From ed30c60150ffda0301eb1f8d30c93cac94de41df Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Mon, 25 Jul 2011 10:38:22 -0400
Subject: [PATCH] Fixed some warnings in the installer.
---
interface/lib/classes/tform_actions.inc.php | 184 ++++++++++++++++++++++++++++-----------------
1 files changed, 114 insertions(+), 70 deletions(-)
diff --git a/interface/lib/classes/tform_actions.inc.php b/interface/lib/classes/tform_actions.inc.php
index 3612193..d5254c8 100644
--- a/interface/lib/classes/tform_actions.inc.php
+++ b/interface/lib/classes/tform_actions.inc.php
@@ -1,7 +1,7 @@
<?php
/*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
@@ -28,19 +28,13 @@
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/**
-* Action framework for the tform library.
-*
-* @author Till Brehm <t.brehm@scrigo.org>
-* @copyright Copyright © 2005, Till Brehm
-*/
-
class tform_actions {
- var $id;
- var $activeTab;
- var $dataRecord;
- var $plugins = array();
+ public $id;
+ public $activeTab;
+ public $dataRecord;
+ public $plugins = array();
+ public $oldDataRecord; // This array is only filled during updates and when db_history is enabled.
function onLoad() {
global $app, $conf, $tform_def_file;
@@ -55,15 +49,17 @@
$app->tform->loadFormDef($tform_def_file);
// Importing ID
- $this->id = intval($_REQUEST["id"]);
+ $this->id = (isset($_REQUEST["id"]))?intval($_REQUEST["id"]):0;
// show print version of the form
- if($_GET["print_form"] == 1) {
+ if(isset($_GET["print_form"]) && $_GET["print_form"] == 1) {
+ die('Function disabled.');
$this->onPrintForm();
}
// send this form by email
- if($_GET["send_form_by_mail"] == 1) {
+ if(isset($_GET["send_form_by_mail"]) && $_GET["send_form_by_mail"] == 1) {
+ die('Function disabled.');
$this->onMailSendForm();
}
@@ -84,9 +80,11 @@
// Calling the action functions
if($this->id > 0) {
- $this->onUpdate();
+ $app->tform->action == 'EDIT';
+ $this->onUpdate();
} else {
- $this->onInsert();
+ $app->tform->action == 'NEW';
+ $this->onInsert();
}
}
@@ -98,15 +96,17 @@
global $app, $conf;
$this->onBeforeUpdate();
-
+
$ext_where = '';
$sql = $app->tform->getSQL($this->dataRecord,$app->tform->getCurrentTab(),'UPDATE',$this->id,$ext_where);
if($app->tform->errorMessage == '') {
-
- if(!empty($sql)) {
- $app->db->query($sql);
- if($app->db->errorMessage != '') die($app->db->errorMessage);
- }
+
+ if($app->tform->formDef['db_history'] == 'yes') {
+ $this->oldDataRecord = $app->tform->getDataRecord($this->id);
+ }
+
+ // Save record in database
+ $this->onUpdateSave($sql);
// loading plugins
$next_tab = $app->tform->getCurrentTab();
@@ -114,10 +114,19 @@
// Call plugin
foreach($this->plugins as $plugin) {
- $plugin->onInsert();
+ $plugin->onUpdate();
}
-
- $this->onAfterUpdate();
+
+ $this->onAfterUpdate();
+ $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_after_update',$this);
+
+ // Write data history (sys_datalog)
+ if($app->tform->formDef['db_history'] == 'yes') {
+ $new_data_record = $app->tform->getDataRecord($this->id);
+ $app->tform->datalogSave('UPDATE',$this->id,$this->oldDataRecord,$new_data_record);
+ unset($new_data_record);
+ unset($old_data_record);
+ }
if($_REQUEST["next_tab"] == '') {
$list_name = $_SESSION["s"]["form"]["return_to"];
@@ -129,25 +138,38 @@
$_SESSION["s"]["form"]["return_to"] = '';
session_write_close();
header($redirect);
- // When a returnto variable is set
- } elseif ($_SESSION["s"]["form"]["return_to_url"] != '') {
- $redirect = $_SESSION["s"]["form"]["return_to_url"];
- $_SESSION["s"]["form"]["return_to_url"] = '';
- session_write_close();
- header("Location: ".$redirect);
- exit;
- // Use the default list of the form
- } else {
- header("Location: ".$app->tform->formDef['list_default']);
- }
- exit;
- } else {
+ // When a returnto variable is set
+ } elseif ($_SESSION["s"]["form"]["return_to_url"] != '') {
+ $redirect = $_SESSION["s"]["form"]["return_to_url"];
+ $_SESSION["s"]["form"]["return_to_url"] = '';
+ session_write_close();
+ header("Location: ".$redirect);
+ exit;
+ // Use the default list of the form
+ } else {
+ header("Location: ".$app->tform->formDef['list_default']);
+ }
+ exit;
+ } else {
$this->onShow();
}
} else {
$this->onError();
}
}
+
+ /*
+ Save record in database
+ */
+
+ function onUpdateSave($sql) {
+ global $app;
+ if(!empty($sql) && !$app->tform->isReadonlyTab($app->tform->getCurrentTab(),$this->id)) {
+ $app->db->query($sql);
+ if($app->db->errorMessage != '') die($app->db->errorMessage);
+ }
+ }
+
/**
* Function called on data insert
@@ -161,9 +183,8 @@
$ext_where = '';
$sql = $app->tform->getSQL($this->dataRecord,$app->tform->getCurrentTab(),'INSERT',$this->id,$ext_where);
if($app->tform->errorMessage == '') {
- $app->db->query($sql);
- if($app->db->errorMessage != '') die($app->db->errorMessage);
- $this->id = $app->db->insertID();
+
+ $this->id = $this->onInsertSave($sql);
// loading plugins
$next_tab = $app->tform->getCurrentTab();
@@ -175,6 +196,14 @@
}
$this->onAfterInsert();
+ $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_after_insert',$this);
+
+ // Write data history (sys_datalog)
+ if($app->tform->formDef['db_history'] == 'yes') {
+ $new_data_record = $app->tform->getDataRecord($this->id);
+ $app->tform->datalogSave('INSERT',$this->id,array(),$new_data_record);
+ unset($new_data_record);
+ }
if($_REQUEST["next_tab"] == '') {
@@ -202,6 +231,17 @@
$this->onError();
}
}
+
+ /*
+ Save record in database
+ */
+
+ function onInsertSave($sql) {
+ global $app, $conf;
+ $app->db->query($sql);
+ if($app->db->errorMessage != '') die($app->db->errorMessage);
+ return $app->db->insertID();
+ }
function onBeforeUpdate() {
global $app, $conf;
@@ -227,7 +267,7 @@
function onError() {
global $app, $conf;
- $app->tpl->setVar("error","<b>".$app->lng('Error').":</b><br>".$app->tform->errorMessage);
+ $app->tpl->setVar("error","<li>".$app->tform->errorMessage."</li>");
$app->tpl->setVar($this->dataRecord);
$this->onShow();
}
@@ -257,36 +297,32 @@
if($app->tform->checkPerm($this->id,'d') == false) $app->error($app->lng('error_no_delete_permission'));
}
- $record_old = $app->db->queryOneRecord("SELECT * FROM ".$liste["table"]." WHERE ".$liste["table_idx"]." = ".$this->id);
+ //$this->dataRecord = $app->db->queryOneRecord("SELECT * FROM ".$liste["table"]." WHERE ".$liste["table_idx"]." = ".$this->id);
+ $this->dataRecord = $app->tform->getDataRecord($this->id);
+
+ $this->onBeforeDelete();
// Saving record to datalog when db_history enabled
- if($form["db_history"] == 'yes') {
- $diffrec = array();
-
- foreach($record_old as $key => $val) {
- // Record has changed
- $diffrec[$key] = array('old' => $val,
- 'new' => '');
- }
-
- $diffstr = $app->db->quote(serialize($diffrec));
- $username = $app->db->quote($_SESSION["s"]["user"]["username"]);
- $dbidx = $app->tform->formDef['db_table_idx'].":".$this->id;
- $sql = "INSERT INTO sys_datalog (dbtable,dbidx,action,tstamp,user,data) VALUES ('".$app->tform->formDef['db_table']."','$dbidx','d','".time()."','$username','$diffstr')";
- $app->db->query($sql);
+ if($app->tform->formDef["db_history"] == 'yes') {
+ //$old_data_record = $app->tform->getDataRecord($this->id);
+ $app->tform->datalogSave('DELETE',$this->id,$this->dataRecord,array());
}
- $app->db->query("DELETE FROM ".$liste["table"]." WHERE ".$liste["table_idx"]." = ".$this->id);
+ $app->db->query("DELETE FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." LIMIT 1");
+
// loading plugins
$next_tab = $app->tform->getCurrentTab();
$this->loadPlugins($next_tab);
-
+
// Call plugin
foreach($this->plugins as $plugin) {
$plugin->onDelete();
}
+
+ $this->onAfterDelete();
+ $app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_after_delete',$this);
}
//header("Location: ".$liste["file"]."?PHPSESSID=".$_SESSION["s"]["id"]);
@@ -301,6 +337,14 @@
}
exit;
+ }
+
+ function onBeforeDelete() {
+ global $app, $conf;
+ }
+
+ function onAfterDelete() {
+ global $app, $conf;
}
/**
@@ -318,7 +362,7 @@
if($app->tform->formDef['auth'] == 'no') {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
@@ -359,7 +403,7 @@
if($app->tform->formDef['auth'] == 'no') {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
@@ -379,11 +423,11 @@
$headers .= "Content-type: text/html; charset=iso-8859-1\n";
$headers .= "From: $sender\n";
- if (!ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+' . '@' . '([-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.)+' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $sender)) {
+ if (!preg_match('/^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+' . '@' . '([-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.)+' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$/', $sender)) {
$sender = 'noreply@iprguard.de';
}
- if (ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+' . '@' . '([-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.)+' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $email)) {
+ if (preg_match('/^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+' . '@' . '([-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.)+' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$/', $email)) {
mail($email, 'Domainrecherche Statement '.$record["domain"], $email_message, $headers);
}
echo "<p> </p><p>Email wurde versand.</p>";
@@ -395,7 +439,7 @@
if($app->tform->formDef['auth'] == 'no') {
$sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
@@ -433,7 +477,7 @@
$app->tpl_defaults();
// Show the navigation bar of the form
- if($app->tform->formDef['navibar'] == 'yes') {
+ if(isset($app->tform->formDef['navibar']) && $app->tform->formDef['navibar'] == 'yes') {
$navibar = '';
if($app->tform->formDef['template_print'] != '') {
$navibar .= '<a href="'.$app->tform->formDef['action'].'?id='.$this->id.'&print_form=1" target="_blank"><img src="../themes/iprg/icons/printer.png" border="0" alt="Drucken" /></a> ';
@@ -485,10 +529,10 @@
// bestehenden Datensatz anzeigen
if($app->tform->errorMessage == '') {
- if($app->tform->formDef['auth'] == 'no') {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
+ if($app->tform->formDef['auth'] == 'yes' && $_SESSION["s"]["user"]["typ"] != 'admin') {
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('u');
+ $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
}
if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
} else {
@@ -514,7 +558,7 @@
function loadPlugins($next_tab) {
global $app;
- if(is_array($app->tform->formDef["tabs"][$next_tab]["plugins"])) {
+ if(@is_array($app->tform->formDef["tabs"][$next_tab]["plugins"])) {
$app->load('plugin_base');
foreach($app->tform->formDef["tabs"][$next_tab]["plugins"] as $plugin_name => $plugin_settings) {
$plugin_class = $plugin_settings["class"];
--
Gitblit v1.9.1