From 2052e167f7dc04e37041443f640af4e8c18c3bc0 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 04 Dec 2012 08:36:35 -0500
Subject: [PATCH] Fixed: FS#2524 - Add check in remote api that no email alias can be added that exists as mailbox
---
interface/lib/classes/tform.inc.php | 180 +++++++++++++++++++++++++++++++++++++++++++++++++----------
1 files changed, 149 insertions(+), 31 deletions(-)
diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php
index b469e2e..b0b727c 100644
--- a/interface/lib/classes/tform.inc.php
+++ b/interface/lib/classes/tform.inc.php
@@ -54,14 +54,14 @@
* SEPARATOR
* - separator char used for fileds with multiple values
*
-* Hint: The auto increment (ID) filed of the table has not be be definied eoarately.
+* Hint: The auto increment (ID) filed of the table has not be be definied separately.
*
*/
class tform {
/**
- * Table definition (array)
+ * Definition of the database table (array)
* @var tableDef
*/
var $tableDef;
@@ -79,25 +79,25 @@
var $table_name;
/**
- * Enable debigging
+ * Debug Variable
* @var debug
*/
var $debug = 0;
/**
- * name of the primary field of the datbase table (string)
+ * name of the primary field of the database table (string)
* @var table_index
*/
var $table_index;
/**
- * contains the error message
+ * contains the error messages
* @var errorMessage
*/
var $errorMessage = '';
var $dateformat = "d.m.Y";
- var $formDef;
+ var $formDef = array();
var $wordbook;
var $module;
var $primary_id;
@@ -124,7 +124,7 @@
function loadFormDef($file,$module = '') {
global $app,$conf;
- include_once($file);
+ include($file);
$this->formDef = $form;
$this->module = $module;
@@ -169,11 +169,17 @@
if(!is_array($this->formDef['tabs'][$tab])) $app->error("Tab does not exist or the tab is empty (TAB: $tab).");
$new_record = '';
$table_idx = $this->formDef['db_table_idx'];
- if(isset($record[$table_idx])) $new_record[$table_idx] = intval($record[$table_idx ]);
+ if(isset($record[$table_idx])) $new_record[$table_idx] = $app->functions->intval($record[$table_idx ]);
if(is_array($record)) {
- foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) {
- switch ($field['datatype']) {
+ foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) {
+
+ //* Apply filter to record value.
+ if(isset($field['filters']) && is_array($field['filters'])) {
+ $record[$key] = $this->filterField($key, (isset($record[$key]))?$record[$key]:'', $field['filters'], 'SHOW');
+ }
+
+ switch ($field['datatype']) {
case 'VARCHAR':
$new_record[$key] = $record[$key];
break;
@@ -196,7 +202,7 @@
break;
case 'INTEGER':
- $new_record[$key] = intval($record[$key]);
+ $new_record[$key] = $app->functions->intval($record[$key]);
break;
case 'DOUBLE':
@@ -218,7 +224,7 @@
}
/**
- * Get the key => value array of a form filed from a datasource definitiom
+ * Get the key => value array of a form filled from a datasource definitiom
*
* @param field = array with field definition
* @param record = Dataset as array
@@ -241,7 +247,6 @@
$table_idx = $this->formDef['db_table_idx'];
$tmp_recordid = (isset($record[$table_idx]))?$record[$table_idx]:0;
- //$tmp_recordid = intval($this->primary_id);
$querystring = str_replace("{RECORDID}",$tmp_recordid,$querystring);
unset($tmp_recordid);
@@ -270,6 +275,17 @@
} else {
$this->errorMessage .= "Custom datasource class or function is empty<br />\r\n";
}
+ }
+
+ if(isset($field['filters']) && is_array($field['filters'])) {
+ $new_values = array();
+ foreach($values as $index => $value) {
+ $new_index = $this->filterField($index, $index, $field['filters'], 'SHOW');
+ $new_values[$new_index] = $this->filterField($index, (isset($values[$index]))?$values[$index]:'', $field['filters'], 'SHOW');
+ }
+ $values = $new_values;
+ unset($new_values);
+ unset($new_index);
}
return $values;
@@ -394,7 +410,7 @@
$selected = ($k == $val)?' SELECTED':'';
if(!empty($this->wordbook[$v]))
$v = $this->wordbook[$v];
- $out .= "<option value='$k'$selected>$v</option>\r\n";
+ $out .= "<option value='$k'$selected>".$this->lng($v)."</option>\r\n";
}
}
$new_record[$key] = $out;
@@ -619,8 +635,15 @@
if(is_array($record)) {
foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) {
-
- if(isset($field['validators']) && is_array($field['validators'])) $this->validateField($key, (isset($record[$key]))?$record[$key]:'', $field['validators']);
+
+ //* Apply filter to record value
+ if(isset($field['filters']) && is_array($field['filters'])) {
+ $record[$key] = $this->filterField($key, (isset($record[$key]))?$record[$key]:'', $field['filters'], 'SAVE');
+ }
+ //* Validate record value
+ if(isset($field['validators']) && is_array($field['validators'])) {
+ $this->validateField($key, (isset($record[$key]))?$record[$key]:'', $field['validators']);
+ }
switch ($field['datatype']) {
case 'VARCHAR':
@@ -664,7 +687,7 @@
}
break;
case 'INTEGER':
- $new_record[$key] = (isset($record[$key]))?$record[$key]:0;
+ $new_record[$key] = (isset($record[$key]))?$app->functions->intval($record[$key]):0;
//if($new_record[$key] != $record[$key]) $new_record[$key] = $field['default'];
//if($key == 'refresh') die($record[$key]);
break;
@@ -704,6 +727,46 @@
}
return $new_record;
}
+
+ /**
+ * process the filters for a given field.
+ *
+ * @param field_name = Name of the field
+ * @param field_value = value of the field
+ * @param filters = Array of filters
+ * @param filter_event = 'SAVE'or 'SHOW'
+ * @return record
+ */
+
+ function filterField($field_name, $field_value, $filters, $filter_event) {
+
+ global $app;
+ $returnval = $field_value;
+
+ //* Loop trough all filters
+ foreach($filters as $filter) {
+ if($filter['event'] == $filter_event) {
+ switch ($filter['type']) {
+ case 'TOLOWER':
+ $returnval = strtolower($returnval);
+ break;
+ case 'TOUPPER':
+ $returnval = strtoupper($returnval);
+ break;
+ case 'IDNTOASCII':
+ $returnval = $app->functions->idn_encode($returnval);
+ break;
+ case 'IDNTOUTF8':
+ $returnval = $app->functions->idn_decode($returnval);
+ break;
+ default:
+ $this->errorMessage .= "Unknown Filter: ".$filter['type'];
+ break;
+ }
+ }
+ }
+ return $returnval;
+ }
/**
* process the validators for a given field.
@@ -736,7 +799,9 @@
}
break;
case 'UNIQUE':
- if($this->action == 'NEW') {
+ if($validator['allowempty'] != 'y') $validator['allowempty'] = 'n';
+ if($validator['allowempty'] == 'n' || ($validator['allowempty'] == 'y' && $field_value != '')){
+ if($this->action == 'NEW') {
$num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."'");
if($num_rec["number"] > 0) {
$errmsg = $validator['errmsg'];
@@ -746,7 +811,7 @@
$this->errorMessage .= $errmsg."<br />\r\n";
}
}
- } else {
+ } else {
$num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."' AND ".$this->formDef['db_table_idx']." != ".$this->primary_id);
if($num_rec["number"] > 0) {
$errmsg = $validator['errmsg'];
@@ -756,7 +821,8 @@
$this->errorMessage .= $errmsg."<br />\r\n";
}
}
- }
+ }
+ }
break;
case 'NOTEMPTY':
if(empty($field_value)) {
@@ -800,7 +866,7 @@
}
}
} else {
- $tmpval = intval($field_value);
+ $tmpval = $app->functions->intval($field_value);
if($tmpval === 0 and !empty($field_value)) {
$errmsg = $validator['errmsg'];
if(isset($this->wordbook[$errmsg])) {
@@ -818,12 +884,43 @@
$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
} else {
$this->errorMessage .= $errmsg."<br />\r\n";
- }
- }
- break;
- case 'ISIPV4':
- $vip=1;
- if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
+ }
+ }
+ break;
+ case 'ISV6PREFIX':
+ $v6_prefix_ok = 0;
+ $explode_field_value = explode(':',$field_value);
+ if ($explode_field_value[count($explode_field_value)-1]=='' && $explode_field_value[count($explode_field_value)-2]=='' ){
+ if ( count($explode_field_value) <= 9 ) {
+ if(filter_var(substr($field_value,0,strlen($field_value)-2),FILTER_VALIDATE_IP,FILTER_FLAG_IPV6) or filter_var(substr($field_value,0,strlen($field_value)-2).'::0',FILTER_VALIDATE_IP,FILTER_FLAG_IPV6) or filter_var(substr($field_value,0,strlen($field_value)-2).':0',FILTER_VALIDATE_IP,FILTER_FLAG_IPV6) ) {
+ $v6_prefix_ok = 1;
+ }
+ }
+ } else {
+ $v6_prefix_ok = 2;
+ }
+ // check subnet against defined server-ipv6
+ $sql_v6 = $app->db->queryOneRecord("SELECT ip_address FROM server_ip WHERE ip_type = 'IPv6' AND virtualhost = 'y' LIMIT 0,1");
+ $sql_v6_explode=explode(':',$sql_v6['ip_address']);
+ if ( count($sql_v6_explode) < count($explode_field_value) && isset($sql_v6['ip_address']) ) {
+ $v6_prefix_ok = 3;
+ }
+ if($v6_prefix_ok == 0) {
+ $errmsg = $validator['errmsg'];
+ }
+ if($v6_prefix_ok == 2) {
+ $errmsg = 'IPv6 Prefix must end with ::';
+ }
+ if($v6_prefix_ok == 3) {
+ $errmsg = 'IPv6 Prefix too long (according to Server IP Addresses)';
+ }
+ if($v6_prefix_ok <> 1){
+ $this->errorMessage .= $errmsg."<br />\r\n";
+ }
+ break;
+ case 'ISIPV4':
+ $vip=1;
+ if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
$groups=explode(".",$field_value);
foreach($groups as $group){
if($group<0 OR $group>255)
@@ -869,6 +966,27 @@
}
}
break;
+ case 'RANGE':
+ //* Checks if the value is within the given range or above / below a value
+ //* Range examples: < 10 = ":10", between 2 and 10 = "2:10", above 5 = "5:".
+ $range_parts = explode(':',trim($validator['range']));
+ $ok = true;
+ if($range_parts[0] != '' && $field_value < $range_parts[0]) {
+ $ok = false;
+ }
+ if($range_parts[1] != '' && $field_value > $range_parts[1]) {
+ $ok = false;
+ }
+ if($ok != true) {
+ $errmsg = $validator['errmsg'];
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br />\r\n";
+ }
+ }
+ unset($range_parts);
+ break;
case 'CUSTOM':
// Calls a custom class to validate this record
if($validator['class'] != '' and $validator['function'] != '') {
@@ -892,7 +1010,7 @@
}
/**
- * Create the SQL staement.
+ * Create SQL statement
*
* @param record = Datensatz als Array
* @param action = INSERT oder UPDATE
@@ -918,7 +1036,7 @@
$this->action = $action;
$this->primary_id = $primary_id;
- $record = $this->encode($record,$tab);
+ $record = $this->encode($record,$tab,true);
$sql_insert_key = '';
$sql_insert_val = '';
$sql_update = '';
@@ -1041,7 +1159,7 @@
//* return a empty string if there is nothing to update
if(trim($sql_update) == '') $sql = '';
}
-
+
return $sql;
}
@@ -1086,7 +1204,7 @@
$app->uses('tform_tpl_generator');
$app->tform_tpl_generator->buildHTML($this->formDef,$tab['name']);
}
-
+ $app->tpl->setVar('readonly_tab', (isset($tab['readonly']) && $tab['readonly'] == true));
$app->tpl->setInclude('content_tpl',$tab["template"]);
$tab["active"] = 1;
$_SESSION["s"]["form"]["tab"] = $tab['name'];
--
Gitblit v1.9.1