| 1 | <?php |
| 2 | class nodes { |
| 3 | // All mysql code should go here |
| 4 | // Split into multiple files if needed |
| 5 | |
| 6 | public static function processContent($node_content) { return processContent_hack($node_content); } //XXX TODO FIXME HACK |
| 7 | |
| 8 | // Called for every node view. Updates node views, neurons, |
| 9 | public static function update_nodes($user_id,$node_id,$referer_id) { |
| 10 | global $node,$db,$error; |
| 11 | $db->update("update nodes set node_views=node_views+1 where". |
| 12 | "node_id='".$node_id."'"); |
| 13 | if (is_numeric($referer_id) && ($referer_id)) { |
| 14 | $q="update neurons set synapse=synapse+1 where ". |
| 15 | "dst='".$node_id."' and src='$referer_id'"; |
| 16 | $result=$db->update($q); |
| 17 | if (!$result) { |
| 18 | $q="insert into neurons set synapse_creator='". |
| 19 | $user_id."',dst='".$node_id. |
| 20 | "',src='$referer_id',synapse=1"; |
| 21 | $db->query($q); |
| 22 | } |
| 23 | } |
| 24 | |
| 25 | // LEVENSHTEIN |
| 26 | |
| 27 | // these 4 lines are not the source of kyberia lagging problems. |
| 28 | // leave them. started on the 10.4. |
| 29 | // data gained will be used for scientific purposes |
| 30 | if ($user_id) { |
| 31 | $q="insert delayed into levenshtein set user_id='". |
| 32 | $user_id."',node_id='".$node_id."'"; |
| 33 | $db->update($q); |
| 34 | } |
| 35 | } |
| 36 | |
| 37 | |
| 38 | public static function putNode($what,$where,$checkpermissions=true) { |
| 39 | global $db,$error,$error_messages; |
| 40 | $user_id = $_SESSION['user_id']; |
| 41 | if (!$user_id) { |
| 42 | $user_id=UBIK_ID; |
| 43 | } |
| 44 | if (!is_numeric($what) || !is_numeric($where)) { |
| 45 | $error=$error_messages['NUMERIC_NOT_NUMERIC']; |
| 46 | } |
| 47 | |
| 48 | $nodeshell = nodes::getNodeById($where,$user_id); |
| 49 | $nodeshell_vector = $nodeshell['node_vector']; |
| 50 | |
| 51 | if ($checkpermissions) { |
| 52 | $nodeshell_permissions = permissions::checkPerms($nodeshell); |
| 53 | if (!$nodeshell_permissions['w']) { |
| 54 | $error = $error_messages['WRITE_PERMISSION_ERROR']; |
| 55 | return false; |
| 56 | } |
| 57 | } |
| 58 | |
| 59 | $dst_vector = $nodeshell_vector.str_pad($chosen,VECTOR_CHARS,0,STR_PAD_LEFT); |
| 60 | $q = "update neurons set synapse_created=NOW(),link='hard',synapse=synapse+1, dst_vector='$dst_vector' where src='$what' and dst='$where'"; |
| 61 | $result=$db->update($q); |
| 62 | |
| 63 | if (!$result) $db->query("insert into neurons set synapse_creator='$user_id',synapse_created=NOW(), src='$what',dst='$where',dst_vector='$dst_vector',link='hard',synapse=1"); |
| 64 | $db->query("update nodes set lastdescendant_created=NOW(),node_children_count=node_children_count+1 where node_id='$where'"); |
| 65 | } |
| 66 | |
| 67 | public static function addNode($params) { |
| 68 | global $db,$node,$error,$error_messages; |
| 69 | $parent_id=$params['node_parent']; |
| 70 | |
| 71 | if ($params['flag']=='registration') $params['node_creator']=UBIK_ID; |
| 72 | |
| 73 | if (!is_numeric($parent_id)) { |
| 74 | $parent_id=$node['node_id']; |
| 75 | } |
| 76 | |
| 77 | $parent_permissions=permissions::checkPerms($parent_id); |
| 78 | |
| 79 | if (!$parent_permissions['w']) { |
| 80 | $error=$error_messages['WRITE_PERMISSION_ERROR']; |
| 81 | logger::log('add','error','WRITE_PERMISSION_ERROR'); |
| 82 | return false; |
| 83 | } |
| 84 | |
| 85 | |
| 86 | $kset=$db->query("select user_k from users where user_id='$params[node_creator]'"); |
| 87 | $kset->next(); |
| 88 | $user_k=$kset->getString('user_k'); |
| 89 | |
| 90 | if (!$user_k && $params['node_creator']!=UBIK_ID) { |
| 91 | $error=$error_messages['K_SPENT']; |
| 92 | } |
| 93 | |
| 94 | |
| 95 | |
| 96 | $set=$db->query("select node_vector,node_children_count from nodes where node_id='$parent_id'"); |
| 97 | $set->next(); |
| 98 | $parent_vector=$set->getString('node_vector'); |
| 99 | |
| 100 | if ($set->getInt('node_children_count')>MAX_CHILDREN) { |
| 101 | $error=$error_messages['MAX_CHILDREN']; |
| 102 | return false; |
| 103 | } |
| 104 | |
| 105 | //working with external links |
| 106 | $external_link=$params['external_link']; |
| 107 | |
| 108 | $template_id=$params['template_id']; |
| 109 | if (!is_numeric($template_id)) $template_id=DEFAULT_TEMPLATE_ID; |
| 110 | |
| 111 | if(!isset($params['node_system_access'])) $params['node_system_access'] = $node['node_system_access']; |
| 112 | if(!isset($params['node_external_access'])) $params['node_external_access'] = $node['node_external_access']; |
| 113 | |
| 114 | $q="insert into nodes set |
| 115 | node_name='".$params['node_name']."', |
| 116 | node_external_access='".$params['node_external_access']."', |
| 117 | node_system_access='".$params['node_system_access']."', |
| 118 | node_creator='".$params['node_creator']."', |
| 119 | template_id='".$template_id."', |
| 120 | external_link='".$external_link."', |
| 121 | node_parent='".$parent_id."', |
| 122 | node_views=0,node_created=NOW(), |
| 123 | node_content='".$params['node_content']."', |
| 124 | node_vector='".$params['node_vector']."'"; |
| 125 | $db->query("start transaction"); |
| 126 | $db->query($q); |
| 127 | $id=$db->getLastInsertId(); |
| 128 | |
| 129 | //node_content MyIsam only for FULLTEXT !!! |
| 130 | // $db->query("insert into node_content set node_id='$id',node_content='".$params['node_content']."'"); |
| 131 | |
| 132 | $new_id=str_pad($id,VECTOR_CHARS,"0",STR_PAD_LEFT); |
| 133 | $new_vector=trim($parent_vector,"z").$new_id; |
| 134 | |
| 135 | if ($params['flag']=='registration') $db->query("update nodes set node_system_access='public',node_external_access='yes',node_creator=$id where node_id=$id"); |
| 136 | |
| 137 | $db->query("update nodes set node_vector='$new_vector' where node_id='$id'"); |
| 138 | $db->query("update nodes set node_children_count=node_children_count+1 where node_id='$parent_id'"); |
| 139 | |
| 140 | $node_vector=trim(chunk_split($new_vector,VECTOR_CHARS,';'),';'); |
| 141 | |
| 142 | $ancestors=explode(";",$node_vector); |
| 143 | foreach($ancestors as $key => $ancestor_id) { |
| 144 | if ($key) { |
| 145 | $ancestor_id=ltrim($ancestor_id,'0'); |
| 146 | $db->query("update nodes set node_descendant_count=node_descendant_count+1,lastdescendant_created=NOW() where node_id='$ancestor_id'"); |
| 147 | } |
| 148 | } |
| 149 | $db->query("update node_access set node_user_subchild_count=node_user_subchild_count+1 where node_id='$parent_id'"); |
| 150 | --$user_k; |
| 151 | $db->query("update users set user_k='$user_k' where user_id='$params[node_creator]'"); |
| 152 | $db->query("commit"); |
| 153 | logger::log('add','ok',$id); |
| 154 | |
| 155 | if ($_POST['code']) { |
| 156 | $params['node_creator']=UBIK_ID; |
| 157 | $params['node_parent']=WARNING_ZONE; |
| 158 | $params['node_name']="node $id added with code_parameter"; |
| 159 | $params['node_content']="node <a href='/id/$id'>$id</a> added with code_parameter"; |
| 160 | unset($_POST['code']); |
| 161 | nodes::addNode($params); |
| 162 | } |
| 163 | |
| 164 | return $id; |
| 165 | } |
| 166 | |
| 167 | |
| 168 | public static function getUserByLogin($login) { |
| 169 | global $error, $error_messages; |
| 170 | $q2="select user_id from users where login='".$login."'"; |
| 171 | $userset=$db->query($q2); |
| 172 | $userset->next(); |
| 173 | $id=$userset->getString('user_id'); |
| 174 | if (is_numeric($id)) return $id; |
| 175 | else { |
| 176 | $error = $error_messages['USER_NOT_FOUND']; |
| 177 | return false; |
| 178 | } |
| 179 | } |
| 180 | |
| 181 | public static function getNodeIdByName($name, $external_link=false) { |
| 182 | global $db; |
| 183 | |
| 184 | $qh = sprintf('select node_id from nodes where node_name = "%s"', db_escape_string($name)); |
| 185 | if ($external_link) |
| 186 | $qh .= sprintf(' and external_link="%s"', db_escape_string($external_link)); |
| 187 | |
| 188 | $set = $db->query($qh); |
| 189 | $set->next(); |
| 190 | return $set->getString('node_id'); |
| 191 | } |
| 192 | |
| 193 | public static function getNodeById($node_handle,$user_id, $table_name="nodes") { |
| 194 | global $db, $error; |
| 195 | $q="select length(concat($table_name.node_vector)) as |
| 196 | vector_depth,$table_name.*,$table_name.node_creator as |
| 197 | node_owner_id,creator.node_name as owner,node_access.*,$table_name.node_id as |
| 198 | node_id,node_parent.node_name as node_parent_name |
| 199 | from $table_name left join $table_name as creator on creator.node_id=$table_name.node_creator |
| 200 | left join $table_name as node_parent on $table_name.node_parent=node_parent.node_id |
| 201 | left join node_access on (node_access.node_id='$node_handle' and node_access.user_id='$user_id') |
| 202 | where $table_name.node_id='$node_handle'"; |
| 203 | |
| 204 | $result=$db->query($q); |
| 205 | if (!$result->next()) { |
| 206 | return false; |
| 207 | } |
| 208 | else { |
| 209 | $node=addBase36id($result->getRecord()); |
| 210 | $node['node_vector']=trim($node['node_vector'],"z"); |
| 211 | $ancestors=str_split($node['node_vector'],VECTOR_CHARS); |
| 212 | foreach ($ancestors as $ancestor) { |
| 213 | $node['ancestors'][]=array("name"=>"","link"=>ltrim($ancestor,"0")); |
| 214 | } |
| 215 | } |
| 216 | transport_process_node($node); |
| 217 | return $node; |
| 218 | |
| 219 | } |
| 220 | |
| 221 | |
| 222 | public static function redirByName($node_handle) { |
| 223 | global $db, $error; |
| 224 | $user_id=$_SESSION['user_id']; |
| 225 | $set=$db->query("select node_id from nodes where node_name='$node_handle' and node_creator='$user_id'"); |
| 226 | if ($set->next()) { |
| 227 | $node_id=$set->getString('node_id'); |
| 228 | if (!empty($node_id)) { |
| 229 | return nodes::getNodeById($node_id,$_SESSION['user_id']); |
| 230 | } |
| 231 | |
| 232 | } |
| 233 | $set=$db->query("select node_id from nodes where node_name='$node_handle' "); |
| 234 | $set->next(); |
| 235 | $node_id=$set->getString('node_id'); |
| 236 | if (!empty($node_id)) { |
| 237 | return nodes::getNodeById($node_id,$_SESSION['user_id']); |
| 238 | } |
| 239 | |
| 240 | } |
| 241 | |
| 242 | public static function getNodesByName($node_handle) { |
| 243 | global $db, $error; |
| 244 | $q="select nodes.* from nodes where node_name='$node_handle%'"; |
| 245 | |
| 246 | $result=$db->query($q); |
| 247 | |
| 248 | while ($result->next()){ |
| 249 | $record[]=addBase36id($result->getRecord()); |
| 250 | } |
| 251 | return $record; |
| 252 | |
| 253 | } |
| 254 | |
| 255 | |
| 256 | |
| 257 | public static function getChildrenNodes($orderby="desc",$offset=0,$limit=DEFAULT_LISTING_AMOUNT) { |
| 258 | global $db, $error, $node; |
| 259 | $node_handle=$node['node_id']; |
| 260 | |
| 261 | $q="select users.*,nodes.* from nodes |
| 262 | left join users on users.user_id=nodes.node_creator where |
| 263 | node_parent='$node_handle' order by node_created $orderby LIMIT $offset,$limit"; |
| 264 | #echo $q; |
| 265 | $result=$db->query($q); |
| 266 | |
| 267 | while ($result->next()) { |
| 268 | $array[]=addBase36id($result->getRecord()); |
| 269 | } |
| 270 | |
| 271 | return $array; |
| 272 | |
| 273 | } |
| 274 | |
| 275 | |
| 276 | public static function GetUserSubmissionsChildren($user_id,$limit=23,$offset=0,$orderby='') { |
| 277 | global $db; |
| 278 | |
| 279 | if (!is_numeric($user_id)) { |
| 280 | return -1; |
| 281 | } |
| 282 | if (!is_numeric($limit)) { |
| 283 | return -1; |
| 284 | } |
| 285 | if (!is_numeric($offset)) { |
| 286 | return -1; |
| 287 | } |
| 288 | |
| 289 | // XXX orderby mysql escape |
| 290 | |
| 291 | $q = "select child.*, users.login as login, parent.node_name as parent_name from nodes as child join |
| 292 | (select node_id,node_name,node_creator from nodes where node_creator='$user_id') |
| 293 | as parent on child.node_parent=parent.node_id and child.node_creator <> '$user_id' |
| 294 | join users as users on users.user_id=child.node_creator order by node_created desc |
| 295 | $orderby LIMIT $offset,$limit"; |
| 296 | |
| 297 | #echo $q; |
| 298 | $result=$db->query($q); |
| 299 | |
| 300 | while ($result->next()) { |
| 301 | $array[]=addBase36id($result->getRecord()); |
| 302 | } |
| 303 | |
| 304 | return $array; |
| 305 | } |
| 306 | |
| 307 | public static function getThreadedChildrenNodes($orderby="desc",$offset=0,$limit=DEFAULT_LISTING_AMOUNT) { |
| 308 | global $db, $error, $node; |
| 309 | $node_handle=$node['node_id']; |
| 310 | |
| 311 | $q="select length(node_vector) as depth,users.login,nodes.* from nodes left join users on users.user_id=nodes.node_creator where node_vector like '".$node['node_vector'].";".$node['node_id']."%' and node_type=3 order by concat(node_vector,';',nodes.node_id,';z') desc,depth LIMIT $offset,$limit"; |
| 312 | |
| 313 | $result=$db->query($q); |
| 314 | |
| 315 | while ($result->next()) { |
| 316 | $children_array[]=addBase36id($result->getRecord()); |
| 317 | } |
| 318 | |
| 319 | return $children_array; |
| 320 | |
| 321 | } |
| 322 | |
| 323 | |
| 324 | |
| 325 | public static function getNodeAccessData() { |
| 326 | global $node,$db; |
| 327 | $q="select users.login,node_access.* from node_access left join users on users.user_id=node_access.user_id where node_id='".$node['node_id']."' and node_permission!=''"; |
| 328 | $result=$db->query($q); |
| 329 | |
| 330 | while ($result->next()) { |
| 331 | $access_data[]=$result->getRecord(); |
| 332 | } |
| 333 | |
| 334 | return $access_data; |
| 335 | |
| 336 | } |
| 337 | |
| 338 | |
| 339 | // Simple internal function to set node parrent |
| 340 | |
| 341 | public static function setParent($node_id,$parent_id) { |
| 342 | global $db,$node,$error,$error_messages; |
| 343 | |
| 344 | if (!is_numeric($parent_id)) { |
| 345 | return false; |
| 346 | } |
| 347 | |
| 348 | $q="select node_vector from nodes where node_id='$parent_id'"; |
| 349 | $set=$db->query($q); |
| 350 | $set->next(); |
| 351 | $parent_vector=$set->getString('node_vector'); |
| 352 | $new_vector=$parent_vector.str_pad($node_id,VECTOR_CHARS,"0",STR_PAD_LEFT); |
| 353 | |
| 354 | $q="update nodes set node_parent='$parent_id',node_vector='$new_vector' where node_id='$node_id'"; |
| 355 | $db->query($q); |
| 356 | |
| 357 | return 0; |
| 358 | } |
| 359 | |
| 360 | // Get last submissions of all users on kyberia. |
| 361 | // XXX ad permission checking |
| 362 | // XXX remove constants |
| 363 | |
| 364 | public static function getLast($params) { |
| 365 | global $db,$node,$error,$error_messages; |
| 366 | |
| 367 | if ($params['listing_amount']=='all') $listing_amount='-1'; |
| 368 | else $listing_amount=addslashes($params['listing_amount']); |
| 369 | if (empty($params['offset'])) $offset=0; |
| 370 | else $offset=addslashes($params['offset']); |
| 371 | |
| 372 | global $db,$node; |
| 373 | if ($node['node_id']==DEF_LAST_NODE) { |
| 374 | $interval=" nodes.node_created>NOW()-INTERVAL 65 HOUR and"; |
| 375 | $vector="00"; |
| 376 | } else { |
| 377 | |
| 378 | $vector=$node['node_vector']; |
| 379 | $interval=" nodes.node_created>NOW()-INTERVAL 42 DAY and"; |
| 380 | } |
| 381 | |
| 382 | $node_id=$node['node_id']; |
| 383 | $user_id=$_SESSION['user_id']; |
| 384 | $q="select parent.node_name as parent_name,users.*,nodes.* from nodes |
| 385 | left join nodes as parent on parent.node_id=nodes.node_parent |
| 386 | left join users on users.user_id=nodes.node_creator where $interval |
| 387 | nodes.node_vector like '$vector%' and |
| 388 | nodes.node_system_access!='private' order by nodes.node_id desc LIMIT $offset,$listing_amount "; |
| 389 | |
| 390 | $set=$db->query($q); |
| 391 | |
| 392 | while ($set->next()) { |
| 393 | $last[]=$set->getRecord(); |
| 394 | } |
| 395 | |
| 396 | return $last; |
| 397 | |
| 398 | } |
| 399 | |
| 400 | |
| 401 | // Get nodes sorted by weight_k specific to user |
| 402 | |
| 403 | public static function getKNeurons($user_id,$interval) { |
| 404 | global $db,$node,$error,$error_messages; |
| 405 | |
| 406 | $q="call k_neurons('$user_id','$interval')"; |
| 407 | $set=$db->query($q); |
| 408 | |
| 409 | while ($set->next()) { |
| 410 | $k_array[]=$set->getRecord(); |
| 411 | } |
| 412 | |
| 413 | return $k_array; |
| 414 | } |
| 415 | |
| 416 | // setSynapse |
| 417 | |
| 418 | // Set synapse weight. |
| 419 | // If synapse does not exists, create a new one. |
| 420 | // Secure. |
| 421 | // Returns true on sucess, otherwise false. |
| 422 | |
| 423 | public static function setSynapse($params){ |
| 424 | global $db,$node,$error,$error_messages; |
| 425 | |
| 426 | // security check |
| 427 | if ((!is_numeric($params['src'])) |
| 428 | or (!is_numeric($params['dst'])) |
| 429 | or (!is_numeric($params['weight']))) { |
| 430 | |
| 431 | return false; |
| 432 | } |
| 433 | |
| 434 | $src=$params['src']; |
| 435 | $dst=$params['dst']; |
| 436 | $weight=$params['weight']; |
| 437 | |
| 438 | // weight could be only positive |
| 439 | if ( $weight < 0) { |
| 440 | return false; |
| 441 | } |
| 442 | |
| 443 | // if already exists |
| 444 | $q="select count(src) from neurons where dst ='$dst' and src = '$src'"; |
| 445 | $set=$db->query($q); |
| 446 | $set->next(); |
| 447 | $isrc=$set->getString('count(src)'); |
| 448 | |
| 449 | if ( $isrc > 0 ) { |
| 450 | $q="update neurons set synapse_weight='$weight' |
| 451 | where dst = '$dst' and src = '$src'"; |
| 452 | } else { |
| 453 | // FIXME no vector set |
| 454 | $q="insert into neurons values('$weight','$dst','$src',0,'synapse', |
| 455 | CURRENT_TIMESTAMP(),now(),NULL,$src)"; |
| 456 | } |
| 457 | $set=$db->query($q); |
| 458 | |
| 459 | return true; |
| 460 | } |
| 461 | |
| 462 | // getSynapseWeight |
| 463 | |
| 464 | // If synapse does not exists, weight is 1 |
| 465 | // Secure. |
| 466 | // Returns synapse weight (from user to node) |
| 467 | |
| 468 | public static function getSynapseWeight($user_id,$node_id){ |
| 469 | global $db; |
| 470 | |
| 471 | if (!is_numeric($user_id)) |
| 472 | { return -1; } |
| 473 | if (!is_numeric($node_id)) |
| 474 | { return -1; } |
| 475 | |
| 476 | $set=$db->query("select synapse_weight from neurons where src =". |
| 477 | $user_id." and dst = ".$node_id." and link='synapse'"); |
| 478 | |
| 479 | $set->next(); |
| 480 | $synapse_weight=$set->getString('synapse_weight'); |
| 481 | |
| 482 | if (! ($synapse_weight) ) { $synapse_weight = 1;} |
| 483 | |
| 484 | return $synapse_weight; |
| 485 | } |
| 486 | |
| 487 | // getNodeUserlist |
| 488 | |
| 489 | // Get list of users currently viewing specified node. |
| 490 | // Secure. |
| 491 | // Returns list of (login, user_id) |
| 492 | |
| 493 | public static function getNodeUserlist($node_id) { |
| 494 | |
| 495 | global $db; |
| 496 | if (!is_numeric($node_id)) |
| 497 | { return -1; } |
| 498 | |
| 499 | |
| 500 | $set=$db->query("select login,user_id from users where user_action_id='$node_id'"); |
| 501 | while ($set->next()) { |
| 502 | $userlist[]=$set->getRecord(); |
| 503 | } |
| 504 | |
| 505 | return $userlist; |
| 506 | } |
| 507 | |
| 508 | // getNodeCommanders |
| 509 | |
| 510 | // Get logins of all node commanders (used in configure) |
| 511 | // Secure. |
| 512 | // Returns list of (node_permission, login) |
| 513 | |
| 514 | public static function getNodeCommanders($node_id) { |
| 515 | global $db; |
| 516 | |
| 517 | if (!is_numeric($node_id)) |
| 518 | { return -1; } |
| 519 | |
| 520 | $set=$db->query("select node_permission,users.login from node_access |
| 521 | left join users on node_access.user_id=users.user_id where |
| 522 | node_id='$node_id' and node_permission!='' order by node_permission"); |
| 523 | |
| 524 | while ($set->next()) { |
| 525 | $commanders[$set->getString('node_permission')].=$set->getString('login').";"; |
| 526 | } |
| 527 | |
| 528 | return $commanders; |
| 529 | } |
| 530 | |
| 531 | // logout |
| 532 | |
| 533 | // Log out user. |
| 534 | // Secure |
| 535 | |
| 536 | public static function logout() { |
| 537 | global $db; |
| 538 | $q="update users set user_action_id=null where user_id='".$_SESSION['user_id']."'"; |
| 539 | $db->query($q); |
| 540 | } |
| 541 | |
| 542 | // getNodesByType |
| 543 | |
| 544 | // XXX |
| 545 | // Secure |
| 546 | // returns xxx |
| 547 | |
| 548 | public static function getNodesByType($vector,$user_id,$type,$orderby,$offset,$listing_amount) { |
| 549 | global $db; |
| 550 | |
| 551 | if ((!is_numeric($user_id)) |
| 552 | or (!is_numeric($offset)) |
| 553 | or (!is_numeric($listing_amount)) |
| 554 | or ($vector && !is_numeric($vector)) |
| 555 | or (!is_numeric($type))) |
| 556 | { return -1; } |
| 557 | |
| 558 | $orderby=db_escape_string($orderby); |
| 559 | |
| 560 | |
| 561 | $q="select parent.node_name as parent_name,users.*,nodes.*,node_access.node_user_subchild_count from nodes |
| 562 | left join nodes as parent on parent.node_id=nodes.node_parent |
| 563 | left join node_access on node_access.node_id=nodes.node_id and node_access.user_id='$user_id' |
| 564 | left join users on users.user_id=nodes.node_creator where "; |
| 565 | if ($vector) $q.="nodes.node_vector like '$vector%' and"; |
| 566 | $q.=" nodes.template_id='$type' and nodes.node_system_access!='private'"; |
| 567 | if ($orderby) $q.=" order by $orderby "; |
| 568 | else $q.=" order by nodes.node_id desc "; |
| 569 | $q.= " LIMIT $offset,$listing_amount "; |
| 570 | $set=$db->query($q); |
| 571 | |
| 572 | while ($set->next()) $result[]=$set->getRecord(); |
| 573 | |
| 574 | return $result; |
| 575 | } |
| 576 | |
| 577 | // getLinkedNodes |
| 578 | |
| 579 | // XXX |
| 580 | // Secure |
| 581 | // returns XXX |
| 582 | |
| 583 | public static function getLinkedNodes($node_id,$orderby,$offset,$listing_amount) { |
| 584 | global $db; |
| 585 | |
| 586 | if ((!is_numeric($node_id)) |
| 587 | or (!is_numeric($offset)) |
| 588 | or (!is_numeric($listing_amount))) |
| 589 | { return false; } // XXX check return value by caller? |
| 590 | $orderby=db_escape_string($orderby); |
| 591 | |
| 592 | $q="select neurons.synapse_created,node_content,author.login,linker.login as linker,nodes.* from neurons |
| 593 | left join nodes on neurons.src=nodes.node_id |
| 594 | left join users as linker on neurons.synapse_creator=linker.user_id |
| 595 | left join users as author on nodes.node_creator=author.user_id |
| 596 | where dst='$node_id' and link in ('hard','bookmark') |
| 597 | order by $orderby desc limit $offset , $listing_amount"; |
| 598 | |
| 599 | $result=$db->query($q); |
| 600 | while ($result->next()) { |
| 601 | $array=$result->getRecord(); |
| 602 | transport_process_node($array); // XXX |
| 603 | $array['node_status']="linked"; |
| 604 | $array['node_created']=$array['synapse_created']; |
| 605 | $get_linked_nodes[]=$array; |
| 606 | } |
| 607 | return (isset($get_linked_nodes) ? $get_linked_nodes : false); |
| 608 | } |
| 609 | |
| 610 | // getThreadedChildren |
| 611 | |
| 612 | |
| 613 | public static function getThreadedChildren($node_id,$node_vector,$offset,$limit,$orderby,$time,$synapse_time,$security,$link,$search,$search_param) { |
| 614 | global $db; |
| 615 | |
| 616 | $sql_synapse=""; |
| 617 | $sql_type=""; |
| 618 | $sql_time=""; |
| 619 | |
| 620 | if ($synapse_time) { $sql_synapse.=" and node_created >'".db_escape_string($synapse_time)."'"; } |
| 621 | |
| 622 | if ($orderby=='' OR $orderby=='desc') { |
| 623 | $orderby="concat(node_vector,'z') desc,depth"; |
| 624 | } else { |
| 625 | $orderby="node_vector asc"; |
| 626 | } |
| 627 | |
| 628 | if ($time) { |
| 629 | $sql_time="node_created > '".db_escape_string($time)."' and"; |
| 630 | } |
| 631 | |
| 632 | // WTF? |
| 633 | if ($security) { $security=" and node_system_access!='private'"; } |
| 634 | else { $security = ""; } |
| 635 | |
| 636 | |
| 637 | if ($search=='content') { |
| 638 | $sql_type.=" and node_content like '%".db_escape_string($search_param)."%' "; |
| 639 | } |
| 640 | if ($search=='user') { |
| 641 | if (!is_numeric($search_param)) { return false; } |
| 642 | $sql_type=" and nodes.node_creator='$search_param'"; |
| 643 | } |
| 644 | |
| 645 | |
| 646 | $q=""; |
| 647 | if ($link=='yes') $q.="("; |
| 648 | $q.="select nodes.node_id,node_name,node_external_access,external_link,node_parent, |
| 649 | node_system_access,node_children_count,node_creator,node_created,lastchild_created, |
| 650 | k,node_views,node_descendant_count,lastdescendant_created,template_id,node_updated, |
| 651 | length(node_vector) as depth,users.login,node_vector, node_content,'' as synapse_creator |
| 652 | from nodes |
| 653 | left join users on users.user_id=nodes.node_creator |
| 654 | where $sql_time node_vector like '".$node_vector."%' $sql_type |
| 655 | and node_id != '".$node_id."' $security |
| 656 | order by $orderby LIMIT $offset,$limit"; |
| 657 | |
| 658 | if ($link=='yes') { |
| 659 | $q.=" ) UNION (select nodes.node_id,node_name,node_external_access,external_link, |
| 660 | node_parent,node_system_access,node_children_count,node_creator,node_created, |
| 661 | lastchild_created,k,node_views,node_descendant_count,lastdescendant_created, |
| 662 | template_id,node_updated,length(dst_vector) as depth, |
| 663 | users.login,dst_vector as node_vector,node_content,synapse_creator |
| 664 | from neurons |
| 665 | left join nodes on neurons.src=nodes.node_id |
| 666 | left join users on users.user_id=nodes.node_creator |
| 667 | where $sql_time dst_vector like '".$node_vector."%' $sql_synapse $sql_type |
| 668 | and node_id != '".$node_id."' order by $orderby LIMIT $offset,$limit)"; |
| 669 | } |
| 670 | |
| 671 | if ($link=='yes') $q.=" order by $orderby LIMIT $limit"; |
| 672 | |
| 673 | $result=$db->query($q); |
| 674 | |
| 675 | while ($result->next()) { |
| 676 | $child = $result->getRecord(); |
| 677 | transport_process_node($child); |
| 678 | if($child['synapse_creator']!='') $child['node_status']='linked'; |
| 679 | |
| 680 | $get_children_array[]=$child; |
| 681 | } |
| 682 | |
| 683 | return $get_children_array; |
| 684 | } |
| 685 | |
| 686 | // XXX |
| 687 | |
| 688 | public static function getPoll($user_id,$poll_id) { |
| 689 | global $db; |
| 690 | |
| 691 | $set=$db->query("select nodes.*,node_access.node_permission from nodes |
| 692 | left join node_access on (nodes.node_id=node_access.node_id and node_access.user_id='$user_id') |
| 693 | where node_parent='$poll_id' and template_id='1549834' order by node_id desc limit 1"); |
| 694 | |
| 695 | $set->next(); |
| 696 | $array=$set->getRecord(); |
| 697 | |
| 698 | return $array; |
| 699 | } |
| 700 | |
| 701 | // XXX |
| 702 | |
| 703 | public static function resetPassword($login_id,$login,$vercode,$password) { |
| 704 | global $db; |
| 705 | |
| 706 | // Security checks |
| 707 | $login = db_escape_string($login); |
| 708 | if (!is_numeric($login_id)) { return false; } |
| 709 | |
| 710 | if ($login == '') { |
| 711 | $error="Please enter name or id"; |
| 712 | return false; |
| 713 | } |
| 714 | |
| 715 | if ($login_id = 0) { |
| 716 | $set=$db->query("select * from users where login='$login'"); |
| 717 | } else { |
| 718 | $set=$db->query("select * from users where user_id='$login'"); |
| 719 | } |
| 720 | |
| 721 | $set->next(); |
| 722 | $user_name=$set->getString('login'); |
| 723 | $user_id=$set->getString('user_id'); |
| 724 | $hash=$set->getString('hash'); |
| 725 | |
| 726 | if ($hash != $vercode) { |
| 727 | $error="Bad verification code!"; |
| 728 | return false; |
| 729 | } |
| 730 | |
| 731 | $password = sha1($password); |
| 732 | $q="update users set password='$password',hash='' where user_id='$user_id'"; |
| 733 | $db->query($q); |
| 734 | |
| 735 | return 0; |
| 736 | } |
| 737 | |
| 738 | } |
| 739 | ?> |