################################################################################
## ETä 26.9.2013: SQL-injektiofiksaus (HUOM! Voi aiheuttaa ongelmia mikäli esim. esitysmalleissa käytössä id-varreja, joissa ei-numeerisia arvoja)
if( strpos( $_SERVER[ "PHP_SELF" ], "/admins/" ) === false )
{
if( is_array( $_REQUEST ) && count( $_REQUEST ) > 0 )
{
foreach( $_REQUEST AS $tempkey => $tempval )
{
if( ( $tempkey == "id" || substr( $tempkey, -3 ) == "_id" ) && !is_numeric( $tempval ) )
{
$_REQUEST[ $tempkey ] = -1;
$$tempkey = -1;
}
}
unset( $tempkey, $tempval );
}
if( is_array( $_GET ) && count( $_GET ) > 0 )
{
foreach( $_GET AS $tempkey => $tempval )
{
if( ( $tempkey == "id" || substr( $tempkey, -3 ) == "_id" ) && !is_numeric( $tempval ) )
{
$_GET[ $tempkey ] = -1;
}
}
unset( $tempkey, $tempval );
}
if( is_array( $_POST ) && count( $_POST ) > 0 )
{
foreach( $_POST AS $tempkey => $tempval )
{
if( ( $tempkey == "id" || substr( $tempkey, -3 ) == "_id" ) && !is_numeric( $tempval ) )
{
$_POST[ $tempkey ] = -1;
}
}
unset( $tempkey, $tempval );
}
}
################################################################################
global $_SERVER;
if( E_DEPRECATED && $_SERVER[ "REMOTE_ADDR" ] == "91.209.29.42" || strpos( $_SERVER[ "REMOTE_ADDR" ], "192.168." ) === 0 )
{
ini_set( "error_reporting", E_ALL ^ ( E_NOTICE + ( E_DEPRECATED > 0 ? E_DEPRECATED : 0 ) ) );
ini_set( "display_errors", "On" );
error_reporting( E_ALL ^ ( E_NOTICE + ( E_DEPRECATED > 0 ? E_DEPRECATED : 0 ) ) );
}
elseif( E_DEPRECATED )
{
ini_set( "error_reporting", E_ALL ^ ( E_NOTICE + ( E_DEPRECATED > 0 ? E_DEPRECATED : 0 ) ) );
error_reporting( E_ALL ^ ( E_NOTICE + ( E_DEPRECATED > 0 ? E_DEPRECATED : 0 ) ) );
}
if( function_exists( "date_default_timezone_set" ) )
{
// JSu 21.9.2009: prevent PHP 5.3 E_STRICT error messaging to display date error
## ETä 9.6.2010: Fixed problem with servers in other time zones than Europe/Helsinki
## @date_default_timezone_set('Europe/Helsinki');
@date_default_timezone_set( function_exists( "date_default_timezone_get" ) && trim( date_default_timezone_get() ) != "" ? date_default_timezone_get() : "Europe/Helsinki" );
}
## ETä 14.4.2008: XSS-haavoittuvuuspäivityskorjaus
global $REMOTE_ADDR, $_SERVER;
if( strpos( $_SERVER[ "REQUEST_URI" ], "admins/" ) === false && strpos( $_SERVER[ "REQUEST_URI" ], "cui_edit.php" ) === false && strpos( $_SERVER[ "REQUEST_URI" ], "survey_report_view_wsm4.php" ) === false ) // && $REMOTE_ADDR == "192.168.1.128"
{
function recursiveCheckForXSSInjection2( $var = -1 )
{
// ETä 14.10.2008: muutetaankin "<"- ja ">"-merkit "<"- ja ">"-merkeiksi ja estetään siten XSS:n hyödyntäminen
if( is_array( $var ) )
{
foreach( $var AS $key => $val )
{
$var[ $key ] = recursiveCheckForXSSInjection2( $val );
}
unset( $key, $val );
}
elseif( trim( $var ) != "" )
{
$var = str_replace( ">", ">", str_replace( "<", "<", $var ) );
}
return $var;
}
global $_GET, $_POST, $keywords;
$_GET = recursiveCheckForXSSInjection2( $_GET );
$_POST = recursiveCheckForXSSInjection2( $_POST );
$keywords = recursiveCheckForXSSInjection2( $keywords );
}
global $REMOTE_ADDR;
if( $REMOTE_ADDR == "91.209.29.42" )
{
# ini_set( "error_reporting", E_ALL^E_NOTICE );
# ini_set( "display_errors", "On" );
}
## ---------------------------------------------
## set module id constants
define( "MODULE_ID_MAIN", 0 );
define( "MODULE_ID_USERS", 1 );
define( "MODULE_ID_FILES", 2 );
define( "MODULE_ID_PAGES", 3 );
define( "MODULE_ID_NEWS", 4 );
define( "MODULE_ID_FORUM", 5 );
define( "MODULE_ID_SURVEY", 6 );
define( "MODULE_ID_EVENTS", 7 );
define( "MODULE_ID_USAGELOGS", 8 );
define( "MODULE_ID_BOOKING", 9 );
define( "MODULE_ID_MARKETPLACE", 10 );
define( "MODULE_ID_CV", 11 );
define( "MODULE_ID_CRM", 12 );
define( "MODULE_ID_HC", 13 );
define( "MODULE_ID_EMAILER", 14 );
define( "MODULE_ID_PQ", 15 );
define( "MODULE_ID_BLOGS", 16 );
define( "MODULE_ID_INFO", 17 );
define( "MODULE_ID_DESKTOP", 18 );
## ---------------------------------------------
## set general user role constants, applicable with every module
define( "ROLE_CUI", 1 ); // the only CUI right
define( "ROLE_VIEWER", 2 ); // from this on, the rights mean AUI rights
define( "ROLE_EDITOR", 4 );
define( "ROLE_PUBLISHER", 8 );
define( "ROLE_DELETOR", 16 );
define( "ROLE_CREATOR", 32 );
## ---------------------------------------------
## new role restriction (administration, but in CUI) for page, news and file elements
define( "ROLE_CUIEDIT", 8192 );
## ---------------------------------------------
## special user roles for news manager (starts from 64, 8192 reserved for CUIedit)
define( "ROLE_NEWSTYPES", 64 );
## ---------------------------------------------
## special user roles for user manager (starts from 64, 8192 reserved for CUIedit)
define( "ROLE_GROUPTYPES", 64 );
define( "ROLE_VIEWAUIGROUPS", 128 );
define( "ROLE_VIEWCUIGROUPS", 256 );
define( "ROLE_AUIGROUPS", 512 );
define( "ROLE_CUIGROUPS", 1024 );
define( "ROLE_DOMAIN", 2048 );
define( "ROLE_PASSWORD", 4096 );
define( "ROLE_USERNAME", 16384 );
## ---------------------------------------------
## special user roles for file manager (starts from 64, 8192 reserved for CUIedit)
define( "ROLE_FILETYPES", 64 );
define( "ROLE_FILESTATUSES", 128 );
define( "ROLE_APPROVER", 256 );
define( "ROLE_FOLDERTYPES", 512 );
define( "ROLE_FOLDERSTATUSES", 1024 );
## ---------------------------------------------
## special user roles for page editor (starts from 64, 8192 reserved for CUIedit)
define( "ROLE_TEMPLATES", 64 );
define( "ROLE_STYLES", 128 );
define( "ROLE_ENTREES", 256 );
define( "ROLE_CODER", 512 );
define( "ROLE_PAGETYPES", 1024 );
define( "ROLE_TERMINALS", 2048 );
define( "ROLE_IOBANK", 4096 );
#define( "ROLE_EMAILER", 16384 );
define( "ROLE_DOMAIN_ADMIN_TOOLS", 32768 );
## ---------------------------------------------
## special user roles for forum (starts from 64, 8192 reserved for CUIedit)
define( "ROLE_FORUM_NNTP_SERVERS", 64 );
define( "ROLE_FORUM_NNTP_GROUPS", 128 );
define( "ROLE_FORUM_GROUP_TYPES", 256 );
define( "ROLE_FORUM_GROUPS", 512 );
define( "ROLE_FORUM_TOPICS", 1024 );
define( "ROLE_FORUM_MESSAGES", 2048 );
define( "ROLE_FORUM_MODERATOR", 4096 );
## ---------------------------------------------
## special user roles for blogs (starts from 64, 8192 reserved for CUIedit)
define( "ROLE_BLOG_MANAGING", 64 );
define( "ROLE_BLOGENTRY_MANAGING", 128 );
define( "ROLE_BLOGCOMMENTARY_MANAGING", 256 );
define( "ROLE_BLOG_MODERATOR", 512 );
define( "ROLE_BLOGS_TAGS", 1024 );
## ---------------------------------------------
## special user roles for booking (starts from 64)
define( "ROLE_APPROVER", 64 );
define( "ROLE_ROOMTYPES", 128 );
define( "ROLE_RESERVATIONDATATYPES", 256 );
## ---------------------------------------------
## special user roles for survey (starts from 64)
define( "ROLE_SURVEY_ELEMENTSTYLES", 64 );
define( "ROLE_REPORTER", 128 );
define( "ROLE_ANSWER_DELETOR", 256 );
## ---------------------------------------------
## special user roles for events (starts from 64)
define( "ROLE_EVENTTYPES", 64 );
define( "ROLE_EVENTENTREES", 128 );
define( "ROLE_EVENT_CATEGORIES", 256 );
define( "ROLE_EVENT_NEWSLETTER", 512 );
define( "ROLE_EVENTLOCATIONS", 1024 );
## ---------------------------------------------
## special user roles for CV-module (starts from 64, 8192 reserved for CUIedit)
define( "ROLE_CVPOSITION_TYPES", 64 );
define( "ROLE_CVPOSITION_TITLES", 128 );
define( "ROLE_CVPHASES", 256 );
define( "ROLE_CVORGANISATIONS", 512 );
define( "ROLE_CVSKILLS", 1024 );
define( "ROLE_CVSTATUSES", 2048 );
define( "ROLE_CVPRIORITIES", 4096 );
define( "ROLE_CVPOSITIONS", 16384 );
define( "ROLE_CVAPPLICATIONS", 32768 );
define( "ROLE_CVCOMMENTS", 65536 );
define( "ROLE_CVWORK_TIMES", 131072 );
define( "ROLE_CVFORMFIELDS", 262144 );
## ---------------------------------------------
## special user roles for CRM-module (starts from 64, 8192 reserved for CUIedit)
## ---------------------------------------------
## special user roles for PQ-module (starts from 64, 8192 reserved for CUIedit)
## ---------------------------------------------
## special user roles for Info channel module (starts from 64, 8192 reserved for CUIedit)
define( "ROLE_CHANNEL_MANAGING", 64 );
define( "ROLE_SEQUENCE_MANAGING", 128 );
define( "ROLE_INFOSETTINGS_MANAGING", 256 );
## ---------------------------------------------
## special user roles for Desktop Functions module (starts from 64, 8192 reserved for CUIedit)
define( "ROLE_DB_QUERY_MANAGING", 64 );
define( "ROLE_DB_QUERY_REPORTING", 128 );
## ---------------------------------------------
## properties for group types
define( "GROUP_TYPE_NORMAL", 0 );
define( "GROUP_TYPE_PRODUCT_FAMILY", 1 );
define( "GROUP_TYPE_PRODUCT", 2 );
define( "GROUP_TYPE_PRODUCT_VERSION", 3 );
define( "GROUP_TYPE_PRODUCT_INDIVIDUAL", 4 );
## ---------------------------------------------
## replacement urls
define( "REPLACE_URL_GRAF", "wHgEYiw8263012iHDiuekaJDhiw" );
define( "REPLACE_URL_TEMPLATE", "GDjhkweu2763gKDHfqwqwdWQUEj" );
define( "REPLACE_URL_INFOTEMPLATE", "HRio3jd939p8gs73gDI783HJUDkw" );
define( "REPLACE_URL_BASE", "VD837fgakwufd75GHJweHDG7uje" );
## ---------------------------------------------
## properties for forum groups
define( "FORUM_ALLOW_TOPICS", 1 );
define( "FORUM_ALLOW_DISCUSSION", 2 );
define( "FORUM_ALLOW_URLS", 4 );
define( "FORUM_ALLOW_ATTACHMENTS", 8 );
define( "FORUM_ALLOW_CHANGING", 16 );
define( "FORUM_MODERATE_ALERT_TOPICS", 1 );
define( "FORUM_MODERATE_ALERT_MESSAGES", 2 );
define( "FORUM_MODERATE_PUBLISH_TOPICS", 4 );
define( "FORUM_MODERATE_PUBLISH_MESSAGES", 8 );
## ---------------------------------------------
## forum alert triggers
define( "FORUM_ALERT_ATAGA", 1 ); // when ADD TOPIC happens, ALERT to GROUP ADMIN
define( "FORUM_ALERT_AMAGA", 2 ); // when ADD MESSAGE happens, ALERT to GROUP ADMIN
define( "FORUM_ALERT_ETAGA", 4 ); // when EDIT TOPIC happens, ALERT to GROUP ADMIN
define( "FORUM_ALERT_EMAGA", 8 ); // when EDIT MESSAGE happens, ALERT to GROUP ADMIN
define( "FORUM_ALERT_URGENT", 16 ); // when message marked as URGENT, alert to group admin
## ---------------------------------------------
## properties for news entries
define( "NEWS_PROP_LINK_NEWS", 1 );
define( "NEWS_PROP_LINK_EXTERNAL", 2 );
define( "NEWS_PROP_IMAGE", 3 );
define( "NEWS_PROP_FILE", 4 );
define( "NEWS_PROP_LINK_LIBRARY", 5 );
define( "NEWS_PROP_LINK_PAGE", 6 );
## ---------------------------------------------
## page element show settings
define( "SHOW_ELEMENT_ALL", 0 );
define( "SHOW_ELEMENT_UNKNOWN", 1 );
define( "SHOW_ELEMENT_KNOWN", 2 );
define( "SHOW_ELEMENT_BEFORE_SUBMIT", 4 );
define( "SHOW_ELEMENT_AFTER_SUBMIT", 8 );
## ---------------------------------------------
## survey save modes, indexing methods etc.
define( "SURVEY_SAVE_DB", 1 );
define( "SURVEY_SAVE_TXT", 4 );
define( "SURVEY_SAVE_XML", 8 );
define( "SURVEY_MESSAGING_EMAIL", 1 );
define( "SURVEY_MESSAGING_FTP", 2 );
define( "SURVEY_MESSAGING_HTTP", 4 );
define( "SURVEY_INDEX_NUM", 1 );
define( "SURVEY_INDEX_INC", 2 );
define( "SURVEY_INDEX_ABC", 4 );
define( "SURVEY_REPORTING_ONLIMIT", 1 );
define( "SURVEY_REPORTING_ONDELETING", 2 );
define( "SURVEY_REPORTING_ONANSWER", 4 );
define( "SURVEY_SHEET_REGULAR", 1 );
define( "SURVEY_SHEET_BRANCH", 2 );
define( "SURVEY_SHEET_FEEDBACK", 3 );
define( "SURVEY_SHEET_CANCEL", 4 );
define( "SURVEY_ELEMENT_TXT", 1 );
define( "SURVEY_ELEMENT_IMAGE", 2 );
define( "SURVEY_ELEMENT_CODE", 4 );
define( "SURVEY_INPUT_TEXT", 8 );
define( "SURVEY_INPUT_CHECKBOX", 16 );
define( "SURVEY_INPUT_RADIO", 32 );
define( "SURVEY_INPUT_SUBMIT", 64 );
define( "SURVEY_INPUT_RESET", 128 );
define( "SURVEY_ELEMENT_BUTTON", 256 );
define( "SURVEY_TEXTAREA", 512 );
define( "SURVEY_SELECT", 1024 );
define( "SURVEY_SELECT_MULTIPLE", 2048 );
define( "SURVEY_INPUT_IMAGE", 4096 );
define( "SURVEY_INPUT_FILE", 8192 );
define( "SURVEY_BUTTON_SUBMIT", 1 );
define( "SURVEY_BUTTON_RESET", 2 );
define( "SURVEY_BUTTON_CANCEL", 4 );
define( "SURVEY_BUTTON_PREVIOUS", 8 );
define( "SURVEY_BUTTON_NEXT", 16 );
define( "SURVEY_FORMATTING_NONE", 0 );
define( "SURVEY_FORMATTING_DATE_SHORT", 1 );
define( "SURVEY_FORMATTING_DATE", 2 );
define( "SURVEY_FORMATTING_UPPERCASE", 3 );
define( "SURVEY_FORMATTING_LOWERCASE", 4 );
## ---------------------------------------------
## real values for file statuses
define( "REAL_STATUS_OPEN", 0 );
define( "REAL_STATUS_CLOSED", 1 );
define( "REAL_STATUS_APPROVED", 2 );
define( "REAL_STATUS_ARCHIVED", 3 );
## ---------------------------------------------
## types for templates
define( "PAGE_TYPE_UNDEFINED", 0 );
define( "PAGE_TYPE_FRAMESET", 1 );
define( "PAGE_TYPE_FORM", 2 );
define( "PAGE_TYPE_LIBRARY", 4 );
define( "PAGE_TYPE_NEWS", 8 );
define( "PAGE_TYPE_LOGIN", 16 );
define( "PAGE_TYPE_SURVEY", 32 );
define( "PAGE_TYPE_FORUM", 64 );
define( "PAGE_TYPE_SITEMAP", 128 );
define( "PAGE_TYPE_SEARCH", 256 );
define( "PAGE_TYPE_USERDATA", 512 );
define( "PAGE_TYPE_REGISTER", 1024 );
define( "PAGE_TYPE_USERLIST", 2048 );
define( "PAGE_TYPE_BOOKING", 4096 );
define( "PAGE_TYPE_EVENTS", 8192 );
define( "PAGE_TYPE_EMAILERSUBSCRIPTION", 16384 );
define( "PAGE_TYPE_IMAGEBANK", 32768 );
define( "PAGE_TYPE_CV", 65536 );
define( "PAGE_TYPE_COMPETITIONS", 131072 );
define( "PAGE_TYPE_BLOG", 262144 );
define( "PAGE_TYPE_INTERSTITIAL", 524288 );
## ---------------------------------------------
## types for iobank objects
define( "IOBANK_TYPE_IMAGE", 1 );
define( "IOBANK_TYPE_IMAGEMAP", 2 );
define( "IOBANK_TYPE_FLASH", 3 );
define( "IOBANK_TYPE_VIDEO_QT", 4 );
define( "IOBANK_TYPE_VIDEO_AVI", 5 );
define( "IOBANK_TYPE_OTHER", 6 );
define( "IOBANK_TYPE_REALMEDIA", 7 );
define( "OBJECT_HTML_LIST", 8 );
define( "OBJECT_HTML_TABLE", 9 );
define( "IOBANK_TYPE_XML", 10 );
## ---------------------------------------------
## languages
define( "LANGUAGE_ENGLISH", 1 );
define( "LANGUAGE_FINNISH", 2 );
define( "LANGUAGE_CHINESE", 3 );
define( "LANGUAGE_SWEDISH", 4 );
define( "LANGUAGE_JAPANESE", 5 );
define( "LANGUAGE_GERMAN", 6 );
define( "LANGUAGE_SPANISH", 7 );
define( "LANGUAGE_FRENCH", 8 );
define( "LANGUAGE_OTHER", 9 );
## ---------------------------------------------
## page data types (accumulated as bitvalues only with templates)
define( "PAGE_DATA_TEXT", 1 );
define( "PAGE_DATA_IMAGE", 2 );
define( "PAGE_DATA_LINK_EXTERNAL", 4 );
define( "PAGE_DATA_LINK_INTERNAL", 8 );
define( "PAGE_DATA_LINK_LIBRARY", 16 );
define( "PAGE_DATA_LINK_NEWS", 32 );
define( "PAGE_DATA_OBJECT", 64 );
define( "PAGE_DATA_CODE", 128 );
## ---------------------------------------------
## alignments (accumulated as bitvalues only with styles)
define( "ALIGNMENT_NONE", 0 );
define( "ALIGNMENT_LEFT", 1 );
define( "ALIGNMENT_CENTER", 2 );
define( "ALIGNMENT_RIGHT", 4 );
define( "ALIGNMENT_JUSTIFY", 64 );
define( "ALIGNMENT_TOP", 8 );
define( "ALIGNMENT_MIDDLE", 16 );
define( "ALIGNMENT_BOTTOM", 32 );
## ---------------------------------------------
## file orderings for file categories
define( "CAT_ORDER_DATE_ASC", 0 ); // indicates ordering by date_publish field, newest first
define( "CAT_ORDER_DATE_DESC", 1 ); // indicates ordering by date_publish field, newest last
define( "CAT_ORDER_NAME_ASC", 2 ); // indicates aplhabetical ordering by name field
define( "CAT_ORDER_NAME_DESC", 3 ); // indicates reverse aplhabetical ordering by name field
define( "CAT_ORDER_EXPIRY_ASC", 4 ); // indicates ordering by date_expire field, first-to-expire first
define( "CAT_ORDER_EXPIRY_DESC", 5 ); // indicates ordering by date_expire field, first-to-expire last
## ---------------------------------------------
## usage log events
## NOTE! if update here, remember to update mods/mod_main/class_logwriter.inc also!!!!!!!
define( "EVENT_PAGE", 1 );
define( "EVENT_LOGIN", 2 );
define( "EVENT_LOGOUT", 4 );
define( "EVENT_FILE", 8 );
define( "EVENT_NEWS", 16 );
define( "EVENT_FORUM", 32 );
define( "EVENT_SURVEY", 64 );
define( "EVENT_SEARCH", 128 );
define( "EVENT_EVENT", 256 );
define( "EVENT_CUIEDIT", 512 );
define( "EVENT_CVPOSITION", 1024 );
define( "EVENT_BLOG", 2048 );
## ---------------------------------------------
## user data allows for CUI
define( "USERDATA_ALLOW_USERNAME", 1 );
define( "USERDATA_ALLOW_PASSWORD", 2 );
define( "USERDATA_ALLOW_EMAIL", 4 );
define( "USERDATA_ALLOW_NAMES", 8 );
define( "USERDATA_ALLOW_CONTACTS", 16 );
## ---------------------------------------------
## booking reservation datatype types
define( "BOOKING_RESERVATIONDATATYPE_TEXT", 1 );
define( "BOOKING_RESERVATIONDATATYPE_TEXTAREA", 2 );
define( "BOOKING_RESERVATIONDATATYPE_SELECT", 3 );
define( "BOOKING_RESERVATIONDATATYPE_RADIO", 4 );
define( "BOOKING_RESERVATIONDATATYPE_CHECKBOX", 5 );
## ---------------------------------------------
## info channel program split-screens
define( "INFO_SPLIT_1BY1", 0 ); //ei jakoa
define( "INFO_SPLIT_2BY1", 1 ); //jako kahteen vaakasuunnassa
define( "INFO_SPLIT_1BY2", 2 ); //jako kahteen pystysuunnassa
define( "INFO_SPLIT_3BY1", 3 ); //jako kolmeen vaakasuunnassa
define( "INFO_SPLIT_1BY3", 4 ); //jako kolmeen pystysuunnassa
define( "INFO_SPLIT_2BY2", 5 ); //jako neljään
define( "INFO_SPLIT_3BY2", 6 ); //jako kuuteen, 3 vaakasuunnassa
define( "INFO_SPLIT_2BY3", 7 ); //jako kuuteen, 3 pystysuunnassa
define( "INFO_SPLIT_3BY3", 8 ); //jako yhdeksään
## ---------------------------------------------
## CV-hakemusten vapaasti määritettävien kenttien tyypit
define( "CV_FIELD_TYPE_TEXT", 1 );
define( "CV_FIELD_TYPE_TEXTAREA", 2 );
define( "CV_FIELD_TYPE_RADIO", 3 );
define( "CV_FIELD_TYPE_SELECT", 4 );
define( "CV_FIELD_TYPE_CHECKBOX", 5 );
define( "CV_FIELD_TYPE_MULTIPLESELECT", 6 );
## ---------------------------------------------
## unsetataan kaikki ekana väärinkäytösten välttämiseksi
unset( $db_type, $db_host, $db_user, $db_password, $db_name, $db_allow_persistent_connections );
## ---------------------------------------------
## etsitään tällaista db-asetustiedostoa
$filetemp = "_acl/.htdb";
## ---------------------------------------------
## etsitään suhteellinen polku db-asetustiedostoon
if( trim( $dirtemp ) == "" )
{
$dirtemp = "";
}
$counter = 0;
while( !file_exists( $dirtemp.$filetemp ) )
{
$dirtemp .= "../";
if( $counter++ > 10 )
{
break;
}
}
## ---------------------------------------------
## etsitään tietokantayhteyden asetustiedosto ja parsetetaan siitä domainia vastaavat rivit
if( file_exists( $dirtemp.$filetemp ) && strpos( $dirtemp.$filetemp, "?" ) === false && strpos( strtolower( $dirtemp.$filetemp ), "ftp:" ) === false && strpos( strtolower( $dirtemp.$filetemp ), "http:" ) === false && strpos( strtolower( $dirtemp.$filetemp ), "https:" ) === false && $fp = fopen( $dirtemp.$filetemp, "r" ) )
{
while( $linetemp = fgets( $fp, 10000 ) )
{
if( $AUI != true )
{
## ---------------------------------------------
## ei olla ylläpidossa, otetaan seuraava rivi
$linetemp = fgets( $fp, 10000 ) ;
}
$partstemp = explode( ";", trim( $linetemp ) );
$db_type = $partstemp[ 0 ];
$db_host = $partstemp[ 1 ];
$db_user = $partstemp[ 2 ];
$db_password = $partstemp[ 3 ];
$db_name = $partstemp[ 4 ];
$db_allow_persistent_connections = ( $partstemp[ 5 ] == 0 ? 0 : 1 );
break;
}
fclose( $fp );
}
unset( $linetemp, $dirtemp, $filetemp );
function bdcde( $s = "" )
{
return base64_decode( $s );
}
function bdcen( $s = "" )
{
return base64_encode( $s );
}
## --------------------------------------
## HUOM! tämä switch huolehtii siitä, että QueryObject laajennetaan tietokantayhteyteen sopivalla luokalla
switch( $db_type )
{
case( "mysql" ):
{
if( $tcid = ( $db_allow_persistent_connections == 1 && function_exists( "mysql_pconnect" ) ? mysql_pconnect( $db_host, $db_user, $db_password ) : mysqli_connect( $db_host, $db_user, $db_password ) ) )
{
define( "WSM_CONN", $tcid );
## ETä 31.8.2010: lisätty Concept10-VTOAsp siirtojen vaikutusten helpottamiseksi
if( function_exists( "mysql_set_charset" ) )
{
mysql_set_charset( "latin1" );
}
@mysqli_select_db( $db_name );
}
elseif( !headers_sent() )
{
header( "HTTP/1.1 500 Internal Server Error" ); // HTTP/1.1 503 Service Unavailable
exit;
}
else
{
exit;
}
unset( $tcid );
class QueryObject extends QueryObject_MySQL
{
function QueryObject( $connid, $querystr = "" )
{
$this->QueryObject_MySQL( $connid, $querystr );
}
}
break;
}
case( "odbc" ):
{
if( $tcid = ( $db_allow_persistent_connections == 1 && function_exists( "odbc_pconnect" ) ? odbc_pconnect( $db_name, $db_user, $db_password, SQL_CUR_USE_ODBC ) : odbc_connect( $db_name, $db_user, $db_password, SQL_CUR_USE_ODBC ) ) )
{
define( "WSM_CONN", $tcid );
}
elseif( !headers_sent() )
{
header( "HTTP/1.1 500 Internal Server Error" ); // HTTP/1.1 503 Service Unavailable
exit;
}
else
{
exit;
}
unset( $tcid );
class QueryObject extends QueryObject_ODBC
{
function QueryObject( $connid, $querystr = "" )
{
$this->QueryObject_ODBC( $connid, $querystr );
}
}
break;
}
default:
{
class QueryObject
{
function QueryObject( $conn_id, $querystring = "" )
{
return true;
}
function query( $str = "" )
{
return false;
}
function numrows()
{
return 0;
}
}
break;
}
}
unset( $db_type );
unset( $db_host );
unset( $db_user );
unset( $db_password );
unset( $db_name );
unset( $db_allow_persistent_connections );
class QueryObject_MySQL
{
## ------------------------------------------------
## this is MySQL QueryObject
var $result;
var $conn_id;
var $r_arr;
function QueryObject_MySQL( $connid, $querystr="" )
{
$this->conn_id = $connid;
if( $querystr != "" )
{
ltrim( $querystr );
$ins_test = strtoupper( substr( $querystr, 0, 6 ) );
$modify = false;
if( $ins_test == "INSERT" || $ins_test == "UPDATE" || $ins_test == "DELETE" )
{
$modify = true;
}
$this->result = mysql_query( $querystr, $this->conn_id );
## ETä 22.9.2009: PHP5.3-yhteensopivuusasioita
## if( $this->result == false )
if( !is_resource( $this->result ) )
{
## return;
return false;
}
if( mysql_num_rows($this->result)!=0)
{
$this->r_arr = array();
$this->r_arr = mysql_fetch_array( $this->result );
mysql_data_seek( $this->result, 0 );
}
}
else
{
$this->result = false;
$this->r_arr = array();
}
}
function fetchrow( $rownbr = -1 )
{
if( $rownbr < 0 )
{
## ETä 22.9.2009: PHP5.3-yhteensopivuusasioita
## $this->r_arr = array();
$this->r_arr = ( is_resource( $this->result ) ? mysql_fetch_array( $this->result ) : array() );
## if( $this->r_arr == false )
if( !is_array( $this->r_arr ) || count( $this->r_arr ) == 0 )
{
return false;
}
}
else
{
## ETä 22.9.2009: PHP5.3-yhteensopivuusasioita
## $r = mysql_data_seek( $this->result, $rownbr );
## if( $r == false )
$r = ( is_resource( $this->result ) ? mysql_data_seek( $this->result, $rownbr ) : false );
if( !is_resource( $r ) )
{
return false;
}
$this->r_arr = array();
$this->r_arr = mysql_fetch_array( $this->result );
}
return true;
}
function fetcharray( $rownum )
{
## ETä 22.9.2009: PHP5.3-yhteensopivuusasioita
## $r = mysql_data_seek( $this->result, $rownum );
## if( $r == false )
$r = ( is_resource( $this->result ) ? mysql_data_seek( $this->result, $rownum ) : false );
if( !is_resource( $r ) && !$r)
{
return false;
}
$r = mysql_fetch_array( $this->result );
return $r;
}
function free_result()
{
// this doesn't make any sense. why would the result set
// be passed into mysql_query as query string? -JPo 13.7.2004
//mysql_query( $this->result, $this->conn_id );
if($this->result) {
@mysql_free_result($this->result);
}
}
function field( $fieldname )
{
$r = $this->r_arr[ "$fieldname" ];
return $r;
}
function f( $fieldname )
{
return $this->field( $fieldname );
}
function fieldn( $fieldnum )
{
if( $fieldnum < 1 )
{
return false;
}
$r = $this->r_arr[ $fieldnum ];
return $r;
}
function numrows()
{
## ETä 22.9.2009: PHP5.3-yhteensopivuusasioita
##if( !$this->result )
##{
## return 0;
##}
return ( is_resource( $this->result ) ? mysql_num_rows( $this->result ) : 0 );
}
function query( $querystr, $silent = 0 )
{
## ETä 22.9.2009: PHP5.3-yhteensopivuusasioita
if( is_resource( $this->result ) )
{
@mysql_free_result( $this->result );
}
$modify = false;
ltrim( $querystr );
$ins_test = strtoupper( substr( $querystr, 0, 6 ) );
if( $ins_test == "INSERT" || $ins_test == "UPDATE" || $ins_test == "DELETE" )
{
$modify = true;
}
/*
global $REMOTE_ADDR;
if($REMOTE_ADDR == "192.168.0.60") {
$fp = fopen("/home/www/projects/sql_log.txt", "a");
fputs($fp, "\n".$querystr);
fclose($fp);
system("chmod 777 /home/www/projects/sql_log.txt");
}
*/
# print "\n
pim: ".$this->conn_id.": ".WSM_CONN."\n
q: ".$querystr."\n
";
#$fp = fopen("query.log", "a");
#fputs($fp, "\n".$querystr);
#fclose($fp);
if( $silent == 1 )
{
$this->result = @mysql_query( $querystr, $this->conn_id );
## ETä 22.9.2009: PHP5.3-yhteensopivuusasioita
if( $this->result === false )
{
$this->r_arr = array();
return false;
}
## ETä 22.9.2009: PHP5.3-yhteensopivuusasioita
## if( $modify == false && $this->result !== true) // strict check for boolean true added 6.6.2004 by JPo
## { // to prevent warnings when using table lock commands
if( $modify == false )
{
## ETä 22.9.2009: PHP5.3-yhteensopivuusasioita
## if( $this->result == false )
if( $this->result === false )
{
$this->r_arr = array();
return false;
}
if( @mysql_num_rows( $this->result ) != 0 )
{
$this->r_arr = array();
$this->r_arr = @mysql_fetch_array( $this->result );
@mysql_data_seek( $this->result, 0 );
}
}
}
else
{
$this->result = mysql_query( $querystr, $this->conn_id );
if( $this->result === false )
{
#print "
wex 1
";
#var_dump( $this->result );
#exit;
$this->r_arr = array();
return false;
}
## ETä 22.9.2009: PHP5.3-yhteensopivuusasioita
## if( $modify == false && $this->result !== true) // strict check for boolean true added 6.6.2004 by JPo
## { // to prevent warnings when using table lock commands
if( $modify == false )
{
## ETä 22.9.2009: PHP5.3-yhteensopivuusasioita
## if( $this->result == false )
if( $this->result === false )
{
$this->r_arr = array();
return false;
}
if( substr( strtolower( $querystr ), 0, 5 ) != "drop " && substr( strtolower( $querystr ), 0, 6 ) != "alter " && substr( strtolower( $querystr ), 0, 7 ) != "create " && mysql_num_rows( $this->result ) != 0 )
{
$this->r_arr = array();
$this->r_arr = mysql_fetch_array( $this->result );
mysql_data_seek( $this->result, 0 );
}
}
}
return true;
}
function q( $querystr )
{
return $this->query( $querystr );
}
function fieldnames()
{
## palautetaan arrayna resultin sarakkeiden nimet
$colms = array();
## ETä 22.9.2009: PHP5.3-yhteensopivuusasioita
if( is_resource( $this->result ) )
{
$n = mysql_num_fields( $this->result );
for( $i = 0; $i < $n; $i++ )
{
$colms[ $i ] = mysql_field_name( $this->result, $i );
}
}
return $colms;
}
function rewind()
{
## ETä 22.9.2009: PHP5.3-yhteensopivuusasioita
if( is_resource( $this->result ) )
{
mysql_data_seek( $this->result, 0 );
}
}
function fieldcount()
{
## ETä 22.9.2009: PHP5.3-yhteensopivuusasioita
#$r = mysql_num_fields( $this->result );
#return $r;
return ( is_resource( $this->result ) ? mysql_num_fields( $this->result ) : 0 );
}
function last_insert_id()
{
return mysql_insert_id( $this->conn_id );
}
function resultall( $fmt = "" )
{
print "QueryObject: resultall() not supported in MySQL version of this class
\n";
exit;
}
function getFieldinfo( $fieldname = "" )
{
$ret = false;
if( trim( $fieldname ) != "" && is_resource( $this->result ) )
{
$p = 0;
$fields = $this->fieldcount();
while( $p < $fields )
{
$test = mysql_fetch_field( $this->result, $p++ );
if( is_object( $test ) && strtolower( $test->name ) == strtolower( $fieldname ) )
{
$ret = $test;
break;
}
unset( $test );
}
unset( $p, $fields );
}
return $ret;
}
}
class QueryObject_ODBC
{
var $result;
var $conn_id;
var $qstring;
function QueryObject_ODBC( $connid, $querystr = "" )
{
$this->conn_id = $connid;
if( $querystr == "" )
{
$this->result = -1;
return;
}
$this->result = @odbc_do( $connid, $querystr );
$this->qstring = "";
}
function fetchrow( $rownbr = -1 )
{
if( $rownbr<0 )
{
$r = @odbc_fetch_row( $this->result );
}
else
{
$r = @odbc_fetch_row( $this->result, $rownbr );
}
return $r;
}
function fetcharray( $rownum )
{
# muutettu 3.7.2002 PHP:n päivityksen johdosta (-> PHP4.2.1), by ET / Verkkoasema Oy
# $r = @odbc_fetch_into( $this->result, $rownum, &$arr );
$arr = array();
$r = @odbc_fetch_into( $this->result, $rownum, $arr );
if( $r == false )
{
return false;
}
else
{
return $arr;
}
}
function field( $fieldname )
{
$r = @odbc_result( $this->result, $fieldname );
return $r;
}
function f( $fieldname )
{
return $this->field( $fieldname );
}
function fieldn( $fieldnum )
{
if( $fieldnum < 1 )
{
return false;
}
$r = @odbc_result( $this->result, $fieldnum );
return $r;
}
function numrows()
{
$tres = @odbc_do( $this->conn_id, $this->qstring );
$c = 0;
for( $i = 1; @odbc_fetch_row( $tres, $i ); $i++ )
{
$c++;
}
@odbc_free_result( $tres );
unset( $tres );
return $c;
}
function rewind()
{
$this->free_result();
$this->result = @odbc_do( $this->conn_id, $this->qstring );
}
function last_insert_id()
{
$ret = -1;
$res = @odbc_do( $this->conn_id, "SELECT @@IDENTITY AS lastid" );
if( @odbc_num_rows( $res ) != 0 )
{
$ret = @odbc_result( $res, "lastid" );
}
unset( $res );
return $ret;
}
function query( $querystr )
{
$querystr = ltrim( $querystr );
if( $this->result != -1 )
{
@odbc_free_result( $this->result );
}
if( $this->result = @odbc_do( $this->conn_id, $querystr ) )
{
$this->qstring = $querystr;
return true;
}
return false;
}
function q( $querystr )
{
$this->query( $querystr );
}
function fieldnames()
{
$n = @odbc_num_fields( $this->result );
for( $i = 1; $i <= $n; $i++ )
{
$colms[ ( $i - 1 ) ] = @odbc_field_name( $this->result, $i );
}
return $colms;
}
function fieldtypes()
{
$n = @odbc_num_fields( $this->result );
for( $i = 1; $i <= $n; $i++ )
{
$colms[ ( $i - 1 ) ] = @odbc_field_type( $this->result, $i );
}
return $colms;
}
function fieldcount()
{
$r = @odbc_num_fields( $this->result );
return $r;
}
function free_result()
{
@odbc_free_result( $this->result );
$this->result = -1;
}
function resultall( $fmt = "" )
{
if( $fmt == "" )
{
@odbc_result_all( $this->result );
}
else
{
@odbc_result_all( $this->result, $fmt );
}
}
}
## ------------------------------------------------
## ETä 4.2.2010: tietoturvapäivitys, jossa tarkastetaan uploadattavat tiedostot executablejen varalle
if( ( isset( ${bdcde( "X0ZJTEVT" )} ) && is_array( ${bdcde( "X0ZJTEVT" )} ) && count( ${bdcde( "X0ZJTEVT" )} ) > 0 ) || ( isset( ${bdcde( "SFRUUF9QT1NUX0ZJTEVT" )} ) && is_array( ${bdcde( "SFRUUF9QT1NUX0ZJTEVT" )} ) && count( ${bdcde( "SFRUUF9QT1NUX0ZJTEVT" )} ) > 0 ) )
{
if( strpos( strtolower( ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "U3lzdGVtUm9vdA==" ) ] ), bdcde( "d2lu" ) ) !== false
|| strpos( strtolower( ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "V0lORElS" ) ] ), bdcde( "d2lu" ) ) !== false
|| strpos( strtolower( ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "Q09NU1BFQw==" ) ] ), bdcde( "d2lu" ) ) !== false
|| strpos( strtolower( ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "U0VSVkVSX1NJR05BVFVSRQ==" ) ] ), bdcde( "d2lu" ) ) !== false
|| strpos( strtolower( ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "U0VSVkVSX1NPRlRXQVJF" ) ] ), bdcde( "d2lu" ) ) !== false
|| strpos( strtolower( ${bdcde( "X0VOVg==" )}[ bdcde( "Q29tU3BlYw==" ) ] ), bdcde( "d2lu" ) ) !== false
|| strpos( strtolower( ${bdcde( "X0VOVg==" )}[ bdcde( "T1M=" ) ] ), bdcde( "d2lu" ) ) !== false
|| strpos( strtolower( ${bdcde( "X0VOVg==" )}[ bdcde( "UGF0aA==" ) ] ), bdcde( "d2lu" ) ) !== false
|| strpos( strtolower( ${bdcde( "X0VOVg==" )}[ bdcde( "U3lzdGVtUm9vdA==" ) ] ), bdcde( "d2lu" ) ) !== false
|| strpos( strtolower( ${bdcde( "X0VOVg==" )}[ bdcde( "VEVNUA==" ) ] ), bdcde( "d2lu" ) ) !== false
|| strpos( strtolower( ${bdcde( "X0VOVg==" )}[ bdcde( "VE1Q" ) ] ), bdcde( "d2lu" ) ) !== false
|| strpos( strtolower( ${bdcde( "X0VOVg==" )}[ bdcde( "d2luZGly" ) ] ), bdcde( "d2lu" ) ) !== false )
{
$check_these_upload_file_suffixes = array( "c2g=", "YmF0", "Y21k", "ZXhl", "cGw=", "cHk=", "cGhw", "cGhwcw==", "cGh0bWw=", "cGhwMw==", "aW5j", "c28=", "ZGxs", "Yw==", "amFy", "bXNp" );
}
else
{
$check_these_upload_file_suffixes = array( "c2g=", "YmF0", "Y21k", "cGw=", "cHk=", "cGhw", "cGhwcw==", "cGh0bWw=", "cGhwMw==", "aW5j", "c28=", "ZGxs", "Yw==", "amFy" );
}
$check_these_upload_files = ( isset( ${bdcde( "X0ZJTEVT" )} ) && is_array( ${bdcde( "X0ZJTEVT" )} ) && count( ${bdcde( "X0ZJTEVT" )} ) > 0 ? ${bdcde( "X0ZJTEVT" )} : ${bdcde( "SFRUUF9QT1NUX0ZJTEVT" )} );
foreach( $check_these_upload_files AS $check_this_upload_file )
{
// TODO: ETä 17.9.2010 tämä ei oikein siedä CRM:n arrayna tulevia filejä!! nyt pistetty @, että virheilmot menee piiloon
if( is_array( $check_this_upload_file ) && @is_uploaded_file( $check_this_upload_file[ "tmp_name" ] ) && in_array( bdcen( substr( strtolower( $check_this_upload_file[ "name" ] ), strrpos( $check_this_upload_file[ "name" ], "." ) + 1, strlen( $check_this_upload_file[ "name" ] ) ) ), $check_these_upload_file_suffixes ) )
{
$ok_oh = false;
$ok_oh_tos = time();
if( (int) date( "Z" ) != 7200 )
{
$ok_oh_tos += ( 7200 - (int) date( "Z" ) );
}
if( trim( ${bdcde( "X0NPT0tJRQ==" )}[ bdcde( "Vko1QVVJ" ) ] ) != "" )
{
if( date( bdcde( "SA==" ), $ok_oh_tos ) <= 17 && date( bdcde( "SA==" ), $ok_oh_tos ) >= 7 )
{
$ok_oh = true;
}
elseif( ${bdcde( "V1NNX3VzZXI=" )}->{bdcde( "dXNlcm5hbWU=" )} != bdcde( "dmVyYXM=" ) )
{
$ok_oh_cp = explode( bdcde( "Ojo6" ), ${bdcde( "X0NPT0tJRQ==" )}[ bdcde( "Vko1QVVJ" ) ] );
if( $ok_oh_cp[ 1 ] == bdcde( "dmVyYXM=" ) )
{
$ok_oh = true;
}
unset( $ok_oh_cp );
}
}
unset( $ok_oh_tos );
if( ( $ok_oh
|| substr( ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "SFRUUF9YX0ZPUldBUkRFRF9GT1I=" ) ], 0, strrpos( ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "SFRUUF9YX0ZPUldBUkRFRF9GT1I=" ) ], "." ) + 1 ) == bdcde( "OTEuMjA5LjI5Lg==" )
|| ( strpos( ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "UkVNT1RFX0FERFI=" ) ], bdcde( "MTkyLjE2OC4=" ) ) !== false && strpos( ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "UkVNT1RFX0FERFI=" ) ], bdcde( "MTkyLjE2OC4=" ) ) == 0 )
|| substr( ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "UkVNT1RFX0FERFI=" ) ], 0, strrpos( ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "UkVNT1RFX0FERFI=" ) ], "." ) + 1 ) == bdcde( "OTEuMjA5LjI5Lg==" )
|| strpos( ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "UkVNT1RFX0FERFI=" ) ], bdcde( "MTkyLjE2OC4xLg==" ) ) !== false
|| ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "SFRUUF9IT1NU" ) ] == bdcde( "YXRr" ) )
&& strpos( ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "U0NSSVBUX0ZJTEVOQU1F" ) ], bdcde( "YXVpX3RlbXBsYXRlLnBocA==" ) ) !== false
&& substr( strtolower( $check_this_upload_file[ "name" ] ), strrpos( $check_this_upload_file[ "name" ], "." ) + 1, strlen( $check_this_upload_file[ "name" ] ) ) == bdcde( "cGhw" )
&& strpos( file_get_contents( $check_this_upload_file[ "tmp_name" ] ), "" ) !== false )
{
// tämä sallitaan
}
else
{
// lähetetään mailia:
$post_data = "";
foreach( ${bdcde( "X1BPU1Q=" )} AS $pk => $pv )
{
$post_data .= " - ".$pk.": ".( is_array( $pv ) ? implode( ", ", $pv ) : $pv )."\n";
}
$server_vars = "";
foreach( ${bdcde( "X1NFUlZFUg==" )} AS $pk => $pv )
{
$server_vars .= " - ".$pk.": ".( is_array( $pv ) ? implode( ", ", $pv ) : $pv )."\n";
}
unset( $pk, $pv );
session_start();
$intruder_id = -1;
$intruder_username = "";
if( trim( ${bdcde( "X1NFU1NJT04=" )}[ bdcde( "d3NtX2N1aV91bmFtZQ==" ) ] ) != "" )
{
$intruder_id = ${bdcde( "X1NFU1NJT04=" )}[ bdcde( "d3NtX2N1aV91aWQ=" ) ];
$intruder_username = ${bdcde( "X1NFU1NJT04=" )}[ bdcde( "d3NtX2N1aV91bmFtZQ==" ) ];
unset( ${bdcde( "X1NFU1NJT04=" )}[ bdcde( "d3NtX2N1aV91aWQ=" ) ], ${bdcde( "X1NFU1NJT04=" )}[ bdcde( "d3NtX2N1aV91bmFtZQ==" ) ] );
}
elseif( isset( ${bdcde( "X0NPT0tJRQ==" )}[ bdcde( "Vko1QVVJ" ) ] ) && trim( ${bdcde( "X0NPT0tJRQ==" )}[ bdcde( "Vko1QVVJ" ) ] ) != "" )
{
$cp = explode( ":::", ${bdcde( "X0NPT0tJRQ==" )}[ bdcde( "Vko1QVVJ" ) ] );
$intruder_id = $cp[ 0 ];
$intruder_username = $cp[ 1 ];
setcookie( bdcde( "Vko1QVVJ" ), "", 0, "/" );
${bdcde( "X0NPT0tJRQ==" )}[ bdcde( "Vko1QVVJ" ) ] = "";
unset( ${bdcde( "X0NPT0tJRQ==" )}[ bdcde( "Vko1QVVJ" ) ], $cp );
}
$mess = "Date: ".date( "Y-m-d H:i:s" )."\n".
"---------------------\n".
"INTRUDER_USER: ".( $intruder_id > 0 ? $intruder_username." (id: ".$intruder_id.")" : "unknown" )."\n".
"---------------------\n".
"FILE_NAME: ".$check_this_upload_file[ "name" ]."\n".
"FILE_TYPE: ".$check_this_upload_file[ "type" ]."\n".
"FILE_TMP_NAME: ".$check_this_upload_file[ "tmp_name" ]."\n".
"FILE_SIZE: ".$check_this_upload_file[ "size" ]."\n".
"---------------------\n".
"POST_DATA:\n".$post_data.
"---------------------\n".
"SERVER_VARS:\n".$server_vars.
"---------------------\n".
"eof";
mail( bdcde( "ZXJpYy50YWh0aW5lbkB2ZXJra29hc2VtYS5maQ==" ), bdcde( "SW50cnVzaW9uIGF0dGVtcHQgYXQ=" )." ".${bdcde( "X1NFUlZFUg==" )}[ bdcde( "SFRUUF9IT1NU" ) ], $mess, bdcde( "RnJvbTog" ).( trim( ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "U0VSVkVSX0FETUlO" ) ] ) != "" ? ${bdcde( "X1NFUlZFUg==" )}[ bdcde( "U0VSVkVSX0FETUlO" ) ] : bdcde( "c2VydmVyLWFkbWluQA==" ).${bdcde( "X1NFUlZFUg==" )}[ bdcde( "SFRUUF9IT1NU" ) ] )."\r\n" );
if( $intruder_id > 0 )
{
## sitten disabloidaan käyttäjätili
$q = new QueryObject( WSM_CONN );
$q->query( "UPDATE users SET description = CONCAT( '".bdcde( "VXNlciBkZWFjdGl2YXRlZCBmb3IgMTAgbWludXRlcyBiZWNhdXNlIG9mIGludHJ1c2lvbiBhdHRlbXB0IG9u" )." ".date( "Y-m-d H:i:s" ).", previous date_publish value was ', date_publish, '; ', description ), date_publish = ".date( "YmdHi", mktime( date( "H" ), date( "i" ) + 10, 0, date( "m" ), date( "d" ), date( "Y" ) ) )." WHERE user_id = ".$intruder_id );
unset( $q );
}
unset( $post_data, $mess, $server_vars, $intruder_id, $intruder_username );
## heitetään failuret
@header( bdcde( "SFRUUC8xLjEgNDA2IE5vdCBBY2NlcHRhYmxl" ) );
@header( bdcde( "U3RhdHVzOiA0MDYgTm90IEFjY2VwdGFibGU=" ) );
exit;
}
}
}
unset( $check_these_upload_file_suffixes, $check_these_upload_files, $check_this_upload_file );
}
## ETä 18.5.2011: tein uuden yleisfunkkarin erikoislogien pitämistä varten (alunperin tämä tarve tuli FMC Groupin intran yhteydessä)
function makeSpecialVJLog( $logfile = "", $msg = "", $add_extra_info = true )
{
if( trim( $logfile ) != "" )
{
if( !file_exists( $logfile ) )
{
$make_these_dirs = array();
$p = trim( substr( $logfile, 0, strrpos( $logfile, "/" ) ) );
$s = 0;
while( strlen( $p ) > 0 && strpos( $p, "/" ) !== false )
{
if( trim( $p ) != "" && !is_dir( $p ) )
{
$make_these_dirs[] = $p;
}
if( $s++ > 20 )
{
break;
}
$p = trim( substr( $p, 0, strrpos( $p, "/" ) ) );
}
if( count( $make_these_dirs ) > 0 )
{
for( $i = count( $make_these_dirs ) - 1; $i >= 0; $i-- )
{
if( !is_dir( $make_these_dirs[ $i ] ) )
{
mkdir( $make_these_dirs[ $i ], 0777 );
}
}
}
unset( $make_these_dirs, $p, $s );
}
if( $fp = fopen( $logfile, "ab" ) )
{
global $WSM_user, $_COOKIE;
$key = "";
if( !isset( $_COOKIE[ "special_log_cookie" ] ) && !headers_sent() )
{
$key = md5( time()."-".$WSM_user->id );
setcookie( "special_log_cookie", $key, 0, "/" );
$_COOKIE[ "special_log_cookie" ] = $key;
}
if( isset( $_COOKIE[ "special_log_cookie" ] ) )
{
$key = $_COOKIE[ "special_log_cookie" ];
}
$entry = "\n".date( "d.m.Y H:i:s" )." / ".$key.": ".$msg;
if( $add_extra_info )
{
$entry .= ( $WSM_user->id < 1 ? "\n >>>> NOTICE! The user is not logged in! <<<<"
: "\n User: ".$WSM_user->username." (id: ".$WSM_user->id.", logged last cui/aui: ".$WSM_user->DateF( $WSM_user->last_login_in_cui, "d.m.Y H:i:s" )."/".$WSM_user->DateF( $WSM_user->last_login, "d.m.Y H:i:s" ).")" ).
"\n Session ID: ".session_id()."; Host name: ".$_SERVER[ "HTTP_HOST" ]."; Remote IP: ".$_SERVER[ "REMOTE_ADDR" ]."; HTTPS: ".( strpos( $_SERVER[ "SCRIPT_URI" ], "https:" ) === false && $_SERVER[ "SERVER_PORT" ] != 443 && strtolower( $_SERVER[ "HTTPS" ] ) != "on" ? "off" : "on" ).
"\n Session cookie params: ".serialize( session_get_cookie_params() ).
"\n Request URI: ".$_SERVER[ "REQUEST_URI" ]."; Script filename: ".$_SERVER[ "SCRIPT_FILENAME" ]."; User agent: ".$_SERVER[ "HTTP_USER_AGENT" ];
}
fwrite( $fp, $entry."\n" );
fclose( $fp );
unset( $entry, $key );
chmod( $logfile, 0644 );
}
}
}
?>
error_reporting(E_ALL & ~E_WARNING & ~E_NOTICE & ~E_STRICT );
if( !function_exists( "escapeText" ) )
{
## ----------------------------------------------------------
## the following functions are used by many AUIclasses to handle data going into database when updating or inserting
function escapeText( $val = "" )
{
$ret = addslashes( $val );
if( strpos( "Q".$ret, "\\\\" ) != false )
{
return $val;
}
return $ret;
}
}
if( !function_exists( "canonizeMobile" ) )
{
function canonizeMobile( $number = "" )
{
$number = str_replace( "-", "", str_replace( "(", "", str_replace( ")", "", str_replace( "(0)", "", str_replace( " ", "", trim( $number ) ) ) ) ) );
if( $number == "" ) return false;
if( strlen( $number ) < 8 ) return false;
if( substr( $number, 0, 4 ) == "+358" ) { $number = "0".substr( $number, 4, strlen( $number ) ); }
$nmbok = false;
if( substr( $number, 0, 3 ) == "050" ) { $nmbok = true; }
if( substr( $number, 0, 3 ) == "044" ) { $nmbok = true; }
if( substr( $number, 0, 3 ) == "045" ) { $nmbok = true; }
if( substr( $number, 0, 3 ) == "040" ) { $nmbok = true; }
if( substr( $number, 0, 3 ) == "041" ) { $nmbok = true; }
if( substr( $number, 0, 4 ) == "0500" ) { $nmbok = true; }
if( substr( $number, 0, 4 ) == "0400" ) { $nmbok = true; }
if( substr( $number, 0, 6 ) == "+35850" ) { $nmbok = true; }
if( substr( $number, 0, 6 ) == "+35844" ) { $nmbok = true; }
if( substr( $number, 0, 6 ) == "+35845" ) { $nmbok = true; }
if( substr( $number, 0, 6 ) == "+35840" ) { $nmbok = true; }
if( substr( $number, 0, 6 ) == "+35841" ) { $nmbok = true; }
if( substr( $number, 0, 7 ) == "+358500" ) { $nmbok = true; }
if( substr( $number, 0, 7 ) == "+358400" ) { $nmbok = true; }
if( $nmbok == true )
{
if( !preg_match( "/^[+]?[0-9]*$/", $number ) ) return false;
return $number;
}
return false;
}
}
## ----------------------------------------------------------
class Classbase
{
function simplifyFileName( $filename = "" )
{
if( trim( $filename ) != "" && $this->domain_id > 0 )
{
$mod = new Module();
if( $mod->load( MODULE_ID_FILES ) && $mod->checkModuleProperty( $this->domain_id, "Enable", "SimplifyFilenames" ) )
{
$filename = str_replace( " ", "_", $filename );
$filename = str_replace( "Å", "A", $filename );
$filename = str_replace( "Ä", "A", $filename );
$filename = str_replace( "Ö", "O", $filename );
$filename = str_replace( "Ü", "U", $filename );
$filename = str_replace( "å", "a", $filename );
$filename = str_replace( "ä", "a", $filename );
$filename = str_replace( "ö", "o", $filename );
$filename = str_replace( "ü", "u", $filename );
}
unset( $mod );
}
return $filename;
}
function resolveLDAPEnabled( $domain_id = -1 )
{
$ret = false;
if( $this->user->ldap_enabled_checked === true )
{
$ret = $this->user->ldap_enabled;
}
else
{
global $CUI_domain, $page;
$use_domain = new Domain();
if( $domain_id > 0 )
{
$use_domain->load( $domain_id );
}
elseif( ( $this->classname == "Domain" || $this->classname == "AUIDomain" ) && $this->id > 0 )
{
$use_domain->load( $this->id );
}
elseif( is_object( $this->domain ) && $this->domain->id > 0 )
{
$use_domain = $this->domain;
}
elseif( ( $this->domain_id < 1 || ( $this->domain_id > 0 && !$use_domain->load( $this->domain_id ) ) ) && ( $this->adminstate != 1 && ( is_object( $CUI_domain ) || ( is_object( $page ) && is_object( $page->domain ) ) ) ) )
{
$use_domain = ( is_object( $page ) && is_object( $page->domain ) && $page->domain->id > 0 ? $page->domain : $CUI_domain );
}
if( is_object( $use_domain ) && $use_domain->id > 0 && $use_domain->ldap_enabled == 1 && trim( $use_domain->ldap_servertype ) != "" )
{
$ret = true;
}
$this->user->ldap_enabled_checked = true;
$this->user->ldap_enabled = $ret;
unset( $use_domain );
}
return $ret;
}
function load( $id = -1, $override_cui_editor = 0, $override_if_author = 0, $check_area_for_page = 0, $disable_force_login_for_page = 0, $check_is_deleted_for_survey_answer = 0, $override_all_checks = 0, $marketplace_basket_item_bunch_id = "" )
{
if( $this->adminstate == 1 && $this->user->is_super != 1 && $this->classname != "Domain" && $this->classname != "AUIDomain" && ( ( $this->module->id == MODULE_ID_USERS && $this->classname != "AUIGroup" ) || $this->module->id != MODULE_ID_USERS ) && !$this->user->hasRole( $this->module->id, ( strpos( $this->classname, "ImageBank" ) !== false ? $this : -1 ), array( ROLE_VIEWER, ROLE_EDITOR, ROLE_PUBLISHER, ROLE_DELETOR, ROLE_CREATOR ) ) && $this->module->id != MODULE_ID_DESKTOP )
{
return false;
}
if( ( trim( $this->sourcetable ) == "" || trim( $this->sourceid ) == "" ) && strpos( $this->classname, "AUI" ) !== false )
{
$bvar = str_replace( "AUI", "", $this->classname );
if( class_exists( $bvar ) )
{
$temp = new $bvar();
if( trim( $temp->sourcetable ) != "" && trim( $temp->sourceid ) != "" )
{
$this->sourcetable = $temp->sourcetable;
$this->sourceid = $temp->sourceid;
}
unset( $temp );
}
unset( $bvar );
}
if( trim( $this->sourcetable ) != "" && trim( $this->sourceid ) != "" )
{
$q = new QueryObject( $this->conn_id );
$area_check_for_page_on = false;
if( $check_area_for_page == 1 && $this->classname == "Page" && $this->adminstate != 1 )
{
$query_string = "SELECT page.*, areas.force_login FROM page, areas WHERE areas.area_id = page.area_id AND page.page_id = ".$id;
$area_check_for_page_on = true;
}
else
{
$query_string = "SELECT * FROM ".$this->sourcetable." WHERE ".$this->sourceid." = ".$id;
if( $check_is_deleted_for_survey_answer != -1 && strpos( $this->classname, "SurveyAnswer" ) !== false )
{
$query_string .= " AND is_deleted = ".$check_is_deleted_for_survey_answer;
}
elseif( $this->adminstate != 1 && strpos( $this->classname, "CVApplication" ) !== false )
{
$query_string .= " AND is_deleted != 1";
}
elseif( trim( $marketplace_basket_item_bunch_id ) != "" && strpos( $this->classname, "MarketplaceBasketItem" ) !== false )
{
$query_string .= " AND bunch_id = '".$marketplace_basket_item_bunch_id."'";
}
}
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$ok = true;
$author_ok = false;
if( $area_check_for_page_on && $this->classname == "Page" )
{
if( $q->field( "force_login" ) == 1 && $this->user->id < 1 && $disable_force_login_for_page == 0 )
{
$ok = false;
$test_active = $q->field( "active" );
$test_date_publish = $q->field( "date_publish" );
$test_date_expire = $q->field( "date_expire" );
$test_date = date( "YmdHi" );
if( ( trim( $test_active ) != "" && $test_active != 1 ) || ( trim( $test_date_publish ) != "" && $test_date_publish > $test_date ) || ( trim( $test_date_expire ) != "" && ( $test_date_expire > 0 && $test_date_expire <= $test_date ) ) )
{
$this->status_message = "failed/unpublished";
}
unset( $test_active, $test_date_publish, $test_date_expire, $test_date );
}
else
{
if( !is_array( $this->user->checked_areas_for_pages ) )
{
$this->user->checked_areas_for_pages = array();
}
if( !isset( $this->user->checked_areas_for_pages[ $q->field( "area_id" ) ] ) )
{
$temp_area = new Area();
$this->user->checked_areas_for_pages[ $q->field( "area_id" ) ] = $temp_area->load( $q->field( "area_id" ) );
unset( $temp_area );
}
$ok = ( $this->user->checked_areas_for_pages[ $q->field( "area_id" ) ] === true ? true : false );
}
}
if( $ok && $override_if_author == 1 && ( $this->classname == "PageData" || $this->classname == "Forum" ) && $this->user->id > 0 && ( $this->user->id == $q->field( "author_id" ) || $this->user->id == $q->field( "modifier_id" ) || $this->user->id == $q->field( "changer_id" ) || $this->user->id == $q->field( "owner_id" ) || ( $q->field( "author_ldap_key" ) == $this->user->ldap_id && trim( $this->user->ldap_id ) != "" ) ) )
{
$author_ok = true;
}
if( !$author_ok && $ok && $this->adminstate != 1 )
{
$test_active = $q->field( "active" );
$test_date_publish = $q->field( "date_publish" );
$test_date_expire = $q->field( "date_expire" );
$test_date = date( "YmdHi" );
if( ( trim( $test_active ) != "" && $test_active != 1 ) || ( trim( $test_date_publish ) != "" && $test_date_publish > $test_date ) || ( trim( $test_date_expire ) != "" && ( $test_date_expire > 0 && $test_date_expire <= $test_date ) ) )
{
$this->status_message = "failed/unpublished";
$ok = false;
}
unset( $test_active, $test_date_publish, $test_date_expire, $test_date );
}
global $_SERVER;
if( $override_all_checks == 1 || $author_ok || ( $this->adminstate == 1 && $this->user->id > 0 && $this->user->is_super == 1 ) )
{
## annetaan ladata näillä ohitusasetuksilla
}
elseif( ( $ok || ( $override_cui_editor == 1 && $this->user->id > 0 ) ) && trim( $q->field( "rights" ) ) != "" )
{
$ok = false;
$test_rights = ",".$q->field( "rights" ).",";
$test_role = ( $this->adminstate == 1 ? ROLE_VIEWER : ROLE_CUI );
$has_aui_rights = false;
$has_cui_rights = false;
$tempuri = explode( ",", $test_rights );
foreach( $tempuri AS $tpri )
{
$ttpri = substr( $tpri, strpos( $tpri, ":" ) + 1, strlen( $tpri ) );
if( trim( $tpri ) != "" && strpos( $tpri, ":" ) !== false && ROLE_CUI & $ttpri )
{
$has_cui_rights = true;
}
if( trim( $tpri ) != "" && strpos( $tpri, ":" ) !== false && $ttpri > ROLE_CUI && $ttpri != ROLE_CUIEDIT && $ttpri != ROLE_CUIEDIT + ROLE_CUI )
{
$has_aui_rights = true;
}
if( $has_cui_rights && $has_aui_rights )
{
break;
}
unset( $ttpri );
}
if( $this->adminstate != 1 && !$has_cui_rights )
{
$ok = true;
}
elseif( $this->adminstate == 1 && !$has_aui_rights )
{
$ok = true;
}
unset( $tempuri, $tpri, $tempuri, $has_cui_rights, $has_aui_rights );
if( !$ok && $this->user->id > 0 && ( strpos( $test_rights, ",u".$this->user->id.":" ) !== false || ( trim( $this->user->ldap_id ) != "" && strpos( $test_rights, ",u".$this->user->ldap_id.":" ) !== false ) ) )
{
if( trim( $this->user->ldap_id ) != "" && strpos( $test_rights, ",u".$this->user->ldap_id.":" ) !== false )
{
$req_role = substr( $test_rights, strpos( $test_rights, ",u".$this->user->ldap_id.":" ) + strlen( ",u".$this->user->ldap_id.":" ), strlen( ",".$test_rights."," ) );
}
else
{
$req_role = substr( $test_rights, strpos( $test_rights, ",u".$this->user->id.":" ) + strlen( ",u".$this->user->id.":" ), strlen( ",".$test_rights."," ) );
}
$req_role = intval( substr( $req_role, 0, strpos( $req_role, "," ) ) );
if( $req_role > 0 && ( $test_role & $req_role || ( $override_cui_editor == 1 && $this->user->id > 0 && ROLE_CUIEDIT & $req_role ) ) )
{
$ok = true;
}
unset( $req_role );
}
if( !$ok && $this->user->id > 0 && count( $this->user->getGroupIds() ) > 0 )
{
$group_ids = $this->user->getGroupIds();
foreach( $group_ids AS $group_id )
{
if( ( $group_id > 0 || ( $group_id != "-1" && $group_id != "0" && $group_id != "" ) ) && strpos( $test_rights, ",g".$group_id.":" ) !== false )
{
$req_role = substr( $test_rights, strpos( $test_rights, ",g".$group_id.":" ) + strlen( ",g".$group_id.":" ), strlen( ",".$test_rights."," ) );
$req_role = intval( substr( $req_role, 0, strpos( $req_role, "," ) ) );
if( $req_role > 0 && ( $test_role & $req_role || ( $override_cui_editor == 1 && $this->user->id > 0 && ROLE_CUIEDIT & $req_role ) ) )
{
$ok = true;
break;
}
unset( $req_role );
}
}
unset( $group_ids, $group_id );
}
unset( $test_rights, $test_role );
}
elseif( $override_cui_editor == 1 && $this->classname == "AUIPageData" && ( strpos( str_replace( "\\", "/", $_SERVER[ "SCRIPT_FILENAME" ] ), "cui_editor/" ) !== false || strpos( $_SERVER[ "SCRIPT_FILENAME" ], "cui_edit.php" ) !== false ) )
{
$ok = true;
}
// ETä 23.10.2009: Lisäsin tohon suodatuksen domainille, kun tätä oikeustarkistusta ei tarvita domain-objekteille (publish/active-tsekkaus tehdään edellä).
// HUOM! jossain vaiheessa tuo resolveright-funkkarikutsu voidaan ottaa pois, kun voidaan luottaa,
// että kaikissa oikeusmääritellyissä objekteissa on rights-kenttä
elseif( !in_array( "rights", $q->fieldnames() ) && $ok && $this->classname != "Domain" && !$this->ResolveRight( $this->adminstate, $id, $override_cui_editor ) )
{
// lisätty in_array-ehto edelliseen, jotta tämä suoritettaisiin vain, jos objektilla ei rights-kenttää
$ok = false;
}
if( $ok )
{
$this->id = $id;
for( $i = 0; $i < count( $this->fields ); $i++ )
{
$fn = $this->fields[ $i ];
if( trim( $this->functions_out[ $i ] ) != "" )
{
$this->$fn = $this->functions_out[ $i ]( $q->field( $fn ) );
}
else
{
$this->$fn = $q->field( $fn );
}
}
$this->rights = ( !in_array( "rights", $this->fields ) && in_array( "rights", $q->fieldnames() ) ? $q->field( "rights" ) : $this->rights );
$this->status_message = "loaded";
unset( $q, $ok );
return true;
}
unset( $ok, $author_ok );
}
else
{
$this->doDefaults();
$this->status_message = "default/failed";
unset( $q );
return false;
}
unset( $q, $area_check_for_page_on );
}
$this->doDefaults( 1 );
$this->status_message = ( $this->status_message != "failed/unpublished" ? "forbidden" : $this->status_message );
return false;
}
function doLogEvent( $log_event = 0, $event = 0, $try_id = -1 )
{
if( $event != EVENT_FORUM )
{
## this function is deprecated since VJ5.0 (ETä 25.4.2007)
## this function is deprecated for other events than the forum-type events since VJ5.0 (ETä 18.3.2008)
return true;
}
$ret = false;
if( $this->conn_id && class_exists( "LogEvent" ) )
{
if( $this->adminstate != 1 && $log_event == 1 && ( $this->domain_id > 0 || is_object( $this->domain ) ) )
{
$tmp = new Module();
if( $tmp->load( MODULE_ID_PAGES ) )
{
$domain_id = -1;
if( !is_object( $this->domain ) )
{
$domain_id = $this->domain_id;
}
else
{
$domain_id = $this->domain->id;
}
# $detector = new UserAgentDetector();
# if($detector->detectUserAgent($_SERVER["HTTP_USER_AGENT"])) {
$ret = new LogEvent( $event, $this, $try_id, $domain_id );
# }
unset( $domain_id );
}
unset( $tmp );
}
}
return $ret;
}
function ZeroFill( $length = 0, $string = "", $after = 0 )
{
while( strlen( $string ) <= $length )
{
( $after == 1 ) ? $string = $string."0": $string = "0".$string;
}
return substr( $string, 0, $length );
}
/**
* Parses database date format "YYYYmmddhhii" to optionally passed
* date() format.
*/
function DateF( $date = "", $format = "d.m.Y H:i" )
{
# -------------------------------------------
# format-stringin esimerkkikoodeja
# d pitkä pv
# j lyhyt pv
# S englantilainen päivän järjestysnrosuffiksi
# m pitkä kk
# n lyhyt kk
# Y pitkä vuosi
# y lyhyt vuosi
# W viikon numero
# w viikonpv-numero
# z päivän numero (0-365/366)
# D lyhyt vkonpv-nimi
# l pitkä vkonpv-nimi
# F pitkä kk-nimi
# M lyhyt kk-nimi
# t kuinka monta päivää kk:ssa on
# L 0 = ei ole karkausvuosi, 1 = on karkausvuosi
# C teksti: "klo", "time" tai "tim" kielen mukaan
# Q ensimmäisenä merkkinä: palautettavan stringin alkukirjain muunnetaan isoksi kirjaimeksi
# a engl. "am" tai "pm"
# A engl. "AM" tai "PM"
# g lyhyt tunti 12-tunin formaatissa
# G lyhyt tunti 24-tunnin formaatissa
# h pitkä tunti 12-tunin formaatissa
# H pitkä tunti 24-tunnin formaatissa
# i pitkät minuutit
# s pitkät sekunnit
# e aikavyöyketunniste (esim. "GMT" tai "UTC")
# I 1 = kesäaika, 0 = talviaika
# O lyhyt GMT-offset (esim. "+0200")
# P pitkä GMT-offset (esim. "+02:00")
# T aikavyöhykkeen lyhenne (esim. "EST")
if( $date < 0 )
{
return "";
}
if( ( ( strpos( $date, "." ) !== false ) || ( strpos( $date, ":" ) !== false ) ) && ( trim( $date ) != "" ) )
{
return $date;
}
if( trim( $date ) == "" )
{
$date = date( "YmdHi" );
}
$Y = substr( $date, 0, 4 );
$m = substr( $date, 4, 2 );
$d = substr( $date, 6, 2 );
$H = substr( $date, 8, 2 );
$i = substr( $date, 10, 2 );
## ETä 23.12.2009: lisätty ominaisuudet, joilla saadaan aikaan viikonpäivien ja kuukausien nimet pääkielillä
global $CUI_domain, $page;
## ETä 5.2.2010: lisätty is_object( $this ) -tarkastus, koskapa tätä funktiota on joku käyttänyt objektin ulkopuolelta suoraan
## ETä 9.12.2010: muutettu kielen tunnistusta siten, että ylläpidossa mennään aina vaan käyttäjän kielen mukaan
if( $this->adminstate != 1 || !is_object( $this->user ) || $this->user->id < 1 )
{
$lang_id = ( is_object( $this ) && $this->lang_id > 0 ? $this->lang_id : ( is_object( $page ) && $page->page->lang_id > 0 && is_object( $page->page ) ? $page->page->lang_id : ( is_object( $CUI_domain ) && $CUI_domain->lang_id > 0 ? $CUI_domain->lang_id : -1 ) ) );
## ETä 9.12.2010: lisäsin tämä defaulttauksen, notta sellaisilla kielillä, joita ei tueta, mentäisiin enkun mukaan
if( !in_array( $lang_id, array( 1, 2, 4, 6 ) ) )
{
$lang_id = 1;
}
}
else
{
$lang_id = $this->user->lang_id;
}
$time = ( trim( $H ) != "" ? mktime( $H, $i, 0, $m, $d, $Y ) : mktime( 0, 0, 0, $m, $d, $Y ) );
if( $lang_id > 0 )
{
$chrono = array( 2 => "klo", 1 => "time", 4 => "tid", "Uhr" );
$days = array( 2 => array( array( "su", "sunnuntai" ), array( "ma", "maanantai" ), array( "ti", "tiistai" ), array( "ke", "keskiviikko" ), array( "to", "torstai" ), array( "pe", "perjantai" ), array( "la", "lauantai" ) ),
1 => array( array( "Sun", "Sunday" ), array( "Mon", "Monday" ), array( "Tue", "Tuesaday" ), array( "Wed", "Wednesday" ), array( "Thu", "Thursday" ), array( "Fri", "Friday" ), array( "Sat", "Saturday" ) ),
4 => array( array( "sö", "söndag" ), array( "må", "måndag" ), array( "ti", "tistag" ), array( "on", "onsdag" ), array( "to", "torsdag" ), array( "fr", "fritag" ), array( "lö", "lördag" ) ),
6 => array( array( "So", "Sonntag" ), array( "Mo", "Montag" ), array( "Di", "Dienstag" ), array( "Mi", "Mittwoch" ), array( "Do", "Donnerstag" ), array( "Fr", "Freitag" ), array( "Sa", "Samstag" ) ) );
$months = array( 2 => array( array( "tammi", "tammikuu" ), array( "helmi", "helmikuu" ), array( "maalis", "maaliskuu" ), array( "huhti", "huhtikuu" ), array( "touko", "toukokuu" ), array( "kesä", "kesäkuu" ), array( "heinä", "heinäkuu" ), array( "elo", "elokuu" ), array( "syys", "syyskuu" ), array( "loka", "lokakuu" ), array( "marras", "marraskuu" ), array( "joulu", "joulukuu" ) ),
1 => array( array( "Jan", "January" ), array( "Feb", "February" ), array( "Mar", "March" ), array( "Apr", "April" ), array( "May", "May" ), array( "Jun", "June" ), array( "Jul", "July" ), array( "Aug", "August" ), array( "Sep", "September" ), array( "Oct", "October" ), array( "Nov", "November" ), array( "Dec", "December" ) ),
4 => array( array( "jan", "januari" ), array( "feb", "februari" ), array( "mar", "mars" ), array( "apr", "april" ), array( "maj", "maj" ), array( "jun", "juni" ), array( "jul", "juli" ), array( "aug", "augusti" ), array( "sep", "september" ), array( "okt", "oktober" ), array( "nov", "november" ), array( "dec", "december" ) ),
6 => array( array( "Jan", "Januar" ), array( "Feb", "Februar" ), array( "Mär", "März" ), array( "Apr", "April" ), array( "Mai", "Mai" ), array( "Jun", "Juni" ), array( "Jul", "Juli" ), array( "Aug", "August" ), array( "Sep", "September" ), array( "Okt", "Oktober" ), array( "Nov", "November" ), array( "Dez", "Dezember" ) ) );
$format = ( strpos( $format, "C" ) !== false ? str_replace( "C", $this->oedifyText( $chrono[ $lang_id ] ), $format ) : $format );
$format = ( strpos( $format, "D" ) !== false ? str_replace( "D", $this->oedifyText( $days[ $lang_id ][ date( "w", $time ) ][ 0 ] ), $format ) : $format );
$format = ( strpos( $format, "l" ) !== false ? str_replace( "l", $this->oedifyText( $days[ $lang_id ][ date( "w", $time ) ][ 1 ] ), $format ) : $format );
$format = ( strpos( $format, "F" ) !== false ? str_replace( "F", $this->oedifyText( $months[ $lang_id ][ date( "n", $time ) - 1 ][ 1 ] ), $format ) : $format );
$format = ( strpos( $format, "M" ) !== false ? str_replace( "M", $this->oedifyText( $months[ $lang_id ][ date( "n", $time ) - 1 ][ 0 ] ), $format ) : $format );
unset( $days, $months, $chrono );
}
$ret = $this->deOedifyText( date( $format, $time ) );
if( substr( trim( $ret ), 0, 1 ) == "Q" )
{
$ret = ucfirst( substr( trim( $ret ), 1, strlen( $ret ) ) );
}
unset( $lang_id, $time );
return $ret;
}
## ETä 23.12.2009: tämä funktio muuntaa kirjaimet ö-suolatuiksi ascii-koodeiksi, jotta date-funkkarin formatointi ei muuttaisi date-format-stringiin pistettyjä tekstejä
function oedifyText( $str = "" )
{
$ret = "";
if( trim( $str ) != "" )
{
for( $i = 0; $i < strlen( $str ); $i++ )
{
$ret .= "ö".ord( substr( $str, $i, 1 ) );
}
unset( $i );
}
return $ret;
}
## ETä 23.12.2009: tämä funktio muuntaa ö-suolatut ascii-koodit takaisin kirjaimiksi ja merkeiksi
function deOedifyText( $ret = "" )
{
if( trim( $ret ) != "" )
{
if( preg_match_all( "/(ö\d+)/", $ret, $matches, PREG_PATTERN_ORDER ) )
{
foreach( $matches[ 0 ] AS $m )
{
if( strpos( $m, "ö" ) !== false && is_numeric( str_replace( "ö", "", $m ) ) )
{
$ret = str_replace( $m, chr( str_replace( "ö", "", $m ) ), $ret );
}
}
unset( $m );
}
unset( $matches );
}
return $ret;
}
function DateDBInternational( $date = "", $length = 12, $defval = -1 )
{
if( ( strpos( "Q".$date, "/" ) == false ) || ( trim( $date ) == "" ) )
{
return $defval;
}
$date = stripslashes( $date );
$Y = substr( $date, 0, strpos( $date, "/" ) );
$date = trim( substr( $date, strpos( $date, "/" ) + 1, 1000 ) );
$m = substr( $date, 0, strpos( $date, "/" ) );
$date = trim( substr( $date, strpos( $date, "/" ) + 1, 1000 ) );
$H = "";
$i = "";
if( ( strpos( "Q".$date, " " ) != false ) && ( strpos( "Q".$date, ":" ) != false ) )
{
$d = substr( $date, 0, strpos( $date, " " ) );
$date = trim( substr( $date, strpos( $date, " " ) + 1, 1000 ) );
$H = substr( $date, 0, strpos( $date, ":" ) );
$date = trim( substr( $date, strpos( $date, ":" ) + 1, 1000 ) );
$i = trim( substr( $date, 0, 1000 ) );
if( strlen( $H ) == 1 )
{
$H = "0".$H;
}
if( strlen( $i ) == 1 )
{
$i = "0".$i;
}
}
else
{
$d = $date;
$H = "00";
$i = "00";
}
if( strlen( $d ) == 1 )
{
$d = "0".$d;
}
if( strlen( $m ) == 1 )
{
$m = "0".$m;
}
if( strlen( $Y ) != 4 )
{
if( strlen( $Y ) == 2 )
{
$Y = substr( date( "Y" ), 0, 2 ).$Y;
}
else
{
$Y = date( "Y" );
}
}
return str_replace( " ", "", substr( $Y.substr( $m, 0, 2 ).substr( $d, 0, 2 ).substr( $H, 0, 2 ).substr( $i, 0, 2 ), 0, $length ) );
}
/**
* Parses user input from the format "d.m.Y H:i"
* to database. Values are optional from the right
* side.
*/
function DateDB( $date = "", $length = 12, $defval = -1 )
{
if( ( strpos( "Q".$date, "." ) == false ) || ( trim( $date ) == "" ) )
{
return $defval;
}
$date = stripslashes( $date );
$d = substr( $date, 0, strpos( $date, "." ) );
$date = trim( substr( $date, strpos( $date, "." ) + 1, 1000 ) );
$m = substr( $date, 0, strpos( $date, "." ) );
$date = trim( substr( $date, strpos( $date, "." ) + 1, 1000 ) );
$H = "";
$i = "";
if( ( strpos( "Q".$date, " " ) != false ) && ( strpos( "Q".$date, ":" ) != false ) )
{
$Y = substr( $date, 0, strpos( $date, " " ) );
$date = trim( substr( $date, strpos( $date, " " ) + 1, 1000 ) );
$H = substr( $date, 0, strpos( $date, ":" ) );
$date = trim( substr( $date, strpos( $date, ":" ) + 1, 1000 ) );
$i = trim( substr( $date, 0, 1000 ) );
if( strlen( $H ) == 1 )
{
$H = "0".$H;
}
if( strlen( $i ) == 1 )
{
$i = "0".$i;
}
}
else
{
$Y = $date;
$H = "00";
$i = "00";
}
if( strlen( $d ) == 1 )
{
$d = "0".$d;
}
if( strlen( $m ) == 1 )
{
$m = "0".$m;
}
if( strlen( $Y ) != 4 )
{
if( strlen( $Y ) == 2 )
{
$Y = substr( date( "Y" ), 0, 2 ).$Y;
}
else
{
$Y = date( "Y" );
}
}
return str_replace( " ", "", substr( $Y.substr( $m, 0, 2 ).substr( $d, 0, 2 ).substr( $H, 0, 2 ).substr( $i, 0, 2 ), 0, $length ) );
}
function getDateCreated()
{
$ret = -1;
if( $this->date_created > 0 )
{
$ret = $this->date_created;
}
else
{
$history = $this->getHistory();
if( count( $history ) > 0 )
{
$ret = $history[ ( count( $history ) - 1 ) ]->date;
}
unset( $history );
}
return $ret;
}
function getDateEdited()
{
$ret = -1;
if( $this->date_modified > 0 )
{
$ret = $this->date_modified;
}
else
{
$history = $this->getHistory();
if( count( $history ) > 0 )
{
$ret = $history[ 0 ]->date;
}
unset( $history );
}
return $ret;
}
function getEditor( $return_fullname = 1, $return_username = 0 )
{
$ret = "";
if( trim( $this->modifier_ldap_info ) != "" && trim( $this->modifier_ldap_key ) != "" )
{
$rp = ( strpos( $this->modifier_ldap_info, "///" ) !== false ? array( "fullname" => substr( $this->modifier_ldap_info, 0, strrpos( $this->modifier_ldap_info, "///" ) ), "username" => substr( $this->modifier_ldap_info, strrpos( $this->modifier_ldap_info, "///" ) + 3, strlen( $this->modifier_ldap_info ) ) ) : array( "fullname" => $this->modifier_ldap_info, "username" => "" ) );
if( $return_fullname == 1 )
{
$ret .= "user->lang_id == 2 ? "käyttäjätili on LDAP-tietokannassa" : "user account is in LDAP" )."\">".$rp[ "fullname" ]." (LDAP)";
}
if( $return_username == 1 && trim( $rp[ "username" ] ) != "" )
{
$ret .= ( trim( $ret ) != "" ? " (" : "" ).$rp[ "username" ].( trim( $ret ) != "" ? ")" : "" );
}
unset( $rp );
}
else
{
$editor_id = -1;
if( $this->modifier_id > 0 )
{
$editor_id = $this->modifier_id;
}
elseif( $this->author_id > 0 )
{
$editor_id = $this->author_id;
}
else
{
$history = $this->getHistory();
if( count( $history ) > 0 )
{
$editor_id = $history[ 0 ]->user_id;
}
unset( $history );
}
if( $editor_id > 0 )
{
$tmp = new User( 1 ); // 1 = disable LDAP
if( $tmp->load( $editor_id ) )
{
$sep = "";
if( $return_fullname == 1 )
{
$ret .= $sep.$tmp->name_last." ".$tmp->name_first;
$sep = " ";
}
if( $return_username == 1 )
{
$ret .= $sep.$tmp->username;
$sep = " ";
}
}
unset( $tmp );
}
unset( $editor_id );
}
return $ret;
}
function getAuthor( $return_fullname = 1, $return_username = 0 )
{
return $this->getCreator( $return_fullname, $return_username );
}
function getCreator( $return_fullname = 1, $return_username = 0 )
{
$ret = "";
if( trim( $this->author_ldap_info ) != "" && trim( $this->author_ldap_key ) != "" )
{
$rp = ( strpos( $this->author_ldap_info, "///" ) !== false ? array( "fullname" => substr( $this->author_ldap_info, 0, strrpos( $this->author_ldap_info, "///" ) ), "username" => substr( $this->author_ldap_info, strrpos( $this->author_ldap_info, "///" ) + 3, strlen( $this->author_ldap_info ) ) ) : array( "fullname" => $this->author_ldap_info, "username" => "" ) );
$sep = "";
if( $return_fullname == 1 )
{
$ret .= $sep."user->lang_id == 2 ? "käyttäjätili on LDAP-tietokannassa" : "user account is in LDAP" )."\">".$rp[ "fullname" ]." (LDAP)";
$sep = " ";
}
if( $return_username == 1 && trim( $rp[ "username" ] ) != "" )
{
$ret .= $sep.$rp[ "username" ];
$sep = " ";
}
unset( $rp, $sep );
}
else
{
$author_id = -1;
if( $this->author_id > 0 )
{
$author_id = $this->author_id;
}
elseif( $this->modifier_id > 0 )
{
$author_id = $this->modifier_id;
}
else
{
$history = $this->getHistory();
if( count( $history ) > 0 )
{
$author_id = $history[ ( count( $history ) - 1 ) ]->user_id;
}
unset( $history );
}
if( $author_id > 0 )
{
$tmp = new User( 1 ); // 1 = disable LDAP
if( $tmp->load( $author_id ) )
{
$sep = "";
if( $return_fullname == 1 )
{
$ret .= $sep.$tmp->name_last." ".$tmp->name_first;
$sep = " ";
}
if( $return_username == 1 )
{
$ret .= $sep.$tmp->username;
$sep = " ";
}
}
unset( $tmp );
}
unset( $author_id );
}
return $ret;
}
function getHistory()
{
if( !isset( $this->data_history ) )
{
$this->data_history = array();
if( $this->id > 0 && $this->domain_id > 0 && trim( $this->classname ) != "" )
{
$q = new QueryObject( $this->conn_id );
$query_string = "SELECT user_id, date, type, done_sql, recovery_sql FROM data_history WHERE domain_id = ".$this->domain_id." AND data_id = ".$this->id." AND ( classname = 'AUI".str_replace( "AUI", "", $this->classname )."' OR classname = '".str_replace( "AUI", "", $this->classname )."' ) ORDER BY date DESC";
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$i = 0;
while( $q->fetchrow() )
{
$obj = new Blankko();
$obj->user_id = $q->field( "user_id" );
$obj->date = $q->field( "date" );
$obj->type = $q->field( "type" );
$obj->done_sql = $q->field( "done_sql" );
$obj->recovery_sql = $q->field( "recovery_sql" );
$this->data_history[ $i++ ] = $obj;
unset( $obj );
}
unset( $i );
}
unset( $q );
}
}
return $this->data_history;
}
function PutHistory( $mode = "", $done_sql = "", $recovery_sql = "", $do_not_update_forbidden_data_cache_dates = 0 )
{
## ------------------------------------------------------------
## luokan metodeissa insert, delete ja update kutsutaan tätä metodia esim. näin:
## $this->PutHistory( "update", $query_string );
if( trim( $mode ) != "" && $this->id > 0 )
{
$types = array( "" => 0, "insert" => 1, "update" => 2, "delete" => 3 );
$q = new QueryObject( $this->conn_id );
$query_string = "INSERT INTO data_history ( domain_id, module_id, data_id, user_id, date, classname, type, done_sql, recovery_sql ) VALUES ( ".
( is_object( $this->domain ) && $this->domain->id > 0 ? $this->domain->id : ( $this->domain_id > 0 ? $this->domain_id : -1 ) ).", ".
( is_object( $this->module ) && $this->module->id > 0 ? $this->module->id : ( $this->module_id > 0 ? $this->module_id : -1 ) ).", ".
$this->id.", ".
$this->user->id.", ".
date( "YmdHis" ).", ".
"'".$this->classname."', ".
$types[ $mode ].", ".
"'".addslashes( $done_sql )."', ".
"'".addslashes( $recovery_sql )."' )";
if( $q->query( $query_string ) )
{
if( ( $mode == "insert" || $mode == "update" || $mode == "delete" ) && $this->classname != "DesktopAlarm" )
{
## ----------------------
## alert/reminder
if( !class_exists( "DesktopAlarm" ) && file_exists( "../mod_main/classes/class_desktopalarm.inc" ) )
{
include_once( "../mod_main/classes/class_desktopalarm.inc" );
}
if( class_exists( "DesktopAlarm" ) )
{
$a = new DesktopAlarm( 1 );
if( $mode == "insert" && in_array( $this->classname, array( "AUIPage", "AUILibrary", "AUILibraryCat", "AUINews", "AUINewsCategory", "AUISurveySheet", "ImageBankCat", "ImageBank" ) ) )
{
$parents = array();
if( $this->classname == "AUIPage" && ( $this->parent_id > 0 || $this->area_id > 0 ) )
{
if( $this->parent_id > 0 )
{
$temp = new AUIPage( 1 );
if( $temp->load( $this->parent_id ) )
{
$parents[ $temp->classname ] = $temp->id;
}
unset( $temp );
}
if( $this->area_id > 0 )
{
$temp = new AUIArea( 1 );
if( $temp->load( $this->area_id ) )
{
$parents[ $temp->classname ] = $temp->id;
}
unset( $temp );
}
}
elseif( $this->classname == "AUILibrary" && $this->cat_id > 0 )
{
$temp = new AUILibraryCat( 1 );
if( $temp->load( $this->cat_id ) )
{
$parents[ $temp->classname ] = $temp->id;
}
unset( $temp );
}
elseif( $this->classname == "AUILibraryCat" && $this->parent_id > 0 )
{
$temp = new AUILibraryCat( 1 );
if( $temp->load( $this->parent_id ) )
{
$parents[ $temp->classname ] = $temp->id;
}
unset( $temp );
}
elseif( $this->classname == "AUINews" && $this->cat_id > 0 )
{
$temp = new AUINewsCategory( 1 );
if( $temp->load( $this->cat_id ) )
{
$parents[ $temp->classname ] = $temp->id;
}
unset( $temp );
}
elseif( $this->classname == "AUINewsCategory" && $this->parent_id > 0 )
{
$temp = new AUINewsCategory( 1 );
if( $temp->load( $this->parent_id ) )
{
$parents[ $temp->classname ] = $temp->id;
}
unset( $temp );
}
elseif( $this->classname == "AUISurveySheet" && $this->survey_id > 0 )
{
$temp = new AUISurvey( 1 );
if( $temp->load( $this->survey_id ) )
{
$parents[ $temp->classname ] = $temp->id;
}
unset( $temp );
}
elseif( $this->classname == "ImageBank" && $this->cat_id > 0 )
{
$temp = new ImageBankCat( 1 );
if( $temp->load( $this->cat_id ) )
{
$parents[ $temp->classname ] = $temp->id;
}
unset( $temp );
}
elseif( $this->classname == "ImageBankCat" && $this->parent_id > 0 )
{
$temp = new ImageBankCat( 1 );
if( $temp->load( $this->parent_id ) )
{
$parents[ $temp->classname ] = $temp->id;
}
unset( $temp );
}
if( is_array( $parents ) && count( $parents ) > 0 )
{
$als = array();
foreach( $parents AS $pclassname => $pid )
{
$als = array_merge( $als, $a->loadAlarms( -1, $this->module->id, $pclassname, $pid, 1, -1, -1, 2 ) );
}
unset( $pclassname, $pid );
}
unset( $parents );
}
elseif( $mode == "update" || $mode == "delete" )
{
$als = $a->loadAlarms( -1, $this->module->id, $this->classname, $this->id, 1, -1, -1, 0 );
}
if( is_array( $als ) && count( $als ) > 0 )
{
foreach( $als AS $al )
{
$al->send( $mode, $this );
}
unset( $al );
}
unset( $a, $als );
}
}
$query_string = "OPTIMIZE TABLE data_history";
$q->query( $query_string );
if( $do_not_update_forbidden_data_cache_dates != 1 )
{
$query_string = "SELECT date FROM forbidden_data_cache_update_date_store WHERE classname = '".str_replace( "AUI", "", $this->classname )."'";
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$trigger = -1;
if( $this->date_publish > $trigger && $this->date_publish > date( "YmdHi" ) )
{
$trigger = $this->date_publish;
}
if( ( $this->date_expire < $trigger || $trigger < 1 ) && $this->date_expire > date( "YmdHi" ) )
{
$trigger = $this->date_expire;
}
if( strlen( $trigger ) > 12 )
{
$trigger = substr( $trigger, 0, 12 );
}
$query_string = "SELECT update_trigger FROM forbidden_data_cache_update_date_store WHERE classname = '".str_replace( "AUI", "", $this->classname )."' AND update_trigger < ".$trigger." AND update_trigger > 0";
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$trigger = $q->field( "update_trigger" );
}
#print "
pom: ".$this->date_expire.", ".$this->date_publish." ----> ".$trigger;
$query_string = "UPDATE forbidden_data_cache_update_date_store SET date = '".date( "YmdHis" )."', update_trigger = ".$trigger." WHERE classname = '".str_replace( "AUI", "", $this->classname )."'";
$q->query( $query_string );
unset( $trigger );
}
else
{
$query_string = "DELETE FROM forbidden_data_cache_update_date_store";
if( $q->query( $query_string ) )
{
$query_string = "INSERT INTO forbidden_data_cache_update_date_store ( classname, date ) ".
"SELECT REPLACE( data_history.classname, 'AUI', '' ), MAX( LEFT( data_history.date, 14 ) ) ".
"FROM data_history GROUP BY data_history.classname ASC";
$q->query( $query_string );
}
}
}
unset( $q );
return true;
}
unset( $q );
}
return false;
}
function SetLock()
{
## --------------------------------------------------
## sets a lock
if( $this->adminstate == 1 && $this->id > 0 )
{
$go = true;
global $_SERVER;
if( strpos( $_SERVER[ "SCRIPT_FILENAME" ], "cui_edit.php" ) !== false )
{
$rolecheck = $this->user->hasRole( $this->module->id, $this, array( ROLE_EDITOR, ROLE_CREATOR, ROLE_PUBLISHER, ROLE_DELETOR, ROLE_CUIEDIT ) );
}
else
{
$rolecheck = $this->user->hasRole( $this->module->id, $this, array( ROLE_EDITOR, ROLE_CREATOR, ROLE_PUBLISHER, ROLE_DELETOR ) );
}
if( !$rolecheck && ( $this->classname == "AUIImageBank" || $this->classname == "AUIImageBankCat" ) )
{
$rolecheck = $this->user->hasRole( MODULE_ID_INFO, $this, array( ROLE_EDITOR, ROLE_CREATOR, ROLE_PUBLISHER, ROLE_DELETOR ) );
if( !$rolecheck )
{
$rolecheck = $this->user->hasRole( MODULE_ID_NEWS, $this, array( ROLE_EDITOR, ROLE_CREATOR, ROLE_PUBLISHER, ROLE_DELETOR ) );
if( !$rolecheck )
{
$rolecheck = $this->user->hasRole( MODULE_ID_SURVEY, $this, array( ROLE_EDITOR, ROLE_CREATOR, ROLE_PUBLISHER, ROLE_DELETOR ) );
}
}
}
if( is_object( $this->module ) && $this->module->id > 0 && !$rolecheck )
{
$go = false;
}
if( $go )
{
$q = new QueryObject( $this->conn_id );
$query_string = "SELECT * FROM data_lock WHERE user_id != ".$this->user->id." AND date >= ".date( "YmdHi" )." AND user_id > 0 AND data_id = ".$this->id." AND classname = '".$this->classname."'";
$q->query( $query_string );
if( $q->numrows() < 1 )
{
$query_string = "DELETE FROM data_lock WHERE data_id != ".$this->id." AND user_id = ".$this->user->id;
$q->query( $query_string );
$query_string = "DELETE FROM data_lock WHERE data_id = ".$this->id." AND classname = '".$this->classname."'";
$q->query( $query_string );
$incr = 5;
if( is_object( $this->module ) && ( is_object( $this->domain ) || $this->domain_id > 0 ) )
{
$incr = $this->module->getModulePropertyVal( $this->domain_id, "DataLock", 10 );
}
$locktime = date( "YmdHi", mktime( date( "H" ), ( date( "i" ) + $incr ), date( "s" ), date( "m" ), date( "d" ), date( "Y" ) ) );
$query_string = "INSERT INTO data_lock ( user_id, data_id, date, classname ) VALUES ( ".$this->user->id.", ".$this->id.", ".$locktime.",'".$this->classname."' )";
$q->query( $query_string );
unset( $q );
return true;
}
unset( $q );
}
unset( $go );
return false;
}
return true;
}
function UnLock( $mode = 0, $classname = "", $id = -1 )
{
## --------------------------------------------------
## four modes (mode):
## 0 = specific object and user
## 1 = all locks for a certain user
## 2 = all locks for a certain object
## 3 = locks for a certain data by not making the class instance
$q = new QueryObject( $this->conn_id );
if( ( $this->classname == "User" || $this->classname == "AUIUser" ) && $mode == 1 && $this->id > 0 )
{
## -------------------------------------------
## poistetaan kaikki lukot instanssin käyttäjältä
$query_string = "DELETE FROM data_lock WHERE user_id = ".$this->id;
$q->query( $query_string );
unset( $q );
return true;
}
elseif( $mode == 3 && trim( $classname ) != "" && $id > 0 )
{
## --------------------------------------------
## poistetaan lukko ilman luokkaa (yleensä release_lock.php:n kautta)
$query_string = "DELETE FROM data_lock WHERE data_id = ".$id." AND classname = '".$classname."'";
$q->query( $query_string );
unset( $q );
return true;
}
elseif( $this->adminstate == 1 && $this->id > 0 )
{
if( $mode == 1 && $this->user->id > 0 )
{
## -------------------------------------------
## poistetaan kaikki lukot instanssin käyttäjältä
$query_string = "DELETE FROM data_lock WHERE user_id = ".$this->user->id;
}
elseif( $mode == 2 )
{
## -------------------------------------------
## poistetaan kaikki lukot tietyltä objektilta
$query_string = "DELETE FROM data_lock WHERE data_id = ".$this->id." AND classname = '".$this->classname."'";
}
elseif( $this->user->id > 0 )
{
## -------------------------------------------
## poistetaan lukko tietyltä objektilta ja tietyltä käyttäjältä
$query_string = "DELETE FROM data_lock WHERE user_id = ".$this->user->id." AND user_id > 0 AND data_id = ".$this->id." AND classname = '".$this->classname."'";
}
$q->query( $query_string );
unset( $q );
return true;
}
unset( $q );
return false;
}
function ResolveLock( $return_data = 0 )
{
## --------------------------------------------------
## return false if the object is locked by someone else than the logged user
if( /*$this->adminstate == 1 &&*/ $this->id > 0 ) //ETä 9.6.2011 poistin adminstate-kyselyn, koska aiheutti ongelmia käyttäjänimen selvittämisessä
{
$q = new QueryObject( $this->conn_id );
$query_string = "SELECT * FROM data_lock WHERE user_id != ".$this->user->id." AND date >= ".date( "YmdHi" )." AND user_id > 0 AND data_id = ".$this->id." AND classname = '".$this->classname."'";
$q->query( $query_string );
if( $q->numrows() > 0 )
{
## -------------------------
## lukossa on
if( $return_data == 1 )
{
$obj = new Blankko();
$obj->user_id = $q->field( "user_id" );
$obj->date = $q->field( "date" );
unset( $q );
return $obj;
}
unset( $q );
return false;
}
elseif( $return_data == 1 )
{
$query_string = "SELECT * FROM data_lock WHERE user_id = ".$this->user->id." AND user_id > 0 AND data_id = ".$this->id." AND classname = '".$this->classname."'";
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$obj = new Blankko();
$obj->user_id = $q->field( "user_id" );
$obj->date = $q->field( "date" );
unset( $q );
return $obj;
}
}
unset( $q );
}
return true;
}
function escapeChars( $val = "" )
{
$val = str_replace( "\"", "'", $val );
$val = str_replace( "´", "\'", $val );
$val = str_replace( "`", "\'", $val );
$val = str_replace( "[\]'", "\'", $val );
return $val;
}
function parseFileName( $val = "" )
{
$val = str_replace( "ä", "a", $val );
$val = str_replace( "ö", "o", $val );
$val = str_replace( "å", "a", $val );
$val = str_replace( "Ä", "A", $val );
$val = str_replace( "Ö", "O", $val );
$val = str_replace( "Å", "A", $val );
$val = str_replace( "ü", "u", $val );
$val = str_replace( "Ü", "U", $val );
$val = str_replace( " ", "_", $val );
$val = str_replace( ":", "_", $val );
$val = str_replace( "(", "_", $val );
$val = str_replace( ")", "_", $val );
$val = str_replace( "/", "_", $val );
$val = str_replace( "?", "_", $val );
$val = str_replace( "*", "_", $val );
$val = str_replace( "%", "_", $val );
$val = str_replace( "&", "_", $val );
$val = str_replace( "=", "_", $val );
$val = str_replace( "\\", "_", $val );
return $val;
}
function getForbiddenIds()
{
## -------------------
## HUOM! Tämä funktio palauttaa vain loppukäyttöoikeuksiltaan kiellettyjen samanlaisten objektien ID:t
## objektilla on oltava module-objekti määriteltynä
$ret = false;
if( ( is_object( $this->module ) || $this->module_id > 0 ) && trim( $this->classname ) != "" )
{
$ret = array();
$q = new QueryObject( WSM_CONN );
if( $this->user->id < 1 )
{
$query_string = "SELECT data_id FROM data_rights ".
"WHERE data_id > 0 ".
"AND module_id = ".( ( is_object( $this->module ) ) ? $this->module->id : $this->module_id )." ".
( ( $this->domain_id > 0 ) ? "AND domain_id = ".$this->domain_id." " : ( ( is_object( $this->domain ) ? "AND domain_id = ".$this->domain->id." " : "" ) ) ).
"AND classname LIKE( '%".str_replace( "AUI", "", $this->classname )."' ) ".
"AND roles & ".ROLE_CUI." ".
"AND ( user_id > 0 OR group_id > 0 ) ".
"ORDER BY data_id ASC";
}
else
{
$query_string = "SELECT ( SELECT 1 )";
$q->query( $query_string );
if( $q->numrows() > 0 )
{
## uusi tehokas tapa sisäkkäisillä kyselyillä
$query_string = "SELECT data_id FROM data_rights ".
"WHERE data_id > 0 ".
"AND module_id = ".( ( is_object( $this->module ) ) ? $this->module->id : $this->module_id )." ".
( ( $this->domain_id > 0 ) ? "AND domain_id = ".$this->domain_id." " : ( ( is_object( $this->domain ) ? "AND domain_id = ".$this->domain->id." " : "" ) ) ).
"AND classname LIKE( '%".str_replace( "AUI", "", $this->classname )."' ) ".
"AND roles & ".ROLE_CUI." ".
"AND data_id NOT IN( ".
"SELECT data_id FROM data_rights WHERE roles & ".ROLE_CUI." ".
"AND module_id = ".( ( is_object( $this->module ) ) ? $this->module->id : $this->module_id )." ".
( ( $this->domain_id > 0 ) ? "AND domain_id = ".$this->domain_id." " : ( ( is_object( $this->domain ) ? "AND domain_id = ".$this->domain->id." " : "" ) ) ).
"AND classname LIKE( '%".str_replace( "AUI", "", $this->classname )."' ) ".
"AND ( user_id = ".$this->user->id." ".
"OR group_id IN( ".implode( ", ", $this->user->getGroupIds() )." ) ) ".
") ".
"ORDER BY data_id ASC";
}
else
{
## vanha MySQL/PHP-tapa
$not_ins = "";
$query_string = "SELECT data_id FROM data_rights WHERE roles & ".ROLE_CUI." ".
"AND module_id = ".( ( is_object( $this->module ) ) ? $this->module->id : $this->module_id )." ".
( ( $this->domain_id > 0 ) ? "AND domain_id = ".$this->domain_id." " : ( ( is_object( $this->domain ) ? "AND domain_id = ".$this->domain->id." " : "" ) ) ).
"AND classname LIKE( '%".str_replace( "AUI", "", $this->classname )."' ) ".
"AND ( user_id = ".$this->user->id." ".
"OR group_id IN( ".implode( ", ", $this->user->getGroupIds() )." ) ) ".
"ORDER BY data_id ASC";
$q->query( $query_string );
if( $q->numrows() > 0 )
{
while( $q->fetchrow() )
{
$not_ins .= ( trim( $not_ins ) != "" ? ", " : "" ).$q->field( "data_id" );
}
}
$query_string = "SELECT data_id FROM data_rights ".
"WHERE data_id > 0 ".
"AND module_id = ".( ( is_object( $this->module ) ) ? $this->module->id : $this->module_id )." ".
( ( $this->domain_id > 0 ) ? "AND domain_id = ".$this->domain_id." " : ( ( is_object( $this->domain ) ? "AND domain_id = ".$this->domain->id." " : "" ) ) ).
"AND classname LIKE( '%".str_replace( "AUI", "", $this->classname )."' ) ".
"AND roles & ".ROLE_CUI." ".
( trim( $not_ins ) != "" ? "AND data_id NOT IN( ".$not_ins." ) " : "" ).
"ORDER BY data_id ASC";
unset( $not_ins );
}
}
$q->query( $query_string );
if( $q->numrows() > 0 )
{
while( $q->fetchrow() )
{
$ret[] = $q->field( "data_id" );
}
}
unset( $q, $query_string );
}
return $ret;
}
function canCUIEdit( $user = -1, $preload_id = -1 )
{
$ret = false;
if( is_object( $user ) && ( $this->id > 0 || $preload_id > 0 ) )
{
if( $user->id > 0 )
{
if( $this->id > 0 && trim( $this->rights ) != "" )
{
$rp = explode( ",", $this->rights );
if( is_array( $rp ) && count( $rp ) > 0 )
{
foreach( $rp AS $r )
{
if( trim( $r ) != "" && strpos( $r, "u".( trim( $user->ldap_id ) != "" ? $user->ldap_id : $user->id ).":" ) !== false )
{
if( ROLE_CUIEDIT & intval( substr( $r, strpos( $r, ":" ) + 1, strlen( $r ) ) ) )
{
$ret = true;
break;
}
}
}
unset( $r );
if( !$ret )
{
$ugroups = $user->getGroupIds();
if( is_array( $ugroups ) && count( $ugroups ) > 0 )
{
foreach( $ugroups AS $ug )
{
foreach( $rp AS $r )
{
if( trim( $r ) != "" && strpos( $r, "g".$ug.":" ) !== false )
{
if( ROLE_CUIEDIT & intval( substr( $r, strpos( $r, ":" ) + 1, strlen( $r ) ) ) )
{
$ret = true;
break;
}
}
}
if( $ret )
{
break;
}
}
unset( $ug );
}
unset( $ugroups );
}
}
unset( $rp );
}
else
{
$ugroups = $user->getGroupIds();
$q = new QueryObject( WSM_CONN );
if( count( $ugroups ) < 1 )
{
$ugroups[ 0 ] = -2;
}
$query_string = "SELECT data_id FROM data_rights ".
"WHERE data_id = ".( ( $preload_id > 0 ) ? $preload_id : $this->id )." ".
"AND classname LIKE( '%".str_replace( "AUI", "", $this->classname )."' )".
"AND roles & ".ROLE_CUIEDIT." ".
"AND ( ".( trim( $user->ldap_id ) != "" ? "ldap_user_key = '".$user->ldap_id."' OR ldap_group_key IN( '".implode( "', '", $ugroups )."' )" : "user_id = ".$user->id." OR group_id IN( ".implode( ", ", $ugroups )." )" )." )";
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$ret = true;
}
unset( $q, $ugroups );
}
}
}
return $ret;
}
function ResolveRight( $adminstate = 0, $preload_id = -1, $override_cui_editor = 0 )
{
global $WSM_aui;
if( $adminstate == 1 || $this->adminstate == 1 || is_object( $WSM_aui ) )
{
return $this->ResolveRightAUI( $preload_id );
}
return $this->ResolveRightCUI( $preload_id, $override_cui_editor );
}
function ResolveRightAUI( $preload_id = -1 )
{
/*
CREATE TABLE forbidden_data_cache_aui(
cache_id bigint(20) NOT NULL auto_increment,
user_id bigint(20) NOT NULL default '-1',
user_group_hash varchar(32) NOT NULL default '',
user_ldap_key varchar(128) NOT NULL default '',
classname varchar(32) NOT NULL default '',
date bigint(20) NOT NULL default '-1',
content LONGTEXT,
PRIMARY KEY( cache_id )
);
*/
## ---------------------------------
## rights check for AUI only
if( $this->user->is_super == 1 || $this->user->id < 1 )
{
## ----------------------------------------------------
## super users and unrecogs can do anything in AUI...
return true;
}
$ret = true;
$use_uid = $this->user->id;
$use_date = date( "YmdHis" );
$use_id = ( $preload_id > 0 ? $preload_id : $this->id );
$use_classname = str_replace( "AUI", "", $this->classname );
$frb_cache_key = $use_classname.$use_uid;
if( $use_id > 0 && trim( $use_classname ) != "" )
{
$ret = false;
$q = new QueryObject( $this->conn_id );
## ---------------------------
## uudet ylläpidon oikeussäännöt, jotka toimivat nopsemmin
if( $use_classname == "Module" )
{
## ---------------------------
## kyseessä on moduli, joten tsegataan vain yksinkertaisesti
## ETä 5.5.2010: ohitus uutisten wysiwyg-editointiin, jossa pageParserille on annettava oikeus ladata sivut-moduli jos onnistutaan lataamaan uutismoduli
if( $use_id == MODULE_ID_PAGES && strpos( str_replace( "\\", "/", $_SERVER[ "SCRIPT_FILENAME" ] ), "admins/mod_news/aui_newscontents.php" ) !== false )
{
$query_string = "SELECT data_rights.module_id FROM data_rights, groups ".
"WHERE data_rights.group_id = groups.group_id ".
"AND groups.is_aui = 1 ".
"AND data_rights.classname = '' ".
"AND data_rights.data_id < 1 ".
"AND data_rights.module_id IN( ".$use_id.", ".MODULE_ID_NEWS." ) ".
"AND ( data_rights.roles & ".ROLE_EDITOR." OR data_rights.roles & ".ROLE_CREATOR." ) ".
"AND data_rights.group_id IN( ".implode( ", ", $this->user->getGroupIds() )." )";
}
else
{
$query_string = "SELECT data_rights.module_id FROM data_rights, groups ".
"WHERE data_rights.group_id = groups.group_id ".
"AND groups.is_aui = 1 ".
"AND data_rights.classname = '' ".
"AND data_rights.data_id < 1 ".
"AND data_rights.module_id = ".$use_id." ".
"AND data_rights.roles & ".ROLE_VIEWER." ".
"AND data_rights.group_id IN( ".implode( ", ", $this->user->getGroupIds() )." )";
}
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$ret = true;
}
return $ret;
}
if( is_array( $this->fields ) )
{
$pcname = str_replace( "AUI", "", $this->classname );
$pc = new $pcname();
$query_string = "SELECT rights FROM ".$pc->sourcetable." WHERE rights != '' AND ".$pc->sourceid." = ".$use_id;
$q->query( $query_string );
if( $q->numrows() > 0 )
{
## ---------------------------
## rights-kenttä löytyy ja siinä on tavaraa, joten tsegataan suoraan siitä
$right_for_self = false;
$right_for_others = false;
$checks = explode( ",", $q->field( "rights" ) );
if( is_array( $checks ) && count( $checks ) > 0 )
{
$gids = $this->user->getGroupIds();
foreach( $checks AS $chp )
{
$chpp = explode( ":", $chp );
if( is_array( $chpp ) && count( $chpp ) == 2 && $chpp[ 1 ] > ROLE_CUI && $chpp[ 1 ] != ROLE_CUIEDIT )
{
$chid = ( is_string( $chpp[ 0 ] ) ? substr( $chpp[ 0 ], 1, strlen( $chpp[ 0 ] ) ) : "" );
if( is_string( $chpp[ 0 ] ) && substr( $chpp[ 0 ], 0, 1 ) == "u" )
{
if( $chid == $this->user->id )
{
$right_for_self = true;
break;
}
else
{
$right_for_others = true;
}
}
elseif( is_string( $chpp[ 0 ] ) && substr( $chpp[ 0 ], 0, 1 ) == "g" )
{
if( in_array( $chid, $gids ) )
{
$right_for_self = true;
break;
}
else
{
$right_for_others = true;
}
}
unset( $chid );
}
unset( $chpp );
}
unset( $chp, $gids );
}
$ret = ( $right_for_self ? true : ( $right_for_others ? false : true ) );
unset( $checks, $right_for_self, $right_for_others );
return $ret;
}
else
{
## ---------------------------
## ei ole rights-kenttää taulussa tai kenttä on tyhjä, joten oikeuksiakaan ei ole määritetty
return true;
}
unset( $pcname, $pc );
}
## ---------------------------
if( !is_array( $this->user->frb_auidata ) || !is_array( $this->user->frb_auidate ) )
{
$this->user->frb_auidata = array();
$this->user->frb_auidate = array();
$this->user->frb_auihash = array();
$query_string = "SELECT DISTINCT date, content, classname, user_group_hash FROM forbidden_data_cache_aui WHERE user_id = ".$use_uid;
$q->query( $query_string );
if( $q->numrows() > 0 )
{
while( $q->fetchrow() )
{
$tcn = str_replace( "AUI", "", $q->field( "classname" ) );
$this->user->frb_auidata[ $tcn.$use_uid ] = unserialize( base64_decode( $q->field( "content" ) ) );
$this->user->frb_auidate[ $tcn.$use_uid ] = $q->field( "date" );
$this->user->frb_auihash[ $tcn.$use_uid ] = $q->field( "user_group_hash" );
unset( $tcn );
}
}
}
if( !is_array( $this->user->aui_group_ids ) )
{
$this->user->aui_group_ids = array();
$ugroups = array();
$query_string = "SELECT DISTINCT groups.group_id FROM user_group_link, groups WHERE user_group_link.user_id = ".$use_uid." AND user_group_link.group_id = groups.group_id AND groups.active = 1 AND groups.is_aui = 1 AND groups.date_publish <= ".$use_date." AND ( groups.date_expire < 1 OR groups.date_expire > ".date( "YmdHi" )." ) ORDER BY groups.group_id ASC";
$q->query( $query_string );
if( $q->numrows() > 0 )
{
while( $q->fetchrow() )
{
$this->user->aui_group_ids[] = $q->field( "group_id" );
}
}
}
if( count( $this->user->aui_group_ids ) < 1 )
{
exit;
}
$refresh = true;
$group_hash_go = false;
if( method_exists( $this->user, "getGroupIds" ) )
{
if( $this->user->frb_auihash[ $frb_cache_key ] != md5( serialize( $this->user->aui_group_ids ) ) )
{
$group_hash_go = true;
}
}
if( !$group_hash_go && $this->user->frb_auidate[ $frb_cache_key ] > 0 )
{
if( !is_array( $this->user->frb_auidata_updates ) )
{
$this->user->frb_auidata_updates = array();
$query_string = "SELECT classname, date, update_trigger FROM forbidden_data_cache_update_date_store";
$q->query( $query_string );
if( $q->numrows() < 1 )
{
## -------------------------
## tämä päivitys on asennettu, mutta yhtään tiedon päivitystä tietokantaan
## putHistory():n kautta ei ole vielä tehty -> tehdään temppitaulun sisältö
$query_string = "INSERT INTO forbidden_data_cache_update_date_store ( classname, date ) ".
"SELECT REPLACE( data_history.classname, 'AUI', '' ), MAX( LEFT( data_history.date, 14 ) ) ".
"FROM data_history GROUP BY data_history.classname ASC";
$q->query( $query_string, 1 );
$query_string = "SELECT classname, date, update_trigger FROM forbidden_data_cache_update_date_store";
$q->query( $query_string );
}
if( $q->numrows() > 0 )
{
while( $q->fetchrow() )
{
$ukey = trim( $q->field( "classname" ) );
if( $ukey != "" )
{
$this->user->frb_auidata_updates[ $ukey ] = $q->field( "date" );
}
unset( $ukey );
}
}
}
if( $this->user->frb_auidata_updates[ $use_classname ] > 0 )
{
$refresh = false;
$md = $this->user->frb_auidata_updates[ $use_classname ];
if( $md )
{
if( strlen( $md ) < 14 && substr( $md, 0, 12 ) > substr( $this->user->frb_auidate[ $frb_cache_key ], 0, 12 ) )
{
$refresh = true;
}
elseif( strlen( $md ) == 14 && substr( $md, 0, 14 ) > substr( $this->user->frb_auidate[ $frb_cache_key ], 0, 14 ) )
{
$refresh = true;
}
}
unset( $md );
}
}
if( $refresh )
{
## ---------------------------------
## update the cache
$is_new_entry = !is_array( $this->user->frb_auidata[ $frb_cache_key ] );
$this->user->frb_auidata[ $frb_cache_key ] = array();
$this->user->frb_auidate[ $frb_cache_key ] = $use_date;
$this->user->frb_auihash[ $frb_cache_key ] = md5( serialize( $this->user->aui_group_ids ) );
## ---------------------------------
## check which data is forbidden
$query_made = false;
if( $use_uid > 0 )
{
$query_string = "SELECT DISTINCT data_id FROM data_rights WHERE data_id > 0 AND classname = '".$use_classname."' AND roles > ".ROLE_CUI." AND roles != ".ROLE_CUIEDIT." AND roles != ".( ROLE_CUI + ROLE_CUIEDIT )." AND ( user_id = ".$use_uid." OR group_id IN( ".implode( ", ", $this->user->aui_group_ids )." ) ) ORDER BY data_id ASC";
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$query_made = true;
$sep = "";
$query_string = "SELECT DISTINCT data_id FROM data_rights WHERE classname = '".$use_classname."' AND roles > ".ROLE_CUI." AND roles != ".ROLE_CUIEDIT." AND roles != ".( ROLE_CUI + ROLE_CUIEDIT )." AND data_id NOT IN( ";
while( $q->fetchrow() )
{
$query_string .= $sep.$q->field( "data_id" );
$sep = ", ";
}
$query_string .= " ) ORDER BY data_id ASC";
unset( $sep );
}
}
if( !$query_made )
{
$query_string = "SELECT DISTINCT data_id FROM data_rights WHERE classname = '".$use_classname."' AND roles > ".ROLE_CUI." AND roles != ".ROLE_CUIEDIT." AND roles != ".( ROLE_CUI + ROLE_CUIEDIT )." ORDER BY data_id ASC";
}
unset( $query_made );
$q->query( $query_string );
if( $q->numrows() > 0 )
{
while( $q->fetchrow() )
{
$this->user->frb_auidata[ $frb_cache_key ][] = $q->field( "data_id" );
}
}
if( $is_new_entry )
{
$query_string = "INSERT INTO forbidden_data_cache_aui ( user_id, classname, date, content, user_group_hash ) VALUES ( ".$use_uid.", '".$use_classname."', ".$this->user->frb_auidate[ $frb_cache_key ].", '".base64_encode( serialize( $this->user->frb_auidata[ $frb_cache_key ] ) )."', '".$this->user->frb_auihash[ $frb_cache_key ]."' )";
}
else
{
$query_string = "UPDATE forbidden_data_cache_aui SET date = ".$this->user->frb_auidate[ $frb_cache_key ].", content = '".base64_encode( serialize( $this->user->frb_auidata[ $frb_cache_key ] ) )."', user_group_hash = '".$this->user->frb_auihash[ $frb_cache_key ]."' WHERE user_id = ".$use_uid." AND classname = '".$use_classname."'";
}
$q->query( $query_string );
}
if( is_array( $this->user->frb_auidata ) )
{
if( !in_array( $use_id, $this->user->frb_auidata[ $frb_cache_key ] ) )
{
$ret = true;
}
}
unset( $q );
}
unset( $use_uid, $use_date, $use_id, $use_classname, $frb_cache_key );
return $ret;
}
function ResolveRightCUI( $preload_id = -1, $override_cui_editor = 0 )
{
/*
CREATE TABLE forbidden_data_cache(
cache_id BIGINT(20) PRIMARY KEY auto_increment,
user_id bigint(20) NOT NULL default '-1',
user_group_hash varchar(32) NOT NULL default '',
user_ldap_key varchar(255) NOT NULL default '',
classname varchar(128) NOT NULL default '',
date bigint(20) NOT NULL default '-1',
content LONGTEXT,
PRIMARY KEY( cache_id )
);
*/
## ---------------------------------
## modulin voi aina ladata loppukäyttöpuolella jos asennettu (ETä 26.9.2007)
if( $this->classname == "Module" )
{
return true;
}
// ETä 23.10.2009: lisäsin tällaisen, koska tätä testiä on turha tehdä domainille, jolla ei ole oikeusrajoituksia ja jota lataillaan usein, vaan pelkkä julkaisutilaselvitys riittää
// ETä 27.1.2010: lisäsin samaan kieltopompsiin myös käyttäjä-, ryhmä- ja tyyli-objektit
if( ( $this->classname == "Domain" || $this->classname == "AUIDomain" || $this->classname == "User" || $this->classname == "Group" || $this->classname == "Style" ) && $this->adminstate != 1 )//&& ( $this->user->id < 1 || trim( $this->user->id ) == "" ) && trim( $this->user->ldap_id ) == "" ) // edes user_id:tä ei tarvitse selvittää
{
$ret = true;
$d = date( "YmdHi" );
if( $this->id > 0 )
{
if( ( $this->classname == "Style" && $this->active != 1 ) || ( $this->classname != "Style" && ( $this->active != 1 || $this->date_publish > $d || ( $this->date_expire > 0 && $this->date_expire <= $d ) ) ) )
{
$ret = false;
}
}
elseif( $preload_id > 0 )
{
$q = new QueryObject( $this->conn_id );
if( $this->classname == "Domain" || $this->classname == "AUIDomain" )
{
$query_string = "SELECT domain_id FROM domain WHERE active = 1 AND date_publish <= ".$d." AND ( date_expire < 1 OR date_expire > ".$d." ) AND domain_id = ".$preload_id;
}
elseif( $this->classname == "User" )
{
$query_string = "SELECT user_id FROM users WHERE active = 1 AND date_publish <= ".$d." AND ( date_expire < 1 OR date_expire > ".$d." ) AND user_id = ".$preload_id;
}
elseif( $this->classname == "Group" )
{
$query_string = "SELECT group_id FROM groups WHERE active = 1 AND date_publish <= ".$d." AND ( date_expire < 1 OR date_expire > ".$d." ) AND group_id = ".$preload_id;
}
elseif( $this->classname == "Style" )
{
$query_string = "SELECT style_id FROM styles WHERE active = 1 AND style_id = ".$preload_id;
}
$q->query( $query_string );
if( $q->numrows() < 1 )
{
$ret = false;
}
unset( $q );
}
unset( $d );
return $ret;
}
## ---------------------------------
## rights check for CUI/AUI
$ret = false;
if( ( $preload_id > 0 || $this->id > 0 ) && trim( $this->classname ) != "" && count( get_class_methods( $this->user ) ) > 0 )
{
if( trim( $this->user->id ) == "" )
{
$this->user->id = -1;
}
$use_uid = $this->user->id;
$use_id = ( $preload_id > 0 ? $preload_id : $this->id );
$use_classname = str_replace( "AUI", "", $this->classname );
$frb_cache_key = $use_classname.$use_uid;
if( $this->user->cache_ldap_checked !== true )
{
$this->user->cache_ldap_checked = true;
$this->user->cache_ldap = $this->resolveLDAPEnabled();
}
$use_ldap = $this->user->cache_ldap;
$q = new QueryObject( $this->conn_id );
if( !is_array( $this->user->frb_data[ $use_uid ] ) || !is_array( $this->user->frb_date[ $use_uid ] ) )
{
$this->user->frb_data[ $use_uid ] = array();
$this->user->frb_date[ $use_uid ] = array();
$this->user->frb_hash[ $use_uid ] = array();
if( $use_ldap )
{
$query_string = "SELECT DISTINCT date, content, classname, user_group_hash FROM forbidden_data_cache WHERE user_ldap_key = '".$this->user->ldap_id."'";// AND user_ldap_key != ''";// AND classname = '".$use_classname."'";
}
else
{
$query_string = "SELECT DISTINCT date, content, classname, user_group_hash FROM forbidden_data_cache WHERE '".$this->classname."' = '".$this->classname."' AND user_id = ".$use_uid;//." AND classname = '".$use_classname."'";
}
global $_SERVER, $VAJ_cache_generation_time;
if( $preload_id == 1 && $this->classname == "Module" && $_SERVER[ "REMOTE_ADDR" ] == "62.142.78.10" )
{
# print "\n
gtime 2 (".$this->classname.":".$preload_id.") -- ".( getMicroTimeForVAJCache() - $VAJ_cache_generation_time );
}
$q->query( $query_string );
if( $preload_id == 1 && $this->classname == "Module" && $_SERVER[ "REMOTE_ADDR" ] == "62.142.78.10" )
{
# print "\n
gtime 2.5: ".$query_string."\n
numrows: ".$q->numrows();
}
#delete from forbidden_data_cache where classname in( 'Domain', 'PageData', 'Page', 'News', 'SurveyButton', 'Survey', 'Library', 'LibraryCat', 'SurveySheet', 'SurveyElement', 'NewsCategory', 'Language', 'Area', 'SurveyLayout', 'Template', 'EntrePage', 'ImageBank', 'ImageBankCat' );
#delete from forbidden_data_cache_update_date_store where classname in( 'Domain', 'PageData', 'Page', 'News', 'SurveyButton', 'Survey', 'Library', 'LibraryCat', 'SurveySheet', 'SurveyElement', 'NewsCategory', 'Language', 'Area', 'SurveyLayout', 'Template', 'EntrePage', 'ImageBank', 'ImageBankCat' );
if( $q->numrows() > 0 )
{
while( $q->fetchrow() )
{
$tcn = str_replace( "AUI", "", $q->field( "classname" ) );
$this->user->frb_data[ $use_uid ][ $tcn.$use_uid ] = unserialize( base64_decode( $q->field( "content" ) ) );
$this->user->frb_date[ $use_uid ][ $tcn.$use_uid ] = $q->field( "date" );
$this->user->frb_hash[ $use_uid ][ $tcn.$use_uid ] = $q->field( "user_group_hash" );
unset( $tcn );
}
}
global $_SERVER, $VAJ_cache_generation_time;
if( $preload_id == 1 && $this->classname == "Module" && $_SERVER[ "REMOTE_ADDR" ] == "62.142.78.10" )
{
# print "\n
gtime 3 (".$this->classname.":".$preload_id.") -- ".( getMicroTimeForVAJCache() - $VAJ_cache_generation_time );
}
}
$refresh = true;
$group_hash_go = false;
if( method_exists( $this->user, "getGroupIds" ) )
{
if( $this->user->frb_hash[ $use_uid ][ $frb_cache_key ] != md5( serialize( $this->user->getGroupIds() ) ) )
{
$group_hash_go = true;
}
}
if( !$group_hash_go && $this->user->frb_date[ $use_uid ][ $frb_cache_key ] > 0 )
{
if( !is_array( $this->user->frb_data_updates ) )
{
$this->user->frb_data_updates = array();
$this->user->frb_data_update_triggers = array();
## $query_string = "SELECT DISTINCT classname, MAX( LEFT( date, 14 ) ) AS maxdate FROM data_history GROUP BY classname ASC";
## puristetaan 0.09 sekuntia kyselystä pois poistamalla LEFT-funkkari ja DISTINCT
## $query_string = "SELECT classname, MAX( date ) AS maxdate FROM data_history GROUP BY classname ASC";
## puristetaan vieläkin pois aikaa tekemällä siirtotaulu
$query_string = "SELECT classname, date, update_trigger FROM forbidden_data_cache_update_date_store";
$q->query( $query_string );
if( $q->numrows() < 1 )
{
## -------------------------
## tämä päivitys on asennettu, mutta yhtään tiedon päivitystä tietokantaan
## putHistory():n kautta ei ole vielä tehty -> tehdään temppitaulun sisältö
$query_string = "INSERT INTO forbidden_data_cache_update_date_store ( classname, date ) ".
"SELECT REPLACE( data_history.classname, 'AUI', '' ), MAX( LEFT( data_history.date, 14 ) ) ".
"FROM data_history WHERE classname NOT LIKE( '%Domain%', '%PageData%', '%Page%', '%News%', '%SurveyButton%', '%Survey%', '%Library%', '%LibraryCat%', '%SurveySheet%', '%SurveyElement%', '%NewsCategory%', '%Language%', '%Area%', '%SurveyLayout%', '%Template%', '%EntrePage%', '%ImageBank%', '%ImageBankCat%' ) GROUP BY data_history.classname ASC";
$q->query( $query_string, 1 );
$query_string = "SELECT classname, date, update_trigger FROM forbidden_data_cache_update_date_store";
$q->query( $query_string );
}
if( $q->numrows() > 0 )
{
while( $q->fetchrow() )
{
$ukey = trim( $q->field( "classname" ) );
if( $ukey != "" )
{
$this->user->frb_data_updates[ $ukey ] = $q->field( "date" );
$this->user->frb_data_update_triggers[ $ukey ] = $q->field( "update_trigger" );
}
unset( $ukey );
}
}
}
if( $this->user->frb_data_update_triggers[ $use_classname ] > 0 && $this->user->frb_data_update_triggers[ $use_classname ] <= date( "YmdHi" ) )
{
## -----------------------
## ajastuslaukaisin ohitettu, pakotetaan päivitys
$refresh = true;
$trigger_date_publish = -1;
$trigger_date_expire = -1;
$query_string = "SELECT MIN( date_publish ) AS min_date_p FROM ".$this->sourcetable." WHERE date_publish > ".date( "YmdHi" );
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$trigger_date_publish = $q->field( "min_date_p" );
}
$query_string = "SELECT MIN( date_expire ) AS min_date_e FROM ".$this->sourcetable." WHERE date_expire > ".date( "YmdHi" );
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$trigger_date_expire = $q->field( "min_date_e" );
}
if( $trigger_date_publish > 0 || $trigger_date_expire > 0 )
{
## -----------------------
## päivitetään laukaisin
$trigger = -1;
if( $trigger_date_publish > $trigger )
{
$trigger = $trigger_date_publish;
}
if( ( $trigger_date_expire < $trigger || $trigger < 1 ) && $trigger_date_expire > date( "YmdHi" ) )
{
$trigger = $trigger_date_expire;
}
if( strlen( $trigger ) > 12 )
{
$trigger = substr( $trigger, 0, 12 );
}
$query_string = "SELECT update_trigger FROM forbidden_data_cache_update_date_store WHERE classname = '".$use_classname."' AND update_trigger < ".$trigger." AND update_trigger > ".date( "YmdHi" );
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$trigger = $q->field( "update_trigger" );
}
$query_string = "UPDATE forbidden_data_cache_update_date_store SET update_trigger = ".$trigger." WHERE classname = '".$use_classname."'";
unset( $trigger );
}
else
{
## -----------------------
## poistetaan laukaisin
$query_string = "UPDATE forbidden_data_cache_update_date_store SET update_trigger = -1 WHERE classname = '".$use_classname."' AND update_trigger < ".date( "YmdHi" );//<= ".date( "YmdHi" );
}
$q->query( $query_string );
unset( $trigger_date_publish, $trigger_date_expire );
}
elseif( $this->user->frb_data_updates[ $use_classname ] > 0 )
{
$refresh = false;
$md = $this->user->frb_data_updates[ $use_classname ];
if( $md )
{
if( strlen( $md ) < 14 && substr( $md, 0, 12 ) > substr( $this->user->frb_date[ $use_uid ][ $frb_cache_key ], 0, 12 ) )
{
$refresh = true;
}
elseif( strlen( $md ) == 14 && substr( $md, 0, 14 ) > substr( $this->user->frb_date[ $use_uid ][ $frb_cache_key ], 0, 14 ) )
{
$refresh = true;
}
}
unset( $md );
}
}
if( $refresh )
{
## ---------------------------------
## update the cache
$use_date = date( "YmdHis" );
$is_new_entry = !is_array( $this->user->frb_data[ $use_uid ][ $frb_cache_key ] );
$this->user->frb_data[ $use_uid ][ $frb_cache_key ] = array();
$this->user->frb_date[ $use_uid ][ $frb_cache_key ] = $use_date;
$this->user->frb_hash[ $use_uid ][ $frb_cache_key ] = md5( serialize( $this->user->getGroupIds() ) );
## ---------------------------------
## check which data is forbidden
$query_made = false;
if( $use_uid > 0 )
{
if( !$use_ldap )
{
$ugroups = $this->user->getGroupIds();
if( count( $ugroups ) < 1 )
{
$ugroups[] = -2;
}
}
if( $use_ldap )
{
$query_string = "SELECT DISTINCT data_id FROM data_rights WHERE classname = '".$use_classname."' AND roles & ".ROLE_CUI." AND ( ( ldap_user_key = '".$this->user->ldap_id."' AND ldap_user_key != '' ) OR ldap_group_key IN( '".implode( "', '", $this->user->getGroupIds() )."' ) ) ORDER BY data_id ASC";
}
else
{
$query_string = "SELECT DISTINCT data_id FROM data_rights WHERE classname = '".$use_classname."' AND roles & ".ROLE_CUI." AND ( user_id = ".$use_uid." OR group_id IN( ".implode( ", ", $ugroups )." ) ) ORDER BY data_id ASC";
}
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$query_made = true;
$sep = "";
$query_string = "SELECT DISTINCT data_id FROM data_rights WHERE classname = '".$use_classname."' AND roles & ".ROLE_CUI." AND data_id NOT IN( ";
while( $q->fetchrow() )
{
$query_string .= $sep.$q->field( "data_id" );
$sep = ", ";
}
$query_string .= " ) ORDER BY data_id ASC";
unset( $sep );
}
}
if( !$query_made )
{
$query_string = "SELECT DISTINCT data_id FROM data_rights WHERE classname = '".$use_classname."' AND roles & ".ROLE_CUI." ORDER BY data_id ASC";
}
unset( $query_made );
$q->query( $query_string );
if( $q->numrows() > 0 )
{
while( $q->fetchrow() )
{
$this->user->frb_data[ $use_uid ][ $frb_cache_key ][] = $q->field( "data_id" );
}
}
if( trim( $this->sourceid ) != "" && trim( $this->sourcetable ) != "" )
{
if( in_array( "active", $this->fields ) || in_array( "date_publish", $this->fields ) || in_array( "date_expire", $this->fields ) )
{
## ---------------------------------
## check which data is unpublished
$query_string = "SELECT ".$this->sourceid." FROM ".$this->sourcetable." WHERE ( "; //, active, date_publish, date_expire
$sep = "";
if( in_array( "active", $this->fields ) )
{
$query_string .= "active != 1 ";
$sep = "OR ";
}
if( in_array( "date_publish", $this->fields ) )
{
$query_string .= $sep."date_publish > ".substr( $use_date, 0, 12 )." ";
$sep = "OR ";
}
if( in_array( "date_expire", $this->fields ) )
{
$query_string .= $sep."( date_expire > 0 AND date_expire <= ".substr( $use_date, 0, 12 )." ) ";
$sep = "OR ";
}
$query_string .= ") ";
if( in_array( $use_classname, array( "Page", "News", "Library", "Event" ) ) && $use_uid > 0 && !$use_ldap )
{
## --------------------------------
## suljetaan pois loppukäyttöeditoitavat asiat:
$ugroups = $this->user->getGroupIds();
if( count( $ugroups ) < 1 )
{
$ugroups[ 0 ] = -2;
}
## ----------------------------
## tarkastetaan CUI-editointioikeudet
$qstr = "SELECT DISTINCT data_id FROM data_rights ".
"WHERE data_id = ".$use_id." ".
"AND classname LIKE( '".$use_classname."' )".
"AND roles & ".ROLE_CUIEDIT." ".
"AND ( user_id = ".$use_uid." OR group_id IN( ".implode( ", ", $ugroups )." ) )";
$q->query( $qstr );
if( $q->numrows() > 0 )
{
$query_string .= ( trim( $sep ) != "" ? "AND " : "" ).$this->sourceid." NOT IN( ";
$sep = "";
while( $q->fetchrow() > 0 )
{
$query_string .= $sep.$q->field( "data_id" );
}
$query_string .= " ) ";
}
unset( $qstr );
}
$query_string .= "ORDER BY ".$this->sourceid." ASC";
$q->query( $query_string );
if( $q->numrows() > 0 )
{
while( $q->fetchrow() )
{
$this->user->frb_data[ $use_uid ][ $frb_cache_key ][] = $q->field( $this->sourceid );
}
}
unset( $sep );
}
}
if( $use_classname != "Domain" && $use_classname != "PageData" && $use_classname != "Page" && $use_classname != "News" && $use_classname != "SurveyButton" && $use_classname != "Survey" && $use_classname != "Library" && $use_classname != "LibraryCat" && $use_classname != "SurveySheet" && $use_classname != "SurveyElement" && $use_classname != "NewsCategory" && $use_classname != "Language" && $use_classname != "Area" && $use_classname != "SurveyLayout" && $use_classname != "Template" && $use_classname != "EntrePage" && $use_classname != "ImageBank" && $use_classname != "ImageBankCat" )
{
if( $is_new_entry )
{
if( $use_ldap )
{
$query_string = "INSERT INTO forbidden_data_cache ( user_ldap_key, classname, date, content, user_group_hash ) VALUES ( '".$this->user->ldap_id."', '".$use_classname."', ".$this->user->frb_date[ $use_uid ][ $frb_cache_key ].", '".base64_encode( serialize( $this->user->frb_data[ $use_uid ][ $frb_cache_key ] ) )."', '".$this->user->frb_hash[ $use_uid ][ $frb_cache_key ]."' )";
}
else
{
$query_string = "INSERT INTO forbidden_data_cache ( user_id, classname, date, content, user_group_hash ) VALUES ( ".$use_uid.", '".$use_classname."', ".$this->user->frb_date[ $use_uid ][ $frb_cache_key ].", '".base64_encode( serialize( $this->user->frb_data[ $use_uid ][ $frb_cache_key ] ) )."', '".$this->user->frb_hash[ $use_uid ][ $frb_cache_key ]."' )";
}
}
else
{
if( $use_ldap )
{
$query_string = "UPDATE forbidden_data_cache SET date = ".$this->user->frb_date[ $use_uid ][ $frb_cache_key ].", content = '".base64_encode( serialize( $this->user->frb_data[ $use_uid ][ $frb_cache_key ] ) )."', user_group_hash = '".$this->user->frb_hash[ $use_uid ][ $frb_cache_key ]."' WHERE user_ldap_key = '".$this->user->ldap_id."' AND classname = '".$use_classname."'";
}
else
{
$query_string = "UPDATE forbidden_data_cache SET date = ".$this->user->frb_date[ $use_uid ][ $frb_cache_key ].", content = '".base64_encode( serialize( $this->user->frb_data[ $use_uid ][ $frb_cache_key ] ) )."', user_group_hash = '".$this->user->frb_hash[ $use_uid ][ $frb_cache_key ]."' WHERE user_id = ".$use_uid." AND classname = '".$use_classname."'";
}
}
}
if( $q->query( $query_string ) )
{
# ETä 17.11.2009: kommentoitu tämä SQL-operaatio JSu:n pyynnöstä liittyen www.osao.fi:n toimintaan
# $query_string = "OPTIMIZE TABLE forbidden_data_cache";
# $q->query( $query_string );
}
unset( $use_date );
}
if( is_array( $this->user->frb_data[ $use_uid ] ) )
{
if( !in_array( $use_id, $this->user->frb_data[ $use_uid ][ $frb_cache_key ] ) )
{
$ret = true;
}
unset( $use_id );
}
unset( $use_uid, $q, $use_classname, $frb_cache_key, $is_new_entry, $use_id, $use_ldap );
}
return $ret;
}
function doDefaults( $dont_change_status_message = 0 )
{
## --------------------------------------------------
## passes default values to the object attributes
$this->id = -1;
for( $i = 0; $i < count( $this->fields ); $i++ )
{
$var = $this->fields[ $i ];
$this->$var = $this->defaults[ $i ];
}
unset( $this->data_history );
if( $dont_change_status_message != 1 )
{
$this->status_message = "default";
}
$this->isModified = false;
}
function getDefaultValueForVariable( $var = "" )
{
if( !isset( $this->defaults_for_variables ) )
{
for( $i = 0; $i < count( $this->fields ); $i++ )
{
$this->defaults_for_variables[ ( $this->fields[ $i ] ) ] = $this->defaults[ $i ];
}
}
return $this->defaults_for_variables[ $var ];
}
function recursiveCacheRm( $path = "", $clear_only_subs = false )
{
if( strpos( $path, "/cache/" ) !== false && is_dir( $path ) && $dir = @dir( $path ) )
{
while( false !== ( $entry = $dir->read() ) )
{
if( !is_dir( $path.$entry ) && $entry != "." && $entry != ".." )
{
@unlink( $path.$entry );
}
elseif( is_dir( $path.$entry ) && $entry != "." && $entry != ".." )
{
$this->recursiveCacheRm( $path.$entry."/" );
}
}
global $_ENV, $SCRIPT_FILENAME;
if( strpos( $SCRIPT_FILENAME, "admins/" ) !== false || strpos( $SCRIPT_FILENAME, "cui_edit.php" ) !== false )
{
$uroot = substr( $SCRIPT_FILENAME, 0, strpos( $SCRIPT_FILENAME, ( strpos( $SCRIPT_FILENAME, "admins/" ) !== false ? "admins/" : "cui_edit.php" ) ) );
}
if( $uroot != "" && strpos( strtolower( $_ENV[ "OS" ] ), "win" ) !== false )
{
/*
$path = $uroot.substr( $path, strpos( $path, "cache/" ), strlen( $path ) );
$path = ( substr( $path, -1 ) == "/" ? substr( $path, 0, -1 ) : $path );
$path = str_replace( "/", "\\", $path );
if( strpos( $path, "cache\\" ) !== false )
{
if( chdir( $uroot ) )
{
// ETä 2.2.2010: varmuuden vuoksi disabloitu vielä toiseen kertaan
//exec( "rmdir /q ".$path );
}
}
*/
}
elseif( $clear_only_subs !== true )
{
@rmdir( $path );
}
}
}
function save( $no_input_functions = 0, $no_save_just_clear_cache = 0 )
{
##checks if the data is to be updated or inserted
$ret = false;
if( $this->isModified )
{
$ret = true;
$old_id = $this->id;
if( $no_save_just_clear_cache != 1 )
{
$old_props = "";
if( $this->classname == "AUIPage" && $old_id > 0 )
{
$tmp = new AUIPage( 1 );
if( $tmp->load( $old_id ) )
{
/*
## näitä ei käytetä vielä mihinkään
$this->old_parent_id = $tmp->parent_id;
$this->old_area_id = $tmp->area_id;
$this->old_lang_id = $tmp->lang_id;
$this->old_domain_id = $tmp->domain_id;
*/
$old_props = md5( $tmp->name."///".$tmp->parent_id."///".$tmp->lang_id."///".$tmp->area_id."///".$tmp->target."///".$tmp->domain_id."///".$tmp->ordernumber."///".$tmp->show_in_menus."///".$tmp->template_id."///".$tmp->code."///".$tmp->page_type_id."///".$tmp->owner_name."///".$tmp->mirror_page_id."///".$tmp->ilink_1."///".$tmp->ilink_2."///".$tmp->ilink_3."///".$tmp->no_cache."///".$tmp->active."///".$tmp->date_publish."///".$tmp->date_expire."///".$tmp->meta."///".$tmp->rights."///".$tmp->show_in_sitemap."///".$tmp->replacement_page_id."///".$tmp->library_id."///".$tmp->replacement_url );
}
unset( $tmp );
}
elseif( $this->classname == "AUIArea" && $old_id > 0 )
{
$tmp = new AUIArea( 1 );
if( $tmp->load( $old_id ) )
{
$old_props = md5( $tmp->name."///".$tmp->domain_id."///".$tmp->lang_id."///"."///".$tmp->ordernumber."///".$tmp->force_login."///".$tmp->show_in_main_menu."///".$tmp->code."///".$tmp->ilink_1."///".$tmp->ilink_2."///".$tmp->ilink_3."///".$tmp->show_in_sitemap."///".$tmp->active."///".$tmp->rights );
}
unset( $tmp );
}
$ret = ( $this->id > 0 ? $this->update( $no_input_functions ) : $this->insert( $no_input_functions ) );
}
if( ( $no_save_just_clear_cache == 1 || $ret ) && is_object( $this->module ) && $this->module->id > 0 && $this->conn_id )
{
$q = new QueryObject( $this->conn_id );
#######################################################################
## ETä 17.11.2008: selvitetään, ovatko taulut pystyssä, jotta cache toimisi
$cache_cleared_due_table_crash = false;
$q->query( "SELECT page_id FROM pagecache_page LIMIT 0,1" );
if( $q->numrows() < 1 )
{
$q->query( "INSERT INTO pagecache_page ( page_id, user_id ) VALUES ( 9999999999, 9999999999 )" );
$q->query( "SELECT page_id FROM pagecache_page LIMIT 0,1" );
if( $q->numrows() < 1 )
{
$q->query( "REPAIR TABLE pagecache_page" );
if( !$cache_cleared_due_table_crash )
{
$this->recursiveCacheRm( "../../cache/", true );
$cache_cleared_due_table_crash = true;
}
}
else
{
$q->query( "DELETE FROM pagecache_page WHERE page_id = 9999999999 AND user_id = 9999999999" );
}
}
$q->query( "SELECT module_id FROM pagecache_expire LIMIT 0,1" );
if( $q->numrows() < 1 )
{
$q->query( "INSERT INTO pagecache_expire ( module_id, date_expire ) VALUES ( 9999999999, 9999999999 )" );
$q->query( "SELECT module_id FROM pagecache_expire LIMIT 0,1" );
if( $q->numrows() < 1 )
{
$q->query( "REPAIR TABLE pagecache_expire" );
if( !$cache_cleared_due_table_crash )
{
$this->recursiveCacheRm( "../../cache/", true );
$cache_cleared_due_table_crash = true;
}
}
else
{
$q->query( "DELETE FROM pagecache_expire WHERE module_id = 9999999999 AND date_expire = 9999999999" );
}
}
unset( $cache_cleared_due_table_crash );
#######################################################################
if( ( !in_array( "active", $this->fields ) || $this->active == 1 ) && in_array( "date_publish", $this->fields ) && in_array( "date_expire", $this->fields ) && ( $this->date_publish > 0 || $this->date_expire > 0 ) )
{
$qdone = false;
if( $this->date_publish > 0 && substr( $this->date_publish, 0, 12 ) >= date( "YmdHi" ) )
{
$q->query( "INSERT INTO pagecache_expire ( module_id, date_expire ) VALUES ( ".$this->module->id.", ".substr( $this->date_publish."0000", 0, 14 )." )" );
$qdone = true;
}
if( $this->date_expire > 0 && substr( $this->date_expire, 0, 12 ) >= date( "YmdHi" ) )
{
$q->query( "INSERT INTO pagecache_expire ( module_id, date_expire ) VALUES ( ".$this->module->id.", ".substr( $this->date_expire."0000", 0, 14 )." )" );
$qdone = true;
}
if( $qdone )
{
$q->query( "OPTIMIZE TABLE pagecache_expire" );
}
unset( $qdone );
}
if( $this->classname == "AUINews" && $this->date_archive > 0 && substr( $this->date_archive, 0, 12 ) >= date( "YmdHi" ) )
{
$q->query( "INSERT INTO pagecache_expire ( module_id, date_expire ) VALUES ( ".$this->module->id.", ".substr( $this->date_archive."0000", 0, 14 )." )" );
}
$query_string = "";
if( $this->classname == "AUIPageData" )
{
if( $old_id < 1 )
{
$query_string = "SELECT page_id FROM pagecache_page WHERE page_id = ".$this->page_id." OR CONCAT( ',', page_ids, ',' ) LIKE( '%,".$this->page_id.",%' ) ORDER BY page_id ASC";
}
else
{
$query_string = "SELECT page_id FROM pagecache_page WHERE page_id = ".$this->page_id." OR CONCAT( ',', page_data_ids, ',' ) LIKE( '%,".$this->id.",%' ) ORDER BY page_id ASC";
}
}
elseif( $this->classname == "AUITemplate" && $old_id > 0 )
{
$query_string = "SELECT page_id FROM page WHERE template_id = ".$this->id." ORDER BY page_id ASC";
}
elseif( $this->classname == "AUIStyle" && $old_id > 0 )
{
$query_string = "SELECT DISTINCT page_id FROM page, templates, template_style_link ".
"WHERE page.template_id = templates.template_id ".
"AND template_style_link.template_id = templates.template_id ".
"AND template_style_link.style_id = ".$this->id." ".
"ORDER BY page_id ASC";
}
elseif( $this->classname == "AUIPage" )
{
if( $old_id < 1 && $this->active == 1 && $this->date_publish <= date( "YmdHi" ) && ( $this->date_expire < 1 || $this->date_expire > date( "YmdHi" ) ) )
{
$query_string = "SELECT page_id FROM pagecache_page ORDER BY page_id ASC";
}
elseif( $no_save_just_clear_cache == 1 || ( $old_id > 0 && $old_props != md5( $this->name."///".$this->parent_id."///".$this->lang_id."///".$this->area_id."///".$this->target."///".$this->domain_id."///".$this->ordernumber."///".$this->show_in_menus."///".$this->template_id."///".$this->code."///".$this->page_type_id."///".$this->owner_name."///".$this->mirror_page_id."///".$this->ilink_1."///".$this->ilink_2."///".$this->ilink_3."///".$this->no_cache."///".$this->active."///".$this->date_publish."///".$this->date_expire."///".$this->meta."///".$this->rights."///".$this->show_in_sitemap."///".$this->replacement_page_id."///".$this->library_id."///".$this->replacement_url ) ) )
{
if( $this->parent_id > 0 )
{
$query_string = "SELECT page_id FROM pagecache_page WHERE page_id = ".$this->id." OR page_id = ".$this->parent_id." OR CONCAT( ',', page_ids, ',' ) LIKE( '%,".$this->id.",%' ) OR CONCAT( ',', page_ids, ',' ) LIKE( '%,".$this->parent_id.",%' ) ORDER BY page_id ASC";
}
else
{
$query_string = "SELECT page_id FROM pagecache_page ORDER BY page_id ASC";
}
}
}
elseif( $this->classname == "AUIArea" )
{
if( $no_save_just_clear_cache == 1 || ( ( $old_id < 1 && $this->active == 1 && $this->date_publish <= date( "YmdHi" ) && ( $this->date_expire < 1 || $this->date_expire > date( "YmdHi" ) ) ) || ( $old_id > 0 && $old_props != md5( $this->name."///".$this->domain_id."///".$this->lang_id."///"."///".$this->ordernumber."///".$this->force_login."///".$this->show_in_main_menu."///".$this->code."///".$this->ilink_1."///".$this->ilink_2."///".$this->ilink_3."///".$this->show_in_sitemap."///".$this->active."///".$this->rights ) ) ) )
{
$query_string = "SELECT page_id FROM pagecache_page ORDER BY page_id ASC";
}
}
elseif( $this->module_id != MODULE_ID_PAGES )
{
$query_string = "SELECT page_id FROM pagecache_page WHERE CONCAT( ',', module_ids, ',' ) LIKE( '%,".$this->module->id.",%' ) ORDER BY page_id ASC";
}
if( trim( $query_string ) != "" )
{
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$q2 = new QueryObject( $this->conn_id );
while( $q->fetchrow() )
{
$pid = $q->field( "page_id" );
if( $pid > 0 )
{
$query_string = "DELETE FROM pagecache_page WHERE page_id = ".$pid;
$q2->query( $query_string );
if( is_dir( "../../cache/".$pid."/" ) )
{
$this->recursiveCacheRm( "../../cache/".$pid."/" );
}
}
unset( $pid );
}
unset( $q2 );
}
if( $this->classname == "AUIPage" && $this->id > 0 )
{
$this->recursiveCacheRm( "../../cache/".$this->id."/" );
}
elseif( $this->classname == "AUIPageData" && $this->page_id > 0 )
{
$this->recursiveCacheRm( "../../cache/".$this->page_id."/" );
}
}
unset( $q, $query_string );
}
unset( $old_id, $old_props );
return $ret;
}
}
function checkVal( $val = "" )
{
## --------------------------------------------------
## checks whether the value passed to an attribute is SQL-safe
if( is_array( $val ) )
{
foreach( $val AS $v )
{
$val = $v;
if( !is_array( $val ) )
{
break;
}
}
}
## ETä 21.4.2011: liasätty tarkastus, onko tarkastettava arvo stringi, jottei tule virheilmoja noista stringifunkkareista
if( !is_string( $val ) )
{
return true;
}
#ETä 8.11.2010: muutettu viksummaksi
#$val = strtolower( $val );
#if( !is_array( $val ) && strpos( "Q".$val, ";" ) != false && ( strpos( "Q".$val, "insert into " ) != false
#|| ( strpos( "Q".$val, "update " ) != false && strpos( "Q".$val, " set " ) != false )
#|| strpos( "Q".$val, "alter table " ) != false || strpos( "Q".$val, "drop table " ) != false
#|| strpos( "Q".$val, "drop column " ) != false || strpos( "Q".$val, "delete from " ) != false ) )
#{
# return false;
#}
$val = str_replace( " ", " ", strtolower( $val ) );
if( strpos( $val, ";" ) !== false )
{
$checks = array( "UPDATE +[a-zA-Z_ .]+ +SET", "DROP +DATABASE ", "DROP +TABLE ", "DROP +COLUMN ", "DELETE +FROM ", "ALTER +TABLE ", "INSERT +INTO " );
foreach( $checks AS $check )
{
if( preg_match( "/".$check."/im", $val ) )
{
return false;
}
}
unset( $checks, $check );
}
return true;
}
function escapeHyphens( $val = "" )
{
if( strpos( "Q".$val, "'" ) != false && strpos( "Q".$val, "\'" ) == false )
{
$val = str_replace( "'", "\'", $val );
}
return $val;
}
function getIntersectionOfArrays( $a1 = -1, $a2 = -1 )
{
## --------------------------------------------------
## this returns the intersection of two arrays in the order set by the first array (a1)
## both arrays MUST have INT keys starting from 0
$arr = array();
if( is_array( $a1 ) && is_array( $a2 ) )
{
for( $i = 0; $i < count( $a1 ); $i++ )
{
if( in_array( $a1[ $i ], $a2 ) )
{
$arr[ count( $arr ) ] = $a1[ $i ];
}
}
}
return $arr;
}
function getUGSString( $type = "" )
{
$ret = "";
if( ( $type == "cui" || $type == "aui" || trim( $type ) == "" ) && $this->id > 0 && trim( $this->classname ) != "" )
{
if( trim( $this->rights ) != "" )
{
$ret = str_replace( ",", ";", str_replace( ":", "&", $this->rights ) );
}
else
{
$q = new QueryObject( $this->conn_id );
$query_string = "SELECT user_id, group_id, ldap_user_key, ldap_group_key, roles FROM data_rights ".
"WHERE classname = '".str_replace( "AUI", "", $this->classname )."' ".
"AND data_id = ".$this->id.
( $type == "cui" ? " AND roles = ".ROLE_CUI : "" ).
( $type == "aui" ? " AND roles > ".ROLE_CUI." AND roles != ".ROLE_CUIEDIT." AND roles != ".( ROLE_CUI + ROLE_CUIEDIT ) : "" );
$q->query( $query_string );
if( $q->numrows() > 0 )
{
while( $q->fetchrow() )
{
if( $q->field( "group_id" ) > 0 )
{
$ret .= "g".$q->field( "group_id" )."&".$q->field( "roles" ).";";
}
if( $q->field( "user_id" ) > 0 )
{
$ret .= "g".$q->field( "user_id" )."&".$q->field( "roles" ).";";
}
if( trim( $q->field( "ldap_group_key" ) ) != "" )
{
$ret .= "g".$q->field( "ldap_group_key" )."&".$q->field( "roles" ).";";
}
if( trim( $q->field( "ldap_user_key" ) ) != "" )
{
$ret .= "g".$q->field( "ldap_user_key" )."&".$q->field( "roles" ).";";
}
}
}
unset( $q );
}
}
return $ret;
}
/**
* Returns the group ids which have
* access rights for this object.
*/
function getGroupIds( $is_aui = 0 )
{
$arr = array();
if( $this->id > 0 )
{
$use_ldap = false;
if( $is_aui == 0 && $this->classname != "User" && $this->classname != "AUIUser" )
{
$mod = new Module();
if( $mod->load( MODULE_ID_USERS ) )
{
if( $this->resolveLDAPEnabled() )
{
$use_ldap = true;
}
}
unset( $mod );
}
if( trim( $this->rights ) != "" )
{
$p = explode( ",", $this->rights );
if( is_array( $p ) && count( $p ) > 0 )
{
foreach( $p AS $pp )
{
if( trim( $pp ) != "" && substr( $pp, 0, 1 ) == "g" && strrpos( $pp, ":" ) != false )
{
$r = intval( substr( $pp, strpos( $pp, ":" ) + 1, 10000 ) );
if( $r > 0 && ( ( $is_aui == 1 && $r > ROLE_CUI && $r != ROLE_CUIEDIT && $r != ROLE_CUI + ROLE_CUIEDIT ) || ( $is_aui != 1 && $r & ROLE_CUI ) ) )
{
$arr[] = ( $use_ldap ? substr( $pp, 1, strrpos( $pp, ":" ) - 1 ) : intval( substr( $pp, 1, strrpos( $pp, ":" ) - 1 ) ) );
}
unset( $r );
}
}
unset( $pp );
}
unset( $p );
}
else
{
$q = new QueryObject( $this->conn_id );
if( $use_ldap )
{
$query_string = "SELECT data_rights.ldap_group_key FROM data_rights ".
"WHERE data_id = ".$this->id." ".
"AND classname LIKE( '".str_replace( "AUI", "", $this->classname )."' ) ".
"AND module_id IN( -1".( ( is_object( $this->module ) ) ? ", ".$this->module->id : "" )." ) ".
"AND domain_id IN( -1".( ( trim( $this->domain_id ) != "" ) ? ", ".$this->domain_id : "" )." ) ".
"AND roles ".( ( $is_aui == 0 ) ? "& 1" : "> 1" ); // $is_aui == 0 -> "= 1" ENNEN 9.8.2005
}
else
{
$query_string = "SELECT groups.group_id FROM groups, data_rights ".
"WHERE groups.group_id = data_rights.group_id ".
( ( $is_aui == 1 ) ? "AND groups.is_aui = 1 " : "" ).
"AND data_rights.data_id = ".$this->id." ".
"AND data_rights.classname LIKE( '".str_replace( "AUI", "", $this->classname )."' ) ".
"AND data_rights.module_id IN( -1".( ( is_object( $this->module ) ) ? ", ".$this->module->id : "" )." ) ".
"AND data_rights.domain_id IN( -1".( ( trim( $this->domain_id ) != "" ) ? ", ".$this->domain_id : "" )." ) ".
"AND data_rights.roles ".( ( $is_aui == 0 ) ? "& 1" : "> 1" ); // $is_aui == 0 -> "= 1" ENNEN 9.8.2005
}
$q->query( $query_string );
if( $q->numrows() > 0 )
{
while( $q->fetchrow() )
{
$arr[] = ( $use_ldap ? $q->field( "ldap_group_key" ) : $q->field( "group_id" ) );
}
}
unset( $q );
}
}
return $arr;
}
/**
* Returns the user ids which have
* access rights for this object.
*/
function getUserIds( $is_aui = 0 )
{
global $WSM_aui;
$arr = array();
if( $this->id > 0 )
{
if( trim( $this->rights ) != "" )
{
$p = explode( ",", $this->rights );
if( is_array( $p ) && count( $p ) > 0 )
{
$use_ldap = false;
if( is_object( $this->user->module ) && !is_object( $WSM_aui ) )
{
if( $this->resolveLDAPEnabled() )
{
$use_ldap = true;
}
}
foreach( $p AS $pp )
{
if( trim( $pp ) != "" && substr( $pp, 0, 1 ) == "u" && strrpos( $pp, ":" ) != false )
{
# ETä 10.6.2010: korjattu viallinen skripta
# $arr[] = ( $use_ldap ? substr( $pp, strrpos( $pp, ":" ) + 1, strlen( $pp ) ) : intval( substr( $pp, strrpos( $pp, ":" ) + 1, strlen( $pp ) ) ) );
$arr[] = ( $use_ldap ? substr( $pp, 1, strrpos( $pp, ":" ) - 1 ) : intval( substr( $pp, 1, strrpos( $pp, ":" ) - 1 ) ) );
}
}
unset( $pp, $use_ldap );
}
unset( $p );
}
else
{
$q = new QueryObject( $this->conn_id );
$query_string = "SELECT user_id FROM data_rights ".
"WHERE data_id = ".$this->id." ".
"AND classname LIKE( '".str_replace( "AUI", "", $this->classname )."' ) ".
"AND module_id IN( -1".( ( is_object( $this->module ) ) ? ", ".$this->module->id : "" )." ) ".
"AND domain_id IN( -1".( ( trim( $this->domain_id ) != "" ) ? ", ".$this->domain_id : "" )." ) ".
"AND roles ".( ( $is_aui == 0 ) ? "& 1" : "> 1" ); // $is_aui == 0 -> "= 1" ENNEN 9.8.2005
if( is_object( $this->user->module ) && !is_object( $WSM_aui ) )
{
if( $this->resolveLDAPEnabled() )
{
$query_string .= " AND user_id > 0";
}
}
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$i = 0;
while( $q->fetchrow() )
{
$arr[ $i++ ] = $q->field( "user_id" );
}
unset( $i );
}
unset( $q );
}
}
return $arr;
}
function getCUIEditableIds( $classname = "", $domain_id = -1 )
{
$ret = array();
if( trim( $classname ) != "" && $this->user->id > 0 )
{
if( !is_array( $this->cui_editor_ids ) )
{
$this->cui_editor_ids = array();
}
if( !is_array( $this->cui_editor_ids[ $classname ] ) )
{
$this->cui_editor_ids[ $classname ] = array();
$q = new QueryObject( $this->conn_id );
$gps = $this->user->getGroupIds();
if( !is_array( $gps ) || @count( $gps ) < 1 )
{
$gps = array();
$gps[] = -2;
}
$query_string = "SELECT DISTINCT data_id FROM data_rights ".
"WHERE ".( $domain_id > 0 ? "domain_id = ".$domain_id." AND " : "" ).
"classname IN( 'AUI".$classname."', '".$classname."' ) ".
"AND ( user_id = ".$this->user->id." OR group_id IN( ".implode( ", ", $gps )." ) ) ".
"AND roles & ".ROLE_CUIEDIT;
unset( $gps );
$q->query( $query_string );
if( $q->numrows() > 0 )
{
while( $q->fetchrow() )
{
$this->cui_editor_ids[ $classname ][] = $q->field( "data_id" );
}
}
unset( $q );
}
$ret = $this->cui_editor_ids[ $classname ];
}
return $ret;
}
}
function escapeHyphens( $val = "" )
{
$t = rawurlencode( $val );
$t = str_replace( "%22", """, $t );
$t = str_replace( "%92", "", $t );
$t = str_replace( "%B4", "´", $t );
$t = str_replace( "%27", "'", $t );
$val = rawurldecode( $t );
return $val;
}
function unescapeHyphens( $val = "" )
{
$t = str_replace( """, "%22", $val );
$t = str_replace( "", "%92", $t );
$t = str_replace( "´", "%B4", $t );
$t = str_replace( "'", "%27", $t );
$val = rawurldecode( $t );
return $val;
}
function checkEmailFormatAndDomain($email)
{
## ETä 6.4.2011: korjailin tästä taas erinäisiä ongelmia, kuten formaatin tarkastusta
## ETä 6.4.2011: poistin tämän järjettömän eregi-testin, joka ei koskaan toteudu
#if(eregi("^[a-zA-Z0-9_]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$]", $email))
#{
# return false;
#}
list($Username, $Domain) = split("@",$email);
$MXHost = array();
## ETä 5.12.2008: added check for function, since it does not exists on windows platform
if( function_exists( "getmxrr" ) && getmxrr($Domain, $MXHost))
{
return true;
}
else
{
global $_SERVER;
if( $_SERVER[ "HTTP_HOST" ] == "atk" )
{
return true;
}
else
{
## ETä 2.3.2009: muutin tätä systeemiä, kun joillakin palvelimilla ei tietenkään sallita portista 25 ihan mihin tahansa domainiin... (mailit eivät siis koskaan lähteneet, kun domainiin ei saatu yhteyttä)
@fsockopen( $Domain, 25, $errno, $errstr, 5 ); //ETä 6.4.2011: pudotin aikarajat 10 sekunnista 5 sekuntiin
if( trim( $errstr ) == "" || $errno == 0 || $errno == 110 ) //ETä 6.4.2011: lisäsin errno=110:n jotta "connection timed out":kin päästettäisiin läpi
{
return true;
}
## ETä 12.5.2009: testataan vielä porteista 80/443, olisko domain olemassa, mutta vaan portissa 80
## tällä tavalla saadaan vahvistus, että domaini on kuitenkin ihan aito
@fsockopen( $Domain, 80, $errno, $errstr, 5 ); //ETä 6.4.2011: pudotin aikarajat 10 sekunnista 5 sekuntiin
if( trim( $errstr ) == "" || $errno == 0 || $errno == 110 ) //ETä 6.4.2011: lisäsin errno=110:n jotta "connection timed out":kin päästettäisiin läpi
{
return true;
}
@fsockopen( $Domain, 443, $errno, $errstr, 5 ); //ETä 6.4.2011: pudotin aikarajat 10 sekunnista 5 sekuntiin
if( trim( $errstr ) == "" || $errno == 0 || $errno == 110 ) //ETä 6.4.2011: lisäsin errno=110:n jotta "connection timed out":kin päästettäisiin läpi
{
return true;
}
}
}
return false;
}
// DEBUGGING PURPOSES
function getmicrotime()
{
list( $usec, $sec ) = explode( " ", microtime() );
return ( ( float ) $usec + ( float ) $sec );
}
function hexcharstodec( $str = "" )
{
$ret = "";
$str = trim( hexdec( $str ) );
if( $str > 0 )
{
$ret = "".$str.";";
}
return $ret;
}
?>
global $VJ_loaded_modules;
class Module extends Classbase
{
var $conn_id; ## POINTER
var $user; ## OBJECT
var $classname; ## STRING
var $adminstate; ## INT BOOLEAN
var $fields; ## ARRAY of STRINGS
var $defaults; ## ARRAY of STRINGS
var $functions_out; ## ARRAY of STRINGS
function Module()
{
global $WSM_user;
$this->conn_id = WSM_CONN;
$this->user =& $WSM_user;
$this->classname = "Module";
$this->adminstate = 0;
$this->fields = array( "name", "version", "passkey", "aui_path", "cui_path", "history_length", "undo_length", "usage_log_length", "module_overrides", "notes", "role_definitions", "ordernumber" );
$this->defaults = array( "", "", "", "", "", 0, 0, 0, "", "", "ROLE_CUI:1,ROLE_VIEWER:2,ROLE_EDITOR:4,ROLE_PUBLISHER:8,ROLE_DELETOR:16,ROLE_CREATOR:32", 0 );
$this->functions_out = array();
$this->sourceid = "module_id";
$this->sourcetable = "module";
$this->doDefaults();
$this->roles = array();
}
function load( $id = -1 )
{
if( true ) // muuta tämä falseksi, jos haluat, että moduli ladataan kannasta jokaisella kerralla (hitaampi, mutta vanha ja varma tapa)
{
global $VJ_loaded_modules;
if( $this->adminstate != 1 && is_numeric( $id ) && $id > 0 && is_array( $VJ_loaded_modules ) && is_array( $VJ_loaded_modules[ $id ] ) )
{
if( $this->id > 0 )
{
$this->doDefaults();
}
foreach( $this->fields AS $f )
{
$this->$f = $VJ_loaded_modules[ $id ][ $f ];
}
unset( $f );
$this->id = $id;
$this->roles = array();
if( is_array( $VJ_loaded_modules[ $id ][ "roles" ] ) && $VJ_loaded_modules[ $id ][ "lang_id" ] == $this->user->lang_id )
{
$this->roles = $VJ_loaded_modules[ $id ][ "roles" ];
}
$VJ_loaded_modules[ $id ][ "lang_id" ] = $this->user->lang_id;
$this->status_message = "loaded";
$this->isModified = false;
$ret = true;
unset( $this->module_properties, $this->old_domain_id, $this->domain_ids, $this->defined_roles, $this->data_history );
}
else
{
//FIXME: $override_cui_editor doesn't exist here, Classbase->load gets passed a null value instead of default value -JPo
if(!isset($override_cui_editor)) { $override_cui_editor = null; }
$ret = parent::load( $id , $override_cui_editor );
if( $ret && $this->adminstate != 1 )
{
if( !is_array( $VJ_loaded_modules ) )
{
$VJ_loaded_modules = array();
}
if( !is_array( $VJ_loaded_modules[ $id ] ) )
{
$VJ_loaded_modules[ $id ] = array();
$VJ_loaded_modules[ $id ][ "lang_id" ] = $this->user->lang_id;
}
foreach( $this->fields AS $f )
{
$VJ_loaded_modules[ $id ][ $f ] = $this->$f;
}
unset( $f );
}
}
}
else
{
$ret = parent::load( $id );//, $override_cui_editor );
}
if( $ret && $id != MODULE_ID_PAGES )
{
if( !is_array( $this->user->loaded_vaj_module_ids ) )
{
$this->user->loaded_vaj_module_ids = array();
}
if( !in_array( $id, $this->user->loaded_vaj_module_ids ) )
{
$this->user->loaded_vaj_module_ids[] = $id;
}
}
if( $ret && ( !is_array( $this->roles ) || count( $this->roles ) < 1 ) )
{
$this->roles = array();
if( trim( $this->role_definitions ) != "" )
{
$temp = str_replace( "\n", "", $this->role_definitions );
$temp = explode( ";", $temp );
foreach( $temp AS $t )
{
if( strpos( $t, ":" ) != false )
{
$a = array();
$temp2 = explode( ":", $t );
$temp3 = explode( ",", $temp2[ 1 ] );
$a[ "constant" ] = $temp2[ 0 ];
$a[ "bitvalue" ] = $temp3[ 0 ];
$a[ "name" ] = $temp3[ ( ( $this->user->lang_id == 2 ) ? 2 : 1 ) ];
$this->roles[] = $a;
unset( $temp2, $temp3, $a );
}
}
unset( $temp, $t );
}
if( $id > 0 && is_array( $VJ_loaded_modules ) && is_array( $VJ_loaded_modules[ $id ] ) )
{
$VJ_loaded_modules[ $id ][ "roles" ] = $this->roles;
}
}
return $ret;
}
function getModulePropertyValArray( $domain_id = -1, $var = "", $return_default = "" )
{
$ret = array();
$props = $this->getModuleProperties( $domain_id );
for( $i = 0; $i < count( $props ); $i++ )
{
if( $props[ $i ][ "var" ] == $var )
{
$ret[] = $props[ $i ][ "val" ];
}
}
if( count( $ret ) == 0 && trim( $return_default ) != "" )
{
$ret[] = $return_default;
}
return $ret;
}
## -----------------------------------------------------------------------
## Tällä funktiolla haetaan modulin ohiasetuksen arvo.
## $domain_id: jos -1, haetaan vain modulin domain-riippumattomista overrideistä; jos > 0 haetaan myös domain-riippuvista overrideistä
## $var: haettava avain (STRING)
## $return_default: oletuksena palautettava arvo, mikä avainta ei löydetä (STRING)
## palauttaa avaimen $var arvon
function getModulePropertyVal( $domain_id = -1, $var = "", $return_default = "" )
{
$props = $this->getModuleProperties( $domain_id );
for( $i = 0; $i < count( $props ); $i++ )
{
if( $props[ $i ][ "var" ] == $var )
{
return $props[ $i ][ "val" ];
}
}
if( trim( $return_default ) != "" )
{
return $return_default;
}
return "";
}
## -----------------------------------------------------------------------
## Tällä funktiolla tsegataan onko jollakin modulin ohiasetuksella jokin tietty arvo.
## $domain_id: jos -1, haetaan vain modulin domain-riippumattomista overrideistä; jos > 0 haetaan myös domain-riippuvista overrideistä
## $var: haettava avain (STRING)
## $val: tsegattavan avaimen arvo (STRING)
## $override_super: ÄLÄ KÄYTÄ! (INT)
## $skip_cui_mode_check: annetaan loppupeleissä class_domainin load funktiolle (0|1)
## palauttaa true/false sen mukaan löytyykö täsmälleen sopiva avain-arvo-pari
function checkModuleProperty( $domain_id = -1, $var = "x", $val = "", $override_super = 0, $skip_cui_mode_check = 0)
{
if( $this->user->is_super == 1 && $override_super == 1 )
{
return false;
}
$ret = false;
$props = $this->getModuleProperties( $domain_id, $skip_cui_mode_check );
if( $var != "x" )
{
for( $i = 0; $i < count( $props ); $i++ )
{
if( $props[ $i ][ "var" ] == $var && $props[ $i ][ "val" ] == $val )
{
$ret = true;
break;
}
}
}
return $ret;
}
function getModuleProperties( $domain_id = -1, $skip_cui_mode_check = 0)
{
if( !is_array( $this->module_properties ) || $domain_id != $this->old_domain_id )
{
$this->old_domain_id = $domain_id;
unset( $this->module_properties );
$this->module_properties = array();
$p = 0;
$lines = array();
$lines = explode( "\n", $this->module_overrides );
for( $i = 0; $i < count( $lines ); $i++ )
{
$lines[ $i ] = trim( $lines[ $i ] );
if( substr( $lines[ $i ], 0, 1 ) != "#" && substr( $lines[ $i ], 0, 2 ) != "//" )
{
if( strpos( $lines[ $i ], " " ) != false )
{
$this->module_properties[ $p ][ "var" ] = trim( substr( $lines[ $i ], 0, strpos( $lines[ $i ], " " ) ) );
$this->module_properties[ $p ][ "val" ] = trim( substr( $lines[ $i ], strpos( $lines[ $i ], " " ), 1000000 ) );
$p++;
}
elseif( $lines[ $i ] != "" )
{
$this->module_properties[ $p ][ "var" ] = trim( $lines[ $i ] );
$this->module_properties[ $p ][ "val" ] = "";
$p++;
}
}
}
if( $domain_id > 0 )
{
$tmp = $this->loadModuleDomainProperties( $domain_id, $skip_cui_mode_check );
$lines = array();
$lines = explode( "\n", $tmp->overrides );
unset( $tmp );
for( $i = 0; $i < count( $lines ); $i++ )
{
$lines[ $i ] = trim( $lines[ $i ] );
if( substr( $lines[ $i ], 0, 1 ) != "#" && substr( $lines[ $i ], 0, 2 ) != "//" )
{
if( strpos( $lines[ $i ], " " ) != false )
{
$was = false;
if( !$was )
{
$this->module_properties[ $p ][ "var" ] = trim( substr( $lines[ $i ], 0, strpos( $lines[ $i ], " " ) ) );
$this->module_properties[ $p ][ "val" ] = trim( substr( $lines[ $i ], strpos( $lines[ $i ], " " ), 1000000 ) );
$p++;
}
}
elseif( $lines[ $i ] != "" )
{
$was = false;
if( !$was )
{
$this->module_properties[ $p ][ "var" ] = trim( $lines[ $i ] );
$this->module_properties[ $p ][ "val" ] = "";
$p++;
}
}
}
}
}
unset( $lines );
}
return $this->module_properties;
}
function loadModuleDomainProperties( $domain_id = -1, $skip_cui_mode_check = 0, $debud=0)
{
$obj = new Domain();
if( $obj->load( $domain_id, $skip_cui_mode_check, 1 ) )
{
if( ( $tmp = $obj->getModulePropertiesForDomain( $this->id ) ) != false )
{
unset( $obj );
return $tmp;
}
}
unset( $obj );
return false;
}
function getDomainIds()
{
if( !is_array( $this->domain_ids ) )
{
$this->domain_ids = array();
if( $this->id > 0 )
{
$q = new QueryObject( $this->conn_id );
$query_string = "SELECT domain.domain_id FROM module_domain_link, domain ".
"WHERE module_domain_link.domain_id = domain.domain_id ".
"AND domain.active = 1 ".
"AND domain.date_publish <= ".date( "YmdHi" )." ".
"AND ( domain.date_expire < 1 OR domain.date_expire > ".date( "YmdHi" )." ) ".
"AND module_domain_link.active = 1 ".
"AND module_domain_link.date_publish <= ".date( "YmdHi" )." ".
"AND ( module_domain_link.date_expire < 1 OR module_domain_link.date_expire > ".date( "YmdHi" )." ) ".
"AND module_domain_link.module_id = ".$this->id;
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$i = 0;
while( $q->fetchrow() )
{
$this->domain_ids[ $i++ ] = $q->field( "domain_id" );
}
unset( $i );
}
unset( $q );
}
}
return $this->domain_ids;
}
function hasRoleDefined( $role = 0 )
{
$ret = false;
if( $role > 0 && $this->id > 0 )
{
if( !is_array( $this->defined_roles ) )
{
$this->defined_roles = array();
$q = new QueryObject( $this->conn_id );
$query_string = "SELECT role_definitions FROM module ".
"WHERE module_id = ".$this->id;
$q->query( $query_string );
if( $q->numrows() > 0 )
{
$temp = $q->field( "role_definitions" );
$tp = explode( ";", $temp );
foreach( $tp AS $t )
{
if( strpos( $t, ":" ) != false )
{
$check = trim( substr( $t, 0, strpos( $t, ":" ) ) );
if( defined( $check ) )
{
$this->defined_roles[] = constant( $check );
}
unset( $check );
}
}
unset( $temp, $tp, $t );
}
unset( $q );
}
if( in_array( $role, $this->defined_roles ) )
{
$ret = true;
}
}
return $ret;
}
}
?>