From 50235f0c55cfe25cd7ec136932eca4e039e356d0 Mon Sep 17 00:00:00 2001
From: marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Wed, 26 Nov 2008 18:44:13 +0000
Subject: Closes #571: Widgets now use private store for settings

git-svn-id: https://code.elgg.org/elgg/trunk@2490 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 engine/lib/entities.php | 125 ++++++++++++++++++++++++++++++++++++++++++++++++
 engine/lib/widgets.php  | 100 ++++++++++++++++++++++++++++++++------
 2 files changed, 210 insertions(+), 15 deletions(-)

(limited to 'engine/lib')

diff --git a/engine/lib/entities.php b/engine/lib/entities.php
index b645fc372..43bb4a710 100644
--- a/engine/lib/entities.php
+++ b/engine/lib/entities.php
@@ -2352,6 +2352,131 @@
 			$query .= " order by $order_by";
 			if ($limit) $query .= " limit $offset, $limit"; // Add order and limit
 				
+			$dt = get_data($query, "entity_row_to_elggstar");
+			return $dt;
+		} else {
+			$total = get_data_row($query);
+			return $total->total;
+		}
+	}
+	
+	/**
+	 * Get entities based on their private data by multiple keys, in a similar way to metadata.
+	 *
+	 * @param string $name The name of the setting
+	 * @param string $value The value of the setting
+	 * @param string $type The type of entity (eg "user", "object" etc)
+	 * @param string $subtype The arbitrary subtype of the entity
+	 * @param int $owner_guid The GUID of the owning user
+	 * @param string $order_by The field to order by; by default, time_created desc
+	 * @param int $limit The number of entities to return; 10 by default
+	 * @param int $offset The indexing offset, 0 by default
+	 * @param boolean $count Set to true to get a count rather than the entities themselves (limits and offsets don't apply in this context). Defaults to false.
+	 * @param int $site_guid The site to get entities for. Leave as 0 (default) for the current site; -1 for all sites.
+	 * @param int|array $container_guid The container or containers to get entities from (default: all containers).
+	 * @return array A list of entities. 
+	 */
+	function get_entities_from_private_setting_multi(array $name, $type = "", $subtype = "", $owner_guid = 0, $order_by = "", $limit = 10, $offset = 0, $count = false, $site_guid = 0, $container_guid = null)
+	{
+		global $CONFIG;
+		
+		if ($subtype === false || $subtype === null || $subtype === 0)
+			return false;
+			
+		if ($order_by == "") $order_by = "e.time_created desc";
+		$order_by = sanitise_string($order_by);
+		$limit = (int)$limit;
+		$offset = (int)$offset;
+		$site_guid = (int) $site_guid;
+		if ($site_guid == 0)
+			$site_guid = $CONFIG->site_guid;
+				
+		$where = array();
+		
+		if (is_array($type)) {			
+			$tempwhere = "";
+			if (sizeof($type))
+			foreach($type as $typekey => $subtypearray) {
+				foreach($subtypearray as $subtypeval) {
+					$typekey = sanitise_string($typekey);
+					if (!empty($subtypeval)) {
+						$subtypeval = (int) get_subtype_id($typekey, $subtypeval);
+					} else {
+						$subtypeval = 0;
+					}
+					if (!empty($tempwhere)) $tempwhere .= " or ";
+					$tempwhere .= "(e.type = '{$typekey}' and e.subtype = {$subtypeval})";
+				}								
+			}
+			if (!empty($tempwhere)) $where[] = "({$tempwhere})";
+			
+		} else {
+		
+			$type = sanitise_string($type);
+			$subtype = get_subtype_id($type, $subtype);
+			
+			if ($type != "")
+				$where[] = "e.type='$type'";
+			if ($subtype!=="")
+				$where[] = "e.subtype=$subtype";
+				
+		}
+				
+		if ($owner_guid != "") {
+			if (!is_array($owner_guid)) {
+				$owner_array = array($owner_guid);
+				$owner_guid = (int) $owner_guid;
+			//	$where[] = "owner_guid = '$owner_guid'";
+			} else if (sizeof($owner_guid) > 0) {
+				$owner_array = array_map('sanitise_int', $owner_guid);
+				// Cast every element to the owner_guid array to int
+			//	$owner_guid = array_map("sanitise_int", $owner_guid);
+			//	$owner_guid = implode(",",$owner_guid);
+			//	$where[] = "owner_guid in ({$owner_guid})";
+			}
+			if (is_null($container_guid)) {
+				$container_guid = $owner_array;
+			}
+		}
+		if ($site_guid > 0)
+			$where[] = "e.site_guid = {$site_guid}";
+			
+		if (!is_null($container_guid)) {
+			if (is_array($container_guid)) {
+				foreach($container_guid as $key => $val) $container_guid[$key] = (int) $val;
+				$where[] = "e.container_guid in (" . implode(",",$container_guid) . ")";
+			} else {
+				$container_guid = (int) $container_guid;
+				$where[] = "e.container_guid = {$container_guid}";
+			}
+		}
+			
+		if ($name)
+		{
+			$s_join = "";
+			$i = 1;
+			foreach ($name as $k => $n)
+			{
+				$k = sanitise_string($k);
+				$s_join .= " JOIN {$CONFIG->dbprefix}private_settings s$i ON e.guid=s$i.entity_guid";
+				$where[] = "s$i.name = '$k'";
+				$where[] = "s$i.value = '$n'";
+				$i++;
+			}
+		}
+			
+		if (!$count) {
+			$query = "SELECT distinct e.* from {$CONFIG->dbprefix}entities e $s_join where ";
+		} else {
+			$query = "SELECT count(distinct e.guid) as total from {$CONFIG->dbprefix}entities e $s_join where ";
+		}
+		foreach ($where as $w)
+			$query .= " $w and ";
+		$query .= get_access_sql_suffix('e'); // Add access controls
+		if (!$count) {
+			$query .= " order by $order_by";
+			if ($limit) $query .= " limit $offset, $limit"; // Add order and limit
+			
 			$dt = get_data($query, "entity_row_to_elggstar");
 			return $dt;
 		} else {
diff --git a/engine/lib/widgets.php b/engine/lib/widgets.php
index 1186a8b55..af589f497 100644
--- a/engine/lib/widgets.php
+++ b/engine/lib/widgets.php
@@ -9,7 +9,60 @@
 	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
 	 * @copyright Curverider Ltd 2008
 	 * @link http://elgg.org/
-	 */
+	 */
+
+	/**
+	 * Override ElggObject in order to store widget data in ultra-private stores.
+	 */
+	class ElggWidget extends ElggObject
+	{
+		protected function initialise_attributes()
+		{
+			parent::initialise_attributes();
+			
+			$this->attributes['subtype'] = "widget";
+		}
+
+		public function __construct($guid = null) {	parent::__construct($guid); }
+			
+		/**
+		 * Override entity get and sets in order to save data to private data store.
+		 */
+		public function get($name)
+		{
+			// See if its in our base attribute
+			if (isset($this->attributes[$name])) {
+				return $this->attributes[$name];
+			}
+			
+			// No, so see if its in the private data store.
+			$meta = get_private_setting($this->guid, $name);
+			if ($meta)
+				return $meta;
+			
+			// Can't find it, so return null
+			return null;
+		}
+
+		/**
+		 * Override entity get and sets in order to save data to private data store.
+		 */
+		public function set($name, $value)
+		{
+			if (array_key_exists($name, $this->attributes))
+			{
+				// Check that we're not trying to change the guid! 
+				if ((array_key_exists('guid', $this->attributes)) && ($name=='guid'))
+					return false;
+					
+				$this->attributes[$name] = $value;
+			}
+			else 
+				return set_private_setting($this->guid, $name, $value);
+		
+			return true;
+		}
+	}
 
 	/**
 	 * Register a particular context for use with widgets.
@@ -118,12 +171,16 @@
 	 * @return array|false An array of widget ElggObjects, or false
 	 */
 		function get_widgets($user_guid, $context, $column) {
-			
-			if ($widgets = get_user_objects_by_metadata($user_guid, "widget", array(
+			
+			if ($widgets = get_entities_from_private_setting_multi(array(
+												'column' => $column,
+												'context' => $context), "object", "widget", $user_guid, "", 10000))
+			/*if ($widgets = get_user_objects_by_metadata($user_guid, "widget", array(
 												'column' => $column,
 												'context' => $context, 
 																	), 10000)) {
-
+			*/
+			{
 																		
 				$widgetorder = array();
 				foreach($widgets as $widget) {
@@ -173,16 +230,17 @@
 			
 			if ($user = get_user($user_guid)) {
 				
-				$widget = new ElggObject;
-				$widget->subtype = "widget";
+				$widget = new ElggWidget;
+				$widget->owner_guid = $user_guid;
+				$widget->access_id = 1;
+				if (!$widget->save())
+					return false;
+					
 				$widget->handler = $handler;
 				$widget->context = $context;
 				$widget->column = $column;
-				$widget->order = $order;
-				$widget->owner_guid = $user_guid;
-				$widget->access_id = 1;
-				if (!$widget->save())
-					return false;
+				$widget->order = $order;
+				
 				// save_widget_location($widget, $order, $column);
 				return true;
 				
@@ -302,13 +360,13 @@
 				// Save the params to the widget 
 				if (is_array($params) && sizeof($params) > 0) {
 					foreach($params as $name => $value) {
-						error_log("ERP: $name". print_r($value, true));
+						
 						if (!empty($name) && !in_array($name,array(
 								'guid','owner_guid','site_guid'
 																	))) {
 							if (is_array($value))
 							{
-								error_log("ERP: Here");
+								// TODO: Handle arrays securely
 								$widget->setMetaData($name, $value, "", true);
 							}else
 								$widget->$name = $value;
@@ -428,7 +486,17 @@
 			return $return;
 			
 		}
-		
+		
+		/**
+		 * Run some things once.
+		 *
+		 */
+		function widget_run_once()
+		{
+			// Register a class
+			add_subtype("object", "widget", "ElggWidget");	
+		}
+
 	/**
 	 * Function to initialise widgets functionality on Elgg init
 	 *
@@ -438,7 +506,9 @@
 			register_action('widgets/reorder');
 			register_action('widgets/save');
 			register_action('widgets/add');
-			
+			
+			// Now run this stuff, but only once
+			run_function_once("widget_run_once");
 		}
 		
 	// Register event
-- 
cgit v1.2.3