content.php

Go to the documentation of this file.

<?php
include_once("include/classes/renderer.php");

class Content {
    const FTYPE_BOOL  = 1;      
    const FTYPE_INT   = 2;      
    const FTYPE_UINT  = 3;      
    const FTYPE_FLOAT = 4;      
    const FTYPE_DTIME = 5;      
    const FTYPE_STEXT = 6;      
    const FTYPE_LTEXT = 7;      
    const FTYPE_FTEXT = 8;      
    const FTYPE_IMAGE = 9;      
    private $id_area;           
    public $cnt = array();      
    function __construct($id, $istype = FALSE, $pid = 0, $sort = NULL, $page = NULL) {
        global $cfg, $auth, $session;

        $this->id_area = $cfg->getAreaId();

        /* build selection query ($where, $order) */
        if ($istype) {
            $idtype = $id;
            $where = " AND (id_parent = " . $pid . ")";
        } else {
            /* retrieve content type id */
            $res = mysql_query("SELECT id_type FROM content WHERE id = " . $id);
            if (mysql_num_rows($res) > 0) {
                $line = mysql_fetch_assoc($res);
                mysql_free_result($res);
                $idtype = $line['id_type'];
                $where = " AND (id = " . $id . ")";
            } else {
                return;         // no content found
            }
        }
        /* add more filters */
        $where = " WHERE (id_area = " . $this->id_area . ")" . $where;

        /* sort mode */
        if (!is_null($sort)) {
//          $sort = strtoupper($sort);
            switch (substr($sort, 0, 1)) {
                case "A":   // alpha
                    /* search for the first alpha field name in _cntview_N (use $idtype) */
                    $order = "";
                    break;

                case "P":   // position
                    $order = "position";
                    break;

                case "T":   // time
                    $order = "date_created";
                    break;

                default:
            }
            if ($order) {
                $order = " ORDER BY " . $order . " " . (substr($sort, 1, 1) == "A" ? "ASC" : "DESC");
            }
        }
        // limit (pages): see renderer (TODO)

        /* extract content */
        $res = mysql_query("SELECT * FROM _cntview_" . $idtype . $where . $order);
        while ($line = mysql_fetch_assoc($res)) {
            if ($auth->isAdmin() || ($session->getValue("uid") == $line['id_owner']) ||     // admin or owner or...
                ($line['visible'] AND !$line['expired'] /* AND READ_PERMS_ARE_OK */)) {     // ...user can read content
                $this->cnt[count($this->cnt)] = $line;      // append content to array
                }
        }
        mysql_free_result($res);
    }

//  public function getValue($fieldname) {
//      return $this->cnt[$fieldname];
//  }

    private function getNextPos($id_area, $id_type, $id_parent) {
        $sql =  "SELECT MAX(position) AS maxpos FROM content " .
                "WHERE (id_area = " . $id_area . ") " .
                "AND (id_type = " . $id_type . ") " .
                "AND (id_parent = " . $id_parent . ")";
        $res = mysql_query($sql);
        $line = mysql_fetch_assoc($res);
        mysql_free_result($res);
        if (is_null($line['maxpos'])) {
            return 1;   // first content ever defined in this record group
        } else {
            return $line['maxpos'] + 1;
        }
    }

    public static function add() {      // TODO test
        global $cfg, $session;

        $pid = isset($_POST['id_parent']) ? $_POST['id_parent'] : 0;
        $id_area = $cfg->getAreaId();

        $sql =  "INSERT INTO content (id_area, id_parent, id_type, id_owner, visible, position, readperm, writeperm, " .
                "group_readperm, group_writeperm, counter, date_created, date_lastmodified, date_expiration) VALUES (" .
                $id_area . ", " .                                               // id_area
                $pid . ", " .                                                   // id_parent
                $_POST['id_type'] . ", " .                                      // id_type
                $session->getValue("uid") . ", " .                              // id_owner (user must be logged in)    FIXME sessvar ancora da definire!
                ($_POST['visible'] ? "1" : "0") . ", " .                        // visible
                $this->getNextPos($id_area, $_POST['id_type'], $pid) . ", " .   // position
                $_POST['readperm'] . ", " .                                     // readperm
                $_POST['writeperm'] . ", " .                                    // writeperm
                "'" . $_POST['group_readperm'] . "', " .                        // group_readperm
                "'" . $_POST['group_writeperm'] . "', " .                       // group_writeperm
                "0, " .                                                         // counter
                time() . ", 0, " .                                              // date_created, date_lastmodified
                $_POST['date_expiration'] .                                     // date_expiration
                ")";
        if (mysql_query($sql)) {
            return mysql_insert_id();
        } else {
            return FALSE;
        }
    }

    public static function update() {       // TODO test
        if (!isset($_POST['id'])) { return FALSE; }
        
        if (isset($_POST['visible'])) {
            $sql = "visible = '" . ($_POST['visible'] ? "1" : "0") . "'";
        }

        if (isset($_POST['readperm'])) {
            if ($sql) { $sql .= ", "; }
            $sql .= "readperm = " . $_POST['readperm'];
        }

        if (isset($_POST['writeperm'])) {
            if ($sql) { $sql .= ", "; }
            $sql .= "writeperm = " . $_POST['writeperm'];
        }

        if (isset($_POST['group_readperm'])) {
            if ($sql) { $sql .= ", "; }
            $sql .= "group_readperm = '" . $_POST['group_readperm'] . "'";
        }

        if (isset($_POST['group_writeperm'])) {
            if ($sql) { $sql .= ", "; }
            $sql .= "group_writeperm = '" . $_POST['group_writeperm'] . "'";
        }

        if (isset($_POST['date_expiration'])) {
            if ($sql) { $sql .= ", "; }
            $sql .= "date_expiration = " . $_POST['date_expiration'];
        }
        
        if ($sql) {
            $sql = "UPDATE content SET " . $sql . " WHERE id = " . $_POST['id'];
            return mysql_query($sql);
        } else {
            return FALSE;
        }
    }

    public static function delete($id) {
        global $cfg;
        $id_area = $cfg->getAreaId();

        /* recursively delete attached contents */
        $result = TRUE;
        $res = mysql_query( "SELECT id FROM content " .
                            "WHERE (id_area = " . $id_area . ") " .
                            "AND (id_parent = " . $id . ")");

        if ($res === FALSE) { return FALSE; }
        if (mysql_num_rows($res) == 0) { return FALSE; }

        while ($result && $line = mysql_fetch_assoc($res)) {
            $result = Content::delete($line['id']);
        }
        mysql_free_result($res);

        if ($result) {
            /* delete attached file: remove file first! - if we remove content first, we won't be able to find */
            /* the complete path to the file(s) because it depends on id_owner, in table `content` */
            /* FIXME BUG in caso di delete che non va a buon fine (se si usano le transazioni) si perderanno
                irrimediabilmente i file. Pertanto occorre gestire al di fuori la cancellazione dei file (tabella
                temporanea con nome sessid?) */
            include_once("include/classes/files.php");
            Files::delete($id);
    
            /* we need to rebuild position order after removing the record */
            /* get id_type, id_parent and position of the content to delete */
            $res = mysql_query( "SELECT id_type, id_parent, position FROM content " .
                                "WHERE (id = " . $id . ") " .
                                "AND (id_area = " . $id_area . ")");

            if ($res === FALSE) { return FALSE; }
            if (mysql_num_rows($res) == 0) { return FALSE; }

            $line = mysql_fetch_assoc($res);
            mysql_free_result($res);
    
            /* delete record from table `content` and all related tables */
            $result =   mysql_query("DELETE FROM content WHERE (id = " . $id . ") AND (id_area = " . $id_area . ")") &&

                        /* rebuild position order here */
                        mysql_query("UPDATE content SET position = position - 1 " .
                                    "WHERE (id_area = " . $id_area . ") " .
                                    "AND (id_type = " . $line['id_type'] . ") " .
                                    "AND (id_parent = " . $line['id_parent'] . ") " .
                                    "AND (position > " . $line['position'] . ")");
        }

        return $result;
    }

    public function getRenderedContent($id_renderer, $id_container = NULL) {
        if (count($this->cnt) == 0) { return; }

        $r = new Renderer($id_renderer, $id_container);
        for ($i = 0; $i < count($this->cnt); $i++) {
            $r->appendRendered($this->cnt[$i]);
        }
        return $r->getRendered();
    }
}
?>

---