From a5b276444c1e2fa9c960131723ffd6955fb92f48 Mon Sep 17 00:00:00 2001
From: karailiev <karailiev@ispconfig3>
Date: Tue, 11 Aug 2009 15:20:21 -0400
Subject: [PATCH] ticket 827 For some reason till has made the version number not to load when no user is logged in. Due to ajax login the version number remains not loaded even after login until the whole page is reloaded. I didn't find any comment why is this done, so I revert it.
---
interface/lib/classes/tform.inc.php | 248 +++++++++++++++++++++++++++++++++++++++++-------
1 files changed, 209 insertions(+), 39 deletions(-)
diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php
index 813ff80..04104de 100644
--- a/interface/lib/classes/tform.inc.php
+++ b/interface/lib/classes/tform.inc.php
@@ -130,9 +130,7 @@
$this->module = $module;
$wb = array();
- $lng_file = ISPC_WEB_PATH.'/lang/lib/lang/'.$_SESSION['s']['language'].'_tform.lng';
- if(!file_exists($lng_file)) $lng_file = ISPC_WEB_PATH.'/lang/lib/lang/en'.'_tform.lng';
- include($lng_file);
+ include_once(ISPC_ROOT_PATH.'/lib/lang/'.$_SESSION['s']['language'].'.lng');
if($module == '') {
$lng_file = "lib/lang/".$_SESSION["s"]["language"]."_".$this->formDef["name"].".lng";
if(!file_exists($lng_file)) $lng_file = "lib/lang/en_".$this->formDef["name"].".lng";
@@ -162,11 +160,11 @@
foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) {
switch ($field['datatype']) {
case 'VARCHAR':
- $new_record[$key] = stripslashes($record[$key]);
+ $new_record[$key] = $record[$key];
break;
case 'TEXT':
- $new_record[$key] = stripslashes($record[$key]);
+ $new_record[$key] = $record[$key];
break;
case 'DATE':
@@ -188,7 +186,7 @@
break;
default:
- $new_record[$key] = stripslashes($record[$key]);
+ $new_record[$key] = $record[$key];
}
}
@@ -254,6 +252,72 @@
return $values;
}
+
+ //* If the parameter 'valuelimit' is set
+ function applyValueLimit($limit,$values) {
+
+ global $app;
+
+ $limit_parts = explode(':',$limit);
+
+ //* values are limited to a comma separated list
+ if($limit_parts[0] == 'list') {
+ $allowed = explode(',',$limit_parts[1]);
+ }
+
+ //* values are limited to a field in the client settings
+ if($limit_parts[0] == 'client') {
+ if($_SESSION["s"]["user"]["typ"] == 'admin') {
+ return $values;
+ } else {
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $client = $app->db->queryOneRecord("SELECT ".$limit_parts[1]." as lm FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+ $allowed = explode(',',$client['lm']);
+ }
+ }
+
+ //* values are limited to a field in the reseller settings
+ if($limit_parts[0] == 'reseller') {
+ if($_SESSION["s"]["user"]["typ"] == 'admin') {
+ return $values;
+ } else {
+ //* Get the limits of the client that is currently logged in
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+ //echo "SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id";
+ //* If the client belongs to a reseller, we will check against the reseller Limit too
+ if($client['parent_client_id'] != 0) {
+
+ //* first we need to know the groups of this reseller
+ $tmp = $app->db->queryOneRecord("SELECT userid, groups FROM sys_user WHERE client_id = ".$client['parent_client_id']);
+ $reseller_groups = $tmp["groups"];
+ $reseller_userid = $tmp["userid"];
+
+ // Get the limits of the reseller of the logged in client
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $reseller = $app->db->queryOneRecord("SELECT ".$limit_parts[1]." as lm FROM client WHERE client_id = ".$client['parent_client_id']);
+ $allowed = explode(',',$reseller['lm']);
+ } else {
+ return $values;
+ }
+ } // end if admin
+ } // end if reseller
+
+ //* values are limited to a field in the system settings
+ if($limit_parts[0] == 'system') {
+ $app->uses('getconf');
+ $tmp_conf = $app->getconf->get_global_config($limit_parts[1]);
+ $tmp_key = $limit_parts[2];
+ $allowed = $tmp_conf[$tmp_key];
+ }
+
+ $values_new = array();
+ foreach($values as $key => $val) {
+ if(in_array($key,$allowed)) $values_new[$key] = $val;
+ }
+
+ return $values_new;
+ }
/**
@@ -283,6 +347,11 @@
if(isset($field['datasource']) && is_array($field['datasource'])) {
$field["value"] = $this->getDatasourceData($field, $record);
}
+
+ // If a limitation for the values is set
+ if(isset($field['valuelimit']) && is_array($field["value"])) {
+ $field["value"] = $this->applyValueLimit($field['valuelimit'],$field["value"]);
+ }
switch ($field['formtype']) {
case 'SELECT':
@@ -322,7 +391,7 @@
case 'CHECKBOX':
$checked = ($val == $field['value'][1])?' CHECKED':'';
- $new_record[$key] = "<input name=\"".$key."\" type=\"checkbox\" value=\"".$field['value'][1]."\" $checked>\r\n";
+ $new_record[$key] = "<input name=\"".$key."\" id=\"".$key."\" value=\"".$field['value'][1]."\" type=\"checkbox\" $checked />\r\n";
break;
case 'CHECKBOXARRAY':
@@ -339,10 +408,8 @@
foreach($vals as $tvl) {
if(trim($tvl) == trim($k)) $checked = ' CHECKED';
}
- $out .= "<span class=\"wf_oneChoice\">\r\n
- <input type=\"checkbox\" value=\"$k\" id=\"".$key."[]\" name=\"".$key."[]\" $checked>\r\n
- <label for=\"".$key."[]\" id=\"".$key."[]-L\" class=\"wf_postField\">$v</label>\r\n
- </span><br />\r\n";
+ // $out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v</label>\r\n";
+ $out .= "<input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v \r\n";
}
}
$new_record[$key] = $out;
@@ -355,10 +422,8 @@
$out = '';
foreach($field['value'] as $k => $v) {
$checked = ($k == $val)?' CHECKED':'';
- $out .= "<span class=\"wf_oneChoice\">\r\n
- <input type=\"radio\" value=\"$k\" id=\"".$key."[]\" name=\"".$key."[]\" $checked>\r\n
- <label for=\"".$key."[]\" id=\"".$key."[]-L\" class=\"wf_postField\">$v</label>\r\n
- </span><br />\r\n";
+ //$out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v</label>\r\n";
+ $out .= "<input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v\r\n";
}
}
$new_record[$key] = $out;
@@ -375,8 +440,13 @@
// If Datasource is set, get the data from there
if(@is_array($field['datasource'])) {
- $field["value"] = $this->getDatasourceData($field, $record);
+ $field["value"] = $this->getDatasourceData($field, $record);
}
+
+ // If a limitation for the values is set
+ if(isset($field['valuelimit']) && is_array($field["value"])) {
+ $field["value"] = $this->applyValueLimit($field['valuelimit'],$field["value"]);
+ }
switch ($field['formtype']) {
case 'SELECT':
@@ -413,7 +483,7 @@
case 'CHECKBOX':
// $checked = (empty($field["default"]))?'':' CHECKED';
$checked = ($field["default"] == $field['value'][1])?' CHECKED':'';
- $new_record[$key] = "<input name=\"".$key."\" type=\"checkbox\" value=\"".$field['value'][1]."\" $checked>\r\n";
+ $new_record[$key] = "<input name=\"".$key."\" id=\"".$key."\" value=\"".$field['value'][1]."\" type=\"checkbox\" $checked />\r\n";
break;
case 'CHECKBOXARRAY':
@@ -430,10 +500,8 @@
foreach($vals as $tvl) {
if(trim($tvl) == trim($k)) $checked = ' CHECKED';
}
- $out .= "<span class=\"wf_oneChoice\">\r\n
- <input type=\"checkbox\" value=\"$k\" id=\"".$key."[]\" name=\"".$key."[]\" $checked>\r\n
- <label for=\"".$key."[]\" id=\"".$key."[]-L\" class=\"wf_postField\">$v</label>\r\n
- </span><br />\r\n";
+ // $out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v</label>\r\n";
+ $out .= "<input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v \r\n";
}
}
$new_record[$key] = $out;
@@ -446,10 +514,8 @@
$out = '';
foreach($field['value'] as $k => $v) {
$checked = ($k == $field["default"])?' CHECKED':'';
- $out .= "<span class=\"wf_oneChoice\">\r\n
- <input type=\"radio\" value=\"$k\" id=\"".$key."[]\" name=\"".$key."[]\" $checked>\r\n
- <label for=\"".$key."[]\" id=\"".$key."[]-L\" class=\"wf_postField\">$v</label>\r\n
- </span><br />\r\n";
+ //$out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v</label>\r\n";
+ $out .= "<input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v\r\n";
}
}
$new_record[$key] = $out;
@@ -488,7 +554,7 @@
switch ($field['datatype']) {
case 'VARCHAR':
if(!@is_array($record[$key])) {
- $new_record[$key] = (isset($record[$key]))?$app->db->quote($record[$key]):'';
+ $new_record[$key] = (isset($record[$key]))?$app->db->quote($record[$key]):'';
} else {
$new_record[$key] = implode($field['separator'],$record[$key]);
}
@@ -632,14 +698,22 @@
}
break;
case 'ISIPV4':
- if(!preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)) {
- $errmsg = $validator['errmsg'];
- if(isset($this->wordbook[$errmsg])) {
- $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
- } else {
- $this->errorMessage .= $errmsg."<br />\r\n";
- }
- }
+ $vip=1;
+ if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
+ $groups=explode(".",$field_value);
+ foreach($groups as $group){
+ if($group<0 OR $group>255)
+ $vip=0;
+ }
+ }else{$vip=0;}
+ if($vip==0) {
+ $errmsg = $validator['errmsg'];
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br />\r\n";
+ }
+ }
break;
case 'CUSTOM':
// Calls a custom class to validate this record
@@ -695,10 +769,10 @@
$sql_insert_val = '';
$sql_update = '';
- if(!is_array($this->formDef)) $app->error("Keine Formulardefinition vorhanden.");
- if(!is_array($this->formDef['tabs'][$tab])) $app->error("Tab ist leer oder existiert nicht (TAB: $tab).");
+ if(!is_array($this->formDef)) $app->error("Form definition not found.");
+ if(!is_array($this->formDef['tabs'][$tab])) $app->error("The tab is empty or does not exist (TAB: $tab).");
- // gehe durch alle Felder des Tabs
+ // go trough all fields of the tab
if(is_array($record)) {
foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) {
// Wenn es kein leeres Passwortfeld ist
@@ -822,6 +896,8 @@
$app->error("Primary ID fehlt!");
}
}
+ //* return a empty string if there is nothing to update
+ if(trim($sql_update) == '') $sql = '';
}
return $sql;
@@ -1066,8 +1142,21 @@
return $_SESSION["s"]["form"]["tab"];
}
- function isReadonlyTab($tab) {
- if(isset($this->formDef['tabs'][$tab]['readonly']) && $this->formDef['tabs'][$tab]['readonly'] == true) {
+ function isReadonlyTab($tab, $primary_id) {
+ global $app, $conf;
+
+ // Add backticks for incomplete table names.
+ if(stristr($this->formDef['db_table'],'.')) {
+ $escape = '';
+ } else {
+ $escape = '`';
+ }
+
+ $sql = "SELECT sys_userid FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
+ $record = $app->db->queryOneRecord($sql);
+
+ // return true if the readonly flag of the form is set and the current loggedin user is not the owner of the record.
+ if(isset($this->formDef['tabs'][$tab]['readonly']) && $this->formDef['tabs'][$tab]['readonly'] == true && $record['sys_userid'] != $_SESSION["s"]["user"]["userid"]) {
return true;
} else {
return false;
@@ -1086,6 +1175,87 @@
}
}
+
+ function checkClientLimit($limit_name,$sql_where = '') {
+ global $app;
+
+ $check_passed = true;
+ $limit_name = $app->db->quote($limit_name);
+ if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');
+
+ // Get the limits of the client that is currently logged in
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $client = $app->db->queryOneRecord("SELECT $limit_name as number, parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+
+ // Check if the user may add another item
+ if($client["number"] >= 0) {
+ $sql = "SELECT count(".$this->formDef['db_table_idx'].") as number FROM ".$this->formDef['db_table']." WHERE ".$this->getAuthSQL('u');
+ if($sql_where != '') $sql .= ' and '.$sql_where;
+ $tmp = $app->db->queryOneRecord($sql);
+ if($tmp["number"] >= $client["number"]) $check_passed = false;
+ }
+
+ return $check_passed;
+ }
+
+ function checkResellerLimit($limit_name,$sql_where = '') {
+ global $app;
+
+ $check_passed = true;
+ $limit_name = $app->db->quote($limit_name);
+ if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');
+
+ // Get the limits of the client that is currently logged in
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+
+ //* If the client belongs to a reseller, we will check against the reseller Limit too
+ if($client['parent_client_id'] != 0) {
+
+ //* first we need to know the groups of this reseller
+ $tmp = $app->db->queryOneRecord("SELECT userid, groups FROM sys_user WHERE client_id = ".$client['parent_client_id']);
+ $reseller_groups = $tmp["groups"];
+ $reseller_userid = $tmp["userid"];
+
+ // Get the limits of the reseller of the logged in client
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $reseller = $app->db->queryOneRecord("SELECT $limit_name as number FROM client WHERE client_id = ".$client['parent_client_id']);
+
+ // Check if the user may add another item
+ if($reseller["number"] >= 0) {
+ $sql = "SELECT count(".$this->formDef['db_table_idx'].") as number FROM ".$this->formDef['db_table']." WHERE (sys_groupid IN (".$reseller_groups.") or sys_userid = ".$reseller_userid.")";
+ if($sql_where != '') $sql .= ' and '.$sql_where;
+ $tmp = $app->db->queryOneRecord($sql);
+ if($tmp["number"] >= $reseller["number"]) $check_passed = false;
+ }
+ }
+
+ return $check_passed;
+ }
+
+ //* get the difference record of two arrays
+ function getDiffRecord($record_old,$record_new) {
+
+ if(is_array($record_new) && count($record_new) > 0) {
+ foreach($record_new as $key => $val) {
+ if(@$record_old[$key] != $val) {
+ // Record has changed
+ $diffrec[$key] = array( 'old' => @$record_old[$key],
+ 'new' => $val);
+ }
+ }
+ } elseif(is_array($record_old)) {
+ foreach($record_old as $key => $val) {
+ if($record_new[$key] != $val) {
+ // Record has changed
+ $diffrec[$key] = array( 'new' => $record_new[$key],
+ 'old' => $val);
+ }
+ }
+ }
+ return $diffrec;
+
+ }
}
--
Gitblit v1.9.1