Context Navigation

source: trunk/lib/Lock.inc.php @ 685

Last change on this file since 685 was 685, checked in by anonymous, 5 years ago

Various minor changes:

Allow $app->ohref() with no value to return a link to the current page (REQUEST_URI but without the QUERY_STRING).
Add some classes to HTML output to support Zurb Foundation 6.
Stop prepending scheme://host:port to URLs because we can't guess hte port at a proxy.
Include Auth_Simple.inc.php (copied from control.strangecode.com). $auth->login() now requires a callback funtion to verify credentials.

File size: 16.6 KB

Line
1	<?php
2	/**
3	* The Strangecode Codebase - a general application development framework for PHP
4	* For details visit the project site: <http://trac.strangecode.com/codebase/>
5	* Copyright 2001-2012 Strangecode, LLC
6	*
7	* This file is part of The Strangecode Codebase.
8	*
9	* The Strangecode Codebase is free software: you can redistribute it and/or
10	* modify it under the terms of the GNU General Public License as published by the
11	* Free Software Foundation, either version 3 of the License, or (at your option)
12	* any later version.
13	*
14	* The Strangecode Codebase is distributed in the hope that it will be useful, but
15	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
16	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
17	* details.
18	*
19	* You should have received a copy of the GNU General Public License along with
20	* The Strangecode Codebase. If not, see <http://www.gnu.org/licenses/>.
21	*/
22
23	/**
24	* Lock.inc.php
25	*
26	* The Lock class provides a system for locking abstract DB rows.
27	*
28	* @author Quinn Comendant <quinn@strangecode.com>
29	* @version 2.1
30	*/
31	class Lock
32	{
33	// A place to keep an object instance for the singleton pattern.
34	protected static $instance = null;
35
36	// Configuration of this object.
37	protected $_params = array(
38	// The time required to pass before a user can forcibly unlock a locked record.
39	'timeout' => 600,
40
41	// The time after which a record will automatically become unlocked.
42	'auto_timeout' => 1800,
43
44	// The URL to the lock script.
45	'error_url' => '/lock.php',
46
47	// The name of the database table to store locks.
48	'db_table' => 'lock_tbl',
49
50	// Automatically create table and verify columns. Better set to false after site launch.
51	// This value is overwritten by the $app->getParam('db_create_tables') setting if it is available.
52	'create_table' => true,
53	);
54
55	// Store lock data from DB.
56	protected $data = array();
57
58	// Auth_SQL object from which to access a current user_id.
59	protected $_auth = null;
60
61	/**
62	* This method enforces the singleton pattern for this class.
63	*
64	* @return object Reference to the global Lock object.
65	* @access public
66	* @static
67	*/
68	public static function &getInstance($auth_object=null)
69	{
70	if (self::$instance === null) {
71	self::$instance = new self($auth_object);
72	}
73
74	return self::$instance;
75	}
76
77	/**
78	* Constructor. Pass an Auth object on which to perform user lookups.
79	*
80	* @param mixed $auth_object An Auth_SQL or Auth_FILE object.
81	*/
82	public function __construct($auth_object=null)
83	{
84	$app =& App::getInstance();
85
86	if (!is_null($auth_object) \|\| is_null($this->_auth)) {
87	if (!method_exists($auth_object, 'get') \|\| !method_exists($auth_object, 'getUsername')) {
88	trigger_error('Constructor not provided a valid Auth_* object.', E_USER_ERROR);
89	}
90
91	$this->_auth = $auth_object;
92	}
93
94	// Get create tables config from global context.
95	if (!is_null($app->getParam('db_create_tables'))) {
96	$this->setParam(array('create_table' => $app->getParam('db_create_tables')));
97	}
98	}
99
100	/**
101	* Setup the database table for this class.
102	*
103	* @access public
104	* @author Quinn Comendant <quinn@strangecode.com>
105	* @since 26 Aug 2005 17:09:36
106	*/
107	public function initDB($recreate_db=false)
108	{
109	$app =& App::getInstance();
110	$db =& DB::getInstance();
111
112	static $_db_tested = false;
113
114	if ($recreate_db \|\| !$_db_tested && $this->getParam('create_table')) {
115	if ($recreate_db) {
116	$db->query("DROP TABLE IF EXISTS " . $this->getParam('db_table'));
117	$app->logMsg(sprintf('Dropping and recreating table %s.', $this->getParam('db_table')), LOG_INFO, __FILE__, __LINE__);
118	}
119	$db->query(sprintf("CREATE TABLE IF NOT EXISTS %s (
120	lock_id INT UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT,
121	record_table varchar(255) NOT NULL default '',
122	record_key varchar(255) NOT NULL default '',
123	record_val varchar(255) NOT NULL default '',
124	title varchar(255) NOT NULL default '',
125	set_by_admin_id smallint(11) NOT NULL default '0',
126	lock_datetime datetime NOT NULL default '%s 00:00:00',
127	KEY record_table (record_table),
128	KEY record_key (record_key),
129	KEY record_val (record_val)
130	)", $db->escapeString($this->getParam('db_table')), $db->getParam('zero_date')));
131
132	if (!$db->columnExists($this->getParam('db_table'), array(
133	'lock_id',
134	'record_table',
135	'record_key',
136	'record_val',
137	'title',
138	'set_by_admin_id',
139	'lock_datetime',
140	), false, false)) {
141	$app->logMsg(sprintf('Database table %s has invalid columns. Please update this table manually.', $this->getParam('db_table')), LOG_ALERT, __FILE__, __LINE__);
142	trigger_error(sprintf('Database table %s has invalid columns. Please update this table manually.', $this->getParam('db_table')), E_USER_ERROR);
143	}
144	}
145	$_db_tested = true;
146	}
147
148	/**
149	* Set the params of this object.
150	*
151	* @param array $params Array of param keys and values to set.
152	*/
153	public function setParam($params=null)
154	{
155	if (isset($params) && is_array($params)) {
156	// Merge new parameters with old overriding only those passed.
157	$this->_params = array_merge($this->_params, $params);
158	}
159	}
160
161	/**
162	* Return the value of a parameter, if it exists.
163	*
164	* @access public
165	* @param string $param Which parameter to return.
166	* @return mixed Configured parameter value.
167	*/
168	public function getParam($param)
169	{
170	$app =& App::getInstance();
171
172	if (array_key_exists($param, $this->_params)) {
173	return $this->_params[$param];
174	} else {
175	$app->logMsg(sprintf('Parameter is not set: %s', $param), LOG_DEBUG, __FILE__, __LINE__);
176	return null;
177	}
178	}
179
180	/**
181	* Select the lock to manipulate.
182	*
183	* @param mixed $record_table_or_lock_id The table containing the record to lock,
184	* or a numeric lock_id.
185	* @param string $record_key The key column for the record to lock.
186	* @param string $record_val The value of the key column for the record to lock.
187	* @param string $title A title to apply to the lock, for display purposes.
188	*/
189	public function select($record_table_or_lock_id, $record_key=null, $record_val=null)
190	{
191	$app =& App::getInstance();
192	$db =& DB::getInstance();
193
194	$this->initDB();
195
196	// Expire old locks.
197	$this->_auto_timeout();
198
199	if (is_numeric($record_table_or_lock_id) && !isset($record_key) && !isset($record_val)) {
200	// Get lock data by lock_id.
201	$qid = $db->query("
202	SELECT * FROM " . $db->escapeString($this->getParam('db_table')) . "
203	WHERE lock_id = '" . $db->escapeString($record_table_or_lock_id) . "'
204	");
205	} else {
206	// Get lock data by record specs
207	$qid = $db->query("
208	SELECT * FROM " . $db->escapeString($this->getParam('db_table')) . "
209	WHERE record_table = '" . $db->escapeString($record_table_or_lock_id) . "'
210	AND record_key = '" . $db->escapeString($record_key) . "'
211	AND record_val = '" . $db->escapeString($record_val) . "'
212	");
213	}
214	if ($this->data = mysql_fetch_assoc($qid)) {
215	$app->logMsg(sprintf('Selecting %slocked record: %s %s %s', ($this->data['set_by_admin_id'] == $this->_auth->get('user_id') ? 'self-' : ''), $record_table_or_lock_id, $record_key, $record_val), LOG_DEBUG, __FILE__, __LINE__);
216	// FIXME: What if admin set lock, but public user is current lock user?
217	$this->data['editor'] = $this->_auth->getUsername($this->data['set_by_admin_id']);
218	return true;
219	} else {
220	$app->logMsg(sprintf('No locked record: %s %s %s', $record_table_or_lock_id, $record_key, $record_val), LOG_DEBUG, __FILE__, __LINE__);
221	return false;
222	}
223	}
224
225	/**
226	* Returns true if the record we instantiated with is locked.
227	*
228	* @return bool True if locked.
229	*/
230	public function isLocked()
231	{
232	return isset($this->data['lock_id']);
233	}
234
235	/**
236	* Returns the status of who set the lock. Use this to ignore locks set by
237	* the current user.
238	*
239	* @return bool True if current user set the lock.
240	*/
241	public function isMine()
242	{
243	$db =& DB::getInstance();
244
245	$this->initDB();
246
247	if (isset($this->data['lock_id'])) {
248	$qid = $db->query("SELECT * FROM " . $db->escapeString($this->getParam('db_table')) . " WHERE lock_id = '" . $db->escapeString($this->data['lock_id']) . "'");
249	if ($lock = mysql_fetch_assoc($qid)) {
250	return ($lock['set_by_admin_id'] == $this->_auth->get('user_id'));
251	} else {
252	return false;
253	}
254	} else {
255	return false;
256	}
257	}
258
259	/**
260	* Create a new lock for the specified table/key/value.
261	*
262	* @param string $record_table The table containing the record to lock.
263	* @param string $record_key The key column for the record to lock.
264	* @param string $record_val The value of the key column for the record to lock.
265	* @param string $title A title to apply to the lock, for display purposes.
266	*
267	* @return int The id for the lock (mysql last insert id).
268	*/
269	public function set($record_table, $record_key, $record_val, $title='')
270	{
271	$db =& DB::getInstance();
272
273	$this->initDB();
274
275	if ($this->_auth->get('user_id') == '' \|\| filter_var($this->_auth->get('user_id'), FILTER_VALIDATE_INT) === false) {
276	$app->logMsg(sprintf("auth->get('user_id') returns a non-integer: %s", $this->_auth->get('user_id')), LOG_ERR, __FILE__, __LINE__);
277	return false;
278	}
279
280	// Expire old locks.
281	$this->_auto_timeout();
282
283	// Remove previous locks if exist. Is this better than using a REPLACE INTO?
284	$db->query("
285	DELETE FROM " . $db->escapeString($this->getParam('db_table')) . "
286	WHERE record_table = '" . $db->escapeString($record_table) . "'
287	AND record_key = '" . $db->escapeString($record_key) . "'
288	AND record_val = '" . $db->escapeString($record_val) . "'
289	");
290
291	// Set new lock.
292	$db->query("
293	INSERT INTO " . $db->escapeString($this->getParam('db_table')) . " (
294	record_table,
295	record_key,
296	record_val,
297	title,
298	set_by_admin_id,
299	lock_datetime
300	) VALUES (
301	'" . $db->escapeString($record_table) . "',
302	'" . $db->escapeString($record_key) . "',
303	'" . $db->escapeString($record_val) . "',
304	'" . $db->escapeString($title) . "',
305	'" . $db->escapeString($this->_auth->get('user_id')) . "',
306	NOW()
307	)
308	");
309	$lock_id = mysql_insert_id($db->getDBH());
310
311	// Must register this locked record as the current.
312	$this->select($lock_id);
313
314	return $lock_id;
315	}
316
317	/**
318	* Unlock the currently selected record.
319	*/
320	public function remove()
321	{
322	$app =& App::getInstance();
323	$db =& DB::getInstance();
324
325	$this->initDB();
326
327	// Expire old locks.
328	$this->_auto_timeout();
329
330	// Delete a specific lock.
331	$db->query("
332	DELETE FROM " . $db->escapeString($this->getParam('db_table')) . "
333	WHERE lock_id = '" . $db->escapeString($this->data['lock_id']) . "'
334	");
335
336	$app->logMsg(sprintf('Removing lock: %s', $this->data['lock_id']), LOG_DEBUG, __FILE__, __LINE__);
337	}
338
339	/**
340	* Unlock all records, or all records for a specified user.
341	*/
342	public function removeAll($user_id=null)
343	{
344	$app =& App::getInstance();
345	$db =& DB::getInstance();
346
347	$this->initDB();
348
349	// Expire old locks.
350	$this->_auto_timeout();
351
352	if (isset($user_id)) {
353	// Delete specific user's locks.
354	$db->query("DELETE FROM " . $db->escapeString($this->getParam('db_table')) . " WHERE set_by_admin_id = '" . $db->escapeString($user_id) . "'");
355	$app->logMsg(sprintf('Record locks owned by user %s have been deleted', $this->_auth->getUsername($user_id)), LOG_DEBUG, __FILE__, __LINE__);
356	} else {
357	// Delete ALL locks.
358	$db->query("DELETE FROM " . $db->escapeString($this->getParam('db_table')) . "");
359	$app->logMsg(sprintf('All record locks deleted by user %s', $this->_auth->get('username')), LOG_DEBUG, __FILE__, __LINE__);
360	}
361	}
362
363	/**
364	* Deletes all locks that are older than auto_timeout.
365	*/
366	public function _auto_timeout()
367	{
368	$db =& DB::getInstance();
369
370	static $_timeout_run = false;
371
372	$this->initDB();
373
374	if (!$_timeout_run) {
375	// Delete all old locks.
376	$db->query("
377	DELETE FROM " . $db->escapeString($this->getParam('db_table')) . "
378	WHERE DATE_ADD(lock_datetime, INTERVAL '" . $db->escapeString($this->getParam('auto_timeout')) . "' SECOND) < NOW()
379	");
380	$_timeout_run = true;
381	}
382	}
383
384	/**
385	* Redirect to record lock error page.
386	*/
387	public function dieErrorPage()
388	{
389	$app =& App::getInstance();
390
391	$app->dieURL($this->getParam('error_url'), array('lock_id' => $this->data['lock_id'], 'boomerang' => urlencode(absoluteMe())));
392	}
393
394	/**
395	* Print error page. This method is probably not used anywhere; instead, we're including this via the template codebase/services/templates/lock.ihtml
396	*/
397	public function printErrorHTML()
398	{
399	$app =& App::getInstance();
400	?>
401	<form method="post" action="<?php echo oTxt($_SERVER['PHP_SELF']); ?>">
402	<?php $app->printHiddenSession() ?>
403	<input type="hidden" name="lock_id" value="<?php echo $this->getID(); ?>" />
404	<div id="sc-msg" class="sc-msg">
405	<div class="sc-msg-notice">
406	<?php printf(_("<em>%s</em> is currently being edited by %s (%d minutes elapsed). You cannot modify this database record while it is locked. Please try again later."),
407	ucfirst($this->getTitle()),
408	$this->getEditor(),
409	date('i', $this->getSecondsElapsed() + 60)
410	); ?>
411	</div>
412	<?php if ($this->getSecondsElapsed() >= $this->getParam('timeout')) { ?>
413	<div class="sc-msg-notice"><?php printf(_("You can forcibly unlock the record if you believe the editing session has expired. You might want to confirm with %s before doing this."), $this->getEditor()) ?></div>
414	<div class="sc-msg-notice">
415	<input type="submit" name="unlock" value="<?php echo _("Unlock"); ?>" />
416	<input type="submit" name="cancel" value="<?php echo _("Cancel"); ?>" />
417	</div>
418	<?php } else { ?>
419	<div class="sc-msg-notice">
420	<input type="submit" name="cancel" value="<?php echo _("Cancel"); ?>" />
421	</div>
422	<?php } ?>
423	</div>
424	</form>
425	<?php
426	}
427
428	/**
429	* Return lock_id of locked record.
430	*/
431	public function getID()
432	{
433	return $this->data['lock_id'];
434	}
435
436	/**
437	* Return title of locked record.
438	*/
439	public function getTitle()
440	{
441	return $this->data['title'];
442	}
443
444	/**
445	* Return administrator username for locked record.
446	*/
447	public function getEditor()
448	{
449	return $this->data['editor'];
450	}
451
452	/**
453	* Return total seconds since the record was locked.
454	*/
455	public function getSecondsElapsed()
456	{
457	if (isset($this->data['lock_datetime']) && false !== ($lock_timestamp = strtotime($this->data['lock_datetime'])) && $lock_timestamp < time()) {
458	return time() - $lock_timestamp;
459	} else {
460	return 0;
461	}
462	}
463
464
465	} // End of class.

Note: See TracBrowser for help on using the repository browser.

Download in other formats: