[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] CVS: infolog/inc class.bolink.inc.php,1.14,1.15 class
From: |
Ralf Becker <address@hidden> |
Subject: |
[Phpgroupware-cvs] CVS: infolog/inc class.bolink.inc.php,1.14,1.15 class.soinfolog.inc.php,1.17,1.18 class.solink.inc.php,1.11,1.12 |
Date: |
Sat, 14 Jun 2003 09:51:55 -0400 |
Update of /cvsroot/phpgroupware/infolog/inc
In directory subversions:/tmp/cvs-serv12901
Modified Files:
class.bolink.inc.php class.soinfolog.inc.php
class.solink.inc.php
Log Message:
1) so-layers now run every parameter through either addslashes of intval, to
prevent query-insertion and for pgSql 7.3 compatibility
2) corrected the escapeing of " and '
3) added some inline-docs
Index: class.bolink.inc.php
===================================================================
RCS file: /cvsroot/phpgroupware/infolog/inc/class.bolink.inc.php,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -r1.14 -r1.15
*** class.bolink.inc.php 28 Apr 2003 07:15:04 -0000 1.14
--- class.bolink.inc.php 14 Jun 2003 13:51:53 -0000 1.15
***************
*** 20,28 ****
@class bolink
@author ralfbecker
@abstract generalized linking between entries of phpGroupware apps - BO
layer
! @discussion This class is the BO-layer of the links
! @discussion Links have two ends each pointing to an entry, each entry
is a double:
! @discussion app app-name or directory-name of an phpgw application,
eg. 'infolog'
! @discussion id this is the id, eg. an integer or a tupple like
'0:INBOX:1234'
*/
class bolink extends solink
--- 20,35 ----
@class bolink
@author ralfbecker
+ @copyright GPL - GNU General Public License
@abstract generalized linking between entries of phpGroupware apps - BO
layer
! @discussion This class is the BO-layer of the links<br>
! Links have two ends each pointing to an entry, each entry is a
double:<br>
! app app-name or directory-name of an phpgw application, eg.
'infolog'<br>
! id this is the id, eg. an integer or a tupple like
'0:INBOX:1234'<br>
! The BO-layer implementes 2 extra features on top of the
so-layer:<br>
! 1) It handles links to not already existing entries. This is
used by the eTemplate link-widget, which allows to
! setup links even for new / not already existing
entries, before they get saved.
! In that case you have to set the first id to 0 for the
link-function and pass the array returned in that id
! (not the return-value) after saveing your new entry
again to the link function.<br>
! 2) Attaching files: they are saved in the vfs and not the
link-table (!).
*/
class bolink extends solink
***************
*** 55,65 ****
),
'view_id' => 'cal_id'
! ), /*
! 'email' => array(
! 'view' => array(
! 'menuaction' =>
'email.uimessage.message'
! ),
! 'view_id' => 'msgball[acctnum:folder:msgnum]'
// id is a tupple/array, fields separated by ':'
! ), */
'infolog' => array(
'query' => 'infolog.boinfolog.link_query',
--- 62,66 ----
),
'view_id' => 'cal_id'
! ),
'infolog' => array(
'query' => 'infolog.boinfolog.link_query',
***************
*** 71,81 ****
'view_id' => 'action_id',
),
);
var $vfs;
! var $vfs_basedir='/infolog';
! var $vfs_appname='file'; // pseudo-appname for own
file-attachments in vfs, this is NOT the vfs-app
var $valid_pathes = array();
var $send_file_ips = array();
function bolink( )
{
--- 72,96 ----
'view_id' => 'action_id',
),
+ /*
+ 'email' => array(
+ 'view' => array(
+ 'menuaction' =>
'email.uimessage.message'
+ ),
+ 'view_id' => 'msgball[acctnum:folder:msgnum]'
// id is a tupple/array, fields separated by ':'
+ ),
+ */
);
var $vfs;
! var $vfs_basedir='/infolog'; // might changes to links if
class gets imported in the api
! var $vfs_appname='file'; // pseudo-appname for
own file-attachments in vfs, this is NOT the vfs-app
var $valid_pathes = array();
var $send_file_ips = array();
+ /*!
+ @function bolink
+ @syntax bolink( )
+ @author ralfbecker
+ @abstract constructor
+ */
function bolink( )
{
***************
*** 116,139 ****
/*!
@function link
! @syntax link( $app1,$id1,$app2,$id2='',$remark='',$user=0 )
@author ralfbecker
@abstract creats a link between $app1,$id1 and $app2,$id2 -
$id1 does NOT need to exist yet
@param $app1 app of $id1
@param $id1 id of item to linkto or 0 if item not yet created
or array with links
! of not created item or $file-array if $app1 ==
$this->vfs_appname (see below)
@param $app2 app of 2.linkend or array with links ($id2 not
used)
! @param $id2 id of 2. item of $file-array if $app2 ==
$this->vfs_appname (see below)
! @param $file array with informations about the file in format
of the etemplate file-type
! @param $file['name'] name of the file (no directory)
! @param $file['type'] mine-type of the file
! @param $file['tmp_name'] name of the uploaded file (incl.
directory)
! @param $file['path'] path of the file on the client computer
! @param $file['ip'] of the client
! @discussion path and ip are only needed if u want a symlink (if
possible)
@param $remark Remark to be saved with the link (defaults to '')
@param $owner Owner of the link (defaults to user)
! @discussion Does NOT check if link already exists
! @result False (for db or param-error) or link_id on success
! @result if $id1==0 or already an array: $id1 is array with links
*/
function link(
$app1,&$id1,$app2,$id2='',$remark='',$owner=0,$lastmod=0 )
--- 131,154 ----
/*!
@function link
! @syntax link( $app1,&$id1,$app2,$id2='',$remark='',$user=0 )
@author ralfbecker
@abstract creats a link between $app1,$id1 and $app2,$id2 -
$id1 does NOT need to exist yet
@param $app1 app of $id1
@param $id1 id of item to linkto or 0 if item not yet created
or array with links
! of not created item or $file-array if $app1 ==
$this->vfs_appname (see below).
! If $id==0 it will be set on return to an array with the
links for the new item.
@param $app2 app of 2.linkend or array with links ($id2 not
used)
! @param $id2 id of 2. item of $file-array if $app2 ==
$this->vfs_appname (see below)<br>
! $file array with informations about the file in format
of the etemplate file-type<br>
! $file['name'] name of the file (no directory)<br>
! $file['type'] mine-type of the file<br>
! $file['tmp_name'] name of the uploaded file (incl.
directory)<br>
! $file['path'] path of the file on the client
computer<br>
! $file['ip'] of the client (path and ip in $file are
only needed if u want a symlink (if possible))
@param $remark Remark to be saved with the link (defaults to '')
@param $owner Owner of the link (defaults to user)
! @discussion Does NOT check if link already exists.<br>
! File-attachments return a negative link-id !!!
! @result False (for db or param-error) or on success link_id
(Please not the return-value of $id1)
*/
function link(
$app1,&$id1,$app2,$id2='',$remark='',$owner=0,$lastmod=0 )
***************
*** 257,261 ****
@param $id,$app2,$id2 other param of the link if not link_id
given
@result array with link-data or False
! @disscussion If $id is an array (links not yet created) only
link_ids are allowed.
*/
function get_link($app_link_id,$id='',$app2='',$id2='')
--- 272,276 ----
@param $id,$app2,$id2 other param of the link if not link_id
given
@result array with link-data or False
! @discussion If $id is an array (links not yet created) only
link_ids are allowed.
*/
function get_link($app_link_id,$id='',$app2='',$id2='')
***************
*** 292,296 ****
@param $app,$id,$owner,$app2,$id2 if $link_id <= 0: removes all
links matching the non-empty params
@discussion Note: if $link_id != '' and $id is an array: unlink
removes links from that array only
! @discussion unlink has to be called with &$id so see the
result !!!
@result the number of links deleted
*/
--- 307,311 ----
@param $app,$id,$owner,$app2,$id2 if $link_id <= 0: removes all
links matching the non-empty params
@discussion Note: if $link_id != '' and $id is an array: unlink
removes links from that array only
! unlink has to be called with &$id so see the result !!!
@result the number of links deleted
*/
***************
*** 326,330 ****
@syntax app_list( )
@author ralfbecker
! @abstrac get list/array of link-aware apps the user has rights
to use
@result array( $app => lang($app), ... )
*/
--- 341,345 ----
@syntax app_list( )
@author ralfbecker
! @abstract get list/array of link-aware apps the user has rights
to use
@result array( $app => lang($app), ... )
*/
***************
*** 504,518 ****
/*!
! @function vfs_path
! @syntax vfs_path ( $app,$id,$file='' )
@abstract Put a file to the corrosponding place in the VFS and
set the attributes
@param $app/$id entry which should the file should be linked
with
@param $file array with informations about the file in format
of the etemplate file-type
! @param $file['name'] name of the file (no directory)
! @param $file['type'] mine-type of the file
! @param $file['tmp_name'] name of the uploaded file (incl.
directory)
! @param $file['path'] path of the file on the client computer
! @param $file['ip'] of the client
! @discussion path and ip are only needed if u want a symlink (if
possible)
*/
function attach_file($app,$id,$file,$comment='')
--- 519,533 ----
/*!
! @function attach_file
! @syntax attach_file ( $app,$id,$file,$comment='' )
@abstract Put a file to the corrosponding place in the VFS and
set the attributes
@param $app/$id entry which should the file should be linked
with
@param $file array with informations about the file in format
of the etemplate file-type
! $file['name'] name of the file (no directory)
! $file['type'] mine-type of the file
! $file['tmp_name'] name of the uploaded file (incl.
directory)
! $file['path'] path of the file on the client computer
! $file['ip'] of the client (path and ip are only needed
if u want a symlink (if possible))
! @param $comment
*/
function attach_file($app,$id,$file,$comment='')
Index: class.soinfolog.inc.php
===================================================================
RCS file: /cvsroot/phpgroupware/infolog/inc/class.soinfolog.inc.php,v
retrieving revision 1.17
retrieving revision 1.18
diff -C2 -r1.17 -r1.18
*** class.soinfolog.inc.php 20 Nov 2002 19:57:52 -0000 1.17
--- class.soinfolog.inc.php 14 Jun 2003 13:51:53 -0000 1.18
***************
*** 14,17 ****
--- 14,25 ----
/* $Id$ */
+ /*!
+ @class soinfolog
+ @abstract storage object / db-layer for InfoLog
+ @author Ralf Becker
+ @copyright GPL - GNU General Public License
+ @note all values passed to this class are run either through intval or
addslashes to prevent query-inserting
+ and for pgSql 7.3 compatibility
+ */
class soinfolog // DB-Layer
{
***************
*** 21,27 ****
var $filters = array( );
var $user;
! var $maybe_slashes = array (
!
'info_des'=>1,'info_subject'=>1,'info_from'=>1,'info_addr'=>1
! );
function soinfolog( $info_id = 0)
{
--- 29,37 ----
var $filters = array( );
var $user;
!
! /*!
! @function soinfolog
! @abstract constructor
! */
function soinfolog( $info_id = 0)
{
***************
*** 34,39 ****
$this->read( $info_id );
}
-
function check_access( $info_id,$required_rights )
{
--- 44,56 ----
$this->read( $info_id );
}
+ /*!
+ @function check_access
+ @abstract checks if user has the $required_rights to access
$info_id (private access is handled too)
+ @syntax check_access( $info_id,$required_rights )
+ @param $info_id Id of InfoLog entry
+ @param $required_rights PHPGW_ACL_xyz anded together
+ @returns True if access is granted else False
+ */
function check_access( $info_id,$required_rights )
{
***************
*** 66,73 ****
}
! // sql to be AND into a query to ensure ACL is respected (incl.
_PRIVATE)
! // filter: none|all - list all entrys user have rights to see
! // private|own - list only his personal entrys
! // (incl.
those he is responsible for !!!)
function aclFilter($filter = 'none')
{
--- 83,93 ----
}
! /*!
! @function aclFilter
! @abstract generate sql to be AND'ed into a query to ensure ACL
is respected (incl. _PRIVATE)
! @param $filter: none|all - list all entrys user have rights to
see<br>
! private|own - list only his personal entrys (incl.
those he is responsible for !!!)
! @returns the necesary sql
! */
function aclFilter($filter = 'none')
{
***************
*** 95,100 ****
if (count($private_user_list))
{
! $has_private_access = 'info_owner IN ('.
!
implode(',',$private_user_list).')';
}
}
--- 115,119 ----
if (count($private_user_list))
{
! $has_private_access = 'info_owner IN
('.implode(',',$private_user_list).')';
}
}
***************
*** 123,126 ****
--- 142,152 ----
}
+ /*!
+ @function statusFilter
+ @abstract generate sql to filter based on the status of the
log-entry
+ @syntax statusFilter($filter = '')
+ @param $filter done = done or billed, open = not ()done or
billed), offer = offer
+ @returns the necesary sql
+ */
function statusFilter($filter = '')
{
***************
*** 137,140 ****
--- 163,175 ----
}
+ /*!
+ @function dateFilter
+ @abstract generate sql to filter based on the start- and
enddate of the log-entry
+ @syntax dateFilter($filter = '')
+ @param $filter upcoming = startdate is in the future<br>
+ today startdate < tomorrow<br>
+ overdue enddate < tomorrow
+ @returns the necesary sql
+ */
function dateFilter($filter = '')
{
***************
*** 147,189 ****
switch ($filter)
{
! case 'upcoming': return " AND
info_startdate >= '$tomorrow'";
! case 'today': return " AND
info_startdate < '$tomorrow'";
! case 'overdue': return " AND (info_enddate != 0
AND info_enddate < '$tomorrow')";
}
return '';
}
function init()
{
! $this->data = array( 'info_owner' => $this->user,
!
'info_pri' => 'normal' );
}
function db2data(&$data)
{
$data = $this->db->Record;
- reset($this->maybe_slashes);
- while (list($key) = each($this->maybe_slashes))
- {
- $data[$key] = stripslashes($data[$key]);
- }
- /*
- $links =
$this->links->get_links('infolog',$this->data['info_id']);
- while (list($nul,$link) = each($links))
- {
- if ($link['app'] == 'addressbook')
- $data['info_addr_id'] = $link['id'];
- if ($link['app'] == 'projects')
- $data['info_proj_id'] = $link['id'];
- if ($link['app'] == 'calendar')
- $data['info_event_id'] = $link['id'];
- }
- */
}
function read($info_id) // did _not_ ensure ACL
{
if ($info_id <= 0 || $info_id != $this->data['info_id']
&&
!
(!$this->db->query("select * FROM phpgw_infolog where info_id='$info_id'") ||
!$this->db->next_record()))
{
$this->init( );
--- 182,235 ----
switch ($filter)
{
! case 'upcoming':
! return " AND info_startdate >=
'$tomorrow'";
! case 'today':
! return " AND info_startdate <
'$tomorrow'";
! case 'overdue':
! return " AND (info_enddate != 0 AND
info_enddate < '$tomorrow')";
}
return '';
}
+ /*!
+ @function init
+ @abstract initialise the internal $this->data to be empty
+ @discussion only non-empty values got initialised
+ */
function init()
{
! $this->data = array(
! 'info_owner' => $this->user,
! 'info_pri' => 'normal'
! );
}
+ /*!
+ @function db2data
+ @abstract copy data after a query into $data
+ @syntax db2data(&$data)
+ @param $data array to copy the data
+ @description doesnt do much anymore
+ */
function db2data(&$data)
{
$data = $this->db->Record;
}
+ /*!
+ @function read
+ @abstract read InfoLog entry $info_id
+ @syntax read( $info_id )
+ @param $info_id id of log-entry
+ @description some cacheing is done to prevent multiple reads of
the same entry
+ @returns the entry as array
+ */
function read($info_id) // did _not_ ensure ACL
{
+ $info_id = intval($info_id);
+
if ($info_id <= 0 || $info_id != $this->data['info_id']
&&
! (!$this->db->query("select * FROM phpgw_infolog
where info_id=$info_id",__LINE__,__FILE__) ||
! !$this->db->next_record()))
{
$this->init( );
***************
*** 197,205 ****
}
function delete($info_id) // did _not_ ensure ACL
{
! $this->db->query("delete FROM phpgw_infolog where
info_id='$info_id' or info_id_parent='"
! . "$info_id' AND ((info_access='public' and
info_owner != '$this->user')"
! . " or (info_owner='$this->user'))"
,__LINE__,__FILE__);
$this->links->unlink(0,'infolog',$info_id);
--- 243,261 ----
}
+ /*!
+ @function delete
+ @abstract delete InfoLog entry $info_id AND the links to it
+ @syntax delete( $info_id )
+ @param $info_id id of log-entry
+ */
function delete($info_id) // did _not_ ensure ACL
{
! if (($info_id = intval($info_id)) <= 0)
! {
! return;
! }
! $this->db->query("delete FROM phpgw_infolog where
info_id=$info_id or info_id_parent=$info_id" .
! "AND ((info_access='public' and info_owner !=
'$this->user') OR (info_owner=$this->user))",
! __LINE__,__FILE__);
$this->links->unlink(0,'infolog',$info_id);
***************
*** 211,225 ****
}
function change_delete_owner($owner,$new_owner=0) //
new_owner=0 means delete
{
! if (!$new_owner)
{
! $sql = "delete FROM phpgw_infolog where
info_owner='$owner'";
! $sql2 = "update phpgw_infolog set
info_responsible='0' where info_responsible='$owner'";
}
else
{
! $sql = "update phpgw_infolog set
info_owner='$new_owner' where info_owner='$owner'";
! $sql2 = "update phpgw_infolog set
info_responsible='$new_owner' where info_responsible='$owner'";
}
$this->db->query($sql,__LINE__,__FILE__);
--- 267,289 ----
}
+ /*!
+ @function change_delete_owner
+ @abstract changes or deletes entries with a spezified owner
(for hook_delete_account)
+ @syntax change_delete_owner( $owner,$new_owner=0 )
+ @param $owner old owner
+ @param $new_owner new owner or 0 if entries should be deleted
+ */
function change_delete_owner($owner,$new_owner=0) //
new_owner=0 means delete
{
! $owner = intval($owner);
! if (!($new_owner = intval($new_owner)))
{
! $sql = "delete FROM phpgw_infolog where
info_owner=$owner";
! $sql2 = "update phpgw_infolog set
info_responsible=0 where info_responsible=$owner";
}
else
{
! $sql = "update phpgw_infolog set
info_owner=$new_owner where info_owner=$owner";
! $sql2 = "update phpgw_infolog set
info_responsible=$new_owner where info_responsible=$owner";
}
$this->db->query($sql,__LINE__,__FILE__);
***************
*** 227,230 ****
--- 291,301 ----
}
+ /*!
+ @function write
+ @abstract writes the given $values to InfoLog, a new entry gets
created if info_id is not set or 0
+ @syntax write( $values )
+ @param $values array with the data of the log-entry
+ @returns nothing direct, but the info_id gets
+ */
function write($values) // did _not_ ensure ACL
{
***************
*** 243,258 ****
$this->data[$key] = $val; // update
internal data
! if ($this->maybe_slashes[$key])
{
! $val = addslashes($val);
}
$cols .= ($cols ? ',' : '').$key;
! $vals .= ($vals ? ',' : '')."'$val'";
! $query .= ($query ? ',' :
'')."$key='$val'";
}
}
! if (($this->data['info_id'] = $values['info_id']) > 0)
{
! $query = "UPDATE phpgw_infolog SET $query where
info_id='".$values['info_id']."'";
$this->db->query($query,__LINE__,__FILE__);
}
--- 314,334 ----
$this->data[$key] = $val; // update
internal data
! switch($val['type']) // protection
against query-insertion
{
! case 'int': case 'auto':
! $val = intval($val);
! break;
! default:
! $val =
"'".$this->db->db_addslashes($val)."'";
! break;
}
$cols .= ($cols ? ',' : '').$key;
! $vals .= ($vals ? ',' : '').$val;
! $query .= ($query ? ',' :
'')."$key=$val";
}
}
! if (($this->data['info_id'] =
intval($values['info_id'])) > 0)
{
! $query = "UPDATE phpgw_infolog SET $query where
info_id='".$this->data['info_id']."'";
$this->db->query($query,__LINE__,__FILE__);
}
***************
*** 265,285 ****
// echo "<p>soinfolog.write values= ";
_debug_array($values);
// echo "<p>soinfolog.write this->data= ";
_debug_array($this->data);
! /*
! if ($this->data['info_addr_id'])
!
$this->links->link('infolog',$this->data['info_id'],'addressbook',$this->data['info_addr_id']);
! if ($this->data['info_proj_id'])
!
$this->links->link('infolog',$this->data['info_id'],'projects',$this->data['info_proj_id']);
! if ($this->data['info_event_id'])
!
$this->links->link('infolog',$this->data['info_id'],'calendar',$this->data['info_event_id']);
*/
}
function anzSubs( $info_id )
{
! if ($info_id <= 0)
{
return 0;
}
! $this->db->query('select count(*) FROM phpgw_infolog
where '.
!
"info_id_parent=$info_id",__LINE__,__FILE__);
$this->db->next_record();
--- 341,362 ----
// echo "<p>soinfolog.write values= ";
_debug_array($values);
// echo "<p>soinfolog.write this->data= ";
_debug_array($this->data);
!
! return $this->data['info_id'];
}
+ /*!
+ @function anzSubs
+ @abstract count the sub-entries of $info_id
+ @syntax anzSubs( $info_id )
+ @param $info_id id of log-entry
+ @returns the number of sub-entries
+ */
function anzSubs( $info_id )
{
! if (($info_id = intval($info_id)) <= 0)
{
return 0;
}
! $this->db->query("select count(*) FROM phpgw_infolog
where info_id_parent=$info_id",__LINE__,__FILE__);
$this->db->next_record();
***************
*** 288,293 ****
}
! function
search($order,$sort,$filter,$cat_id,$query,$action,$action_id,
!
$ordermethod,&$start,&$total)
{
//echo
"<p>soinfolog.search(action='$action/$action_id')</p>\n";
--- 365,382 ----
}
! /*!
! @function search
! @abstract searches InfoLog for a certain pattern in $query
! @syntax search(
$order,$sort,$filter,$cat_id,$query,$action,$action_id,$ordermethod,&$start,&$total
)
! @param $order comma-separated list of columns to order the
result (no 'ORDER BY'), eg. 'info_subject DESC'
! @param $sort comma-separated list of columns to to sort by
(incl. 'SORT BY') or ''
! @param $filter string with combination of acl-, date- and
status-filters, eg. 'own-open-today' or ''
! @param $cat_id category to use or 0
! @param $query pattern to search, search is done in info_from,
info_subject and info_des
! @param $action / $action_id if only entries linked to a
specified app/entry show be used
! @param &$start, &$total nextmatch-parameters will be used and
set if query returns less entries
! @returns array with id's as key of the matching log-entries
! */
! function
search($order,$sort,$filter,$cat_id,$query,$action,$action_id,$ordermethod,&$start,&$total)
{
//echo
"<p>soinfolog.search(action='$action/$action_id')</p>\n";
***************
*** 312,316 ****
if ($order)
{
! $ordermethod = 'ORDER BY ' . $order . ' ' . $sort;
}
else
--- 401,405 ----
if ($order)
{
! $ordermethod = 'ORDER BY ' .
$this->db->db_addslashes($order) . ' ' . $this->db->db_addslashes($sort);
}
else
***************
*** 323,332 ****
// echo "<p>filtermethod='$filtermethod'</p>";
! if ($cat_id)
{
! $filtermethod .= " AND info_cat='$cat_id' ";
}
if ($query) // we search in
_from, _subject and _des for $query
{
$sql_query = "AND (info_from like '%$query%' OR
info_subject ".
"LIKE
'%$query%' OR info_des LIKE '%$query%') ";
--- 412,422 ----
// echo "<p>filtermethod='$filtermethod'</p>";
! if (intval($cat_id))
{
! $filtermethod .= ' AND info_cat='.intval($cat_id).' ';
}
if ($query) // we search in
_from, _subject and _des for $query
{
+ $query = $this->db->db_addslashes($query);
$sql_query = "AND (info_from like '%$query%' OR
info_subject ".
"LIKE
'%$query%' OR info_des LIKE '%$query%') ";
***************
*** 341,345 ****
$ids = array( );
if ($action == '' || $action == 'sp' || count($links))
! {
$this->db->query($sql="SELECT COUNT(*) FROM
phpgw_infolog i WHERE ($filtermethod $pid $sql_query)
$link_extra",__LINE__,__FILE__);
--- 431,435 ----
$ids = array( );
if ($action == '' || $action == 'sp' || count($links))
! {
$this->db->query($sql="SELECT COUNT(*) FROM
phpgw_infolog i WHERE ($filtermethod $pid $sql_query)
$link_extra",__LINE__,__FILE__);
Index: class.solink.inc.php
===================================================================
RCS file: /cvsroot/phpgroupware/infolog/inc/class.solink.inc.php,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -r1.11 -r1.12
*** class.solink.inc.php 22 Feb 2003 12:04:12 -0000 1.11
--- class.solink.inc.php 14 Jun 2003 13:51:53 -0000 1.12
***************
*** 17,25 ****
@class solink
@author ralfbecker
@abstract generalized linking between entries of phpGroupware apps - DB
layer
! @discussion This class is to access the links in the DB
! @discussion Links have to ends each pointing two an entry, each entry
is a double:
! @discussion app app-name or directory-name of an phpgw application,
eg. 'infolog'
! @discussion id this is the id, eg. an integer or a tupple like
'0:INBOX:1234'
*/
class solink // DB-Layer
--- 17,28 ----
@class solink
@author ralfbecker
+ @copyright GPL - GNU General Public License
@abstract generalized linking between entries of phpGroupware apps - DB
layer
! @discussion This class is to access the links in the DB<br>
! Links have to ends each pointing two an entry, each entry is a
double:<br>
! app app-name or directory-name of an phpgw application, eg.
'infolog'<br>
! id this is the id, eg. an integer or a tupple like
'0:INBOX:1234'
! @note All vars passed to this class are run either through addslashes
or intval
! to prevent query insertion and to get pgSql 7.3 compatibility.
*/
class solink // DB-Layer
***************
*** 71,75 ****
return False; // dont link to self or other
nosense
}
! if ($this->get_link($app1,$id1,$app2,$id2))
{
return $link['link_id']; // link alread
exist
--- 74,78 ----
return False; // dont link to self or other
nosense
}
! if ($link = $this->get_link($app1,$id1,$app2,$id2))
{
return $link['link_id']; // link alread
exist
***************
*** 79,83 ****
$owner = $this->user;
}
! $remark = $this->db->db_addslashes($remark);
if (!$lastmod)
{
--- 82,90 ----
$owner = $this->user;
}
! $vars2addslashes =
array('app1','id1','app2','id2','remark');
! foreach ($vars2addslashes as $var)
! {
! $$var = $this->db->db_addslashes($$var);
! }
if (!$lastmod)
{
***************
*** 85,89 ****
}
$sql = "INSERT INTO $this->db_name
(link_app1,link_id1,link_app2,link_id2,link_remark,link_lastmod,link_owner) ".
! " VALUES
('$app1','$id1','$app2','$id2','$remark',$lastmod,$owner)";
if ($this->debug)
--- 92,96 ----
}
$sql = "INSERT INTO $this->db_name
(link_app1,link_id1,link_app2,link_id2,link_remark,link_lastmod,link_owner) ".
! " VALUES
('$app1','$id1','$app2','$id2','$remark',".intval($lastmod).','.intval($owner).')';
if ($this->debug)
***************
*** 109,112 ****
--- 116,124 ----
$links = array();
+ $vars2addslashes = array('app','id','only_app','order');
+ foreach ($vars2addslashes as $var)
+ {
+ $$var = $this->db->db_addslashes($$var);
+ }
$sql = "SELECT * FROM $this->db_name".
" WHERE (link_app1 = '$app' AND
link_id1 = '$id')".
***************
*** 132,136 ****
$link = array(
'app' => $row['link_app2'],
! 'id' =>
stripslashes($row['link_id2'])
);
}
--- 144,148 ----
$link = array(
'app' => $row['link_app2'],
! 'id' => $row['link_id2']
);
}
***************
*** 139,143 ****
$link = array(
'app' => $row['link_app1'],
! 'id' =>
stripslashes($row['link_id1'])
);
}
--- 151,155 ----
$link = array(
'app' => $row['link_app1'],
! 'id' => $row['link_id1']
);
}
***************
*** 147,151 ****
continue;
}
! $link['remark'] =
stripslashes($row['link_remark']);
$link['owner'] = $row['link_owner'];
$link['lastmod'] = $row['link_lastmod'];
--- 159,163 ----
continue;
}
! $link['remark'] = $row['link_remark'];
$link['owner'] = $row['link_owner'];
$link['lastmod'] = $row['link_lastmod'];
***************
*** 175,179 ****
if (intval($app_link_id) > 0)
{
! $sql .= "link_id=$app_link_id";
}
else
--- 187,191 ----
if (intval($app_link_id) > 0)
{
! $sql .= 'link_id='.intval($app_link_id);
}
else
***************
*** 183,186 ****
--- 195,203 ----
return False;
}
+ $vars2addslashes =
array('app_link_id','id','app2','id2');
+ foreach ($vars2addslashes as $var)
+ {
+ $$var = $this->db->db_addslashes($$var);
+ }
$sql .= "(link_app1='$app_link_id' AND
link_id1='$id' AND link_app2='$app2' AND link_id2='$id2') OR".
"(link_app2='$app_link_id' AND
link_id2='$id' AND link_app1='$app2' AND link_id1='$id2')";
***************
*** 200,206 ****
/*!
! @function unlink
! @syntax unlink( $link_id,$app='',$id='',$owner='',$app2='',$id2='' )
! @author ralfbecker
@abstract Remove link with $link_id or all links matching given
params
@param $link_id link-id to remove if > 0
--- 217,223 ----
/*!
! @function unlink
! @syntax unlink(
$link_id,$app='',$id='',$owner='',$app2='',$id2='' )
! @author ralfbecker
@abstract Remove link with $link_id or all links matching given
params
@param $link_id link-id to remove if > 0
***************
*** 211,217 ****
{
$sql = "DELETE FROM $this->db_name WHERE ";
! if ($link_id > 0)
{
! $sql .= "link_id=$link_id";
}
elseif ($app == '' AND $owner == '')
--- 228,234 ----
{
$sql = "DELETE FROM $this->db_name WHERE ";
! if (intval($link_id) > 0)
{
! $sql .= 'link_id='.intval($link_id);
}
elseif ($app == '' AND $owner == '')
***************
*** 221,224 ****
--- 238,246 ----
else
{
+ $vars2addslashes =
array('app','id','app2','id2');
+ foreach ($vars2addslashes as $var)
+ {
+ $$var = $this->db->db_addslashes($$var);
+ }
if ($app != '' && $app2 == '')
{
***************
*** 239,243 ****
if ($owner != '')
{
! $sql .= ($app != '' ? ' AND ' : '') .
"link_owner='$owner'";
}
}
--- 261,265 ----
if ($owner != '')
{
! $sql .= ($app != '' ? ' AND ' : '') .
'link_owner='.intval($owner);
}
}
***************
*** 252,258 ****
/*!
! @function chown
! @syntax chown( $owner,$new_owner )
! @author ralfbecker
@abstract Changes ownership of all links from $owner to
$new_owner
@discussion This is needed when a user/account gets deleted
--- 274,280 ----
/*!
! @function chown
! @syntax chown( $owner,$new_owner )
! @author ralfbecker
@abstract Changes ownership of all links from $owner to
$new_owner
@discussion This is needed when a user/account gets deleted
***************
*** 262,270 ****
function chown($owner,$new_owner)
{
! if ($owner <= 0 || $new_owner <= 0)
{
return 0;
}
! $this->db->query("UPDATE $this->db_name SET
owner=$new_owner WHERE owner=$owner",__LINE__,__FILE__);
return $this->db->affected_rows();
--- 284,292 ----
function chown($owner,$new_owner)
{
! if (intval($owner) <= 0 || intval($new_owner) <= 0)
{
return 0;
}
! $this->db->query("UPDATE $this->db_name SET
owner=".intval($new_owner).' WHERE owner='.intval($owner),__LINE__,__FILE__);
return $this->db->affected_rows();
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] CVS: infolog/inc class.bolink.inc.php,1.14,1.15 class.soinfolog.inc.php,1.17,1.18 class.solink.inc.php,1.11,1.12,
Ralf Becker <address@hidden> <=
- Prev by Date:
[Phpgroupware-cvs] CVS: etemplate/setup setup.inc.php,1.11,1.12
- Next by Date:
[Phpgroupware-cvs] CVS: infolog/setup setup.inc.php,1.24,1.25 tables_update.inc.php,1.5,1.6
- Previous by thread:
[Phpgroupware-cvs] CVS: etemplate/setup setup.inc.php,1.11,1.12
- Next by thread:
[Phpgroupware-cvs] CVS: infolog/setup setup.inc.php,1.24,1.25 tables_update.inc.php,1.5,1.6
- Index(es):