From a464e1f42fd73ae080df752c6a1c1a57d73deb43 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Wed, 03 Oct 2012 05:49:21 -0400
Subject: [PATCH] Fixed: FS#2417 - Custom awstats_index.php.master
---
interface/lib/classes/tform.inc.php | 215 +++++++++++++++++++++++++++++++++++++++++++----------
1 files changed, 173 insertions(+), 42 deletions(-)
diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php
index e58af0d..7789a81 100644
--- a/interface/lib/classes/tform.inc.php
+++ b/interface/lib/classes/tform.inc.php
@@ -54,14 +54,14 @@
* SEPARATOR
* - separator char used for fileds with multiple values
*
-* Hint: The auto increment (ID) filed of the table has not be be definied eoarately.
+* Hint: The auto increment (ID) filed of the table has not be be definied separately.
*
*/
class tform {
/**
- * Table definition (array)
+ * Definition of the database table (array)
* @var tableDef
*/
var $tableDef;
@@ -79,25 +79,25 @@
var $table_name;
/**
- * Enable debigging
+ * Debug Variable
* @var debug
*/
var $debug = 0;
/**
- * name of the primary field of the datbase table (string)
+ * name of the primary field of the database table (string)
* @var table_index
*/
var $table_index;
/**
- * contains the error message
+ * contains the error messages
* @var errorMessage
*/
var $errorMessage = '';
var $dateformat = "d.m.Y";
- var $formDef;
+ var $formDef = array();
var $wordbook;
var $module;
var $primary_id;
@@ -124,7 +124,7 @@
function loadFormDef($file,$module = '') {
global $app,$conf;
- include_once($file);
+ include($file);
$this->formDef = $form;
$this->module = $module;
@@ -150,6 +150,8 @@
if(isset($wb_global)) unset($wb_global);
$this->wordbook = $wb;
+
+ $this->dateformat = $app->lng('conf_format_dateshort');
return true;
}
@@ -167,11 +169,17 @@
if(!is_array($this->formDef['tabs'][$tab])) $app->error("Tab does not exist or the tab is empty (TAB: $tab).");
$new_record = '';
$table_idx = $this->formDef['db_table_idx'];
- if(isset($record[$table_idx])) $new_record[$table_idx] = intval($record[$table_idx ]);
+ if(isset($record[$table_idx])) $new_record[$table_idx] = $app->functions->intval($record[$table_idx ]);
if(is_array($record)) {
- foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) {
- switch ($field['datatype']) {
+ foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) {
+
+ //* Apply filter to record value.
+ if(isset($field['filters']) && is_array($field['filters'])) {
+ $record[$key] = $this->filterField($key, (isset($record[$key]))?$record[$key]:'', $field['filters'], 'SHOW');
+ }
+
+ switch ($field['datatype']) {
case 'VARCHAR':
$new_record[$key] = $record[$key];
break;
@@ -194,7 +202,7 @@
break;
case 'INTEGER':
- $new_record[$key] = intval($record[$key]);
+ $new_record[$key] = $app->functions->intval($record[$key]);
break;
case 'DOUBLE':
@@ -216,7 +224,7 @@
}
/**
- * Get the key => value array of a form filed from a datasource definitiom
+ * Get the key => value array of a form filled from a datasource definitiom
*
* @param field = array with field definition
* @param record = Dataset as array
@@ -239,7 +247,6 @@
$table_idx = $this->formDef['db_table_idx'];
$tmp_recordid = (isset($record[$table_idx]))?$record[$table_idx]:0;
- //$tmp_recordid = intval($this->primary_id);
$querystring = str_replace("{RECORDID}",$tmp_recordid,$querystring);
unset($tmp_recordid);
@@ -268,6 +275,17 @@
} else {
$this->errorMessage .= "Custom datasource class or function is empty<br />\r\n";
}
+ }
+
+ if(isset($field['filters']) && is_array($field['filters'])) {
+ $new_values = array();
+ foreach($values as $index => $value) {
+ $new_index = $this->filterField($index, $index, $field['filters'], 'SHOW');
+ $new_values[$new_index] = $this->filterField($index, (isset($values[$index]))?$values[$index]:'', $field['filters'], 'SHOW');
+ }
+ $values = $new_values;
+ unset($new_values);
+ unset($new_index);
}
return $values;
@@ -362,7 +380,12 @@
$record = $this->decode($record,$tab);
if(is_array($record)) {
foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) {
- $val = $record[$key];
+
+ if(isset($record[$key])) {
+ $val = $record[$key];
+ } else {
+ $val = '';
+ }
// If Datasource is set, get the data from there
if(isset($field['datasource']) && is_array($field['datasource'])) {
@@ -387,7 +410,7 @@
$selected = ($k == $val)?' SELECTED':'';
if(!empty($this->wordbook[$v]))
$v = $this->wordbook[$v];
- $out .= "<option value='$k'$selected>$v</option>\r\n";
+ $out .= "<option value='$k'$selected>".$this->lng($v)."</option>\r\n";
}
}
$new_record[$key] = $out;
@@ -476,7 +499,11 @@
break;
default:
+ if(isset($record[$key])) {
$new_record[$key] = htmlspecialchars($record[$key]);
+ } else {
+ $new_record[$key] = '';
+ }
}
}
}
@@ -608,8 +635,15 @@
if(is_array($record)) {
foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) {
-
- if(isset($field['validators']) && is_array($field['validators'])) $this->validateField($key, (isset($record[$key]))?$record[$key]:'', $field['validators']);
+
+ //* Apply filter to record value
+ if(isset($field['filters']) && is_array($field['filters'])) {
+ $record[$key] = $this->filterField($key, (isset($record[$key]))?$record[$key]:'', $field['filters'], 'SAVE');
+ }
+ //* Validate record value
+ if(isset($field['validators']) && is_array($field['validators'])) {
+ $this->validateField($key, (isset($record[$key]))?$record[$key]:'', $field['validators']);
+ }
switch ($field['datatype']) {
case 'VARCHAR':
@@ -653,7 +687,7 @@
}
break;
case 'INTEGER':
- $new_record[$key] = (isset($record[$key]))?$record[$key]:0;
+ $new_record[$key] = (isset($record[$key]))?$app->functions->intval($record[$key]):0;
//if($new_record[$key] != $record[$key]) $new_record[$key] = $field['default'];
//if($key == 'refresh') die($record[$key]);
break;
@@ -692,6 +726,46 @@
}
}
return $new_record;
+ }
+
+ /**
+ * process the filters for a given field.
+ *
+ * @param field_name = Name of the field
+ * @param field_value = value of the field
+ * @param filters = Array of filters
+ * @param filter_event = 'SAVE'or 'SHOW'
+ * @return record
+ */
+
+ function filterField($field_name, $field_value, $filters, $filter_event) {
+
+ global $app;
+ $returnval = $field_value;
+
+ //* Loop trough all filters
+ foreach($filters as $filter) {
+ if($filter['event'] == $filter_event) {
+ switch ($filter['type']) {
+ case 'TOLOWER':
+ $returnval = strtolower($returnval);
+ break;
+ case 'TOUPPER':
+ $returnval = strtoupper($returnval);
+ break;
+ case 'IDNTOASCII':
+ $returnval = $app->functions->idn_encode($returnval);
+ break;
+ case 'IDNTOUTF8':
+ $returnval = $app->functions->idn_decode($returnval);
+ break;
+ default:
+ $this->errorMessage .= "Unknown Filter: ".$filter['type'];
+ break;
+ }
+ }
+ }
+ return $returnval;
}
/**
@@ -758,7 +832,17 @@
}
break;
case 'ISEMAIL':
- if(!preg_match("/^\w+[\w\.\-\+]*\w{0,}@\w+[\w.-]*\w+\.[a-zA-Z0-9\-]{2,30}$/i", $field_value)) {
+ if(function_exists('filter_var')) {
+ if(filter_var($field_value, FILTER_VALIDATE_EMAIL) === false) {
+ $errmsg = $validator['errmsg'];
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br />\r\n";
+ }
+ }
+ } else {
+ if(!preg_match("/^\w+[\w\.\-\+]*\w{0,}@\w+[\w.-]*\w+\.[a-zA-Z0-9\-]{2,30}$/i", $field_value)) {
$errmsg = $validator['errmsg'];
if(isset($this->wordbook[$errmsg])) {
$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
@@ -766,9 +850,20 @@
$this->errorMessage .= $errmsg."<br />\r\n";
}
}
+ }
break;
case 'ISINT':
- $tmpval = intval($field_value);
+ if(function_exists('filter_var')) {
+ if($field_value != '' && filter_var($field_value, FILTER_VALIDATE_INT) === false) {
+ $errmsg = $validator['errmsg'];
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br />\r\n";
+ }
+ }
+ } else {
+ $tmpval = $app->functions->intval($field_value);
if($tmpval === 0 and !empty($field_value)) {
$errmsg = $validator['errmsg'];
if(isset($this->wordbook[$errmsg])) {
@@ -777,6 +872,7 @@
$this->errorMessage .= $errmsg."<br />\r\n";
}
}
+ }
break;
case 'ISPOSITIVE':
if(!is_numeric($field_value) || $field_value <= 0){
@@ -806,6 +902,57 @@
}
}
break;
+ case 'ISIP':
+ //* Check if its a IPv4 or IPv6 address
+ if(function_exists('filter_var')) {
+ if(!filter_var($field_value,FILTER_VALIDATE_IP)) {
+ $errmsg = $validator['errmsg'];
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br />\r\n";
+ }
+ }
+ } else {
+ //* Check content with regex, if we use php < 5.2
+ $ip_ok = 0;
+ if(preg_match("/^(\:\:([a-f0-9]{1,4}\:){0,6}?[a-f0-9]{0,4}|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){0,6}?\:\:|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){1,6}?\:\:([a-f0-9]{1,4}\:){1,6}?[a-f0-9]{1,4})(\/\d{1,3})?$/i", $field_value)){
+ $ip_ok = 1;
+ }
+ if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
+ $ip_ok = 1;
+ }
+ if($ip_ok == 0) {
+ $errmsg = $validator['errmsg'];
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br />\r\n";
+ }
+ }
+ }
+ break;
+ case 'RANGE':
+ //* Checks if the value is within the given range or above / below a value
+ //* Range examples: < 10 = ":10", between 2 and 10 = "2:10", above 5 = "5:".
+ $range_parts = explode(':',trim($validator['range']));
+ $ok = true;
+ if($range_parts[0] != '' && $field_value < $range_parts[0]) {
+ $ok = false;
+ }
+ if($range_parts[1] != '' && $field_value > $range_parts[1]) {
+ $ok = false;
+ }
+ if($ok != true) {
+ $errmsg = $validator['errmsg'];
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br />\r\n";
+ }
+ }
+ unset($range_parts);
+ break;
case 'CUSTOM':
// Calls a custom class to validate this record
if($validator['class'] != '' and $validator['function'] != '') {
@@ -829,7 +976,7 @@
}
/**
- * Create the SQL staement.
+ * Create SQL statement
*
* @param record = Datensatz als Array
* @param action = INSERT oder UPDATE
@@ -855,7 +1002,7 @@
$this->action = $action;
$this->primary_id = $primary_id;
- $record = $this->encode($record,$tab);
+ $record = $this->encode($record,$tab,true);
$sql_insert_key = '';
$sql_insert_val = '';
$sql_update = '';
@@ -873,15 +1020,7 @@
if($field['formtype'] == 'PASSWORD') {
$sql_insert_key .= "`$key`, ";
if($field['encryption'] == 'CRYPT') {
- $salt="$1$";
- $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
- for ($n=0;$n<8;$n++) {
- //$salt.=chr(mt_rand(64,126));
- $salt.=$base64_alphabet[mt_rand(0,63)];
- }
- $salt.="$";
- // $salt = substr(md5(time()),0,2);
- $record[$key] = crypt(stripslashes($record[$key]),$salt);
+ $record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
} elseif ($field['encryption'] == 'MYSQL') {
$sql_insert_val .= "PASSWORD('".$app->db->quote($record[$key])."'), ";
@@ -908,15 +1047,7 @@
} else {
if($field['formtype'] == 'PASSWORD') {
if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') {
- $salt="$1$";
- $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
- for ($n=0;$n<8;$n++) {
- //$salt.=chr(mt_rand(64,126));
- $salt.=$base64_alphabet[mt_rand(0,63)];
- }
- $salt.="$";
- // $salt = substr(md5(time()),0,2);
- $record[$key] = crypt(stripslashes($record[$key]),$salt);
+ $record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
} elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') {
$sql_update .= "`$key` = PASSWORD('".$app->db->quote($record[$key])."'), ";
@@ -994,7 +1125,7 @@
//* return a empty string if there is nothing to update
if(trim($sql_update) == '') $sql = '';
}
-
+
return $sql;
}
@@ -1039,7 +1170,7 @@
$app->uses('tform_tpl_generator');
$app->tform_tpl_generator->buildHTML($this->formDef,$tab['name']);
}
-
+ $app->tpl->setVar('readonly_tab', (isset($tab['readonly']) && $tab['readonly'] == true));
$app->tpl->setInclude('content_tpl',$tab["template"]);
$tab["active"] = 1;
$_SESSION["s"]["form"]["tab"] = $tab['name'];
--
Gitblit v1.9.1