreshModuleInfo()
{
$modules_helper =& $this->recallObject('ModulesHelper');
$sql = 'SELECT *
FROM '.TABLE_PREFIX.'Modules
WHERE '.$modules_helper->getWhereClause().'
ORDER BY LoadOrder';
$this->ModuleInfo = $this->Conn->Query($sql, 'Name');
$this->registerModuleConstants();
}
/**
* Checks if passed language id if valid and sets it to primary otherwise
*
*/
function VerifyLanguageId()
{
$language_id = $this->GetVar('m_lang');
if (!$language_id) {
$language_id = $this->GetDefaultLanguageId();
if (!$language_id) {
if (!$this->Application->IsAdmin()) {
die ('No Primary Language Selected');
}
else {
$language_id = 1;
}
}
}
$this->SetVar('lang.current_id', $language_id );
$this->SetVar('m_lang', $language_id );
$lang_mode = $this->GetVar('lang_mode');
$this->SetVar('lang_mode', '');
$lang =& $this->recallObject('lang.current');
if ( !$lang->IsLoaded() || (!$this->Application->IsAdmin() && !$lang->GetDBField('Enabled')) ) {
if (!defined('IS_INSTALL')) die ('Unknown or disabled language');
}
$this->SetVar('lang_mode',$lang_mode);
}
/**
* Checks if passed theme id if valid and sets it to primary otherwise
*
*/
function VerifyThemeId()
{
if ($this->Application->IsAdmin()) return;
$theme_id = $this->GetVar('m_theme');
if (!$theme_id) {
$theme_id = $this->GetDefaultThemeId();
if (!$theme_id) {
die('No Primary Theme Selected');
}
}
$this->SetVar('m_theme', $theme_id);
$this->SetVar('theme.current_id', $theme_id ); // KOSTJA: this is to fool theme' getPassedId
$theme =& $this->recallObject('theme.current');
if (!$theme->IsLoaded() || !$theme->GetDBField('Enabled')) {
if (!defined('IS_INSTALL')) die('Unknown or disabled theme');
}
}
function GetDefaultLanguageId()
{
static $language_id = 0;
if ($language_id > 0) return $language_id;
$table = $this->getUnitOption('lang','TableName');
$id_field = $this->getUnitOption('lang','IDField');
$sql = 'SELECT '.$id_field.'
FROM '.$table.'
WHERE (PrimaryLang = 1) AND (Enabled = 1)';
$language_id = $this->Conn->GetOne($sql);
return $language_id;
}
function GetDefaultThemeId()
{
static $theme_id = 0;
if($theme_id > 0) return $theme_id;
if (constOn('DBG_FORCE_THEME')) {
$theme_id = DBG_FORCE_THEME;
}
else {
$table = $this->getUnitOption('theme','TableName');
$id_field = $this->getUnitOption('theme','IDField');
$sql = 'SELECT '.$id_field.'
FROM '.$table.'
WHERE (PrimaryTheme = 1) AND (Enabled = 1)';
$theme_id = $this->Conn->GetOne($sql);
}
return $theme_id;
}
function GetPrimaryCurrency()
{
if ($this->isModuleEnabled('In-Commerce')) {
$table = $this->getUnitOption('curr', 'TableName');
return $this->Conn->GetOne('SELECT ISO FROM '.$table.' WHERE IsPrimary = 1');
}
else {
return 'USD';
}
}
/**
* Registers default classes such as ItemController, GridController and LoginController
*
* Called automatically while initializing Application
* @access private
* @return void
*/
function RegisterDefaultClasses()
{
$this->registerClass('kTempTablesHandler', KERNEL_PATH.'/utility/temp_handler.php');
$this->registerClass('kEventManager', KERNEL_PATH.'/event_manager.php', 'EventManager');
$this->registerClass('kUnitConfigReader', KERNEL_PATH.'/utility/unit_config_reader.php');
$this->registerClass('kArray', KERNEL_PATH.'/utility/params.php');
$this->registerClass('Params', KERNEL_PATH.'/utility/params.php');
$this->registerClass('kCache', KERNEL_PATH.'/utility/cache.php', 'Cache', Array('Params'));
$this->registerClass('kHTTPQuery', KERNEL_PATH.'/utility/http_query.php', 'HTTPQuery', Array('Params') );
$this->registerClass('Session', KERNEL_PATH.'/session/session.php');
$this->registerClass('SessionStorage', KERNEL_PATH.'/session/session.php');
$this->registerClass('Params', KERNEL_PATH.'/utility/params.php', 'kActions');
/*$this->registerClass('kFormatter', KERNEL_PATH.'/utility/formatters.php');
$this->registerClass('kOptionsFormatter', KERNEL_PATH.'/utility/formatters.php');
$this->registerClass('kUploadFormatter', KERNEL_PATH.'/utility/formatters.php');
$this->registerClass('kPictureFormatter', KERNEL_PATH.'/utility/formatters.php');
$this->registerClass('kDateFormatter', KERNEL_PATH.'/utility/formatters.php');
$this->registerClass('kLEFTFormatter', KERNEL_PATH.'/utility/formatters.php');
$this->registerClass('kMultiLanguage', KERNEL_PATH.'/utility/formatters.php');
$this->registerClass('kPasswordFormatter', KERNEL_PATH.'/utility/formatters.php');
$this->registerClass('kCCDateFormatter', KERNEL_PATH.'/utility/formatters.php');
$this->registerClass('kUnitFormatter', KERNEL_PATH.'/utility/formatters.php');
$this->registerClass('kFilesizeFormatter', KERNEL_PATH.'/utility/formatters.php');
$this->registerClass('kSerializedFormatter', KERNEL_PATH.'/utility/formatters.php');*/
$this->registerClass('kMultipleFilter', KERNEL_PATH.'/utility/filters.php');
$this->registerClass('kDBList', KERNEL_PATH.'/db/dblist.php');
$this->registerClass('kDBItem', KERNEL_PATH.'/db/dbitem.php');
$this->registerClass('kDBEventHandler', KERNEL_PATH.'/db/db_event_handler.php');
$this->registerClass('kTagProcessor', KERNEL_PATH.'/processors/tag_processor.php');
$this->registerClass('kMainTagProcessor', KERNEL_PATH.'/processors/main_processor.php','m_TagProcessor', 'kTagProcessor');
$this->registerClass('kDBTagProcessor', KERNEL_PATH.'/db/db_tag_processor.php', null, 'kTagProcessor');
$this->registerClass('TemplatesCache', KERNEL_PATH.'/parser/template.php');
$this->registerClass('Template', KERNEL_PATH.'/parser/template.php');
$this->registerClass('TemplateParser', KERNEL_PATH.'/parser/template_parser.php',null, 'kDBTagProcessor');
$this->registerClass('kEmailMessage', KERNEL_PATH.'/utility/email.php');
$this->registerClass('kSmtpClient', KERNEL_PATH.'/utility/smtp_client.php');
if (file_exists(MODULES_PATH.'/in-commerce/units/currencies/currency_rates.php')) {
$this->registerClass('kCurrencyRates', MODULES_PATH.'/in-commerce/units/currencies/currency_rates.php');
}
$this->registerClass('FCKeditor', FULL_PATH.'/admin/editor/cmseditor/fckeditor.php'); // need this?
}
function RegisterDefaultBuildEvents()
{
$event_manager =& $this->recallObject('EventManager');
$event_manager->registerBuildEvent('kTempTablesHandler', 'OnTempHandlerBuild');
}
/**
* Returns item's filename that corresponds id passed. If possible, then get it from cache
*
* @param string $prefix
* @param int $id
* @return string
*/
function getFilename($prefix, $id)
{
$filename = $this->getCache('filenames', $prefix.'_'.$id);
if ($filename === false) {
$table = $this->getUnitOption($prefix, 'TableName');
$id_field = $this->getUnitOption($prefix, 'IDField');
if ($prefix == 'c') {
if(!$id) {
$this->setCache('filenames', $prefix.'_'.$id, '');
return '';
}
// this allows to save 2 sql queries for each category
$sql = 'SELECT NamedParentPath, CachedCategoryTemplate, CachedItemTemplate
FROM '.$table.'
WHERE '.$id_field.' = '.$this->Conn->qstr($id);
$category_data = $this->Conn->GetRow($sql);
$filename = $category_data['NamedParentPath'];
$this->setCache('category_templates', $id, $category_data['CachedCategoryTemplate']);
$this->setCache('item_templates', $id, $category_data['CachedItemTemplate']);
}
else {
$sql = 'SELECT Filename
FROM '.$table.'
WHERE '.$id_field.' = '.$this->Conn->qstr($id);
$filename = $this->Conn->GetOne($sql);
}
$this->setCache('filenames', $prefix.'_'.$id, $filename);
}
return $filename;
}
/**
* Adds new value to cache $cache_name and identified by key $key
*
* @param string $cache_name cache name
* @param int $key key name to add to cache
* @param mixed $value value of chached record
*/
function setCache($cache_name, $key, $value)
{
$cache =& $this->recallObject('Cache');
$cache->setCache($cache_name, $key, $value);
}
/**
* Returns cached $key value from cache named $cache_name
*
* @param string $cache_name cache name
* @param int $key key name from cache
* @return mixed
*/
function getCache($cache_name, $key)
{
$cache =& $this->recallObject('Cache');
return $cache->getCache($cache_name, $key);
}
/**
* Defines default constants if it's not defined before - in config.php
*
* @access private
*/
function SetDefaultConstants()
{
safeDefine('SERVER_NAME', $_SERVER['HTTP_HOST']);
}
function SetAdminDirectory()
{
$admin_dir = $this->ConfigValue('AdminDirectory');
if(!$admin_dir) $admin_dir = 'admin';
safeDefine('ADMIN_DIR', $admin_dir);
}
/**
* Registers each module specific constants if any found
*
*/
function registerModuleConstants()
{
if (!$this->ModuleInfo) return false;
foreach($this->ModuleInfo as $module_name => $module_info)
{
$module_path = '/'.$module_info['Path'];
$contants_file = FULL_PATH.$module_path.'constants.php';
if( file_exists($contants_file) ) k4_include_once($contants_file);
}
return true;
}
function ProcessRequest()
{
$event_manager =& $this->recallObject('EventManager');
if( $this->isDebugMode() && dbg_ConstOn('DBG_SHOW_HTTPQUERY') )
{
global $debugger;
$http_query =& $this->recallObject('HTTPQuery');
$debugger->appendHTML('HTTPQuery:');
$debugger->dumpVars($http_query->_Params);
}
$event_manager->ProcessRequest();
$event_manager->RunRegularEvents(reBEFORE);
$this->RequestProcessed = true;
}
/**
* Actually runs the parser against current template and stores parsing result
*
* This method gets t variable passed to the script, loads the template given in t variable and
* parses it. The result is store in {@link $this->HTML} property.
* @access public
* @return void
*/
function Run()
{
if( $this->isDebugMode() && dbg_ConstOn('DBG_PROFILE_MEMORY') )
{
$this->Debugger->appendMemoryUsage('Application before Run:');
}
if ($this->IsAdmin()) {
// for permission checking in events & templates
$this->LinkVar('module'); // for common configuration templates
$this->LinkVar('section'); // for common configuration templates
if ($this->GetVar('m_opener') == 'p') {
$this->LinkVar('main_prefix'); // window prefix, that opened selector
$this->LinkVar('dst_field'); // field to set value choosed in selector
$this->LinkVar('return_template'); // template to go, when something was coosen from popup (from finalizePopup)
}
}
if (!$this->RequestProcessed) $this->ProcessRequest();
$this->InitParser();
$template_cache =& $this->recallObject('TemplatesCache');
$t = $this->GetVar('t');
if ($this->isModuleEnabled('In-CMS')) {
$cms_handler =& $this->recallObject('cms_EventHandler');
if (!$template_cache->TemplateExists($t) && !$this->IsAdmin()) {
$t = $cms_handler->GetDesignTemplate();
}
/*else {
$cms_handler->SetCatByTemplate();
}*/
}
if( $this->isDebugMode() && dbg_ConstOn('DBG_PROFILE_MEMORY') )
{
$this->Debugger->appendMemoryUsage('Application before Parsing:');
}
$this->HTML = $this->Parser->Parse( $template_cache->GetTemplateBody($t), $t );
if( $this->isDebugMode() && dbg_ConstOn('DBG_PROFILE_MEMORY') )
{
$this->Debugger->appendMemoryUsage('Application after Parsing:');
}
}
function InitParser()
{
if( !is_object($this->Parser) ) $this->Parser =& $this->recallObject('TemplateParser');
}
/**
* Send the parser results to browser
*
* Actually send everything stored in {@link $this->HTML}, to the browser by echoing it.
* @access public
* @return void
*/
function Done()
{
if( $this->isDebugMode() && dbg_ConstOn('DBG_PROFILE_MEMORY') )
{
$this->Debugger->appendMemoryUsage('Application before Done:');
}
if( $this->GetVar('admin') )
{
$reg = '/('.preg_quote(BASE_PATH, '/').'.*\.html)(#.*){0,1}(")/sU';
$this->HTML = preg_replace($reg, "$1?admin=1$2$3", $this->HTML);
}
//eval("?".">".$this->HTML);
echo $this->HTML;
$this->UpdateCache();
flush();
if ($this->isDebugMode() && dbg_ConstOn('DBG_CACHE')) {
$cache =& $this->recallObject('Cache');
$cache->printStatistics();
}
$event_manager =& $this->recallObject('EventManager');
$event_manager->RunRegularEvents(reAFTER);
$session =& $this->recallObject('Session');
$session->SaveData();
//$this->SaveBlocksCache();
}
function SaveBlocksCache()
{
/*if (constOn('EXPERIMENTAL_PRE_PARSE')) {
$data = serialize($this->PreParsedCache);
$this->Conn->Query('REPLACE '.TABLE_PREFIX.'Cache (VarName, Data, Cached) VALUES ("blocks_cache", '.$this->Conn->qstr($data).', '.adodb_mktime().')');
}*/
}
// Facade
/**
* Returns current session id (SID)
* @access public
* @return longint
*/
function GetSID()
{
$session =& $this->recallObject('Session');
return $session->GetID();
}
function DestroySession()
{
$session =& $this->recallObject('Session');
$session->Destroy();
}
/**
* Returns variable passed to the script as GET/POST/COOKIE
*
* @access public
* @param string $name Name of variable to retrieve
* @param int $default default value returned in case if varible not present
* @return mixed
*/
function GetVar($name, $default = false)
{
// $http_query =& $this->recallObject('HTTPQuery');
return isset($this->HttpQuery->_Params[$name]) ? $this->HttpQuery->_Params[$name] : $default;
}
/**
* Returns ALL variables passed to the script as GET/POST/COOKIE
*
* @access public
* @return array
*/
function GetVars()
{
return $this->HttpQuery->GetParams();
}
/**
* Set the variable 'as it was passed to the script through GET/POST/COOKIE'
*
* This could be useful to set the variable when you know that
* other objects would relay on variable passed from GET/POST/COOKIE
* or you could use SetVar() / GetVar() pairs to pass the values between different objects.<br>
*
* This method is formerly known as $this->Session->SetProperty.
* @param string $var Variable name to set
* @param mixed $val Variable value
* @access public
* @return void
*/
function SetVar($var,$val)
{
// $http_query =& $this->recallObject('HTTPQuery');
return $this->HttpQuery->Set($var,$val);
}
/**
* Deletes kHTTPQuery variable
*
* @param string $var
* @todo think about method name
*/
function DeleteVar($var)
{
return $this->HttpQuery->Remove($var);
}
/**
* Deletes Session variable
*
* @param string $var
*/
function RemoveVar($var)
{
return $this->Session->RemoveVar($var);
}
/**
* Restores Session variable to it's db version
*
* @param string $var
*/
function RestoreVar($var)
{
return $this->Session->RestoreVar($var);
}
/**
* Returns session variable value
*
* Return value of $var variable stored in Session. An optional default value could be passed as second parameter.
*
* @see SimpleSession
* @access public
* @param string $var Variable name
* @param mixed $default Default value to return if no $var variable found in session
* @return mixed
*/
function RecallVar($var,$default=false)
{
return $this->Session->RecallVar($var,$default);
}
/**
* Stores variable $val in session under name $var
*
* Use this method to store variable in session. Later this variable could be recalled.
* @see RecallVar
* @access public
* @param string $var Variable name
* @param mixed $val Variable value
*/
function StoreVar($var, $val)
{
$session =& $this->recallObject('Session');
$this->Session->StoreVar($var, $val);
}
function StoreVarDefault($var, $val)
{
$session =& $this->recallObject('Session');
$this->Session->StoreVarDefault($var, $val);
}
/**
* Links HTTP Query variable with session variable
*
* If variable $var is passed in HTTP Query it is stored in session for later use. If it's not passed it's recalled from session.
* This method could be used for making sure that GetVar will return query or session value for given
* variable, when query variable should overwrite session (and be stored there for later use).<br>
* This could be used for passing item's ID into popup with multiple tab -
* in popup script you just need to call LinkVar('id', 'current_id') before first use of GetVar('id').
* After that you can be sure that GetVar('id') will return passed id or id passed earlier and stored in session
* @access public
* @param string $var HTTP Query (GPC) variable name
* @param mixed $ses_var Session variable name
* @param mixed $default Default variable value
*/
function LinkVar($var, $ses_var = null, $default = '')
{
if (!isset($ses_var)) $ses_var = $var;
if ($this->GetVar($var) !== false) {
$this->StoreVar($ses_var, $this->GetVar($var));
}
else {
$this->SetVar($var, $this->RecallVar($ses_var, $default));
}
}
/**
* Returns variable from HTTP Query, or from session if not passed in HTTP Query
*
* The same as LinkVar, but also returns the variable value taken from HTTP Query if passed, or from session if not passed.
* Returns the default value if variable does not exist in session and was not passed in HTTP Query
*
* @see LinkVar
* @access public
* @param string $var HTTP Query (GPC) variable name
* @param mixed $ses_var Session variable name
* @param mixed $default Default variable value
* @return mixed
*/
function GetLinkedVar($var, $ses_var = null, $default = '')
{
$this->LinkVar($var, $ses_var, $default);
return $this->GetVar($var);
}
function AddBlock($name, $tpl)
{
$this->cache[$name] = $tpl;
}
function SetTemplateBody($title,$body)
{
$templates_cache =& $this->recallObject('TemplatesCache');
$templates_cache->SetTemplateBody($title,$body);
}
function ProcessTag($tag_data)
{
$a_tag = new Tag($tag_data,$this->Parser);
return $a_tag->DoProcessTag();
}
function ProcessParsedTag($prefix, $tag, $params)
{
$a_tag = new Tag('',$this->Parser);
$a_tag->Tag = $tag;
$a_tag->Processor = $prefix;
$a_tag->NamedParams = $params;
return $a_tag->DoProcessTag();
}
/**
* Return ADODB Connection object
*
* Returns ADODB Connection object already connected to the project database, configurable in config.php
* @access public
* @return kDBConnection
*/
function &GetADODBConnection()
{
return $this->Conn;
}
function ParseBlock($params,$pass_params=0,$as_template=false)
{
if (substr($params['name'], 0, 5) == 'html:') return substr($params['name'], 6);
return $this->Parser->ParseBlock($params, $pass_params, $as_template);
}
/**
* Returns index file, that could be passed as parameter to method, as parameter to tag and as constant or not passed at all
*
* @param string $prefix
* @param string $index_file
* @param Array $params
* @return string
*/
function getIndexFile($prefix, $index_file, &$params)
{
if (isset($params['index_file'])) {
$index_file = $params['index_file'];
unset($params['index_file']);
return $index_file;
}
if (isset($index_file)) {
return $index_file;
}
if (defined('INDEX_FILE')) {
return INDEX_FILE;
}
$cut_prefix = trim(BASE_PATH, '/').'/'.trim($prefix, '/');
return trim(preg_replace('/'.preg_quote($cut_prefix, '/').'(.*)/', '\\1', $_SERVER['PHP_SELF']), '/');
}
/**
* Return href for template
*
* @access public
* @param string $t Template path
* @var string $prefix index.php prefix - could be blank, 'admin'
*/
function HREF($t, $prefix='', $params=null, $index_file=null)
{
if(!$t) $t = $this->GetVar('t'); // moved from kMainTagProcessor->T()
if ($this->GetVar('skip_last_template')) {
$params['opener'] = 'p';
$this->SetVar('m_opener', 'p');
}
if ($t == 'incs/close_popup') {
// because this template closes the popup and we don't need popup mark here anymore
$params['m_opener'] = 's';
}
if( substr($t, -4) == '.tpl' ) $t = substr($t, 0, strlen($t) - 4 );
if ( $this->IsAdmin() && $prefix == '') $prefix = '/admin';
if ( $this->IsAdmin() && $prefix == '_FRONT_END_') $prefix = '';
$index_file = $this->getIndexFile($prefix, $index_file, $params);
$ssl = isset($params['__SSL__']) ? $params['__SSL__'] : null;
if ($ssl !== null) {
$session =& $this->recallObject('Session');
$cookie_url = $session->CookieDomain.$session->CookiePath;
if ($ssl) {
$target_url = $this->ConfigValue('SSL_URL');
}
else {
$target_url = 'http://'.DOMAIN.$this->ConfigValue('Site_Path');
}
if (!preg_match('#'.preg_quote($cookie_url).'#', $target_url)) {
$session->SetMode(smGET_ONLY);
}
}
if (getArrayValue($params, 'opener') == 'u') {
$opener_stack=$this->RecallVar('opener_stack');
if($opener_stack) {
$opener_stack=unserialize($opener_stack);
if (count($opener_stack) > 0) {
list($index_file, $env) = explode('|', $opener_stack[count($opener_stack)-1]);
$ret = $this->BaseURL($prefix, $ssl).$index_file.'?'.ENV_VAR_NAME.'='.$env;
if( getArrayValue($params,'escape') ) $ret = addslashes($ret);
return $ret;
}
else {
//define('DBG_REDIRECT', 1);
$t = $this->GetVar('t');
}
}
else {
//define('DBG_REDIRECT', 1);
$t = $this->GetVar('t');
}
}
$pass = isset($params['pass']) ? $params['pass'] : '';
$pass_events = isset($params['pass_events']) ? $params['pass_events'] : false; // pass events with url
$map_link = '';
if( isset($params['anchor']) )
{
$map_link = '#'.$params['anchor'];
unset($params['anchor']);
}
if ( isset($params['no_amp']) )
{
$params['__URLENCODE__'] = $params['no_amp'];
unset($params['no_amp']);
}
$no_rewrite = false;
if( isset($params['__NO_REWRITE__']) )
{
$no_rewrite = true;
unset($params['__NO_REWRITE__']);
}
if ($this->RewriteURLs($ssl) && !$no_rewrite)
{
$session =& $this->recallObject('Session');
if( $session->NeedQueryString() ) $params['sid'] = $this->GetSID();
$url = $this->BuildEnv_NEW($t, $params, $pass, $pass_events);
$ret = $this->BaseURL($prefix, $ssl).$url.$map_link;
}
else
{
$env = $this->BuildEnv($t, $params, $pass, $pass_events);
$ret = $this->BaseURL($prefix, $ssl).$index_file.'?'.$env.$map_link;
}
return $ret;
}
/**
* Returns sorted array of passed prefixes (to build url from)
*
* @param string $pass
* @return Array
*/
function getPassInfo($pass = 'all')
{
$pass = str_replace('all', trim($this->GetVar('passed'), ','), $pass);
if (!$pass) {
return Array();
}
$pass_info = array_unique( explode(',', $pass) ); // array( prefix[.special], prefix[.special] ...
sort($pass_info, SORT_STRING); // to be prefix1,prefix1.special1,prefix1.special2,prefix3.specialX
// ensure that "m" prefix is at the beginning
$main_index = array_search('m', $pass_info);
if ($main_index !== false) {
unset($pass_info[$main_index]);
array_unshift($pass_info, 'm');
}
return $pass_info;
}
function BuildEnv_NEW($t, $params, $pass = 'all', $pass_events = false)
{
// $session =& $this->recallObject('Session');
$force_admin = getArrayValue($params,'admin') || $this->GetVar('admin');
// if($force_admin) $sid = $this->GetSID();
$ret = '';
$env = '';
$encode = false;
if (isset($params['__URLENCODE__']))
{
$encode = $params['__URLENCODE__'];
unset($params['__URLENCODE__']);
}
if (isset($params['__SSL__'])) {
unset($params['__SSL__']);
}
$pass_info = $this->getPassInfo($pass);
if ($pass_info) {
if ($pass_info[0] == 'm') array_shift($pass_info);
$params['t'] = $t;
foreach($pass_info as $pass_index => $pass_element)
{
list($prefix) = explode('.', $pass_element);
$require_rewrite = $this->findModule('Var', $prefix);
if ($require_rewrite) {
// if next prefix is same as current, but with special => exclude current prefix from url
$next_prefix = getArrayValue($pass_info, $pass_index + 1);
if ($next_prefix) {
$next_prefix = substr($next_prefix, 0, strlen($prefix) + 1);
if ($prefix.'.' == $next_prefix) continue;
}
$ret .= '/'.$this->BuildModuleEnv_NEW($pass_element, $params, $pass_events);
}
else
{
$env .= ':'.$this->BuildModuleEnv($pass_element, $params, $pass_events);
}
}
$ret = $this->BuildModuleEnv_NEW('m', $params, $pass_events).$ret;
$ret = trim($ret, '/').'.html';
if($env) $params[ENV_VAR_NAME] = ltrim($env, ':');
}
unset($params['pass'], $params['opener'], $params['m_event']);
if ($force_admin) $params['admin'] = 1;
if( getArrayValue($params,'escape') )
{
$ret = addslashes($ret);
unset($params['escape']);
}
$params_str = '';
$join_string = $encode ? '&' : '&amp;';
foreach ($params as $param => $value)
{
$params_str .= $join_string.$param.'='.$value;
}
$ret .= preg_replace('/^'.$join_string.'(.*)/', '?\\1', $params_str);
if ($encode) {
$ret = str_replace('\\', '%5C', $ret);
}
return $ret;
}
function BuildModuleEnv_NEW($prefix_special, &$params, $pass_events = false)
{
$event_params = Array('pass_events' => $pass_events, 'url_params' => $params);
$event = new kEvent($prefix_special.':BuildEnv', $event_params);
$this->HandleEvent($event);
$params = $event->getEventParam('url_params'); // save back unprocessed parameters
$ret = '';
if ($event->getEventParam('env_string')) {
$ret = trim( $event->getEventParam('env_string'), '/');
}
return $ret;
}
/**
* Builds env part that corresponds prefix passed
*
* @param string $prefix_special item's prefix & [special]
* @param Array $params url params
* @param bool $pass_events
*/
function BuildModuleEnv($prefix_special, &$params, $pass_events = false)
{
list($prefix) = explode('.', $prefix_special);
$query_vars = $this->getUnitOption($prefix, 'QueryString');
//if pass events is off and event is not implicity passed
if( !$pass_events && !isset($params[$prefix_special.'_event']) ) {
$params[$prefix_special.'_event'] = ''; // remove event from url if requested
//otherwise it will use value from get_var
}
if(!$query_vars) return '';
$tmp_string = Array(0 => $prefix_special);
foreach($query_vars as $index => $var_name)
{
//if value passed in params use it, otherwise use current from application
$var_name = $prefix_special.'_'.$var_name;
$tmp_string[$index] = isset( $params[$var_name] ) ? $params[$var_name] : $this->GetVar($var_name);
if ( isset($params[$var_name]) ) unset( $params[$var_name] );
}
$escaped = array();
foreach ($tmp_string as $tmp_val) {
$escaped[] = str_replace(Array('-',':'), Array('\-','\:'), $tmp_val);
}
$ret = implode('-', $escaped);
if ($this->getUnitOption($prefix, 'PortalStyleEnv') == true)
{
$ret = preg_replace('/^([a-zA-Z]+)-([0-9]+)-(.*)/','\\1\\2-\\3', $ret);
}
return $ret;
}
function BuildEnv($t, $params, $pass='all', $pass_events = false, $env_var = true)
{
$session =& $this->recallObject('Session');
$ssl = isset($params['__SSL__']) ? $params['__SSL__'] : 0;
$sid = $session->NeedQueryString() && !$this->RewriteURLs($ssl) ? $this->GetSID() : '';
if (getArrayValue($params,'admin') == 1) $sid = $this->GetSID();
$ret = '';
if ($env_var) {
$ret = ENV_VAR_NAME.'=';
}
$ret .= $sid.(constOn('INPORTAL_ENV') ? '-' : ':');
$encode = false;
if (isset($params['__URLENCODE__'])) {
$encode = $params['__URLENCODE__'];
unset($params['__URLENCODE__']);
}
if (isset($params['__SSL__'])) {
unset($params['__SSL__']);
}
$env_string = '';
$category_id = isset($params['m_cat_id']) ? $params['m_cat_id'] : $this->GetVar('m_cat_id');
$item_id = 0;
$pass_info = $this->getPassInfo($pass);
if ($pass_info) {
if ($pass_info[0] == 'm') array_shift($pass_info);
foreach ($pass_info as $pass_element) {
list($prefix) = explode('.', $pass_element);
$require_rewrite = $this->findModule('Var', $prefix);
if ($require_rewrite) {
$item_id = isset($params[$pass_element.'_id']) ? $params[$pass_element.'_id'] : $this->GetVar($pass_element.'_id');
}
$env_string .= ':'.$this->BuildModuleEnv($pass_element, $params, $pass_events);
}
}
if (strtolower($t) == '__default__') {
// to put category & item templates into cache
$filename = $this->getFilename('c', $category_id);
if ($item_id) {
$t = $this->getCache('item_templates', $category_id);
}
elseif ($category_id) {
$t = $this->getCache('category_templates', $category_id);
}
else {
$t = 'index';
}
}
$ret .= $t.':'.$this->BuildModuleEnv('m', $params, $pass_events).$env_string;
unset($params['pass']);
unset($params['opener']);
unset($params['m_event']);
if ($this->GetVar('admin') && !isset($params['admin'])) {
$params['admin'] = 1;
}
if( getArrayValue($params,'escape') )
{
$ret = addslashes($ret);
unset($params['escape']);
}
$join_string = $encode ? '&' : '&amp;';
$params_str = '';
foreach ($params as $param => $value)
{
$params_str .= $join_string.$param.'='.$value;
}
$ret .= $params_str;
if ($encode) {
$ret = str_replace('\\', '%5C', $ret);
}
return $ret;
}
function BaseURL($prefix='', $ssl=null)
{
if ($ssl === null) {
return PROTOCOL.SERVER_NAME.(defined('PORT')?':'.PORT : '').rtrim(BASE_PATH, '/').$prefix.'/';
}
else {
if ($ssl) {
return rtrim( $this->ConfigValue('SSL_URL'), '/').$prefix.'/';
}
else {
return 'http://'.DOMAIN.(defined('PORT')?':'.PORT : '').rtrim( $this->ConfigValue('Site_Path'), '/').$prefix.'/';
}
}
}
function Redirect($t='', $params=null, $prefix='', $index_file=null)
{
if ($t == '' || $t === true) $t = $this->GetVar('t');
// pass prefixes and special from previous url
$js_redirect = getArrayValue($params, 'js_redirect');
if( isset($params['js_redirect']) ) unset($params['js_redirect']);
if (!isset($params['pass'])) $params['pass'] = 'all';
$params['__URLENCODE__'] = 1;
$location = $this->HREF($t, $prefix, $params, $index_file);
$a_location = $location;
$location = "Location: $location";
//echo " location : $location <br>";
if( $this->isDebugMode() && dbg_ConstOn('DBG_REDIRECT') )
{
/*if( function_exists('apache_response_headers') )
{
$this->Debugger->appendHTML('Apache Responce Headers');
$this->Debugger->dumpVars( apache_response_headers() );
$this->Debugger->appendHTML('Apache Request Headers');
$this->Debugger->dumpVars( apache_request_headers() );
}*/
$this->Debugger->appendTrace();
echo "<b>Debug output above!!!</b> Proceed to redirect: <a href=\"$a_location\">$a_location</a><br>";
}
else
{
if($js_redirect)
{
$this->SetVar('t', 'redirect');
$this->SetVar('redirect_to_js', addslashes($a_location) );
$this->SetVar('redirect_to', $a_location);
return true;
}
else
{
if(headers_sent() != '')
{
echo '<script language="javascript" type="text/javascript">window.location.href = \''.$a_location.'\';</script>';
}
else
{
header("$location");
}
}
}
$session =& $this->recallObject('Session');
$session->SaveData();
$this->SaveBlocksCache();
exit;
}
function Phrase($label)
{
return $this->Phrases->GetPhrase($label);
}
/**
* Replace language tags in exclamation marks found in text
*
* @param string $text
* @param bool $force_escape force escaping, not escaping of resulting string
* @return string
* @access public
*/
function ReplaceLanguageTags($text, $force_escape=null)
{
// !!!!!!!!
// if( !is_object($this->Phrases) ) $this->Debugger->appendTrace();
return $this->Phrases->ReplaceLanguageTags($text,$force_escape);
}
/**
* Checks if user is logged in, and creates
* user object if so. User object can be recalled
* later using "u" prefix. Also you may
* get user id by getting "u_id" variable.
*
* @access private
*/
function ValidateLogin()
{
$session =& $this->recallObject('Session');
$user_id = $session->GetField('PortalUserId');
if (!$user_id && $user_id != -1) $user_id = -2;
$this->SetVar('u_id', $user_id);
$this->StoreVar('user_id', $user_id);
if ($this->GetVar('expired') == 1) {
$user =& $this->recallObject('u');
$user->SetError('ValidateLogin', 'session_expired', 'la_text_sess_expired');
}
if (($user_id != -2) && constOn('DBG_REQUREST_LOG') ) {
$http_query =& $this->recallObject('HTTPQuery');
$http_query->writeRequestLog(DBG_REQUREST_LOG);
}
}
function LoadCache() {
$cache_key = $this->GetVar('t').$this->GetVar('m_theme').$this->GetVar('m_lang').$this->IsAdmin();
$query = sprintf("SELECT PhraseList, ConfigVariables FROM %s WHERE Template = %s",
TABLE_PREFIX.'PhraseCache',
$this->Conn->Qstr(md5($cache_key)));
$res = $this->Conn->GetRow($query);
if ($res) {
$this->Caches['PhraseList'] = $res['PhraseList'] ? explode(',', $res['PhraseList']) : array();
$config_ids = $res['ConfigVariables'] ? explode(',', $res['ConfigVariables']) : array();
$config_ids = array_diff($config_ids, $this->Caches['ConfigVariables']);
}
else {
$config_ids = array();
}
$this->Caches['ConfigVariables'] = $config_ids;
$this->ConfigCacheIds = $config_ids;
}
function UpdateCache()
{
$update = false;
//something changed
$update = $update || $this->Phrases->NeedsCacheUpdate();
$update = $update || (count($this->ConfigCacheIds) && $this->ConfigCacheIds != $this->Caches['ConfigVariables']);
if ($update) {
$cache_key = $this->GetVar('t').$this->GetVar('m_theme').$this->GetVar('m_lang').$this->IsAdmin();
$query = sprintf("REPLACE %s (PhraseList, CacheDate, Template, ConfigVariables)
VALUES (%s, %s, %s, %s)",
TABLE_PREFIX.'PhraseCache',
$this->Conn->Qstr(join(',', $this->Phrases->Ids)),
adodb_mktime(),
$this->Conn->Qstr(md5($cache_key)),
$this->Conn->qstr(implode(',', array_unique($this->ConfigCacheIds))));
$this->Conn->Query($query);
}
}
function InitConfig()
{
if (isset($this->Caches['ConfigVariables']) && count($this->Caches['ConfigVariables']) > 0) {
$this->ConfigHash = array_merge($this->ConfigHash, $this->Conn->GetCol(
'SELECT VariableValue, VariableName FROM '.TABLE_PREFIX.'ConfigurationValues
WHERE VariableId IN ('.implode(',', $this->Caches['ConfigVariables']).')', 'VariableName'));
}
}
/**
* Returns configuration option value by name
*
* @param string $name
* @return string
*/
function ConfigValue($name)
{
$res = isset($this->ConfigHash[$name]) ? $this->ConfigHash[$name] : false;
if ($res !== false) return $res;
$res = $this->Conn->GetRow('SELECT VariableId, VariableValue FROM '.TABLE_PREFIX.'ConfigurationValues WHERE VariableName = '.$this->Conn->qstr($name));
if ($res) {
$this->ConfigHash[$name] = $res['VariableValue'];
$this->ConfigCacheIds[] = $res['VariableId'];
return $res['VariableValue'];
}
return false;
}
function UpdateConfigCache()
{
if ($this->ConfigCacheIds) {
}
}
/**
* Allows to process any type of event
*
* @param kEvent $event
* @access public
* @author Alex
*/
function HandleEvent(&$event, $params=null, $specificParams=null)
{
if ( isset($params) ) {
$event = new kEvent( $params, $specificParams );
}
if (!isset($this->EventManager)) {
$this->EventManager =& $this->recallObject('EventManager');
}
$this->EventManager->HandleEvent($event);
}
/**
* Registers new class in the factory
*
* @param string $real_class Real name of class as in class declaration
* @param string $file Filename in what $real_class is declared
* @param string $pseudo_class Name under this class object will be accessed using getObject method
* @param Array $dependecies List of classes required for this class functioning
* @access public
* @author Alex
*/
function registerClass($real_class, $file, $pseudo_class = null, $dependecies = Array() )
{
$this->Factory->registerClass($real_class, $file, $pseudo_class, $dependecies);
}
/**
* Add $class_name to required classes list for $depended_class class.
* All required class files are included before $depended_class file is included
*
* @param string $depended_class
* @param string $class_name
* @author Alex
*/
function registerDependency($depended_class, $class_name)
{
$this->Factory->registerDependency($depended_class, $class_name);
}
/**
* Registers Hook from subprefix event to master prefix event
*
* @param string $hookto_prefix
* @param string $hookto_special
* @param string $hookto_event
* @param string $mode
* @param string $do_prefix
* @param string $do_special
* @param string $do_event
* @param string $conditional
* @access public
* @todo take care of a lot parameters passed
* @author Kostja
*/
function registerHook($hookto_prefix, $hookto_special, $hookto_event, $mode, $do_prefix, $do_special, $do_event, $conditional)
{
$event_manager =& $this->recallObject('EventManager');
$event_manager->registerHook($hookto_prefix, $hookto_special, $hookto_event, $mode, $do_prefix, $do_special, $do_event, $conditional);
}
/**
* Allows one TagProcessor tag act as other TagProcessor tag
*
* @param Array $tag_info
* @author Kostja
*/
function registerAggregateTag($tag_info)
{
$aggregator =& $this->recallObject('TagsAggregator', 'kArray');
$aggregator->SetArrayValue($tag_info['AggregateTo'], $tag_info['AggregatedTagName'], Array($tag_info['LocalPrefix'], $tag_info['LocalTagName'], getArrayValue($tag_info, 'LocalSpecial')));
}
/**
* Returns object using params specified,
* creates it if is required
*
* @param string $name
* @param string $pseudo_class
* @param Array $event_params
* @return Object
* @author Alex
*/
function &recallObject($name,$pseudo_class=null,$event_params=Array())
{
$result =& $this->Factory->getObject($name, $pseudo_class, $event_params);
return $result;
}
/**
* Returns object using Variable number of params,
* all params starting with 4th are passed to object consturctor
*
* @param string $name
* @param string $pseudo_class
* @param Array $event_params
* @return Object
* @author Alex
*/
function &recallObjectP($name,$pseudo_class=null,$event_params=Array())
{
$func_args = func_get_args();
$result =& ref_call_user_func_array( Array(&$this->Factory, 'getObjectP'), $func_args );
return $result;
}
/**
* Returns tag processor for prefix specified
*
* @param string $prefix
* @return kDBTagProcessor
*/
function &recallTagProcessor($prefix)
{
$result =& $this->recallObject($prefix.'_TagProcessor');
return $result;
}
/**
* Checks if object with prefix passes was already created in factory
*
* @param string $name object presudo_class, prefix
* @return bool
* @author Kostja
*/
function hasObject($name)
{
return isset($this->Factory->Storage[$name]);
}
/**
* Removes object from storage by given name
*
* @param string $name Object's name in the Storage
* @author Kostja
*/
function removeObject($name)
{
$this->Factory->DestroyObject($name);
}
/**
* Get's real class name for pseudo class,
* includes class file and creates class
* instance
*
* @param string $pseudo_class
* @return Object
* @access public
* @author Alex
*/
function &makeClass($pseudo_class)
{
$func_args = func_get_args();
$result =& ref_call_user_func_array( Array(&$this->Factory, 'makeClass'), $func_args);
return $result;
}
/**
* Checks if application is in debug mode
*
* @param bool $check_debugger check if kApplication debugger is initialized too, not only for defined DEBUG_MODE constant
* @return bool
* @author Alex
* @access public
*/
function isDebugMode($check_debugger = true)
{
$debug_mode = defined('DEBUG_MODE') && DEBUG_MODE;
if($check_debugger)
{
$debug_mode = $debug_mode && is_object($this->Debugger);
}
return $debug_mode;
}
/**
* Checks if it is admin
*
* @return bool
* @author Alex
*/
function IsAdmin()
{
return constOn('ADMIN');
}
/**
* Apply url rewriting used by mod_rewrite or not
*
* @param bool $ssl Force ssl link to be build
* @return bool
*/
function RewriteURLs($ssl = false)
{
// case #1,#4:
// we want to create https link from http mode
// we want to create https link from https mode
// conditions: ($ssl || PROTOCOL == 'https://') && $this->ConfigValue('UseModRewriteWithSSL')
// case #2,#3:
// we want to create http link from https mode
// we want to create http link from http mode
// conditions: !$ssl && (PROTOCOL == 'https://' || PROTOCOL == 'http://')
$allow_rewriting =
(!$ssl && (PROTOCOL == 'https://' || PROTOCOL == 'http://')) // always allow mod_rewrite for http
|| // or allow rewriting for redirect TO httpS or when already in httpS
(($ssl || PROTOCOL == 'https://') && $this->ConfigValue('UseModRewriteWithSSL')); // but only if it's allowed in config!
return constOn('MOD_REWRITE') && $allow_rewriting;
}
/**
* Reads unit (specified by $prefix)
* option specified by $option
*
* @param string $prefix
* @param string $option
* @param mixed $default
* @return string
* @access public
* @author Alex
*/
function getUnitOption($prefix, $option, $default = false)
{
/*if (!isset($this->UnitConfigReader)) {
$this->UnitConfigReader =& $this->recallObject('kUnitConfigReader');
}*/
return $this->UnitConfigReader->getUnitOption($prefix, $option, $default);
}
/**
* Set's new unit option value
*
* @param string $prefix
* @param string $name
* @param string $value
* @author Alex
* @access public
*/
function setUnitOption($prefix, $option, $value)
{
// $unit_config_reader =& $this->recallObject('kUnitConfigReader');
return $this->UnitConfigReader->setUnitOption($prefix,$option,$value);
}
/**
* Read all unit with $prefix options
*
* @param string $prefix
* @return Array
* @access public
* @author Alex
*/
function getUnitOptions($prefix)
{
// $unit_config_reader =& $this->recallObject('kUnitConfigReader');
return $this->UnitConfigReader->getUnitOptions($prefix);
}
/**
* Returns true if config exists and is allowed for reading
*
* @param string $prefix
* @return bool
*/
function prefixRegistred($prefix)
{
/*if (!isset($this->UnitConfigReader)) {
$this->UnitConfigReader =& $this->recallObject('kUnitConfigReader');
}*/
return $this->UnitConfigReader->prefixRegistred($prefix);
}
/**
* Splits any mixing of prefix and
* special into correct ones
*
* @param string $prefix_special
* @return Array
* @access public
* @author Alex
*/
function processPrefix($prefix_special)
{
return $this->Factory->processPrefix($prefix_special);
}
/**
* Set's new event for $prefix_special
* passed
*
* @param string $prefix_special
* @param string $event_name
* @access public
*/
function setEvent($prefix_special,$event_name)
{
$event_manager =& $this->recallObject('EventManager');
$event_manager->setEvent($prefix_special,$event_name);
}
/**
* SQL Error Handler
*
* @param int $code
* @param string $msg
* @param string $sql
* @return bool
* @access private
* @author Alex
*/
function handleSQLError($code, $msg, $sql)
{
if ( isset($this->Debugger) )
{
$errorLevel = constOn('DBG_SQL_FAILURE') && !defined('IS_INSTALL') ? E_USER_ERROR : E_USER_WARNING;
$this->Debugger->dumpVars($_REQUEST);
$this->Debugger->appendTrace();
$error_msg = '<span class="debug_error">'.$msg.' ('.$code.')</span><br><a href="javascript:$Debugger.SetClipboard(\''.htmlspecialchars($sql).'\');"><b>SQL</b></a>: '.$this->Debugger->formatSQL($sql);
$long_id = $this->Debugger->mapLongError($error_msg);
trigger_error( substr($msg.' ('.$code.') ['.$sql.']',0,1000).' #'.$long_id, $errorLevel);
return true;
}
else
{
//$errorLevel = constOn('IS_INSTALL') ? E_USER_WARNING : E_USER_ERROR;
$errorLevel = E_USER_WARNING;
trigger_error('<b>SQL Error</b> in sql: '.$sql.', code <b>'.$code.'</b> ('.$msg.')', $errorLevel);
/*echo '<b>xProcessing SQL</b>: '.$sql.'<br>';
echo '<b>Error ('.$code.'):</b> '.$msg.'<br>';*/
return $errorLevel == E_USER_ERROR ? false : true;
}
}
/**
* Default error handler
*
* @param int $errno
* @param string $errstr
* @param string $errfile
* @param int $errline
* @param Array $errcontext
*/
function handleError($errno, $errstr, $errfile = '', $errline = '', $errcontext = '')
{
if( constOn('SILENT_LOG') )
{
$fp = fopen(FULL_PATH.'/silent_log.txt','a');
$time = adodb_date('d/m/Y H:i:s');
fwrite($fp, '['.$time.'] #'.$errno.': '.strip_tags($errstr).' in ['.$errfile.'] on line '.$errline."\n");
fclose($fp);
}
if( !$this->errorHandlers ) return true;
$i = 0; // while (not foreach) because it is array of references in some cases
$eh_count = count($this->errorHandlers);
while($i < $eh_count)
{
if( is_array($this->errorHandlers[$i]) )
{
$object =& $this->errorHandlers[$i][0];
$method = $this->errorHandlers[$i][1];
$object->$method($errno, $errstr, $errfile, $errline, $errcontext);
}
else
{
$function = $this->errorHandlers[$i];
$function($errno, $errstr, $errfile, $errline, $errcontext);
}
$i++;
}
}
/**
* Returns & blocks next ResourceId available in system
*
* @return int
* @access public
* @author Alex
*/
function NextResourceId()
{
$table_name = TABLE_PREFIX.'IdGenerator';
$this->Conn->Query('LOCK TABLES '.$table_name.' WRITE');
$this->Conn->Query('UPDATE '.$table_name.' SET lastid = lastid + 1');
$id = $this->Conn->GetOne('SELECT lastid FROM '.$table_name);
if($id === false)
{
$this->Conn->Query('INSERT INTO '.$table_name.' (lastid) VALUES (2)');
$id = 2;
}
$this->Conn->Query('UNLOCK TABLES');
return $id - 1;
}
/**
* Returns main prefix for subtable prefix passes
*
* @param string $current_prefix
* @return string
* @access public
* @author Kostja
*/
function GetTopmostPrefix($current_prefix)
{
while ( $parent_prefix = $this->getUnitOption($current_prefix, 'ParentPrefix') )
{
$current_prefix = $parent_prefix;
}
return $current_prefix;
}
function &EmailEventAdmin($email_event_name, $to_user_id = -1, $send_params = false)
{
return $this->EmailEvent($email_event_name, 1, $to_user_id, $send_params);
}
function &EmailEventUser($email_event_name, $to_user_id = -1, $send_params = false)
{
return $this->EmailEvent($email_event_name, 0, $to_user_id, $send_params);
}
function &EmailEvent($email_event_name, $email_event_type, $to_user_id = -1, $send_params = false)
{
$event = new kEvent('emailevents:OnEmailEvent');
$event->setEventParam('EmailEventName', $email_event_name);
$event->setEventParam('EmailEventToUserId', $to_user_id);
$event->setEventParam('EmailEventType', $email_event_type);
if ($send_params){
$event->setEventParam('DirectSendParams', $send_params);
}
$this->HandleEvent($event);
return $event;
}
function LoggedIn()
{
$user =& $this->recallObject('u');
$user_id = $user->GetID();
$ret = $user_id > 0;
if ($this->IsAdmin() && ($user_id == -1)) {
$ret = true;
}
return $ret;
}
/**
* Check current user permissions based on it's group permissions in specified category
*
* @param string $name permission name
* @param int $cat_id category id, current used if not specified
* @param int $type permission type {1 - system, 0 - per category}
* @return int
*/
function CheckPermission($name, $type = 1, $cat_id = null)
{
- if ($this->GetVar('u_id') == -1) {
- // "root" is allowed anywhere
- return $name == 'SYSTEM_ACCESS.READONLY' ? 0 : 1;
- }
-
- if ($type == 1) {
- // "system" permission are always checked per "Home" category (ID = 0)
- $cat_id = 0;
- }
-
- if (!isset($cat_id)) {
- $cat_id = $this->GetVar('m_cat_id');
- }
-
- if ($cat_id == 0) {
- $cat_hierarchy = Array(0);
- }
- else {
- $sql = 'SELECT ParentPath FROM '.$this->getUnitOption('c', 'TableName').' WHERE CategoryId = '.$cat_id;
- $cat_hierarchy = $this->Conn->GetOne($sql);
- $cat_hierarchy = explode('|', $cat_hierarchy);
- array_shift($cat_hierarchy);
- array_pop($cat_hierarchy);
- $cat_hierarchy = array_reverse($cat_hierarchy);
- array_push($cat_hierarchy, 0);
- }
-
- $groups = $this->RecallVar('UserGroups');
-
- foreach ($cat_hierarchy as $category_id) {
- $sql = 'SELECT PermissionValue FROM '.TABLE_PREFIX.'Permissions
- WHERE Permission = "'.$name.'"
- AND CatId = '.$category_id.'
- AND GroupId IN ('.$groups.')
- AND Type = '.$type;
- $res = $this->Conn->GetOne($sql);
- if ($res !== false) {
- return $res;
- }
- }
-
- return 0;
+ $perm_helper =& $this->recallObject('PermissionsHelper');
+ return $perm_helper->CheckPermission($name, $type, $cat_id);
}
/**
* Set's any field of current visit
*
* @param string $field
* @param mixed $value
*/
function setVisitField($field, $value)
{
$visit =& $this->recallObject('visits');
$visit->SetDBField($field, $value);
$visit->Update();
}
/**
* Allows to check if in-portal is installed
*
* @return bool
*/
function isInstalled()
{
return $this->InitDone && (count($this->ModuleInfo) > 0);
}
/**
* Allows to determine if module is installed & enabled
*
* @param string $module_name
* @return bool
*/
function isModuleEnabled($module_name)
{
return $this->findModule('Name', $module_name);
}
function reportError($class, $method)
{
$this->Debugger->appendTrace();
trigger_error('depricated method <b>'.$class.'->'.$method.'(...)</b>', E_USER_ERROR);
}
/**
* Get temp table name
*
* @param string $table
* @return string
*/
function GetTempName($table)
{
return TABLE_PREFIX.'ses_'.$this->GetSID().'_edit_'.$table;
}
function GetTempTablePrefix()
{
return TABLE_PREFIX.'ses_'.$this->GetSID().'_edit_';
}
function IsTempTable($table)
{
return strpos($table, TABLE_PREFIX.'ses_'.$this->GetSID().'_edit_') !== false;
}
/**
* Return live table name based on temp table name
*
* @param string $temp_table
* @return string
*/
function GetLiveName($temp_table)
{
if( preg_match('/'.TABLE_PREFIX.'ses_'.$this->GetSID().'_edit_(.*)/',$temp_table,$rets) )
{
return $rets[1];
}
else
{
return $temp_table;
}
}
function CheckProcessors($processors)
{
foreach ($processors as $a_processor)
{
if (!isset($this->CachedProcessors[$a_processor])) {
$this->CachedProcessors[$a_processor] =& $this->recallObject($a_processor.'_TagProcessor');
}
}
}
}
?>
\ No newline at end of file
Property changes on: trunk/core/kernel/application.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.141
\ No newline at end of property
+1.142
\ No newline at end of property
Index: trunk/core/units/general/helpers/permissions_helper.php
===================================================================
--- trunk/core/units/general/helpers/permissions_helper.php (revision 4839)
+++ trunk/core/units/general/helpers/permissions_helper.php (revision 4840)
@@ -1,217 +1,367 @@
<?php
class kPermissionsHelper extends kHelper {
/**
* Current set of permissions for group being edited
*
* @var Array
*/
var $Permissions = Array();
function LoadPermissions($prefix)
{
$object =& $this->Application->recallObject($prefix.'-perm', null, Array('skip_autoload' => true));
$foreign_key = $this->Application->getUnitOption($prefix.'-perm', 'ForeignKey');
$foreign_value = $this->Application->GetVar($prefix.'_id');
$sql = 'SELECT *
FROM '.$object->TableName.'
WHERE '.$foreign_key.' = '.$foreign_value;
$permissions = $this->Conn->Query($sql, 'Permission');
$this->Permissions = Array();
foreach ($permissions as $perm_name => $perm_options) {
$perm_record['value'] = $perm_options['PermissionValue'];
$perm_record['id'] = $perm_options['PermissionId'];
$this->Permissions[$perm_name] = $perm_record;
}
}
function getPermissionValue($perm_name)
{
return getArrayValue($this->Permissions, $perm_name) ? $this->Permissions[$perm_name]['value'] : 0;
}
function getPermissionID($perm_name)
{
return getArrayValue($this->Permissions, $perm_name) ? $this->Permissions[$perm_name]['id'] : 0;
}
/**
* This is old permission like ADMIN or LOGIN
*
* @param string $section_name
* @param string $perm_name
* @return bool
*/
function isOldPermission($section_name, $perm_name)
{
return $section_name == 'in-portal:root' && $perm_name != 'view';
}
/**
* Returns permission names to check based on event name and item prefix (main item or subitem)
*
* @param kEvent $event
* @return Array
*/
function getPermissionByEvent(&$event, $perm_mapping)
{
$top_prefix = $event->getEventParam('top_prefix');
$pefix_type = ($top_prefix == $event->Prefix) ? 'self' : 'subitem';
$perm_mapping = getArrayValue($perm_mapping, $event->Name);
if (!$perm_mapping[$pefix_type]) {
trigger_error('Permission mappings not defined for event <b>'.$top_prefix.' <- '.$event->Prefix.':'.$event->Name.'</b>', E_USER_ERROR);
}
if ($perm_mapping[$pefix_type] === true) {
// event is defined in mapping but is not checked by permissions
return true;
}
return explode('|', $perm_mapping[$pefix_type]);
}
/**
- * Checks permissions of user
+ * Common event permission checking method
*
* @param kEvent $event
*/
- function CheckPermission(&$event, $perm_mapping)
+ function CheckEventPermission(&$event, $perm_mapping)
{
$section = $event->getSection();
if (preg_match('/^CATEGORY:(.*)/', $section)) {
- return $this->CheckCategoryPermission($event, $perm_mapping);
+ return $this->CheckEventCategoryPermission($event, $perm_mapping);
}
$top_prefix = $event->getEventParam('top_prefix');
$check_perms = $this->getPermissionByEvent($event, $perm_mapping);
if ($check_perms === true) {
// event is defined in mapping but is not checked by permissions
return true;
}
$perm_status = false;
foreach ($check_perms as $perm_name) {
// check if at least one of required permissions is set
$perm_name = $section.'.'.$perm_name;
- $perm_status = $this->Application->CheckPermission($perm_name, 1);
+ $perm_status = $this->CheckPermission($perm_name, 1);
if (($perm_name == $section.'.add') && $perm_status && ($top_prefix == $event->Prefix)) {
// main item, add permission allowed, but ID is > 0, then deny permission
// how to get id here
}
if ($perm_status) {
return $perm_status;
}
}
if (!$perm_status) {
if ($this->Application->isDebugMode()) {
// for debugging purposes
$event->SetRedirectParam('section', $section);
$event->SetRedirectParam('main_prefix', $top_prefix);
$event->SetRedirectParam('event_name', $event->Name);
$event->SetRedirectParam('next_template', $this->Application->GetVar('t'));
}
$event->status = erPERM_FAIL;
}
return $perm_status;
}
/**
- * Check permissions
+ * Checks non-system permission on event per category basis
*
* @param kEvent $event
*/
- function CheckCategoryPermission(&$event, $event_perm_mapping)
+ function CheckEventCategoryPermission(&$event, $event_perm_mapping)
{
- // would be better to check this too, but we have no such ermission for now
- /*if ($event->Name == 'OnRateProduct') {
- return $this->Application->CheckPermission('PRODUCT.RATE', 0);
- }*/
-
// mapping between specific permissions and common permissions
$perm_mapping = Array('add' => 'ADD', 'edit' => 'MODIFY', 'delete' => 'DELETE', 'view' => 'VIEW');
$top_prefix = $event->getEventParam('top_prefix');
$event_handler =& $this->Application->recallObject($event->Prefix.'_EventHandler');
if ($event->Prefix != $top_prefix) {
$top_event = new kEvent($top_prefix.':'.$event->Name);
$id = $event_handler->getPassedID($top_event);
}
else {
$id = $event_handler->getPassedID($event);
}
$item_prefix = $this->Application->getUnitOption($top_prefix, 'PermItemPrefix');
// 1. get primary category of category item
$id_field = $this->Application->getUnitOption($top_prefix, 'IDField');
$table_name = $this->Application->getUnitOption($top_prefix, 'TableName');
$ci_table = $this->Application->getUnitOption($top_prefix.'-ci', 'TableName');
if (!$id) {
// item being created -> check by current (before editing started, saved in OnPreCreate event) category permissions
$category_id = $this->Application->RecallVar('m_cat_id');
}
else {
// item being edited -> check by it's primary category permissions
$sql = 'SELECT ci.CategoryId
FROM '.$table_name.' main_table
LEFT JOIN '.$ci_table.' ci ON ci.ItemResourceId = main_table.ResourceId
WHERE (main_table.'.$id_field.' = '.$id.') AND (ci.PrimaryCat = 1)';
$category_id = $this->Conn->GetOne($sql);
}
if ((substr($event->Name, 0, 9) == 'OnPreSave') || ($event->Name == 'OnSave')) {
if ($event_handler->isNewItemCreate($event)) {
- return $this->Application->CheckPermission($item_prefix.'.ADD', 0, $category_id);
+ return $this->CheckPermission($item_prefix.'.ADD', 0, $category_id);
}
else {
- return $this->Application->CheckPermission($item_prefix.'.ADD', 0, $category_id) || $this->Application->CheckPermission($item_prefix.'.MODIFY', 0, $category_id);
+ return $this->CheckPermission($item_prefix.'.ADD', 0, $category_id) || $this->CheckPermission($item_prefix.'.MODIFY', 0, $category_id);
}
}
$perm_status = false;
$check_perms = $this->getPermissionByEvent($event, $event_perm_mapping);
if ($check_perms === true) {
// event is defined in mapping but is not checked by permissions
return true;
}
foreach ($check_perms as $perm_name) {
// check if at least one of required permissions is set
if (!isset($perm_mapping[$perm_name])) {
// not mapped permission (e.g. advanced:approve) -> skip
continue;
}
$perm_name = $item_prefix.'.'.$perm_mapping[$perm_name];
- echo 'event_name: '.$event->Name.'; permission: '.$perm_name.'<br />';
- $perm_status = $this->Application->CheckPermission($perm_name, 0, $category_id);
+ $this->showDebug('Event <b>'.$event->Name.'</b> permission(-s): <b>'.$perm_name.'</b>');
+ $perm_status = $this->CheckPermission($perm_name, 0, $category_id);
if ($perm_status) {
return $perm_status;
}
}
if (!$perm_status) {
$event->SetRedirectParam('index_file', 'index.php'); // because called from browse.php
if ($this->Application->isDebugMode()) {
// for debugging purposes
$event->SetRedirectParam('section', $event->getSection());
$event->SetRedirectParam('main_prefix', $top_prefix);
$event->SetRedirectParam('event_name', $event->Name);
$event->SetRedirectParam('next_template', $this->Application->GetVar('t'));
}
$event->status = erPERM_FAIL;
}
return $perm_status;
}
+
+ function showDebug($text)
+ {
+ if (!$this->Application->isDebugMode()) return true;
+ echo $text.'<br />';
+ }
+
+ function TagPermissionCheck($params, $tag_name)
+ {
+ $perm_event = getArrayValue($params, 'perm_event');
+ $permission_groups = getArrayValue($params, 'permissions');
+
+ if ($permission_groups) {
+ $this->showDebug('Tag <b>'.$tag_name.'</b> permission(-s): '.$permission_groups);
+ $permission_groups = explode('|', $permission_groups);
+ $group_has_permission = false;
+ foreach ($permission_groups as $permission_group) {
+ $permissions = explode(',', $permission_group);
+ $has_permission = true;
+ foreach ($permissions as $permission) {
+ $has_permission = $has_permission && $this->CheckPermission($permission, isset($params['system']) && $params['system'] ? 1 : 0);
+ }
+ $group_has_permission = $group_has_permission || $has_permission;
+
+ if ($group_has_permission) {
+ return true;
+ }
+ }
+ return false;
+ }
+ elseif ($perm_event) {
+ list($prefix, $event) = explode(':', $perm_event);
+ $event_handler =& $this->Application->recallObject($prefix.'_EventHandler');
+ return $event_handler->CheckPermission( new kEvent($perm_event) );
+ }
+
+ return true;
+ }
+
+ /**
+ * Returns no permission template to redirect to
+ *
+ * @param Array $params
+ * @return Array
+ */
+ function getPermissionTemplate($params)
+ {
+ $t = $this->Application->GetVar('t');
+ if ($next_t = getArrayValue($params, 'next_template')) {
+ $t = $next_t;
+ }
+
+ if (!$this->Application->LoggedIn()) {
+ $redirect_template = $params['login_template'];
+ $redirect_params = Array('next_template' => $t);
+ }
+ else {
+ if (isset($params['no_permissions_template'])) {
+ $redirect_template = $params['no_permissions_template'];
+ }
+ else {
+ $redirect_template = $this->Application->IsAdmin() ? 'no_permission' : $this->Application->ConfigValue('NoPermissionTemplate');
+ }
+
+ $redirect_params = $this->Application->isDebugMode() ? Array('from_template' => 1, 'perms' => $params['permissions'], 'next_template' => $t) : Array();
+ }
+
+ return Array($redirect_template, $redirect_params);
+ }
+
+ /**
+ * Check current user permissions based on it's group permissions in specified category (for non-system permissions) or just checks if system permission is set
+ *
+ * @param string $name permission name
+ * @param int $cat_id category id, current used if not specified
+ * @param int $type permission type {1 - system, 0 - per category}
+ * @return int
+ */
+ function CheckPermission($name, $type = 1, $cat_id = null)
+ {
+ if ($this->Application->GetVar('u_id') == -1) {
+ // "root" is allowed anywhere
+ return $name == 'SYSTEM_ACCESS.READONLY' ? 0 : 1;
+ }
+
+ if ($type == 1) {
+ // "system" permission are always checked per "Home" category (ID = 0)
+ $cat_id = 0;
+ }
+
+ if (!isset($cat_id)) {
+ $cat_id = $this->Application->GetVar('m_cat_id');
+ }
+
+ $cache_key = $name.'|'.$type.'|'.$cat_id;
+ $perm_value = $this->Application->getCache('permissions', $cache_key);
+ if ($perm_value !== false) {
+ return $perm_value;
+ }
+
+ // perm cache is build only based on records in db, that's why if permission is not explicitly denied, then
+ // that (perm cache creator) code thinks that it is allowed & adds corresponding record and code below will
+ // return incorrect results
+
+ /*if (preg_match('/(.*)\.VIEW$/', $name) && ($type == 0)) {
+ // cached view permission of category: begin
+ $sql = 'SELECT perm_cache.PermId
+ FROM '.TABLE_PREFIX.'PermCache perm_cache
+ LEFT JOIN '.TABLE_PREFIX.'PermissionConfig perm_config ON perm_cache.PermId = perm_config.PermissionConfigId
+ WHERE (perm_config.PermissionName = '.$this->Conn->qstr($name).' AND perm_cache.CategoryId = '.$cat_id.')';
+
+ $view_filters = Array();
+ $groups = explode(',', $this->Application->RecallVar('UserGroups'));
+ foreach ($groups as $group) {
+ $view_filters[] = 'FIND_IN_SET('.$group.', perm_cache.ACL) || ((NOT FIND_IN_SET('.$group.', perm_cache.DACL)) AND perm_cache.ACL = \'\')';
+ }
+ $sql .= ' AND ('.implode(' OR ', $view_filters).')';
+ $perm_value = $this->Conn->GetOne($sql) ? 1 : 0;
+
+ $this->Application->setCache('permissions', $cache_key, $perm_value);
+ return $perm_value;
+ // cached view permission of category: end
+ }*/
+
+ if ($cat_id == 0) {
+ $cat_hierarchy = Array(0);
+ }
+ else {
+ $sql = 'SELECT ParentPath
+ FROM '.$this->Application->getUnitOption('c', 'TableName').'
+ WHERE CategoryId = '.$cat_id;
+ $cat_hierarchy = $this->Conn->GetOne($sql);
+ $cat_hierarchy = explode('|', $cat_hierarchy);
+ array_shift($cat_hierarchy);
+ array_pop($cat_hierarchy);
+ $cat_hierarchy = array_reverse($cat_hierarchy);
+ array_push($cat_hierarchy, 0);
+ }
+
+ $perm_value = 0;
+ $groups = $this->Application->RecallVar('UserGroups');
+ foreach ($cat_hierarchy as $category_id) {
+ $sql = 'SELECT PermissionValue
+ FROM '.TABLE_PREFIX.'Permissions
+ WHERE Permission = "'.$name.'" AND CatId = '.$category_id.' AND GroupId IN ('.$groups.') AND Type = '.$type;
+ $res = $this->Conn->GetOne($sql);
+ if ($res !== false) {
+ $perm_value = $res;
+ break;
+ }
+ }
+
+ $this->Application->setCache('permissions', $cache_key, $perm_value);
+ return $perm_value;
+ }
}
?>
\ No newline at end of file
Property changes on: trunk/core/units/general/helpers/permissions_helper.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.6
\ No newline at end of property
+1.7
\ No newline at end of property

Event Timeline

In-Portal CMS · In-Portal Community Pages · In-Portal Issue Tracker · In-Portal Repository Browser · Quality Assurance · In-Portal CI Server