+<<<<<<< HEAD
<?php\r
/*\r
* Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)\r
}\r
}\r
\r
+=======
+<?php
+/*
+ * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
+ * Copyright (C) 2002-2009 The Nucleus Group
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * (see nucleus/documentation/index.html#license for more info)
+ */
+/**
+ * This class makes sure each item/weblog/comment object gets requested from
+ * the database only once, by keeping them in a cache. The class also acts as
+ * a dynamic classloader, loading classes _only_ when they are first needed,
+ * hoping to diminish execution time
+ *
+ * The class is a singleton, meaning that there will be only one object of it
+ * active at all times. The object can be requested using Manager::instance()
+ *
+ * @license http://nucleuscms.org/license.txt GNU General Public License
+ * @copyright Copyright (C) 2002-2009 The Nucleus Group
+ * @version $Id: MANAGER.php 1878 2012-06-17 07:42:07Z sakamocchi $
+ */
+class Manager
+{
+ /**
+ * Cached ITEM, BLOG, PLUGIN, KARMA and MEMBER objects. When these objects are requested
+ * through the global $manager object (getItem, getBlog, ...), only the first call
+ * will create an object. Subsequent calls will return the same object.
+ *
+ * The $items, $blogs, ... arrays map an id to an object (for plugins, the name is used
+ * rather than an ID)
+ */
+ private $items;
+ private $blogs;
+ private $plugins;
+ private $karma;
+ private $templates;
+ private $members;
+ private $skins;
+
+ /**
+ * cachedInfo to avoid repeated SQL queries (see pidInstalled/pluginInstalled/getPidFromName)
+ * e.g. which plugins exists?
+ *
+ * $cachedInfo['installedPlugins'] = array($pid -> $name)
+ */
+ private $cachedInfo;
+
+ /**
+ * The plugin subscriptionlist
+ *
+ * The subcription array has the following structure
+ * $subscriptions[$EventName] = array containing names of plugin classes to be
+ * notified when that event happens
+ *
+ * NOTE: this is referred by Comments::addComment() for spamcheck API
+ * TODO: we should add new methods to get this
+ */
+ public $subscriptions;
+
+ /**
+ * Ticket functions. These are uses by the admin area to make it impossible to simulate certain GET/POST
+ * requests. tickets are user specific
+ */
+ private $currentRequestTicket = '';
+
+ /**
+ * Returns the only instance of this class. Creates the instance if it
+ * does not yet exists. Users should use this function as
+ * $manager =& Manager::instance(); to get a reference to the object
+ * instead of a copy
+ */
+ static public function &instance()
+ {
+ static $instance = array();
+ if ( empty($instance) )
+ {
+ $instance[0] = new Manager();
+ }
+ return $instance[0];
+ }
+
+ /**
+ * The constructor of this class initializes the object caches
+ */
+ public function __construct()
+ {
+ $this->items = array();
+ $this->blogs = array();
+ $this->plugins = array();
+ $this->karma = array();
+ $this->templates = array();
+ $this->skins = array();
+ $this->parserPrefs = array();
+ $this->cachedInfo = array();
+ $this->members = array();
+ return;
+ }
+
+ /**
+ * Returns the requested item object. If it is not in the cache, it will
+ * first be loaded and then placed in the cache.
+ * Intended use: $item =& $manager->getItem(1234, 0, 0)
+ */
+ public function &getItem($itemid, $allowdraft, $allowfuture)
+ {
+ /* confirm to cached */
+ if ( !array_key_exists($itemid, $this->items) )
+ {
+ $this->loadClass('ITEM');
+ $item = Item::getitem($itemid, $allowdraft, $allowfuture);
+ $this->items[$itemid] = $item;
+ }
+
+ $item =& $this->items[$itemid];
+ if ( !$allowdraft && ($item['draft']) )
+ {
+ return 0;
+ }
+
+ $blog =& $this->getBlog($item['blogid']);
+ if ( !$allowfuture && ($item['timestamp'] > $blog->getCorrectTime()) )
+ {
+ return 0;
+ }
+
+ return $item;
+ }
+
+ /**
+ * Loads a class if it has not yet been loaded
+ */
+ public function loadClass($name)
+ {
+ $this->_loadClass($name, $name . '.php');
+ return;
+ }
+
+ /**
+ * Checks if an item exists
+ */
+ public function existsItem($id,$future,$draft)
+ {
+ $this->_loadClass('ITEM','ITEM.php');
+ return Item::exists($id,$future,$draft);
+ }
+
+ /**
+ * Checks if a category exists
+ */
+ public function existsCategory($id)
+ {
+ return (DB::getValue('SELECT COUNT(*) as result FROM '.sql_table('category').' WHERE catid='.intval($id)) > 0);
+ }
+
+ /**
+ * Returns the blog object for a given blogid
+ */
+ public function &getBlog($blogid)
+ {
+ if ( !array_key_exists($blogid, $this->blogs) )
+ {
+ $this->_loadClass('BLOG','BLOG.php');
+ $this->blogs[$blogid] = new Blog($blogid);
+ }
+ return $this->blogs[$blogid];
+ }
+
+ /**
+ * Checks if a blog exists
+ */
+ public function existsBlog($name)
+ {
+ $this->_loadClass('BLOG','BLOG.php');
+ return Blog::exists($name);
+ }
+
+ /**
+ * Checks if a blog id exists
+ */
+ public function existsBlogID($id)
+ {
+ $this->_loadClass('BLOG','BLOG.php');
+ return Blog::existsID($id);
+ }
+
+ /**
+ * Returns a previously read template
+ */
+ public function &getTemplate($templateName)
+ {
+ if ( !array_key_exists($templateName, $this->templates) )
+ {
+ $this->_loadClass('Template','TEMPLATE.php');
+ $tmplate_tmp = Template::read($templateName);
+ $this->templates[$templateName] =& $tmplate_tmp;
+ }
+ return $this->templates[$templateName];
+ }
+
+ /**
+ * Returns a KARMA object (karma votes)
+ */
+ public function &getKarma($itemid)
+ {
+ if ( !array_key_exists($itemid, $this->karma) )
+ {
+ $this->_loadClass('Karma','KARMA.php');
+ $this->karma[$itemid] = new Karma($itemid);
+ }
+ return $this->karma[$itemid];
+ }
+
+ /**
+ * Returns a MEMBER object
+ */
+ public function &getMember($memberid)
+ {
+ if ( !array_key_exists($memberid, $this->members) )
+ {
+ $this->_loadClass('Member','MEMBER.php');
+ $this->members[$memberid] =& Member::createFromID($memberid);;
+ }
+ return $this->members[$memberid];
+ }
+
+ /**
+ * Manager::getSkin()
+ *
+ * @param integer $skinid ID for skin
+ * @param string $action_class action class for handling skin variables
+ * @param string $event_identifier identifier for event name
+ * @return object instance of Skin class
+ */
+ public function &getSkin($skinid, $action_class='Actions', $event_identifier='Skin')
+ {
+ if ( !array_key_exists($skinid, $this->skins) )
+ {
+ $this->_loadClass('Skin', 'SKIN.php');
+ $this->skins[$skinid] = new Skin($skinid, $action_class, $event_identifier);
+ }
+
+ return $this->skins[$skinid];
+ }
+
+ /**
+ * Set the global parser preferences
+ */
+ public function setParserProperty($name, $value)
+ {
+ $this->parserPrefs[$name] = $value;
+ return;
+ }
+
+ /**
+ * Get the global parser preferences
+ */
+ public function getParserProperty($name)
+ {
+ return $this->parserPrefs[$name];
+ }
+
+ /**
+ * A helper function to load a class
+ *
+ * private
+ */
+ private function _loadClass($name, $filename)
+ {
+ global $DIR_LIBS;
+
+ if ( !class_exists($name) )
+ {
+ include($DIR_LIBS . $filename);
+ }
+ return;
+ }
+
+ /**
+ * Manager::_loadPlugin()
+ * loading a certain plugin
+ *
+ * @param string $name plugin name
+ * @return void
+ */
+ private function _loadPlugin($name)
+ {
+ global $DIR_PLUGINS, $MYSQL_HANDLER, $MYSQL_PREFIX;
+
+ if ( class_exists($name) )
+ {
+ return;
+ }
+
+ $fileName = "{$DIR_PLUGINS}{$name}.php";
+
+ if ( !file_exists($fileName) )
+ {
+ if ( !defined('_MANAGER_PLUGINFILE_NOTFOUND') )
+ {
+ define('_MANAGER_PLUGINFILE_NOTFOUND', 'Plugin %s was not loaded (File not found)');
+ }
+ ActionLog::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOTFOUND, $name));
+ return 0;
+ }
+
+ // load plugin
+ include($fileName);
+
+ // check if class exists (avoid errors in eval'd code)
+ if ( !class_exists($name) )
+ {
+ ActionLog::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOCLASS, $name));
+ return 0;
+ }
+
+ // add to plugin array
+ $this->plugins[$name] = new $name();
+
+ // get plugid
+ $this->plugins[$name]->setID($this->getPidFromName($name));
+
+ // unload plugin if a prefix is used and the plugin cannot handle this
+ if ( ($MYSQL_PREFIX != '')
+ && !$this->plugins[$name]->supportsFeature('SqlTablePrefix') )
+ {
+ unset($this->plugins[$name]);
+ ActionLog::add(WARNING, sprintf(_MANAGER_PLUGINTABLEPREFIX_NOTSUPPORT, $name));
+ return 0;
+ }
+
+ // unload plugin if using non-mysql handler and plugin does not support it
+ if ( (!in_array('mysql',$MYSQL_HANDLER))
+ && !$this->plugins[$name]->supportsFeature('SqlApi') )
+ {
+ unset($this->plugins[$name]);
+ ActionLog::add(WARNING, sprintf(_MANAGER_PLUGINSQLAPI_NOTSUPPORT, $name));
+ return 0;
+ }
+
+ // call init method
+ $this->plugins[$name]->init();
+
+ return;
+ }
+
+ /**
+ * Manager:getPlugin()
+ * Returns a PLUGIN object
+ *
+ * @param string $name name of plugin
+ * @return object plugin object
+ */
+ public function &getPlugin($name)
+ {
+ // retrieve the name of the plugin in the right capitalisation
+ $name = $this->getUpperCaseName ($name);
+
+ // get the plugin
+ $plugin =& $this->plugins[$name];
+
+ if ( !$plugin )
+ {
+ // load class if needed
+ $this->_loadPlugin($name);
+ $plugin =& $this->plugins[$name];
+ }
+ return $plugin;
+ }
+
+ /**
+ * Manager::pluginLoaded()
+ * Checks if the given plugin IS loaded or not
+ *
+ * @param string $name name of plugin
+ * @return object plugin object
+ */
+ public function &pluginLoaded($name)
+ {
+ $plugin =& $this->plugins[$name];
+ return $plugin;
+ }
+
+ /**
+ * Manager::pidLoaded()
+ *
+ * @param integer $pid id for plugin
+ * @return object plugin object
+ */
+ public function &pidLoaded($pid)
+ {
+ $plugin=false;
+ reset($this->plugins);
+ while ( list($name) = each($this->plugins) )
+ {
+ if ( $pid!=$this->plugins[$name]->getId() )
+ {
+ continue;
+ }
+ $plugin= & $this->plugins[$name];
+ break;
+ }
+ return $plugin;
+ }
+
+ /**
+ * Manager::pluginInstalled()
+ * checks if the given plugin IS installed or not
+ *
+ * @param string $name name of plugin
+ * @return boolean exists or not
+ */
+ public function pluginInstalled($name)
+ {
+ $this->_initCacheInfo('installedPlugins');
+ return ($this->getPidFromName($name) != -1);
+ }
+
+ /**
+ * Manager::pidInstalled()
+ * checks if the given plugin IS installed or not
+ *
+ * @param integer $pid id of plugin
+ * @return boolean exists or not
+ */
+ public function pidInstalled($pid)
+ {
+ $this->_initCacheInfo('installedPlugins');
+ return ($this->cachedInfo['installedPlugins'][$pid] != '');
+ }
+
+ /**
+ * Manager::getPidFromName()
+ *
+ * @param string $name name of plugin
+ * @return mixed id for plugin or -1 if not exists
+ */
+ public function getPidFromName($name)
+ {
+ $this->_initCacheInfo('installedPlugins');
+ foreach ( $this->cachedInfo['installedPlugins'] as $pid => $pfile )
+ {
+ if (strtolower($pfile) == strtolower($name))
+ {
+ return $pid;
+ }
+ }
+ return -1;
+ }
+
+ /**
+ * Manager::getPluginNameFromPid()
+ *
+ * @param string $pid ID for plugin
+ * @return string name of plugin
+ */
+ public function getPluginNameFromPid($pid)
+ {
+ if ( !array_key_exists($pid, $this->cachedInfo['installedPlugins']) )
+ {
+ $query = 'SELECT pfile FROM %s WHERE pid=%d;';
+ $query = sprintf($query, sql_table('plugin'), (integer) $pid);
+ return DB::getValue($query);
+ }
+ return $this->cachedInfo['installedPlugins'][$pid];
+ }
+
+ /**
+ * Manager::getUpperCaseName()
+ * Retrieve the name of a plugin in the right capitalisation
+ *
+ * @param string $name name of plugin
+ * @return string name according to UpperCamelCase
+ */
+ public function getUpperCaseName ($name)
+ {
+ $this->_initCacheInfo('installedPlugins');
+ foreach ( $this->cachedInfo['installedPlugins'] as $pid => $pfile )
+ {
+ if ( strtolower($pfile) == strtolower($name) )
+ {
+ return $pfile;
+ }
+ }
+ return -1;
+ }
+
+ /**
+ * Manager::clearCachedInfo()
+ *
+ * @param string $what
+ * @return void
+ */
+ public function clearCachedInfo($what)
+ {
+ unset($this->cachedInfo[$what]);
+ return;
+ }
+
+ /**
+ * Manager::_initCacheInfo()
+ * Loads some info on the first call only
+ *
+ * @param string $what 'installedPlugins'
+ * @return void
+ */
+ private function _initCacheInfo($what)
+ {
+ if ( array_key_exists($what, $this->cachedInfo)
+ && is_array($this->cachedInfo[$what]) )
+ {
+ return;
+ }
+
+ switch ($what)
+ {
+ // 'installedPlugins' = array ($pid => $name)
+ case 'installedPlugins':
+ $this->cachedInfo['installedPlugins'] = array();
+ $res = DB::getResult('SELECT pid, pfile FROM ' . sql_table('plugin'));
+ foreach ( $res as $row )
+ {
+ $this->cachedInfo['installedPlugins'][$row['pid']] = $row['pfile'];
+ }
+ break;
+ }
+ return;
+ }
+
+ /**
+ * Manager::notify()
+ * A function to notify plugins that something has happened. Only the plugins
+ * that are subscribed to the event will get notified.
+ * Upon the first call, the list of subscriptions will be fetched from the
+ * database. The plugins itsself will only get loaded when they are first needed
+ *
+ * @param string $eventName Name of the event (method to be called on plugins)
+ * @param string $data Can contain any type of data,
+ * depending on the event type. Usually this is an itemid, blogid, ...
+ * but it can also be an array containing multiple values
+ * @return void
+ */
+ public function notify($eventName, &$data)
+ {
+ // load subscription list if needed
+ if ( !is_array($this->subscriptions) )
+ {
+ $this->_loadSubscriptions();
+ }
+
+ // get listening objects
+ $listeners = false;
+ if ( array_key_exists($eventName, $this->subscriptions)
+ && !empty($this->subscriptions[$eventName]) )
+ {
+ $listeners = $this->subscriptions[$eventName];
+ }
+
+ // notify all of them
+ if ( is_array($listeners) )
+ {
+ foreach( $listeners as $listener )
+ {
+ // load class if needed
+ $this->_loadPlugin($listener);
+
+ // do notify (if method exists)
+ if ( array_key_exists($listener, $this->plugins)
+ && !empty($this->plugins[$listener])
+ && method_exists($this->plugins[$listener], 'event_' . $eventName) )
+ {
+ call_user_func(array($this->plugins[$listener], 'event_' . $eventName), $data);
+ }
+ }
+ }
+ return;
+ }
+
+ /**
+ * Manager::_loadSubscriptions()
+ * Loads plugin subscriptions
+ *
+ * @param void
+ * @return void
+ */
+ private function _loadSubscriptions()
+ {
+ // initialize as array
+ $this->subscriptions = array();
+
+ $query = "SELECT p.pfile as pfile, e.event as event"
+ . " FROM %s as e, %s as p"
+ . " WHERE e.pid=p.pid ORDER BY p.porder ASC";
+ $query = sprintf($query, sql_table('plugin_event'), sql_table('plugin'));
+ $res = DB::getResult($query);
+
+ foreach ( $res as $row )
+ {
+ $pluginName = $row['pfile'];
+ $eventName = $row['event'];
+ $this->subscriptions[$eventName][] = $pluginName;
+ }
+ return;
+ }
+
+ /**
+ * Manager::getNumberOfSubscribers()
+ *
+ * @param string $event name of events
+ * @return integer number of event subscriber
+ */
+ public function getNumberOfSubscribers($event)
+ {
+ $query = 'SELECT COUNT(*) as count FROM %s WHERE event=%s;';
+ $query = sprintf($query, sql_table('plugin_event'), DB::quoteValue($event));
+ return (integer) DB::getValue($query);
+ }
+
+ /**
+ * Manager::addTicketToUrl()
+ * GET requests: Adds ticket to URL (URL should NOT be html-encoded!, ticket is added at the end)
+ *
+ * @param string url string for URI
+ * @return void
+ */
+ public function addTicketToUrl($url)
+ {
+ $ticketCode = 'ticket=' . $this->_generateTicket();
+ if ( i18n::strpos($url, '?') === FALSE )
+ {
+ $ticketCode = "{$url}?{$ticketCode}";
+ }
+ else
+ {
+ $ticketCode = "{$url}&{$ticketCode}";
+ }
+ return $ticketCode;
+ }
+
+ /**
+ * Manager::addTicketHidden()
+ * POST requests: Adds ticket as hidden formvar
+ *
+ * @param void
+ * @return void
+ */
+ public function addTicketHidden()
+ {
+ $ticket = $this->_generateTicket();
+ echo '<input type="hidden" name="ticket" value="', Entity::hsc($ticket), '" />';
+ return;
+ }
+
+ /**
+ * Manager::getNewTicket()
+ * Get a new ticket
+ * (xmlHTTPRequest AutoSaveDraft uses this to refresh the ticket)
+ *
+ * @param void
+ * @return string string of ticket
+ */
+ public function getNewTicket()
+ {
+ $this->currentRequestTicket = '';
+ return $this->_generateTicket();
+ }
+
+ /**
+ * Manager::checkTicket()
+ * Checks the ticket that was passed along with the current request
+ *
+ * @param void
+ * @return boolean correct or not
+ */
+ public function checkTicket()
+ {
+ global $member;
+
+ // get ticket from request
+ $ticket = requestVar('ticket');
+
+ // no ticket -> don't allow
+ if ( $ticket == '' )
+ {
+ return FALSE;
+ }
+
+ // remove expired tickets first
+ $this->_cleanUpExpiredTickets();
+
+ // get member id
+ if (!$member->isLoggedIn())
+ {
+ $memberId = -1;
+ }
+ else
+ {
+ $memberId = $member->getID();
+ }
+
+ // check if ticket is a valid one
+ $query = sprintf('SELECT COUNT(*) as result FROM %s WHERE member=%d and ticket=%s',
+ sql_table('tickets'),
+ intval($memberId),
+ DB::quoteValue($ticket)
+ );
+
+ /*
+ * NOTE:
+ * [in the original implementation, the checked ticket was deleted. This would lead to invalid
+ * tickets when using the browsers back button and clicking another link/form
+ * leaving the keys in the database is not a real problem, since they're member-specific and
+ * only valid for a period of one hour]
+ */
+ if ( DB::getValue($query) != 1 )
+ {
+ return FALSE;
+ }
+
+ return TRUE;
+ }
+
+ /**
+ * Manager::_cleanUpExpiredTickets()
+ * Removes the expired tickets
+ *
+ * @param void
+ * @return void
+ */
+ private function _cleanUpExpiredTickets()
+ {
+ // remove tickets older than 1 hour
+ $oldTime = time() - 60 * 60;
+ $query = 'DELETE FROM %s WHERE ctime < %s';
+ $query = sprintf($query, sql_table('tickets'), DB::formatDateTime($oldTime));
+ DB::execute($query);
+ return;
+ }
+
+ /**
+ * Manager::_generateTicket()
+ * Generates/returns a ticket (one ticket per page request)
+ *
+ * @param void
+ * @return void
+ */
+ private function _generateTicket()
+ {
+ if ( $this->currentRequestTicket == '' )
+ {
+ // generate new ticket (only one ticket will be generated per page request)
+ // and store in database
+ global $member;
+ // get member id
+ if ( !$member->isLoggedIn() )
+ {
+ $memberId = -1;
+ }
+ else
+ {
+ $memberId = $member->getID();
+ }
+
+ $ok = false;
+ while ( !$ok )
+ {
+ // generate a random token
+ srand((double)microtime()*1000000);
+ $ticket = md5(uniqid(rand(), true));
+
+ // add in database as non-active
+ $query = 'INSERT INTO %s (ticket, member, ctime) VALUES (%s, %d, %s)';
+ $query = sprintf($query, sql_table('tickets'), DB::quoteValue($ticket), (integer) $memberId, DB::formatDateTime());
+
+ if ( DB::execute($query) !== FALSE )
+ {
+ $ok = true;
+ }
+ }
+ $this->currentRequestTicket = $ticket;
+ }
+ return $this->currentRequestTicket;
+ }
+}
+
+>>>>>>> skinnable-master