// All mysql code should go here
// Split into multiple files if needed
-function processContent($node_content) { return processContent_hack($node_content); } //XXX TODO FIXME HACK
+public static function processContent($node_content) { return processContent_hack($node_content); } //XXX TODO FIXME HACK
// Called for every node view. Updates node views, neurons,
-function update_nodes($user_id,$node_id,$referer_id) {
+public static function update_nodes($user_id,$node_id,$referer_id) {
global $node,$db,$error;
$db->update("update nodes set node_views=node_views+1 where".
"node_id='".$node_id."'");
}
-function putNode($what,$where,$checkpermissions=true) {
+public static function putNode($what,$where,$checkpermissions=true) {
global $db,$error,$error_messages;
$user_id = $_SESSION['user_id'];
if (!$user_id) {
$db->query("update nodes set lastdescendant_created=NOW(),node_children_count=node_children_count+1 where node_id='$where'");
}
-function addNode($params) {
+public static function addNode($params) {
global $db,$node,$error,$error_messages;
$parent_id=$params['node_parent'];
$parent_permissions=permissions::checkPerms($parent_id);
- if (!$parent_permissions['w']) {
+ if ((!$parent_permissions['w']) && ($params['flag']!='registration' )) {
$error=$error_messages['WRITE_PERMISSION_ERROR'];
logger::log('add','error','WRITE_PERMISSION_ERROR');
return false;
}
-function getUserByLogin($login) {
+public static function getUserByLogin($login) {
global $error, $error_messages;
$q2="select user_id from users where login='".$login."'";
$userset=$db->query($q2);
}
}
-static function getNodeIdByName($name, $external_link=false) {
+public static function getNodeIdByName($name, $external_link=false) {
global $db;
- $qh = sprintf('select node_id from nodes where node_name = "%s"', mysql_real_escape_string($name));
+ $qh = sprintf('select node_id from nodes where node_name = "%s"', db_escape_string($name));
if ($external_link)
- $qh .= sprintf(' and external_link="%s"', mysql_real_escape_string($external_link));
+ $qh .= sprintf(' and external_link="%s"', db_escape_string($external_link));
$set = $db->query($qh);
$set->next();
return $set->getString('node_id');
}
-function getNodeById($node_handle,$user_id, $table_name="nodes") {
+public static function getNodeById($node_handle,$user_id, $table_name="nodes") {
global $db, $error;
$q="select length(concat($table_name.node_vector)) as
vector_depth,$table_name.*,$table_name.node_creator as
}
-function redirByName($node_handle) {
+public static function redirByName($node_handle) {
global $db, $error;
$user_id=$_SESSION['user_id'];
$set=$db->query("select node_id from nodes where node_name='$node_handle' and node_creator='$user_id'");
}
-function getNodesByName($node_handle) {
+public static function getNodesByName($node_handle) {
global $db, $error;
$q="select nodes.* from nodes where node_name='$node_handle%'";
-function getChildrenNodes($orderby="desc",$offset=0,$limit=DEFAULT_LISTING_AMOUNT) {
+public static function getChildrenNodes($orderby="desc",$offset=0,$limit=DEFAULT_LISTING_AMOUNT) {
global $db, $error, $node;
$node_handle=$node['node_id'];
$q="select users.*,nodes.* from nodes
left join users on users.user_id=nodes.node_creator where
node_parent='$node_handle' order by node_created $orderby LIMIT $offset,$limit";
- echo $q;
+ #echo $q;
$result=$db->query($q);
while ($result->next()) {
}
-function getThreadedChildrenNodes($orderby="desc",$offset=0,$limit=DEFAULT_LISTING_AMOUNT) {
+public static function GetUserSubmissionsChildren($user_id,$limit=23,$offset=0,$orderby='') {
+ global $db;
+
+ if (!is_numeric($user_id)) {
+ return -1;
+ }
+ if (!is_numeric($limit)) {
+ return -1;
+ }
+ if (!is_numeric($offset)) {
+ return -1;
+ }
+
+ // XXX orderby mysql escape
+
+ $q = "select child.*, users.login as login, parent.node_name as parent_name from nodes as child join
+ (select node_id,node_name,node_creator from nodes where node_creator='$user_id')
+ as parent on child.node_parent=parent.node_id and child.node_creator <> '$user_id'
+ join users as users on users.user_id=child.node_creator order by node_created desc
+ $orderby LIMIT $offset,$limit";
+
+ #echo $q;
+ $result=$db->query($q);
+
+ while ($result->next()) {
+ $array[]=addBase36id($result->getRecord());
+ }
+
+ return $array;
+}
+
+public static function getThreadedChildrenNodes($orderby="desc",$offset=0,$limit=DEFAULT_LISTING_AMOUNT) {
global $db, $error, $node;
$node_handle=$node['node_id'];
-function getNodeAccessData() {
+public static function getNodeAccessData() {
global $node,$db;
$q="select users.login,node_access.* from node_access left join users on users.user_id=node_access.user_id where node_id='".$node['node_id']."' and node_permission!=''";
$result=$db->query($q);
// Simple internal function to set node parrent
-function setParent($node_id,$parent_id) {
+public static function setParent($node_id,$parent_id) {
global $db,$node,$error,$error_messages;
if (!is_numeric($parent_id)) {
return 0;
}
+// Get last submissions of all users on kyberia.
+// XXX ad permission checking
+// XXX remove constants
+
+public static function getLast($params) {
+ global $db,$node,$error,$error_messages;
+
+ if ($params['listing_amount']=='all') $listing_amount='-1';
+ else $listing_amount=addslashes($params['listing_amount']);
+ if (empty($params['offset'])) $offset=0;
+ else $offset=addslashes($params['offset']);
+
+ global $db,$node;
+ if ($node['node_id']==DEF_LAST_NODE) {
+ $interval=" nodes.node_created>NOW()-INTERVAL 65 HOUR and";
+ $vector="00";
+ } else {
+
+ $vector=$node['node_vector'];
+ $interval=" nodes.node_created>NOW()-INTERVAL 42 DAY and";
+ }
+
+ $node_id=$node['node_id'];
+ $user_id=$_SESSION['user_id'];
+ $q="select parent.node_name as parent_name,users.*,nodes.* from nodes
+ left join nodes as parent on parent.node_id=nodes.node_parent
+ left join users on users.user_id=nodes.node_creator where $interval
+ nodes.node_vector like '$vector%' and
+ nodes.node_system_access!='private' order by nodes.node_id desc LIMIT $offset,$listing_amount ";
+
+ $set=$db->query($q);
+
+ while ($set->next()) {
+ $last[]=$set->getRecord();
+ }
+
+ return $last;
+
+}
+
+
// Get nodes sorted by weight_k specific to user
-function getKNeurons($user_id,$interval) {
+public static function getKNeurons($user_id,$interval) {
global $db,$node,$error,$error_messages;
$q="call k_neurons('$user_id','$interval')";
// Secure.
// Returns true on sucess, otherwise false.
-function setSynapse($params){
+public static function setSynapse($params){
global $db,$node,$error,$error_messages;
// security check
return true;
}
+// getSynapseWeight
+
+// If synapse does not exists, weight is 1
+// Secure.
+// Returns synapse weight (from user to node)
+
+public static function getSynapseWeight($user_id,$node_id){
+ global $db;
+
+ if (!is_numeric($user_id))
+ { return -1; }
+ if (!is_numeric($node_id))
+ { return -1; }
+
+ $set=$db->query("select synapse_weight from neurons where src =".
+ $user_id." and dst = ".$node_id." and link='synapse'");
+
+ $set->next();
+ $synapse_weight=$set->getString('synapse_weight');
+
+ if (! ($synapse_weight) ) { $synapse_weight = 1;}
+
+ return $synapse_weight;
+}
+
+// getNodeUserlist
+
+// Get list of users currently viewing specified node.
+// Secure.
+// Returns list of (login, user_id)
+
+public static function getNodeUserlist($node_id) {
+
+ global $db;
+ if (!is_numeric($node_id))
+ { return -1; }
+
+
+ $set=$db->query("select login,user_id from users where user_action_id='$node_id'");
+ while ($set->next()) {
+ $userlist[]=$set->getRecord();
+ }
+
+ return $userlist;
+}
+
+// getNodeCommanders
+
+// Get logins of all node commanders (used in configure)
+// Secure.
+// Returns list of (node_permission, login)
+
+public static function getNodeCommanders($node_id) {
+ global $db;
+
+ if (!is_numeric($node_id))
+ { return -1; }
+
+ $set=$db->query("select node_permission,users.login from node_access
+ left join users on node_access.user_id=users.user_id where
+ node_id='$node_id' and node_permission!='' order by node_permission");
+
+ while ($set->next()) {
+ $commanders[$set->getString('node_permission')].=$set->getString('login').";";
+ }
+
+ return $commanders;
+}
+
+// logout
+
+// Log out user.
+// Secure
+
+public static function logout() {
+ global $db;
+ $q="update users set user_action_id=null where user_id='".$_SESSION['user_id']."'";
+ $db->query($q);
+}
+
+// getNodesByType
+
+// XXX
+// Secure
+// returns xxx
+
+public static function getNodesByType($vector,$user_id,$type,$orderby,$offset,$listing_amount) {
+ global $db;
+
+ if ((!is_numeric($user_id))
+ or (!is_numeric($offset))
+ or (!is_numeric($listing_amount))
+ or ($vector && !is_numeric($vector))
+ or (!is_numeric($type)))
+ { return -1; }
+
+ $orderby=db_escape_string($orderby);
+
+
+ $q="select parent.node_name as parent_name,users.*,nodes.*,node_access.node_user_subchild_count from nodes
+ left join nodes as parent on parent.node_id=nodes.node_parent
+ left join node_access on node_access.node_id=nodes.node_id and node_access.user_id='$user_id'
+ left join users on users.user_id=nodes.node_creator where ";
+ if ($vector) $q.="nodes.node_vector like '$vector%' and";
+ $q.=" nodes.template_id='$type' and nodes.node_system_access!='private'";
+ if ($orderby) $q.=" order by $orderby ";
+ else $q.=" order by nodes.node_id desc ";
+ $q.= " LIMIT $offset,$listing_amount ";
+ $set=$db->query($q);
+
+ while ($set->next()) $result[]=$set->getRecord();
+
+ return $result;
+}
+
+// getLinkedNodes
+
+// XXX
+// Secure
+// returns XXX
+
+public static function getLinkedNodes($node_id,$orderby,$offset,$listing_amount) {
+ global $db;
+
+ if ((!is_numeric($node_id))
+ or (!is_numeric($offset))
+ or (!is_numeric($listing_amount)))
+ { return false; } // XXX check return value by caller?
+ $orderby=db_escape_string($orderby);
+
+ $q="select neurons.synapse_created,node_content,author.login,linker.login as linker,nodes.* from neurons
+ left join nodes on neurons.src=nodes.node_id
+ left join users as linker on neurons.synapse_creator=linker.user_id
+ left join users as author on nodes.node_creator=author.user_id
+ where dst='$node_id' and link in ('hard','bookmark')
+ order by $orderby desc limit $offset , $listing_amount";
+
+ $result=$db->query($q);
+ while ($result->next()) {
+ $array=$result->getRecord();
+ transport_process_node($array); // XXX
+ $array['node_status']="linked";
+ $array['node_created']=$array['synapse_created'];
+ $get_linked_nodes[]=$array;
+ }
+ return (isset($get_linked_nodes) ? $get_linked_nodes : false);
+}
+
+// getThreadedChildren
+
+
+public static function getThreadedChildren($node_id,$node_vector,$offset,$limit,$orderby,$time,$synapse_time,$security,$link,$search,$search_param) {
+ global $db;
+
+ $sql_synapse="";
+ $sql_type="";
+ $sql_time="";
+
+ if ($synapse_time) { $sql_synapse.=" and node_created >'".db_escape_string($synapse_time)."'"; }
+
+ if ($orderby=='' OR $orderby=='desc') {
+ $orderby="concat(node_vector,'z') desc,depth";
+ } else {
+ $orderby="node_vector asc";
+ }
+
+ if ($time) {
+ $sql_time="node_created > '".db_escape_string($time)."' and";
+ }
+
+ // WTF?
+ if ($security) { $security=" and node_system_access!='private'"; }
+ else { $security = ""; }
+
+
+ if ($search=='content') {
+ $sql_type.=" and node_content like '%".db_escape_string($search_param)."%' ";
+ }
+ if ($search=='user') {
+ if (!is_numeric($search_param)) { return false; }
+ $sql_type=" and nodes.node_creator='$search_param'";
+ }
+
+
+ $q="";
+ if ($link=='yes') $q.="(";
+ $q.="select nodes.node_id,node_name,node_external_access,external_link,node_parent,
+ node_system_access,node_children_count,node_creator,node_created,lastchild_created,
+ k,node_views,node_descendant_count,lastdescendant_created,template_id,node_updated,
+ length(node_vector) as depth,users.login,node_vector, node_content,'' as synapse_creator
+ from nodes
+ left join users on users.user_id=nodes.node_creator
+ where $sql_time node_vector like '".$node_vector."%' $sql_type
+ and node_id != '".$node_id."' $security
+ order by $orderby LIMIT $offset,$limit";
+
+ if ($link=='yes') {
+ $q.=" ) UNION (select nodes.node_id,node_name,node_external_access,external_link,
+ node_parent,node_system_access,node_children_count,node_creator,node_created,
+ lastchild_created,k,node_views,node_descendant_count,lastdescendant_created,
+ template_id,node_updated,length(dst_vector) as depth,
+ users.login,dst_vector as node_vector,node_content,synapse_creator
+ from neurons
+ left join nodes on neurons.src=nodes.node_id
+ left join users on users.user_id=nodes.node_creator
+ where $sql_time dst_vector like '".$node_vector."%' $sql_synapse $sql_type
+ and node_id != '".$node_id."' order by $orderby LIMIT $offset,$limit)";
+ }
+
+ if ($link=='yes') $q.=" order by $orderby LIMIT $limit";
+
+ $result=$db->query($q);
+
+ while ($result->next()) {
+ $child = $result->getRecord();
+ transport_process_node($child);
+ if($child['synapse_creator']!='') $child['node_status']='linked';
+
+ $get_children_array[]=$child;
+ }
+
+ return $get_children_array;
+}
+
+// XXX
+
+public static function getPoll($user_id,$poll_id) {
+ global $db;
+
+ $set=$db->query("select nodes.*,node_access.node_permission from nodes
+ left join node_access on (nodes.node_id=node_access.node_id and node_access.user_id='$user_id')
+ where node_parent='$poll_id' and template_id='1549834' order by node_id desc limit 1");
+
+ $set->next();
+ $array=$set->getRecord();
+
+ return $array;
+}
+
+// XXX
+
+public static function resetPassword($login_id,$login,$vercode,$password) {
+ global $db;
+
+ // Security checks
+ $login = db_escape_string($login);
+ if (!is_numeric($login_id)) {
+ $error="Not numeric id is not numeric. Here, take this stone.";
+ return $error;
+ }
+
+ if ($login == '') {
+ $error="Please enter name or id";
+ return $error;
+ }
+
+ if ($login_id == 0) {
+ $set=$db->query("select * from users where login='$login'");
+ } else {
+ $set=$db->query("select * from users where user_id='$login_id'");
+ }
+
+ $set->next();
+ $user_name=$set->getString('login');
+ $user_id=$set->getString('user_id');
+ $hash=$set->getString('hash');
+
+ if ($hash != $vercode) {
+ $error="Bad verification code!";
+ return $error;
+ }
+
+ $password = sha1($password);
+ $q="update users set password='$password',hash='' where user_id='$user_id'";
+ $db->query($q);
+
+ $error="OK, password was RE-set";
+ return $error;
+}
+
+// levenshteinLog
+
+// Log user action for later analysis
+// Secure.
+
+public static function levenshteinLog($userid,$nodeid) {
+ global $db;
+
+ $q="insert delayed into levenshtein set user_id='".$userid."',node_id='".$node_id."'";
+ $db->update($q);
+
+}
}
+?>
GIT.Harvie.CZ / mirrors / Kyberia-bloodline.git / blobdiff