3 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
4 * Copyright (C) 2002-2007 The Nucleus Group
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version 2
9 * of the License, or (at your option) any later version.
10 * (see nucleus/documentation/index.html#license for more info)
13 * This class makes sure each item/weblog/comment object gets requested from
14 * the database only once, by keeping them in a cache. The class also acts as
15 * a dynamic classloader, loading classes _only_ when they are first needed,
16 * hoping to diminish execution time
18 * The class is a singleton, meaning that there will be only one object of it
19 * active at all times. The object can be requested using MANAGER::instance()
21 * @license http://nucleuscms.org/license.txt GNU General Public License
22 * @copyright Copyright (C) 2002-2007 The Nucleus Group
23 * @version $Id: MANAGER.php,v 1.8 2007-04-06 19:36:29 kmorimatsu Exp $
24 * $NucleusJP: MANAGER.php,v 1.7 2007/02/04 06:28:46 kimitake Exp $
29 * Cached ITEM, BLOG, PLUGIN, KARMA and MEMBER objects. When these objects are requested
30 * through the global $manager object (getItem, getBlog, ...), only the first call
31 * will create an object. Subsequent calls will return the same object.
33 * The $items, $blogs, ... arrays map an id to an object (for plugins, the name is used
44 * cachedInfo to avoid repeated SQL queries (see pidInstalled/pluginInstalled/getPidFromName)
45 * e.g. which plugins exists?
47 * $cachedInfo['installedPlugins'] = array($pid -> $name)
52 * The plugin subscriptionlist
54 * The subcription array has the following structure
55 * $subscriptions[$EventName] = array containing names of plugin classes to be
56 * notified when that event happens
61 * Returns the only instance of this class. Creates the instance if it
62 * does not yet exists. Users should use this function as
63 * $manager =& MANAGER::instance(); to get a reference to the object
66 function &instance() {
67 static $instance = array();
68 if (empty($instance)) {
69 $instance[0] =& new MANAGER();
75 * The constructor of this class initializes the object caches
78 $this->items = array();
79 $this->blogs = array();
80 $this->plugins = array();
81 $this->karma = array();
82 $this->parserPrefs = array();
83 $this->cachedInfo = array();
87 * Returns the requested item object. If it is not in the cache, it will
88 * first be loaded and then placed in the cache.
89 * Intended use: $item =& $manager->getItem(1234)
91 function &getItem($itemid, $allowdraft, $allowfuture) {
92 $item =& $this->items[$itemid];
94 // check the draft and future rules if the item was already cached
96 if ((!$allowdraft) && ($item['draft']))
99 $blog =& $this->getBlog(getBlogIDFromItemID($itemid));
100 if ((!$allowfuture) && ($item['timestamp'] > $blog->getCorrectTime()))
104 // load class if needed
105 $this->loadClass('ITEM');
107 $item = ITEM::getitem($itemid, $allowdraft, $allowfuture);
108 $this->items[$itemid] = $item;
114 * Loads a class if it has not yet been loaded
116 function loadClass($name) {
117 $this->_loadClass($name, $name . '.php');
121 * Checks if an item exists
123 function existsItem($id,$future,$draft) {
124 $this->_loadClass('ITEM','ITEM.php');
125 return ITEM::exists($id,$future,$draft);
129 * Checks if a category exists
131 function existsCategory($id) {
132 return (quickQuery('SELECT COUNT(*) as result FROM '.sql_table('category').' WHERE catid='.intval($id)) > 0);
135 function &getBlog($blogid) {
136 $blog =& $this->blogs[$blogid];
139 // load class if needed
140 $this->_loadClass('BLOG','BLOG.php');
142 $blog =& new BLOG($blogid);
143 $this->blogs[$blogid] =& $blog;
148 function existsBlog($name) {
149 $this->_loadClass('BLOG','BLOG.php');
150 return BLOG::exists($name);
153 function existsBlogID($id) {
154 $this->_loadClass('BLOG','BLOG.php');
155 return BLOG::existsID($id);
159 * Returns a previously read template
161 function &getTemplate($templateName) {
162 $template =& $this->templates[$templateName];
165 $template = TEMPLATE::read($templateName);
166 $this->templates[$templateName] =& $template;
172 * Returns a KARMA object (karma votes)
174 function &getKarma($itemid) {
175 $karma =& $this->karma[$itemid];
178 // load class if needed
179 $this->_loadClass('KARMA','KARMA.php');
180 // create KARMA object
181 $karma =& new KARMA($itemid);
182 $this->karma[$itemid] =& $karma;
188 * Returns a MEMBER object
190 function &getMember($memberid) {
191 $mem =& $this->members[$memberid];
194 // load class if needed
195 $this->_loadClass('MEMBER','MEMBER.php');
196 // create MEMBER object
197 $mem =& MEMBER::createFromID($memberid);
198 $this->members[$memberid] =& $mem;
204 * Global parser preferences
206 function setParserProperty($name, $value) {
207 $this->parserPrefs[$name] = $value;
209 function getParserProperty($name) {
210 return $this->parserPrefs[$name];
214 * A private helper class to load classes
216 function _loadClass($name, $filename) {
217 if (!class_exists($name)) {
219 include($DIR_LIBS . $filename);
223 function _loadPlugin($name) {
224 if (!class_exists($name)) {
227 $fileName = $DIR_PLUGINS . $name . '.php';
229 if (!file_exists($fileName))
231 ACTIONLOG::add(WARNING, 'Plugin ' . $name . ' was not loaded (File not found)');
238 // check if class exists (avoid errors in eval'd code)
239 if (!class_exists($name))
241 ACTIONLOG::add(WARNING, 'Plugin ' . $name . ' was not loaded (Class not found in file, possible parse error)');
245 // add to plugin array
246 eval('$this->plugins[$name] =& new ' . $name . '();');
249 $this->plugins[$name]->plugid = $this->getPidFromName($name);
251 // unload plugin if a prefix is used and the plugin cannot handle this^
252 global $MYSQL_PREFIX;
253 if (($MYSQL_PREFIX != '') && !$this->plugins[$name]->supportsFeature('SqlTablePrefix'))
255 unset($this->plugins[$name]);
256 ACTIONLOG::add(WARNING, 'Plugin ' . $name . ' was not loaded (does not support SqlTablePrefix)');
261 $this->plugins[$name]->init();
266 function &getPlugin($name) {
267 $plugin =& $this->plugins[$name];
270 // load class if needed
271 $this->_loadPlugin($name);
272 $plugin =& $this->plugins[$name];
278 * checks if the given plugin IS loaded or not
280 function &pluginLoaded($name) {
281 $plugin =& $this->plugins[$name];
284 function &pidLoaded($pid) {
286 reset($this->plugins);
287 while (list($name) = each($this->plugins)) {
288 if ($pid!=$this->plugins[$name]->getId()) continue;
289 $plugin= & $this->plugins[$name];
296 * checks if the given plugin IS installed or not
298 function pluginInstalled($name) {
299 $this->_initCacheInfo('installedPlugins');
300 return ($this->getPidFromName($name) != -1);
302 function pidInstalled($pid) {
303 $this->_initCacheInfo('installedPlugins');
304 return ($this->cachedInfo['installedPlugins'][$pid] != '');
306 function getPidFromName($name) {
307 $this->_initCacheInfo('installedPlugins');
308 foreach ($this->cachedInfo['installedPlugins'] as $pid => $pfile)
315 function clearCachedInfo($what) {
316 unset($this->cachedInfo[$what]);
320 * Loads some info on the first call only
322 function _initCacheInfo($what)
324 if (isset($this->cachedInfo[$what]) && is_array($this->cachedInfo[$what]))
328 // 'installedPlugins' = array ($pid => $name)
329 case 'installedPlugins':
330 $this->cachedInfo['installedPlugins'] = array();
331 $res = sql_query('SELECT pid, pfile FROM ' . sql_table('plugin'));
332 while ($o = mysql_fetch_object($res))
334 $this->cachedInfo['installedPlugins'][$o->pid] = $o->pfile;
341 * A function to notify plugins that something has happened. Only the plugins
342 * that are subscribed to the event will get notified.
343 * Upon the first call, the list of subscriptions will be fetched from the
344 * database. The plugins itsself will only get loaded when they are first needed
347 * Name of the event (method to be called on plugins)
349 * Can contain any type of data, depending on the event type. Usually this is
350 * an itemid, blogid, ... but it can also be an array containing multiple values
352 function notify($eventName, $data) {
353 // load subscription list if needed
354 if (!is_array($this->subscriptions))
355 $this->_loadSubscriptions();
358 // get listening objects
360 if (isset($this->subscriptions[$eventName])) {
361 $listeners = $this->subscriptions[$eventName];
364 // notify all of them
365 if (is_array($listeners)) {
366 foreach($listeners as $listener) {
367 // load class if needed
368 $this->_loadPlugin($listener);
369 // do notify (if method exists)
370 if (method_exists($this->plugins[$listener], 'event_' . $eventName))
371 call_user_func(array(&$this->plugins[$listener],'event_' . $eventName), $data);
378 * Loads plugin subscriptions
380 function _loadSubscriptions() {
381 // initialize as array
382 $this->subscriptions = array();
384 $res = sql_query('SELECT p.pfile as pfile, e.event as event FROM '.sql_table('plugin_event').' as e, '.sql_table('plugin').' as p WHERE e.pid=p.pid ORDER BY p.porder ASC');
385 while ($o = mysql_fetch_object($res)) {
386 $pluginName = $o->pfile;
387 $eventName = $o->event;
388 $this->subscriptions[$eventName][] = $pluginName;
394 Ticket functions. These are uses by the admin area to make it impossible to simulate certain GET/POST
395 requests. tickets are user specific
398 var $currentRequestTicket = '';
401 * GET requests: Adds ticket to URL (URL should NOT be html-encoded!, ticket is added at the end)
403 function addTicketToUrl($url)
405 $ticketCode = 'ticket=' . $this->_generateTicket();
406 if (strstr($url, '?'))
407 return $url . '&' . $ticketCode;
409 return $url . '?' . $ticketCode;
413 * POST requests: Adds ticket as hidden formvar
415 function addTicketHidden()
417 $ticket = $this->_generateTicket();
419 echo '<input type="hidden" name="ticket" value="', htmlspecialchars($ticket), '" />';
424 * (xmlHTTPRequest AutoSaveDraft uses this to refresh the ticket)
426 function getNewTicket()
428 $this->currentRequestTicket = '';
429 return $this->_generateTicket();
433 * Checks the ticket that was passed along with the current request
435 function checkTicket()
439 // get ticket from request
440 $ticket = requestVar('ticket');
442 // no ticket -> don't allow
446 // remove expired tickets first
447 $this->_cleanUpExpiredTickets();
450 if (!$member->isLoggedIn())
453 $memberId = $member->getID();
455 // check if ticket is a valid one
456 $query = 'SELECT COUNT(*) as result FROM ' . sql_table('tickets') . ' WHERE member=' . intval($memberId). ' and ticket=\''.addslashes($ticket).'\'';
457 if (quickQuery($query) == 1)
459 // [in the original implementation, the checked ticket was deleted. This would lead to invalid
460 // tickets when using the browsers back button and clicking another link/form
461 // leaving the keys in the database is not a real problem, since they're member-specific and
462 // only valid for a period of one hour
464 // sql_query('DELETE FROM '.sql_table('tickets').' WHERE member=' . intval($memberId). ' and ticket=\''.addslashes($ticket).'\'');
467 // not a valid ticket
474 * (internal method) Removes the expired tickets
476 function _cleanUpExpiredTickets()
478 // remove tickets older than 1 hour
479 $oldTime = time() - 60 * 60;
480 $query = 'DELETE FROM ' . sql_table('tickets'). ' WHERE ctime < \'' . date('Y-m-d H:i:s',$oldTime) .'\'';
485 * (internal method) Generates/returns a ticket (one ticket per page request)
487 function _generateTicket()
489 if ($this->currentRequestTicket == '')
491 // generate new ticket (only one ticket will be generated per page request)
492 // and store in database
495 if (!$member->isLoggedIn())
498 $memberId = $member->getID();
503 // generate a random token
504 srand((double)microtime()*1000000);
505 $ticket = md5(uniqid(rand(), true));
507 // add in database as non-active
508 $query = 'INSERT INTO ' . sql_table('tickets') . ' (ticket, member, ctime) ';
509 $query .= 'VALUES (\'' . addslashes($ticket). '\', \'' . intval($memberId). '\', \'' . date('Y-m-d H:i:s',time()) . '\')';
510 if (sql_query($query))
514 $this->currentRequestTicket = $ticket;
516 return $this->currentRequestTicket;