From 81d79a79e4b29e9314b64b2e4c49b48ae8319767 Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Tue, 11 Oct 2011 08:50:45 -0400
Subject: [PATCH] - WebDAV Users: show only domains that run on Apache (because nginx does not have full WebDAV support).
---
interface/lib/classes/tform_actions.inc.php | 119 +++++++++++++++++++++++++++++++++++++----------------------
1 files changed, 74 insertions(+), 45 deletions(-)
diff --git a/interface/lib/classes/tform_actions.inc.php b/interface/lib/classes/tform_actions.inc.php
index 131752d..5c03b27 100644
--- a/interface/lib/classes/tform_actions.inc.php
+++ b/interface/lib/classes/tform_actions.inc.php
@@ -1,7 +1,7 @@
<?php
/*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
@@ -28,19 +28,13 @@
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/**
-* Action framework for the tform library.
-*
-* @author Till Brehm <t.brehm@scrigo.org>
-* @copyright Copyright © 2005, Till Brehm
-*/
-
class tform_actions {
- var $id;
- var $activeTab;
- var $dataRecord;
- var $plugins = array();
+ public $id;
+ public $activeTab;
+ public $dataRecord;
+ public $plugins = array();
+ public $oldDataRecord; // This array is only filled during updates and when db_history is enabled.
function onLoad() {
global $app, $conf, $tform_def_file;
@@ -55,15 +49,17 @@
$app->tform->loadFormDef($tform_def_file);
// Importing ID
- $this->id = intval($_REQUEST["id"]);
+ $this->id = (isset($_REQUEST["id"]))?intval($_REQUEST["id"]):0;
// show print version of the form
- if($_GET["print_form"] == 1) {
+ if(isset($_GET["print_form"]) && $_GET["print_form"] == 1) {
+ die('Function disabled.');
$this->onPrintForm();
}
// send this form by email
- if($_GET["send_form_by_mail"] == 1) {
+ if(isset($_GET["send_form_by_mail"]) && $_GET["send_form_by_mail"] == 1) {
+ die('Function disabled.');
$this->onMailSendForm();
}
@@ -84,9 +80,11 @@
// Calling the action functions
if($this->id > 0) {
- $this->onUpdate();
+ $app->tform->action == 'EDIT';
+ $this->onUpdate();
} else {
- $this->onInsert();
+ $app->tform->action == 'NEW';
+ $this->onInsert();
}
}
@@ -98,19 +96,17 @@
global $app, $conf;
$this->onBeforeUpdate();
-
+
$ext_where = '';
$sql = $app->tform->getSQL($this->dataRecord,$app->tform->getCurrentTab(),'UPDATE',$this->id,$ext_where);
if($app->tform->errorMessage == '') {
if($app->tform->formDef['db_history'] == 'yes') {
- $old_data_record = $app->tform->getDataRecord($this->id);
+ $this->oldDataRecord = $app->tform->getDataRecord($this->id);
}
-
- if(!empty($sql)) {
- $app->db->query($sql);
- if($app->db->errorMessage != '') die($app->db->errorMessage);
- }
+
+ // Save record in database
+ $this->onUpdateSave($sql);
// loading plugins
$next_tab = $app->tform->getCurrentTab();
@@ -118,15 +114,16 @@
// Call plugin
foreach($this->plugins as $plugin) {
- $plugin->onInsert();
+ $plugin->onUpdate();
}
-
- $this->onAfterUpdate();
+
+ $this->onAfterUpdate();
+ $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_after_update',$this);
// Write data history (sys_datalog)
if($app->tform->formDef['db_history'] == 'yes') {
$new_data_record = $app->tform->getDataRecord($this->id);
- $app->tform->datalogSave('UPDATE',$this->id,$old_data_record,$new_data_record);
+ $app->tform->datalogSave('UPDATE',$this->id,$this->oldDataRecord,$new_data_record);
unset($new_data_record);
unset($old_data_record);
}
@@ -142,7 +139,7 @@
session_write_close();
header($redirect);
// When a returnto variable is set
- } elseif ($_SESSION["s"]["form"]["return_to_url"] != '') {
+ } elseif (isset($_SESSION["s"]["form"]["return_to_url"]) && $_SESSION["s"]["form"]["return_to_url"] != '') {
$redirect = $_SESSION["s"]["form"]["return_to_url"];
$_SESSION["s"]["form"]["return_to_url"] = '';
session_write_close();
@@ -160,6 +157,19 @@
$this->onError();
}
}
+
+ /*
+ Save record in database
+ */
+
+ function onUpdateSave($sql) {
+ global $app;
+ if(!empty($sql) && !$app->tform->isReadonlyTab($app->tform->getCurrentTab(),$this->id)) {
+ $app->db->query($sql);
+ if($app->db->errorMessage != '') die($app->db->errorMessage);
+ }
+ }
+
/**
* Function called on data insert
@@ -173,9 +183,8 @@
$ext_where = '';
$sql = $app->tform->getSQL($this->dataRecord,$app->tform->getCurrentTab(),'INSERT',$this->id,$ext_where);
if($app->tform->errorMessage == '') {
- $app->db->query($sql);
- if($app->db->errorMessage != '') die($app->db->errorMessage);
- $this->id = $app->db->insertID();
+
+ $this->id = $this->onInsertSave($sql);
// loading plugins
$next_tab = $app->tform->getCurrentTab();
@@ -187,7 +196,8 @@
}
$this->onAfterInsert();
-
+ $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_after_insert',$this);
+
// Write data history (sys_datalog)
if($app->tform->formDef['db_history'] == 'yes') {
$new_data_record = $app->tform->getDataRecord($this->id);
@@ -221,6 +231,17 @@
$this->onError();
}
}
+
+ /*
+ Save record in database
+ */
+
+ function onInsertSave($sql) {
+ global $app, $conf;
+ $app->db->query($sql);
+ if($app->db->errorMessage != '') die($app->db->errorMessage);
+ return $app->db->insertID();
+ }
function onBeforeUpdate() {
global $app, $conf;
@@ -246,7 +267,7 @@
function onError() {
global $app, $conf;
- $app->tpl->setVar("error","<b>".$app->lng('Error').":</b><br>".$app->tform->errorMessage);
+ $app->tpl->setVar("error","<li>".$app->tform->errorMessage."</li>");
$app->tpl->setVar($this->dataRecord);
$this->onShow();
}
@@ -278,6 +299,8 @@
//$this->dataRecord = $app->db->queryOneRecord("SELECT * FROM ".$liste["table"]." WHERE ".$liste["table_idx"]." = ".$this->id);
$this->dataRecord = $app->tform->getDataRecord($this->id);
+
+ $this->onBeforeDelete();
// Saving record to datalog when db_history enabled
if($app->tform->formDef["db_history"] == 'yes') {
@@ -285,19 +308,21 @@
$app->tform->datalogSave('DELETE',$this->id,$this->dataRecord,array());
}
- $app->db->query("DELETE FROM ".$liste["table"]." WHERE ".$liste["table_idx"]." = ".$this->id." LIMIT 0,1");
+ $app->db->query("DELETE FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." LIMIT 1");
+
// loading plugins
$next_tab = $app->tform->getCurrentTab();
$this->loadPlugins($next_tab);
-
+
// Call plugin
foreach($this->plugins as $plugin) {
$plugin->onDelete();
}
$this->onAfterDelete();
+ $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_after_delete',$this);
}
//header("Location: ".$liste["file"]."?PHPSESSID=".$_SESSION["s"]["id"]);
@@ -312,6 +337,10 @@
}
exit;
+ }
+
+ function onBeforeDelete() {
+ global $app, $conf;
}
function onAfterDelete() {
@@ -333,7 +362,7 @@
if($app->tform->formDef['auth'] == 'no') {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
@@ -374,7 +403,7 @@
if($app->tform->formDef['auth'] == 'no') {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
@@ -394,11 +423,11 @@
$headers .= "Content-type: text/html; charset=iso-8859-1\n";
$headers .= "From: $sender\n";
- if (!ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+' . '@' . '([-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.)+' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $sender)) {
+ if (!preg_match('/^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+' . '@' . '([-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.)+' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$/', $sender)) {
$sender = 'noreply@iprguard.de';
}
- if (ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+' . '@' . '([-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.)+' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $email)) {
+ if (preg_match('/^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+' . '@' . '([-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.)+' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$/', $email)) {
mail($email, 'Domainrecherche Statement '.$record["domain"], $email_message, $headers);
}
echo "<p> </p><p>Email wurde versand.</p>";
@@ -410,7 +439,7 @@
if($app->tform->formDef['auth'] == 'no') {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
@@ -448,7 +477,7 @@
$app->tpl_defaults();
// Show the navigation bar of the form
- if($app->tform->formDef['navibar'] == 'yes') {
+ if(isset($app->tform->formDef['navibar']) && $app->tform->formDef['navibar'] == 'yes') {
$navibar = '';
if($app->tform->formDef['template_print'] != '') {
$navibar .= '<a href="'.$app->tform->formDef['action'].'?id='.$this->id.'&print_form=1" target="_blank"><img src="../themes/iprg/icons/printer.png" border="0" alt="Drucken" /></a> ';
@@ -501,14 +530,14 @@
// bestehenden Datensatz anzeigen
if($app->tform->errorMessage == '') {
if($app->tform->formDef['auth'] == 'yes' && $_SESSION["s"]["user"]["typ"] != 'admin') {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
} else {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
} else {
// $record = $app->tform->encode($_POST,$this->active_tab);
- $record = $app->tform->encode($this->dataRecord,$this->active_tab);
+ $record = $app->tform->encode($this->dataRecord,$this->active_tab,false);
}
$this->dataRecord = $record;
@@ -529,7 +558,7 @@
function loadPlugins($next_tab) {
global $app;
- if(is_array($app->tform->formDef["tabs"][$next_tab]["plugins"])) {
+ if(@is_array($app->tform->formDef["tabs"][$next_tab]["plugins"])) {
$app->load('plugin_base');
foreach($app->tform->formDef["tabs"][$next_tab]["plugins"] as $plugin_name => $plugin_settings) {
$plugin_class = $plugin_settings["class"];
--
Gitblit v1.9.1