query("select from users where name='".addslashesifnogpc($username)."'"); if($AEdb->num_rows($q)>0) return false; $sql = "insert into users (name,password,email) values ('".addslashesifnogpc($username)."',PASSWORD('".addslashesifnogpc($password)."'),'".addslashesifnogpc($email)."')"; $AEdb->query($sql); $q = $AEdb->query("select name from users where name='".addslashesifnogpc($username)."'"); if($AEdb->num_rows($q)>0) return true; else return false; } /** * A function to transform a category's display using a specific template. * * The category attributes can be referenced in the template by $attributename which will be replaced by the attribute value * if it exists, even if its value is a blank string. If it does not exist, the string "$attributename" will be left intact in the rendered template. * Getting a link to a file stored in the category can be done using %filename - you may wish to do something like * which will let the category owners modify profile.jpg at any time, and the templated view which * may be displayed on a page they don't control will be updated with the new picture. * Also, if you would like this image to be resized to fit within a bounding box on the server side, you may include &thumbWidth=400&thumbHeight=400 * as a part of the path like so: * * $template is the actual template text itself, which may include html and any tags. * $catname is the category name, such as "Peter Allen" */ function render_template_on_category($template,$catname) { global $AEdb; //replace $attributes with their values $attributearray = get_attributes($catname); foreach($attributearray as $attribname =>$attribvalue) $template = str_replace("",$attribvalue,$template); $filenamearray = get_filenames($catname); foreach($filenamearray as $fileID => $filename) $template = str_replace("%".$filename,$CDB[fullWebAddress]."/getfile/?getfile=$fileID",$template); //create [category links] $template = eregi_replace("\[([^]]*)\]","\\1",$template); //$template = eregi_replace("selected=\"([^\"]*)\"(^!+)value=\"\\1\"(.+?)","\\2value=\"\\1\" selected\\3",$template); //$template = eregi_replace("selected=\"([^\"]*)\"(.*)value=\"\\1\"","\\2",$template); return $template; } /** * Creates or Updates a new category within the database. * * Only the $user and $catname variables are required, the rest is optional. $user must be an object of cogdbuser type. * If parent or child categories are specified which the user does not have LINK_PARENT or LINK_CHILD access to, they will not be linked, * but this will not cause problems with the category creation or linking of categories they do have these permissions on. * Attributes is an array of name=>value pairs that specify all the attribute values for that category. The parents will first be linked, which will enable the inherited attributes to be filled in. */ function update_category($user, $catname, $parentcatnames="", $childcatnames="", $body="", $attributes="") { global $AEdb; if(!$user->id) return false; //create the category if it doesn't yet exist $q = $AEdb->query("select name from category where name='".addslashesifnogpc($catname)."'"); if($AEdb->num_rows($q)==0) { $sql = "insert into category (name,body,creator_id) values ('".addslashesifnogpc($catname)."','".addslashesifnogpc($body)."',".$user->id.")"; $AEdb->query($sql); $q = $AEdb->query("select name from category where name='".addslashesifnogpc($catname)."'"); if($AEdb->num_rows($q)==0) return false; } //set the parent categories as specified, first checking permissions if(hasAccess($user,$catname,"EDIT_PARENTS") && $parentcatnames!="") { $approvedparents = array(); $parentarray=explode(",",$parentcatnames); foreach($parentarray as $parent) if(hasAccess($user,$parent,"LINK_PARENT")) $approvedparents[] = $parent; foreach($approvedparents as $parent) $AEdb->query("insert into cat_relation (parent,child) values ((select id from category where name='".addslashesifnogpc($parent)."'),(select id from category where name='".addslashesifnogpc($catname)."'))"); } //set the child categories as specified, first checking permissions if(hasAccess($user,$catname,"EDIT_CHILDREN") && $childcatnames!="") { $approvedchildren = array(); $childarray=explode(",",$childcatnames); foreach($childarray as $child) if(hasAccess($user,$child,"LINK_CHILD")) $approvedchildren[] = $child; foreach($approvedchildren as $child) $AEdb->query("insert into cat_relation (parent,child) values ((select id from category where name='".addslashesifnogpc($catname)."'),(select id from category where name='".addslashesifnogpc($child)."'))"); } if(hasAccess($user,$catname,"EDIT_ATTRIBUTES") && $attributes!="") { //get the current attributes and change them as needed, by providing updatearray to the get_attributes function $current_atts = get_attributes($catname,$attributes); } else get_attributes($catname); //otherwise just create the attributes for the potentially newly created category if(hasAccess($user,$catname,"EDIT_BODY") && $body!="") { $AEdb->query("update category set body = '".addslashesifnogpc($body)."' where name='".addslashesifnogpc($catname)."'"); } } $attributelistcache = array(); /** * Returns an array with name => value of all attributes a category contains. Returns an empty array when no attributes are present. * * Only the $user and $catname variables are required, the rest is optional. $user must be an object of cogdbuser type. * If parent or child categories are specified which the user does not have LINK_PARENT or LINK_CHILD access to, they will not be linked, * but this will not cause problems with the category creation or linking of categories they do have these permissions on. * * Optionally, you may provide updatearray, an array with name=>value pairs corresponding to new values you would like to set the attributes to. */ function get_attributes($catname,$updatearray="") { global $CDB,$AEdb; $u = $CDB['user']; if($attributelistcache[$catname]) return $attributelistcache[$catname]; $attributes = array(); $temp_parentcatlist = get_parent_categories($catname); for($x=0; $xquery("select * from `zz_".addslashesifnogpc($temp_parentcatlist[$x])."` where catid=$catid"); if($AEdb->num_rows($q)<1) { $sql = "insert into `zz_".$temp_parentcatlist[$x]."` (catid) values ((select id from category where name='$catname'))"; $AEdb->query($sql); $q = $AEdb->query("select * from `zz_".$temp_parentcatlist[$x]."` where catid=(select id from category where name='$catname')"); } while($d = $AEdb->fetch_object($q)) { foreach ($d as $varname => $varvalue) { if(strlen($varname)>9 && strpos($varname,"__ARRAY__")==strlen($varname)-9) { $varnamewithouttype=substr($varname,0,strlen($varname)-9); if(isset($updatearray[$varnamewithouttype."0"])) { $newarray = array(); $j=0; while(isset($updatearray[$varnamewithouttype.($j)])) { if($updatearray[$varnamewithouttype.$j]!="") $newarray[]=$updatearray[$varnamewithouttype."".$j]; $j++; } $updatearray[$varname]=$newarray; } } if(isset($updatearray[$varname]) && hasAccess($u,$catname,"EDIT_ATTRIBUTES")) { if(is_array($updatearray[$varname])) { $attributes[substr($varname,0,strlen($varname)-9)]=$updatearray[$varname]; $collapsedarray = ""; foreach($updatearray[$varname] as $e) { if($collapsedarray!="") $collapsedarray.=","; $s = str_replace("\\","\\\\",$e); $collapsedarray.=str_replace(",","\\,",$s); } $updatearray[$varname]=$collapsedarray; $sql = "update `zz_".addslashesifnogpc($temp_parentcatlist[$x])."` set `".addslashesifnogpc($varname)."`='".addslashesifnogpc($updatearray[$varname])."' where catid=(select id from category where name='$catname')"; } else $attributes[$varname]=$updatearray[$varname]; $sql = "update `zz_".addslashesifnogpc($temp_parentcatlist[$x])."` set `".addslashesifnogpc($varname)."`='".addslashesifnogpc($updatearray[$varname])."' where catid=(select id from category where name='$catname')"; $AEdb->query($sql); } elseif($varname!="catid") { if(strlen($varname)>9 && strpos($varname,"__ARRAY__")==strlen($varname)-9) { $varvalue = str_replace("\\\\","\0",$varvalue); $varvalue =preg_split("/(?query($sql); $filenames=array(); while($d = $AEdb->fetch_object($q)) { $filenames[$d->id] = $d->name; } return $filenames; } $parentcategorycache = array(); /** * Returns an array of the names of parent categories * */ function get_parent_categories($catname) { global $AEdb,$parentcategorycache; if($parentcategorycache[$catname]) return $parentcategorycache[$catname]; $sql = "select name from category where id in (select parent from cat_relation where child = (select id from category where name='".addslashesifnogpc($catname)."'))"; $q = $AEdb->query($sql); $parentcatlist=array(); if($AEdb->num_rows($q)>0) { while($d = $AEdb->fetch_object($q)) { $parentcatlist[]=$d->name; } } $parentcategorycache[$catname] = $parentcatlist; return $parentcatlist; } /* * Returns an array whos keys are the child names of $catname, and values are another associative array where the key is the attribname and the value is the attribute value of that child. */ function get_child_category_attributes($catname, $attribs="",$orderby="") { global $CDB,$AEdb; $u = $CDB['user']; if($attribs=="") $attribs="*"; $attributes = array(); if($orderby!="") $orderby = " ORDER BY ".addslashesifnogpc($orderby); // the parentcatlist will currently only include the current category and any of its parents. The children may have other parents besides the category you call this function for, that functionality will be programmed as needed. $temp_parentcatlist = get_parent_categories($catname); $temp_parentcatlist[]=$catname; for($x=0; $xquery($sql); while($d = $AEdb->fetch_object($q)) { $childcatname = $d->childcategorycatname; foreach ($d as $varname => $varvalue) { if($varname!="catid" && $varname !="childcategorycatname") { if(strlen($varname)>9 && strpos($varname,"__ARRAY__")==strlen($varname)-9) { $varvalue = str_replace("\\\\","\0",$varvalue); $varvalue =preg_split("/(?query($sql); $childcatlist=array(); if($AEdb->num_rows($q)>0) { while($d = $AEdb->fetch_object($q)) { $childcatlist[]=$d->name; } } return $childcatlist; } ?>