3 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
\r
4 * Copyright (C) 2002-2009 The Nucleus Group
\r
6 * This program is free software; you can redistribute it and/or
\r
7 * modify it under the terms of the GNU General Public License
\r
8 * as published by the Free Software Foundation; either version 2
\r
9 * of the License, or (at your option) any later version.
\r
10 * (see nucleus/documentation/index.html#license for more info)
\r
13 * This class makes sure each item/weblog/comment object gets requested from
\r
14 * the database only once, by keeping them in a cache. The class also acts as
\r
15 * a dynamic classloader, loading classes _only_ when they are first needed,
\r
16 * hoping to diminish execution time
\r
18 * The class is a singleton, meaning that there will be only one object of it
\r
19 * active at all times. The object can be requested using Manager::instance()
\r
21 * @license http://nucleuscms.org/license.txt GNU General Public License
\r
22 * @copyright Copyright (C) 2002-2009 The Nucleus Group
\r
23 * @version $Id: MANAGER.php 1878 2012-06-17 07:42:07Z sakamocchi $
\r
28 * Cached ITEM, BLOG, PLUGIN, KARMA and MEMBER objects. When these objects are requested
\r
29 * through the global $manager object (getItem, getBlog, ...), only the first call
\r
30 * will create an object. Subsequent calls will return the same object.
\r
32 * The $items, $blogs, ... arrays map an id to an object (for plugins, the name is used
\r
33 * rather than an ID)
\r
44 * cachedInfo to avoid repeated SQL queries (see pidInstalled/pluginInstalled/getPidFromName)
\r
45 * e.g. which plugins exists?
\r
47 * $cachedInfo['installedPlugins'] = array($pid -> $name)
\r
49 private $cachedInfo;
\r
52 * The plugin subscriptionlist
\r
54 * The subcription array has the following structure
\r
55 * $subscriptions[$EventName] = array containing names of plugin classes to be
\r
56 * notified when that event happens
\r
58 * NOTE: this is referred by Comments::addComment() for spamcheck API
\r
59 * TODO: we should add new methods to get this
\r
61 public $subscriptions;
\r
64 * Ticket functions. These are uses by the admin area to make it impossible to simulate certain GET/POST
\r
65 * requests. tickets are user specific
\r
67 private $currentRequestTicket = '';
\r
70 * Returns the only instance of this class. Creates the instance if it
\r
71 * does not yet exists. Users should use this function as
\r
72 * $manager =& Manager::instance(); to get a reference to the object
\r
75 public static function &instance()
\r
77 static $instance = array();
\r
78 if ( empty($instance) )
\r
80 $instance[0] = new Manager();
\r
82 return $instance[0];
\r
86 * The constructor of this class initializes the object caches
\r
88 public function __construct()
\r
90 $this->items = array();
\r
91 $this->blogs = array();
\r
92 $this->plugins = array();
\r
93 $this->karma = array();
\r
94 $this->templates = array();
\r
95 $this->skins = array();
\r
96 $this->parserPrefs = array();
\r
97 $this->cachedInfo = array();
\r
98 $this->members = array();
\r
103 * Returns the requested item object. If it is not in the cache, it will
\r
104 * first be loaded and then placed in the cache.
\r
105 * Intended use: $item =& $manager->getItem(1234, 0, 0)
\r
107 public function &getItem($itemid, $allowdraft, $allowfuture)
\r
109 /* confirm to cached */
\r
110 if ( !array_key_exists($itemid, $this->items) )
\r
112 $this->loadClass('ITEM');
\r
113 $item = Item::getitem($itemid, $allowdraft, $allowfuture);
\r
114 $this->items[$itemid] = $item;
\r
117 $item =& $this->items[$itemid];
\r
118 if ( !$allowdraft && ($item['draft']) )
\r
123 $blog =& $this->getBlog($item['blogid']);
\r
124 if ( !$allowfuture && ($item['timestamp'] > $blog->getCorrectTime()) )
\r
133 * Loads a class if it has not yet been loaded
\r
135 public function loadClass($name)
\r
137 $this->_loadClass($name, $name . '.php');
\r
142 * Checks if an item exists
\r
144 public function existsItem($id,$future,$draft)
\r
146 $this->_loadClass('ITEM','ITEM.php');
\r
147 return Item::exists($id,$future,$draft);
\r
151 * Checks if a category exists
\r
153 public function existsCategory($id)
\r
155 return (DB::getValue('SELECT COUNT(*) as result FROM '.sql_table('category').' WHERE catid='.intval($id)) > 0);
\r
159 * Returns the blog object for a given blogid
\r
161 public function &getBlog($blogid)
\r
163 if ( !array_key_exists($blogid, $this->blogs) )
\r
165 $this->_loadClass('BLOG','BLOG.php');
\r
166 $this->blogs[$blogid] = new Blog($blogid);
\r
168 return $this->blogs[$blogid];
\r
172 * Checks if a blog exists
\r
174 public function existsBlog($name)
\r
176 $this->_loadClass('BLOG','BLOG.php');
\r
177 return Blog::exists($name);
\r
181 * Checks if a blog id exists
\r
183 public function existsBlogID($id)
\r
185 $this->_loadClass('BLOG','BLOG.php');
\r
186 return Blog::existsID($id);
\r
190 * Returns a previously read template
\r
192 public function &getTemplate($templateName)
\r
194 if ( !array_key_exists($templateName, $this->templates) )
\r
196 $this->_loadClass('Template','TEMPLATE.php');
\r
197 $tmplate_tmp = Template::read($templateName);
\r
198 $this->templates[$templateName] =& $tmplate_tmp;
\r
200 return $this->templates[$templateName];
\r
204 * Returns a KARMA object (karma votes)
\r
206 public function &getKarma($itemid)
\r
208 if ( !array_key_exists($itemid, $this->karma) )
\r
210 $this->_loadClass('Karma','KARMA.php');
\r
211 $this->karma[$itemid] = new Karma($itemid);
\r
213 return $this->karma[$itemid];
\r
217 * Returns a MEMBER object
\r
219 public function &getMember($memberid)
\r
221 if ( !array_key_exists($memberid, $this->members) )
\r
223 $this->_loadClass('Member','MEMBER.php');
\r
224 $this->members[$memberid] =& Member::createFromID($memberid);;
\r
226 return $this->members[$memberid];
\r
230 * Manager::getSkin()
\r
232 * @param integer $skinid ID for skin
\r
233 * @param string $action_class action class for handling skin variables
\r
234 * @param string $event_identifier identifier for event name
\r
235 * @return object instance of Skin class
\r
237 public function &getSkin($skinid, $action_class='Actions', $event_identifier='Skin')
\r
239 if ( !array_key_exists($skinid, $this->skins) )
\r
241 $this->_loadClass('Skin', 'SKIN.php');
\r
242 $this->skins[$skinid] = new Skin($skinid, $action_class, $event_identifier);
\r
245 return $this->skins[$skinid];
\r
249 * Set the global parser preferences
\r
251 public function setParserProperty($name, $value)
\r
253 $this->parserPrefs[$name] = $value;
\r
258 * Get the global parser preferences
\r
260 public function getParserProperty($name)
\r
262 return $this->parserPrefs[$name];
\r
266 * A helper function to load a class
\r
270 private function _loadClass($name, $filename)
\r
274 if ( !class_exists($name) )
\r
276 include($DIR_LIBS . $filename);
\r
282 * Manager::_loadPlugin()
\r
283 * loading a certain plugin
\r
285 * @param string $name plugin name
\r
288 private function _loadPlugin($name)
\r
290 global $DIR_PLUGINS, $MYSQL_HANDLER, $MYSQL_PREFIX;
\r
292 if ( class_exists($name) )
\r
297 $fileName = "{$DIR_PLUGINS}{$name}.php";
\r
299 if ( !file_exists($fileName) )
\r
301 if ( !defined('_MANAGER_PLUGINFILE_NOTFOUND') )
\r
303 define('_MANAGER_PLUGINFILE_NOTFOUND', 'Plugin %s was not loaded (File not found)');
\r
305 ActionLog::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOTFOUND, $name));
\r
310 include($fileName);
\r
312 // check if class exists (avoid errors in eval'd code)
\r
313 if ( !class_exists($name) )
\r
315 ActionLog::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOCLASS, $name));
\r
319 // add to plugin array
\r
320 $this->plugins[$name] = new $name();
\r
323 $this->plugins[$name]->setID($this->getPidFromName($name));
\r
325 // unload plugin if a prefix is used and the plugin cannot handle this
\r
326 if ( ($MYSQL_PREFIX != '')
\r
327 && !$this->plugins[$name]->supportsFeature('SqlTablePrefix') )
\r
329 unset($this->plugins[$name]);
\r
330 ActionLog::add(WARNING, sprintf(_MANAGER_PLUGINTABLEPREFIX_NOTSUPPORT, $name));
\r
334 // unload plugin if using non-mysql handler and plugin does not support it
\r
335 if ( (!in_array('mysql',$MYSQL_HANDLER))
\r
336 && !$this->plugins[$name]->supportsFeature('SqlApi') )
\r
338 unset($this->plugins[$name]);
\r
339 ActionLog::add(WARNING, sprintf(_MANAGER_PLUGINSQLAPI_NOTSUPPORT, $name));
\r
343 // call init method
\r
344 $this->plugins[$name]->init();
\r
350 * Manager:getPlugin()
\r
351 * Returns a PLUGIN object
\r
353 * @param string $name name of plugin
\r
354 * @return object plugin object
\r
356 public function &getPlugin($name)
\r
358 // retrieve the name of the plugin in the right capitalisation
\r
359 $name = $this->getUpperCaseName ($name);
\r
362 $plugin =& $this->plugins[$name];
\r
366 // load class if needed
\r
367 $this->_loadPlugin($name);
\r
368 $plugin =& $this->plugins[$name];
\r
374 * Manager::pluginLoaded()
\r
375 * Checks if the given plugin IS loaded or not
\r
377 * @param string $name name of plugin
\r
378 * @return object plugin object
\r
380 public function &pluginLoaded($name)
\r
382 $plugin =& $this->plugins[$name];
\r
387 * Manager::pidLoaded()
\r
389 * @param integer $pid id for plugin
\r
390 * @return object plugin object
\r
392 public function &pidLoaded($pid)
\r
395 reset($this->plugins);
\r
396 while ( list($name) = each($this->plugins) )
\r
398 if ( $pid!=$this->plugins[$name]->getId() )
\r
402 $plugin= & $this->plugins[$name];
\r
409 * Manager::pluginInstalled()
\r
410 * checks if the given plugin IS installed or not
\r
412 * @param string $name name of plugin
\r
413 * @return boolean exists or not
\r
415 public function pluginInstalled($name)
\r
417 $this->_initCacheInfo('installedPlugins');
\r
418 return ($this->getPidFromName($name) != -1);
\r
422 * Manager::pidInstalled()
\r
423 * checks if the given plugin IS installed or not
\r
425 * @param integer $pid id of plugin
\r
426 * @return boolean exists or not
\r
428 public function pidInstalled($pid)
\r
430 $this->_initCacheInfo('installedPlugins');
\r
431 return ($this->cachedInfo['installedPlugins'][$pid] != '');
\r
435 * Manager::getPidFromName()
\r
437 * @param string $name name of plugin
\r
438 * @return mixed id for plugin or -1 if not exists
\r
440 public function getPidFromName($name)
\r
442 $this->_initCacheInfo('installedPlugins');
\r
443 foreach ( $this->cachedInfo['installedPlugins'] as $pid => $pfile )
\r
445 if (strtolower($pfile) == strtolower($name))
\r
454 * Manager::getPluginNameFromPid()
\r
456 * @param string $pid ID for plugin
\r
457 * @return string name of plugin
\r
459 public function getPluginNameFromPid($pid)
\r
461 if ( !array_key_exists($pid, $this->cachedInfo['installedPlugins']) )
\r
463 $query = 'SELECT pfile FROM %s WHERE pid=%d;';
\r
464 $query = sprintf($query, sql_table('plugin'), (integer) $pid);
\r
465 return DB::getValue($query);
\r
467 return $this->cachedInfo['installedPlugins'][$pid];
\r
471 * Manager::getUpperCaseName()
\r
472 * Retrieve the name of a plugin in the right capitalisation
\r
474 * @param string $name name of plugin
\r
475 * @return string name according to UpperCamelCase
\r
477 public function getUpperCaseName ($name)
\r
479 $this->_initCacheInfo('installedPlugins');
\r
480 foreach ( $this->cachedInfo['installedPlugins'] as $pid => $pfile )
\r
482 if ( strtolower($pfile) == strtolower($name) )
\r
491 * Manager::clearCachedInfo()
\r
493 * @param string $what
\r
496 public function clearCachedInfo($what)
\r
498 unset($this->cachedInfo[$what]);
\r
503 * Manager::_initCacheInfo()
\r
504 * Loads some info on the first call only
\r
506 * @param string $what 'installedPlugins'
\r
509 private function _initCacheInfo($what)
\r
511 if ( array_key_exists($what, $this->cachedInfo)
\r
512 && is_array($this->cachedInfo[$what]) )
\r
519 // 'installedPlugins' = array ($pid => $name)
\r
520 case 'installedPlugins':
\r
521 $this->cachedInfo['installedPlugins'] = array();
\r
522 $res = DB::getResult('SELECT pid, pfile FROM ' . sql_table('plugin'));
\r
523 foreach ( $res as $row )
\r
525 $this->cachedInfo['installedPlugins'][$row['pid']] = $row['pfile'];
\r
533 * Manager::notify()
\r
534 * A function to notify plugins that something has happened. Only the plugins
\r
535 * that are subscribed to the event will get notified.
\r
536 * Upon the first call, the list of subscriptions will be fetched from the
\r
537 * database. The plugins itsself will only get loaded when they are first needed
\r
539 * @param string $eventName Name of the event (method to be called on plugins)
\r
540 * @param string $data Can contain any type of data,
\r
541 * depending on the event type. Usually this is an itemid, blogid, ...
\r
542 * but it can also be an array containing multiple values
\r
545 public function notify($eventName, $data)
\r
547 // load subscription list if needed
\r
548 if ( !is_array($this->subscriptions) )
\r
550 $this->_loadSubscriptions();
\r
553 // get listening objects
\r
554 $listeners = false;
\r
555 if ( array_key_exists($eventName, $this->subscriptions)
\r
556 && !empty($this->subscriptions[$eventName]) )
\r
558 $listeners = $this->subscriptions[$eventName];
\r
561 // notify all of them
\r
562 if ( is_array($listeners) )
\r
564 foreach( $listeners as $listener )
\r
566 // load class if needed
\r
567 $this->_loadPlugin($listener);
\r
569 // do notify (if method exists)
\r
570 if ( array_key_exists($listener, $this->plugins)
\r
571 && !empty($this->plugins[$listener])
\r
572 && method_exists($this->plugins[$listener], 'event_' . $eventName) )
\r
574 call_user_func(array(&$this->plugins[$listener], 'event_' . $eventName), array(&$data));
\r
582 * Manager::_loadSubscriptions()
\r
583 * Loads plugin subscriptions
\r
588 private function _loadSubscriptions()
\r
590 // initialize as array
\r
591 $this->subscriptions = array();
\r
593 $query = "SELECT p.pfile as pfile, e.event as event"
\r
594 . " FROM %s as e, %s as p"
\r
595 . " WHERE e.pid=p.pid ORDER BY p.porder ASC";
\r
596 $query = sprintf($query, sql_table('plugin_event'), sql_table('plugin'));
\r
597 $res = DB::getResult($query);
\r
599 foreach ( $res as $row )
\r
601 $pluginName = $row['pfile'];
\r
602 $eventName = $row['event'];
\r
603 $this->subscriptions[$eventName][] = $pluginName;
\r
609 * Manager::getNumberOfSubscribers()
\r
611 * @param string $event name of events
\r
612 * @return integer number of event subscriber
\r
614 public function getNumberOfSubscribers($event)
\r
616 $query = 'SELECT COUNT(*) as count FROM %s WHERE event=%s;';
\r
617 $query = sprintf($query, sql_table('plugin_event'), DB::quoteValue($event));
\r
618 return (integer) DB::getValue($query);
\r
622 * Manager::addTicketToUrl()
\r
623 * GET requests: Adds ticket to URL (URL should NOT be html-encoded!, ticket is added at the end)
\r
625 * @param string url string for URI
\r
628 public function addTicketToUrl($url)
\r
630 $ticketCode = 'ticket=' . $this->_generateTicket();
\r
631 if ( i18n::strpos($url, '?') === FALSE )
\r
633 $ticketCode = "{$url}?{$ticketCode}";
\r
637 $ticketCode = "{$url}&{$ticketCode}";
\r
639 return $ticketCode;
\r
643 * Manager::addTicketHidden()
\r
644 * POST requests: Adds ticket as hidden formvar
\r
649 public function addTicketHidden()
\r
651 $ticket = $this->_generateTicket();
\r
652 echo '<input type="hidden" name="ticket" value="', Entity::hsc($ticket), '" />';
\r
657 * Manager::getNewTicket()
\r
659 * (xmlHTTPRequest AutoSaveDraft uses this to refresh the ticket)
\r
662 * @return string string of ticket
\r
664 public function getNewTicket()
\r
666 $this->currentRequestTicket = '';
\r
667 return $this->_generateTicket();
\r
671 * Manager::checkTicket()
\r
672 * Checks the ticket that was passed along with the current request
\r
675 * @return boolean correct or not
\r
677 public function checkTicket()
\r
681 // get ticket from request
\r
682 $ticket = requestVar('ticket');
\r
684 // no ticket -> don't allow
\r
685 if ( $ticket == '' )
\r
690 // remove expired tickets first
\r
691 $this->_cleanUpExpiredTickets();
\r
694 if (!$member->isLoggedIn())
\r
700 $memberId = $member->getID();
\r
703 // check if ticket is a valid one
\r
704 $query = sprintf('SELECT COUNT(*) as result FROM %s WHERE member=%d and ticket=%s',
\r
705 sql_table('tickets'),
\r
707 DB::quoteValue($ticket)
\r
712 * [in the original implementation, the checked ticket was deleted. This would lead to invalid
\r
713 * tickets when using the browsers back button and clicking another link/form
\r
714 * leaving the keys in the database is not a real problem, since they're member-specific and
\r
715 * only valid for a period of one hour]
\r
717 if ( DB::getValue($query) != 1 )
\r
726 * Manager::_cleanUpExpiredTickets()
\r
727 * Removes the expired tickets
\r
732 private function _cleanUpExpiredTickets()
\r
734 // remove tickets older than 1 hour
\r
735 $oldTime = time() - 60 * 60;
\r
736 $query = 'DELETE FROM %s WHERE ctime < %s';
\r
737 $query = sprintf($query, sql_table('tickets'), DB::formatDateTime($oldTime));
\r
738 DB::execute($query);
\r
743 * Manager::_generateTicket()
\r
744 * Generates/returns a ticket (one ticket per page request)
\r
749 private function _generateTicket()
\r
751 if ( $this->currentRequestTicket == '' )
\r
753 // generate new ticket (only one ticket will be generated per page request)
\r
754 // and store in database
\r
757 if ( !$member->isLoggedIn() )
\r
763 $memberId = $member->getID();
\r
769 // generate a random token
\r
770 srand((double)microtime()*1000000);
\r
771 $ticket = md5(uniqid(rand(), true));
\r
773 // add in database as non-active
\r
774 $query = 'INSERT INTO %s (ticket, member, ctime) VALUES (%s, %d, %s)';
\r
775 $query = sprintf($query, sql_table('tickets'), DB::quoteValue($ticket), (integer) $memberId, DB::formatDateTime());
\r
777 if ( DB::execute($query) !== FALSE )
\r
782 $this->currentRequestTicket = $ticket;
\r
784 return $this->currentRequestTicket;
\r