-<?php\r
-/*\r
- * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)\r
- * Copyright (C) 2002-2005 The Nucleus Group\r
- *\r
- * This program is free software; you can redistribute it and/or\r
- * modify it under the terms of the GNU General Public License\r
- * as published by the Free Software Foundation; either version 2\r
- * of the License, or (at your option) any later version.\r
- * (see nucleus/documentation/index.html#license for more info)\r
- */\r
-/**\r
- * This class makes sure each item/weblog/comment object gets requested from\r
- * the database only once, by keeping them in a cache. The class also acts as\r
- * a dynamic classloader, loading classes _only_ when they are first needed,\r
- * hoping to diminish execution time\r
- *\r
- * The class is a singleton, meaning that there will be only one object of it\r
- * active at all times. The object can be requested using MANAGER::instance()\r
- *\r
- * @license http://nucleuscms.org/license.txt GNU General Public License\r
- * @copyright Copyright (C) 2002-2005 The Nucleus Group\r
- * @version $Id: MANAGER.php,v 1.4 2005-08-13 07:33:02 kimitake Exp $\r
- * $NucleusJP: MANAGER.php,v 1.3 2005/03/12 06:19:05 kimitake Exp $\r
- */\r
-class MANAGER {\r
-\r
- /**\r
- * Cached ITEM, BLOG, PLUGIN and KARMA objects. When these objects are requested \r
- * through the global $manager object (getItem, getBlog, ...), only the first call \r
- * will create an object. Subsequent calls will return the same object.\r
- *\r
- * The $items, $blogs, ... arrays map an id to an object (for plugins, the name is used\r
- * rather than an ID)\r
- */\r
- var $items;\r
- var $blogs;\r
- var $plugins;\r
- var $karma;\r
- var $templates;\r
- \r
- /**\r
- * cachedInfo to avoid repeated SQL queries (see pidInstalled/pluginInstalled/getPidFromName)\r
- * e.g. which plugins exists?\r
- *\r
- * $cachedInfo['installedPlugins'] = array($pid -> $name)\r
- */\r
- var $cachedInfo;\r
- \r
- /**\r
- * The plugin subscriptionlist\r
- *\r
- * The subcription array has the following structure\r
- * $subscriptions[$EventName] = array containing names of plugin classes to be\r
- * notified when that event happens\r
- */\r
- var $subscriptions; \r
- \r
- /**\r
- * Returns the only instance of this class. Creates the instance if it \r
- * does not yet exists. Users should use this function as \r
- * $manager =& MANAGER::instance(); to get a reference to the object\r
- * instead of a copy\r
- */\r
- function &instance() {\r
- static $instance = '';\r
- if ($instance == '')\r
- $instance =& new MANAGER();\r
- return $instance;\r
- }\r
- \r
- /**\r
- * The constructor of this class initializes the object caches \r
- */\r
- function MANAGER() {\r
- $this->items = array();\r
- $this->blogs = array();\r
- $this->plugins = array();\r
- $this->karma = array();\r
- $this->parserPrefs = array();\r
- $this->cachedInfo = array();\r
- }\r
- \r
- /**\r
- * Returns the requested item object. If it is not in the cache, it will\r
- * first be loaded and then placed in the cache.\r
- * Intended use: $item =& $manager->getItem(1234)\r
- */\r
- function &getItem($itemid, $allowdraft, $allowfuture) {\r
- $item =& $this->items[$itemid];\r
- \r
- // check the draft and future rules if the item was already cached \r
- if ($item) {\r
- if ((!$allowdraft) && ($item['draft']))\r
- return 0;\r
-\r
- $blog =& $this->getBlog(getBlogIDFromItemID($itemid));\r
- if ((!$allowfuture) && ($item['timestamp'] > $blog->getCorrectTime()))\r
- return 0; \r
- }\r
- if (!$item) {\r
- // load class if needed\r
- $this->loadClass('ITEM');\r
- // load item object\r
- $item = ITEM::getitem($itemid, $allowdraft, $allowfuture);\r
- $this->items[$itemid] = $item;\r
- }\r
- return $item;\r
- }\r
- \r
- /**\r
- * Loads a class if it has not yet been loaded\r
- */\r
- function loadClass($name) {\r
- $this->_loadClass($name, $name . '.php');\r
- }\r
- \r
- /**\r
- * Checks if an item exists\r
- */\r
- function existsItem($id,$future,$draft) {\r
- $this->_loadClass('ITEM','ITEM.php'); \r
- return ITEM::exists($id,$future,$draft);\r
- }\r
- \r
- /**\r
- * Checks if a category exists\r
- */\r
- function existsCategory($id) {\r
- return (quickQuery('SELECT COUNT(*) as result FROM '.sql_table('category').' WHERE catid='.intval($id)) > 0);\r
- }\r
- \r
- function &getBlog($blogid) {\r
- $blog =& $this->blogs[$blogid];\r
-\r
- if (!$blog) {\r
- // load class if needed\r
- $this->_loadClass('BLOG','BLOG.php');\r
- // load blog object\r
- $blog =& new BLOG($blogid);\r
- $this->blogs[$blogid] =& $blog;\r
- }\r
- return $blog;\r
- }\r
- \r
- function existsBlog($name) {\r
- $this->_loadClass('BLOG','BLOG.php');\r
- return BLOG::exists($name);\r
- }\r
-\r
- function existsBlogID($id) {\r
- $this->_loadClass('BLOG','BLOG.php');\r
- return BLOG::existsID($id);\r
- } \r
- \r
- /**\r
- * Returns a previously read template\r
- */\r
- function &getTemplate($templateName) {\r
- $template =& $this->templates[$templateName];\r
-\r
- if (!$template) {\r
- $template = TEMPLATE::read($templateName);\r
- $this->templates[$templateName] =& $template;\r
- }\r
- return $template;\r
- } \r
-\r
- /**\r
- * Returns a KARMA object (karma votes)\r
- */\r
- function &getKarma($itemid) {\r
- $karma =& $this->karma[$itemid];\r
-\r
- if (!$karma) {\r
- // load class if needed\r
- $this->_loadClass('KARMA','KARMA.php');\r
- // create KARMA object\r
- $karma =& new KARMA($itemid);\r
- $this->karma[$itemid] =& $karma;\r
- }\r
- return $karma;\r
- } \r
- \r
- /**\r
- * Global parser preferences\r
- */\r
- function setParserProperty($name, $value) {\r
- $this->parserPrefs[$name] = $value;\r
- }\r
- function getParserProperty($name) {\r
- return $this->parserPrefs[$name];\r
- }\r
-\r
- /**\r
- * A private helper class to load classes\r
- */\r
- function _loadClass($name, $filename) {\r
- if (!class_exists($name)) {\r
- global $DIR_LIBS;\r
- include($DIR_LIBS . $filename);\r
- } \r
- }\r
- \r
- function _loadPlugin($name) {\r
- if (!class_exists($name)) {\r
- global $DIR_PLUGINS;\r
- \r
- $fileName = $DIR_PLUGINS . $name . '.php';\r
- \r
- if (!file_exists($fileName))\r
- {\r
- ACTIONLOG::add(WARNING, 'Plugin ' . $name . ' was not loaded (File not found)');\r
- return 0;\r
- }\r
- \r
- // load plugin\r
- include($fileName);\r
- \r
- // check if class exists (avoid errors in eval'd code)\r
- if (!class_exists($name))\r
- {\r
- ACTIONLOG::add(WARNING, 'Plugin ' . $name . ' was not loaded (Class not found in file, possible parse error)'); \r
- return 0;\r
- }\r
- \r
- // add to plugin array\r
- eval('$this->plugins[$name] =& new ' . $name . '();');\r
- \r
- // get plugid\r
- $this->plugins[$name]->plugid = $this->getPidFromName($name);\r
- \r
- // unload plugin if a prefix is used and the plugin cannot handle this^\r
- global $MYSQL_PREFIX;\r
- if (($MYSQL_PREFIX != '') && !$this->plugins[$name]->supportsFeature('SqlTablePrefix')) \r
- {\r
- unset($this->plugins[$name]);\r
- ACTIONLOG::add(WARNING, 'Plugin ' . $name . ' was not loaded (does not support SqlTablePrefix)');\r
- return 0;\r
- }\r
- \r
- // call init method\r
- $this->plugins[$name]->init();\r
- \r
- } \r
- }\r
- \r
- function &getPlugin($name) {\r
- $plugin =& $this->plugins[$name];\r
-\r
- if (!$plugin) {\r
- // load class if needed\r
- $this->_loadPlugin($name);\r
- $plugin =& $this->plugins[$name]; \r
- }\r
- return $plugin;\r
- }\r
-\r
- /**\r
- * checks if the given plugin IS installed or not\r
- */\r
- function pluginInstalled($name) {\r
- $this->_initCacheInfo('installedPlugins');\r
- return ($this->getPidFromName($name) != -1);\r
- }\r
- function pidInstalled($pid) {\r
- $this->_initCacheInfo('installedPlugins');\r
- return ($this->cachedInfo['installedPlugins'][$pid] != '');\r
- }\r
- function getPidFromName($name) {\r
- $this->_initCacheInfo('installedPlugins');\r
- foreach ($this->cachedInfo['installedPlugins'] as $pid => $pfile)\r
- {\r
- if ($pfile == $name)\r
- return $pid;\r
- }\r
- return -1;\r
- }\r
- function clearCachedInfo($what) {\r
- unset($this->cachedInfo[$what]);\r
- }\r
- \r
- /**\r
- * Loads some info on the first call only\r
- */\r
- function _initCacheInfo($what)\r
- {\r
- if (is_array($this->cachedInfo[$what]))\r
- return;\r
- switch ($what)\r
- {\r
- // 'installedPlugins' = array ($pid => $name)\r
- case 'installedPlugins':\r
- $this->cachedInfo['installedPlugins'] = array();\r
- $res = sql_query('SELECT pid, pfile FROM ' . sql_table('plugin'));\r
- while ($o = mysql_fetch_object($res))\r
- {\r
- $this->cachedInfo['installedPlugins'][$o->pid] = $o->pfile;\r
- }\r
- break;\r
- }\r
- }\r
- \r
- /**\r
- * A function to notify plugins that something has happened. Only the plugins\r
- * that are subscribed to the event will get notified.\r
- * Upon the first call, the list of subscriptions will be fetched from the \r
- * database. The plugins itsself will only get loaded when they are first needed\r
- *\r
- * @param $eventName\r
- * Name of the event (method to be called on plugins)\r
- * @param $data\r
- * Can contain any type of data, depending on the event type. Usually this is\r
- * an itemid, blogid, ... but it can also be an array containing multiple values\r
- */\r
- function notify($eventName, $data) {\r
- // load subscription list if needed\r
- if (!is_array($this->subscriptions)) \r
- $this->_loadSubscriptions();\r
- \r
-\r
- // get listening objects\r
- $listeners = $this->subscriptions[$eventName];\r
- \r
- // notify all of them\r
- if (is_array($listeners)) {\r
- foreach($listeners as $listener) {\r
- // load class if needed\r
- $this->_loadPlugin($listener);\r
- // do notify (if method exists)\r
- if (method_exists($this->plugins[$listener], 'event_' . $eventName))\r
- call_user_func(array(&$this->plugins[$listener],'event_' . $eventName), $data);\r
- }\r
- }\r
- \r
- }\r
- \r
- /**\r
- * Loads plugin subscriptions\r
- */\r
- function _loadSubscriptions() {\r
- // initialize as array\r
- $this->subscriptions = array();\r
-\r
- $res = sql_query('SELECT p.pfile as pfile, e.event as event FROM '.sql_table('plugin_event').' as e, '.sql_table('plugin').' as p WHERE e.pid=p.pid ORDER BY p.porder ASC');\r
- while ($o = mysql_fetch_object($res)) {\r
- $pluginName = $o->pfile;\r
- $eventName = $o->event;\r
- $this->subscriptions[$eventName][] = $pluginName;\r
- }\r
- \r
- }\r
-\r
- /*\r
- Ticket functions. These are uses by the admin area to make it impossible to simulate certain GET/POST\r
- requests. tickets are user specific\r
- */\r
-\r
- var $currentRequestTicket = '';\r
- \r
- /**\r
- * GET requests: Adds ticket to URL (URL should NOT be html-encoded!, ticket is added at the end)\r
- */\r
- function addTicketToUrl($url)\r
- {\r
- $ticketCode = 'ticket=' . $this->_generateTicket();\r
- if (strstr($url, '?'))\r
- return $url . '&' . $ticketCode;\r
- else \r
- return $url . '?' . $ticketCode;\r
- }\r
- \r
- /**\r
- * POST requests: Adds ticket as hidden formvar\r
- */\r
- function addTicketHidden()\r
- {\r
- $ticket = $this->_generateTicket();\r
- \r
- echo '<input type="hidden" name="ticket" value="', htmlspecialchars($ticket), '" />';\r
- }\r
- \r
- /**\r
- * Checks the ticket that was passed along with the current request\r
- */\r
- function checkTicket() \r
- {\r
- global $member;\r
- \r
- // get ticket from request\r
- $ticket = requestVar('ticket');\r
- \r
- // no ticket -> don't allow\r
- if ($ticket == '')\r
- return false;\r
- \r
- // remove expired tickets first\r
- $this->_cleanUpExpiredTickets();\r
- \r
- // get member id\r
- if (!$member->isLoggedIn())\r
- $memberId = -1;\r
- else\r
- $memberId = $member->getID();\r
- \r
- // check if ticket is a valid one\r
- $query = 'SELECT COUNT(*) as result FROM ' . sql_table('tickets') . ' WHERE member=' . intval($memberId). ' and ticket=\''.addslashes($ticket).'\'';\r
- if (quickQuery($query) == 1)\r
- {\r
- // [in the original implementation, the checked ticket was deleted. This would lead to invalid\r
- // tickets when using the browsers back button and clicking another link/form\r
- // leaving the keys in the database is not a real problem, since they're member-specific and \r
- // only valid for a period of one hour\r
- // ]\r
- // sql_query('DELETE FROM '.sql_table('tickets').' WHERE member=' . intval($memberId). ' and ticket=\''.addslashes($ticket).'\'');\r
- return true; \r
- } else {\r
- // not a valid ticket\r
- return false;\r
- }\r
-\r
- }\r
- \r
- /**\r
- * (internal method) Removes the expired tickets \r
- */\r
- function _cleanUpExpiredTickets()\r
- {\r
- // remove tickets older than 1 hour\r
- $oldTime = time() - 60 * 60;\r
- $query = 'DELETE FROM ' . sql_table('tickets'). ' WHERE ctime < \'' . date('Y-m-d H:i:s',$oldTime) .'\'';\r
- sql_query($query);\r
- }\r
-\r
- /**\r
- * (internal method) Generates/returns a ticket (one ticket per page request)\r
- */\r
- function _generateTicket()\r
- {\r
- if ($this->currentRequestTicket == '')\r
- {\r
- // generate new ticket (only one ticket will be generated per page request)\r
- // and store in database \r
- global $member;\r
- // get member id\r
- if (!$member->isLoggedIn())\r
- $memberId = -1;\r
- else\r
- $memberId = $member->getID();\r
- \r
- $ok = false;\r
- while (!$ok)\r
- {\r
- // generate a random token\r
- srand((double)microtime()*1000000);\r
- $ticket = md5(uniqid(rand(), true));\r
-\r
- // add in database as non-active\r
- $query = 'INSERT INTO ' . sql_table('tickets') . ' (ticket, member, ctime) ';\r
- $query .= 'VALUES (\'' . addslashes($ticket). '\', \'' . intval($memberId). '\', \'' . date('Y-m-d H:i:s',time()) . '\')';\r
- if (sql_query($query))\r
- $ok = true;\r
- }\r
- \r
- $this->currentRequestTicket = $ticket;\r
- }\r
- return $this->currentRequestTicket;\r
- }\r
- \r
-}\r
-\r
-?>\r
+<?php
+/*
+ * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
+ * Copyright (C) 2002-2011 The Nucleus Group
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * (see nucleus/documentation/index.html#license for more info)
+ */
+/**
+ * This class makes sure each item/weblog/comment object gets requested from
+ * the database only once, by keeping them in a cache. The class also acts as
+ * a dynamic classloader, loading classes _only_ when they are first needed,
+ * hoping to diminish execution time
+ *
+ * The class is a singleton, meaning that there will be only one object of it
+ * active at all times. The object can be requested using MANAGER::instance()
+ *
+ * @license http://nucleuscms.org/license.txt GNU General Public License
+ * @copyright Copyright (C) 2002-2011 The Nucleus Group
+ * @version $Id$
+ * $NucleusJP: MANAGER.php,v 1.8.2.1 2007/09/05 07:00:18 kimitake Exp $
+ */
+class MANAGER {
+
+ /**
+ * Cached ITEM, BLOG, PLUGIN, KARMA and MEMBER objects. When these objects are requested
+ * through the global $manager object (getItem, getBlog, ...), only the first call
+ * will create an object. Subsequent calls will return the same object.
+ *
+ * The $items, $blogs, ... arrays map an id to an object (for plugins, the name is used
+ * rather than an ID)
+ */
+ var $items;
+ var $blogs;
+ var $plugins;
+ var $karma;
+ var $templates;
+ var $members;
+
+ /**
+ * cachedInfo to avoid repeated SQL queries (see pidInstalled/pluginInstalled/getPidFromName)
+ * e.g. which plugins exists?
+ *
+ * $cachedInfo['installedPlugins'] = array($pid -> $name)
+ */
+ var $cachedInfo;
+
+ /**
+ * The plugin subscriptionlist
+ *
+ * The subcription array has the following structure
+ * $subscriptions[$EventName] = array containing names of plugin classes to be
+ * notified when that event happens
+ */
+ var $subscriptions;
+
+ /**
+ * Returns the only instance of this class. Creates the instance if it
+ * does not yet exists. Users should use this function as
+ * $manager =& MANAGER::instance(); to get a reference to the object
+ * instead of a copy
+ */
+ function &instance() {
+ static $instance = array();
+ if (empty($instance)) {
+ $instance[0] =& new MANAGER();
+ }
+ return $instance[0];
+ }
+
+ /**
+ * The constructor of this class initializes the object caches
+ */
+ function MANAGER() {
+ $this->items = array();
+ $this->blogs = array();
+ $this->plugins = array();
+ $this->karma = array();
+ $this->parserPrefs = array();
+ $this->cachedInfo = array();
+ }
+
+ /**
+ * Returns the requested item object. If it is not in the cache, it will
+ * first be loaded and then placed in the cache.
+ * Intended use: $item =& $manager->getItem(1234)
+ */
+ function &getItem($itemid, $allowdraft, $allowfuture) {
+ $item =& $this->items[$itemid];
+
+ // check the draft and future rules if the item was already cached
+ if ($item) {
+ if ((!$allowdraft) && ($item['draft']))
+ return 0;
+
+ $blog =& $this->getBlog(getBlogIDFromItemID($itemid));
+ if ((!$allowfuture) && ($item['timestamp'] > $blog->getCorrectTime()))
+ return 0;
+ }
+ if (!$item) {
+ // load class if needed
+ $this->loadClass('ITEM');
+ // load item object
+ $item = ITEM::getitem($itemid, $allowdraft, $allowfuture);
+ $this->items[$itemid] = $item;
+ }
+ return $item;
+ }
+
+ /**
+ * Loads a class if it has not yet been loaded
+ */
+ function loadClass($name) {
+ $this->_loadClass($name, $name . '.php');
+ }
+
+ /**
+ * Checks if an item exists
+ */
+ function existsItem($id,$future,$draft) {
+ $this->_loadClass('ITEM','ITEM.php');
+ return ITEM::exists($id,$future,$draft);
+ }
+
+ /**
+ * Checks if a category exists
+ */
+ function existsCategory($id) {
+ return (quickQuery('SELECT COUNT(*) as result FROM '.sql_table('category').' WHERE catid='.intval($id)) > 0);
+ }
+
+ /**
+ * Returns the blog object for a given blogid
+ */
+ function &getBlog($blogid) {
+ $blog =& $this->blogs[$blogid];
+
+ if (!$blog) {
+ // load class if needed
+ $this->_loadClass('BLOG','BLOG.php');
+ // load blog object
+ $blog =& new BLOG($blogid);
+ $this->blogs[$blogid] =& $blog;
+ }
+ return $blog;
+ }
+
+ /**
+ * Checks if a blog exists
+ */
+ function existsBlog($name) {
+ $this->_loadClass('BLOG','BLOG.php');
+ return BLOG::exists($name);
+ }
+
+ /**
+ * Checks if a blog id exists
+ */
+ function existsBlogID($id) {
+ $this->_loadClass('BLOG','BLOG.php');
+ return BLOG::existsID($id);
+ }
+
+ /**
+ * Returns a previously read template
+ */
+ function &getTemplate($templateName) {
+ $template =& $this->templates[$templateName];
+
+ if (!$template) {
+ $template = TEMPLATE::read($templateName);
+ $this->templates[$templateName] =& $template;
+ }
+ return $template;
+ }
+
+ /**
+ * Returns a KARMA object (karma votes)
+ */
+ function &getKarma($itemid) {
+ $karma =& $this->karma[$itemid];
+
+ if (!$karma) {
+ // load class if needed
+ $this->_loadClass('KARMA','KARMA.php');
+ // create KARMA object
+ $karma =& new KARMA($itemid);
+ $this->karma[$itemid] =& $karma;
+ }
+ return $karma;
+ }
+
+ /**
+ * Returns a MEMBER object
+ */
+ function &getMember($memberid) {
+ $mem =& $this->members[$memberid];
+
+ if (!$mem) {
+ // load class if needed
+ $this->_loadClass('MEMBER','MEMBER.php');
+ // create MEMBER object
+ $mem =& MEMBER::createFromID($memberid);
+ $this->members[$memberid] =& $mem;
+ }
+ return $mem;
+ }
+
+ /**
+ * Set the global parser preferences
+ */
+ function setParserProperty($name, $value) {
+ $this->parserPrefs[$name] = $value;
+ }
+
+ /**
+ * Get the global parser preferences
+ */
+ function getParserProperty($name) {
+ return $this->parserPrefs[$name];
+ }
+
+ /**
+ * A helper function to load a class
+ *
+ * private
+ */
+ function _loadClass($name, $filename) {
+ if (!class_exists($name)) {
+ global $DIR_LIBS;
+ include($DIR_LIBS . $filename);
+ }
+ }
+
+ /**
+ * A helper function to load a plugin
+ *
+ * private
+ */
+ function _loadPlugin($name) {
+ if (!class_exists($name)) {
+ global $DIR_PLUGINS;
+
+ $fileName = $DIR_PLUGINS . $name . '.php';
+
+ if (!file_exists($fileName))
+ {
+ if (!defined('_MANAGER_PLUGINFILE_NOTFOUND')) {
+ define('_MANAGER_PLUGINFILE_NOTFOUND', 'Plugin %s was not loaded (File not found)');
+ }
+ ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOTFOUND, $name));
+ return 0;
+ }
+
+ // load plugin
+ include($fileName);
+
+ // check if class exists (avoid errors in eval'd code)
+ if (!class_exists($name))
+ {
+ if (!defined('_MANAGER_PLUGINFILE_NOCLASS')) {
+ define('_MANAGER_PLUGINFILE_NOCLASS', "Plugin %s was not loaded (Class not found in file, possible parse error)");
+ }
+ ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOCLASS, $name));
+ return 0;
+ }
+
+ // add to plugin array
+ eval('$this->plugins[$name] =& new ' . $name . '();');
+
+ // get plugid
+ $this->plugins[$name]->plugid = $this->getPidFromName($name);
+
+ // unload plugin if a prefix is used and the plugin cannot handle this^
+ global $MYSQL_PREFIX;
+ if (($MYSQL_PREFIX != '') && !$this->plugins[$name]->supportsFeature('SqlTablePrefix'))
+ {
+ unset($this->plugins[$name]);
+ ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINTABLEPREFIX_NOTSUPPORT, $name));
+ return 0;
+ }
+
+ // unload plugin if using non-mysql handler and plugin does not support it
+ global $MYSQL_HANDLER;
+ if ((!in_array('mysql',$MYSQL_HANDLER)) && !$this->plugins[$name]->supportsFeature('SqlApi'))
+ {
+ unset($this->plugins[$name]);
+ ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINSQLAPI_NOTSUPPORT, $name));
+ return 0;
+ }
+
+ // call init method
+ $this->plugins[$name]->init();
+
+ }
+ }
+
+ /**
+ * Returns a PLUGIN object
+ */
+ function &getPlugin($name) {
+ // retrieve the name of the plugin in the right capitalisation
+ $name = $this->getUpperCaseName ($name);
+ // get the plugin
+ $plugin =& $this->plugins[$name];
+
+ if (!$plugin) {
+ // load class if needed
+ $this->_loadPlugin($name);
+ $plugin =& $this->plugins[$name];
+ }
+ return $plugin;
+ }
+
+ /**
+ * Checks if the given plugin IS loaded or not
+ */
+ function &pluginLoaded($name) {
+ $plugin =& $this->plugins[$name];
+ return $plugin;
+ }
+
+ function &pidLoaded($pid) {
+ $plugin=false;
+ reset($this->plugins);
+ while (list($name) = each($this->plugins)) {
+ if ($pid!=$this->plugins[$name]->getId()) continue;
+ $plugin= & $this->plugins[$name];
+ break;
+ }
+ return $plugin;
+ }
+
+ /**
+ * checks if the given plugin IS installed or not
+ */
+ function pluginInstalled($name) {
+ $this->_initCacheInfo('installedPlugins');
+ return ($this->getPidFromName($name) != -1);
+ }
+
+ function pidInstalled($pid) {
+ $this->_initCacheInfo('installedPlugins');
+ return ($this->cachedInfo['installedPlugins'][$pid] != '');
+ }
+
+ function getPidFromName($name) {
+ $this->_initCacheInfo('installedPlugins');
+ foreach ($this->cachedInfo['installedPlugins'] as $pid => $pfile)
+ {
+ if (strtolower($pfile) == strtolower($name))
+ return $pid;
+ }
+ return -1;
+ }
+
+ /**
+ * Retrieve the name of a plugin in the right capitalisation
+ */
+ function getUpperCaseName ($name) {
+ $this->_initCacheInfo('installedPlugins');
+ foreach ($this->cachedInfo['installedPlugins'] as $pid => $pfile)
+ {
+ if (strtolower($pfile) == strtolower($name))
+ return $pfile;
+ }
+ return -1;
+ }
+
+ function clearCachedInfo($what) {
+ unset($this->cachedInfo[$what]);
+ }
+
+ /**
+ * Loads some info on the first call only
+ */
+ function _initCacheInfo($what)
+ {
+ if (isset($this->cachedInfo[$what]) && is_array($this->cachedInfo[$what]))
+ return;
+ switch ($what)
+ {
+ // 'installedPlugins' = array ($pid => $name)
+ case 'installedPlugins':
+ $this->cachedInfo['installedPlugins'] = array();
+ $res = sql_query('SELECT pid, pfile FROM ' . sql_table('plugin'));
+ while ($o = sql_fetch_object($res))
+ {
+ $this->cachedInfo['installedPlugins'][$o->pid] = $o->pfile;
+ }
+ break;
+ }
+ }
+
+ /**
+ * A function to notify plugins that something has happened. Only the plugins
+ * that are subscribed to the event will get notified.
+ * Upon the first call, the list of subscriptions will be fetched from the
+ * database. The plugins itsself will only get loaded when they are first needed
+ *
+ * @param $eventName
+ * Name of the event (method to be called on plugins)
+ * @param $data
+ * Can contain any type of data, depending on the event type. Usually this is
+ * an itemid, blogid, ... but it can also be an array containing multiple values
+ */
+ function notify($eventName, $data) {
+ // load subscription list if needed
+ if (!is_array($this->subscriptions))
+ $this->_loadSubscriptions();
+
+
+ // get listening objects
+ $listeners = false;
+ if (isset($this->subscriptions[$eventName])) {
+ $listeners = $this->subscriptions[$eventName];
+ }
+
+ // notify all of them
+ if (is_array($listeners)) {
+ foreach($listeners as $listener) {
+ // load class if needed
+ $this->_loadPlugin($listener);
+ // do notify (if method exists)
+ if (isset($this->plugins[$listener]) && method_exists($this->plugins[$listener], 'event_' . $eventName))
+ call_user_func(array(&$this->plugins[$listener],'event_' . $eventName), &$data);
+ }
+ }
+
+ }
+
+ /**
+ * Loads plugin subscriptions
+ */
+ function _loadSubscriptions() {
+ // initialize as array
+ $this->subscriptions = array();
+
+ $res = sql_query('SELECT p.pfile as pfile, e.event as event FROM '.sql_table('plugin_event').' as e, '.sql_table('plugin').' as p WHERE e.pid=p.pid ORDER BY p.porder ASC');
+ while ($o = sql_fetch_object($res)) {
+ $pluginName = $o->pfile;
+ $eventName = $o->event;
+ $this->subscriptions[$eventName][] = $pluginName;
+ }
+
+ }
+
+ /*
+ Ticket functions. These are uses by the admin area to make it impossible to simulate certain GET/POST
+ requests. tickets are user specific
+ */
+
+ var $currentRequestTicket = '';
+
+ /**
+ * GET requests: Adds ticket to URL (URL should NOT be html-encoded!, ticket is added at the end)
+ */
+ function addTicketToUrl($url)
+ {
+ $ticketCode = 'ticket=' . $this->_generateTicket();
+ if (strstr($url, '?'))
+ return $url . '&' . $ticketCode;
+ else
+ return $url . '?' . $ticketCode;
+ }
+
+ /**
+ * POST requests: Adds ticket as hidden formvar
+ */
+ function addTicketHidden()
+ {
+ $ticket = $this->_generateTicket();
+
+ echo '<input type="hidden" name="ticket" value="', htmlspecialchars($ticket), '" />';
+ }
+
+ /**
+ * Get a new ticket
+ * (xmlHTTPRequest AutoSaveDraft uses this to refresh the ticket)
+ */
+ function getNewTicket()
+ {
+ $this->currentRequestTicket = '';
+ return $this->_generateTicket();
+ }
+
+ /**
+ * Checks the ticket that was passed along with the current request
+ */
+ function checkTicket()
+ {
+ global $member;
+
+ // get ticket from request
+ $ticket = requestVar('ticket');
+
+ // no ticket -> don't allow
+ if ($ticket == '')
+ return false;
+
+ // remove expired tickets first
+ $this->_cleanUpExpiredTickets();
+
+ // get member id
+ if (!$member->isLoggedIn())
+ $memberId = -1;
+ else
+ $memberId = $member->getID();
+
+ // check if ticket is a valid one
+ $query = 'SELECT COUNT(*) as result FROM ' . sql_table('tickets') . ' WHERE member=' . intval($memberId). ' and ticket=\''.sql_real_escape_string($ticket).'\'';
+ if (quickQuery($query) == 1)
+ {
+ // [in the original implementation, the checked ticket was deleted. This would lead to invalid
+ // tickets when using the browsers back button and clicking another link/form
+ // leaving the keys in the database is not a real problem, since they're member-specific and
+ // only valid for a period of one hour
+ // ]
+ // sql_query('DELETE FROM '.sql_table('tickets').' WHERE member=' . intval($memberId). ' and ticket=\''.addslashes($ticket).'\'');
+ return true;
+ } else {
+ // not a valid ticket
+ return false;
+ }
+
+ }
+
+ /**
+ * (internal method) Removes the expired tickets
+ */
+ function _cleanUpExpiredTickets()
+ {
+ // remove tickets older than 1 hour
+ $oldTime = time() - 60 * 60;
+ $query = 'DELETE FROM ' . sql_table('tickets'). ' WHERE ctime < \'' . date('Y-m-d H:i:s',$oldTime) .'\'';
+ sql_query($query);
+ }
+
+ /**
+ * (internal method) Generates/returns a ticket (one ticket per page request)
+ */
+ function _generateTicket()
+ {
+ if ($this->currentRequestTicket == '')
+ {
+ // generate new ticket (only one ticket will be generated per page request)
+ // and store in database
+ global $member;
+ // get member id
+ if (!$member->isLoggedIn())
+ $memberId = -1;
+ else
+ $memberId = $member->getID();
+
+ $ok = false;
+ while (!$ok)
+ {
+ // generate a random token
+ srand((double)microtime()*1000000);
+ $ticket = md5(uniqid(rand(), true));
+
+ // add in database as non-active
+ $query = 'INSERT INTO ' . sql_table('tickets') . ' (ticket, member, ctime) ';
+ $query .= 'VALUES (\'' . sql_real_escape_string($ticket). '\', \'' . intval($memberId). '\', \'' . date('Y-m-d H:i:s',time()) . '\')';
+ if (sql_query($query))
+ $ok = true;
+ }
+
+ $this->currentRequestTicket = $ticket;
+ }
+ return $this->currentRequestTicket;
+ }
+
+}
+
+?>
\ No newline at end of file