From 2c08dfea5d8141e8a46f77275134c21fca1cdc01 Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Wed, 05 Sep 2012 04:03:09 -0400
Subject: [PATCH] Implemented: FS#1933 - Folder Protection feature may destroy existing .htaccess file
---
interface/lib/classes/tform_actions.inc.php | 32 +++++++++++++++++++-------------
1 files changed, 19 insertions(+), 13 deletions(-)
diff --git a/interface/lib/classes/tform_actions.inc.php b/interface/lib/classes/tform_actions.inc.php
index b280d26..d536f4b 100644
--- a/interface/lib/classes/tform_actions.inc.php
+++ b/interface/lib/classes/tform_actions.inc.php
@@ -107,17 +107,19 @@
// Save record in database
$this->onUpdateSave($sql);
-
+ $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_update_save',array('page_form'=>$this, 'sql'=>$sql));
+
// loading plugins
$next_tab = $app->tform->getCurrentTab();
$this->loadPlugins($next_tab);
// Call plugin
foreach($this->plugins as $plugin) {
- $plugin->onInsert();
+ $plugin->onUpdate();
}
$this->onAfterUpdate();
+ $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_after_update',$this);
// Write data history (sys_datalog)
if($app->tform->formDef['db_history'] == 'yes') {
@@ -138,7 +140,7 @@
session_write_close();
header($redirect);
// When a returnto variable is set
- } elseif ($_SESSION["s"]["form"]["return_to_url"] != '') {
+ } elseif (isset($_SESSION["s"]["form"]["return_to_url"]) && $_SESSION["s"]["form"]["return_to_url"] != '') {
$redirect = $_SESSION["s"]["form"]["return_to_url"];
$_SESSION["s"]["form"]["return_to_url"] = '';
session_write_close();
@@ -184,7 +186,8 @@
if($app->tform->errorMessage == '') {
$this->id = $this->onInsertSave($sql);
-
+ $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_insert_save',array('page_form'=>$this, 'sql'=>$sql));
+
// loading plugins
$next_tab = $app->tform->getCurrentTab();
$this->loadPlugins($next_tab);
@@ -195,7 +198,8 @@
}
$this->onAfterInsert();
-
+ $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_after_insert',$this);
+
// Write data history (sys_datalog)
if($app->tform->formDef['db_history'] == 'yes') {
$new_data_record = $app->tform->getDataRecord($this->id);
@@ -214,9 +218,10 @@
header($redirect);
exit;
} elseif ($_SESSION["s"]["form"]["return_to_url"] != '') {
+ $redirect = $_SESSION["s"]["form"]["return_to_url"];
$_SESSION["s"]["form"]["return_to_url"] = '';
session_write_close();
- header("Location: ".$_SESSION["s"]["form"]["return_to_url"]);
+ header("Location: ".$redirect);
exit;
} else {
header("Location: ".$app->tform->formDef['list_default']);
@@ -313,13 +318,14 @@
$next_tab = $app->tform->getCurrentTab();
$this->loadPlugins($next_tab);
-
+
// Call plugin
foreach($this->plugins as $plugin) {
$plugin->onDelete();
}
$this->onAfterDelete();
+ $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_after_delete',$this);
}
//header("Location: ".$liste["file"]."?PHPSESSID=".$_SESSION["s"]["id"]);
@@ -359,7 +365,7 @@
if($app->tform->formDef['auth'] == 'no') {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
@@ -400,7 +406,7 @@
if($app->tform->formDef['auth'] == 'no') {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
@@ -436,7 +442,7 @@
if($app->tform->formDef['auth'] == 'no') {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
@@ -480,7 +486,7 @@
$navibar .= '<a href="'.$app->tform->formDef['action'].'?id='.$this->id.'&print_form=1" target="_blank"><img src="../themes/iprg/icons/printer.png" border="0" alt="Drucken" /></a> ';
}
if($app->tform->formDef['template_mailsend'] != '') {
- $navibar .= "<a href=\"#\" onClick=\"window.open('".$app->tform->formDef['action'].'?id='.$this->id."&send_form_by_mail=1','send','width=370,height=240')\"><img src=\"../themes/iprg/icons/mail.png\" border=\"0\" alt=\"Als E-Mail versenden\" /></a>";
+ $navibar .= "<a href=\"#\" onclick=\"window.open('".$app->tform->formDef['action'].'?id='.$this->id."&send_form_by_mail=1','send','width=370,height=240')\"><img src=\"../themes/iprg/icons/mail.png\" border=\"0\" alt=\"Als E-Mail versenden\" /></a>";
}
$app->tpl->setVar('form_navibar',$navibar);
}
@@ -527,14 +533,14 @@
// bestehenden Datensatz anzeigen
if($app->tform->errorMessage == '') {
if($app->tform->formDef['auth'] == 'yes' && $_SESSION["s"]["user"]["typ"] != 'admin') {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
} else {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
} else {
// $record = $app->tform->encode($_POST,$this->active_tab);
- $record = $app->tform->encode($this->dataRecord,$this->active_tab);
+ $record = $app->tform->encode($this->dataRecord,$this->active_tab,false);
}
$this->dataRecord = $record;
--
Gitblit v1.9.1