/objects/segue.inc.php

Large files files are truncated, but you can click here to view the full file

<? /* $Id$ */

/******************************************************************************
 * Segue object - basis for all other section, page, and story objects
 ******************************************************************************/

class segue {
//	var $permissions = array("everyone"=>array(3=>1),"institute"=>array(3=>1));
	var $permissions = array();
//	var $editors = array("everyone","institute");
	var $editors = array();
	var $editorsToDelete = array();
	var $editorsToDeleteInScope = array();
	var $changedpermissions = 0;
	var $cachedPermissions = array();
	var $builtPermissions=0;
	
	var $id = 0;
	var $data = array();
	var $changed = array();
	
	var $fetched = array();
	var $fetcheddown = 0;
	var $fetchedup = 0;
	var $tobefetched = 0;
	
	var $owning_site; var $owningSiteObj;		// used by all types (including site for compatibility)
	var $owning_section; var $owningSectionObj;	// only used for pages and stories
	var $owning_page; var $owningPageObj;		// only used for stories
	
	var $_object_arrays = array("site"=>"sections","section"=>"pages","page"=>"stories"); // used for automatic functions like setFieldDown and setVarDown
	var $_tables = array("site"=>"sites","section"=>"sections","page"=>"pages","story"=>"stories"); // used for getField

	var $_encode = array("title","header","footer","shorttext","longertext","discussions","url");
	var $_parse = array("header","footer","shorttext","longertext");

/******************************************************************************
 * siteExists - checks if the site/slot already exists with a certain name $name
 ******************************************************************************/
	
	function siteExists($site) {
		$query = "
SELECT site_id
	FROM slot INNER JOIN site
		ON FK_site = site_id AND slot_name='".addslashes($site)."'
";

//		echo $query."<br />";
		if (db_num_rows(db_query($query))) return 1;
		return 0;
	}

/******************************************************************************
 * siteNameValid - checks if a user is allowed to create a site of name $name
 ******************************************************************************/
	
	function siteNameValid($user,$name) {
		return 1;
	}

/******************************************************************************
 * buildObjArrayFromSites($sites) - builds an array of objects from site names
 ******************************************************************************/

	function buildObjArrayFromSites($sites) {
		if (!is_array($sites)) return array();
		$a = array();
		foreach ($sites as $s) {
			$a[$s] =& new site($s);
			$a[$s]->fetchSiteAtOnceForeverAndEverAndDontForgetThePermissionsAsWell_Amen(0,0,true);
		}
		return $a;
	}

/******************************************************************************
 * getAllSites - returns a list of all sites owned by $user
 ******************************************************************************/

	function getAllSites($user) {
		$sites = array();
		$query = "
SELECT
	slot_name
FROM
	slot
		INNER JOIN 
	user
		ON FK_owner = user_id
			AND
		user_uname = '".addslashes($user)."'
";

		if (db_num_rows($r = db_query($query)))
			while ($a = db_fetch_assoc($r)) {
					$sites[] = $a[slot_name];
				}
		return $sites;
}

/******************************************************************************
 * getAllSitesWhereUserIsEditor - gets all sites where $user is an editor
 ******************************************************************************/

	function getAllSitesWhereUserIsEditor($user='') {
		global $dbhost, $dbuser, $dbpass, $dbdb;
		if ($user == '') $user = $_SESSION[auser];

		// first, get all sites for which the user is an editor
		$query = "
			SELECT
				slot_name
			FROM
				slot
					INNER JOIN
				site
					ON slot.FK_site = site_id
					INNER JOIN 
				site_editors ON (
					site_id = site_editors.FK_site 
						AND 
					site_editors_type = 'user'
				)
					INNER JOIN
				user ON FK_editor = user_id AND user_uname='".addslashes($user)."'
			WHERE
				slot.FK_owner != user_id
		";
		db_connect($dbhost, $dbuser, $dbpass, $dbdb);
		$r = db_query($query);
		$ar = array();
		if (db_num_rows($r))
			while ($a = db_fetch_assoc($r)) {
				$ar[] = $a[slot_name];
			}

		// now, if a user is a member of any groups, get all sites for which those groups are editors
		$query = "
			SELECT
				slot_name
			FROM
				slot
					INNER JOIN
				site
					ON slot.FK_site = site_id
					INNER JOIN 
				site_editors ON (
					site_id = site_editors.FK_site 
						AND 
					site_editors_type = 'ugroup'
				)
					INNER JOIN
				ugroup ON FK_editor = ugroup_id
					INNER JOIN
				ugroup_user ON ugroup_id = FK_ugroup
					INNER JOIN
				user ON FK_user = user_id AND user_uname='".addslashes($user)."'
		";
		
		$r = db_query($query);
		if (db_num_rows($r))
			while ($a = db_fetch_assoc($r)) {
				$ar[] = $a[slot_name];
			}
			
		// the two queries will return unique values, but their union could have non-unique entries.
		// therefore, uniquize it.
		return array_unique($ar);
	}

/******************************************************************************
 * getAllSitesWhereUserIsSiteLevelEditor - gets all sites where $user is an editor
 * Like the previous function, but selects only the sites/slots
 * where the user has add, edit, and delete permission on the site level
 ******************************************************************************/
	function getSiteInfoWhereUserIsSiteLevelEditor($user='') {
		global $dbhost, $dbuser, $dbpass, $dbdb;
		if ($user == '') $user = $_SESSION[auser];
		
		$userId = db_get_value("user","user_id","user_uname='".addslashes($user)."'");
		
		$query = "
			SELECT
				slot_name,
				(site_id IS NOT NULL) AS site_exists,
				slot_owner.user_uname AS owner_uname,
				(site_id IS NOT NULL) AS site_exists,
				site_title,
				(classgroup_id IS NOT NULL) AS is_classgroup,
				createdby.user_uname AS site_addedby,
				site_created_tstamp,
				editedby.user_uname AS site_editedby,
				site_updated_tstamp,
				site_activate_tstamp,
				site_deactivate_tstamp,
				(	site_active = '1'
					AND (site_activate_tstamp = '00000000000000'
						OR site_activate_tstamp < CURRENT_TIMESTAMP())
					AND (site_deactivate_tstamp = '00000000000000'
						OR site_deactivate_tstamp > CURRENT_TIMESTAMP())
				) AS is_active,
				permission_scope_type,
				permission_value
			FROM
				slot
					INNER JOIN
				site ON slot.FK_site = site_id
					INNER JOIN
						user AS slot_owner ON (
											slot.FK_owner != '".addslashes($userId)."'
											AND	slot.FK_owner = slot_owner.user_id
											)
					INNER JOIN 
				site_editors ON (
							site_id = site_editors.FK_site 
							AND ((site_editors_type = 'ugroup')
								OR (site_editors_type = 'user'
									AND site_editors.FK_editor = '".addslashes($userId)."'))
							)
					LEFT JOIN
				ugroup_user ON (
							site_editors_type = 'ugroup'
							AND site_editors.FK_editor = FK_ugroup)
					INNER JOIN
				permission ON (
							permission_scope_type = 'site'
							AND permission.FK_scope_id = site_id
							AND FIND_IN_SET('a', permission_value) > 0
							AND FIND_IN_SET('e', permission_value) > 0
							AND FIND_IN_SET('d', permission_value) > 0
							AND (permission.FK_editor = FK_ugroup
								OR (permission.FK_editor = site_editors.FK_editor
									AND permission.FK_editor = '".addslashes($userId)."'))
							)
					LEFT JOIN
						classgroup ON slot_name = classgroup_name
					INNER JOIN
						user AS createdby ON site.FK_createdby = createdby.user_id
					INNER JOIN
						user AS editedby ON site.FK_updatedby = editedby.user_id
			WHERE
				(site_editors_type = 'ugroup'
					AND ugroup_user.FK_user = '".addslashes($userId)."')
				OR (site_editors_type = 'user'
					AND site_editors.FK_editor = '".addslashes($userId)."')
		";
		
		$r = db_query($query);
		if (db_num_rows($r))
			while ($a = db_fetch_assoc($r))
				segue::addRowToSiteInfoArray($ar, $a);
			
		return $ar;
	}
	
/******************************************************************************
 * getSiteInfoWhereUserIsEditor
 * 		Answers an array of site information for sites where $user is an editor
 *
 * The process is as follows:
 * 	-	For every site where the user or one of their groups is listed as an editor...
 *	-	Get a list of all nodes in the site.
 *	-	For every node (site, section, page, story) get the permissions that apply
 *		to the user or one of their groups.
 *	-	Return any site-level permissions found and the site info if the user 
 *		has more than just view and discuss permissions on any node in the site.
 *
 * Note (2006-12-19, Adam Franco):
 *		This new query using sub-selects is about 12-times faster
 * 		than the previous query. Attempts were made to reformat the query by loading the
 * 		list of appropriate permissions, then finding the site id from there, but that
 * 		proved to be slower than the query below.
 *
 * 		
 ******************************************************************************/
	function getSiteInfoWhereUserIsEditor($user='') {
		global $dbhost, $dbuser, $dbpass, $dbdb;
		if ($user == '') 
			$user = $_SESSION[auser];
		
		$userId = db_get_value("user","user_id","user_uname='".addslashes($user)."'");

		$query = "
		SELECT
			slot_name,
			slot_type,
			owner_uname,
			site_exists,
			site_title,
			is_classgroup,
			site_addedby,
			site_created_tstamp,
			site_editedby,
			site_updated_tstamp,
			site_activate_tstamp,
			site_deactivate_tstamp,
			(	site_active = '1'
					AND (site_activate_tstamp = '0000-00-00 00:00:00'
						OR site_activate_tstamp < CURRENT_TIMESTAMP())
					AND (site_deactivate_tstamp = '0000-00-00 00:00:00'
						OR site_deactivate_tstamp > CURRENT_TIMESTAMP())
				) AS is_active,
			editor_id,
			permission_scope_type,
			permission_value
		FROM
			(SELECT
				slot_name,
				slot_type,
				slot_owner.user_uname AS owner_uname,
				(site_id IS NOT NULL) AS site_exists,
				site_title,
				(classgroup_id IS NOT NULL) AS is_classgroup,
				createdby.user_uname AS site_addedby,
				site_created_tstamp,
				editedby.user_uname AS site_editedby,
				site_updated_tstamp,
				site_activate_tstamp,
				site_deactivate_tstamp,
				site_active,
				site_id,
				section_id,
				page_id,
				story_id,
				site_editors.FK_editor AS editor_id
				
			FROM
				slot
					INNER JOIN
				site ON slot.FK_site = site_id
					INNER JOIN
						user AS slot_owner ON (
											slot.FK_owner = slot_owner.user_id
											AND	slot.FK_owner != '".addslashes($userId)."'	
											)
					INNER JOIN 
				site_editors ON (
							site_id = site_editors.FK_site 
							AND ((site_editors_type = 'ugroup')
								OR (site_editors_type = 'user'
									AND site_editors.FK_editor = '".addslashes($userId)."'))
							)
					LEFT JOIN
				ugroup_user ON (
							site_editors_type = 'ugroup'
							AND site_editors.FK_editor = FK_ugroup)
					LEFT JOIN
				section ON section.FK_site = site_id
					LEFT JOIN
				page ON page.FK_section = section_id
					LEFT JOIN
				story ON story.FK_page = page_id
					LEFT JOIN
						classgroup ON slot_name = classgroup_name
					LEFT JOIN
						user AS createdby ON site.FK_createdby = createdby.user_id
					LEFT JOIN
						user AS editedby ON site.FK_updatedby = editedby.user_id
			WHERE
				(site_editors_type = 'ugroup'
					AND ugroup_user.FK_user = '".addslashes($userId)."')
				OR (site_editors_type = 'user'
					AND site_editors.FK_editor = '".addslashes($userId)."')
			) AS tmp_sites
		INNER JOIN
			permission ON (
				(permission.FK_editor = editor_id)
				AND ((permission_scope_type = 'site'
						AND permission.FK_scope_id = site_id)
					OR (permission_scope_type = 'section'
						AND permission.FK_scope_id = section_id)
					OR (permission_scope_type = 'page'
						AND permission.FK_scope_id = page_id)
					OR (permission_scope_type = 'story'
						AND permission.FK_scope_id = story_id))
				AND (FIND_IN_SET('a', permission_value) > 0
					OR FIND_IN_SET('e', permission_value) > 0
					OR FIND_IN_SET('d', permission_value) > 0)
			)
		GROUP BY
				slot_name, 
				permission_value
		ORDER BY
				slot_name
		";
					
		$r = db_query($query);
		if (db_num_rows($r)) {
			while ($a = db_fetch_assoc($r))
				segue::addRowToSiteInfoArray($ar, $a);
		}
		
		return $ar;
	}

/******************************************************************************
 * getSiteInfoWhereUserIsEditor
 * 		Answers an array of site information for sites where $user is an editor
 * 		
 ******************************************************************************/
	function getSiteInfoWhereUserOwner($user='') {
		global $dbhost, $dbuser, $dbpass, $dbdb;
		if ($user == '') $user = $_SESSION[auser];

		$query = "
			SELECT
				slot_name,
				slot_type,
				slot_owner.user_uname AS owner_uname,
				(site_id IS NOT NULL) AS site_exists,
				site_title,
				(classgroup_id IS NOT NULL) AS is_classgroup,
				createdby.user_uname AS site_addedby,
				site_created_tstamp,
				editedby.user_uname AS site_editedby,
				site_updated_tstamp,
				site_activate_tstamp,
				site_deactivate_tstamp,
				(	site_active = '1'
					AND (site_activate_tstamp = '00000000000000'
						OR site_activate_tstamp < CURRENT_TIMESTAMP())
					AND (site_deactivate_tstamp = '00000000000000'
						OR site_deactivate_tstamp > CURRENT_TIMESTAMP())
				) AS is_active
			FROM
				slot
					INNER JOIN
						user AS slot_owner ON (
												slot.FK_owner = slot_owner.user_id
											AND
												slot_owner.user_uname = '".addslashes($user)."'
											)
					INNER JOIN
				site ON slot.FK_site = site_id
					INNER JOIN
						user AS createdby ON site.FK_createdby = createdby.user_id
					INNER JOIN
						user AS editedby ON site.FK_updatedby = editedby.user_id
					LEFT JOIN
						classgroup ON slot_name = classgroup_name
			GROUP BY
				slot_name
		";
					
		$r = db_query($query);
		if (db_num_rows($r)) {
			while ($a = db_fetch_assoc($r))
				segue::addRowToSiteInfoArray($ar, $a);
		}
		
		return $ar;
	}

	function addRowToSiteInfoArray( &$infoArray, &$a ) {
	
		if (!isset($infoArray[$a['slot_name']])) {
			$infoArray[$a['slot_name']] = array();
			$infoArray[$a['slot_name']]['slot_name'] = $a['slot_name'];
			$infoArray[$a['slot_name']]['slot_type'] = $a['slot_type'];
			$infoArray[$a['slot_name']]['slot_owner'] = $a['owner_uname'];
			$infoArray[$a['slot_name']]['site_exists'] = ($a['site_exists'] == '1')?true:false;
			$infoArray[$a['slot_name']]['site_title'] = stripslashes($a['site_title']);
			$infoArray[$a['slot_name']]['is_classgroup'] = ($a['is_classgroup'] == '1')?true:false;
			$infoArray[$a['slot_name']]['site_addedby'] = $a['site_addedby'];
			$infoArray[$a['slot_name']]['site_added_timestamp'] = $a['site_created_tstamp'];
			$infoArray[$a['slot_name']]['site_editedby'] = $a['site_editedby'];
			$infoArray[$a['slot_name']]['site_edited_timestamp'] = $a['site_updated_tstamp'];
			$infoArray[$a['slot_name']]['activatedate'] = $a['site_activate_tstamp'];
			$infoArray[$a['slot_name']]['deactivatedate'] = $a['site_deactivate_tstamp'];
			$infoArray[$a['slot_name']]['site_active'] = ($a['is_active'] == '1')?true:false;
			
			$infoArray[$a['slot_name']]['hasSitePermissionV'] = false;
			$infoArray[$a['slot_name']]['hasSitePermissionA'] = false;
			$infoArray[$a['slot_name']]['hasSitePermissionE'] = false;
			$infoArray[$a['slot_name']]['hasSitePermissionD'] = false;
			$infoArray[$a['slot_name']]['hasSitePermissionDI'] = false;
			
			$infoArray[$a['slot_name']]['hasPermissionDownV'] = false;
			$infoArray[$a['slot_name']]['hasPermissionDownA'] = false;
			$infoArray[$a['slot_name']]['hasPermissionDownE'] = false;
			$infoArray[$a['slot_name']]['hasPermissionDownD'] = false;
			$infoArray[$a['slot_name']]['hasPermissionDownDI'] = false;
		}
		
		if (ereg('v', $a['permission_value']) !== FALSE) {
			$infoArray[$a['slot_name']]['hasPermissionDownV'] = true;
			if ($a['permission_scope_type'] == 'site')
				$infoArray[$a['slot_name']]['hasSitePermissionV'] = true;
		}
		
		if (ereg('a', $a['permission_value']) !== FALSE) {
			$infoArray[$a['slot_name']]['hasPermissionDownA'] = true;
			if ($a['permission_scope_type'] == 'site')
				$infoArray[$a['slot_name']]['hasSitePermissionA'] = true;
		}
		
		if (ereg('e', $a['permission_value']) !== FALSE) {
			$infoArray[$a['slot_name']]['hasPermissionDownE'] = true;
			if ($a['permission_scope_type'] == 'site')
				$infoArray[$a['slot_name']]['hasSitePermissionE'] = true;
		}
		
		if (ereg('d([^i]*)', $a['permission_value']) !== FALSE) {
			$infoArray[$a['slot_name']]['hasPermissionDownD'] = true;
			if ($a['permission_scope_type'] == 'site')
				$infoArray[$a['slot_name']]['hasSitePermissionD'] = true;
		}
		
		if (ereg('di', $a['permission_value']) !== FALSE) {
			$infoArray[$a['slot_name']]['hasPermissionDownDI'] = true;
			if ($a['permission_scope_type'] == 'site')
				$infoArray[$a['slot_name']]['hasSitePermissionDI'] = true;
		}
		
	}

/******************************************************************************
 * getAllValues - returns all values of $name in $scope in the current tree
 ******************************************************************************/

	function getAllValues($scope,$name) {
		if (!$this->fetcheddown) $this->fetchDown();
		$class = get_class($this);
		$ar = $this->_object_arrays[$class];
//		print "getting all values for $name in $class ".$this->getField("title")." with scope $scope<br />";
		if ($class==$scope) {
			if (($n = $this->getField($name)) != "")
				return array($n);
			else return array();
		}
		if ($ar) {
			$a = array();
			$oa = &$this->$ar;
			if ($oa) {
				foreach ($oa as $i=>$o) {
	//				print "doing $i in $ar...<br />";
					$a = array_merge($a,$oa[$i]->getAllValues($scope,$name));
				}
			}
		}
		return $a;
	}
	
	function fetchData() {
		if ($fetched) return $this->data;
		else return 0;
	}
	
	function setData($data) {
		error("::setData() -- this function should not be used!");
		if (is_array($data)) {
			$this->data = $data;
			$this->changed = 1;
			$this->parseMediaTextForEdit("header");
			$this->parseMediaTextForEdit("footer");
			$this->parseMediaTextForEdit("shorttext");
			$this->parseMediaTextForEdit("longertext");
		}
	}

/******************************************************************************
 * getField - Will return the value of a field in the data array.
 *			$field should be the name of the field in the object, not the database
 *			
 *			If the value of the field has not yet been fetched from the database,
 *			it is fetched from the database, otherwise it is simply returned from 
 *			the data array.
 *			
 * 			Each class that extends segue has the following properties:
 *			
 *			An associative array called _datafields that associates the object 
 *			field name to a database join syntax and a database field name or pair of names.
 *			
 *			An array called _encode that holds the names of fields that need to
 *			have slashes added and urlencoding to save them into the database
 ******************************************************************************/
	function getField ($field) {
		global $dbuser, $dbpass, $dbdb, $dbhost;
		if (ereg("^l%",$field)) 
			return $this->data[$field];
		if ($this->tobefetched && !$this->fetched[$field] && $this->id) {	// we haven't allready gotten this data
													// and this object is in the database.
// 			print "<pre>".get_class($this)."  --$field---\n"; 
// 			print_r ($this->_datafields[$field][1]); 
//			print_r($this);
// 			print "</pre>"; 
//			echo "<br />HERE: ".$field."<br />";

			$query = "
				SELECT 
					".implode(",",$this->_datafields[$field][1])."
				FROM
					".$this->_datafields[$field][0]."
				WHERE
					".$this->_table."_id=".$this->id."
				ORDER BY
					".$this->_datafields[$field][2]."
			";
/* 			print $query; */
			
			if ($debug) 
				print "-----------beginning---------$field<br /><pre>".$query; 
	
			db_connect($dbhost,$dbuser,$dbpass, $dbdb);
			$r = db_query($query);
			
			if ($debug) {
				print mysql_error()."<br />Numrows = ".db_num_rows($r);
				print "\n\nresult arrays:\n";
			}
			
			if (!db_num_rows($r)) {	// if we get no results
				if (in_array($field,$this->_object_arrays)) {
					// return an empty array
					$this->data[$field] = array();
				} else {
					return false;
				}
			}
			
			$valarray = array();
			while($a = db_fetch_assoc($r)) {
			//	print_r($a);
				
				if (count($this->_datafields[$field][1]) == 1) { 
					// We just want a single value
					$val = $a[$this->_datafields[$field][1][0]];
					$key = 0;
				} else {
					// we want a pair of values
					$val = $a[$this->_datafields[$field][1][0]];
					$key = $a[$this->_datafields[$field][1][1]];
				}

				// Decode this value if it is a member of _encode
				if (in_array($field,$this->_encode)) 
					$val = stripslashes(urldecode($val));

				if (count($this->_datafields[$field][1]) == 1) { 
					$valarray[] = $val;
				} else {
					$valarray[$key] = $val;
				}
/* 				print "<br />key = $key \nval = $val \nvalarray =\n"; */
//				print_r($valarray);
			}
			
			// only object_arrays should really be returning arrays to the data array.
			if (count($valarray) == 1 && !in_array($field,$this->_object_arrays))
				$this->data[$field] = $valarray[0];
			else
				$this->data[$field] = $valarray;
			$this->fetched[$field] = 1;
			
			if ($debug) {
				print "Valarray: ";
				print_r($valarray);
				print "\nInArray: \n$field"; 
				print_r($_object_arrays);
				print "<br />Is object?: ".((in_array($field,$this->_object_arrays))?"TRUE":"FALSE");
				print "</pre>----------end------------$field<br />";
			}
		}

		return $this->data[$field];
	}
	
	function fetchAllFields() {
		foreach ($this->_datafields as $key => $val) {
			$this->getField($key);
		}
	}
	
	function setField($name,$value) {
		$this->data[$name] = $value;
		$this->changed[$name] = 1;
		if ($name == "footer" || $name == "header" || $name == "shorttext" || $name == "longertext") {
			$this->parseMediaTextForEdit($name);
		}
	}
	
	function setFieldDown($name,$value) {
		if (!$this->fetcheddown) $this->fetchDown();
		$class=get_class($this);
		$ar = $this->_object_arrays[$class];
		$this->setField($name,$value);
		if ($ar) {
			$a = &$this->$ar;
			if ($a) {
				foreach ($a as $i=>$o) {
					$a[$i]->setFieldDown($name,$value);
				}
			}
		}
	}
	
/* 	function setSiteNameDown($name) { */
/* //		if (!$this->fetcheddown) $this->fetchDown(); */
/* 		$class=get_class($this); */
/* 		$ar = $this->_object_arrays[$class]; */
/* 		$this->owning_site = $name; */
/* 		if ($class == "site") { */
/* 			$this->name = $name; */
/* 			$this->setField("name",$name); */
/* 		} else { */
/* 			$this->setField("site_id",$name); */
/* 		} */
/* 		if ($ar) { */
/* 			$a = &$this->$ar; */
/* 			foreach ($a as $i=>$o) { */
/* 				$a[$i]->setSiteNameDown($name); */
/* 			} */
/* 		} */
/* 	} */
		
	
/******************************************************************************
 * copyObj - Copies an object to a new parent
 ******************************************************************************/
	function copyObj(&$newParent,$removeOrigional=1,$keepaddedby=0, $copyDiscussions=TRUE) {
		$_a = array("site"=>3,"section"=>2,"page"=>1,"story"=>0);
		// check that the newParent can be a parent
		$thisClass = get_class($this);
		$parentClass = get_class($newParent);
/* 		print $this->id."$thisClass - $parentClass<br />"; */
		if (!($_a[$parentClass]-1 == $_a[$thisClass])) return 0;
		$this->fetchDown(1);

/* 		print "<br /><br />Copying $thisClass ".$this->getField("title")." <br />"; */

		if ($thisClass == 'section') {
			$owning_site = $newParent->name;
			$this->id = 0;	// createSQLArray uses this to tell if we are inserting or updating
			$this->insertDB(1, $owning_site, $removeOrigional, $keepaddedby, $copyDiscussions);
		}
		if ($thisClass == 'page') {
			$owning_site = $newParent->owning_site;
			$owning_section = $newParent->id;
			$this->id = 0;	// createSQLArray uses this to tell if we are inserting or updating
			$this->insertDB(1, $owning_site, $owning_section, $removeOrigional, $keepaddedby, $copyDiscussions);
		}
		if ($thisClass == 'story') {
			$record_tags = get_record_tags($this->id);
			
			$owning_site = $newParent->owning_site;
			$owning_section = $newParent->owning_section;
			$owning_page = $newParent->id;
			$this->id = 0;	// createSQLArray uses this to tell if we are inserting or updating
/* 			print "insertDB: 1,$owning_site,$owning_section,$owning_page,$keepaddedby<br />"; */
			$this->insertDB(1, $owning_site, $owning_section, $owning_page, $removeOrigional, $keepaddedby, $copyDiscussions, $record_tags);
		}

/* 		print_r($newParent); */
		return 1;
	}
	
/******************************************************************************
 * getMediaIDs - returns an array of media ids found in a string
 ******************************************************************************/

	function getMediaIDs($field) {
		$string = stripslashes($this->getField($field));
		$ids = array();
		$string =  explode("####",$string);
		for ($i=1; $i<count($string); $i=$i+2) {
			$ids[] = $string[$i];
		}
		return $ids;
	}
	
/******************************************************************************
 * replaceMediaIDs - searches for and replaces each id in the string
 ******************************************************************************/
	function replaceMediaIDs($ids,$field,$newsite) {
		$string = $this->getField($field);
		foreach ($ids as $origID) {
			$newID = copy_media($origID,$newsite);
			$string = str_replace("####$origID####","####$newID####",$string);
		}
		$this->setField($field,$string);
	}
	
/******************************************************************************
 * ACTIVATE/DEACTIVATE FUNCTIONS
 *
 * these functions handle de/activate dates in forms
 * - initFormDates() must be called upon edit session initialization
 * - outputDateForm() must be called where the HTML form data should be printed
 * - handleFormDates() must be called where all POST/GET data is processed
 ******************************************************************************/


/******************************************************************************
 * handleFormDates - checks form fields for new de/activate dates and subsequently
 *    sets the correct $_SESSION[settings][] variables
 ******************************************************************************/

	function handleFormDates() {
		// initialize the session vars.. if needed
		if (!isset($_SESSION[settings][activateyear]) || !isset($_SESSION[settings][deactivateyear])) {
			$this->initFormDates();
		}
		if ($_REQUEST[activateyear] != "") $_SESSION[settings][activateyear] = $_REQUEST[activateyear];
		if ($_REQUEST[activatemonth] != "") $_SESSION[settings][activatemonth] = $_REQUEST[activatemonth];
		if ($_REQUEST[activateday] != "") $_SESSION[settings][activateday] = $_REQUEST[activateday];
		if ($_REQUEST[deactivateyear] != "") $_SESSION[settings][deactivateyear] = $_REQUEST[deactivateyear];
		if ($_REQUEST[deactivatemonth] != "") $_SESSION[settings][deactivatemonth] = $_REQUEST[deactivatemonth];
		if ($_REQUEST[deactivateday] != "") $_SESSION[settings][deactivateday] = $_REQUEST[deactivateday];
		if ($_REQUEST[setformdates]) {
			if (/* !$_REQUEST[link] &&  */$_REQUEST[activatedate]) { 
				$_SESSION[settings][activatedate] = 1;
				$this->setActivateDate($_REQUEST[activateyear],$_REQUEST[activatemonth],$_REQUEST[activateday]);
			} else {
				$_SESSION[settings][activatedate] = 0;
				$this->setActivateDate(-1);
			}
			if (/* !$_REQUEST[link] &&  */$_REQUEST[deactivatedate]) {
				$_SESSION[settings][deactivatedate] = 1;
				$this->setDeactivateDate($_REQUEST[deactivateyear],$_REQUEST[deactivatemonth],$_REQUEST[deactivateday]);
			} else {
				$_SESSION[settings][deactivatedate] = 0;
				$this->setDeactivateDate(-1);
			}
		}
	}
	
/******************************************************************************
 * outputDateForm - outputs the HTML de/activate date form to be handled by above
 ******************************************************************************/

	function outputDateForm() {
		global $months, $months_values;
	//	print_r($_SESSION[settings][activatedate]);
		printc("<input type='hidden' name='setformdates' value='1' />");
		printc("<table>");
		printc("<tr><td align='right'>");
		printc("Activate date:</td><td><input type='checkbox' name='activatedate' value='1'".(($_SESSION[settings][activatedate])?" checked='checked'":"")." /> <select name='activateday'>");
		for ($i=1;$i<=31;$i++) {
			printc("<option" . (($_SESSION[settings][activateday] == $i)?" selected":"") . ">".$i."\n");
		}
		
		printc("</select>");
		printc("<select name='activatemonth'>");
		for ($i=1; $i<13; $i++) {
			printc("<option value='$i'" . (($_SESSION[settings][activatemonth] == $i)?" selected":"") . ">".$months[$i-1]."\n");
		}
		printc("</select>\n<select name='activateyear'>");
		$curryear = date("Y");
		for ($i=$curryear; $i <= ($curryear+5); $i++) {
			printc("<option" . (($_SESSION[settings][activateyear] == $i)?" selected":"") . ">$i\n");
		}
		printc("</select>");
		
		printc("</td></tr>");
		
		printc("<tr><td align='right'>");
		printc("Deactivate date:</td><td><input type='checkbox' name='deactivatedate' value='1'".(($_SESSION[settings][deactivatedate])?" checked='checked'":"")." /> <select name='deactivateday'>");
		for ($i=1;$i<=31;$i++) {
			printc("<option" . (($_SESSION[settings][deactivateday] == $i)?" selected":"") . ">".$i."\n");
		}
		printc("</select>\n");
		printc("<select name='deactivatemonth'>");
		for ($i=1; $i<13; $i++) {
			printc("<option value='$i'" . (($_SESSION[settings][deactivatemonth] == $i)?" selected":"") . ">".$months[$i-1]."\n");
		}
		printc("</select>\n<select name='deactivateyear'>");
		for ($i=$curryear; $i <= ($curryear+5); $i++) {
			printc("<option" . (($_SESSION[settings][deactivateyear] == $i)?" selected":"") . ">$i\n");
		}
		printc("</select>");
		
		printc("</td></tr></table>");
	}
	
/******************************************************************************
 * initFormDates - initializes necessary session vars for form date handling
 ******************************************************************************/

	function initFormDates() {
		$_SESSION[settings][activateyear] = "0000";
		$_SESSION[settings][activatemonth] = "00";
		$_SESSION[settings][activateday] = "00";
		$_SESSION[settings][activatedate] = 0;
		$_SESSION[settings][deactivateyear] = "0000";
		$_SESSION[settings][deactivatemonth] = "00";
		$_SESSION[settings][deactivateday] = "00";
		$_SESSION[settings][deactivatedate] = 0;
		list($_SESSION[settings][activateyear],$_SESSION[settings][activatemonth],$_SESSION[settings][activateday]) = explode("-",$this->getField("activatedate"));
		list($_SESSION[settings][deactivateyear],$_SESSION[settings][deactivatemonth],$_SESSION[settings][deactivateday]) = explode("-",$this->getField("deactivatedate"));
//		$_SESSION[settings][activatemonth]-=1;
//		$_SESSION[settings][deactivatemonth]-=1;
/* 		echo $this->getField("activatedate")."<br />"; */
		$_SESSION[settings][activatedate]=($this->getField("activatedate")=='0000-00-00')?0:1;
		$_SESSION[settings][deactivatedate]=($this->getField("deactivatedate")=='0000-00-00')?0:1;
	}

	function setActivateDate($year,$month=0,$day=0) {
		// test to see if it's a valid date
		if ($year == -1) { // unset field
			$this->setField("activatedate","0000-00-00");
			return true;
		}

		if (!checkdate($month,$day,$year)) {
			error("The activate date you entered is invalid. It has not been set.");
			return false;
		}
		
		if ($month < 10) {
			$month = "0".$month;
		}
		if ($day < 10) {
			$day = "0".$day;
		}
		
		$this->setField("activatedate",$year."-".$month."-".$day);
		return true;
	}
	
	function setDeactivateDate($year,$month=0,$day=0) {
		// test to see if it's a valid date
		if ($year == -1) { // unset field
			$this->setField("deactivatedate","0000-00-00");
			return true;
		}
		if (!checkdate($month,$day,$year)) {
			error("The deactivate date you entered is invalid. It has not been set.");
			return false;
		}

		if ($month < 10) {
			$month = "0".$month;
		}
		if ($day < 10) {
			$day = "0".$day;
		}		
		
		$this->setField("deactivatedate",$year."-".$month."-".$day);
		return true;
	}
	
/******************************************************************************
 * cropString - crops a string to an appropriate length and adds elipses if
 * 				nessisary.
 ******************************************************************************/
	function cropString ($string, $maxChars) {
		$length = strlen($string);
		if ($length > $maxChars) {
			$length = $maxChars-3;
			$string =  substr($string,0,$length)."...";
		}
		return $string;
	}
	
/******************************************************************************
 * parseMediaTextForEdit - replaces ####<id>#### with appropriate filename info
 *			-> used for inline images from the media library in text
 ******************************************************************************/

	function parseMediaTextForEdit($field) {
		if (!$this->getField("$field")) return false;
		
		$this->data[$field] = ereg_replace("src=('{0,1})####('{0,1})","####",$this->getField($field));
		$textarray1 = explode("####", $this->getField($field));
		if (count($textarray1) > 1) {
			for ($i=1; $i < count($textarray1); $i+=2) {
				$id = $textarray1[$i];
				$filename = db_get_value("media","media_tag","media_id='".addslashes($id)."'");
				$query = "
					SELECT 
						slot_name 
					FROM
						media 
							INNER JOIN 
						site ON media.FK_site = site_id
							INNER JOIN
						slot ON site_id = slot.FK_site
					WHERE
						media_id = '".addslashes($id)."'
				";
				$a = db_fetch_assoc(db_query($query));
				$dir = $a[slot_name];
				$filepath = $uploadurl."/".$dir."/".$filename;
				$textarray1[$i] = "&&&& src='".$filepath."' @@@@".$id."@@@@ &&&&";
			}		
			$this->data[$field] = implode("",$textarray1);
		}
	}

/******************************************************************************
 * parseMediaTextForDB - does the exact opposite of above
 ******************************************************************************/

	function parseMediaTextForDB($field) {
		if (!$this->getField($field)) return false;
		$textarray1 = explode("&&&&", $this->getField($field));
		if (count($textarray1) > 1) {
			for ($i=1; $i<count($textarray1); $i=$i+2) {
				$textarray2 = explode("@@@@", $textarray1[$i]);
				$id = $textarray2[1];
				$textarray1[$i] = "src='####".$id."####'";
			}		
			$this->data[$field] = implode("",$textarray1);
		}
	}
	
/******************************************************************************
 * PERMISSIONS FUNCTIONS
 *
 * these functions handle part-specific permissions
 *	isEditor($user)		checks if $user is an editor for this part
 *	addEditor($e)		adds $e as an editor with default permissions (view only)
 *	delEditor($e)		removes all of $e's site permissions (ALL OF THEM)
 *	getEditors()		returns an array of editors for the site
 *	setPermissions($p)	set permissions to $p (a permission-formatted array)
 *	getPermissions()	returns a permission-formatted array of permissions
 *	clearPermissions()	flags all editor's scope-specific permissions to be removed
 *	setUserPermissions($user,$add,$edit,$del,$view,$discuss)
 *						sets $user's permissions to values of parameters (0 or 1)
 *	setUserPermissionsFromArray($user,$p)
 *						sets $user's permissions from permission-formatted array $p
 *	buildPermissionsArray()
 *						builds a permission-formatted array from the database
 *	updatePermissionsDB()
 *						updates the permissions database to reflect changes made above
 *	canview($user)		returns true/false depending on whether $user can view
 *						this part of the site. takes into account de/activate dates
 *						and active flag
 *	hasPermission($perms,$user)
 *						takes a formatted string $perms (ex, 'add and (edit or delete)')
 *						and returns true/false if $user has those permissions
 *	hasPermissionDown($perms,$user)
 *						checks if someone has $perms anywhere down the line
 ******************************************************************************/

	function isEditor($user='') {
		if ($user=='') 
			$user=$_SESSION[auser];
			
		if ($user == 'everyone' || $user == 'institute')
			return FALSE;
		
		if (!$this->builtPermissions && $this->id) $this->buildPermissionsArray();
		$this->fetchUp();
		$owner = $this->owningSiteObj->owner;
/* 		print "owner: $owner"; */
		if (strtolower($user) == strtolower($owner)) return 1;
		$toCheck = array(strtolower($user));
		$toCheck = array_merge($toCheck,$this->returnEditorOverlap(getuserclasses($user,"all")));
		$toCheck = array_merge($toCheck, getusergroups($user,"all"));
		
		$toCheck = array_unique($toCheck);
		
//		printpre("-----------------------------\nDebugging:");
//		printpre(__FILE__.": ".__LINE__);
// 		printpre($toCheck);
// 		printpre($this->editors);
// 		printpre("-----------------------------");

		foreach ($this->editors as $e) {
			if (in_array($e,$toCheck)) return 1;
		}
		return 0;
	}

	function addEditor($e) { 
		/* print "<br />Adding editor $e<br />"; */
//		if ($e == 'institute' || $e == 'everyone') return false;	// With the new permissions structure, this may be unwanted.
		if ($_SESSION[auser] == $e) { error("You do not need to add yourself as an editor."); return false; }
		if ($e && !in_array($e,$this->editors)) {
			$this->editors[]=$e;
			$this->setUserPermissions($e);
			$this->changedpermissions = 1;
		}
	}

	function delEditor($e) {
		$class=get_class($this);
		if ($e == 'institute' || $e == 'everyone') return false;
		if (!$e) return false;
		if (in_array($e,$this->editors)) {
			$n = array();
			foreach($this->editors as $v) {
				if ($v != $e) $n[]=$v;
			}
			$this->editors = $n;
			$this->setFieldDown("l%$e%add",0);
			$this->setFieldDown("l%$e%edit",0);
			$this->setFieldDown("l%$e%delete",0);
			$this->setFieldDown("l%$e%view",0);
			$this->setFieldDown("l%$e%discuss",0);
			$this->setUserPermissionDown("ADD",$e,0);
			$this->setUserPermissionDown("VIEW",$e,0);
			$this->setUserPermissionDown("EDIT",$e,0);
			$this->setUserPermissionDown("DELETE",$e,0);
			$this->setUserPermissionDown("DISCUSS",$e,0);
			$this->editorsToDelete[] = $e;
		}
	}
	
	function getEditors() {
		if (!$this->builtPermissions && $this->id)
			$this->buildPermissionsArray(0,0);
		return array_unique($this->editors);
	}
	
	/**
	 * Answer the users who have add, edit, and delete permission at the site
	 * level
	 * retun array The editor ids
	 */
	function getSiteLevelEditors () {
		if (!isset($this->_siteLevelEditors)) {
			$this->_siteLevelEditors = array();
			foreach ($this->getEditors() as $editor) {
				if ($this->owningSiteObj->hasPermission('add && edit && delete', $editor)) {
					$this->_siteLevelEditors[] = $editor;
				}
			}
		}
		
		return $this->_siteLevelEditors;
	}
	
	function setPermissions($p) {
		if (is_array($p)) {
			$this->permissions = $p;
			$this->editors = array_unique(array_merge(array_keys($p),$this->editors));	// add new editors from new permissions array
			$this->changedpermissions = 1;
		}
	}
	
/* 	function setPermissionsDown($p) { */
/* 		if (!$this->fetcheddown) $this->fetchDown(); */
/* 		$class=get_class($this); */
/* 		$ar = $this->_object_arrays[$class]; */
/* 		$this->setPermissions($p); */
/* 		if ($ar) { */
/* 			$a = &$this->$ar; */
/* 			if ($a) { */
/* 				foreach ($a as $i=>$o) { */
/* 					$a[$i]->setPermissionsDown($p); */
/* 				} */
/* 			} */
/* 		} */
/* 	} */
	
	function clearPermissions($editor = '') {
/* 		print "Editors: <pre>"; print_r($this->getEditors()); print "</pre>"; */
/* 		print "To Delete: <pre>"; print_r($this->editorsToDeleteInScope); print "</pre>"; */
		$this->editors = array();
		$this->permissions = array();
		$this->changedpermissions = 1;
	}
	
	function setUserPermissions($user,$add=0,$edit=0,$del=0,$view=0,$discuss=0) {
		$this->setUserPermissionsFromArray($user,array(ADD=>$add,EDIT=>$edit,DELETE=>$del,VIEW=>$view,DISCUSS=>$discuss));
	}
	
	function setUserPermissionsFromArray($user,$p) {
		$this->permissions[$user] = $p;
		$this->changedpermissions = 1;
	}
	
	function setUserPermissionDown($perm,$user,$val=1) {
		$class=get_class($this);
		$ar = $this->_object_arrays[$class];
		$p = strtoupper($perm);
		$c = permissions::$p();
		if ($this->permissions[$user][$c] != $val) {
			$this->permissions[$user][$c] = $val;
			$this->cachedPermissions["onlyuser".$user.$perm] = $val;	// Update the cached permissions array so that
														// hasPermission doesn't get a fscked up
			$this->cachedPermissions[$user.$perm] = $val;	// Update the cached permissions array so that
														// hasPermission doesn't get a fscked up
			$this->changedpermissions=1;
		}
		

/* 		if ($class == "site") $n = 0; */
/* 		else if ($class == "section")$n =4; */
/* 		else if ($class == "page")$n = 8; */
/* 		else $n=12; */
/* 		$i = 0; */
/* 		while($i <= $n) { */
/* 			print " &nbsp; "; */
/* 			$i++; */
/* 		} */
/* 		print $this->permissions[$user][$c]; */
/* 		print $class.": set -- has permission= -- should be: $val<br />"; */
/* 		print $this->permissions[$user][$c]; */
/* 		print "<pre>"; print_r($this->permissions[$user]); print "</pre>"; */
		
		if ($ar) {
			$a = &$this->$ar;
			if ($a) {
				foreach (array_keys($a) as $k=>$i) {
					$a[$i]->setUserPermissionDown($perm,$user,$val);
					$a[$i]->cachedPermissions["onlyuser".$user.$perm] = $val;	// Update the cached permissions array so that
																				// hasPermission doesn't get a fscked up
					$a[$i]->cachedPermissions[$user.$perm] = $val;	// Update the cached permissions array so that
																				// hasPermission doesn't get a fscked up
				}
			}
		}
	}
	
	function getPermissions() {
		// returns an html-formable permissions array based on the permissions table
		return $this->permissions;
	}
	
	function movePermission($action, $user, $origSite, $moveLevel) {
		// determines whether user can move an object here
		if ($this->getField("type") != get_class($this)) return 0;
		if ($this->owning_site == $origSite) {
			if ($action == "COPY") {
				if ($this->hasPermission("add",$user)) return 1;
				if ($moveLevel != get_class($this) && $this->hasPermissionDown("add",$user)) return 1;
			} else {
				if ($this->hasPermission("add or edit",$user)) return 1;
				if ($moveLevel != get_class($this) && $this->hasPermissionDown("add or edit",$user)) return 1;
			}
		} else {
			if ($this->hasPermission("add",$user)) return 1;
			if ($moveLevel != get_class($this) && $this->hasPermissionDown("add",$user)) return 1;
		}
		return 0;
	}
	
/******************************************************************************
 * buildPermissionsArray - builds the permissions array for current obj from DB
 ******************************************************************************/

	function buildPermissionsArray($force=0,$down=0) {
		if (!$force && $this->builtPermissions) return;
		
		$scope = get_class($this);
		$site = $this->owning_site;
		$id = $this->id;

		// the SQL queries for obtaining the permissions vary with the scope type. Thus, we have 4 cases, 1 for each scope type.
		
		// editors can be either institute, everyone, a username or a ugroup name
		// we need two queries for any one scope
		
		
		// CASE 1: scope is SITE
		if ($scope == 'site') {
		$query = "
SELECT
	user_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,
	MAKE_SET(IFNULL((permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions
FROM
	site
		INNER JOIN
	site_editors ON
		site_id = ".$this->id."
			AND
		site_id = FK_site
		LEFT JOIN
	user ON
		site_editors.FK_editor = user_id
		LEFT JOIN
	ugroup ON
		site_editors.FK_editor = ugroup_id
		LEFT JOIN
	permission ON
		site_id  = FK_scope_id
			AND
		permission_scope_type = 'site'
			AND
		permission.FK_editor <=> site_editors.FK_editor
			AND
		permission_editor_type = site_editors_type
";
		}

		// CASE 2: scope is SECTION
		else if ($scope == 'section') {
		$query = "
SELECT
	user_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,
	MAKE_SET(IFNULL((p1.permission_value+0),0) | IFNULL((p2.permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions
FROM
	site
		INNER JOIN
	section
		ON site_id = section.FK_site
			AND
		section_id = ".$this->id."
		INNER JOIN
	site_editors ON
		site_id = site_editors.FK_site
		LEFT JOIN
	user ON
		site_editors.FK_editor = user_id
		LEFT JOIN
	ugroup ON
		site_editors.FK_editor = ugroup_id
		LEFT JOIN
	permission as p1 ON
		site_id  = p1.FK_scope_id
			AND
		p1.permission_scope_type = 'site'
			AND
		p1.FK_editor <=> site_editors.FK_editor
			AND
		p1.permission_editor_type = site_editors_type
		LEFT JOIN 
	permission as p2 ON
		section_id  = p2.FK_scope_id
			AND
		p2.permission_scope_type = 'section'
			AND
		p2.FK_editor <=> site_editors.FK_editor
			AND
		p2.permission_editor_type = site_editors_type
";
		}

		// CASE 3: scope is PAGE
		else if ($scope == 'page') {
		$query = "
SELECT
	user_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,
	MAKE_SET(IFNULL((p1.permission_value+0),0) | IFNULL((p2.permission_value+0),0) | IFNULL((p3.permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions
FROM
	site
		INNER JOIN
	section
		ON site_id = section.FK_site
		INNER JOIN
	page
		ON section_id = page.FK_section
			AND
		page_id = ".$this->id."
		INNER JOIN
	site_editors ON
		site_id = site_editors.FK_site
		LEFT JOIN
	user ON
		site_editors.FK_editor = user_id
		LEFT JOIN
	ugroup ON
		site_editors.FK_editor = ugroup_id
		LEFT JOIN
	permission as p1 ON
		site_id  = p1.FK_scope_id
			AND
		p1.permission_scope_type = 'site'
			AND
		p1.FK_editor <=> site_editors.FK_editor
			AND
		p1.permission_editor_type = site_editors_type
		LEFT JOIN 
	permission as p2 ON
		section_id  = p2.FK_scope_id
			AND
		p2.permission_scope_type = 'section'
			AND
		p2.FK_editor <=> site_editors.FK_editor
			AND
		p2.permission_editor_type = site_editors_type
		LEFT JOIN
	permission as p3 ON
		page_id  = p3.FK_scope_id
			AND
		p3.permission_scope_type = 'page'
			AND
		p3.FK_editor <=> site_editors.FK_editor
			AND
		p3.permission_editor_type = site_editors_type
";
		}

		// CASE 4: scope is PAGE
		else if ($scope == 'story') {
			$query = "
				SELECT
					user_uname as editor, ugroup_name as editor2, site_editors_type as editor_type,
					MAKE_SET(IFNULL((p1.permission_value+0),0) | IFNULL((p2.permission_value+0),0) | IFNULL((p3.permission_value+0),0) | IFNULL((p4.permission_value+0),0), 'v', 'a', 'e', 'd', 'di') as permissions
				FROM
					site
						INNER JOIN
					section
						ON site_id = section.FK_site
						INNER JOIN
					page
						ON section_id = page.FK_section
						INNER JOIN
					story
						ON page_id = story.FK_page
							AND
						story_id = '".addslashes($this->id)."'
						INNER JOIN
					site_editors ON
						site_id = site_editors.FK_site
						LEFT JOIN
					user ON
						site_editors.FK_editor = user_id
						LEFT JOIN
					ugroup ON
						site_editors.FK_editor = ugroup_id
						LEFT JOIN
					permission as p1 ON
						site_id  = p1.FK_scope_id
							AND
						p1.permission_scope_type = 'site'
							AND
						p1.FK_editor <=> site_editors.FK_editor
							AND
						p1.permission_editor_type = site_editors_type
						LEFT JOIN 
					permission as p2 ON
						section_id  = p2.FK_scope_id
							AND
						p2.permission_scope_type = 'section'
							AND
						p2.FK_editor <=> site_editors.FK_editor
							AND
						p2.permission_editor_type = site_editors_type
						LEFT JOIN
					permission as p3 ON
						page_id  = p3.FK_scope_id
							AND
						p3.permission_scope_type = 'page'
							AND
						p3.FK_editor <=> site_editors.FK_editor
							AND
						p3.permission_editor_type = site_editors_type
						LEFT JOIN
					permission as p4 ON
						story_id = p4.FK_scope_id
							AND
						p4.permission_scope_type = 'story'
							AND
						p4.FK_editor <=> site_editors.FK_editor
							AND
						p4.permission_editor_type = site_editors_type
				";
		}

		// execute the query
//		echo $query;
		$r = db_query($query);
		//echo "Query result: ".$r."<br />";
		
		
		// reset the editor array		
		if ($r) {
			$this->editors = array();
			$this->permissions = array();
		}
		
		// for every permisson entry, add it to the permissions array
		while ($row=db_fetch_assoc($r)) {
			// decode 'final_permissions'; 
			// 'final_permissions' is a field returned by the query and contains a string of the form "'a','vi','e'" etc.
			$a = array();
			$dbPerms = explode(",", $row[permissions]);
			
			$a[v] = in_array('v', $dbPerms);
			$a[a] = in_array('a', $dbPerms);
			$a[e] = in_array('e', $dbPerms);
			$a[d] = in_array('d', $dbPerms);
			$a[di] = in_array('di', $dbPerms);
			
			// Trash the db perms variable.
			$dbPerms = NULL;
			unset ($dbPerms);
						
			// if the editor is a user then the editor's name is just the user name
			// if the editor is 'institute' or 'everyone' then set the editor's name correspondingly
			if ($row[editor_type]=='user')
				$t_editor = $row[editor];
			else if ($row[editor_type]=='ugroup')
				$t_editor = $row[editor2];
			else
				$t_editor = $row[editor_type];
			
			// Everyone and institute can't have add, edit, or delete permissions.
			// Somehow, these were added sometimes. If this is the case, prevent 
			// these from being set and reset those for the site.
			if ($t_editor == 'everyone' || $t_editor == 'institute') {
				// If we have a bad permission, do cleanup.
				if ($a[a] || $a[e] || $a[d]) {
				
					
					// Make sure that zeros get passed on.
					$a[a] = 0;
					$a[e] = 0;
					$a[d] = 0;
					
					// Clean up the permissions
					$this->owningSiteObj->setUserPermissionDown('add', $t_editor, 0);
					$this->owningSiteObj->s…