/usr/share/php/LetoDMS/Core/inc.ClassDMS.php is in php-letodms-core 3.3.11-3build1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 | <?php
/**
* Implementation of the document management system
*
* @category DMS
* @package LetoDMS_Core
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2010, Uwe Steinmann
* @version Release: 3.3.11
*/
/**
* Include some files
*/
require_once("inc.DBAccess.php");
require_once("inc.AccessUtils.php");
require_once("inc.FileUtils.php");
require_once("inc.ClassAccess.php");
require_once("inc.ClassFolder.php");
require_once("inc.ClassDocument.php");
require_once("inc.ClassGroup.php");
require_once("inc.ClassUser.php");
require_once("inc.ClassKeywords.php");
require_once("inc.ClassNotification.php");
/**
* Class to represent the complete document management system.
* This class is needed to do most of the dms operations. It needs
* an instance of {@link LetoDMS_Core_DatabaseAccess} to access the
* underlying database. Many methods are factory functions which create
* objects representing the entities in the dms, like folders, documents,
* users, or groups.
*
* Each dms has its own database for meta data and a data store for document
* content. Both must be specified when creating a new instance of this class.
* All folders and documents are organized in a hierachy like
* a regular file system starting with a {@link $rootFolderID}
*
* This class does not enforce any access rights on documents and folders
* by design. It is up to the calling application to use the methods
* {@link LetoDMS_Core_Folder::getAccessMode} and
* {@link LetoDMS_Core_Document::getAccessMode} and interpret them as desired.
* Though, there are two convinient functions to filter a list of
* documents/folders for which users have access rights for. See
* {@link LetoDMS_Core_DMS::filterAccess}
* and {@link LetoDMS_Core_DMS::filterUsersByAccess}
*
* Though, this class has two methods to set the currently logged in user
* ({@link setUser} and {@link login}), none of them need to be called, because
* there is currently no class within the LetoDMS core which needs the logged
* in user.
*
* <code>
* <?php
* include("inc/inc.ClassDMS.php");
* $db = new LetoDMS_Core_DatabaseAccess($type, $hostname, $user, $passwd, $name);
* $db->connect() or die ("Could not connect to db-server");
* $dms = new LetoDMS_Core_DMS($db, $contentDir);
* $dms->setRootFolderID(1);
* ...
* ?>
* </code>
*
* @category DMS
* @package LetoDMS_Core
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2010, Uwe Steinmann
* @version Release: 3.3.11
*/
class LetoDMS_Core_DMS {
/**
* @var object $db reference to database object. This must be an instance
* of {@link LetoDMS_Core_DatabaseAccess}.
* @access protected
*/
protected $db;
/**
* @var object $user reference to currently logged in user. This must be
* an instance of {@link LetoDMS_Core_User}. This variable is currently not
* used. It is set by {@link setUser}.
* @access private
*/
private $user;
/**
* @var string $contentDir location in the file system where all the
* document data is located. This should be an absolute path.
* @access public
*/
public $contentDir;
/**
* @var integer $rootFolderID ID of root folder
* @access public
*/
public $rootFolderID;
/**
* @var boolean $enableConverting set to true if conversion of content
* is desired
* @access public
*/
public $enableConverting;
/**
* @var array $convertFileTypes list of files types that shall be converted
* @access public
*/
public $convertFileTypes;
/**
* @var array $viewOnlineFileTypes list of files types that can be viewed
* online
* @access public
*/
public $viewOnlineFileTypes;
/**
* @var string $version version of pear package
* @access public
*/
public $version;
/**
* Filter objects out which are not accessible in a given mode by a user.
*
* @param array $objArr list of objects (either documents or folders)
* @param object $user user for which access is checked
* @param integer $minMode minimum access mode required
* @return array filtered list of objects
*/
static function filterAccess($objArr, $user, $minMode) { /* {{{ */
if (!is_array($objArr)) {
return array();
}
$newArr = array();
foreach ($objArr as $obj) {
if ($obj->getAccessMode($user) >= $minMode)
array_push($newArr, $obj);
}
return $newArr;
} /* }}} */
/**
* Filter users out which cannot access an object in a given mode.
*
* @param object $obj object that shall be accessed
* @param array $users list of users which are to check for sufficient
* access rights
* @param integer $minMode minimum access right on the object for each user
* @return array filtered list of users
*/
static function filterUsersByAccess($obj, $users, $minMode) { /* {{{ */
$newArr = array();
foreach ($users as $currUser) {
if ($obj->getAccessMode($currUser) >= $minMode)
array_push($newArr, $currUser);
}
return $newArr;
} /* }}} */
/**
* Create a new instance of the dms
*
* @param object $db object to access the underlying database
* @param string $contentDir path in filesystem containing the data store
* all document contents is stored
* @return object instance of LetoDMS_Core_DMS
*/
function __construct($db, $contentDir) { /* {{{ */
$this->db = $db;
if(substr($contentDir, -1) == '/')
$this->contentDir = $contentDir;
else
$this->contentDir = $contentDir.'/';
$this->rootFolderID = 1;
$this->maxDirID = 0; //31998;
$this->enableAdminRevApp = false;
$this->enableConverting = false;
$this->convertFileTypes = array();
$this->version = '3.3.11';
if($this->version[0] == '@')
$this->version = '3.3.11';
} /* }}} */
function getDB() { /* {{{ */
return $this->db;
} /* }}} */
/**
* Return the database version
*
* @return array array with elements major, minor, subminor, date
*/
function getDBVersion() { /* {{{ */
$tbllist = $this->db->TableList();
$tbllist = explode(',',strtolower(join(',',$tbllist)));
if(!array_search('tblversion', $tbllist))
return false;
$queryStr = "SELECT * FROM tblVersion order by major,minor,subminor limit 1";
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false)
return false;
if (count($resArr) != 1)
return false;
$resArr = $resArr[0];
return $resArr;
} /* }}} */
/**
* Check if the version in the database is the same as of this package
* Only the major and minor version number will be checked.
*
* @return boolean returns false if versions do not match, but returns
* true if version matches or table tblVersion does not exists.
*/
function checkVersion() { /* {{{ */
$tbllist = $this->db->TableList();
$tbllist = explode(',',strtolower(join(',',$tbllist)));
if(!array_search('tblversion', $tbllist))
return true;
$queryStr = "SELECT * FROM tblVersion order by major,minor,subminor limit 1";
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false)
return false;
if (count($resArr) != 1)
return false;
$resArr = $resArr[0];
$ver = explode('.', $this->version);
if(($resArr['major'] != $ver[0]) || ($resArr['minor'] != $ver[1]))
return false;
return true;
} /* }}} */
/**
* Set id of root folder
* This function must be called right after creating an instance of
* LetoDMS_Core_DMS
*
* @param interger $id id of root folder
*/
function setRootFolderID($id) { /* {{{ */
$this->rootFolderID = $id;
} /* }}} */
/**
* Set maximum number of subdirectories per directory
*
* The value of maxDirID is quite crucial because, all documents are
* associated with a directory in the filesystem. Consequently, there is
* maximum number of documents, because depending on the file system
* the maximum number of subdirectories is limited. Since version 3.3.0 of
* letodms an additional directory level has been introduced. All documents
* from 1 to maxDirID-1 will be saved in 1/<docid>, documents from maxDirID
* to 2*maxDirID-1 are stored in 2/<docid> and so on.
*
* This function must be called right after creating an instance of
* LetoDMS_Core_DMS
*
* @param interger $id id of root folder
*/
function setMaxDirID($id) { /* {{{ */
$this->maxDirID = $id;
} /* }}} */
/**
* Get root folder
*
* @return object/boolean return the object of the root folder or false if
* the root folder id was not set before with {@link setRootFolderID}.
*/
function getRootFolder() { /* {{{ */
if(!$this->rootFolderID) return false;
return $this->getFolder($this->rootFolderID);
} /* }}} */
function setEnableAdminRevApp($enable) { /* {{{ */
$this->enableAdminRevApp = $enable;
} /* }}} */
function setEnableConverting($enable) { /* {{{ */
$this->enableConverting = $enable;
} /* }}} */
function setConvertFileTypes($types) { /* {{{ */
$this->convertFileTypes = $types;
} /* }}} */
function setViewOnlineFileTypes($types) { /* {{{ */
$this->viewOnlineFileTypes = $types;
} /* }}} */
/**
* Login as a user
*
* Checks if the given credentials are valid and returns a user object.
* It also sets the property $user for later access on the currently
* logged in user
*
* @param string $username login name of user
* @param string $password password of user
*
* @return object instance of class LetoDMS_Core_User or false
*/
function login($username, $password) { /* {{{ */
} /* }}} */
/**
* Set the logged in user
*
* If user authentication was done externally, this function can
* be used to tell the dms who is currently logged in.
*
* @param object $user
*
*/
function setUser($user) { /* {{{ */
$this->user = $user;
} /* }}} */
/**
* Return a document by its id
*
* This function retrieves a document from the database by its id.
*
* @param integer $id internal id of document
* @return object instance of LetoDMS_Core_Document or false
*/
function getDocument($id) { /* {{{ */
if (!is_numeric($id)) return false;
$queryStr = "SELECT * FROM tblDocuments WHERE id = " . (int) $id;
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false)
return false;
if (count($resArr) != 1)
return false;
$resArr = $resArr[0];
// New Locking mechanism uses a separate table to track the lock.
$queryStr = "SELECT * FROM tblDocumentLocks WHERE document = " . (int) $id;
$lockArr = $this->db->getResultArray($queryStr);
if ((is_bool($lockArr) && $lockArr==false) || (count($lockArr)==0)) {
// Could not find a lock on the selected document.
$lock = -1;
}
else {
// A lock has been identified for this document.
$lock = $lockArr[0]["userID"];
}
$document = new LetoDMS_Core_Document($resArr["id"], $resArr["name"], $resArr["comment"], $resArr["date"], $resArr["expires"], $resArr["owner"], $resArr["folder"], $resArr["inheritAccess"], $resArr["defaultAccess"], $lock, $resArr["keywords"], $resArr["sequence"]);
$document->setDMS($this);
return $document;
} /* }}} */
/**
* Returns all documents of a given user
*
* @param object $user
* @return array list of documents
*/
function getDocumentsByUser($user) { /* {{{ */
$queryStr = "SELECT `tblDocuments`.*, `tblDocumentLocks`.`userID` as `lockUser` ".
"FROM `tblDocuments` ".
"LEFT JOIN `tblDocumentLocks` ON `tblDocuments`.`id`=`tblDocumentLocks`.`document` ".
"WHERE `tblDocuments`.`owner` = " . $user->getID() . " ORDER BY `sequence`";
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && !$resArr)
return false;
$documents = array();
foreach ($resArr as $row) {
$document = new LetoDMS_Core_Document($row["id"], $row["name"], $row["comment"], $row["date"], $row["expires"], $row["owner"], $row["folder"], $row["inheritAccess"], $row["defaultAccess"], $row["lockUser"], $row["keywords"], $row["sequence"]);
$document->setDMS($this);
$documents[] = $document;
}
return $documents;
} /* }}} */
/**
* Returns a document by its name
*
* This function searches a document by its name and restricts the search
* to given folder if passed as the second parameter.
*
* @param string $name
* @param object $folder
* @return object/boolean found document or false
*/
function getDocumentByName($name, $folder=null) { /* {{{ */
if (!$name) return false;
$queryStr = "SELECT `tblDocuments`.*, `tblDocumentLocks`.`userID` as `lockUser` ".
"FROM `tblDocuments` ".
"LEFT JOIN `tblDocumentLocks` ON `tblDocuments`.`id`=`tblDocumentLocks`.`document` ".
"WHERE `tblDocuments`.`name` = " . $this->db->qstr($name);
if($folder)
$queryStr .= " AND `tblDocuments`.`folder` = ". $folder->getID();
$queryStr .= " LIMIT 1";
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && !$resArr)
return false;
if(!$resArr)
return false;
$row = $resArr[0];
$document = new LetoDMS_Core_Document($row["id"], $row["name"], $row["comment"], $row["date"], $row["expires"], $row["owner"], $row["folder"], $row["inheritAccess"], $row["defaultAccess"], $row["lockUser"], $row["keywords"], $row["sequence"]);
$document->setDMS($this);
return $document;
} /* }}} */
/*
* Search the database for documents
*
* @param query string seach query with space separated words
* @param limit integer number of items in result set
* @param offset integer index of first item in result set
* @param logicalmode string either AND or OR
* @param searchin array() list of fields to search in
* 1 = keywords, 2=name, 3=comment
* @param startFolder object search in the folder only (null for root folder)
* @param owner object search for documents owned by this user
* @param status array list of status
* @param creationstartdate array search for documents created after this date
* @param creationenddate array search for documents created before this date
* @param categories array list of categories the documents must have assigned
* @param mode int decide whether to search for documents/folders
* 0x1 = documents only
* 0x2 = folders only
* 0x3 = both
* @return array containing the elements total and docs
*/
function search($query, $limit=0, $offset=0, $logicalmode='AND', $searchin=array(), $startFolder=null, $owner=null, $status = array(), $creationstartdate=array(), $creationenddate=array(), $categories=array(), $mode=0x3) { /* {{{ */
// Split the search string into constituent keywords.
$tkeys=array();
if (strlen($query)>0) {
$tkeys = preg_split("/[\t\r\n ,]+/", $query);
}
// if none is checkd search all
if (count($searchin)==0)
$searchin=array( 0, 1, 2, 3);
/*--------- Do it all over again for folders -------------*/
if($mode & 0x2) {
$searchKey = "";
// Assemble the arguments for the concatenation function. This allows the
// search to be carried across all the relevant fields.
$concatFunction = "";
if (in_array(2, $searchin)) {
$concatFunction = (strlen($concatFunction) == 0 ? "" : $concatFunction.", ")."`tblFolders`.`name`";
}
if (in_array(3, $searchin)) {
$concatFunction = (strlen($concatFunction) == 0 ? "" : $concatFunction.", ")."`tblFolders`.`comment`";
}
if (strlen($concatFunction)>0 && count($tkeys)>0) {
$concatFunction = "CONCAT_WS(' ', ".$concatFunction.")";
foreach ($tkeys as $key) {
$key = trim($key);
if (strlen($key)>0) {
$searchKey = (strlen($searchKey)==0 ? "" : $searchKey." ".$logicalmode." ").$concatFunction." LIKE ".$this->db->qstr('%'.$key.'%');
}
}
}
// Check to see if the search has been restricted to a particular sub-tree in
// the folder hierarchy.
$searchFolder = "";
if ($startFolder) {
$searchFolder = "`tblFolders`.`folderList` LIKE '%:".$startFolder->getID().":%'";
}
// Check to see if the search has been restricted to a particular
// document owner.
$searchOwner = "";
if ($owner) {
$searchOwner = "`tblFolders`.`owner` = '".$owner->getId()."'";
}
// Is the search restricted to documents created between two specific dates?
$searchCreateDate = "";
if ($creationstartdate) {
$startdate = makeTimeStamp(0, 0, 0, $creationstartdate['year'], $creationstartdate["month"], $creationstartdate["day"]);
if ($startdate) {
$searchCreateDate .= "`tblFolders`.`date` >= ".$startdate;
}
}
if ($creationenddate) {
$stopdate = makeTimeStamp(23, 59, 59, $creationenddate["year"], $creationenddate["month"], $creationenddate["day"]);
if ($stopdate) {
if($startdate)
$searchCreateDate .= " AND ";
$searchCreateDate .= "`tblFolders`.`date` <= ".$stopdate;
}
}
$searchQuery = "FROM `tblFolders` WHERE 1=1";
if (strlen($searchKey)>0) {
$searchQuery .= " AND (".$searchKey.")";
}
if (strlen($searchFolder)>0) {
$searchQuery .= " AND ".$searchFolder;
}
if (strlen($searchOwner)>0) {
$searchQuery .= " AND (".$searchOwner.")";
}
if (strlen($searchCreateDate)>0) {
$searchQuery .= " AND (".$searchCreateDate.")";
}
// Count the number of rows that the search will produce.
$resArr = $this->db->getResultArray("SELECT COUNT(*) AS num ".$searchQuery);
$totalFolders = 0;
if (is_numeric($resArr[0]["num"]) && $resArr[0]["num"]>0) {
$totalFolders = (integer)$resArr[0]["num"];
}
// If there are no results from the count query, then there is no real need
// to run the full query. TODO: re-structure code to by-pass additional
// queries when no initial results are found.
// Only search if the offset is not beyond the number of folders
if($totalFolders > $offset) {
// Prepare the complete search query, including the LIMIT clause.
$searchQuery = "SELECT `tblFolders`.* ".$searchQuery;
if($limit) {
$searchQuery .= " LIMIT ".$offset.",".$limit;
}
// Send the complete search query to the database.
$resArr = $this->db->getResultArray($searchQuery);
} else {
$resArr = array();
}
// ------------------- Ausgabe der Ergebnisse ----------------------------
$numResults = count($resArr);
if ($numResults == 0) {
$folderresult = array('totalFolders'=>$totalFolders, 'folders'=>array());
} else {
foreach ($resArr as $folderArr) {
$folders[] = $this->getFolder($folderArr['id']);
}
$folderresult = array('totalFolders'=>$totalFolders, 'folders'=>$folders);
}
} else {
$folderresult = array('totalFolders'=>0, 'folders'=>array());
}
/*--------- Do it all over again for documents -------------*/
if($mode & 0x1) {
$searchKey = "";
// Assemble the arguments for the concatenation function. This allows the
// search to be carried across all the relevant fields.
$concatFunction = "";
if (in_array(1, $searchin)) {
$concatFunction = "`tblDocuments`.`keywords`";
}
if (in_array(2, $searchin)) {
$concatFunction = (strlen($concatFunction) == 0 ? "" : $concatFunction.", ")."`tblDocuments`.`name`";
}
if (in_array(3, $searchin)) {
$concatFunction = (strlen($concatFunction) == 0 ? "" : $concatFunction.", ")."`tblDocuments`.`comment`";
}
if (strlen($concatFunction)>0 && count($tkeys)>0) {
$concatFunction = "CONCAT_WS(' ', ".$concatFunction.")";
foreach ($tkeys as $key) {
$key = trim($key);
if (strlen($key)>0) {
$searchKey = (strlen($searchKey)==0 ? "" : $searchKey." ".$logicalmode." ").$concatFunction." LIKE ".$this->db->qstr('%'.$key.'%');
}
}
}
// Check to see if the search has been restricted to a particular sub-tree in
// the folder hierarchy.
$searchFolder = "";
if ($startFolder) {
$searchFolder = "`tblDocuments`.`folderList` LIKE '%:".$startFolder->getID().":%'";
}
// Check to see if the search has been restricted to a particular
// document owner.
$searchOwner = "";
if ($owner) {
$searchOwner = "`tblDocuments`.`owner` = '".$owner->getId()."'";
}
// Check to see if the search has been restricted to a particular
// document category.
$searchCategories = "";
if ($categories) {
$catids = array();
foreach($categories as $category)
$catids[] = $category->getId();
$searchCategories = "`tblDocumentCategory`.`categoryID` in (".implode(',', $catids).")";
}
// Is the search restricted to documents created between two specific dates?
$searchCreateDate = "";
if ($creationstartdate) {
$startdate = makeTimeStamp(0, 0, 0, $creationstartdate['year'], $creationstartdate["month"], $creationstartdate["day"]);
if ($startdate) {
$searchCreateDate .= "`tblDocuments`.`date` >= ".$startdate;
}
}
if ($creationenddate) {
$stopdate = makeTimeStamp(23, 59, 59, $creationenddate["year"], $creationenddate["month"], $creationenddate["day"]);
if ($stopdate) {
if($startdate)
$searchCreateDate .= " AND ";
$searchCreateDate .= "`tblDocuments`.`date` <= ".$stopdate;
}
}
// ---------------------- Suche starten ----------------------------------
//
// Construct the SQL query that will be used to search the database.
//
if (!$this->db->createTemporaryTable("ttcontentid") || !$this->db->createTemporaryTable("ttstatid")) {
return false;
}
$searchQuery = "FROM `tblDocumentContent` ".
"LEFT JOIN `tblDocuments` ON `tblDocuments`.`id` = `tblDocumentContent`.`document` ".
"LEFT JOIN `tblDocumentStatus` ON `tblDocumentStatus`.`documentID` = `tblDocumentContent`.`document` ".
"LEFT JOIN `tblDocumentStatusLog` ON `tblDocumentStatusLog`.`statusID` = `tblDocumentStatus`.`statusID` ".
"LEFT JOIN `ttstatid` ON `ttstatid`.`maxLogID` = `tblDocumentStatusLog`.`statusLogID` ".
"LEFT JOIN `ttcontentid` ON `ttcontentid`.`maxVersion` = `tblDocumentStatus`.`version` AND `ttcontentid`.`document` = `tblDocumentStatus`.`documentID` ".
"LEFT JOIN `tblDocumentLocks` ON `tblDocuments`.`id`=`tblDocumentLocks`.`document` ".
"LEFT JOIN `tblDocumentCategory` ON `tblDocuments`.`id`=`tblDocumentCategory`.`documentID` ".
"WHERE `ttstatid`.`maxLogID`=`tblDocumentStatusLog`.`statusLogID` ".
"AND `ttcontentid`.`maxVersion` = `tblDocumentContent`.`version`";
if (strlen($searchKey)>0) {
$searchQuery .= " AND (".$searchKey.")";
}
if (strlen($searchFolder)>0) {
$searchQuery .= " AND ".$searchFolder;
}
if (strlen($searchOwner)>0) {
$searchQuery .= " AND (".$searchOwner.")";
}
if (strlen($searchCategories)>0) {
$searchQuery .= " AND (".$searchCategories.")";
}
if (strlen($searchCreateDate)>0) {
$searchQuery .= " AND (".$searchCreateDate.")";
}
// status
if ($status) {
$searchQuery .= " AND `tblDocumentStatusLog`.`status` IN (".implode(',', $status).")";
}
// Count the number of rows that the search will produce.
$resArr = $this->db->getResultArray("SELECT COUNT(*) AS num ".$searchQuery);
$totalDocs = 0;
if (is_numeric($resArr[0]["num"]) && $resArr[0]["num"]>0) {
$totalDocs = (integer)$resArr[0]["num"];
}
// If there are no results from the count query, then there is no real need
// to run the full query. TODO: re-structure code to by-pass additional
// queries when no initial results are found.
// Prepare the complete search query, including the LIMIT clause.
$searchQuery = "SELECT `tblDocuments`.*, ".
"`tblDocumentContent`.`version`, ".
"`tblDocumentStatusLog`.`status`, `tblDocumentLocks`.`userID` as `lockUser` ".$searchQuery;
// calculate the remaining entrÑ—es of the current page
// If page is not full yet, get remaining entries
$remain = $limit - count($folderresult['folders']);
if($remain) {
if($remain == $limit)
$offset -= $totalFolders;
else
$offset = 0;
if($limit)
$searchQuery .= " LIMIT ".$offset.",".$remain;
// Send the complete search query to the database.
$resArr = $this->db->getResultArray($searchQuery);
} else {
$resArr = array();
}
// ------------------- Ausgabe der Ergebnisse ----------------------------
$numResults = count($resArr);
if ($numResults == 0) {
$docresult = array('totalDocs'=>$totalDocs, 'docs'=>array());
} else {
foreach ($resArr as $docArr) {
$docs[] = $this->getDocument($docArr['id']);
}
$docresult = array('totalDocs'=>$totalDocs, 'docs'=>$docs);
}
} else {
$docresult = array('totalDocs'=>0, 'docs'=>array());
}
if($limit) {
$totalPages = (integer)(($totalDocs+$totalFolders)/$limit);
if ((($totalDocs+$totalFolders)%$limit) > 0) {
$totalPages++;
}
} else {
$totalPages = 1;
}
return array_merge($docresult, $folderresult, array('totalPages'=>$totalPages));
} /* }}} */
/**
* Return a folder by its id
*
* This function retrieves a folder from the database by its id.
*
* @param integer $id internal id of folder
* @return object instance of LetoDMS_Core_Folder or false
*/
function getFolder($id) { /* {{{ */
if (!is_numeric($id)) return false;
$queryStr = "SELECT * FROM tblFolders WHERE id = " . (int) $id;
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false)
return false;
else if (count($resArr) != 1)
return false;
$resArr = $resArr[0];
$folder = new LetoDMS_Core_Folder($resArr["id"], $resArr["name"], $resArr["parent"], $resArr["comment"], $resArr["date"], $resArr["owner"], $resArr["inheritAccess"], $resArr["defaultAccess"], $resArr["sequence"]);
$folder->setDMS($this);
return $folder;
} /* }}} */
/**
* Return a folder by its name
*
* This function retrieves a folder from the database by its name. The
* search covers the whole database. If
* the parameter $folder is not null, it will search for the name
* only within this parent folder. It will not be done recursively.
*
* @param string $name name of the folder
* @param object $folder parent folder
* @return object/boolean found folder or false
*/
function getFolderByName($name, $folder=null) { /* {{{ */
if (!$name) return false;
$queryStr = "SELECT * FROM tblFolders WHERE name = " . $this->db->qstr($name);
if($folder)
$queryStr .= " AND `parent` = ". $folder->getID();
$queryStr .= " LIMIT 1";
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false)
return false;
if(!$resArr)
return false;
$resArr = $resArr[0];
$folder = new LetoDMS_Core_Folder($resArr["id"], $resArr["name"], $resArr["parent"], $resArr["comment"], $resArr["date"], $resArr["owner"], $resArr["inheritAccess"], $resArr["defaultAccess"], $resArr["sequence"]);
$folder->setDMS($this);
return $folder;
} /* }}} */
/**
* Return a user by its id
*
* This function retrieves a user from the database by its id.
*
* @param integer $id internal id of user
* @return object instance of LetoDMS_Core_User or false
*/
function getUser($id) { /* {{{ */
if (!is_numeric($id))
return false;
$queryStr = "SELECT * FROM tblUsers WHERE id = " . (int) $id;
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false) return false;
if (count($resArr) != 1) return false;
$resArr = $resArr[0];
$user = new LetoDMS_Core_User($resArr["id"], $resArr["login"], $resArr["pwd"], $resArr["fullName"], $resArr["email"], $resArr["language"], $resArr["theme"], $resArr["comment"], $resArr["role"], $resArr["hidden"]);
$user->setDMS($this);
return $user;
} /* }}} */
/**
* Return a user by its login
*
* This function retrieves a user from the database by its login.
* If the second optional parameter $email is not empty, the user must
* also have the given email.
*
* @param string $login internal login of user
* @param string $email email of user
* @return object instance of LetoDMS_Core_User or false
*/
function getUserByLogin($login, $email='') { /* {{{ */
$queryStr = "SELECT * FROM tblUsers WHERE login = ".$this->db->qstr($login);
if($email)
$queryStr .= " AND email=".$this->db->qstr($email);
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false) return false;
if (count($resArr) != 1) return false;
$resArr = $resArr[0];
$user = new LetoDMS_Core_User($resArr["id"], $resArr["login"], $resArr["pwd"], $resArr["fullName"], $resArr["email"], $resArr["language"], $resArr["theme"], $resArr["comment"], $resArr["role"], $resArr["hidden"]);
$user->setDMS($this);
return $user;
} /* }}} */
/**
* Return a user by its email
*
* This function retrieves a user from the database by its email.
* It is needed when the user requests a new password.
*
* @param integer $email email address of user
* @return object instance of LetoDMS_Core_User or false
*/
function getUserByEmail($email) { /* {{{ */
$queryStr = "SELECT * FROM tblUsers WHERE email = ".$this->db->qstr($email);
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false) return false;
if (count($resArr) != 1) return false;
$resArr = $resArr[0];
$user = new LetoDMS_Core_User($resArr["id"], $resArr["login"], $resArr["pwd"], $resArr["fullName"], $resArr["email"], $resArr["language"], $resArr["theme"], $resArr["comment"], $resArr["role"], $resArr["hidden"]);
$user->setDMS($this);
return $user;
} /* }}} */
/**
* Return list of all users
*
* @return array of instances of LetoDMS_Core_User or false
*/
function getAllUsers() { /* {{{ */
$queryStr = "SELECT * FROM tblUsers ORDER BY login";
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false)
return false;
$users = array();
for ($i = 0; $i < count($resArr); $i++) {
$user = new LetoDMS_Core_User($resArr[$i]["id"], $resArr[$i]["login"], $resArr[$i]["pwd"], $resArr[$i]["fullName"], $resArr[$i]["email"], (isset($resArr["language"])?$resArr["language"]:NULL), (isset($resArr["theme"])?$resArr["theme"]:NULL), $resArr[$i]["comment"], $resArr[$i]["role"], $resArr[$i]["hidden"]);
$user->setDMS($this);
$users[$i] = $user;
}
return $users;
} /* }}} */
/**
* Add a new user
*
* @param string $login login name
* @param string $pwd password of new user
* @param string $email Email of new user
* @param string $language language of new user
* @param string $comment comment of new user
* @param integer $role role of new user (can be 0=normal, 1=admin, 2=guest)
* @param integer $isHidden hide user in all lists, if this is set login
* is still allowed
* @return object of LetoDMS_Core_User
*/
function addUser($login, $pwd, $fullName, $email, $language, $theme, $comment, $role='0', $isHidden=0) { /* {{{ */
$db = $this->db;
if (is_object($this->getUserByLogin($login))) {
return false;
}
if($role == '')
$role = '0';
$queryStr = "INSERT INTO tblUsers (login, pwd, fullName, email, language, theme, comment, role, hidden) VALUES (".$db->qstr($login).", ".$db->qstr($pwd).", ".$db->qstr($fullName).", ".$db->qstr($email).", '".$language."', '".$theme."', ".$db->qstr($comment).", '".intval($role)."', '".intval($isHidden)."')";
$res = $this->db->getResult($queryStr);
if (!$res)
return false;
return $this->getUser($this->db->getInsertID());
} /* }}} */
/**
* Get a group by its id
*
* @param integer $id id of group
* @return object/boolean group or false if no group was found
*/
function getGroup($id) { /* {{{ */
if (!is_numeric($id))
return false;
$queryStr = "SELECT * FROM tblGroups WHERE id = " . (int) $id;
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false)
return false;
else if (count($resArr) != 1) //wenn, dann wohl eher 0 als > 1 ;-)
return false;
$resArr = $resArr[0];
$group = new LetoDMS_Core_Group($resArr["id"], $resArr["name"], $resArr["comment"]);
$group->setDMS($this);
return $group;
} /* }}} */
/**
* Get a group by its name
*
* @param string $name name of group
* @return object/boolean group or false if no group was found
*/
function getGroupByName($name) { /* {{{ */
$queryStr = "SELECT `tblGroups`.* FROM `tblGroups` WHERE `tblGroups`.`name` = ".$this->db->qstr($name);
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false)
return false;
else if (count($resArr) != 1) //wenn, dann wohl eher 0 als > 1 ;-)
return false;
$resArr = $resArr[0];
$group = new LetoDMS_Core_Group($resArr["id"], $resArr["name"], $resArr["comment"]);
$group->setDMS($this);
return $group;
} /* }}} */
/**
* Get a list of all groups
*
* @return array array of instances of {@link LetoDMS_Core_Group}
*/
function getAllGroups() { /* {{{ */
$queryStr = "SELECT * FROM tblGroups ORDER BY name";
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false)
return false;
$groups = array();
for ($i = 0; $i < count($resArr); $i++) {
$group = new LetoDMS_Core_Group($resArr[$i]["id"], $resArr[$i]["name"], $resArr[$i]["comment"]);
$group->setDMS($this);
$groups[$i] = $group;
}
return $groups;
} /* }}} */
/**
* Create a new user group
*
* @param string $name name of group
* @param string $comment comment of group
* @return object/boolean instance of {@link LetoDMS_Core_Group} or false in
* case of an error.
*/
function addGroup($name, $comment) { /* {{{ */
if (is_object($this->getGroupByName($name))) {
return false;
}
$queryStr = "INSERT INTO tblGroups (name, comment) VALUES (".$this->db->qstr($name).", ".$this->db->qstr($comment).")";
if (!$this->db->getResult($queryStr))
return false;
return $this->getGroup($this->db->getInsertID());
} /* }}} */
function getKeywordCategory($id) { /* {{{ */
if (!is_numeric($id))
return false;
$queryStr = "SELECT * FROM tblKeywordCategories WHERE id = " . (int) $id;
$resArr = $this->db->getResultArray($queryStr);
if ((is_bool($resArr) && !$resArr) || (count($resArr) != 1))
return false;
$resArr = $resArr[0];
$cat = new LetoDMS_Core_Keywordcategory($resArr["id"], $resArr["owner"], $resArr["name"]);
$cat->setDMS($this);
return $cat;
} /* }}} */
function getKeywordCategoryByName($name, $userID) { /* {{{ */
$queryStr = "SELECT * FROM tblKeywordCategories WHERE name = " . $this->db->qstr($name) . " AND owner = " . (int) $userID;
$resArr = $this->db->getResultArray($queryStr);
if ((is_bool($resArr) && !$resArr) || (count($resArr) != 1))
return false;
$resArr = $resArr[0];
$cat = new LetoDMS_Core_Keywordcategory($resArr["id"], $resArr["owner"], $resArr["name"]);
$cat->setDMS($this);
return $cat;
} /* }}} */
function getAllKeywordCategories($userIDs = array()) { /* {{{ */
$queryStr = "SELECT * FROM tblKeywordCategories";
if ($userIDs)
$queryStr .= " WHERE owner in (".implode(',', $userIDs).")";
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && !$resArr)
return false;
$categories = array();
foreach ($resArr as $row) {
$cat = new LetoDMS_Core_KeywordCategory($row["id"], $row["owner"], $row["name"]);
$cat->setDMS($this);
array_push($categories, $cat);
}
return $categories;
} /* }}} */
/**
* This function should be replaced by getAllKeywordCategories()
*/
function getAllUserKeywordCategories($userID) { /* {{{ */
$queryStr = "SELECT * FROM tblKeywordCategories";
if ($userID != -1)
$queryStr .= " WHERE owner = " . (int) $userID;
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && !$resArr)
return false;
$categories = array();
foreach ($resArr as $row) {
$cat = new LetoDMS_Core_KeywordCategory($row["id"], $row["owner"], $row["name"]);
$cat->setDMS($this);
array_push($categories, $cat);
}
return $categories;
} /* }}} */
function addKeywordCategory($userID, $name) { /* {{{ */
if (is_object($this->getKeywordCategoryByName($name, $userID))) {
return false;
}
$queryStr = "INSERT INTO tblKeywordCategories (owner, name) VALUES (".(int) $userID.", ".$this->db->qstr($name).")";
if (!$this->db->getResult($queryStr))
return false;
return $this->getKeywordCategory($this->db->getInsertID());
} /* }}} */
function getDocumentCategory($id) { /* {{{ */
if (!is_numeric($id))
return false;
$queryStr = "SELECT * FROM tblCategory WHERE id = " . (int) $id;
$resArr = $this->db->getResultArray($queryStr);
if ((is_bool($resArr) && !$resArr) || (count($resArr) != 1))
return false;
$resArr = $resArr[0];
$cat = new LetoDMS_Core_DocumentCategory($resArr["id"], $resArr["name"]);
$cat->setDMS($this);
return $cat;
} /* }}} */
function getDocumentCategories() { /* {{{ */
$queryStr = "SELECT * FROM tblCategory";
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && !$resArr)
return false;
$categories = array();
foreach ($resArr as $row) {
$cat = new LetoDMS_Core_DocumentCategory($row["id"], $row["name"]);
$cat->setDMS($this);
array_push($categories, $cat);
}
return $categories;
} /* }}} */
/**
* Get a category by its name
*
* The name of a category is by default unique.
*
* @param string $name human readable name of category
* @return object instance of LetoDMS_Core_DocumentCategory
*/
function getDocumentCategoryByName($name) { /* {{{ */
$queryStr = "SELECT * FROM tblCategory where name=".$this->db->qstr($name);
$resArr = $this->db->getResultArray($queryStr);
if (!$resArr)
return false;
$row = $resArr[0];
$cat = new LetoDMS_Core_DocumentCategory($row["id"], $row["name"]);
$cat->setDMS($this);
return $cat;
} /* }}} */
function addDocumentCategory($name) { /* {{{ */
if (is_object($this->getDocumentCategoryByName($name))) {
return false;
}
$queryStr = "INSERT INTO tblCategory (name) VALUES (".$this->db->qstr($name).")";
if (!$this->db->getResult($queryStr))
return false;
return $this->getDocumentCategory($this->db->getInsertID());
} /* }}} */
/**
* Get all notifications for a group
*
* @param object $group group for which notifications are to be retrieved
* @param integer $type type of item (T_DOCUMENT or T_FOLDER)
* @return array array of notifications
*/
function getNotificationsByGroup($group, $type=0) { /* {{{ */
$queryStr = "SELECT `tblNotify`.* FROM `tblNotify` ".
"WHERE `tblNotify`.`groupID` = ". $group->getID();
if($type) {
$queryStr .= " AND `tblNotify`.`targetType` = ". (int) $type;
}
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && !$resArr)
return false;
$notifications = array();
foreach ($resArr as $row) {
$not = new LetoDMS_Core_Notification($row["target"], $row["targetType"], $row["userID"], $row["groupID"]);
$not->setDMS($this);
array_push($notifications, $cat);
}
return $notifications;
} /* }}} */
/**
* Get all notifications for a user
*
* @param object $user user for which notifications are to be retrieved
* @param integer $type type of item (T_DOCUMENT or T_FOLDER)
* @return array array of notifications
*/
function getNotificationsByUser($user, $type=0) { /* {{{ */
$queryStr = "SELECT `tblNotify`.* FROM `tblNotify` ".
"WHERE `tblNotify`.`userID` = ". $user->getID();
if($type) {
$queryStr .= " AND `tblNotify`.`targetType` = ". (int) $type;
}
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && !$resArr)
return false;
$notifications = array();
foreach ($resArr as $row) {
$not = new LetoDMS_Core_Notification($row["target"], $row["targetType"], $row["userID"], $row["groupID"]);
$not->setDMS($this);
array_push($notifications, $cat);
}
return $notifications;
} /* }}} */
/**
* Create a token to request a new password.
* This function will not delete the password but just creates an entry
* in tblUserRequestPassword indicating a password request.
*
* @return string hash value of false in case of an error
*/
function createPasswordRequest($user) { /* {{{ */
$hash = md5(uniqid(time()));
$queryStr = "INSERT INTO tblUserPasswordRequest (userID, hash, `date`) VALUES (" . $user->getId() . ", " . $this->db->qstr($hash) .", now())";
$resArr = $this->db->getResult($queryStr);
if (is_bool($resArr) && !$resArr) return false;
return $hash;
} /* }}} */
/**
* Check if hash for a password request is valid.
* This function searches a previously create password request and
* returns the user.
*
* @param string $hash
*/
function checkPasswordRequest($hash) { /* {{{ */
/* Get the password request from the database */
$queryStr = "SELECT * FROM tblUserPasswordRequest where hash=".$this->db->qstr($hash);
$resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && !$resArr)
return false;
if (count($resArr) != 1)
return false;
$resArr = $resArr[0];
return $this->getUser($resArr['userID']);
} /* }}} */
/**
* Delete a password request
*
* @param string $hash
*/
function deletePasswordRequest($hash) { /* {{{ */
/* Delete the request, so nobody can use it a second time */
$queryStr = "DELETE FROM tblUserPasswordRequest WHERE hash=".$this->db->qstr($hash);
if (!$this->db->getResult($queryStr))
return false;
return true;
}
}
?>
|