reset_password test
[mirrors/Kyberia-bloodline.git] / wwwroot / backend / mysql / backend.inc
... / ...
CommitLineData
1<?php
2class nodes {
3// All mysql code should go here
4// Split into multiple files if needed
5
6public static function processContent($node_content) { return processContent_hack($node_content); } //XXX TODO FIXME HACK
7
8// Called for every node view. Updates node views, neurons,
9public static function update_nodes($user_id,$node_id,$referer_id) {
10 global $node,$db,$error;
11 $db->update("update nodes set node_views=node_views+1 where".
12 "node_id='".$node_id."'");
13 if (is_numeric($referer_id) && ($referer_id)) {
14 $q="update neurons set synapse=synapse+1 where ".
15 "dst='".$node_id."' and src='$referer_id'";
16 $result=$db->update($q);
17 if (!$result) {
18 $q="insert into neurons set synapse_creator='".
19 $user_id."',dst='".$node_id.
20 "',src='$referer_id',synapse=1";
21 $db->query($q);
22 }
23 }
24
25 // LEVENSHTEIN
26
27 // these 4 lines are not the source of kyberia lagging problems.
28 // leave them. started on the 10.4.
29 // data gained will be used for scientific purposes
30 if ($user_id) {
31 $q="insert delayed into levenshtein set user_id='".
32 $user_id."',node_id='".$node_id."'";
33 $db->update($q);
34 }
35}
36
37
38public static function putNode($what,$where,$checkpermissions=true) {
39 global $db,$error,$error_messages;
40 $user_id = $_SESSION['user_id'];
41 if (!$user_id) {
42 $user_id=UBIK_ID;
43 }
44 if (!is_numeric($what) || !is_numeric($where)) {
45 $error=$error_messages['NUMERIC_NOT_NUMERIC'];
46 }
47
48 $nodeshell = nodes::getNodeById($where,$user_id);
49 $nodeshell_vector = $nodeshell['node_vector'];
50
51 if ($checkpermissions) {
52 $nodeshell_permissions = permissions::checkPerms($nodeshell);
53 if (!$nodeshell_permissions['w']) {
54 $error = $error_messages['WRITE_PERMISSION_ERROR'];
55 return false;
56 }
57 }
58
59 $dst_vector = $nodeshell_vector.str_pad($chosen,VECTOR_CHARS,0,STR_PAD_LEFT);
60 $q = "update neurons set synapse_created=NOW(),link='hard',synapse=synapse+1, dst_vector='$dst_vector' where src='$what' and dst='$where'";
61 $result=$db->update($q);
62
63 if (!$result) $db->query("insert into neurons set synapse_creator='$user_id',synapse_created=NOW(), src='$what',dst='$where',dst_vector='$dst_vector',link='hard',synapse=1");
64 $db->query("update nodes set lastdescendant_created=NOW(),node_children_count=node_children_count+1 where node_id='$where'");
65}
66
67public static function addNode($params) {
68 global $db,$node,$error,$error_messages;
69 $parent_id=$params['node_parent'];
70
71 if ($params['flag']=='registration') $params['node_creator']=UBIK_ID;
72
73 if (!is_numeric($parent_id)) {
74 $parent_id=$node['node_id'];
75 }
76
77 $parent_permissions=permissions::checkPerms($parent_id);
78
79 if (!$parent_permissions['w']) {
80 $error=$error_messages['WRITE_PERMISSION_ERROR'];
81 logger::log('add','error','WRITE_PERMISSION_ERROR');
82 return false;
83 }
84
85
86 $kset=$db->query("select user_k from users where user_id='$params[node_creator]'");
87 $kset->next();
88 $user_k=$kset->getString('user_k');
89
90 if (!$user_k && $params['node_creator']!=UBIK_ID) {
91 $error=$error_messages['K_SPENT'];
92 }
93
94
95
96 $set=$db->query("select node_vector,node_children_count from nodes where node_id='$parent_id'");
97 $set->next();
98 $parent_vector=$set->getString('node_vector');
99
100 if ($set->getInt('node_children_count')>MAX_CHILDREN) {
101 $error=$error_messages['MAX_CHILDREN'];
102 return false;
103 }
104
105 //working with external links
106 $external_link=$params['external_link'];
107
108 $template_id=$params['template_id'];
109 if (!is_numeric($template_id)) $template_id=DEFAULT_TEMPLATE_ID;
110
111 if(!isset($params['node_system_access'])) $params['node_system_access'] = $node['node_system_access'];
112 if(!isset($params['node_external_access'])) $params['node_external_access'] = $node['node_external_access'];
113
114 $q="insert into nodes set
115node_name='".$params['node_name']."',
116node_external_access='".$params['node_external_access']."',
117node_system_access='".$params['node_system_access']."',
118node_creator='".$params['node_creator']."',
119template_id='".$template_id."',
120external_link='".$external_link."',
121node_parent='".$parent_id."',
122node_views=0,node_created=NOW(),
123node_content='".$params['node_content']."',
124node_vector='".$params['node_vector']."'";
125 $db->query("start transaction");
126 $db->query($q);
127 $id=$db->getLastInsertId();
128
129//node_content MyIsam only for FULLTEXT !!!
130// $db->query("insert into node_content set node_id='$id',node_content='".$params['node_content']."'");
131
132 $new_id=str_pad($id,VECTOR_CHARS,"0",STR_PAD_LEFT);
133 $new_vector=trim($parent_vector,"z").$new_id;
134
135 if ($params['flag']=='registration') $db->query("update nodes set node_system_access='public',node_external_access='yes',node_creator=$id where node_id=$id");
136
137 $db->query("update nodes set node_vector='$new_vector' where node_id='$id'");
138 $db->query("update nodes set node_children_count=node_children_count+1 where node_id='$parent_id'");
139
140 $node_vector=trim(chunk_split($new_vector,VECTOR_CHARS,';'),';');
141
142 $ancestors=explode(";",$node_vector);
143 foreach($ancestors as $key => $ancestor_id) {
144 if ($key) {
145 $ancestor_id=ltrim($ancestor_id,'0');
146 $db->query("update nodes set node_descendant_count=node_descendant_count+1,lastdescendant_created=NOW() where node_id='$ancestor_id'");
147 }
148 }
149 $db->query("update node_access set node_user_subchild_count=node_user_subchild_count+1 where node_id='$parent_id'");
150 --$user_k;
151 $db->query("update users set user_k='$user_k' where user_id='$params[node_creator]'");
152 $db->query("commit");
153 logger::log('add','ok',$id);
154
155 if ($_POST['code']) {
156 $params['node_creator']=UBIK_ID;
157 $params['node_parent']=WARNING_ZONE;
158 $params['node_name']="node $id added with code_parameter";
159 $params['node_content']="node <a href='/id/$id'>$id</a> added with code_parameter";
160 unset($_POST['code']);
161 nodes::addNode($params);
162 }
163
164 return $id;
165}
166
167
168public static function getUserByLogin($login) {
169 global $error, $error_messages;
170 $q2="select user_id from users where login='".$login."'";
171 $userset=$db->query($q2);
172 $userset->next();
173 $id=$userset->getString('user_id');
174 if (is_numeric($id)) return $id;
175 else {
176 $error = $error_messages['USER_NOT_FOUND'];
177 return false;
178 }
179}
180
181public static function getNodeIdByName($name, $external_link=false) {
182 global $db;
183
184 $qh = sprintf('select node_id from nodes where node_name = "%s"', db_escape_string($name));
185 if ($external_link)
186 $qh .= sprintf(' and external_link="%s"', db_escape_string($external_link));
187
188 $set = $db->query($qh);
189 $set->next();
190 return $set->getString('node_id');
191}
192
193public static function getNodeById($node_handle,$user_id, $table_name="nodes") {
194 global $db, $error;
195 $q="select length(concat($table_name.node_vector)) as
196vector_depth,$table_name.*,$table_name.node_creator as
197node_owner_id,creator.node_name as owner,node_access.*,$table_name.node_id as
198node_id,node_parent.node_name as node_parent_name
199from $table_name left join $table_name as creator on creator.node_id=$table_name.node_creator
200left join $table_name as node_parent on $table_name.node_parent=node_parent.node_id
201left join node_access on (node_access.node_id='$node_handle' and node_access.user_id='$user_id')
202where $table_name.node_id='$node_handle'";
203
204 $result=$db->query($q);
205 if (!$result->next()) {
206 return false;
207 }
208 else {
209 $node=addBase36id($result->getRecord());
210 $node['node_vector']=trim($node['node_vector'],"z");
211 $ancestors=str_split($node['node_vector'],VECTOR_CHARS);
212 foreach ($ancestors as $ancestor) {
213 $node['ancestors'][]=array("name"=>"","link"=>ltrim($ancestor,"0"));
214 }
215 }
216 transport_process_node($node);
217 return $node;
218
219}
220
221
222public static function redirByName($node_handle) {
223 global $db, $error;
224 $user_id=$_SESSION['user_id'];
225 $set=$db->query("select node_id from nodes where node_name='$node_handle' and node_creator='$user_id'");
226 if ($set->next()) {
227 $node_id=$set->getString('node_id');
228 if (!empty($node_id)) {
229 return nodes::getNodeById($node_id,$_SESSION['user_id']);
230 }
231
232 }
233 $set=$db->query("select node_id from nodes where node_name='$node_handle' ");
234 $set->next();
235 $node_id=$set->getString('node_id');
236 if (!empty($node_id)) {
237 return nodes::getNodeById($node_id,$_SESSION['user_id']);
238 }
239
240}
241
242public static function getNodesByName($node_handle) {
243 global $db, $error;
244 $q="select nodes.* from nodes where node_name='$node_handle%'";
245
246 $result=$db->query($q);
247
248 while ($result->next()){
249 $record[]=addBase36id($result->getRecord());
250 }
251 return $record;
252
253}
254
255
256
257public static function getChildrenNodes($orderby="desc",$offset=0,$limit=DEFAULT_LISTING_AMOUNT) {
258 global $db, $error, $node;
259 $node_handle=$node['node_id'];
260
261 $q="select users.*,nodes.* from nodes
262left join users on users.user_id=nodes.node_creator where
263node_parent='$node_handle' order by node_created $orderby LIMIT $offset,$limit";
264 #echo $q;
265 $result=$db->query($q);
266
267 while ($result->next()) {
268 $array[]=addBase36id($result->getRecord());
269 }
270
271 return $array;
272
273}
274
275
276public static function GetUserSubmissionsChildren($user_id,$limit=23,$offset=0,$orderby='') {
277 global $db;
278
279 if (!is_numeric($user_id)) {
280 return -1;
281 }
282 if (!is_numeric($limit)) {
283 return -1;
284 }
285 if (!is_numeric($offset)) {
286 return -1;
287 }
288
289 // XXX orderby mysql escape
290
291 $q = "select child.*, users.login as login, parent.node_name as parent_name from nodes as child join
292 (select node_id,node_name,node_creator from nodes where node_creator='$user_id')
293 as parent on child.node_parent=parent.node_id and child.node_creator <> '$user_id'
294 join users as users on users.user_id=child.node_creator order by node_created desc
295 $orderby LIMIT $offset,$limit";
296
297 #echo $q;
298 $result=$db->query($q);
299
300 while ($result->next()) {
301 $array[]=addBase36id($result->getRecord());
302 }
303
304 return $array;
305}
306
307public static function getThreadedChildrenNodes($orderby="desc",$offset=0,$limit=DEFAULT_LISTING_AMOUNT) {
308 global $db, $error, $node;
309 $node_handle=$node['node_id'];
310
311 $q="select length(node_vector) as depth,users.login,nodes.* from nodes left join users on users.user_id=nodes.node_creator where node_vector like '".$node['node_vector'].";".$node['node_id']."%' and node_type=3 order by concat(node_vector,';',nodes.node_id,';z') desc,depth LIMIT $offset,$limit";
312
313 $result=$db->query($q);
314
315 while ($result->next()) {
316 $children_array[]=addBase36id($result->getRecord());
317 }
318
319 return $children_array;
320
321}
322
323
324
325public static function getNodeAccessData() {
326 global $node,$db;
327 $q="select users.login,node_access.* from node_access left join users on users.user_id=node_access.user_id where node_id='".$node['node_id']."' and node_permission!=''";
328 $result=$db->query($q);
329
330 while ($result->next()) {
331 $access_data[]=$result->getRecord();
332 }
333
334 return $access_data;
335
336}
337
338
339// Simple internal function to set node parrent
340
341public static function setParent($node_id,$parent_id) {
342 global $db,$node,$error,$error_messages;
343
344 if (!is_numeric($parent_id)) {
345 return false;
346 }
347
348 $q="select node_vector from nodes where node_id='$parent_id'";
349 $set=$db->query($q);
350 $set->next();
351 $parent_vector=$set->getString('node_vector');
352 $new_vector=$parent_vector.str_pad($node_id,VECTOR_CHARS,"0",STR_PAD_LEFT);
353
354 $q="update nodes set node_parent='$parent_id',node_vector='$new_vector' where node_id='$node_id'";
355 $db->query($q);
356
357 return 0;
358}
359
360// Get last submissions of all users on kyberia.
361// XXX ad permission checking
362// XXX remove constants
363
364public static function getLast($params) {
365 global $db,$node,$error,$error_messages;
366
367 if ($params['listing_amount']=='all') $listing_amount='-1';
368 else $listing_amount=addslashes($params['listing_amount']);
369 if (empty($params['offset'])) $offset=0;
370 else $offset=addslashes($params['offset']);
371
372 global $db,$node;
373 if ($node['node_id']==DEF_LAST_NODE) {
374 $interval=" nodes.node_created>NOW()-INTERVAL 65 HOUR and";
375 $vector="00";
376 } else {
377
378 $vector=$node['node_vector'];
379 $interval=" nodes.node_created>NOW()-INTERVAL 42 DAY and";
380 }
381
382 $node_id=$node['node_id'];
383 $user_id=$_SESSION['user_id'];
384 $q="select parent.node_name as parent_name,users.*,nodes.* from nodes
385 left join nodes as parent on parent.node_id=nodes.node_parent
386 left join users on users.user_id=nodes.node_creator where $interval
387 nodes.node_vector like '$vector%' and
388 nodes.node_system_access!='private' order by nodes.node_id desc LIMIT $offset,$listing_amount ";
389
390 $set=$db->query($q);
391
392 while ($set->next()) {
393 $last[]=$set->getRecord();
394 }
395
396 return $last;
397
398}
399
400
401// Get nodes sorted by weight_k specific to user
402
403public static function getKNeurons($user_id,$interval) {
404 global $db,$node,$error,$error_messages;
405
406 $q="call k_neurons('$user_id','$interval')";
407 $set=$db->query($q);
408
409 while ($set->next()) {
410 $k_array[]=$set->getRecord();
411 }
412
413 return $k_array;
414}
415
416// setSynapse
417
418// Set synapse weight.
419// If synapse does not exists, create a new one.
420// Secure.
421// Returns true on sucess, otherwise false.
422
423public static function setSynapse($params){
424 global $db,$node,$error,$error_messages;
425
426 // security check
427 if ((!is_numeric($params['src']))
428 or (!is_numeric($params['dst']))
429 or (!is_numeric($params['weight']))) {
430
431 return false;
432 }
433
434 $src=$params['src'];
435 $dst=$params['dst'];
436 $weight=$params['weight'];
437
438 // weight could be only positive
439 if ( $weight < 0) {
440 return false;
441 }
442
443 // if already exists
444 $q="select count(src) from neurons where dst ='$dst' and src = '$src'";
445 $set=$db->query($q);
446 $set->next();
447 $isrc=$set->getString('count(src)');
448
449 if ( $isrc > 0 ) {
450 $q="update neurons set synapse_weight='$weight'
451 where dst = '$dst' and src = '$src'";
452 } else {
453 // FIXME no vector set
454 $q="insert into neurons values('$weight','$dst','$src',0,'synapse',
455 CURRENT_TIMESTAMP(),now(),NULL,$src)";
456 }
457 $set=$db->query($q);
458
459 return true;
460}
461
462// getSynapseWeight
463
464// If synapse does not exists, weight is 1
465// Secure.
466// Returns synapse weight (from user to node)
467
468public static function getSynapseWeight($user_id,$node_id){
469 global $db;
470
471 if (!is_numeric($user_id))
472 { return -1; }
473 if (!is_numeric($node_id))
474 { return -1; }
475
476 $set=$db->query("select synapse_weight from neurons where src =".
477 $user_id." and dst = ".$node_id." and link='synapse'");
478
479 $set->next();
480 $synapse_weight=$set->getString('synapse_weight');
481
482 if (! ($synapse_weight) ) { $synapse_weight = 1;}
483
484 return $synapse_weight;
485}
486
487// getNodeUserlist
488
489// Get list of users currently viewing specified node.
490// Secure.
491// Returns list of (login, user_id)
492
493public static function getNodeUserlist($node_id) {
494
495 global $db;
496 if (!is_numeric($node_id))
497 { return -1; }
498
499
500 $set=$db->query("select login,user_id from users where user_action_id='$node_id'");
501 while ($set->next()) {
502 $userlist[]=$set->getRecord();
503 }
504
505 return $userlist;
506}
507
508// getNodeCommanders
509
510// Get logins of all node commanders (used in configure)
511// Secure.
512// Returns list of (node_permission, login)
513
514public static function getNodeCommanders($node_id) {
515 global $db;
516
517 if (!is_numeric($node_id))
518 { return -1; }
519
520 $set=$db->query("select node_permission,users.login from node_access
521 left join users on node_access.user_id=users.user_id where
522 node_id='$node_id' and node_permission!='' order by node_permission");
523
524 while ($set->next()) {
525 $commanders[$set->getString('node_permission')].=$set->getString('login').";";
526 }
527
528 return $commanders;
529}
530
531// logout
532
533// Log out user.
534// Secure
535
536public static function logout() {
537 global $db;
538 $q="update users set user_action_id=null where user_id='".$_SESSION['user_id']."'";
539 $db->query($q);
540}
541
542// getNodesByType
543
544// XXX
545// Secure
546// returns xxx
547
548public static function getNodesByType($vector,$user_id,$type,$orderby,$offset,$listing_amount) {
549 global $db;
550
551 if ((!is_numeric($user_id))
552 or (!is_numeric($offset))
553 or (!is_numeric($listing_amount))
554 or ($vector && !is_numeric($vector))
555 or (!is_numeric($type)))
556 { return -1; }
557
558 $orderby=db_escape_string($orderby);
559
560
561 $q="select parent.node_name as parent_name,users.*,nodes.*,node_access.node_user_subchild_count from nodes
562 left join nodes as parent on parent.node_id=nodes.node_parent
563 left join node_access on node_access.node_id=nodes.node_id and node_access.user_id='$user_id'
564 left join users on users.user_id=nodes.node_creator where ";
565 if ($vector) $q.="nodes.node_vector like '$vector%' and";
566 $q.=" nodes.template_id='$type' and nodes.node_system_access!='private'";
567 if ($orderby) $q.=" order by $orderby ";
568 else $q.=" order by nodes.node_id desc ";
569 $q.= " LIMIT $offset,$listing_amount ";
570 $set=$db->query($q);
571
572 while ($set->next()) $result[]=$set->getRecord();
573
574 return $result;
575}
576
577// getLinkedNodes
578
579// XXX
580// Secure
581// returns XXX
582
583public static function getLinkedNodes($node_id,$orderby,$offset,$listing_amount) {
584 global $db;
585
586 if ((!is_numeric($node_id))
587 or (!is_numeric($offset))
588 or (!is_numeric($listing_amount)))
589 { return false; } // XXX check return value by caller?
590 $orderby=db_escape_string($orderby);
591
592 $q="select neurons.synapse_created,node_content,author.login,linker.login as linker,nodes.* from neurons
593 left join nodes on neurons.src=nodes.node_id
594 left join users as linker on neurons.synapse_creator=linker.user_id
595 left join users as author on nodes.node_creator=author.user_id
596 where dst='$node_id' and link in ('hard','bookmark')
597 order by $orderby desc limit $offset , $listing_amount";
598
599 $result=$db->query($q);
600 while ($result->next()) {
601 $array=$result->getRecord();
602 transport_process_node($array); // XXX
603 $array['node_status']="linked";
604 $array['node_created']=$array['synapse_created'];
605 $get_linked_nodes[]=$array;
606 }
607 return (isset($get_linked_nodes) ? $get_linked_nodes : false);
608}
609
610// getThreadedChildren
611
612
613public static function getThreadedChildren($node_id,$node_vector,$offset,$limit,$orderby,$time,$synapse_time,$security,$link,$search,$search_param) {
614 global $db;
615
616 $sql_synapse="";
617 $sql_type="";
618 $sql_time="";
619
620 if ($synapse_time) { $sql_synapse.=" and node_created >'".db_escape_string($synapse_time)."'"; }
621
622 if ($orderby=='' OR $orderby=='desc') {
623 $orderby="concat(node_vector,'z') desc,depth";
624 } else {
625 $orderby="node_vector asc";
626 }
627
628 if ($time) {
629 $sql_time="node_created > '".db_escape_string($time)."' and";
630 }
631
632 // WTF?
633 if ($security) { $security=" and node_system_access!='private'"; }
634 else { $security = ""; }
635
636
637 if ($search=='content') {
638 $sql_type.=" and node_content like '%".db_escape_string($search_param)."%' ";
639 }
640 if ($search=='user') {
641 if (!is_numeric($search_param)) { return false; }
642 $sql_type=" and nodes.node_creator='$search_param'";
643 }
644
645
646 $q="";
647 if ($link=='yes') $q.="(";
648 $q.="select nodes.node_id,node_name,node_external_access,external_link,node_parent,
649 node_system_access,node_children_count,node_creator,node_created,lastchild_created,
650 k,node_views,node_descendant_count,lastdescendant_created,template_id,node_updated,
651 length(node_vector) as depth,users.login,node_vector, node_content,'' as synapse_creator
652 from nodes
653 left join users on users.user_id=nodes.node_creator
654 where $sql_time node_vector like '".$node_vector."%' $sql_type
655 and node_id != '".$node_id."' $security
656 order by $orderby LIMIT $offset,$limit";
657
658 if ($link=='yes') {
659 $q.=" ) UNION (select nodes.node_id,node_name,node_external_access,external_link,
660 node_parent,node_system_access,node_children_count,node_creator,node_created,
661 lastchild_created,k,node_views,node_descendant_count,lastdescendant_created,
662 template_id,node_updated,length(dst_vector) as depth,
663 users.login,dst_vector as node_vector,node_content,synapse_creator
664 from neurons
665 left join nodes on neurons.src=nodes.node_id
666 left join users on users.user_id=nodes.node_creator
667 where $sql_time dst_vector like '".$node_vector."%' $sql_synapse $sql_type
668 and node_id != '".$node_id."' order by $orderby LIMIT $offset,$limit)";
669 }
670
671 if ($link=='yes') $q.=" order by $orderby LIMIT $limit";
672
673 $result=$db->query($q);
674
675 while ($result->next()) {
676 $child = $result->getRecord();
677 transport_process_node($child);
678 if($child['synapse_creator']!='') $child['node_status']='linked';
679
680 $get_children_array[]=$child;
681 }
682
683 return $get_children_array;
684}
685
686// XXX
687
688public static function getPoll($user_id,$poll_id) {
689 global $db;
690
691 $set=$db->query("select nodes.*,node_access.node_permission from nodes
692 left join node_access on (nodes.node_id=node_access.node_id and node_access.user_id='$user_id')
693 where node_parent='$poll_id' and template_id='1549834' order by node_id desc limit 1");
694
695 $set->next();
696 $array=$set->getRecord();
697
698 return $array;
699}
700
701// XXX
702
703public static function resetPassword($login_id,$login,$vercode,$password) {
704 global $db;
705
706 // Security checks
707 $login = db_escape_string($login);
708 if (!is_numeric($login_id)) { return false; }
709
710 if ($login == '') {
711 $error="Please enter name or id";
712 return false;
713 }
714
715 if ($login_id = 0) {
716 $set=$db->query("select * from users where login='$login'");
717 } else {
718 $set=$db->query("select * from users where user_id='$login'");
719 }
720
721 $set->next();
722 $user_name=$set->getString('login');
723 $user_id=$set->getString('user_id');
724 $hash=$set->getString('hash');
725
726 if ($hash != $vercode) {
727 $error="Bad verification code!";
728 return false;
729 }
730
731 $password = sha1($password);
732 $q="update users set password='$password',hash='' where user_id='$user_id'";
733 $db->query($q);
734
735 return 0;
736}
737
738}
739?>
This page took 0.26113 seconds and 4 git commands to generate.