svn commit: r149 - trunk/mapbender/http/classes/class_administration.php

uli at osgeo.org uli at osgeo.org
Wed Apr 26 06:12:19 EDT 2006 

Author: uli
Date: 2006-04-26 10:12:19+0000
New Revision: 149

Modified:
   trunk/mapbender/http/classes/class_administration.php

Log:
code cleaning in process
db_prep_query coversion in process
new methods to handle owsproxys

Modified: trunk/mapbender/http/classes/class_administration.php
Url: https://mapbender.osgeo.org/source/browse/mapbender/trunk/mapbender/http/classes/class_administration.php?view=diff&rev=149&p1=trunk/mapbender/http/classes/class_administration.php&p2=trunk/mapbender/http/classes/class_administration.php&r1=148&r2=149
==============================================================================
--- trunk/mapbender/http/classes/class_administration.php	(original)
+++ trunk/mapbender/http/classes/class_administration.php	2006-04-26 10:12:19+0000
@@ -1,8 +1,7 @@
 <?php
-#$Id: class_administration.php,v 1.22 2006/02/15 10:51:14 astrid_emde Exp $
-#$Header: /cvsroot/mapbender/mapbender/http/classes/class_administration.php,v 1.22 2006/02/15 10:51:14 astrid_emde Exp $
-# Copyright (C) 2002 CCGIS 
-#
+# $Id$
+# http://www.mapbender.org/index.php/class_administration
+# Copyright (C) 2002 CCGIS
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 2, or (at your option)
@@ -36,9 +35,7 @@
  	
  	function adminstration(){
  		
- 	}
- 
- 
+ 	} 
  	// CB - returns true if $email is a valid email 
 	function isValidEmail ($email) {
 		if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
@@ -126,28 +123,23 @@
  	// CB - returns all owners (both from mb_user *and* mb_user from mb_group) of a gui
  	function getOwnerByGui($gui_id) {
    		global $DBSERVER,$DB,$OWNER,$PW;
-	
-		
-$sql = "(SELECT mb_user.mb_user_name";
-$sql .= "FROM mb_user ";
-$sql .= "JOIN gui_mb_user ON mb_user.mb_user_id = gui_mb_user.fkey_mb_user_id ";
-$sql .= "WHERE gui_mb_user.mb_user_type = 'owner' ";
-$sql .= "AND gui_mb_user.fkey_gui_id = '".$gui_id."' ";
-$sql .= "GROUP BY mb_user.mb_user_name ";
-$sql .= ") ";
-$sql .= "UNION ( ";
-$sql .= "SELECT mb_user.mb_user_name ";
-$sql .= "FROM gui_mb_group ";
-$sql .= "JOIN mb_user_mb_group ON mb_user_mb_group.fkey_mb_group_id = gui_mb_group.fkey_mb_group_id ";
-$sql .= "JOIN mb_user ON mb_user.mb_user_id = mb_user_mb_group.fkey_mb_user_id ";
-$sql .= "JOIN gui_mb_user ON mb_user.mb_user_id = gui_mb_user.fkey_mb_user_id ";
-$sql .= "WHERE gui_mb_group.mb_group_type = 'owner' ";
-$sql .= "AND gui_mb_group.fkey_gui_id = '".$gui_id."' ";
-$sql .= "GROUP BY mb_user.mb_user_name) ;";
- 
-		
-		
 		
+		$sql = "(SELECT mb_user.mb_user_name";
+		$sql .= "FROM mb_user ";
+		$sql .= "JOIN gui_mb_user ON mb_user.mb_user_id = gui_mb_user.fkey_mb_user_id ";
+		$sql .= "WHERE gui_mb_user.mb_user_type = 'owner' ";
+		$sql .= "AND gui_mb_user.fkey_gui_id = '".$gui_id."' ";
+		$sql .= "GROUP BY mb_user.mb_user_name ";
+		$sql .= ") ";
+		$sql .= "UNION ( ";
+		$sql .= "SELECT mb_user.mb_user_name ";
+		$sql .= "FROM gui_mb_group ";
+		$sql .= "JOIN mb_user_mb_group ON mb_user_mb_group.fkey_mb_group_id = gui_mb_group.fkey_mb_group_id ";
+		$sql .= "JOIN mb_user ON mb_user.mb_user_id = mb_user_mb_group.fkey_mb_user_id ";
+		$sql .= "JOIN gui_mb_user ON mb_user.mb_user_id = gui_mb_user.fkey_mb_user_id ";
+		$sql .= "WHERE gui_mb_group.mb_group_type = 'owner' ";
+		$sql .= "AND gui_mb_group.fkey_gui_id = '".$gui_id."' ";
+		$sql .= "GROUP BY mb_user.mb_user_name)";	
 		$owner = array();
 		$res = db_query($sql);
 		$cnt = 0;
@@ -159,17 +151,17 @@
  	}
  
  	//CB - returns the email address of a user identified by id
- 	function getEmailByUserId($id){
- 		global $DBSERVER,$DB,$OWNER,$PW;
-		$con = db_connect($DBSERVER,$OWNER,$PW);
+ 	function getEmailByUserId($userid){
+		$con = db_connect(DBSERVER,OWNER,PW);
 		db_select_db(DB,$con);
 		$sql = "SELECT mb_user_email FROM mb_user ";  
-		$sql .= "WHERE mb_user_id = '".$id."' GROUP by mb_user_email";    
-		$res = db_query($sql);
+		$sql .= "WHERE mb_user_id = $1 GROUP by mb_user_email";
+		$v = array($userid);
+		$t = array('i');    
+		$res = db_prep_query($sql,$v,$t);
   		$count_g = 0;
   		$array = array();
-		$row = db_fetch_array($res);
-		
+		$row = db_fetch_array($res);		
 		if ($row) {
 			return $row["mb_user_email"];
 		}
@@ -179,17 +171,17 @@
  	}	
 
  	//CB - returns the user id of a user identified by username
- 	function getUserNameByUserId($id){
- 		global $DBSERVER,$DB,$OWNER,$PW;
-		$con = db_connect($DBSERVER,$OWNER,$PW);
+ 	function getUserNameByUserId($userid){
+		$con = db_connect(DBSERVER,OWNER,PW);
 		db_select_db(DB,$con);
 		$sql = "SELECT mb_user_name FROM mb_user ";  
-		$sql .= "WHERE mb_user_id = '".$id."' GROUP BY mb_user_name";    
-		$res = db_query($sql);
+		$sql .= "WHERE mb_user_id = $1 GROUP BY mb_user_name";
+		$v = array($userid);
+		$t = array("i");    
+		$res = db_prep_query($sql,$v,$t);
   		$count_g = 0;
   		$array = array();
-		$row = db_fetch_array($res);
-		
+		$row = db_fetch_array($res);		
 		if ($row) {
 			return $row["mb_user_name"];
 		}
@@ -200,12 +192,13 @@
 
  	// CB - returns userId of user(s) with email address $email
  	function getUserIdByEmail($email){
- 		global $DBSERVER,$DB,$OWNER,$PW;
-		$con = db_connect($DBSERVER,$OWNER,$PW);
+		$con = db_connect(DBSERVER,OWNER,PW);
 		db_select_db(DB,$con);
 		$sql = "SELECT  mb_user_id FROM mb_user ";  
-		$sql .= "WHERE mb_user_email = '".$email."' GROUP BY mb_user_id";    
-		$res = db_query($sql);
+		$sql .= "WHERE mb_user_email = $1 GROUP BY mb_user_id";
+		$v = array($email);
+		$t = array('s');    
+		$res = db_prep_query($sql,$v,$t);
   		$count_g = 0;
   		$array = array();
 		while($row = db_fetch_array($res)){
@@ -222,9 +215,9 @@
 
 	// CB - returns all owners of wms $wms_id
   	function getOwnerByWms($wms_id){
-   	global $DBSERVER,$DB,$OWNER,$PW;
-   	$sql = "SELECT fkey_gui_id FROM gui_wms WHERE fkey_wms_id = ".$wms_id." GROUP BY fkey_gui_id";
-   	$count=0;
+   		global $DBSERVER,$DB,$OWNER,$PW;
+   		$sql = "SELECT fkey_gui_id FROM gui_wms WHERE fkey_wms_id = ".$wms_id." GROUP BY fkey_gui_id";
+   		$count=0;
 		$res = db_query($sql);
 		while($row = db_fetch_array($res)){
 			$gui[$count] = $row["fkey_gui_id"];
@@ -577,61 +570,71 @@
  	}	
  	
  	
- 	function getGuisByPermission($mb_user_id){
- 		global $DBSERVER,$DB,$OWNER,$PW;
+	function getGuisByPermission($mb_user_id){
+		$connect = db_connect(DBSERVER,OWNER,PW);
+		db_select_db(DB);
+		
 		$arrayGuis = array();
-   
-		$sql_groups = "SELECT fkey_mb_group_id FROM mb_user_mb_group WHERE fkey_mb_user_id = ". $mb_user_id." ;";
-		$res_groups = db_query($sql_groups);
+		$mb_user_groups = array();		
+		$sql_groups = "SELECT fkey_mb_group_id FROM mb_user_mb_group WHERE fkey_mb_user_id = $1 ";
+		$v = array($mb_user_id);
+		$t = array("i");
+		$res_groups = db_prep_query($sql_groups,$v,$t);		
 		$cnt_groups = 0;
 		while($row = db_fetch_array($res_groups)){
 			$mb_user_groups[$cnt_groups] = $row["fkey_mb_group_id"];
 			$cnt_groups++;
 		}
-
 		$count_g = 0;
-  		
-
-			if($cnt_groups > 0){
-				$sql_g = "SELECT gui.gui_id FROM gui JOIN gui_mb_group ";     
-				$sql_g .= " ON gui.gui_id = gui_mb_group.fkey_gui_id WHERE gui_mb_group.fkey_mb_group_id IN (";  
-				for($i=0; $i<count($mb_user_groups);$i++){
-					if($i > 0){$sql_g .= ",";}
-					$sql_g .= $mb_user_groups[$i];
-				}
-				$sql_g .= ") GROUP BY gui.gui_id";
-				$res_g = db_query($sql_g);
-	 
-				while($row = db_fetch_array($res_g)){
-					$arrayGuis[$count_g] = $row["gui_id"];
-					$count_g++;
-				}
-			}
-	  
-			$sql_guis = "SELECT gui.gui_id FROM gui JOIN gui_mb_user ON gui.gui_id = gui_mb_user.fkey_gui_id";  
-			$sql_guis .= " WHERE (gui_mb_user.fkey_mb_user_id = ".$mb_user_id.") ";
-			$sql_guis .= " AND gui.gui_public = 1  GROUP BY gui.gui_id";  
-	  
-			$res_guis = db_query($sql_guis);
-			$count_guis = 0;
-			$guis = array();
-			while($row = db_fetch_array($res_guis)){
-				$guis[$count_guis] = $row['gui_id'];			
-				$count_guis++;
+		if($cnt_groups > 0){
+			$v = array();
+			$t = array();
+			$sql_g = "SELECT gui.gui_id FROM gui JOIN gui_mb_group ";     
+			$sql_g .= " ON gui.gui_id = gui_mb_group.fkey_gui_id WHERE gui_mb_group.fkey_mb_group_id IN (";  
+			for($i=0; $i<count($mb_user_groups);$i++){
+				if($i > 0){$sql_g .= ",";}
+				$sql_g .= "$".strval($i+1);
+				array_push($v,$mb_user_groups[$i]);
+				array_push($t,"i");
 			}
-
+			$sql_g .= ") GROUP BY gui.gui_id";				
+		}
+		$res_g = db_prep_query($sql_g,$v,$t);
+		while($row = db_fetch_array($res_g)){
+			$arrayGuis[$count_g] = $row["gui_id"];
+			$count_g++;
+		}
+	
+		$sql_guis = "SELECT gui.gui_id FROM gui JOIN gui_mb_user ON gui.gui_id = gui_mb_user.fkey_gui_id";  
+		$sql_guis .= " WHERE (gui_mb_user.fkey_mb_user_id = $1) ";
+		$sql_guis .= " AND gui.gui_public = 1  GROUP BY gui.gui_id";  
+		$v = array($mb_user_id);
+		$t = array("i");
+		$res_guis = db_prep_query($sql_guis,$v,$t);
+		$count_guis = 0;
+		$guis = array();
+		while($row = db_fetch_array($res_guis)){
+			$guis[$count_guis] = $row['gui_id'];			
+			$count_guis++;
+		}
 		return $guis;
-	}  
-	function getWmsByOwnGuis($array_gui_ids){
-		global $DBSERVER,$DB,$OWNER,$PW;
+	}
+		
+	function getWmsByOwnGuis($array_gui_ids){ 
+		$connect = db_connect(DBSERVER,OWNER,PW);
+		db_select_db(DB);
 		if(count($array_gui_ids)>0){
+			$v = array();
+			$t = array();
 			$sql = "SELECT fkey_wms_id from gui_wms WHERE gui_wms.fkey_gui_id IN(";
 			for($i=0; $i<count($array_gui_ids); $i++){
 				if($i>0){ $sql .= ",";}
-				$sql .= "'".$array_gui_ids[$i]."'";
+				$sql .= "$".strval($i+1);
+				array_push($v, $array_gui_ids[$i]);
+				array_push($t, "s");
 			}
 			$sql .= ") GROUP BY fkey_wms_id";
-			$res = db_query($sql);	
+			$res = db_prep_query($sql,$v,$t);
 			$ownguis = array();
 			$i=0;
 			while($row = db_fetch_array($res)){
@@ -689,9 +692,9 @@
 			return true;
 		}	
  	}
- 
    	
    	function checkModulePermission($arrayGuis, $modulePath, $column){
+   		// no prepared statements necessary - no client requests
    		$check = true;
    		if($check == true){
 	   		global $DBSERVER,$DB,$OWNER,$PW;
@@ -718,5 +721,45 @@
    			return true;	
    		}
    	}
+   	function getWMSOWSstring($wms_id){
+   		$sql = "SELECT wms_owsproxy FROM wms WHERE wms_id = $1 ";
+   		$v = array($wms_id);
+   		$t = array("i");
+   		$res = db_prep_query($sql,$v,$t);
+   		if($row = db_fetch_array($res)){
+   			return $row["wms_owsproxy"];
+   		}
+   		else{
+   			return false;	
+   		}
+   	}
+   	function setWMSOWSstring($wms_id, $status){
+   		$sql = "UPDATE wms SET wms_owsproxy = $1 WHERE wms_id = $2 ";
+   		$t = array("s","i");
+   		if($status == 'on'){
+   			$time = md5(microtime(1));
+			$v = array($time,$wms_id);
+   		}
+   		else{
+   			$v = array("",$wms_id);   			
+   		}
+   		$res = db_prep_query($sql,$v,$t);
+   	}
+   	function checkURL($url){
+		$pos_qm = strpos($url,"?");
+		if($pos_qm > 0 && $pos_qm < (strlen($url)-1) && substr($url,(strlen($url)-1)) != "&"){
+			$url = $url."&";
+			return $url;
+		}
+		else if($pos_qm === false){
+			return $url."?";
+		}
+		else{
+			return $url;	
+		}
+	}
 }
+$n = new administration();
+$r = $n->getOwnerByGui("admin1");
+print_r($r);
 ?>
\ No newline at end of file

More information about the Mapbender_commits mailing list