class_PDOProtected.inc.php

<?php
/**
 * @file	PDOProtected.inc.php
 * @category freeSN
 * @mailto	code [at] netz.coop
 * @version 0.4.200901
 * @link http://netz.coop
 * 
 *  @copyright Copyright by netz.coop e.G. 2015
 *  
 *
 *   This program is free software: you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation, either version 3 of the License, or
 *  (at your option) any later version.
 *
 *   This program is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 * 
 */
//	11.03.09 @sn


/**
 *	@filesource 	class_MySqlProtected.inc.php
 *
 * @category freeSN
 * @copyright Copyright by mensch.coop e.G. 2009
 * @mailto	dev [at] mensch.coop
 * @version 0.4.200901
 * @link http://mensch.coop
 */
abstract class PDOProtected extends PDOFunction {
	/** white list fpr operator */
	private static $whitelist_operators = array('BETWEEN' => null, 'TERM' => null, '=' => null, '!=' => null, 'LIKE' => null, '>' => null,'<' => null, '>=' => null,'<=' => null);
	/**
	 * @auth
	 */
	protected function deleteBasisElementFromDB(Account &$param_HostAccount, MultiMediaText $param_Object) {

		$var_binds = array( ':BEID' => $param_Object->getID(), ':RequestProfileID' => $param_HostAccount->getAuthorProfileID());
		$var_query = 'SELECT MultimediaText_delete(:BEID, :RequestProfileID) as var';
		$stmt = $this->PDO_query($var_query, $var_binds);

		$row = $this->PDO_getResultRow($stmt);

//D::show($row, 'SELECT MultimediaText_delete('.$param_Object->getID().', '.$param_HostAccount->getActiveProfileID().') as var _ '.$param_HostAccount->getAuthorProfileID(),1,1)		;
		return $row["var"];
	}

	/**
	 * @auth
	 */
	protected function deleteProfileFromDB(Account &$param_HostAccount, Profile $param_Object) {
		$stmt = $this->PDO_query('SELECT Profile_delete(:BEID, :RequestProfileID) as var', array(':BEID' => $param_Object->getID(), ':RequestProfileID' => $param_HostAccount->getActiveProfileID()));
		$row = $this->PDO_getResultRow($stmt);

		return $row["var"];
	}
	protected function BC_getIndirectArray(Account &$param_HostAccount, $param_PartOfID, $param_PartOfObjVar, $param_depth, $param_onlyThisClipboard, $param_whichBasisClipboard, $param_State=null, array $param_ConditionArray=null, $param_checkWrite=null) {
		$query = 'select AttachID, PartOfObjVar' .
				'	from losp_BasisClipboard' .
				'	inner join losp_BasisClipboard_objvar on losp_BasisClipboard_objvar.PartOfObjVarID=losp_BasisClipboard.PartOfObjVarID' .
				'	where PartOfID= :PartOfID';
		$var_bindValueArray = array(':PartOfID'	=> $param_PartOfID );
		$var_indirectMTexts = array();
		$stmt = $this->PDO_query($query, $var_bindValueArray);
		if($stmt){
			foreach($this->PDO_fetchAll($stmt) as $row) {
				if($param_whichBasisClipboard=='all' || (is_array($param_whichBasisClipboard) && array_search($row['PartOfObjVar'], $param_whichBasisClipboard)!==false) ) {
					if($param_onlyThisClipboard){
						$var_array = $this->getFromClipboard($param_HostAccount, $row['AttachID'], $param_PartOfObjVar, $param_KindOfObj=null, $param_State, $param_ConditionArray, $param_checkWrite );
						$var_indirectMTexts = array_merge($var_indirectMTexts, $var_array);
					} else {
						$var_classname = CONFIG::getBC_MultimediaText($param_PartOfObjVar);
						$var_array = $this->getFromClipboard($param_HostAccount, $row['AttachID'], null, $var_classname, $param_State, $param_ConditionArray, $param_checkWrite );
						$var_indirectMTexts = array_merge($var_indirectMTexts, $var_array);
					}
				}
				if($param_depth>0) {
					$var_array = $this->BC_getIndirectArray($param_HostAccount, $row['AttachID'], $param_PartOfObjVar, $param_depth-1, $param_onlyThisClipboard, $param_whichBasisClipboard, $param_State, $param_ConditionArray, $param_checkWrite);
					$var_indirectMTexts = array_merge($var_indirectMTexts, $var_array);
				}
			}
		}
		return $var_indirectMTexts;
	}

	/**
	 * lädt eine Values Tabelle und gibt sie als array zurück
	 */
	protected function loadValuesTable($param_ValuesTable, $param_ID) {
		$var_query = 'select VKey, VValue from '.$param_ValuesTable.' where ID= :ID';
		$var_bindValueArray = array(':ID'	=>	$param_ID,	);
		$stmt = $this->PDO_query($var_query, $var_bindValueArray);

		if($stmt){
			return $this->PDO_fetchAll($stmt);
		} else {
			return false;
		}
	}

	protected function setValuesTable($param_ValuesTable, $param_ID, array $param_Values) {
		$var_query = 'DELETE FROM '.$param_ValuesTable.' WHERE ID= :ID';
		$var_bindValueArray = array(':ID'	=>	$param_ID,	);
		$stmt = $this->PDO_query($var_query, $var_bindValueArray);

		foreach($param_Values as $var_key => $var_value) {
			$var_query = 'INSERT INTO '.$param_ValuesTable.' (ID, VKey, VValue ) VALUES (:ID, :VKey, :VValue)';
			$var_bindValueArray = array(
				':ID'		=>	$param_ID,
				':VKey'		=>	$var_key,
				':VValue'	=>	$var_value,
			);
			$stmt = $this->PDO_query($var_query, $var_bindValueArray);
			if(!$stmt){
				return false;
			}
		}
		return true;
	}

	protected function &insertMultimediaTextData(&$param_Object, Account &$param_HostAccount) {

		if(Secure::checkObjectAndTransformToSql($param_Object)) {
			/** Speichert Object Profile */
			if(get_class($param_Object)=="Profile"){
				if ($param_Object->getObjVar('NickName') && $param_Object->getObjVar('EMail')) {
					$param_Object->ThisVarObj_saveStandAloneObjects($param_HostAccount, $this);
					$var_ID = $this->insertProfile($param_Object);

					if($var_ID) {
						$param_Object =& MultimediaText::loadElement($param_HostAccount, $this, 'Profile', $var_ID);
					} else {
						return Error::newError("NoSaveBE","Das Speichern des Profile ".$param_Object->getObjVar('NickName')." ist fehlgeschlagen");
					}
				} else return Error::newError("NoSaveBE","Das Speichern des Date ".$this->ID." vom Author  ist fehlgeschlagen");

			} else if((is_subclass_of($param_Object, 'MultimediaText') && CONFIG::getSQL_Data(get_class($param_Object), 'Tablename'))) {
				$var_fnc = 'insert'.get_class($param_Object);
				$var_fnc = trim($var_fnc);

				if(in_array($var_fnc, get_class_methods($this))) {
					$param_Object->ThisVarObj_saveStandAloneObjects($param_HostAccount, $this);
					$param_Object->setID($this->$var_fnc($param_Object));

				} else {
					return Error::newError('NoSaveBE','Speichern von '.get_class($param_Object).' Objekt schlug fehl, '.get_class($this).'->'.$var_fnc.' Funktion existiert nicht');
				}

			} else if((get_class($param_Object)=='MultimediaText') || ((is_subclass_of($param_Object, 'MultimediaText') && !CONFIG::getSQL_Data(get_class($param_Object), 'Tablename')))) {
				if ($param_Object->getAuthor()->getID()) {
					$param_Object->ThisVarObj_saveStandAloneObjects($param_HostAccount, $this);
					$param_Object->setID($this->insertMultimediaText($param_Object));

				} else return Error::newError("NoSaveBE","Das Speichern des MultimediaText ".$this->ID." vom Author ".$this->Author->getObjVar('NickName')." ist fehlgeschlagen");
			} else {
				return Error::newError("NoSaveBE","Das Speichern des MultimediaText ".$this->ID." vom Author ".$this->Author->getObjVar('NickName')." ist fehlgeschlagen");
			}
			if(is_object($param_Object)) {
				$param_Object->ThisVarObj_saveBasisElementAddonObjects($param_HostAccount, $this);
				return $param_Object;
			} else {
				return Error::newError("NoSaveBE","Das Speichern des MultimediaText  ist fehlgeschlagen");
			}
		} else {

		}
	}

	/**
	 * save BasisElement into Database
	 *
	 * not check the Rights!!!!
	 */
	protected function saveMultimediaText(Account &$param_HostAccount, MultimediaText $param_Object) {
		if(is_subclass_of($param_Object, 'MultimediaText') || get_class($param_Object)=='MultimediaText'){
			if($param_Object->getID() && $param_Object->getAuthor_ProfileID()){

//				$param_Object->getObjVar('RightManagement')->getAuthorisationList()->saveObject($param_HostAccount, $this);
				$param_Object->ThisVarObj_saveStandAloneObjects($param_HostAccount, $this);
				$param_Object->ThisVarObj_saveBasisElementAddonObjects($param_HostAccount, $this);

				$var_RightManagement = &$param_Object->getObjVar('RightManagement');
				$var_bindValueArray = array(
//					':Author_ProfileID'	=>	$param_Object->getAuthor_ProfileID(),
					':Subject'	=>	$param_Object->getObjVar('Subject'),
					':LanguageCode'	=>	$param_Object->getObjVar('LanguageCode'),
					':Text'	=>	$param_Object->getObjVar('Text'),
					':BECategoryChoiceBEID'	=>	$param_Object->getObjVar('BECategoryChoiceBEID'),
					':AuthReadListID'	=>	$var_RightManagement->getReadListID(),
					':AuthWriteListID'	=>	$var_RightManagement->getWriteListID(),
					':PCAuthReadListID'	=>	$var_RightManagement->getPCAuthReadListID(),
					':PCAuthWriteListID'=>	$var_RightManagement->getPCAuthWriteListID(),
					':ID'	=>	$param_Object->getID(),
				);
				$query = "UPDATE losp_BasisElement SET" .
//						"	 Author_ProfileID= :Author_ProfileID, " .
						"		Subject= :Subject, " .
						"		LanguageCode= :LanguageCode, " .
						"		Text= :Text, ";
				if($param_Object->getObjVar('BasisElementDesignID')) {
					$query.="		BasisElementDesignID= :BasisElementDesignID, " ;
					$var_bindValueArray[':BasisElementDesignID'] = $param_Object->getObjVar('BasisElementDesignID');
				}
				$query.="		BECategoryChoiceBEID= :BECategoryChoiceBEID, " .
						"		AuthReadListID= :AuthReadListID, " .
						"		AuthWriteListID= :AuthWriteListID, " .
						"		PCAuthReadListID= :PCAuthReadListID, " .
						"		PCAuthWriteListID= :PCAuthWriteListID " .
						"		where ID = :ID";

				if($this->PDO_query($query, $var_bindValueArray))	{
//D::backtrace(1,1,1)					;
//D::show($var_bindValueArray, $query);
					return $param_Object;
				} else return Error::newError('DevError',"Das Speichern des MultimediaText ".$param_Object->getID()." vom Author  ist fehlgeschlagen",$query);

			} else if ($param_Object->getAuthor() && $param_Object->getAuthor()->getID()) {
				D::backtrace('kann das nicht weg und die funktion updateMultimediaText heißen');
//				$param_Object->getObjVar('RightManagement')->getAuthorisationList()->saveObject($param_HostAccount, $this);
				$param_Object->ThisVarObj_saveStandAloneObjects($param_HostAccount, $this);
				$param_Object->setID($this->insertMultimediaText($param_Object));
				$param_Object->ThisVarObj_saveBasisElementAddonObjects($param_HostAccount, $this);
				return $param_Object;
			} else {
				D::show($param_Object);
				return Error::newError("","Das Speichern des MultimediaText vom Author  ist fehlgeschlagen   " .
					"if(param_Object->getID()=".$param_Object->getID()." && param_Object->getAuthor_ProfileID()=".$param_Object->getAuthor_ProfileID().")" .
							"else if(param_Object->getAuthor()=".$param_Object->getAuthor()." && )");
			}
		} else return Error::newError("","Das Speichern des MultimediaText ist fehlgeschlagen ... Es ist kein MultimediaText Objekt. erbt noch nicht mal davon");
	}

	/**
	 * @auth
	 *	lade bestimmtes MultimediaText in denen $RequestProfileID indirektes Leserecht besitzt
	 *	[Leserecht und Schreibrecht wird vergeben]
	 *
	 */
	protected function MultimediaText_get(Account &$param_HostAccount, $ID){
		$query= 'select * from losp_BasisElement as mtext where ID= :ID';
		$stmt = $this->PDO_query($query, array(':ID'=>$ID));
		if($stmt) {
			$spalten = $this->PDO_getResultRow($stmt);
			$tmp = &$this->checkBEAuth($param_HostAccount, $spalten["ID"]);
			if($tmp["@read"] ){

				$spalten["@read"] = &$tmp["@read"];
				$spalten["@write"] = &$tmp["@write"];
			} else {
				return Error::newError('UserError',"Kein Recht für gar nichts ",$query);
			}
			return $spalten;
		} else {
			return Error::newError('UserError',"Konnte kein Text auswählen",$query);
		}
	}

		/**
		 *
		 * @return <type>
		 */
		protected function getBasisClipboadNameForMText($param_ID, $param_State=null) {
			$var_bindValueArray = array(':ID'	=>	$param_ID);

			$var_SelectState = $var_Where = '';
			if($param_State) {
				$var_SelectState = ', State';
				$var_Where = ' and State= :State';
				$var_bindValueArray[':State'] = $param_State;
			}

			$query = '' .
				'SELECT CategoryName, PartOfID, PartOfObjVar'.$var_SelectState.', LinkerProfileID, count(PartOfObjVar) as count FROM losp_BasisClipboard' .
				'	INNER JOIN losp_BasisClipboard_objvar ON losp_BasisClipboard_objvar.PartOfObjVarID=losp_BasisClipboard.PartOfObjVarID' .
				'	LEFT JOIN losp_BasisClipboard_category ON losp_BasisClipboard_category.CategoryID=losp_BasisClipboard.CategoryID';

			if($param_State) {
				$query .= '	INNER JOIN losp_BasisClipboard_state ON losp_BasisClipboard_state.StateID=losp_BasisClipboard.AttachStateID';
			}
			$query .= '	where losp_BasisClipboard.PartOfID= :ID '.$var_Where.' group by PartOfObjVar, CategoryName ';


			$stmt = $this->PDO_query($query, $var_bindValueArray);
			if($stmt){
				$var_Array = array();
				foreach($this->PDO_fetchAll($stmt) as $row) {
					if($row['CategoryName']) {
						$var_Array[CONFIG::transformArrayToString(array($row['PartOfObjVar'], $row['CategoryName']), 'category')] = $row['count'];
					} else {
						$var_Array[$row['PartOfObjVar']] = $row['count'];
					}
				}
				return $var_Array;
			} else {
				return FALSE;
			}
		}

		/**
		 *
		 * * @return <type> @todo PDO Umstellung
		 * Function return a sub query string
		 *
		 * @param string 	param_FromTablename
		 * @param int 		param_RequestProfileID
		 * @param string 	param_orderbydefault
		 * @param string	param_Where
		 * @param string	param_checkWrite
		 * @param array		param_ConditionArray @link http://vosp.info/index.php/LOSP#param_ConditionArray param_ConditionArray
		 * @param boolean	param_OnlyGroups		select only group content
		 * @param boolean	param_OnlyWithWriteRight
		 */
		protected function getMTextSubQueryAuthString (Account &$param_HostAccount, $param_orderbydefault=null, $param_Where=null, array $param_ConditionArray=null, $param_checkWrite=null, $param_OnlyGroups=false, $param_OnlyWithWriteRight=false, array &$param_BindValues, $param_PartOfID=null, $param_BasisClipboardName=null) {


			$PossibleProfileIDArray = $param_HostAccount->getPossibleProfileIDArray($param_PartOfID, $param_BasisClipboardName);

			if(!is_array($param_ConditionArray)) {
				$param_ConditionArray = array();
			}

			/**
			 * param_ConditionArray Handling
			 *
			 * @author non
			 * @since  26.11.2008
			 */
			{

				if(array_key_exists('OrderByDefault',$param_ConditionArray)){
					$param_orderbydefault = $param_ConditionArray['OrderByDefault'];
				}

				if((boolean) $param_orderbydefault){
					if(!array_key_exists('direction', $param_ConditionArray) && array_key_exists('direction', $param_orderbydefault)){
						$param_ConditionArray['direction'] = $param_orderbydefault['direction'];
					}
					if(array_key_exists('orderby', $param_orderbydefault) && !array_key_exists('orderby', $param_ConditionArray)){
						$param_ConditionArray['orderby'] = $param_orderbydefault['orderby'];
					}
					if(array_key_exists('partOfID', $param_orderbydefault) && !array_key_exists('partOfID', $param_ConditionArray)){
						$param_ConditionArray['partOfID'] = $param_orderbydefault['partOfID'];
					}
					if(!array_key_exists('column', $param_ConditionArray)) {
						if(is_array($param_orderbydefault)) {
							if(array_key_exists('column', $param_orderbydefault)) {
								$param_ConditionArray['column'] = $param_orderbydefault['column'];
							} else {
								$param_ConditionArray['column'] = '';
							}

							if(array_key_exists('columnsec', $param_orderbydefault) && (boolean) $param_orderbydefault['columnsec']) {
								$param_ConditionArray['columnsec'] = $param_orderbydefault['columnsec'];
							}

							if(array_key_exists('from', $param_orderbydefault) && (boolean) $param_orderbydefault['from']) {
								$param_ConditionArray['from'] = $param_orderbydefault['from'];
								$param_ConditionArray['operator'] = $param_orderbydefault['operator'];
								$param_ConditionArray['to'] = $param_orderbydefault['to'];
								//$param_ConditionArray['columnsec'] = $param_orderbydefault['columnsec'];
							}
						} else {
							$param_ConditionArray['column'] = $param_orderbydefault;
							$param_ConditionArray['direction'] = 'ASC';
						}
					}
				}
				/**
				 * Precondition
				 */
				{
					if(array_key_exists('column', $param_ConditionArray) && (boolean) $param_ConditionArray['column']) {
					} else {
						$param_ConditionArray['column'] = 'ID';
					}
				}
			}
			if((boolean) $param_Where) {
				if(is_array($param_Where)){

				 	if($param_PartOfID == $param_HostAccount->getActiveProfileID()){
						if(array_key_exists('partOfID', $param_ConditionArray)){
							if(is_array($param_ConditionArray['partOfID'])){
								$param_Where[1] = " ( ";
								$i=1;
								foreach($param_ConditionArray['partOfID'] as $key => $value){
									if(array_key_exists($key,$PossibleProfileIDArray)){
										if($key == $param_BindValues[":PartOfID"]){
											$param_Where[1] .= " losp_BasisClipboard.PartOfID = :PartOfID OR ";
										}
										else{
											$param_Where[1] .= " losp_BasisClipboard.PartOfID = :PartOfID".$i." OR ";
											$param_BindValues[":PartOfID".$i]=$key;
										}
										$i++;
									}
								}
								$param_Where[1] = substr($param_Where[1],0,-3);
								$param_Where[1] .= " ) ";
							}
							else{
								if($param_ConditionArray['partOfID'] == 'allProfileIDs'){
									$param_Where[1] = " ( losp_BasisClipboard.PartOfID = :PartOfID OR ";
									$i=1;
									foreach($PossibleProfileIDArray as $key => $value){
										if($key == $param_BindValues[":PartOfID"]){
											$i++;
										}
										else{
											$param_Where[1] .= " losp_BasisClipboard.PartOfID = :PartOfID".$i." OR ";
											$param_BindValues[":PartOfID".$i]=$key;
											$i++;
										}
									}

									$param_Where[1] = substr($param_Where[1],0,-3);
									$param_Where[1] .= " ) ";
								}
								else{
									if(array_key_exists($param_ConditionArray['partOfID'],$PossibleProfileIDArray)){
										$param_BindValues[":PartOfID"]=$param_ConditionArray['partOfID'];
									}
								}
							}
						}

					}
					$param_Where = $param_Where[0].$param_Where[1].$param_Where[2];
				}
				$param_Where = '('.$param_Where.') &&';
			}
			$MTextSubQueryString = $this->getSubQueryAuthString($param_HostAccount, $param_PartOfID, $param_BasisClipboardName, $param_Where, $param_BindValues, $param_OnlyWithWriteRight, $param_OnlyGroups);

			{
				/**
				 * Equation Part	(=||<||>)			[operator]	[back]
				 */


				/**
				 * unschöne ConditioArray verabrbeitung
				 * @todo:
				 * 		- folgenden do code überdenken und evt effizienter coden
				 * 		- es gibt keine abfragen ob die übergebenden parameter im conditionArray dem code genügen (standard vorher überprüfen?)
				 * 		- add ungleich
				 */

				$tmp_Counter=0;
				if(array_key_exists('operator', $param_ConditionArray) || !array_key_exists('secConditionArrays', $param_ConditionArray)){
					$tmp_ConditionArray=$param_ConditionArray;
				}
				else{
					$tmp_ConditionArray=$param_ConditionArray['secConditionArrays'][$tmp_Counter];
					$tmp_Counter=1;
				}

				//			$tmp_nexus=' AND ';
				//			$tmp_innerNexus=' OR ';

				if(array_key_exists('nexus', $tmp_ConditionArray) && ($tmp_ConditionArray['nexus'] == 'OR' || $tmp_ConditionArray['nexus'] == 'AND')){
					$tmp_nexus=' '.$tmp_ConditionArray['nexus'].' ';
				}
				else{
					$tmp_nexus=' AND ';
				}
				if(array_key_exists('innerNexus', $tmp_ConditionArray) && ($tmp_ConditionArray['innerNexus'] == 'OR' || $tmp_ConditionArray['innerNexus'] == 'AND')){
					$tmp_innerNexus=' '.$tmp_ConditionArray['innerNexus'].' ';
				}
				else{
					$tmp_innerNexus=' OR ';
				}

				$MTextSubQueryString_CA = null;
				do{
					if(array_key_exists('from', $tmp_ConditionArray) && $tmp_ConditionArray['from'] && array_key_exists('operator', $tmp_ConditionArray) && $tmp_ConditionArray['operator']) {

						//whitelist check for operator
						if(is_array($tmp_ConditionArray['operator'])){
							foreach($tmp_ConditionArray['operator'] as $o){
								if(!array_key_exists($o,self::$whitelist_operators)){

									return;
								}
							}
						}
						else{
							if(!array_key_exists($tmp_ConditionArray['operator'],self::$whitelist_operators)){

								return;
							}
						}

						if($tmp_ConditionArray['operator']!='BETWEEN' && $tmp_ConditionArray['operator']!='TERM'){

							if(!is_array($tmp_ConditionArray['from']) && !is_array($tmp_ConditionArray['column'])){
								//							$MTextSubQueryString_CA  .=	' AND '.$tmp_ConditionArray['column'].' '.$tmp_ConditionArray['operator'].' \''.$tmp_ConditionArray['from'].'\' ';

								$MTextSubQueryString_CA  .=	' AND '.$tmp_ConditionArray['column'].' '.$tmp_ConditionArray['operator'].' :'.$tmp_ConditionArray['column'].'_'.$tmp_Counter.' ';
								$param_BindValues[':'.$tmp_ConditionArray['column'].'_'.$tmp_Counter] = $tmp_ConditionArray['from'];
							}
							else{
								if(count($tmp_ConditionArray['column'])==1){
									foreach($tmp_ConditionArray['from'] as $key => $value){
										if($key != 0)
											$MTextSubQueryString_CA  .=	$tmp_innerNexus;
										else{
											$MTextSubQueryString_CA  .=	$tmp_nexus.' ( ';
										}
										//									$MTextSubQueryString_CA  .=	$tmp_ConditionArray['column'][0].' '.$tmp_ConditionArray['operator'].' \''.$tmp_ConditionArray['from'][$key].'\' ';

										$MTextSubQueryString_CA  .=	$tmp_ConditionArray['column'][0].' '.$tmp_ConditionArray['operator'].' :'.$tmp_ConditionArray['column'][0].'_'.$tmp_Counter.' ';
										$param_BindValues[':'.$tmp_ConditionArray['column'][0].'_'.$tmp_Counter] = $tmp_ConditionArray['from'][$key];

									}
									$MTextSubQueryString_CA  .= ' ) ';
								}
								else if(count($tmp_ConditionArray['from'])==1){
									foreach($tmp_ConditionArray['column'] as $key => $value){
										if($key != 0)
										$MTextSubQueryString_CA  .=	$tmp_innerNexus;
										else{
											$MTextSubQueryString_CA  .=	$tmp_nexus.' ( ';
										}
										//									$MTextSubQueryString_CA  .=	$tmp_ConditionArray['column'][$key].' '.$tmp_ConditionArray['operator'].' \''.$tmp_ConditionArray['from'][0].'\' ';

										$MTextSubQueryString_CA  .=	$tmp_ConditionArray['column'][$key].' '.$tmp_ConditionArray['operator'].' :'.$tmp_ConditionArray['column'][$key].'_'.$tmp_Counter.' ';
										$param_BindValues[':'.$tmp_ConditionArray['column'][$key].'_'.$tmp_Counter] = $tmp_ConditionArray['from'][0];

									}
									$MTextSubQueryString_CA  .= ' ) ';
								}
								else{
									foreach($tmp_ConditionArray['column'] as $key => $value){
										if($key != 0)
										$MTextSubQueryString_CA  .=	$tmp_innerNexus;
										else{
											$MTextSubQueryString_CA  .=	$tmp_nexus.' ( ';
										}
										//									$MTextSubQueryString_CA  .=	$tmp_ConditionArray['column'][$key].' '.$tmp_ConditionArray['operator'].' \''.$tmp_ConditionArray['from'][$key].'\' ';

										$MTextSubQueryString_CA  .=	$tmp_ConditionArray['column'][$key].' '.$tmp_ConditionArray['operator'].' :'.$tmp_ConditionArray['column'][$key].'_'.$tmp_Counter.' ';
										$param_BindValues[':'.$tmp_ConditionArray['column'][$key].'_'.$tmp_Counter] = $tmp_ConditionArray['from'][$key];
									}
									$MTextSubQueryString_CA  .= ' ) ';
								}

							}
						}
						else if($tmp_ConditionArray['operator']=='BETWEEN'){
							foreach($tmp_ConditionArray['column'] as $key => $value){
								if($key != 0)
								$MTextSubQueryString_CA  .=	$tmp_innerNexus;
								else{
									$MTextSubQueryString_CA  .=	$tmp_nexus.' ( ';
								}
								//							$MTextSubQueryString_CA  .=	$tmp_ConditionArray['column'][$key].' '.$tmp_ConditionArray['operator'].' \''.$tmp_ConditionArray['from'][0].'\' AND \' '.$tmp_ConditionArray['from'][1].'\' ';

								$MTextSubQueryString_CA  .=	$tmp_ConditionArray['column'][$key].' '.$tmp_ConditionArray['operator'].' :'.$tmp_ConditionArray['column'][$key].'_'.$tmp_Counter.'_0 AND :'.$tmp_ConditionArray['column'][$key].'_'.$tmp_Counter.'_1 ';
								$param_BindValues[':'.$tmp_ConditionArray['column'][$key].'_'.$tmp_Counter.'_0'] = $tmp_ConditionArray['from'][0];
								$param_BindValues[':'.$tmp_ConditionArray['column'][$key].'_'.$tmp_Counter.'_1'] = $tmp_ConditionArray['from'][1];
							}
							$MTextSubQueryString_CA  .= ' ) ';
						}
						else if($tmp_ConditionArray['operator']=='TERM'){
							//						$MTextSubQueryString_CA  .=	' AND '.$tmp_ConditionArray['column'][0].' BETWEEN \''.$tmp_ConditionArray['from'][0].'\' AND \' '.$tmp_ConditionArray['from'][1].'\' ';

							$MTextSubQueryString_CA  .=	' AND '.$tmp_ConditionArray['column'][0].' BETWEEN :'.$tmp_ConditionArray['column'][0].'_'.$tmp_Counter.'_0 AND :'.$tmp_ConditionArray['column'][0].'_'.$tmp_Counter.'_1 ';
							$param_BindValues[':'.$tmp_ConditionArray['column'][0].'_'.$tmp_Counter.'_0'] = $tmp_ConditionArray['from'][0];
							$param_BindValues[':'.$tmp_ConditionArray['column'][0].'_'.$tmp_Counter.'_1'] = $tmp_ConditionArray['from'][1];

							if(count($param_ConditionArray['column'])==2){
								//							$MTextSubQueryString_CA  .=	' OR '.$tmp_ConditionArray['column'][1].' BETWEEN \''.$tmp_ConditionArray['from'][0].'\' AND \' '.$tmp_ConditionArray['from'][1].'\' ';

								$MTextSubQueryString_CA  .=	' OR '.$tmp_ConditionArray['column'][1].' BETWEEN :'.$tmp_ConditionArray['column'][1].'_'.$tmp_Counter.'_0 AND :'.$tmp_ConditionArray['column'][1].'_'.$tmp_Counter.'_1 ';
								$param_BindValues[':'.$tmp_ConditionArray['column'][1].'_'.$tmp_Counter.'_0'] = $tmp_ConditionArray['from'][0];
								$param_BindValues[':'.$tmp_ConditionArray['column'][1].'_'.$tmp_Counter.'_1'] = $tmp_ConditionArray['from'][1];

								$MTextSubQueryString_CA  .=	' OR '.$tmp_ConditionArray['column'][0].' <= :'.$tmp_ConditionArray['column'][0].'_'.$tmp_Counter.'_TERM AND  '.$tmp_ConditionArray['column'][1].' >= :'.$tmp_ConditionArray['column'][1].'_'.$tmp_Counter.'_TERM ';
								$param_BindValues[':'.$tmp_ConditionArray['column'][0].'_'.$tmp_Counter.'_TERM'] = $tmp_ConditionArray['from'][1];
								$param_BindValues[':'.$tmp_ConditionArray['column'][1].'_'.$tmp_Counter.'_TERM'] = $tmp_ConditionArray['from'][1];
							}
						}

						if(array_key_exists('secConditionArrays', $param_ConditionArray) && array_key_exists($tmp_Counter, $param_ConditionArray['secConditionArrays']) ){
							$tmp_ConditionArray=$param_ConditionArray['secConditionArrays'][$tmp_Counter];


							if(array_key_exists('nexus', $tmp_ConditionArray) && ($tmp_ConditionArray['nexus'] == 'OR' || $tmp_ConditionArray['nexus'] == 'AND')){
								$tmp_nexus=' '.$tmp_ConditionArray['nexus'].' ';
							}
							else{
								$tmp_nexus=' AND ';
							}
							if(array_key_exists('innerNexus', $tmp_ConditionArray) && ($tmp_ConditionArray['innerNexus'] == 'OR' || $tmp_ConditionArray['innerNexus'] == 'AND')){
								$tmp_innerNexus=' '.$tmp_ConditionArray['innerNexus'].' ';
							}
							else{
								$tmp_innerNexus=' OR ';
							}

							$tmp_Counter++;
						}
						else{
							break;
						}
					}
					else{
						break;
					}
				}while(true);

				/**
				 * @todo @performance kann hier dieses And nicht am besten als $param_Where an die getSubQueryAuthString Funktion übergeben werden,
				 *			da sich das teilweise besser auf die performance auswirken würden 100405 @f
				 */
				if($MTextSubQueryString_CA) {
					$MTextSubQueryString .= ' AND ( '.substr($MTextSubQueryString_CA, 4).' ) ';

				}
				//D::ulli($MTextSubQueryString_CA);
				//D::ulli(substr($MTextSubQueryString_CA, 4));
				//$MTextSubQueryString .= $MTextSubQueryString_CA;
				$MTextSubQueryString .= ' ) ';

				/**
				 * Order by Part 	(ASC||DESC)			[direction]
				 */


				$MTextSubQueryString  .=	' ORDER BY ';

				if(array_key_exists('orderby',$param_ConditionArray)){
					$MTextSubQueryString  .= $param_ConditionArray['orderby'][0];
				}
				else{
					if(is_array($param_ConditionArray['column']))
					$MTextSubQueryString  .= $param_ConditionArray['column'][0];

					else
					$MTextSubQueryString  .= $param_ConditionArray['column'];

					if (array_key_exists('direction', $param_ConditionArray) && ($param_ConditionArray['direction']=="desc" || $param_ConditionArray['direction']=="DESC")){
						$MTextSubQueryString  .=	' DESC';
					}
					else{
						$MTextSubQueryString  .=	' ASC';
					}
				}


				/**
				 * Limit Part		(integer)			[limit]
				 */
				if(array_key_exists('limit', (array) $param_ConditionArray) && (boolean) $param_ConditionArray['limit']) {
					$MTextSubQueryString .= ' LIMIT  ';
					if(array_key_exists('limitOf', $param_ConditionArray) && $param_ConditionArray['limitOf'] != null) {
						$MTextSubQueryString .= $param_ConditionArray['limitOf'].',';
					}
					$MTextSubQueryString .= $param_ConditionArray['limit'].' ';
				}

			}

			return $MTextSubQueryString;
		}


		protected function getMTextSubQueryString ($param_Tablename, $param_checkWrite=false) {
			$var_MTextID = '';
			if($param_Tablename) {
				$var_MTextID = 'MTextID,';
			}

			$MTextSubQueryString = ' ' .
				'	ID, '.$var_MTextID.' Author_ProfileID, LanguageCode, Subject, Text, CreateDate, TagListID, BECategoryChoiceBEID, BECategoryListID, AuthReadListID, AuthWriteListID, PCAuthReadListID, PCAuthWriteListID, BasisElementDesignID ' ;
			if($param_checkWrite==true){
				$MTextSubQueryString .= ", " .
					"		(SELECT PartOfID FROM losp_BasisClipboard where losp_BasisClipboard.PartOfID=losp_BasisElement.ID AND losp_BasisClipboard.PartOfObjVarID=9 LIMIT 1)" .
					"			as HasAspirantWriteRight " ;
			}

			return $MTextSubQueryString;
		}



		/**
		 *
		 * @return <type> @todo PDO Umstellung
		 */
		protected function getMTextQuery(Account &$param_HostAccount, $param_classname, $param_ConditionArray=null, $param_checkWrite=true, $param_OnlyGroups=false, $param_OnlyWithWriteRight=false, $param_MTextClipboard=null, array &$param_BindValues) {
			$param_RequestProfileID = $param_HostAccount->getActiveProfileID();
			if(class_exists($param_classname) && (is_subclass_of($param_classname, 'MultimediaText') || ($param_classname)=='MultimediaText')) {

				$Tablename = CONFIG::getSQL_Data($param_classname, 'Tablename');
				//D::li('$Tablename('.$Tablename.')  $param_classname('.$param_classname.')');
				if((boolean) CONFIG::getSQL_Data($param_classname, 'SelectColumns')) {
					$SelectColumns = CONFIG::getSQL_Data($param_classname, 'SelectColumns') .", ";
				} else {
					$SelectColumns = '';
				}

				//			if(($param_classname)=='MultimediaText') {
				if(!$Tablename) {
					$Tablename = 'losp_BasisElement';
				}

				$MTextSubQueryString = '';
				if($Tablename != 'losp_BasisElement') {
					$MTextSubQueryString = " inner join losp_BasisElement on losp_BasisElement.ID=".$Tablename.".MTextID ";
				}

				$query =  " SELECT ClassID, '".$param_classname."' as losp_classname, '".$param_MTextClipboard."' as PartOfObjVar,".$SelectColumns.$this->getMTextSubQueryString(CONFIG::getSQL_Data($param_classname, 'Tablename'))." ".
						"	FROM ".$Tablename." " .CONFIG::getSQL_Data($param_classname, 'Joins') ;

				$query .= 	" ".$MTextSubQueryString.$this->getMTextSubQueryAuthString($param_HostAccount, CONFIG::getSQL_Data($param_classname, 'OrderByDefault'), CONFIG::getSQL_Data($param_classname, 'Where'), $param_ConditionArray, $param_checkWrite, $param_OnlyGroups, $param_OnlyWithWriteRight, $param_BindValues);

//D::show($param_BindValues, __CLASS__.'->'. __FUNCTION__.'  # '.$query);
				return $query;
			} else {
				D::h1('FEHLER: $param_classname = '.$param_classname.' is_subclass_of($param_classname, MultimediaText) = ('.is_subclass_of($param_classname, 'MultimediaText').')');
				return false;
			}
		}

}
?>