ELECT '. $object_type .'_id FROM '. $table ); $where = array(); if (!empty($section_value)) { $where[] = 'section_value='. $this->db->getEscaped($section_value); } if ($return_hidden==0) { $where[] = 'hidden=0'; } if (!empty($where)) { $query .= ' WHERE '. implode(' AND ', $where); } $rs = $this->db->loadResultArray(); if (!is_array($rs)) { $this->debug_db('get_object'); return false; } // Return Object IDs return $rs; } /*======================================================================*\ Function: get_objects () Purpose: Grabs all Objects in the database, or specific to a section_value returns format suitable for add_acl and is_conflicting_acl \*======================================================================*/ /*======================================================================*\ Function: get_object_data() Purpose: Gets all data pertaining to a specific Object. \*======================================================================*/ /*======================================================================*\ Function: get_object_groups() Purpose: Gets the group_id's for the given the section_value AND value of the object. \*======================================================================*/ function get_object_groups($object_section_value, $object_value, $object_type=NULL) { switch(strtolower(trim($object_type))) { case 'aro': $group_type = 'aro'; $table = $this->_db_table_prefix .'groups_aro_map'; $object_table = $this->_db_table_prefix .'aro'; $group_table = $this->_db_table_prefix .'aro_groups'; break; case 'axo': $group_type = 'axo'; $table = $this->_db_table_prefix .'groups_axo_map'; $object_table = $this->_db_table_prefix .'axo'; $group_table = $this->_db_table_prefix .'axo_groups'; break; default: $this->debug_text('get_object_groups(): Invalid Object Type: '. $object_type); return FALSE; } $this->debug_text("get_object_groups(): Section Value: $object_section_value Value: $object_value Object Type: $object_type"); $object_section_value = trim($object_section_value); $object_value = trim($object_value); if (empty($object_section_value) AND empty($object_value) ) { $this->debug_text("get_object_groups(): Section Value ($object_section_value) AND value ($object_value) is empty, this is required"); return false; } if (empty($object_type) ) { $this->debug_text("get_object_groups(): Object Type ($object_type) is empty, this is required"); return false; } // SELECT g.group_id,o.'. $group_type .'_id,(gm.group_id IS NOT NULL) AS member $this->db->setQuery( ' SELECT g.group_id,o.'. $group_type .'_id,(gm.group_id IS NOT NULL) AS member FROM '. $group_table .' g LEFT JOIN '. $table .' gm ON gm.group_id=g.group_id LEFT JOIN '. $object_table .' o ON o.'. $group_type .'_id = gm.'. $group_type .'_id WHERE (o.section_value=\''. $this->db->getEscaped($object_section_value) .'\' AND o.value=\''. $this->db->getEscaped($object_value) .'\')' ); $rs = $this->db->loadResultArray(); if ($this->db->getErrorNum()) { $this->debug_db('get_object_id'); return false; } //Return the array of group id's return $rs; } /*======================================================================*\ Function: get_object_id() Purpose: Gets the object_id given the section_value AND value of the object. \*======================================================================*/ function get_object_id($section_value, $value, $object_type=NULL) { switch(strtolower(trim($object_type))) { case 'aco': $object_type = 'aco'; $table = $this->_db_table_prefix .'aco'; break; case 'aro': $object_type = 'aro'; $table = $this->_db_table_prefix .'aro'; break; case 'axo': $object_type = 'axo'; $table = $this->_db_table_prefix .'axo'; break; default: $this->debug_text('get_object_id(): Invalid Object Type: '. $object_type); return FALSE; } $this->debug_text("get_object_id(): Section Value: $section_value Value: $value Object Type: $object_type"); $section_value = trim($section_value); $value = trim($value); if (empty($section_value) AND empty($value) ) { $this->debug_text("get_object_id(): Section Value ($value) AND value ($value) is empty, this is required"); return false; } if (empty($object_type) ) { $this->debug_text("get_object_id(): Object Type ($object_type) is empty, this is required"); return false; } $this->db->setQuery( 'SELECT '. $object_type .'_id FROM '. $table .' WHERE section_value=\''. $this->db->getEscaped($section_value) .'\' AND value=\''. $this->db->getEscaped($value) .'\'' ); $rs = $this->db->loadRowList(); if ($this->db->getErrorNum()) { $this->debug_db('get_object_id'); return false; } $row_count = count( $rs ); if ($row_count > 1) { $this->debug_text("get_object_id(): Returned $row_count rows, can only return one. This should never happen, the database may be missing a unique key."); return false; } if ($row_count == 0) { $this->debug_text("get_object_id(): Returned $row_count rows"); return false; } $row = $rs[0]; //Return the ID. return $row[0]; } /*======================================================================*\ Function: get_object_section_value() Purpose: Gets the object_section_value given object id \*======================================================================*/ /*======================================================================*\ Function: get_object_groups() Purpose: Gets all groups an object is a member of. If $option == 'RECURSE' it will get all ancestor groups. defaults to only get direct parents. \*======================================================================*/ /*======================================================================*\ Function: add_object() Purpose: Inserts a new object \*======================================================================*/ function add_object($section_value, $name, $value=0, $order=0, $hidden=0, $object_type=NULL) { switch(strtolower(trim($object_type))) { case 'aco': $object_type = 'aco'; $table = $this->_db_table_prefix .'aco'; $object_sections_table = $this->_db_table_prefix .'aco_sections'; break; case 'aro': $object_type = 'aro'; $table = $this->_db_table_prefix .'aro'; $object_sections_table = $this->_db_table_prefix .'aro_sections'; break; case 'axo': $object_type = 'axo'; $table = $this->_db_table_prefix .'axo'; $object_sections_table = $this->_db_table_prefix .'axo_sections'; break; default: $this->debug_text('add_object(): Invalid Object Type: '. $object_type); return FALSE; } $this->debug_text("add_object(): Section Value: $section_value Value: $value Order: $order Name: $name Object Type: $object_type"); $section_value = trim($section_value); $name = trim($name); $value = trim($value); $order = trim($order); $hidden = (int) $hidden; if ($order == NULL OR $order == '') { $order = 0; } if (empty($name) OR empty($section_value) ) { $this->debug_text("add_object(): name ($name) OR section value ($section_value) is empty, this is required"); return false; } if (strlen($name) >= 255 OR strlen($value) >= 230 ) { $this->debug_text("add_object(): name ($name) OR value ($value) is too long."); return false; } if (empty($object_type) ) { $this->debug_text("add_object(): Object Type ($object_type) is empty, this is required"); return false; } // Test to see if the section is invalid or object already exists. $this->db->setQuery( ' SELECT (o.'. $object_type .'_id IS NOT NULL) AS object_exists FROM '. $object_sections_table .' s LEFT JOIN '. $table .' o ON (s.value=o.section_value AND o.value=\''. $this->db->getEscaped($value) .'\') WHERE s.value=\''. $this->db->getEscaped($section_value). '\'' ); $rows = $this->db->loadRowList(); if ($this->db->getErrorNum()) { $this->debug_db('add_object'); return FALSE; } if (count( $rows ) != 1) { // Section is invalid $this->debug_text("add_object(): Section Value: $section_value Object Type ($object_type) does not exist, this is required"); return false; } $row = $rows[0]; if ($row[0] == 1) { //Object is already created. return true; } $insert_id = $this->db->GenID($this->_db_table_prefix.$object_type.'_seq',10); $this->db->setQuery( "INSERT INTO $table ({$object_type}_id,section_value,value,order_value,name,hidden) VALUES(" . (int) $insert_id . "," . $this->db->Quote( $section_value ) . "," . $this->db->Quote( $value ) . "," . $this->db->Quote( $order ) . "," . $this->db->Quote( $name ) . "," . (int) $hidden . ")" ); if (!$this->db->query()) { $this->debug_db('add_object'); return false; } $insert_id = $this->db->insertid(); $this->debug_text("add_object(): Added object as ID: $insert_id"); return $insert_id; } /*======================================================================*\ Function: edit_object() Purpose: Edits a given Object \*======================================================================*/ function edit_object($object_id, $section_value, $name, $value=0, $order=0, $hidden=0, $object_type=NULL) { switch(strtolower(trim($object_type))) { case 'aco': $object_type = 'aco'; $table = $this->_db_table_prefix .'aco'; $object_map_table = 'aco_map'; break; case 'aro': $object_type = 'aro'; $table = $this->_db_table_prefix .'aro'; $object_map_table = 'aro_map'; break; case 'axo': $object_type = 'axo'; $table = $this->_db_table_prefix .'axo'; $object_map_table = 'axo_map'; break; } $this->debug_text("edit_object(): ID: $object_id, Section Value: $section_value, Value: $value, Order: $order, Name: $name, Object Type: $object_type"); $section_value = trim($section_value); $name = trim($name); $value = trim($value); $order = trim($order); if (empty($object_id) OR empty($section_value) ) { $this->debug_text("edit_object(): Object ID ($object_id) OR Section Value ($section_value) is empty, this is required"); return false; } if (empty($name) ) { $this->debug_text("edit_object(): name ($name) is empty, this is required"); return false; } if (empty($object_type) ) { $this->debug_text("edit_object(): Object Type ($object_type) is empty, this is required"); return false; } //Get old value incase it changed, before we do the update. $this->db->setQuery( 'SELECT value, section_value FROM '. $table .' WHERE '. $object_type .'_id='. (int) $object_id ); $old = $this->db->loadRow(); $this->db->setQuery( ' UPDATE '. $table .' SET section_value=\''. $this->db->getEscaped($section_value) .'\', value=\''. $this->db->getEscaped($value) .'\', order_value=\''. $this->db->getEscaped($order) .'\', name=\''. $this->db->getEscaped($name) .'\', hidden='. (int) $hidden .' WHERE '. $object_type .'_id='. (int) $object_id ); $this->db->query(); if (!$this->db->getErrorNum()) { $this->debug_db('edit_object'); return false; } $this->debug_text('edit_object(): Modified '. strtoupper($object_type) .' ID: '. $object_id); if ($old[0] != $value OR $old[1] != $section_value) { $this->debug_text("edit_object(): Value OR Section Value Changed, update other tables."); $this->db->setQuery( ' UPDATE '. $object_map_table .' SET value=\''. $this->db->getEscaped($value) .'\', section_value=\''. $this->db->getEscaped($section_value) .'\' WHERE section_value=\''. $this->db->getEscaped($old[1]) .'\' AND value=\''. $this->db->getEscaped($old[0]) . '\'' ); $this->db->query(); if (!$this->db->getErrorNum()) { $this->debug_db('edit_object'); return FALSE; } $this->debug_text ('edit_object(): Modified Map Value: '. $value .' Section Value: '. $section_value); } return TRUE; } /*======================================================================*\ Function: del_object() Purpose: Deletes a given Object and, if instructed to do so, erase all referencing objects ERASE feature by: Martino Piccinato \*======================================================================*/ function del_object($object_id, $object_type=NULL, $erase=FALSE) { switch(strtolower(trim($object_type))) { case 'aco': $object_type = 'aco'; $table = $this->_db_table_prefix .'aco'; $object_map_table = $this->_db_table_prefix .'aco_map'; break; case 'aro': $object_type = 'aro'; $table = $this->_db_table_prefix .'aro'; $object_map_table = $this->_db_table_prefix .'aro_map'; $groups_map_table = $this->_db_table_prefix .'aro_groups_map'; $object_group_table = $this->_db_table_prefix .'groups_aro_map'; break; case 'axo': $object_type = 'axo'; $table = $this->_db_table_prefix .'axo'; $object_map_table = $this->_db_table_prefix .'axo_map'; $groups_map_table = $this->_db_table_prefix .'axo_groups_map'; $object_group_table = $this->_db_table_prefix .'groups_axo_map'; break; default: $this->debug_text('del_object(): Invalid Object Type: '. $object_type); return FALSE; } $this->debug_text("del_object(): ID: $object_id Object Type: $object_type, Erase all referencing objects: $erase"); if (empty($object_id) ) { $this->debug_text("del_object(): Object ID ($object_id) is empty, this is required"); return false; } if (empty($object_type) ) { $this->debug_text("del_object(): Object Type ($object_type) is empty, this is required"); return false; } // $this->db->BeginTrans(); // Get Object section_value/value (needed to look for referencing objects) $this->db->setQuery( 'SELECT section_value,value FROM '. $table .' WHERE '. $object_type .'_id='. (int) $object_id ); $object = $this->db->loadRow(); if (empty($object)) { $this->debug_text('del_object(): The specified object ('. strtoupper($object_type) .' ID: '. $object_id .') could not be found.
SQL = '.$this->db->stderr()); return FALSE; } $section_value = $object[0]; $value = $object[1]; // Get ids of acl referencing the Object (if any) $this->db->setQuery( "SELECT acl_id FROM $object_map_table WHERE value=" . $this->db->Quote( $value ) . " AND section_value=" . $this->db->Quote( $section_value ) ); $acl_ids = $this->db->loadResultArray(); if ($erase) { // We were asked to erase all acl referencing it $this->debug_text("del_object(): Erase was set to TRUE, delete all referencing objects"); if ($object_type == "aro" OR $object_type == "axo") { // The object can be referenced in groups_X_map tables // in the future this branching may become useless because // ACO might me "groupable" too // Get rid of groups_map referencing the Object $this->db->setQuery( 'DELETE FROM '. $object_group_table .' WHERE '. $object_type .'_id='. (int) $object_id ); $rs = $this->db->query(); if (!$rs) { $this->debug_db('edit_object'); // $this->db->RollBackTrans(); return false; } } if ($acl_ids) { //There are acls actually referencing the object if ($object_type == 'aco') { // I know it's extremely dangerous but // if asked to really erase an ACO // we should delete all acl referencing it // (and relative maps) // Do this below this branching // where it uses $orphan_acl_ids as // the array of the "orphaned" acl // in this case all referenced acl are // orhpaned acl $orphan_acl_ids = $acl_ids; } else { // The object is not an ACO and might be referenced // in still valid acls regarding also other object. // In these cases the acl MUST NOT be deleted // Get rid of $object_id map referencing erased objects $this->db->setQuery( "DELETE FROM $object_map_table WHERE section_value=" . $this->db->Quote( $section_value ) . " AND value=" . $this->db->Quote( $value ) ); $rs = $this->db->query(); if (!$rs) { $this->debug_db('edit_object'); $this->db->RollBackTrans(); return false; } // Find the "orphaned" acl. I mean acl referencing the erased Object (map) // not referenced anymore by other objects mosArrayToInts( $acl_ids ); $sql_acl_ids = implode(",", $acl_ids); $this->db->setQuery( ' SELECT a.id FROM '. $this->_db_table_prefix .'acl a LEFT JOIN '. $object_map_table .' b ON a.id=b.acl_id './* LEFT JOIN '. $groups_map_table .' c ON a.id=c.acl_id*/' WHERE value IS NULL AND section_value IS NULL AND group_id IS NULL AND a.id in ('. $sql_acl_ids .')'); $orphan_acl_ids = $this->db->loadResultArray(); } // End of else section of "if ($object_type == "aco")" if ($orphan_acl_ids) { // If there are orphaned acls get rid of them foreach ($orphan_acl_ids as $acl) { $this->del_acl($acl); } } } // End of if ($acl_ids) // Finally delete the Object itself $this->db->setQuery( "DELETE FROM $table WHERE {$object_type}_id=" . (int) $object_id ); $rs = $this->db->query(); if (!$rs) { $this->debug_db('edit_object'); // $this->db->RollBackTrans(); return false; } // $this->db->CommitTrans(); return true; } // End of "if ($erase)" $groups_ids = FALSE; if ($object_type == 'axo' OR $object_type == 'aro') { // If the object is "groupable" (may become unnecessary, // see above // Get id of groups where the object is assigned: // you must explicitly remove the object from its groups before // deleting it (don't know if this is really needed, anyway it's safer ;-) $this->db->setQuery( 'SELECT group_id FROM '. $object_group_table .' WHERE '. $object_type .'_id='. (int) $object_id ); $groups_ids = $this->db->loadResultArray(); } if ( ( isset($acl_ids) AND $acl_ids !== FALSE ) OR ( isset($groups_ids) AND $groups_ids !== FALSE) ) { // The Object is referenced somewhere (group or acl), can't delete it $this->debug_text("del_object(): Can't delete the object as it is being referenced by GROUPs (".@implode($group_ids).") or ACLs (".@implode($acl_ids,",").")"); return false; } else { // The Object is NOT referenced anywhere, delete it $this->db->setQuery( "DELETE FROM $table WHERE {$object_type}_id=" . (int) $object_id ); $this->db->query(); if ( $this->db->getErrorNum() ) { $this->debug_db('edit_object'); // $this->db->RollBackTrans(); return false; } // $this->db->CommitTrans(); return true; } return false; } /* * * Object Sections * */ /*======================================================================*\ Function: get_object_section_section_id() Purpose: Gets the object_section_id given the name AND/OR value of the section. Will only return one section id, so if there are duplicate names it will return false. \*======================================================================*/ /*======================================================================*\ Function: add_object_section() Purpose: Inserts an object Section \*======================================================================*/ /*======================================================================*\ Function: edit_object_section() Purpose: Edits a given Object Section \*======================================================================*/ /*======================================================================*\ Function: del_object_section() Purpose: Deletes a given Object Section and, if explicitly asked, all the section objects ERASE feature by: Martino Piccinato \*======================================================================*/ /* * * Joomla! Utility Methods * */ /*======================================================================*\ Function: has_group_parent Purpose: Checks whether the 'source' group is a child of the 'target' \*======================================================================*/ function is_group_child_of( $grp_src, $grp_tgt, $group_type='ARO' ) { $this->debug_text("has_group_parent(): Source=$grp_src, Target=$grp_tgt, Type=$group_type"); switch(strtolower(trim($group_type))) { case 'axo': $table = $this->_db_table_prefix .'axo_groups'; break; default: $table = $this->_db_table_prefix .'aro_groups'; break; } if (is_int( $grp_src ) && is_int($grp_tgt)) { $this->db->setQuery( "SELECT COUNT(*)" . "\nFROM $table AS g1" . "\nLEFT JOIN $table AS g2 ON g1.lft > g2.lft AND g1.lft < g2.rgt" . "\nWHERE g1.group_id=" . (int) $grp_src . " AND g2.group_id=" . (int) $grp_tgt ); } else if (is_string( $grp_src ) && is_string($grp_tgt)) { $this->db->setQuery( "SELECT COUNT(*)" . "\nFROM $table AS g1" . "\nLEFT JOIN $table AS g2 ON g1.lft > g2.lft AND g1.lft < g2.rgt" . "\nWHERE g1.name=" . $this->db->Quote( $grp_src ) . " AND g2.name=" . $this->db->Quote( $grp_tgt ) ); } else if (is_int( $grp_src ) && is_string($grp_tgt)) { $this->db->setQuery( "SELECT COUNT(*)" . "\nFROM $table AS g1" . "\nLEFT JOIN $table AS g2 ON g1.lft > g2.lft AND g1.lft < g2.rgt" . "\nWHERE g1.group_id=" . (int) $grp_src . " AND g2.name=" . $this->db->Quote( $grp_tgt ) ); } else { $this->db->setQuery( "SELECT COUNT(*)" . "\nFROM $table AS g1" . "\nLEFT JOIN $table AS g2 ON g1.lft > g2.lft AND g1.lft < g2.rgt" . "\nWHERE g1.name=" . $this->db->Quote( $grp_src ) . " AND g2.group_id=" . (int) $grp_tgt ); } return $this->db->loadResult(); } function getAroGroup( $value ) { return $this->_getGroup( 'aro', $value ); } function _getGroup( $type, $value ) { global $database; $database->setQuery( "SELECT g.*" . "\nFROM #__core_acl_{$type}_groups AS g" . "\nINNER JOIN #__core_acl_groups_{$type}_map AS gm ON gm.group_id = g.group_id" . "\nINNER JOIN #__core_acl_{$type} AS ao ON ao.{$type}_id = gm.{$type}_id" . "\nWHERE ao.value=" . $this->db->Quote( $value ) ); $obj = null; $database->loadObject( $obj ); return $obj; } function _getAbove() { } function _getBelow( $table, $fields, $groupby=null, $root_id=null, $root_name=null, $inclusive=true ) { global $database; $root = new stdClass(); $root->lft = 0; $root->rgt = 0; if ($root_id) { } else if ($root_name) { $database->setQuery( "SELECT lft, rgt FROM $table WHERE name=" . $this->db->Quote( $root_name ) ); $database->loadObject( $root ); } $where = ''; if ($root->lft+$root->rgt != 0) { if ($inclusive) { $where = "WHERE g1.lft BETWEEN " . (int) $root->lft . " AND " . (int) $root->rgt; } else { $where = "WHERE g1.lft BETWEEN " . (int) ($root->lft+1) . " AND " . (int) ($root->rgt-1); } } $database->setQuery( "SELECT $fields" . "\nFROM $table AS g1" . "\nINNER JOIN $table AS g2 ON g1.lft BETWEEN g2.lft AND g2.rgt" . "\n$where" . ($groupby ? "\nGROUP BY $groupby" : "") . "\nORDER BY g1.lft" ); //echo $database->getQuery(); return $database->loadObjectList(); } function get_group_children_tree( $root_id=null, $root_name=null, $inclusive=true ) { global $database; $tree = gacl_api::_getBelow( '#__core_acl_aro_groups', 'g1.group_id, g1.name, COUNT(g2.name) AS level', 'g1.name', $root_id, $root_name, $inclusive ); // first pass get level limits $n = count( $tree ); $min = $tree[0]->level; $max = $tree[0]->level; for ($i=0; $i < $n; $i++) { $min = min( $min, $tree[$i]->level ); $max = max( $max, $tree[$i]->level ); } $indents = array(); foreach (range( $min, $max ) as $i) { $indents[$i] = '      '; } // correction for first indent $indents[$min] = ''; $list = array(); for ($i=$n-1; $i >= 0; $i--) { $shim = ''; foreach (range( $min, $tree[$i]->level ) as $j) { $shim .= $indents[$j]; } if (@$indents[$tree[$i]->level+1] == '. ') { $twist = ' '; } else { $twist = "- "; } //$list[$i] = $tree[$i]->level.$shim.$twist.$tree[$i]->name; $list[$i] = mosHTML::makeOption( $tree[$i]->group_id, $shim.$twist.$tree[$i]->name ); if ($tree[$i]->level < @$tree[$i-1]->level) { $indents[$tree[$i]->level+1] = '. '; } } ksort($list); return $list; } } class mosARO extends mosDBTable { /** @var int Primary key */ var $aro_id=null; var $section_value=null; var $value=null; var $order_value=null; var $name=null; var $hidden=null; function mosARO( &$db ) { $this->mosDBTable( '#__core_acl_aro', 'aro_id', $db ); } /** * Utility function for returning groups */ } class mosAroGroup extends mosDBTable { /** @var int Primary key */ var $group_id=null; var $parent_id=null; var $name=null; var $lft=null; var $rgt=null; function mosAroGroup( &$db ) { $this->mosDBTable( '#__core_acl_aro_groups', 'group_id', $db ); } } ?>
Fatal error: Class 'gacl_api' not found in /homepages/22/d219698796/htdocs/includes/joomla.php on line 89