diff options
Diffstat (limited to 'engine')
-rw-r--r-- | engine/lib/entities.php | 125 | ||||
-rw-r--r-- | engine/lib/widgets.php | 100 |
2 files changed, 210 insertions, 15 deletions
diff --git a/engine/lib/entities.php b/engine/lib/entities.php index b645fc372..43bb4a710 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -2358,6 +2358,131 @@ $total = get_data_row($query); return $total->total; } + } + + /** + * Get entities based on their private data by multiple keys, in a similar way to metadata. + * + * @param string $name The name of the setting + * @param string $value The value of the setting + * @param string $type The type of entity (eg "user", "object" etc) + * @param string $subtype The arbitrary subtype of the entity + * @param int $owner_guid The GUID of the owning user + * @param string $order_by The field to order by; by default, time_created desc + * @param int $limit The number of entities to return; 10 by default + * @param int $offset The indexing offset, 0 by default + * @param boolean $count Set to true to get a count rather than the entities themselves (limits and offsets don't apply in this context). Defaults to false. + * @param int $site_guid The site to get entities for. Leave as 0 (default) for the current site; -1 for all sites. + * @param int|array $container_guid The container or containers to get entities from (default: all containers). + * @return array A list of entities. + */ + function get_entities_from_private_setting_multi(array $name, $type = "", $subtype = "", $owner_guid = 0, $order_by = "", $limit = 10, $offset = 0, $count = false, $site_guid = 0, $container_guid = null) + { + global $CONFIG; + + if ($subtype === false || $subtype === null || $subtype === 0) + return false; + + if ($order_by == "") $order_by = "e.time_created desc"; + $order_by = sanitise_string($order_by); + $limit = (int)$limit; + $offset = (int)$offset; + $site_guid = (int) $site_guid; + if ($site_guid == 0) + $site_guid = $CONFIG->site_guid; + + $where = array(); + + if (is_array($type)) { + $tempwhere = ""; + if (sizeof($type)) + foreach($type as $typekey => $subtypearray) { + foreach($subtypearray as $subtypeval) { + $typekey = sanitise_string($typekey); + if (!empty($subtypeval)) { + $subtypeval = (int) get_subtype_id($typekey, $subtypeval); + } else { + $subtypeval = 0; + } + if (!empty($tempwhere)) $tempwhere .= " or "; + $tempwhere .= "(e.type = '{$typekey}' and e.subtype = {$subtypeval})"; + } + } + if (!empty($tempwhere)) $where[] = "({$tempwhere})"; + + } else { + + $type = sanitise_string($type); + $subtype = get_subtype_id($type, $subtype); + + if ($type != "") + $where[] = "e.type='$type'"; + if ($subtype!=="") + $where[] = "e.subtype=$subtype"; + + } + + if ($owner_guid != "") { + if (!is_array($owner_guid)) { + $owner_array = array($owner_guid); + $owner_guid = (int) $owner_guid; + // $where[] = "owner_guid = '$owner_guid'"; + } else if (sizeof($owner_guid) > 0) { + $owner_array = array_map('sanitise_int', $owner_guid); + // Cast every element to the owner_guid array to int + // $owner_guid = array_map("sanitise_int", $owner_guid); + // $owner_guid = implode(",",$owner_guid); + // $where[] = "owner_guid in ({$owner_guid})"; + } + if (is_null($container_guid)) { + $container_guid = $owner_array; + } + } + if ($site_guid > 0) + $where[] = "e.site_guid = {$site_guid}"; + + if (!is_null($container_guid)) { + if (is_array($container_guid)) { + foreach($container_guid as $key => $val) $container_guid[$key] = (int) $val; + $where[] = "e.container_guid in (" . implode(",",$container_guid) . ")"; + } else { + $container_guid = (int) $container_guid; + $where[] = "e.container_guid = {$container_guid}"; + } + } + + if ($name) + { + $s_join = ""; + $i = 1; + foreach ($name as $k => $n) + { + $k = sanitise_string($k); + $s_join .= " JOIN {$CONFIG->dbprefix}private_settings s$i ON e.guid=s$i.entity_guid"; + $where[] = "s$i.name = '$k'"; + $where[] = "s$i.value = '$n'"; + $i++; + } + } + + if (!$count) { + $query = "SELECT distinct e.* from {$CONFIG->dbprefix}entities e $s_join where "; + } else { + $query = "SELECT count(distinct e.guid) as total from {$CONFIG->dbprefix}entities e $s_join where "; + } + foreach ($where as $w) + $query .= " $w and "; + $query .= get_access_sql_suffix('e'); // Add access controls + if (!$count) { + $query .= " order by $order_by"; + if ($limit) $query .= " limit $offset, $limit"; // Add order and limit + + $dt = get_data($query, "entity_row_to_elggstar"); + return $dt; + } else { + $total = get_data_row($query); + return $total->total; + } }
/**
diff --git a/engine/lib/widgets.php b/engine/lib/widgets.php index 1186a8b55..af589f497 100644 --- a/engine/lib/widgets.php +++ b/engine/lib/widgets.php @@ -9,7 +9,60 @@ * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
* @copyright Curverider Ltd 2008
* @link http://elgg.org/
- */
+ */ + + /** + * Override ElggObject in order to store widget data in ultra-private stores. + */ + class ElggWidget extends ElggObject + { + protected function initialise_attributes() + { + parent::initialise_attributes(); + + $this->attributes['subtype'] = "widget"; + } + + public function __construct($guid = null) { parent::__construct($guid); } + + /** + * Override entity get and sets in order to save data to private data store. + */ + public function get($name) + { + // See if its in our base attribute + if (isset($this->attributes[$name])) { + return $this->attributes[$name]; + } + + // No, so see if its in the private data store. + $meta = get_private_setting($this->guid, $name); + if ($meta) + return $meta; + + // Can't find it, so return null + return null; + } + + /** + * Override entity get and sets in order to save data to private data store. + */ + public function set($name, $value) + { + if (array_key_exists($name, $this->attributes)) + { + // Check that we're not trying to change the guid! + if ((array_key_exists('guid', $this->attributes)) && ($name=='guid')) + return false; + + $this->attributes[$name] = $value; + } + else + return set_private_setting($this->guid, $name, $value); + + return true; + } + }
/**
* Register a particular context for use with widgets.
@@ -118,12 +171,16 @@ * @return array|false An array of widget ElggObjects, or false
*/
function get_widgets($user_guid, $context, $column) {
-
- if ($widgets = get_user_objects_by_metadata($user_guid, "widget", array(
+ + if ($widgets = get_entities_from_private_setting_multi(array( + 'column' => $column, + 'context' => $context), "object", "widget", $user_guid, "", 10000))
+ /*if ($widgets = get_user_objects_by_metadata($user_guid, "widget", array(
'column' => $column,
'context' => $context,
), 10000)) {
-
+ */ + {
$widgetorder = array();
foreach($widgets as $widget) {
@@ -173,16 +230,17 @@ if ($user = get_user($user_guid)) {
- $widget = new ElggObject;
- $widget->subtype = "widget";
+ $widget = new ElggWidget; + $widget->owner_guid = $user_guid; + $widget->access_id = 1; + if (!$widget->save()) + return false; +
$widget->handler = $handler;
$widget->context = $context;
$widget->column = $column;
- $widget->order = $order; - $widget->owner_guid = $user_guid;
- $widget->access_id = 1;
- if (!$widget->save())
- return false;
+ $widget->order = $order;
+
// save_widget_location($widget, $order, $column);
return true;
@@ -302,13 +360,13 @@ // Save the params to the widget
if (is_array($params) && sizeof($params) > 0) {
foreach($params as $name => $value) { - error_log("ERP: $name". print_r($value, true));
+
if (!empty($name) && !in_array($name,array(
'guid','owner_guid','site_guid'
))) { if (is_array($value)) { - error_log("ERP: Here"); + // TODO: Handle arrays securely $widget->setMetaData($name, $value, "", true); }else
$widget->$name = $value;
@@ -428,7 +486,17 @@ return $return;
}
-
+ + /** + * Run some things once. + * + */ + function widget_run_once() + { + // Register a class + add_subtype("object", "widget", "ElggWidget"); + } +
/**
* Function to initialise widgets functionality on Elgg init
*
@@ -438,7 +506,9 @@ register_action('widgets/reorder');
register_action('widgets/save');
register_action('widgets/add');
-
+ + // Now run this stuff, but only once + run_function_once("widget_run_once");
}
// Register event
|